Index: tests/badssl.csv ================================================================== --- tests/badssl.csv +++ tests/badssl.csv @@ -1,19 +1,17 @@ # Group,Name,Constraints,Setup,Body,Cleanup,Match,Result,Output,Error Output,Return Codes command,package require tls,,,,,,,,, -command,,,,,,,,,, +,,,,,,,,,, command,# Find default CA certificates directory,,,,,,,,, command,if {[info exists ::env(SSL_CERT_FILE)]} {set ::cafile $::env(SSL_CERT_FILE)} else {set ::cafile [file normalize {C:\Users\Brian\Documents\Source\Build\SSL-1.1\certs\cacert.pem}]},,,,,,,,, -command,,,,,,,,,, +,,,,,,,,,, command,# Constraints,,,,,,,,, -command,set protocols [list ssl2 ssl3 tls1 tls1.1 tls1.2 tls1.3],,,,,,,,, -command,foreach protocol $protocols {::tcltest::testConstraint $protocol 0},,,,,,,,, -command,foreach protocol [::tls::protocols] {::tcltest::testConstraint $protocol 1},,,,,,,,, -command,,,,,,,,,, +command,source common.tcl,,,,,,,,, +,,,,,,,,,, command,# Helper functions,,,,,,,,, command,"proc badssl {url} {set port 443;lassign [split $url "":""] url port;if {$port eq """"} {set port 443};set ch [tls::socket -autoservername 1 -require 1 -cafile $::cafile $url $port];if {[catch {tls::handshake $ch} err]} {close $ch;return -code error $err} else {close $ch}}",,,,,,,,, -command,,,,,,,,,, +,,,,,,,,,, command,# BadSSL.com Tests,,,,,,,,, BadSSL,1000-sans,,,badssl 1000-sans.badssl.com,,,handshake failed: certificate verify failed due to: certificate has expired,,,1 BadSSL,10000-sans,,,badssl 10000-sans.badssl.com,,,handshake failed: excessive message size,,,1 BadSSL,3des,,,badssl 3des.badssl.com,,,handshake failed: sslv3 alert handshake failure,,,1 BadSSL,captive-portal,,,badssl captive-portal.badssl.com,,,handshake failed: certificate verify failed due to: Hostname mismatch,,,1 Index: tests/badssl.test ================================================================== --- tests/badssl.test +++ tests/badssl.test @@ -12,13 +12,11 @@ # Find default CA certificates directory if {[info exists ::env(SSL_CERT_FILE)]} {set ::cafile $::env(SSL_CERT_FILE)} else {set ::cafile [file normalize {C:\Users\Brian\Documents\Source\Build\SSL-1.1\certs\cacert.pem}]} # Constraints -set protocols [list ssl2 ssl3 tls1 tls1.1 tls1.2 tls1.3] -foreach protocol $protocols {::tcltest::testConstraint $protocol 0} -foreach protocol [::tls::protocols] {::tcltest::testConstraint $protocol 1} +source common.tcl # Helper functions proc badssl {url} {set port 443;lassign [split $url ":"] url port;if {$port eq ""} {set port 443};set ch [tls::socket -autoservername 1 -require 1 -cafile $::cafile $url $port];if {[catch {tls::handshake $ch} err]} {close $ch;return -code error $err} else {close $ch}} # BadSSL.com Tests DELETED tests/ciphers.csv Index: tests/ciphers.csv ================================================================== --- tests/ciphers.csv +++ /dev/null @@ -1,133 +0,0 @@ -# Group,Name,Constraints,Setup,Body,Cleanup,Match,Result,Output,Error Output,Return Codes -command,package require tls,,,,,,,,, -command,,,,,,,,,, -command,# Make sure path includes location of OpenSSL executable,,,,,,,,, -command,"if {[info exists ::env(OPENSSL)]} {set ::env(path) [string cat [file join $::env(OPENSSL) bin] "";"" $::env(path)]}",,,,,,,,, -command,,,,,,,,,, -command,# Constraints,,,,,,,,, -command,set protocols [list ssl2 ssl3 tls1 tls1.1 tls1.2 tls1.3],,,,,,,,, -command,foreach protocol $protocols {::tcltest::testConstraint $protocol 0},,,,,,,,, -command,foreach protocol [::tls::protocols] {::tcltest::testConstraint $protocol 1},,,,,,,,, -command,"::tcltest::testConstraint OpenSSL [string match ""OpenSSL*"" [::tls::version]]",,,,,,,,, -,,,,,,,,,, -command,# Helper functions,,,,,,,,, -command,"proc lcompare {list1 list2} {set m """";set u """";foreach i $list1 {if {$i ni $list2} {lappend m $i}};foreach i $list2 {if {$i ni $list1} {lappend u $i}};return [list ""missing"" $m ""unexpected"" $u]}",,,,,,,,, -command,proc exec_get {delim args} {return [split [exec openssl {*}$args] $delim]},,,,,,,,, -command,"proc exec_get_ciphers {} {set list [list];set data [exec openssl list -cipher-algorithms];foreach line [split $data ""\n""] {foreach {cipher null alias} [split [string trim $line]] {lappend list [string tolower $cipher]}};return [lsort -unique $list]}",,,,,,,,, -command,"proc exec_get_digests {} {set list [list];set data [exec openssl dgst -list];foreach line [split $data ""\n""] {foreach digest $line {if {[string match ""-*"" $digest]} {lappend list [string trimleft $digest ""-""]}}};return [lsort $list]}",,,,,,,,, -command,proc exec_get_macs {} {return [list cmac hmac]},,,,,,,,, -command,proc list_tolower {list} {set result [list];foreach element $list {lappend result [string tolower $element]};return $result},,,,,,,,, -command,proc read_chan {md filename args} {set ch [open $filename rb];fconfigure $ch -translation binary;set bsize [fconfigure $ch -buffersize];set new [tls::digest $md {*}$args -chan $ch];while {![eof $new]} {set result [read $new $bsize]};close $new;return $result},,,,,,,,, -command,proc accumulate {md string args} {set cmd [tls::digest $md {*}$args -command dcmd];$cmd update [string range $string 0 20];$cmd update [string range $string 21 end];return [$cmd finalize]},,,,,,,,, -,,,,,,,,,, -command,# Test list ciphers,,,,,,,,, -Ciphers List,All,,,lcompare [lsort [exec_get_ciphers]] [list_tolower [lsort [::tls::ciphers]]],,,missing {rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb} unexpected {aes-128-ccm aes-128-gcm aes-192-ccm aes-192-gcm aes-256-ccm aes-256-gcm},,, -,,,,,,,,,, -command,# Test list ciphers for protocols,,,,,,,,, -Ciphers By Protocol,SSL2,ssl2,,"lcompare [exec_get "":"" ciphers -ssl2] [::tls::ciphers ssl2]",,,missing {} unexpected {},,, -Ciphers By Protocol,SSL3,ssl3,,"lcompare [exec_get "":"" ciphers -ssl3] [::tls::ciphers ssl3]",,,missing {} unexpected {},,, -Ciphers By Protocol,TLS1,tls1,,"lcompare [exec_get "":"" ciphers -tls1] [::tls::ciphers tls1]",,,missing {} unexpected {},,, -Ciphers By Protocol,TLS1.1,tls1.1,,"lcompare [exec_get "":"" ciphers -tls1_1] [::tls::ciphers tls1.1]",,,missing {} unexpected {},,, -Ciphers By Protocol,TLS1.2,tls1.2,,"lcompare [exec_get "":"" ciphers -tls1_2] [::tls::ciphers tls1.2]",,,missing {} unexpected {},,, -Ciphers By Protocol,TLS1.3,tls1.3,,"lcompare [exec_get "":"" ciphers -tls1_3] [::tls::ciphers tls1.3]",,,missing {} unexpected {},,, -,,,,,,,,,, -command,# Test cipher descriptions,,,,,,,,, -Ciphers With Descriptions,SSL2,ssl2,,"lcompare [exec_get ""\r\n"" ciphers -ssl2 -v] [split [string trim [::tls::ciphers ssl2 1]] \n]",,,missing {} unexpected {},,, -Ciphers With Descriptions,SSL3,ssl3,,"lcompare [exec_get ""\r\n"" ciphers -ssl3 -v] [split [string trim [::tls::ciphers ssl3 1]] \n]",,,missing {} unexpected {},,, -Ciphers With Descriptions,TLS1,tls1,,"lcompare [exec_get ""\r\n"" ciphers -tls1 -v] [split [string trim [::tls::ciphers tls1 1]] \n]",,,missing {} unexpected {},,, -Ciphers With Descriptions,TLS1.1,tls1.1,,"lcompare [exec_get ""\r\n"" ciphers -tls1_1 -v] [split [string trim [::tls::ciphers tls1.1 1]] \n]",,,missing {} unexpected {},,, -Ciphers With Descriptions,TLS1.2,tls1.2,,"lcompare [exec_get ""\r\n"" ciphers -tls1_2 -v] [split [string trim [::tls::ciphers tls1.2 1]] \n]",,,missing {} unexpected {},,, -Ciphers With Descriptions,TLS1.3,tls1.3,,"lcompare [exec_get ""\r\n"" ciphers -tls1_3 -v] [split [string trim [::tls::ciphers tls1.3 1]] \n]",,,missing {} unexpected {},,, -,,,,,,,,,, -command,# Test protocol specific ciphers,,,,,,,,, -Ciphers Protocol Specific,SSL2,ssl2,,"lcompare [exec_get "":"" ciphers -ssl2 -s] [::tls::ciphers ssl2 0 1]",,,missing {} unexpected {},,, -Ciphers Protocol Specific,SSL3,ssl3,,"lcompare [exec_get "":"" ciphers -ssl3 -s] [::tls::ciphers ssl3 0 1]",,,missing {} unexpected {},,, -Ciphers Protocol Specific,TLS1,tls1,,"lcompare [exec_get "":"" ciphers -tls1 -s] [::tls::ciphers tls1 0 1]",,,missing {} unexpected {},,, -Ciphers Protocol Specific,TLS1.1,tls1.1,,"lcompare [exec_get "":"" ciphers -tls1_1 -s] [::tls::ciphers tls1.1 0 1]",,,missing {} unexpected {},,, -Ciphers Protocol Specific,TLS1.2,tls1.2,,"lcompare [exec_get "":"" ciphers -tls1_2 -s] [::tls::ciphers tls1.2 0 1]",,,missing {} unexpected {},,, -Ciphers Protocol Specific,TLS1.3,tls1.3,,"lcompare [exec_get "":"" ciphers -tls1_3 -s] [::tls::ciphers tls1.3 0 1]",,,missing {} unexpected {},,, -,,,,,,,,,, -command,# Ciphers Error Cases,,,,,,,,, -Ciphers Errors,Too many args,,,::tls::ciphers too many args to pass,,,"wrong # args: should be ""::tls::ciphers ?protocol? ?verbose? ?supported?""",,,1 -Ciphers Errors,Invalid protocol,,,::tls::ciphers bogus,,,"bad protocol ""bogus"": must be ssl2, ssl3, tls1, tls1.1, tls1.2, or tls1.3",,,1 -Ciphers Errors,Invalid verbose,,,::tls::ciphers tls1.3 bogus,,,"expected boolean value but got ""bogus""",,,1 -Ciphers Errors,Invalid supported,,,::tls::ciphers tls1.3 1 bogus,,,"expected boolean value but got ""bogus""",,,1 -Ciphers Errors,SSL2,!ssl2,,::tls::ciphers ssl2,,,ssl2: protocol not supported,,,1 -Ciphers Errors,SSL3,!ssl3,,::tls::ciphers ssl3,,,ssl3: protocol not supported,,,1 -,,,,,,,,,, -command,# Test list digests,,,,,,,,, -Digests List,All,,,lcompare [lsort [exec_get_digests]] [lsort [tls::digests]],,,missing {} unexpected {},,, -,,,,,,,,,, -command,# Test digest commands,,,,,,,,, -Digest Cmds,md4 cmd,,,"tls::md4 ""Example string for message digest tests.""",,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,, -Digest Cmds,md5 cmd,,,"tls::md5 ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -Digest Cmds,sha1 cmd,,,"tls::sha1 ""Example string for message digest tests.""",,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,, -Digest Cmds,sha256 cmd,,,"tls::sha256 ""Example string for message digest tests.""",,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,, -Digest Cmds,sha512 cmd,,,"tls::sha512 ""Example string for message digest