0, 0,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
128,
}
};
DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
128,
},
{
DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
256,
},
{
DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
128,
},
{
DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
256,
},
{
DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
128,
},
{
DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
256,
},
{
DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
128,
},
{
DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
256,
},
{
DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
128,
},
{
DTLS1_2_VERSION, DTLS1_2_VERSION,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 80, /* CCM8 uses a short tag, so we have a low security strength */
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
256,
},
{
&serverssl, &sess, 2)))
goto end;
+ if (idx == 4) {
+ /* CCM8 ciphers are considered low security due to their short tag */
+ SSL_set_security_level(clientssl, 0);
+ SSL_set_security_level(serverssl, 0);
+ }
+
if (!TEST_true(SSL_set_ciphersuites(clientssl, cipher_str[idx]))
|| !TEST_true(SSL_set_ciphersuites(serverssl, cipher_str[idx])))
goto end;
"TLS_AES_256_GCM_SHA384:"
"TLS_AES_128_CCM_SHA256"))
|| !TEST_true(SSL_CTX_set_ciphersuites(cctx,
- "TLS_AES_128_GCM_SHA256"))
- || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl,
- &clientssl, NULL, NULL))
+ "TLS_AES_128_GCM_SHA256")))
+ goto end;
+
+ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+ NULL, NULL))
|| !TEST_true(create_ssl_connection(serverssl, clientssl,
SSL_ERROR_NONE)))
goto end;
static const struct {
const char *ciphername;
int fipscapable;
+ int low_security;
} t13_ciphers[] = {
- { TLS1_3_RFC_AES_128_GCM_SHA256, 1 },
- { TLS1_3_RFC_AES_256_GCM_SHA384, 1 },
- { TLS1_3_RFC_AES_128_CCM_SHA256, 1 },
+ { TLS1_3_RFC_AES_128_GCM_SHA256, 1, 0 },
+ { TLS1_3_RFC_AES_256_GCM_SHA384, 1, 0 },
+ { TLS1_3_RFC_AES_128_CCM_SHA256, 1, 0 },
# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
- { TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 0 },
+ { TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 0, 0 },
{ TLS1_3_RFC_AES_256_GCM_SHA384
- ":" TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 0 },
+ ":" TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 0, 0 },
# endif
- { TLS1_3_RFC_AES_128_CCM_8_SHA256 ":" TLS1_3_RFC_AES_128_CCM_SHA256, 1 }
+ /* CCM8 ciphers are considered low security due to their short tag */
+ { TLS1_3_RFC_AES_128_CCM_8_SHA256
+ ":" TLS1_3_RFC_AES_128_CCM_SHA256, 1, 1 }
};
const char *t13_cipher = NULL;
const char *t12_cipher = NULL;
&sctx, &cctx, cert, privkey)))
goto end;
+ if (t13_ciphers[i].low_security) {
+ SSL_CTX_set_security_level(sctx, 0);
+ SSL_CTX_set_security_level(cctx, 0);
+ }
+
if (set_at_ctx) {
if (!TEST_true(SSL_CTX_set_ciphersuites(sctx, t13_cipher))
|| !TEST_true(SSL_CTX_set_ciphersuites(cctx, t13_cipher)))