SSL: use MD_CAN macros
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
33a13028e5
commit
bef824d394
15 changed files with 916 additions and 916 deletions
File diff suppressed because it is too large
Load diff
|
@ -47,11 +47,11 @@
|
|||
* If DTLS is in use, then at least one of SHA-256 or SHA-384 is
|
||||
* available. Try SHA-256 first as 384 wastes resources
|
||||
*/
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#define COOKIE_MD MBEDTLS_MD_SHA256
|
||||
#define COOKIE_MD_OUTLEN 32
|
||||
#define COOKIE_HMAC_LEN 28
|
||||
#elif defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
|
||||
#elif defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#define COOKIE_MD MBEDTLS_MD_SHA384
|
||||
#define COOKIE_MD_OUTLEN 48
|
||||
#define COOKIE_HMAC_LEN 28
|
||||
|
|
|
@ -34,19 +34,19 @@
|
|||
#endif
|
||||
#include "mbedtls/legacy_or_psa.h"
|
||||
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#if defined(MBEDTLS_MD_CAN_MD5)
|
||||
#include "mbedtls/md5.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
#include "mbedtls/sha1.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#include "mbedtls/sha256.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
#include "mbedtls/sha512.h"
|
||||
#endif
|
||||
|
||||
|
@ -298,9 +298,9 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type);
|
|||
|
||||
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
|
||||
/* Ciphersuites using HMAC */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */
|
||||
#elif defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#elif defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#define MBEDTLS_SSL_MAC_ADD 32 /* SHA-256 used for HMAC */
|
||||
#else
|
||||
#define MBEDTLS_SSL_MAC_ADD 20 /* SHA-1 used for HMAC */
|
||||
|
@ -905,14 +905,14 @@ struct mbedtls_ssl_handshake_params {
|
|||
/*
|
||||
* Checksum contexts
|
||||
*/
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
psa_hash_operation_t fin_sha256_psa;
|
||||
#else
|
||||
mbedtls_md_context_t fin_sha256;
|
||||
#endif
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
psa_hash_operation_t fin_sha384_psa;
|
||||
#else
|
||||
|
@ -2324,18 +2324,18 @@ static inline int mbedtls_ssl_tls13_sig_alg_is_supported(
|
|||
{
|
||||
switch (sig_alg) {
|
||||
#if defined(MBEDTLS_PKCS1_V15)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256:
|
||||
break;
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384:
|
||||
break;
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512:
|
||||
break;
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA512 */
|
||||
#endif /* MBEDTLS_PKCS1_V15 */
|
||||
default:
|
||||
return mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported(
|
||||
|
@ -2378,24 +2378,24 @@ static inline int mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg(
|
|||
|
||||
switch (sig_alg) {
|
||||
#if defined(MBEDTLS_PKCS1_V21)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:
|
||||
*md_alg = MBEDTLS_MD_SHA256;
|
||||
*pk_type = MBEDTLS_PK_RSASSA_PSS;
|
||||
break;
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:
|
||||
*md_alg = MBEDTLS_MD_SHA384;
|
||||
*pk_type = MBEDTLS_PK_RSASSA_PSS;
|
||||
break;
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512:
|
||||
*md_alg = MBEDTLS_MD_SHA512;
|
||||
*pk_type = MBEDTLS_PK_RSASSA_PSS;
|
||||
break;
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA512 */
|
||||
#endif /* MBEDTLS_PKCS1_V21 */
|
||||
default:
|
||||
return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
|
@ -2412,32 +2412,32 @@ static inline int mbedtls_ssl_tls12_sig_alg_is_supported(
|
|||
unsigned char sig = MBEDTLS_BYTE_0(sig_alg);
|
||||
|
||||
switch (hash) {
|
||||
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_MD5)
|
||||
case MBEDTLS_SSL_HASH_MD5:
|
||||
break;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
case MBEDTLS_SSL_HASH_SHA1:
|
||||
break;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA224)
|
||||
case MBEDTLS_SSL_HASH_SHA224:
|
||||
break;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
case MBEDTLS_SSL_HASH_SHA256:
|
||||
break;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
case MBEDTLS_SSL_HASH_SHA384:
|
||||
break;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
case MBEDTLS_SSL_HASH_SHA512:
|
||||
break;
|
||||
#endif
|
||||
|
|
|
@ -419,7 +419,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform,
|
|||
unsigned endpoint,
|
||||
const mbedtls_ssl_context *ssl);
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_sha256(const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
|
@ -428,9 +428,9 @@ static int tls_prf_sha256(const unsigned char *secret, size_t slen,
|
|||
static int ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *, unsigned char *, size_t *);
|
||||
static int ssl_calc_finished_tls_sha256(mbedtls_ssl_context *, unsigned char *, int);
|
||||
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256*/
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_sha384(const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
|
@ -439,7 +439,7 @@ static int tls_prf_sha384(const unsigned char *secret, size_t slen,
|
|||
|
||||
static int ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *, unsigned char *, size_t *);
|
||||
static int ssl_calc_finished_tls_sha384(mbedtls_ssl_context *, unsigned char *, int);
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384*/
|
||||
|