tests.""",,,B56EC55E33193E17B61D669FB7B04AD2483DE93FE847C411BBEAE6440ECEA6C7CFDD2E6F35A06CB189FC62D799E785CDB7A23178323789D001BC8E44A0B5907F,,, -,,,,,,,,,, -command,# Test digest command for data,,,,,,,,, -Digest Data,md4,,,"tls::digest md4 ""Example string for message digest tests.""",,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,, -Digest Data,md5,,,"tls::digest md5 ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -Digest Data,sha1,,,"tls::digest sha1 ""Example string for message digest tests.""",,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,, -Digest Data,sha256,,,"tls::digest sha256 ""Example string for message digest tests.""",,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,, -Digest Data,sha512,,,"tls::digest sha512 ""Example string for message digest tests.""",,,B56EC55E33193E17B61D669FB7B04AD2483DE93FE847C411BBEAE6440ECEA6C7CFDD2E6F35A06CB189FC62D799E785CDB7A23178323789D001BC8E44A0B5907F,,, -Digest Data,md5 bin,,,"string toupper [binary encode hex [tls::digest md5 -bin ""Example string for message digest tests.""]]",,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -Digest Data,md5 hex,,,"tls::digest md5 -hex ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -Digest Data,md5 with arg,,,"tls::digest md5 -data ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -,,,,,,,,,, -command,# Test digest command for files,,,,,,,,, -Digest File,md4,,,tls::digest md4 -file md_data.dat,,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,, -Digest File,md5,,,tls::digest md5 -file md_data.dat,,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -Digest File,sha1,,,tls::digest sha1 -file md_data.dat,,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,, -Digest File,sha256,,,tls::digest sha256 -file md_data.dat,,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,, -Digest File,sha512,,,tls::digest sha512 -file md_data.dat,,,B56EC55E33193E17B61D669FB7B04AD2483DE93FE847C411BBEAE6440ECEA6C7CFDD2E6F35A06CB189FC62D799E785CDB7A23178323789D001BC8E44A0B5907F,,, -Digest File,md5 bin,,,string toupper [binary encode hex [tls::digest md5 -bin -file md_data.dat]],,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -Digest File,md5 hex,,,tls::digest md5 -hex -file md_data.dat,,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -,,,,,,,,,, -command,# Test digest command for channel,,,,,,,,, -Digest Chan,md4,,,read_chan md4 md_data.dat,,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,, -Digest Chan,md5,,,read_chan md5 md_data.dat,,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -Digest Chan,sha1,,,read_chan sha1 md_data.dat,,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,, -Digest Chan,sha256,,,read_chan sha256 md_data.dat,,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,, -Digest Chan,sha512,,,read_chan sha512 md_data.dat,,,B56EC55E33193E17B61D669FB7B04AD2483DE93FE847C411BBEAE6440ECEA6C7CFDD2E6F35A06CB189FC62D799E785CDB7A23178323789D001BC8E44A0B5907F,,, -Digest Chan,md5 bin,,,string toupper [binary encode hex [read_chan md5 md_data.dat -bin]],,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -Digest Chan,md5 hex,,,read_chan md5 md_data.dat -hex,,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -,,,,,,,,,, -command,# Test digest command for accumulator command,,,,,,,,, -Digest Command,md4,,,"accumulate md4 ""Example string for message digest tests.""",,,181CDCF9DB9B6FA8FC0A3BF9C34E29D9,,, -Digest Command,md5,,,"accumulate md5 ""Example string for message digest tests.""",,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -Digest Command,sha1,,,"accumulate sha1 ""Example string for message digest tests.""",,,3AEFE840CA492C387E903F15ED6019E7AD833B47,,, -Digest Command,sha256,,,"accumulate sha256 ""Example string for message digest tests.""",,,B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491,,, -Digest Command,sha512,,,"accumulate sha512 ""Example string for message digest tests.""",,,B56EC55E33193E17B61D669FB7B04AD2483DE93FE847C411BBEAE6440ECEA6C7CFDD2E6F35A06CB189FC62D799E785CDB7A23178323789D001BC8E44A0B5907F,,, -Digest Command,md5 bin,,,"string toupper [binary encode hex [accumulate md5 ""Example string for message digest tests."" -bin]]",,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -Digest Command,md5 hex,,,"accumulate md5 ""Example string for message digest tests."" -hex",,,CCB1BE2E11D8183E843FF73DA8C6D206,,, -,,,,,,,,,, -command,# Test HMAC,,,,,,,,, -Digest HMAC,data,,,"tls::digest md5 -key ""Example key"" -data ""Example string for message digest tests.""",,,901DA6E6976A71650C77443C37FF9C7F,,, -Digest HMAC,file,,,"tls::digest md5 -key ""Example key"" -file md_data.dat",,,901DA6E6976A71650C77443C37FF9C7F,,, -Digest HMAC,channel,,,"read_chan md5 md_data.dat -key ""Example key""",,,901DA6E6976A71650C77443C37FF9C7F,,, -Digest HMAC,data bin,,,"string toupper [binary encode hex [tls::digest md5 -bin -key ""Example key"" -data ""Example string for message digest tests.""]]",,,901DA6E6976A71650C77443C37FF9C7F,,, -,,,,,,,,,, -command,# Digest Error Cases,,,,,,,,, -Digest Errors,Too few args,,,::tls::digest,,,"wrong # args: should be ""::tls::digest digest ?-bin|-hex? ?-cipher name? ?-key hmac_key? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1 -Digest Errors,Too many args,,,::tls::digest too many args to pass the test without an error,,,"wrong # args: should be ""::tls::digest digest ?-bin|-hex? ?-cipher name? ?-key hmac_key? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1 -Digest Errors,Invalid digest,,,::tls::digest bogus data,,,"Invalid digest ""bogus""",,,1 -Digest Errors,Invalid option,,,::tls::digest sha256 -bogus value,,,"bad option ""-bogus"": must be -bin, -channel, -cipher, -command, -data, -file, -filename, -hex, or -key",,,1 -Digest Errors,Invalid file,,,::tls::digest sha256 -file bogus,,,"couldn't open ""bogus"": no such file or directory",,,1 -Digest Errors,Invalid channel,,,::tls::digest sha256 -channel bogus,,,"can not find channel named ""bogus""",,,1 -,,,,,,,,,, -command,# Test list MACs,,,,,,,,, -MAC List,All,,,lcompare [exec_get_macs] [tls::macs],,,missing {} unexpected {},,, -,,,,,,,,,, -command,# Test list protocols,,,,,,,,, -Protocols,All,,,lcompare $protocols [::tls::protocols],,,missing {ssl2 ssl3} unexpected {},,, -,,,,,,,,,, -command,# Test show version,,,,,,,,, -Version,All,,,::tls::version,,glob,*,,, -Version,OpenSSL,OpenSSL,,::tls::version,,glob,OpenSSL*,,, -,,,,,,,,,, -command,# Error Cases,,,,,,,,, -Error Cases,Digests Too many args,,,::tls::digests too many args,,,"wrong # args: should be ""::tls::digests""",,,1 -Error Cases,MACs Too many args,,,::tls::macs too many args,,,"wrong # args: should be ""::tls::macs""",,,1 -Error Cases,Protocols Too many args,,,::tls::protocols too many args,,,"wrong # args: should be ""::tls::protocols""",,,1 -Error Cases,Version Too many args,,,::tls::version too many args,,,"wrong # args: should be ""::tls::version""",,,1 DELETED tests/ciphers.test Index: tests/ciphers.test ================================================================== --- tests/ciphers.test +++ /dev/null @@ -1,378 +0,0 @@ -# Auto generated test cases for ciphers.csv - -# Load Tcl Test package -if {[lsearch [namespace children] ::tcltest] == -1} { - package require tcltest - namespace import ::tcltest::* -} - -set auto_path [concat [list [file dirname [file dirname [info script]]]] $auto_path] - -package require tls - -# Make sure path includes location of OpenSSL executable -if {[info exists ::env(OPENSSL)]} {set ::env(path) [string cat [file join $::env(OPENSSL) bin] ";" $::env(path)]} - -# Constraints -set protocols [list ssl2 ssl3 tls1 tls1.1 tls1.2 tls1.3] -foreach protocol $protocols {::tcltest::testConstraint $protocol 0} -foreach protocol [::tls::protocols] {::tcltest::testConstraint $protocol 1} -::tcltest::testConstraint OpenSSL [string match "OpenSSL*" [::tls::version]] -# Helper functions -proc lcompare {list1 list2} {set m "";set u "";foreach i $list1 {if {$i ni $list2} {lappend m $i}};foreach i $list2 {if {$i ni $list1} {lappend u $i}};return [list "missing" $m "unexpected" $u]} -proc exec_get {delim args} {return [split [exec openssl {*}$args] $delim]} -proc exec_get_ciphers {} {set list [list];set data [exec openssl list -cipher-algorithms];foreach line [split $data "\n"] {foreach {cipher null alias} [split [string trim $line]] {lappend list [string tolower $cipher]}};return [lsort -unique $list]} -proc exec_get_digests {} {set list [list];set data [exec openssl dgst -list];foreach line [split $data "\n"] {foreach digest $line {if {[string match "-*" $digest]} {lappend list [string trimleft $digest "-"]}}};return [lsort $list]} -command,proc exec_get_macs {} {return [list cmac hmac]},,,,,,,,, -proc read_chan {md filename args} {set ch [open $filename rb];fconfigure $ch -translation binary;set bsize [fconfigure $ch -buffersize];set new [tls::digest $md {*}$args -chan $ch];while {![eof $new]} {set result [read $new $bsize]};close $new;return $result} -proc accumulate {md string args} {set cmd [tls::digest $md {*}$args -command dcmd];$cmd update [string range $string 0 20];$cmd update [string range $string 21 end];return [$cmd finalize]} -# Test list ciphers - - -test Ciphers_List-1.1 {All} -body { - lcompare [lsort [exec_get_ciphers]] [list_tolower [lsort [::tls::ciphers]]] - } -result {missing {rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb} unexpected {aes-128-ccm aes-128-gcm aes-192-ccm aes-192-gcm aes-256-ccm aes-256-gcm}} -# Test list ciphers for protocols - - -test Ciphers_By_Protocol-2.1 {SSL2} -constraints {ssl2} -body { - lcompare [exec_get ":" ciphers -ssl2] [::tls::ciphers ssl2] - } -result {missing {} unexpected {}} - -test Ciphers_By_Protocol-2.2 {SSL3} -constraints {ssl3} -body { - lcompare [exec_get ":" ciphers -ssl3] [::tls::ciphers ssl3] - } -result {missing {} unexpected {}} - -test Ciphers_By_Protocol-2.3 {TLS1} -constraints {tls1} -body { - lcompare [exec_get ":" ciphers -tls1] [::tls::ciphers tls1] - } -result {missing {} unexpected {}} - -test Ciphers_By_Protocol-2.4 {TLS1.1} -constraints {tls1.1} -body { - lcompare [exec_get ":" ciphers -tls1_1] [::tls::ciphers tls1.1] - } -result {missing {} unexpected {}} - -test Ciphers_By_Protocol-2.5 {TLS1.2} -constraints {tls1.2} -body { - lcompare [exec_get ":" ciphers -tls1_2] [::tls::ciphers tls1.2] - } -result {missing {} unexpected {}} - -test Ciphers_By_Protocol-2.6 {TLS1.3} -constraints {tls1.3} -body { - lcompare [exec_get ":" ciphers -tls1_3] [::tls::ciphers tls1.3] - } -result {missing {} unexpected {}} -# Test cipher descriptions - - -test Ciphers_With_Descriptions-3.1 {SSL2} -constraints {ssl2} -body { - lcompare [exec_get "\r\n" ciphers -ssl2 -v] [split [string trim [::tls::ciphers ssl2 1]] \n] - } -result {missing {} unexpected {}} - -test Ciphers_With_Descriptions-3.2 {SSL3} -constraints {ssl3} -body { - lcompare [exec_get "\r\n" ciphers -ssl3 -v] [split [string trim [::tls::ciphers ssl3 1]] \n] - } -result {missing {} unexpected {}} - -test Ciphers_With_Descriptions-3.3 {TLS1} -constraints {tls1} -body { - lcompare [exec_get "\r\n" ciphers -tls1 -v] [split [string trim [::tls::ciphers tls1 1]] \n] - } -result {missing {} unexpected {}} - -test Ciphers_With_Descriptions-3.4 {TLS1.1} -constraints {tls1.1} -body { - lcompare [exec_get "\r\n" ciphers -tls1_1 -v] [split [string trim [::tls::ciphers tls1.1 1]] \n] - } -result {missing {} unexpected {}} - -test Ciphers_With_Descriptions-3.5 {TLS1.2} -constraints {tls1.2} -body { - lcompare [exec_get "\r\n" ciphers -tls1_2 -v] [split [string trim [::tls::ciphers tls1.2 1]] \n] - } -result {missing {} unexpected {}} - -test Ciphers_With_Descriptions-3.6 {TLS1.3} -constraints {tls1.3} -body { - lcompare [exec_get "\r\n" ciphers -tls1_3 -v] [split [string trim [::tls::ciphers tls1.3 1]] \n] - } -result {missing {} unexpected {}} -# Test protocol specific ciphers - - -test Ciphers_Protocol_Specific-4.1 {SSL2} -constraints {ssl2} -body { - lcompare [exec_get ":" ciphers -ssl2 -s] [::tls::ciphers ssl2 0 1] - } -result {missing {} unexpected {}} - -test Ciphers_Protocol_Specific-4.2 {SSL3} -constraints {ssl3} -body { - lcompare [exec_get ":" ciphers -ssl3 -s] [::tls::ciphers ssl3 0 1] - } -result {missing {} unexpected {}} - -test Ciphers_Protocol_Specific-4.3 {TLS1} -constraints {tls1} -body { - lcompare [exec_get ":" ciphers -tls1 -s] [::tls::ciphers tls1 0 1] - } -result {missing {} unexpected {}} - -test Ciphers_Protocol_Specific-4.4 {TLS1.1} -constraints {tls1.1} -body { - lcompare [exec_get ":" ciphers -tls1_1 -s] [::tls::ciphers tls1.1 0 1] - } -result {missing {} unexpected {}} - -test Ciphers_Protocol_Specific-4.5 {TLS1.2} -constraints {tls1.2} -body { - lcompare [exec_get ":" ciphers -tls1_2 -s] [::tls::ciphers tls1.2 0 1] - } -result {missing {} unexpected {}} - -test Ciphers_Protocol_Specific-4.6 {TLS1.3} -constraints {tls1.3} -body { - lcompare [exec_get ":" ciphers -tls1_3 -s] [::tls::ciphers tls1.3 0 1] - } -result {missing {} unexpected {}} -# Ciphers Error Cases - - -test Ciphers_Errors-5.1 {Too many args} -body { - ::tls::ciphers too many args to pass - } -result {wrong # args: should be "::tls::ciphers ?protocol? ?verbose? ?supported?"} -returnCodes {1} - -test Ciphers_Errors-5.2 {Invalid protocol} -body { - ::tls::ciphers bogus - } -result {bad protocol "bogus": must be ssl2, ssl3, tls1, tls1.1, tls1.2, or tls1.3} -returnCodes {1} - -test Ciphers_Errors-5.3 {Invalid verbose} -body { - ::tls::ciphers tls1.3 bogus - } -result {expected boolean value but got "bogus"} -returnCodes {1} - -test Ciphers_Errors-5.4 {Invalid supported} -body { - ::tls::ciphers tls1.3 1 bogus - } -result {expected boolean value but got "bogus"} -returnCodes {1} - -test Ciphers_Errors-5.5 {SSL2} -constraints {!ssl2} -body { - ::tls::ciphers ssl2 - } -result {ssl2: protocol not supported} -returnCodes {1} - -test Ciphers_Errors-5.6 {SSL3} -constraints {!ssl3} -body { - ::tls::ciphers ssl3 - } -result {ssl3: protocol not supported} -returnCodes {1} -# Test list digests - - -test Digests_List-6.1 {All} -body { - lcompare [lsort [exec_get_digests]] [lsort [tls::digests]] - } -result {missing {} unexpected {}} -# Test digest commands - - -test Digest_Cmds-7.1 {md4 cmd} -body { - tls::md4 "Example string for message digest tests." - } -result {181CDCF9DB9B6FA8FC0A3BF9C34E29D9} - -test Digest_Cmds-7.2 {md5 cmd} -body { - tls::md5 "Example string for message digest tests." - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} - -test Digest_Cmds-7.3 {sha1 cmd} -body { - tls::sha1 "Example string for message digest tests." - } -result {3AEFE840CA492C387E903F15ED6019E7AD833B47} - -test Digest_Cmds-7.4 {sha256 cmd} -body { - tls::sha256 "Example string for message digest tests." - } -result {B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491} - -test Digest_Cmds-7.5 {sha512 cmd} -body { - tls::sha512 "Example string for message digest tests." - } -result {B56EC55E33193E17B61D669FB7B04AD2483DE93FE847C411BBEAE6440ECEA6C7CFDD2E6F35A06CB189FC62D799E785CDB7A23178323789D001BC8E44A0B5907F} -# Test digest command for data - - -test Digest_Data-8.1 {md4} -body { - tls::digest md4 "Example string for message digest tests." - } -result {181CDCF9DB9B6FA8FC0A3BF9C34E29D9} - -test Digest_Data-8.2 {md5} -body { - tls::digest md5 "Example string for message digest tests." - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} - -test Digest_Data-8.3 {sha1} -body { - tls::digest sha1 "Example string for message digest tests." - } -result {3AEFE840CA492C387E903F15ED6019E7AD833B47} - -test Digest_Data-8.4 {sha256} -body { - tls::digest sha256 "Example string for message digest tests." - } -result {B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491} - -test Digest_Data-8.5 {sha512} -body { - tls::digest sha512 "Example string for message digest tests." - } -result {B56EC55E33193E17B61D669FB7B04AD2483DE93FE847C411BBEAE6440ECEA6C7CFDD2E6F35A06CB189FC62D799E785CDB7A23178323789D001BC8E44A0B5907F} - -test Digest_Data-8.6 {md5 bin} -body { - string toupper [binary encode hex [tls::digest md5 -bin "Example string for message digest tests."]] - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} - -test Digest_Data-8.7 {md5 hex} -body { - tls::digest md5 -hex "Example string for message digest tests." - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} - -test Digest_Data-8.8 {md5 with arg} -body { - tls::digest md5 -data "Example string for message digest tests." - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} -# Test digest command for files - - -test Digest_File-9.1 {md4} -body { - tls::digest md4 -file md_data.dat - } -result {181CDCF9DB9B6FA8FC0A3BF9C34E29D9} - -test Digest_File-9.2 {md5} -body { - tls::digest md5 -file md_data.dat - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} - -test Digest_File-9.3 {sha1} -body { - tls::digest sha1 -file md_data.dat - } -result {3AEFE840CA492C387E903F15ED6019E7AD833B47} - -test Digest_File-9.4 {sha256} -body { - tls::digest sha256 -file md_data.dat - } -result {B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491} - -test Digest_File-9.5 {sha512} -body { - tls::digest sha512 -file md_data.dat - } -result {B56EC55E33193E17B61D669FB7B04AD2483DE93FE847C411BBEAE6440ECEA6C7CFDD2E6F35A06CB189FC62D799E785CDB7A23178323789D001BC8E44A0B5907F} - -test Digest_File-9.6 {md5 bin} -body { - string toupper [binary encode hex [tls::digest md5 -bin -file md_data.dat]] - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} - -test Digest_File-9.7 {md5 hex} -body { - tls::digest md5 -hex -file md_data.dat - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} -# Test digest command for channel - - -test Digest_Chan-10.1 {md4} -body { - read_chan md4 md_data.dat - } -result {181CDCF9DB9B6FA8FC0A3BF9C34E29D9} - -test Digest_Chan-10.2 {md5} -body { - read_chan md5 md_data.dat - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} - -test Digest_Chan-10.3 {sha1} -body { - read_chan sha1 md_data.dat - } -result {3AEFE840CA492C387E903F15ED6019E7AD833B47} - -test Digest_Chan-10.4 {sha256} -body { - read_chan sha256 md_data.dat - } -result {B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491} - -test Digest_Chan-10.5 {sha512} -body { - read_chan sha512 md_data.dat - } -result {B56EC55E33193E17B61D669FB7B04AD2483DE93FE847C411BBEAE6440ECEA6C7CFDD2E6F35A06CB189FC62D799E785CDB7A23178323789D001BC8E44A0B5907F} - -test Digest_Chan-10.6 {md5 bin} -body { - string toupper [binary encode hex [read_chan md5 md_data.dat -bin]] - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} - -test Digest_Chan-10.7 {md5 hex} -body { - read_chan md5 md_data.dat -hex - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} -# Test digest command for accumulator command - - -test Digest_Command-11.1 {md4} -body { - accumulate md4 "Example string for message digest tests." - } -result {181CDCF9DB9B6FA8FC0A3BF9C34E29D9} - -test Digest_Command-11.2 {md5} -body { - accumulate md5 "Example string for message digest tests." - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} - -test Digest_Command-11.3 {sha1} -body { - accumulate sha1 "Example string for message digest tests." - } -result {3AEFE840CA492C387E903F15ED6019E7AD833B47} - -test Digest_Command-11.4 {sha256} -body { - accumulate sha256 "Example string for message digest tests." - } -result {B7DFDDEB0314A74FF56A8AC1E3DC57DF09BB52A96DA50F6549EB62CA61A0A491} - -test Digest_Command-11.5 {sha512} -body { - accumulate sha512 "Example string for message digest tests." - } -result {B56EC55E33193E17B61D669FB7B04AD2483DE93FE847C411BBEAE6440ECEA6C7CFDD2E6F35A06CB189FC62D799E785CDB7A23178323789D001BC8E44A0B5907F} - -test Digest_Command-11.6 {md5 bin} -body { - string toupper [binary encode hex [accumulate md5 "Example string for message digest tests." -bin]] - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} - -test Digest_Command-11.7 {md5 hex} -body { - accumulate md5 "Example string for message digest tests." -hex - } -result {CCB1BE2E11D8183E843FF73DA8C6D206} -# Test HMAC - - -test Digest_HMAC-12.1 {data} -body { - tls::digest md5 -key "Example key" -data "Example string for message digest tests." - } -result {901DA6E6976A71650C77443C37FF9C7F} - -test Digest_HMAC-12.2 {file} -body { - tls::digest md5 -key "Example key" -file md_data.dat - } -result {901DA6E6976A71650C77443C37FF9C7F} - -test Digest_HMAC-12.3 {channel} -body { - read_chan md5 md_data.dat -key "Example key" - } -result {901DA6E6976A71650C77443C37FF9C7F} - -test Digest_HMAC-12.4 {data bin} -body { - string toupper [binary encode hex [tls::digest md5 -bin -key "Example key" -data "Example string for message digest tests."]] - } -result {901DA6E6976A71650C77443C37FF9C7F} -# Digest Error Cases - - -test Digest_Errors-13.1 {Too few args} -body { - ::tls::digest - } -result {wrong # args: should be "::tls::digest digest ?