Add dummy tls1.3 handshake dispatch functions
Base on version config, `handshack_{clinet,server}_step` will call different step function. TLS1.3 features will be gradully added base on it. And a new test cases is added to make sure it reports `feature is not available`. Change-Id: I4f0e36cb610f5aa59f97910fb8204bfbf2825949 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
parent
3cc4c2a506
commit
b9930e7d70
5 changed files with 46 additions and 5 deletions
|
@ -881,6 +881,10 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl );
|
||||||
int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
|
int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
|
||||||
int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
|
int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
|
||||||
void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
|
void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
|
||||||
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||||
|
int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl );
|
||||||
|
int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl );
|
||||||
|
#endif
|
||||||
|
|
||||||
int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
|
int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
|
||||||
|
|
||||||
|
|
|
@ -5135,11 +5135,31 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl )
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_CLI_C)
|
#if defined(MBEDTLS_SSL_CLI_C)
|
||||||
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
|
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
|
||||||
|
{
|
||||||
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||||
|
if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) )
|
||||||
|
ret = mbedtls_ssl_handshake_client_step_tls1_3( ssl );
|
||||||
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
|
if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) )
|
||||||
ret = mbedtls_ssl_handshake_client_step( ssl );
|
ret = mbedtls_ssl_handshake_client_step( ssl );
|
||||||
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
#if defined(MBEDTLS_SSL_SRV_C)
|
#if defined(MBEDTLS_SSL_SRV_C)
|
||||||
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
|
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
|
||||||
|
{
|
||||||
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||||
|
if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) )
|
||||||
|
ret = mbedtls_ssl_handshake_server_step_tls1_3( ssl );
|
||||||
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
|
if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) )
|
||||||
ret = mbedtls_ssl_handshake_server_step( ssl );
|
ret = mbedtls_ssl_handshake_server_step( ssl );
|
||||||
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
|
@ -27,7 +27,11 @@
|
||||||
|
|
||||||
#include "ssl_misc.h"
|
#include "ssl_misc.h"
|
||||||
|
|
||||||
|
int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl )
|
||||||
|
{
|
||||||
|
((void) ssl);
|
||||||
|
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||||
|
}
|
||||||
|
|
||||||
#endif /* MBEDTLS_SSL_CLI_C */
|
#endif /* MBEDTLS_SSL_CLI_C */
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* TLSv1.3 server-side functions
|
* TLS 1.3 server-side functions
|
||||||
*
|
*
|
||||||
* Copyright The Mbed TLS Contributors
|
* Copyright The Mbed TLS Contributors
|
||||||
* SPDX-License-Identifier: Apache-2.0
|
* SPDX-License-Identifier: Apache-2.0
|
||||||
|
@ -21,11 +21,15 @@
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||||
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SRV_C)
|
#if defined(MBEDTLS_SSL_SRV_C)
|
||||||
|
|
||||||
#include "ssl_misc.h"
|
#include "ssl_misc.h"
|
||||||
|
|
||||||
|
int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl )
|
||||||
|
{
|
||||||
|
((void) ssl);
|
||||||
|
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||||
|
}
|
||||||
|
|
||||||
#endif /* MBEDTLS_SSL_SRV_C */
|
#endif /* MBEDTLS_SSL_SRV_C */
|
||||||
|
|
||||||
|
|
|
@ -8501,6 +8501,15 @@ run_test "TLS1.3: Not supported version check: tls1_2 and tls1_3" \
|
||||||
-s "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" \
|
-s "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" \
|
||||||
-c "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported"
|
-c "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported"
|
||||||
|
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
|
||||||
|
run_test "TLS1.3: handshake dispatch test: tls1_3 only" \
|
||||||
|
"$P_SRV min_version=tls1_3 max_version=tls1_3" \
|
||||||
|
"$P_CLI min_version=tls1_3 max_version=tls1_3" \
|
||||||
|
1 \
|
||||||
|
-s "SSL - The requested feature is not available" \
|
||||||
|
-c "SSL - The requested feature is not available"
|
||||||
|
|
||||||
# Test heap memory usage after handshake
|
# Test heap memory usage after handshake
|
||||||
requires_config_enabled MBEDTLS_MEMORY_DEBUG
|
requires_config_enabled MBEDTLS_MEMORY_DEBUG
|
||||||
requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C
|
requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C
|
||||||
|
|
Loading…
Reference in a new issue