||||
static size_t ssl_tls12_session_save(const mbedtls_ssl_session *session,
|
||||
unsigned char *buf,
|
||||
|
@ -453,13 +453,13 @@ static int ssl_tls12_session_load(mbedtls_ssl_session *session,
|
|||
|
||||
static int ssl_update_checksum_start(mbedtls_ssl_context *, const unsigned char *, size_t);
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
static int ssl_update_checksum_sha256(mbedtls_ssl_context *, const unsigned char *, size_t);
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256*/
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
static int ssl_update_checksum_sha384(mbedtls_ssl_context *, const unsigned char *, size_t);
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384*/
|
||||
|
||||
int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf,
|
||||
const unsigned char *secret, size_t slen,
|
||||
|
@ -471,16 +471,16 @@ int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf,
|
|||
|
||||
switch (prf) {
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
case MBEDTLS_SSL_TLS_PRF_SHA384:
|
||||
tls_prf = tls_prf_sha384;
|
||||
break;
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384*/
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
case MBEDTLS_SSL_TLS_PRF_SHA256:
|
||||
tls_prf = tls_prf_sha256;
|
||||
break;
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256*/
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||
default:
|
||||
return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
|
@ -784,12 +784,12 @@ void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl,
|
|||
{
|
||||
((void) ciphersuite_info);
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) {
|
||||
ssl->handshake->update_checksum = ssl_update_checksum_sha384;
|
||||
} else
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
if (ciphersuite_info->mac != MBEDTLS_MD_SHA384) {
|
||||
ssl->handshake->update_checksum = ssl_update_checksum_sha256;
|
||||
} else
|
||||
|
@ -830,8 +830,8 @@ int mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl,
|
|||
|
||||
int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
|
||||
{
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) || \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256) || \
|
||||
defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
psa_status_t status;
|
||||
#else
|
||||
|
@ -840,7 +840,7 @@ int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
|
|||
#else /* SHA-256 or SHA-384 */
|
||||
((void) ssl);
|
||||
#endif /* SHA-256 or SHA-384 */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
status = psa_hash_abort(&ssl->handshake->fin_sha256_psa);
|
||||
if (status != PSA_SUCCESS) {
|
||||
|
@ -865,7 +865,7 @@ int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
|
|||
}
|
||||
#endif
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
status = psa_hash_abort(&ssl->handshake->fin_sha384_psa);
|
||||
if (status != PSA_SUCCESS) {
|
||||
|
@ -895,8 +895,8 @@ int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
|
|||
static int ssl_update_checksum_start(mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf, size_t len)
|
||||
{
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) || \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256) || \
|
||||
defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
psa_status_t status;
|
||||
#else
|
||||
|
@ -907,7 +907,7 @@ static int ssl_update_checksum_start(mbedtls_ssl_context *ssl,
|
|||
(void) buf;
|
||||
(void) len;
|
||||
#endif /* SHA-256 or SHA-384 */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
status = psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len);
|
||||
if (status != PSA_SUCCESS) {
|
||||
|
@ -920,7 +920,7 @@ static int ssl_update_checksum_start(mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
status = psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len);
|
||||
if (status != PSA_SUCCESS) {
|
||||
|
@ -936,7 +936,7 @@ static int ssl_update_checksum_start(mbedtls_ssl_context *ssl,
|
|||
return 0;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
static int ssl_update_checksum_sha256(mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf, size_t len)
|
||||
{
|
||||
|
@ -949,7 +949,7 @@ static int ssl_update_checksum_sha256(mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
static int ssl_update_checksum_sha384(mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf, size_t len)
|
||||
{
|
||||
|
@ -966,14 +966,14 @@ static void ssl_handshake_params_init(mbedtls_ssl_handshake_params *handshake)
|
|||
{
|
||||
memset(handshake, 0, sizeof(mbedtls_ssl_handshake_params));
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
handshake->fin_sha256_psa = psa_hash_operation_init();
|
||||
#else
|
||||
mbedtls_md_init(&handshake->fin_sha256);
|
||||
#endif
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
handshake->fin_sha384_psa = psa_hash_operation_init();
|
||||
#else
|
||||
|
@ -4118,14 +4118,14 @@ void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl)
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
psa_hash_abort(&handshake->fin_sha256_psa);
|
||||
#else
|
||||
mbedtls_md_free(&handshake->fin_sha256);
|
||||
#endif
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
psa_hash_abort(&handshake->fin_sha384_psa);
|
||||
#else
|
||||
|
@ -4997,55 +4997,55 @@ static int ssl_preset_suiteb_ciphersuites[] = {
|
|||
static uint16_t ssl_preset_default_sig_algs[] = {