-bin|-hex? ?-cipher name? ?-key hmac_key? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1} - -test Digest_Errors-13.2 {Too many args} -body { - ::tls::digest too many args to pass the test without an error - } -result {wrong # args: should be "::tls::digest digest ?-bin|-hex? ?-cipher name? ?-key hmac_key? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1} - -test Digest_Errors-13.3 {Invalid digest} -body { - ::tls::digest bogus data - } -result {Invalid digest "bogus"} -returnCodes {1} - -test Digest_Errors-13.4 {Invalid option} -body { - ::tls::digest sha256 -bogus value - } -result {bad option "-bogus": must be -bin, -channel, -cipher, -command, -data, -file, -filename, -hex, or -key} -returnCodes {1} - -test Digest_Errors-13.5 {Invalid file} -body { - ::tls::digest sha256 -file bogus - } -result {couldn't open "bogus": no such file or directory} -returnCodes {1} - -test Digest_Errors-13.6 {Invalid channel} -body { - ::tls::digest sha256 -channel bogus - } -result {can not find channel named "bogus"} -returnCodes {1} -# Test list MACs - - -test MAC_List-14.1 {All} -body { - lcompare [exec_get_macs] [tls::macs] - } -result {missing {} unexpected {}} -# Test list protocols - - -test Protocols-15.1 {All} -body { - lcompare $protocols [::tls::protocols] - } -result {missing {ssl2 ssl3} unexpected {}} -# Test show version - - -test Version-16.1 {All} -body { - ::tls::version - } -match {glob} -result {*} - -test Version-16.2 {OpenSSL} -constraints {OpenSSL} -body { - ::tls::version - } -match {glob} -result {OpenSSL*} -# Error Cases - - -test Error_Cases-17.1 {Digests Too many args} -body { - ::tls::digests too many args - } -result {wrong # args: should be "::tls::digests"} -returnCodes {1} - -test Error_Cases-17.2 {MACs Too many args} -body { - ::tls::macs too many args - } -result {wrong # args: should be "::tls::macs"} -returnCodes {1} - -test Error_Cases-17.3 {Protocols Too many args} -body { - ::tls::protocols too many args - } -result {wrong # args: should be "::tls::protocols"} -returnCodes {1} - -test Error_Cases-17.4 {Version Too many args} -body { - ::tls::version too many args - } -result {wrong # args: should be "::tls::version"} -returnCodes {1} - -# Cleanup -::tcltest::cleanupTests -return ADDED tests/common.tcl Index: tests/common.tcl ================================================================== --- /dev/null +++ tests/common.tcl @@ -0,0 +1,22 @@ + +# Common Constraints +package require tls + +# Supported protocols +set protocols [list ssl2 ssl3 tls1 tls1.1 tls1.2 tls1.3] +foreach protocol $protocols { + ::tcltest::testConstraint $protocol 0 + ::tcltest::testConstraint !$protocol 1 +} + +foreach protocol [::tls::protocols] { + ::tcltest::testConstraint $protocol 1 + ::tcltest::testConstraint !$protocol 0 +} + +# OpenSSL version +::tcltest::testConstraint OpenSSL [string match "OpenSSL*" [::tls::version]] + +# Legacy OpenSSL v1.1.1 vs new v3.x +scan [lindex [split [::tls::version]] 1] %f version +::tcltest::testConstraint new_api [expr {$version >= 3.0}] ADDED tests/digest.csv Index: tests/digest.csv ================================================================== --- /dev/null +++ tests/digest.csv @@ -0,0 +1,151 @@ +# Group,Name,Constraints,Setup,Body,Cleanup,Match,Result,Output,Error Output,Return Codes +command,package require tls,,,,,,,,, +,,,,,,,,,, +command,# Constraints,,,,,,,,, +command,source common.tcl,,,,,,,,, +,,,,,,,,,, +command,# Helper functions,,,,,,,,, +command,proc read_chan {cmd md filename args} {set ch [open $filename rb];fconfigure $ch -translation binary;set bsize [fconfigure $ch -buffersize];set new [$cmd $md {*}$args -chan $ch];while {![eof $new]} {set result [read $new $bsize]};close $new;return $result},,,,,,,,, +command,proc accumulate {string args} {set cmd [{*}$args -command dcmd];$cmd update [string range $string 0 20];$cmd update [string range $string 21 end];return [$cmd finalize]},,,,,,,,, +,,,,,,,,,, +command,"set test_data ""Example string for message digest tests.\n""",,,,,,,,, +command,"set test_file ""md_data.dat""",,,,,,,,, +command,"set test_key ""Example key""",,,,,,,,, +command,::tcltest::makeFile $test_data $test_file,,,,,,,,, +,,,,,,,,,, +command,# Test digest commands,,,,,,,,, +Digest Cmds,md4 cmd,,,::tls::md4 $test_data,,,793399f792eca2752c6af3234ba70858,,, +Digest Cmds,md5 cmd,,,::tls::md5 $test_data,,,962bf0803b4232ec23bd8427bb94ea09,,, +Digest Cmds,sha1 cmd,,,::tls::sha1 $test_data,,,4fe03b7f2568551dfafb98ca6004e65c4b71aa7d,,, +Digest Cmds,sha256 cmd,,,::tls::sha256 $test_data,,,9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19,,, +Digest Cmds,sha512 cmd,,,::tls::sha512 $test_data,,,d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1,,, +,,,,,,,,,, +command,# Test digest command for channel,,,,,,,,, +Digest Chan,md4,,,read_chan ::tls::digest md4 $test_file,,,793399f792eca2752c6af3234ba70858,,, +Digest Chan,md5,,,read_chan ::tls::digest md5 $test_file,,,962bf0803b4232ec23bd8427bb94ea09,,, +Digest Chan,sha1,,,read_chan ::tls::digest sha1 $test_file,,,4fe03b7f2568551dfafb98ca6004e65c4b71aa7d,,, +Digest Chan,sha256,,,read_chan ::tls::digest sha256 $test_file,,,9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19,,, +Digest Chan,sha512,,,read_chan ::tls::digest sha512 $test_file,,,d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1,,, +Digest Chan,md5 bin,,,binary encode hex [read_chan ::tls::digest md5 $test_file -bin],,,962bf0803b4232ec23bd8427bb94ea09,,, +Digest Chan,md5 hex,,,read_chan ::tls::digest md5 $test_file -hex,,,962bf0803b4232ec23bd8427bb94ea09,,, +,,,,,,,,,, +command,# Test digest command for object command,,,,,,,,, +Digest Command,md4,,,accumulate $test_data ::tls::digest md4,,,793399f792eca2752c6af3234ba70858,,, +Digest Command,md5,,,accumulate $test_data ::tls::digest md5,,,962bf0803b4232ec23bd8427bb94ea09,,, +Digest Command,sha1,,,accumulate $test_data ::tls::digest sha1,,,4fe03b7f2568551dfafb98ca6004e65c4b71aa7d,,, +Digest Command,sha256,,,accumulate $test_data ::tls::digest sha256,,,9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19,,, +Digest Command,sha512,,,accumulate $test_data ::tls::digest sha512,,,d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1,,, +Digest Command,md5 bin,,,binary encode hex [accumulate $test_data ::tls::digest md5 -bin],,,962bf0803b4232ec23bd8427bb94ea09,,, +Digest Command,md5 hex,,,accumulate $test_data ::tls::digest md5 -hex,,,962bf0803b4232ec23bd8427bb94ea09,,, +,,,,,,,,,, +command,# Test digest command for data,,,,,,,,, +Digest Data,md4,,,::tls::digest md4 $test_data,,,793399f792eca2752c6af3234ba70858,,, +Digest Data,md5,,,::tls::digest md5 $test_data,,,962bf0803b4232ec23bd8427bb94ea09,,, +Digest Data,sha1,,,::tls::digest sha1 $test_data,,,4fe03b7f2568551dfafb98ca6004e65c4b71aa7d,,, +Digest Data,sha256,,,::tls::digest sha256 $test_data,,,9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19,,, +Digest Data,sha512,,,::tls::digest sha512 $test_data,,,d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1,,, +Digest Data,md5 bin,,,binary encode hex [::tls::digest md5 -bin $test_data],,,962bf0803b4232ec23bd8427bb94ea09,,, +Digest Data,md5 hex,,,::tls::digest md5 -hex $test_data,,,962bf0803b4232ec23bd8427bb94ea09,,, +Digest Data,md5 with arg,,,::tls::digest md5 -data $test_data,,,962bf0803b4232ec23bd8427bb94ea09,,, +,,,,,,,,,, +command,# Test digest command for file,,,,,,,,, +Digest File,md4,,,::tls::digest md4 -file $test_file,,,793399f792eca2752c6af3234ba70858,,, +Digest File,md5,,,::tls::digest md5 -file $test_file,,,962bf0803b4232ec23bd8427bb94ea09,,, +Digest File,sha1,,,::tls::digest sha1 -file $test_file,,,4fe03b7f2568551dfafb98ca6004e65c4b71aa7d,,, +Digest File,sha256,,,::tls::digest sha256 -file $test_file,,,9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19,,, +Digest File,sha512,,,::tls::digest sha512 -file $test_file,,,d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1,,, +Digest File,md5 bin,,,binary encode hex [::tls::digest md5 -bin -file $test_file],,,962bf0803b4232ec23bd8427bb94ea09,,, +Digest File,md5 hex,,,::tls::digest md5 -hex -file $test_file,,,962bf0803b4232ec23bd8427bb94ea09,,, +,,,,,,,,,, +command,# Test Digest HMAC,,,,,,,,, +Digest HMAC,data,,,::tls::digest md5 -key $test_key -data $test_data,,,f98327ef3e20ab6d388f676c6a79d93d,,, +Digest HMAC,file,,,::tls::digest md5 -key $test_key -file $test_file,,,f98327ef3e20ab6d388f676c6a79d93d,,, +Digest HMAC,channel,,,read_chan ::tls::digest md5 $test_file -key $test_key,,,f98327ef3e20ab6d388f676c6a79d93d,,, +Digest HMAC,data bin,,,binary encode hex [::tls::digest md5 -bin -key $test_key -data $test_data],,,f98327ef3e20ab6d388f676c6a79d93d,,, +,,,,,,,,,, +command,# Test HMAC command,,,,,,,,, +HMAC,data,,,::tls::hmac md5 -key $test_key -data $test_data,,,f98327ef3e20ab6d388f676c6a79d93d,,, +HMAC,file,,,::tls::hmac md5 -key $test_key -file $test_file,,,f98327ef3e20ab6d388f676c6a79d93d,,, +HMAC,channel,,,read_chan ::tls::hmac md5 $test_file -key $test_key,,,f98327ef3e20ab6d388f676c6a79d93d,,, +HMAC,command,,,accumulate $test_data ::tls::hmac md5 -key $test_key,,,f98327ef3e20ab6d388f676c6a79d93d,,, +HMAC,data bin,,,binary encode hex [::tls::hmac md5 -bin -key $test_key -data $test_data],,,f98327ef3e20ab6d388f676c6a79d93d,,, +,,,,,,,,,, +command,# Test CMAC command,,,,,,,,, +command,"set test_cipher ""aes-128-cbc""",,,,,,,,, +command,"set test_key ""Example key 1234""",,,,,,,,, +CMAC,data,,,::tls::cmac sha256 -cipher $test_cipher -key $test_key -data $test_data,,,baf5c20f9973e2d606b14c7efdfe52fa,,, +CMAC,file,,,::tls::cmac sha256 -cipher $test_cipher -key $test_key -file $test_file,,,baf5c20f9973e2d606b14c7efdfe52fa,,, +CMAC,channel,,,read_chan ::tls::cmac sha256 $test_file -cipher $test_cipher -key $test_key,,,baf5c20f9973e2d606b14c7efdfe52fa,,, +CMAC,command,,,accumulate $test_data ::tls::cmac sha256 -cipher $test_cipher -key $test_key,,,baf5c20f9973e2d606b14c7efdfe52fa,,, +CMAC,data bin,,,binary encode hex [::tls::cmac sha256 -bin -cipher $test_cipher -key $test_key -data $test_data],,,baf5c20f9973e2d606b14c7efdfe52fa,,, +,,,,,,,,,, +command,# Test MAC command,,,,,,,,, +MAC,HMAC,new_api,,::tls::mac -digest sha256 -mac hmac -key $test_key -data $test_data,,,498ef5ef71424f81da7499b2eeae1d0a348dd40b841ea27bdde494f6bc9046ff,,, +MAC,CMAC,new_api,,::tls::mac -cipher $test_cipher -digest sha256 -mac cmac -key $test_key -data $test_data,,,498ef5ef71424f81da7499b2eeae1d0a348dd40b841ea27bdde494f6bc9046ff,,, +,,,,,,,,,, +command,# Digest Error Cases,,,,,,,,, +Digest Errors,Too few args,,,::tls::digest,,,"wrong # args: should be ""::tls::digest digest ?-bin|-hex? ?-cipher name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1 +Digest Errors,Too many args,,,::tls::digest too many command line args to pass the test without an error or failing,,,"wrong # args: should be ""::tls::digest digest ?-bin|-hex? ?-cipher name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]""",,,1 +Digest Errors,Invalid digest,,,::tls::digest bogus data,,,"Invalid digest ""bogus""",,,1 +Digest Errors,Invalid option,,,::tls::digest sha256 -bogus value,,,"bad option ""-bogus"": must be -bin, -channel, -cipher, -command, -data, -file, -filename, -hex, -key, or -mac",,,1 +Digest Errors,Invalid file,,,::tls::digest sha256 -file bogus,,,"couldn't open ""bogus"": no such file or directory",,,1 +Digest Errors,Invalid channel,,,::tls::digest sha256 -channel bogus,,,"can not find channel named ""bogus""",,,1 +,,,,,,,,,, +command,# RFC 4231 HMAC Examples Test Case #1,,,,,,,,, +command,"set key [binary decode hex [string repeat ""0b"" 20]]",,,,,,,,, +command,"set data ""Hi There""",,,,,,,,, +RFC4231 TC1,sha224,,,::tls::hmac sha224 -key $key -data $data,,,896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22,,, +RFC4231 TC1,sha256,,,::tls::hmac sha256 -key $key -data $data,,,b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7,,, +RFC4231 TC1,sha384,,,::tls::hmac sha384 -key $key -data $data,,,afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6,,, +RFC4231 TC1,sha512,,,::tls::hmac sha512 -key $key -data $data,,,87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854,,, +,,,,,,,,,, +command,# RFC 4231 HMAC Examples Test Case #2 - Test with a key shorter than the length of the HMAC output.,,,,,,,,, +command,"set key ""Jefe""",,,,,,,,, +command,"set data ""what do ya want for nothing?""",,,,,,,,, +RFC4231 TC2,sha224,,,::tls::hmac sha224 -key $key -data $data,,,a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44,,, +RFC4231 TC2,sha256,,,::tls::hmac sha256 -key $key -data $data,,,5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843,,, +RFC4231 TC2,sha384,,,::tls::hmac sha384 -key $key -data $data,,,af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649,,, +RFC4231 TC2,sha512,,,::tls::hmac sha512 -key $key -data $data,,,164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737,,, +,,,,,,,,,, +command,# RFC 4231 HMAC Examples Test Case #3 - Test with a combined length of key and data that is larger than 64 bytes (= block-size of SHA-224 and SHA-256).,,,,,,,,, +command,"set key [binary decode hex [string repeat ""aa"" 20]]",,,,,,,,, +command,"set data [binary decode hex [string repeat ""dd"" 50]]",,,,,,,,, +RFC4231 TC3,sha224,,,::tls::hmac sha224 -key $key -data $data,,,7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea,,, +RFC4231 TC3,sha256,,,::tls::hmac sha256 -key $key -data $data,,,773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe,,, +RFC4231 TC3,sha384,,,::tls::hmac sha384 -key $key -data $data,,,88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27,,, +RFC4231 TC3,sha512,,,::tls::hmac sha512 -key $key -data $data,,,fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb,,, +,,,,,,,,,, +command,# RFC 4231 HMAC Examples Test Case #4 - Test with a combined length of key and data that is larger than 64 bytes (= block-size of SHA-224 and SHA-256).,,,,,,,,, +command,"set key [binary decode hex ""0102030405060708090a0b0c0d0e0f10111213141516171819""]",,,,,,,,, +command,"set data [binary decode hex [string repeat ""cd"" 50]]",,,,,,,,, +RFC4231 TC4,sha224,,,::tls::hmac sha224 -key $key -data $data,,,6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a,,, +RFC4231 TC4,sha256,,,::tls::hmac sha256 -key $key -data $data,,,82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b,,, +RFC4231 TC4,sha384,,,::tls::hmac sha384 -key $key -data $data,,,3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb,,, +RFC4231 TC4,sha512,,,::tls::hmac sha512 -key $key -data $data,,,b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd,,, +,,,,,,,,,, +command,# RFC 4231 HMAC Examples Test Case #5 - Test with a truncation of output to 128 bits.,,,,,,,,, +command,"set key [binary decode hex [string repeat ""0c"" 20]]",,,,,,,,, +command,"set data ""Test With Truncation""",,,,,,,,, +RFC4231 TC5,sha224,,,string range [::tls::hmac sha224 -key $key -data $data] 0 31,,,0e2aea68a90c8d37c988bcdb9fca6fa8,,, +RFC4231 TC5,sha256,,,string range [::tls::hmac sha256 -key $key -data $data] 0 31,,,a3b6167473100ee06e0c796c2955552b,,, +RFC4231 TC5,sha384,,,string range [::tls::hmac sha384 -key $key -data $data] 0 31,,,3abf34c3503b2a23a46efc619baef897,,, +RFC4231 TC5,sha512,,,string range [::tls::hmac sha512 -key $key -data $data] 0 31,,,415fad6271580a531d4179bc891d87a6,,, +,,,,,,,,,, +command,# RFC 4231 HMAC Examples Test Case #6 - Test with a key larger than 128 bytes (= block-size of SHA-384 and SHA-512).,,,,,,,,, +command,"set key [binary decode hex [string repeat ""aa"" 131]]",,,,,,,,, +command,"set data ""Test Using Larger Than Block-Size Key - Hash Key First""",,,,,,,,, +RFC4231 TC6,sha224,,,::tls::hmac sha224 -key $key -data $data,,,95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e,,, +RFC4231 TC6,sha256,,,::tls::hmac sha256 -key $key -data $data,,,60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54,,, +RFC4231 TC6,sha384,,,::tls::hmac sha384 -key $key -data $data,,,4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952,,, +RFC4231 TC6,sha512,,,::tls::hmac sha512 -key $key -data $data,,,80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598,,, +,,,,,,,,,, +command,# RFC 4231 HMAC Examples Test Case #7 - Test with a key and data that is larger than 128 bytes (= block-size of SHA-384 and SHA-512).,,,,,,,,, +command,"set key [binary decode hex [string repeat ""aa"" 131]]",,,,,,,,, +command,"set data ""This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm.""",,,,,,,,, +RFC4231 TC7,sha224,,,::tls::hmac sha224 -key $key -data $data,,,3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1,,, +RFC4231 TC7,sha256,,,::tls::hmac sha256 -key $key -data $data,,,9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2,,, +RFC4231 TC7,sha384,,,::tls::hmac sha384 -key $key -data $data,,,6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e,,, +RFC4231 TC7,sha512,,,::tls::hmac sha512 -key $key -data $data,,,e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58,,, +,,,,,,,,,, +command,# Cleanup,,,,,,,,, +command,::tcltest::removeFile $test_file,,,,,,,,, ADDED tests/digest.test Index: tests/digest.test ================================================================== --- /dev/null +++ tests/digest.test @@ -0,0 +1,433 @@ +# Auto generated test cases for digest.csv + +# Load Tcl Test package +if {[lsearch [namespace children] ::tcltest] == -1} { + package require tcltest + namespace import ::tcltest::* +} + +set auto_path [concat [list [file dirname [file dirname [info script]]]] $auto_path] + +package require tls + +# Constraints +source common.tcl + +# Helper functions +proc read_chan {cmd md filename args} {set ch [open $filename rb];fconfigure $ch -translation binary;set bsize [fconfigure $ch -buffersize];set new [$cmd $md {*}$args -chan $ch];while {![eof $new]} {set result [read $new $bsize]};close $new;return $result} +proc accumulate {string args} {set cmd [{*}$args -command dcmd];$cmd update [string range $string 0 20];$cmd update [string range $string 21 end];return [$cmd finalize]} + +set test_data "Example string for message digest tests.