ssl-opt.sh: remove tests which are specific for DHE-RSA

For these ones there is no ECDHE alternative as they are testing
specific features of DHE.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2025-01-20 15:33:43 +01:00
parent 309a7ec70e
commit 3b412e283f

View File

@ -8417,96 +8417,6 @@ run_test "extKeyUsage cli-auth 1.3: codeSign -> fail (hard)" \
-s "Processing of the Certificate handshake message failed"
# MBEDTLS_X509_BADCERT_EXT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
# Tests for DHM parameters loading
run_test "DHM parameters: reference" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=3" \
0 \
-c "value of 'DHM: P ' (2048 bits)" \
-c "value of 'DHM: G ' (2 bits)"
run_test "DHM parameters: other parameters" \
"$P_SRV dhm_file=$DATA_FILES_PATH/dhparams.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=3" \
0 \
-c "value of 'DHM: P ' (1024 bits)" \
-c "value of 'DHM: G ' (2 bits)"
# Tests for DHM client-side size checking
run_test "DHM size: server default, client default, OK" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server default, client 2048, OK" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=2048" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server 1024, client default, OK" \
"$P_SRV dhm_file=$DATA_FILES_PATH/dhparams.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server 999, client 999, OK" \
"$P_SRV dhm_file=$DATA_FILES_PATH/dh.999.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=999" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server 1000, client 1000, OK" \
"$P_SRV dhm_file=$DATA_FILES_PATH/dh.1000.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=1000" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server 1000, client default, rejected" \
"$P_SRV dhm_file=$DATA_FILES_PATH/dh.1000.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1" \
1 \
-c "DHM prime too short:"
run_test "DHM size: server 1000, client 1001, rejected" \
"$P_SRV dhm_file=$DATA_FILES_PATH/dh.1000.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=1001" \
1 \
-c "DHM prime too short:"
run_test "DHM size: server 999, client 1000, rejected" \
"$P_SRV dhm_file=$DATA_FILES_PATH/dh.999.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=1000" \
1 \
-c "DHM prime too short:"
run_test "DHM size: server 998, client 999, rejected" \
"$P_SRV dhm_file=$DATA_FILES_PATH/dh.998.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=999" \
1 \
-c "DHM prime too short:"
run_test "DHM size: server default, client 2049, rejected" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=2049" \
1 \
-c "DHM prime too short:"
# Tests for PSK callback
run_test "PSK callback: psk, no callback" \