\n" +set test_file "md_data.dat" +set test_key "Example key" +::tcltest::makeFile $test_data $test_file + +# Test digest commands + + +test Digest_Cmds-1.1 {md4 cmd} -body { + ::tls::md4 $test_data + } -result {793399f792eca2752c6af3234ba70858} + +test Digest_Cmds-1.2 {md5 cmd} -body { + ::tls::md5 $test_data + } -result {962bf0803b4232ec23bd8427bb94ea09} + +test Digest_Cmds-1.3 {sha1 cmd} -body { + ::tls::sha1 $test_data + } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d} + +test Digest_Cmds-1.4 {sha256 cmd} -body { + ::tls::sha256 $test_data + } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19} + +test Digest_Cmds-1.5 {sha512 cmd} -body { + ::tls::sha512 $test_data + } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1} + +# Test digest command for channel + + +test Digest_Chan-2.1 {md4} -body { + read_chan ::tls::digest md4 $test_file + } -result {793399f792eca2752c6af3234ba70858} + +test Digest_Chan-2.2 {md5} -body { + read_chan ::tls::digest md5 $test_file + } -result {962bf0803b4232ec23bd8427bb94ea09} + +test Digest_Chan-2.3 {sha1} -body { + read_chan ::tls::digest sha1 $test_file + } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d} + +test Digest_Chan-2.4 {sha256} -body { + read_chan ::tls::digest sha256 $test_file + } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19} + +test Digest_Chan-2.5 {sha512} -body { + read_chan ::tls::digest sha512 $test_file + } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1} + +test Digest_Chan-2.6 {md5 bin} -body { + binary encode hex [read_chan ::tls::digest md5 $test_file -bin] + } -result {962bf0803b4232ec23bd8427bb94ea09} + +test Digest_Chan-2.7 {md5 hex} -body { + read_chan ::tls::digest md5 $test_file -hex + } -result {962bf0803b4232ec23bd8427bb94ea09} + +# Test digest command for object command + + +test Digest_Command-3.1 {md4} -body { + accumulate $test_data ::tls::digest md4 + } -result {793399f792eca2752c6af3234ba70858} + +test Digest_Command-3.2 {md5} -body { + accumulate $test_data ::tls::digest md5 + } -result {962bf0803b4232ec23bd8427bb94ea09} + +test Digest_Command-3.3 {sha1} -body { + accumulate $test_data ::tls::digest sha1 + } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d} + +test Digest_Command-3.4 {sha256} -body { + accumulate $test_data ::tls::digest sha256 + } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19} + +test Digest_Command-3.5 {sha512} -body { + accumulate $test_data ::tls::digest sha512 + } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1} + +test Digest_Command-3.6 {md5 bin} -body { + binary encode hex [accumulate $test_data ::tls::digest md5 -bin] + } -result {962bf0803b4232ec23bd8427bb94ea09} + +test Digest_Command-3.7 {md5 hex} -body { + accumulate $test_data ::tls::digest md5 -hex + } -result {962bf0803b4232ec23bd8427bb94ea09} + +# Test digest command for data + + +test Digest_Data-4.1 {md4} -body { + ::tls::digest md4 $test_data + } -result {793399f792eca2752c6af3234ba70858} + +test Digest_Data-4.2 {md5} -body { + ::tls::digest md5 $test_data + } -result {962bf0803b4232ec23bd8427bb94ea09} + +test Digest_Data-4.3 {sha1} -body { + ::tls::digest sha1 $test_data + } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d} + +test Digest_Data-4.4 {sha256} -body { + ::tls::digest sha256 $test_data + } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19} + +test Digest_Data-4.5 {sha512} -body { + ::tls::digest sha512 $test_data + } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1} + +test Digest_Data-4.6 {md5 bin} -body { + binary encode hex [::tls::digest md5 -bin $test_data] + } -result {962bf0803b4232ec23bd8427bb94ea09} + +test Digest_Data-4.7 {md5 hex} -body { + ::tls::digest md5 -hex $test_data + } -result {962bf0803b4232ec23bd8427bb94ea09} + +test Digest_Data-4.8 {md5 with arg} -body { + ::tls::digest md5 -data $test_data + } -result {962bf0803b4232ec23bd8427bb94ea09} + +# Test digest command for file + + +test Digest_File-5.1 {md4} -body { + ::tls::digest md4 -file $test_file + } -result {793399f792eca2752c6af3234ba70858} + +test Digest_File-5.2 {md5} -body { + ::tls::digest md5 -file $test_file + } -result {962bf0803b4232ec23bd8427bb94ea09} + +test Digest_File-5.3 {sha1} -body { + ::tls::digest sha1 -file $test_file + } -result {4fe03b7f2568551dfafb98ca6004e65c4b71aa7d} + +test Digest_File-5.4 {sha256} -body { + ::tls::digest sha256 -file $test_file + } -result {9d3578fc138205cf0ee4b4cef35fe101bb4ecac7b1614c18e6fa48b5c7f95e19} + +test Digest_File-5.5 {sha512} -body { + ::tls::digest sha512 -file $test_file + } -result {d178e759dc59127071588d2fad173c06238d87e800a6403c0a30daa4faaf05d0e7ce04916afaa6a58a30cbeb597dacb01c62f9fb9d89bab9da630c699e4816f1} + +test Digest_File-5.6 {md5 bin} -body { + binary encode hex [::tls::digest md5 -bin -file $test_file] + } -result {962bf0803b4232ec23bd8427bb94ea09} + +test Digest_File-5.7 {md5 hex} -body { + ::tls::digest md5 -hex -file $test_file + } -result {962bf0803b4232ec23bd8427bb94ea09} + +# Test Digest HMAC + + +test Digest_HMAC-6.1 {data} -body { + ::tls::digest md5 -key $test_key -data $test_data + } -result {f98327ef3e20ab6d388f676c6a79d93d} + +test Digest_HMAC-6.2 {file} -body { + ::tls::digest md5 -key $test_key -file $test_file + } -result {f98327ef3e20ab6d388f676c6a79d93d} + +test Digest_HMAC-6.3 {channel} -body { + read_chan ::tls::digest md5 $test_file -key $test_key + } -result {f98327ef3e20ab6d388f676c6a79d93d} + +test Digest_HMAC-6.4 {data bin} -body { + binary encode hex [::tls::digest md5 -bin -key $test_key -data $test_data] + } -result {f98327ef3e20ab6d388f676c6a79d93d} + +# Test HMAC command + + +test HMAC-7.1 {data} -body { + ::tls::hmac md5 -key $test_key -data $test_data + } -result {f98327ef3e20ab6d388f676c6a79d93d} + +test HMAC-7.2 {file} -body { + ::tls::hmac md5 -key $test_key -file $test_file + } -result {f98327ef3e20ab6d388f676c6a79d93d} + +test HMAC-7.3 {channel} -body { + read_chan ::tls::hmac md5 $test_file -key $test_key + } -result {f98327ef3e20ab6d388f676c6a79d93d} + +test HMAC-7.4 {command} -body { + accumulate $test_data ::tls::hmac md5 -key $test_key + } -result {f98327ef3e20ab6d388f676c6a79d93d} + +test HMAC-7.5 {data bin} -body { + binary encode hex [::tls::hmac md5 -bin -key $test_key -data $test_data] + } -result {f98327ef3e20ab6d388f676c6a79d93d} + +# Test CMAC command +set test_cipher "aes-128-cbc" +set test_key "Example key 1234" + + +test CMAC-8.1 {data} -body { + ::tls::cmac sha256 -cipher $test_cipher -key $test_key -data $test_data + } -result {baf5c20f9973e2d606b14c7efdfe52fa} + +test CMAC-8.2 {file} -body { + ::tls::cmac sha256 -cipher $test_cipher -key $test_key -file $test_file + } -result {baf5c20f9973e2d606b14c7efdfe52fa} + +test CMAC-8.3 {channel} -body { + read_chan ::tls::cmac sha256 $test_file -cipher $test_cipher -key $test_key + } -result {baf5c20f9973e2d606b14c7efdfe52fa} + +test CMAC-8.4 {command} -body { + accumulate $test_data ::tls::cmac sha256 -cipher $test_cipher -key $test_key + } -result {baf5c20f9973e2d606b14c7efdfe52fa} + +test CMAC-8.5 {data bin} -body { + binary encode hex [::tls::cmac sha256 -bin -cipher $test_cipher -key $test_key -data $test_data] + } -result {baf5c20f9973e2d606b14c7efdfe52fa} + +# Test MAC command + + +test MAC-9.1 {HMAC} -constraints {new_api} -body { + ::tls::mac -digest sha256 -mac hmac -key $test_key -data $test_data + } -result {498ef5ef71424f81da7499b2eeae1d0a348dd40b841ea27bdde494f6bc9046ff} + +test MAC-9.2 {CMAC} -constraints {new_api} -body { + ::tls::mac -cipher $test_cipher -digest sha256 -mac cmac -key $test_key -data $test_data + } -result {498ef5ef71424f81da7499b2eeae1d0a348dd40b841ea27bdde494f6bc9046ff} + +# Digest Error Cases + + +test Digest_Errors-10.1 {Too few args} -body { + ::tls::digest + } -result {wrong # args: should be "::tls::digest digest ?-bin|-hex? ?-cipher name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1} + +test Digest_Errors-10.2 {Too many args} -body { + ::tls::digest too many command line args to pass the test without an error or failing + } -result {wrong # args: should be "::tls::digest digest ?-bin|-hex? ?-cipher name? ?-key key? ?-mac name? [-channel chan | -command cmdName | -file filename | ?-data? data]"} -returnCodes {1} + +test Digest_Errors-10.3 {Invalid digest} -body { + ::tls::digest bogus data + } -result {Invalid digest "bogus"} -returnCodes {1} + +test Digest_Errors-10.4 {Invalid option} -body { + ::tls::digest sha256 -bogus value + } -result {bad option "-bogus": must be -bin, -channel, -cipher, -command, -data, -file, -filename, -hex, -key, or -mac} -returnCodes {1} + +test Digest_Errors-10.5 {Invalid file} -body { + ::tls::digest sha256 -file bogus + } -result {couldn't open "bogus": no such file or directory} -returnCodes {1} + +test Digest_Errors-10.6 {Invalid channel} -body { + ::tls::digest sha256 -channel bogus + } -result {can not find channel named "bogus"} -returnCodes {1} + +# RFC 4231 HMAC Examples Test Case #1 +set key [binary decode hex [string repeat "0b" 20]] +set data "Hi There" + + +test RFC4231_TC1-11.1 {sha224} -body { + ::tls::hmac sha224 -key $key -data $data + } -result {896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22} + +test RFC4231_TC1-11.2 {sha256} -body { + ::tls::hmac sha256 -key $key -data $data + } -result {b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7} + +test RFC4231_TC1-11.3 {sha384} -body { + ::tls::hmac sha384 -key $key -data $data + } -result {afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6} + +test RFC4231_TC1-11.4 {sha512} -body { + ::tls::hmac sha512 -key $key -data $data + } -result {87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854} + +# RFC 4231 HMAC Examples Test Case #2 - Test with a key shorter than the length of the HMAC output. +set key "Jefe" +set data "what do ya want for nothing?" + + +test RFC4231_TC2-12.1 {sha224} -body { + ::tls::hmac sha224 -key $key -data $data + } -result {a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44} + +test RFC4231_TC2-12.2 {sha256} -body { + ::tls::hmac sha256 -key $key -data $data + } -result {5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843} + +test RFC4231_TC2-12.3 {sha384} -body { + ::tls::hmac sha384 -key $key -data $data + } -result {af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649} + +test RFC4231_TC2-12.4 {sha512} -body { + ::tls::hmac sha512 -key $key -data $data + } -result {164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737} + +# RFC 4231 HMAC Examples Test Case #3 - Test with a combined length of key and data that is larger than 64 bytes (= block-size of SHA-224 and SHA-256). +set key [binary decode hex [string repeat "aa" 20]] +set data [binary decode hex [string repeat "dd" 50]] + + +test RFC4231_TC3-13.1 {sha224} -body { + ::tls::hmac sha224 -key $key -data $data + } -result {7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea} + +test RFC4231_TC3-13.2 {sha256} -body { + ::tls::hmac sha256 -key $key -data $data + } -result {773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe} + +test RFC4231_TC3-13.3 {sha384} -body { + ::tls::hmac sha384 -key $key -data $data + } -result {88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27} + +test RFC4231_TC3-13.4 {sha512} -body { + ::tls::hmac sha512 -key $key -data $data + } -result {fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb} + +# RFC 4231 HMAC Examples Test Case #4 - Test with a combined length of key and data that is larger than 64 bytes (= block-size of SHA-224 and SHA-256). +set key [binary decode hex "0102030405060708090a0b0c0d0e0f10111213141516171819"] +set data [binary decode hex [string repeat "cd" 50]] + + +test RFC4231_TC4-14.1 {sha224} -body { + ::tls::hmac sha224 -key $key -data $data + } -result {6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a} + +test RFC4231_TC4-14.2 {sha256} -body { + ::tls::hmac sha256 -key $key -data $data + } -result {82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b} + +test RFC4231_TC4-14.3 {sha384} -body { + ::tls::hmac sha384 -key $key -data $data + } -result {3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb} + +test RFC4231_TC4-14.4 {sha512} -body { + ::tls::hmac sha512 -key $key -data $data + } -result {b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd} + +# RFC 4231 HMAC Examples Test Case #5 - Test with a truncation of output to 128 bits. +set key [binary decode hex [string repeat "0c" 20]] +set data "Test With Truncation" + + +test RFC4231_TC5-15.1 {sha224} -body { + string range [::tls::hmac sha224 -key $key -data $data] 0 31 + } -result {0e2aea68a90c8d37c988bcdb9fca6fa8} + +test RFC4231_TC5-15.2 {sha256} -body { + string range [::tls::hmac sha256 -key $key -data $data] 0 31 + } -result {a3b6167473100ee06e0c796c2955552b} + +test RFC4231_TC5-15.3 {sha384} -body { + string range [::tls::hmac sha384 -key $key -data $data] 0 31 + } -result {3abf34c3503b2a23a46efc619baef897} + +test RFC4231_TC5-15.4 {sha512} -body { + string range [::tls::hmac sha512 -key $key -data $data] 0 31 + } -result {415fad6271580a531d4179bc891d87a6} + +# RFC 4231 HMAC Examples Test Case #6 - Test with a key larger than 128 bytes (= block-size of SHA-384 and SHA-512). +set key [binary decode hex [string repeat "aa" 131]] +set data "Test Using Larger Than Block-Size Key - Hash Key First" + + +test RFC4231_TC6-16.1 {sha224} -body { + ::tls::hmac sha224 -key $key -data $data + } -result {95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e} + +test RFC4231_TC6-16.2 {sha256} -body { + ::tls::hmac sha256 -key $key -data $data + } -result {60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54} + +test RFC4231_TC6-16.3 {sha384} -body { + ::tls::hmac sha384 -key $key -data $data + } -result {4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952} + +test RFC4231_TC6-16.4 {sha512} -body { + ::tls::hmac sha512 -key $key -data $data + } -result {80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598} + +# RFC 4231 HMAC Examples Test Case #7 - Test with a key and data that is larger than 128 bytes (= block-size of SHA-384 and SHA-512). +set key [binary decode hex [string repeat "aa" 131]] +set data "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm." + + +test RFC4231_TC7-17.1 {sha224} -body { + ::tls::hmac sha224 -key $key -data $data + } -result {3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1} + +test RFC4231_TC7-17.2 {sha256} -body { + ::tls::hmac sha256 -key $key -data $data + } -result {9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2} + +test RFC4231_TC7-17.3 {sha384} -body { + ::tls::hmac sha384 -key $key -data $data + } -result {6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e} + +test RFC4231_TC7-17.4 {sha512} -body { + ::tls::hmac sha512 -key $key -data $data + } -result {e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58} + +# Cleanup +::tcltest::removeFile $test_file + +# Cleanup +::tcltest::cleanupTests +return ADDED tests/info.csv Index: tests/info.csv ================================================================== --- /dev/null +++ tests/info.csv @@ -0,0 +1,74 @@ +# Group,Name,Constraints,Setup,Body,Cleanup,Match,Result,Output,Error Output,Return Codes +command,package require tls,,,,,,,,, +,,,,,,,,,, +command,# Make sure path includes location of OpenSSL executable,,,,,,,,, +command,"if {[info exists ::env(OPENSSL)]} {set ::env(path) [string cat [file join $::env(OPENSSL) bin] "";"" $::env(path)]}",,,,,,,,, +,,,,,,,,,, +command,# Constraints,,,,,,,,, +command,source common.tcl,,,,,,,,, +,,,,,,,,,, +command,# Helper functions,,,,,,,,, +command,"proc lcompare {list1 list2} {set m """";set u """";foreach i $list1 {if {$i ni $list2} {lappend m $i}};foreach i $list2 {if {$i ni $list1} {lappend u $i}};return [list ""missing"" $m ""unexpected"" $u]}",,,,,,,,, +command,proc exec_get {delim args} {return [split [exec openssl {*}$args] $delim]},,,,,,,,, +command,"proc exec_get_ciphers {} {set list [list];set data [exec openssl list -cipher-algorithms];foreach line [split $data ""\n""] {foreach {cipher null alias} [split [string trim $line]] {lappend list [string tolower $cipher]}};return [lsort -unique $list]}",,,,,,,,, +command,"proc exec_get_digests {} {set list [list];set data [exec openssl dgst -list];foreach line [split $data ""\n""] {foreach digest $line {if {[string match ""-*"" $digest]} {lappend list [string trimleft $digest ""-""]}}};return [lsort $list]}",,,,,,,,, +command,proc exec_get_macs {} {return [list cmac hmac]},,,,,,,,, +command,proc list_tolower {list} {set result [list];foreach element $list {lappend result [string tolower $element]};return $result},,,,,,,,, +,,,,,,,,,, +command,# Test list ciphers,,,,,,,,, +Ciphers List,All,,,lcompare [lsort [exec_get_ciphers]] [list_tolower [lsort [::tls::ciphers]]],,,missing {rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb} unexpected {aes-128-ccm aes-128-gcm aes-192-ccm aes-192-gcm aes-256-ccm aes-256-gcm},,, +,,,,,,,,,, +command,# Test list ciphers for protocols,,,,,,,,, +Ciphers By Protocol,SSL2,ssl2,,"lcompare [exec_get "":"" ciphers -ssl2] [::tls::ciphers ssl2]",,,missing {} unexpected {},,, +Ciphers By Protocol,SSL3,ssl3,,"lcompare [exec_get "":"" ciphers -ssl3] [::tls::ciphers ssl3]",,,missing {} unexpected {},,, +Ciphers By Protocol,TLS1.0,tls1,,"lcompare [exec_get "":"" ciphers -tls1] [::tls::ciphers tls1]",,,missing {} unexpected {},,, +Ciphers By Protocol,TLS1.1,tls1.1,,"lcompare [exec_get "":"" ciphers -tls1_1] [::tls::ciphers tls1.1]",,,missing {} unexpected {},,, +Ciphers By Protocol,TLS1.2,tls1.2,,"lcompare [exec_get "":"" ciphers -tls1_2] [::tls::ciphers tls1.2]",,,missing {} unexpected {},,, +Ciphers By Protocol,TLS1.3,tls1.3,,"lcompare [exec_get "":"" ciphers -tls1_3] [::tls::ciphers tls1.3]",,,missing {} unexpected {},,, +,,,,,,,,,, +command,# Test cipher descriptions,,,,,,,,, +Ciphers With Descriptions,SSL2,ssl2,,"lcompare [exec_get ""\r\n"" ciphers -ssl2 -v] [split [string trim [::tls::ciphers ssl2 1]] \n]",,,missing {} unexpected {},,, +Ciphers With Descriptions,SSL3,ssl3,,"lcompare [exec_get ""\r\n"" ciphers -ssl3 -v] [split [string trim [::tls::ciphers ssl3 1]] \n]",,,missing {} unexpected {},,, +Ciphers With Descriptions,TLS1.0,tls1,,"lcompare [exec_get ""\r\n"" ciphers -tls1 -v] [split [string trim [::tls::ciphers tls1 1]] \n]",,,missing {} unexpected {},,, +Ciphers With Descriptions,TLS1.1,tls1.1,,"lcompare [exec_get ""\r\n"" ciphers -tls1_1 -v] [split [string trim [::tls::ciphers tls1.1 1]] \n]",,,missing {} unexpected {},,, +Ciphers With Descriptions,TLS1.2,tls1.2,,"lcompare [exec_get ""\r\n"" ciphers -tls1_2 -v] [split [string trim [::tls::ciphers tls1.2 1]] \n]",,,missing {} unexpected {},,, +Ciphers With Descriptions,TLS1.3,tls1.3,,"lcompare [exec_get ""\r\n"" ciphers -tls1_3 -v] [split [string trim [::tls::ciphers tls1.3 1]] \n]",,,missing {} unexpected {},,, +,,,,,,,,,, +command,# Test protocol specific ciphers,,,,,,,,, +Ciphers Protocol Specific,SSL2,ssl2,,"lcompare [exec_get "":"" ciphers -ssl2 -s] [::tls::ciphers ssl2 0 1]",,,missing {} unexpected {},,, +Ciphers Protocol Specific,SSL3,ssl3,,"lcompare [exec_get "":"" ciphers -ssl3 -s] [::tls::ciphers ssl3 0 1]",,,missing {} unexpected {},,, +Ciphers Protocol Specific,TLS1.0,tls1,,"lcompare [exec_get "":"" ciphers -tls1 -s] [::tls::ciphers tls1 0 1]",,,missing {} unexpected {},,, +Ciphers Protocol Specific,TLS1.1,tls1.1,,"lcompare [exec_get "":"" ciphers -tls1_1 -s] [::tls::ciphers tls1.1 0 1]",,,missing {} unexpected {},,, +Ciphers Protocol Specific,TLS1.2,tls1.2,,"lcompare [exec_get "":"" ciphers -tls1_2 -s] [::tls::ciphers tls1.2 0 1]",,,missing {} unexpected {},,, +Ciphers Protocol Specific,TLS1.3,tls1.3,,"lcompare [exec_get "":"" ciphers -tls1_3 -s] [::tls::ciphers tls1.3 0 1]",,,missing {} unexpected {},,, +,,,,,,,,,, +command,# Ciphers Error Cases,,,,,,,,, +Ciphers Errors,Too many args,,,::tls::ciphers too many args to pass,,,"wrong # args: should be ""::tls::ciphers ?protocol? ?verbose? ?supported?""",,,1 +Ciphers Errors,Invalid protocol,,,::tls::ciphers bogus,,,"bad protocol ""bogus"": must be ssl2, ssl3, tls1, tls1.1, tls1.2, or tls1.3",,,1 +Ciphers Errors,Invalid verbose,,,::tls::ciphers tls1.3 bogus,,,"expected boolean value but got ""bogus""",,,1 +Ciphers Errors,Invalid supported,,,::tls::ciphers tls1.3 1 bogus,,,"expected boolean value but got ""bogus""",,,1 +Ciphers Errors,SSL2,!ssl2,,::tls::ciphers ssl2,,,ssl2: protocol not supported,,,1 +Ciphers Errors,SSL3,!ssl3,,::tls::ciphers ssl3,,,ssl3: protocol not supported,,,1 +Ciphers Errors,TLS1.0,!tls1,,::tls::ciphers tls1,,,tls1: protocol not supported,,,1 +Ciphers Errors,TLS1.1,!tls1.1,,::tls::ciphers tls1.1,,,tls1.0: protocol not supported,,,1 +Ciphers Errors,TLS1.2,!tls1.2,,::tls::ciphers tls1.2,,,tls1.1: protocol not supported,,,1 +Ciphers Errors,TLS1.3,!tls1.3,,::tls::ciphers tls1.3,,,tls1.3: protocol not supported,,,1 +,,,,,,,,,, +command,# Test list digests,,,,,,,,, +Digests List,All,,,lcompare [lsort [exec_get_digests]] [lsort [tls::digests]],,,missing {} unexpected {},,, +,,,,,,,,,, +command,# Test list MACs,,,,,,,,, +MAC List,All,,,lcompare [exec_get_macs] [tls::macs],,,missing {} unexpected {},,, +,,,,,,,,,, +command,# Test list protocols,,,,,,,,, +Protocols,All,,,lcompare $::protocols [::tls::protocols],,,missing {ssl2 ssl3} unexpected {},,, +,,,,,,,,,, +command,# Test show version,,,,,,,,, +Version,All,,,::tls::version,,glob,*,,, +Version,OpenSSL,OpenSSL,,::tls::version,,glob,OpenSSL*,,, +,,,,,,,,,, +command,# Error Cases,,,,,,,,, +Error Cases,Digests Too many args,,,::tls::digests too many args,,,"wrong # args: should be ""::tls::digests""",,,1 +Error Cases,MACs Too many args,,,::tls::macs too many args,,,"wrong # args: should be ""::tls::macs""",,,1 +Error Cases,Protocols Too many args,,,::tls::protocols too many args,,,"wrong # args: should be ""::tls::protocols""",,,1 +Error Cases,Version Too many args,,,::tls::version too many args,,,"wrong # args: should be ""::tls::version""",,,1 ADDED tests/info.test Index: tests/info.test ================================================================== --- /dev/null +++ tests/info.test @@ -0,0 +1,212 @@ +# Auto generated test cases for info.csv + +# Load Tcl Test package +if {[lsearch [namespace children] ::tcltest] == -1} { + package require tcltest + namespace import ::tcltest::* +} + +set auto_path [concat [list [file dirname [file dirname [info script]]]] $auto_path] + +package require tls + +# Make sure path includes location of OpenSSL executable +if {[info exists ::env(OPENSSL)]} {set ::env(path) [string cat [file join $::env(OPENSSL) bin] ";" $::env(path)]} + +# Constraints +source common.tcl + +# Helper functions +proc lcompare {list1 list2} {set m "";set u "";foreach i $list1 {if {$i ni $list2} {lappend m $i}};foreach i $list2 {if {$i ni $list1} {lappend u $i}};return [list "missing" $m "unexpected" $u]} +proc exec_get {delim args} {return [split [exec openssl {*}$args] $delim]} +proc exec_get_ciphers {} {set list [list];set data [exec openssl list -cipher-algorithms];foreach line [split $data "\n"] {foreach {cipher null alias} [split [string trim $line]] {lappend list [string tolower $cipher]}};return [lsort -unique $list]} +proc exec_get_digests {} {set list [list];set data [exec openssl dgst -list];foreach line [split $data "\n"] {foreach digest $line {if {[string match "-*" $digest]} {lappend list [string trimleft $digest "-"]}}};return [lsort $list]} +proc exec_get_macs {} {return [list cmac hmac]} +proc list_tolower {list} {set result [list];foreach element $list {lappend result [string tolower $element]};return $result} + + +# Test list ciphers + + +test Ciphers_List-1.1 {All} -body { + lcompare [lsort [exec_get_ciphers]] [list_tolower [lsort [::tls::ciphers]]] + } -result {missing {rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb} unexpected {aes-128-ccm aes-128-gcm aes-192-ccm aes-192-gcm aes-256-ccm aes-256-gcm}} + +# Test list ciphers for protocols + + +test Ciphers_By_Protocol-2.1 {SSL2} -constraints {ssl2} -body { + lcompare [exec_get ":" ciphers -ssl2] [::tls::ciphers ssl2] + } -result {missing {} unexpected {}} + +test Ciphers_By_Protocol-2.2 {SSL3} -constraints {ssl3} -body { + lcompare [exec_get ":" ciphers -ssl3] [::tls::ciphers ssl3] + } -result {missing {} unexpected {}} + +test Ciphers_By_Protocol-2.3 {TLS1.0} -constraints {tls1} -body { + lcompare [exec_get ":" ciphers -tls1] [::tls::ciphers tls1] + } -result {missing {} unexpected {}} + +test Ciphers_By_Protocol-2.4 {TLS1.1} -constraints {tls1.1} -body { + lcompare [exec_get ":" ciphers -tls1_1] [::tls::ciphers tls1.1] + } -result {missing {} unexpected {}} + +test Ciphers_By_Protocol-2.5 {TLS1.2} -constraints {tls1.2} -body { + lcompare [exec_get ":" ciphers -tls1_2] [::tls::ciphers tls1.2] + } -result {missing {} unexpected {}} + +test Ciphers_By_Protocol-2.6 {TLS1.3} -constraints {tls1.3} -body { + lcompare [exec_get ":" ciphers -tls1_3] [::tls::ciphers tls1.3] + } -result {missing {} unexpected {}} + +# Test cipher descriptions + + +test Ciphers_With_Descriptions-3.1 {SSL2} -constraints {ssl2} -body { + lcompare [exec_get "\r\n" ciphers -ssl2 -v] [split [string trim [::tls::ciphers ssl2 1]] \n] + } -result {missing {} unexpected {}} + +test Ciphers_With_Descriptions-3.2 {SSL3} -constraints {ssl3} -body { + lcompare [exec_get "\r\n" ciphers -ssl3 -v] [split [string trim [::tls::ciphers ssl3 1]] \n] + } -result {missing {} unexpected {}} + +test Ciphers_With_Descriptions-3.3 {TLS1.0} -constraints {tls1} -body { + lcompare [exec_get "\r\n" ciphers -tls1 -v] [split [string trim [::tls::ciphers tls1 1]] \n] + } -result {missing {} unexpected {}} + +test Ciphers_With_Descriptions-3.4 {TLS1.1} -constraints {tls1.1} -body { + lcompare [exec_get "\r\n" ciphers -tls1_1 -v] [split [string trim [::tls::ciphers tls1.1 1]] \n] + } -result {missing {} unexpected {}} + +test Ciphers_With_Descriptions-3.5 {TLS1.2} -constraints {tls1.2} -body { + lcompare [exec_get "\r\n" ciphers -tls1_2 -v] [split [string trim [::tls::ciphers tls1.2 1]] \n] + } -result {missing {} unexpected {}} + +test Ciphers_With_Descriptions-3.6 {TLS1.3} -constraints {tls1.3} -body { + lcompare [exec_get "\r\n" ciphers -tls1_3 -v] [split [string trim [::tls::ciphers tls1.3 1]] \n] + } -result {missing {} unexpected {}} + +# Test protocol specific ciphers + + +test Ciphers_Protocol_Specific-4.1 {SSL2} -constraints {ssl2} -body { + lcompare [exec_get ":" ciphers -ssl2 -s] [::tls::ciphers ssl2 0 1] + } -result {missing {} unexpected {}} + +test Ciphers_Protocol_Specific-4.2 {SSL3} -constraints {ssl3} -body { + lcompare [exec_get ":" ciphers -ssl3 -s] [::tls::ciphers ssl3 0 1] + } -result {missing {} unexpected {}} + +test Ciphers_Protocol_Specific-4.3 {TLS1.0} -constraints {tls1} -body { + lcompare [exec_get ":" ciphers -tls1 -s] [::tls::ciphers tls1 0 1] + } -result {missing {} unexpected {}} + +test Ciphers_Protocol_Specific-4.4 {TLS1.1} -constraints {tls1.1} -body { + lcompare [exec_get ":" ciphers -tls1_1 -s] [::tls::ciphers tls1.1 0 1] + } -result {missing {} unexpected {}} + +test Ciphers_Protocol_Specific-4.5 {TLS1.2} -constraints {tls1.2} -body { + lcompare [exec_get ":" ciphers -tls1_2 -s] [::tls::ciphers tls1.2 0 1] + } -result {missing {} unexpected {}} + +test Ciphers_Protocol_Specific-4.6 {TLS1.3} -constraints {tls1.3} -body { + lcompare [exec_get ":" ciphers -tls1_3 -s] [::tls::ciphers tls1.3 0 1] + } -result {missing {} unexpected {}} + +# Ciphers Error Cases + + +test Ciphers_Errors-5.1 {Too many args} -body { + ::tls::ciphers too many args to pass + } -result {wrong # args: should be "::tls::ciphers ?protocol? ?verbose? ?supported?"} -returnCodes {1} + +test Ciphers_Errors-5.2 {Invalid protocol} -body { + ::tls::ciphers bogus + } -result {bad protocol "bogus": must be ssl2, ssl3, tls1, tls1.1, tls1.2, or tls1.3} -returnCodes {1} + +test Ciphers_Errors-5.3 {Invalid verbose} -body { + ::tls::ciphers tls1.3 bogus + } -result {expected boolean value but got "bogus"} -returnCodes {1} + +test Ciphers_Errors-5.4 {Invalid supported} -body { + ::tls::ciphers tls1.3 1 bogus + } -result {expected boolean value but got "bogus"} -returnCodes {1} + +test Ciphers_Errors-5.5 {SSL2} -constraints {!ssl2} -body { + ::tls::ciphers ssl2 + } -result {ssl2: protocol not supported} -returnCodes {1} + +test Ciphers_Errors-5.6 {SSL3} -constraints {!ssl3} -body { + ::tls::ciphers ssl3 + } -result {ssl3: protocol not supported} -returnCodes {1} + +test Ciphers_Errors-5.7 {TLS1.0} -constraints {!tls1} -body { + ::tls::ciphers tls1 + } -result {tls1: protocol not supported} -returnCodes {1} + +test Ciphers_Errors-5.8 {TLS1.1} -constraints {!tls1.1} -body { + ::tls::ciphers tls1.1 + } -result {tls1.0: protocol not supported} -returnCodes {1} + +test Ciphers_Errors-5.9 {TLS1.2} -constraints {!tls1.2} -body { + ::tls::ciphers tls1.2 + } -result {tls1.1: protocol not supported} -returnCodes {1} + +test Ciphers_Errors-5.10 {TLS1.3} -constraints {!tls1.3} -body { + ::tls::ciphers tls1.3 + } -result {tls1.3: protocol not supported} -returnCodes {1} + +# Test list digests + + +test Digests_List-6.1 {All} -body { + lcompare [lsort [exec_get_digests]] [lsort [tls::digests]] + } -result {missing {} unexpected {}} + +# Test list MACs + + +test MAC_List-7.1 {All} -body { + lcompare [exec_get_macs] [tls::macs] + } -result {missing {} unexpected {}} + +# Test list protocols + + +test Protocols-8.1 {All} -body { + lcompare $::protocols [::tls::protocols] + } -result {missing {ssl2 ssl3} unexpected {}} + +# Test show version + + +test Version-9.1 {All} -body { + ::tls::version + } -match {glob} -result {*} + +test Version-9.2 {OpenSSL} -constraints {OpenSSL} -body { + ::tls::version + } -match {glob} -result {OpenSSL*} + +# Error Cases + + +test Error_Cases-10.1 {Digests Too many args} -body { + ::tls::digests too many args + } -result {wrong # args: should be "::tls::digests"} -returnCodes {1} + +test Error_Cases-10.2 {MACs Too many args} -body { + ::tls::macs too many args + } -result {wrong # args: should be "::tls::macs"} -returnCodes {1} + +test Error_Cases-10.3 {Protocols Too many args} -body { + ::tls::protocols too many args + } -result {wrong # args: should be "::tls::protocols"} -returnCodes {1} + +test Error_Cases-10.4 {Version Too many args} -body { + ::tls::version too many args + } -result {wrong # args: should be "::tls::version"} -returnCodes {1} + +# Cleanup +::tcltest::cleanupTests +return Index: tests/make_test_files.tcl ================================================================== --- tests/make_test_files.tcl +++ tests/make_test_files.tcl @@ -101,10 +101,11 @@ } puts $out $buffer } else { # Empty line + puts $out "" } break } } DELETED tests/md_data.dat Index: tests/md_data.dat ================================================================== --- tests/md_data.dat +++ /dev/null @@ -1,1 +0,0 @@ -Example string for message digest tests.