|
||||
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) && \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
|
||||
defined(MBEDTLS_MD_CAN_SHA256) && \
|
||||
defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
|
||||
MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256,
|
||||
#endif /* MBEDTLS_PK_CAN_ECDSA_SOME && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA &&
|
||||
#endif /* MBEDTLS_PK_CAN_ECDSA_SOME && MBEDTLS_MD_CAN_SHA256 &&
|
||||
MBEDTLS_ECP_DP_SECP256R1_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) && \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
|
||||
defined(MBEDTLS_MD_CAN_SHA384) && \
|
||||
defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
|
||||
MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384,
|
||||
#endif /* MBEDTLS_PK_CAN_ECDSA_SOME && MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA&&
|
||||
#endif /* MBEDTLS_PK_CAN_ECDSA_SOME && MBEDTLS_MD_CAN_SHA384&&
|
||||
MBEDTLS_ECP_DP_SECP384R1_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) && \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
|
||||
defined(MBEDTLS_MD_CAN_SHA512) && \
|
||||
defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
|
||||
MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512,
|
||||
#endif /* MBEDTLS_PK_CAN_ECDSA_SOME && MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA&&
|
||||
#endif /* MBEDTLS_PK_CAN_ECDSA_SOME && MBEDTLS_MD_CAN_SHA384&&
|
||||
MBEDTLS_ECP_DP_SECP521R1_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
defined(MBEDTLS_MD_CAN_SHA512)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512,
|
||||
#endif \
|
||||
/* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA512 */
|
||||
|
||||
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
defined(MBEDTLS_MD_CAN_SHA384)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384,
|
||||
#endif \
|
||||
/* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA384 */
|
||||
|
||||
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
defined(MBEDTLS_MD_CAN_SHA256)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
|
||||
#endif \
|
||||
/* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA256 */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA512)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA512_C */
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA512 */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA384)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA384_C */
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA384 */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA256_C */
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 */
|
||||
|
||||
MBEDTLS_TLS_SIG_NONE
|
||||
};
|
||||
|
@ -5053,7 +5053,7 @@ static uint16_t ssl_preset_default_sig_algs[] = {
|
|||
/* NOTICE: see above */
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
static uint16_t ssl_tls12_preset_default_sig_algs[] = {
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA512),
|
||||
#endif
|
||||
|
@ -5063,8 +5063,8 @@ static uint16_t ssl_tls12_preset_default_sig_algs[] = {
|
|||
#if defined(MBEDTLS_RSA_C)
|
||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA512),
|
||||
#endif
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA512*/
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384),
|
||||
#endif
|
||||
|
@ -5074,8 +5074,8 @@ static uint16_t ssl_tls12_preset_default_sig_algs[] = {
|
|||
#if defined(MBEDTLS_RSA_C)
|
||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA384),
|
||||
#endif
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384*/
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256),
|
||||
#endif
|
||||
|
@ -5085,34 +5085,34 @@ static uint16_t ssl_tls12_preset_default_sig_algs[] = {
|
|||
#if defined(MBEDTLS_RSA_C)
|
||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA256),
|
||||
#endif
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256*/
|
||||
MBEDTLS_TLS_SIG_NONE
|
||||
};
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||
/* NOTICE: see above */
|
||||
static uint16_t ssl_preset_suiteb_sig_algs[] = {
|
||||
|
||||
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
|
||||
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \
|
||||
defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
|
||||
MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256,
|
||||
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA&&
|
||||
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_MD_CAN_SHA256&&
|
||||
MBEDTLS_ECP_DP_SECP256R1_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
|
||||
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_MD_CAN_SHA384) && \
|
||||
defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
|
||||
MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384,
|
||||
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA&&
|
||||
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_MD_CAN_SHA384&&
|
||||
MBEDTLS_ECP_DP_SECP384R1_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
defined(MBEDTLS_MD_CAN_SHA256)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
|
||||
#endif \
|
||||
/* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
/* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA256*/
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256*/
|
||||
|
||||
MBEDTLS_TLS_SIG_NONE
|
||||
};
|
||||
|
@ -5120,22 +5120,22 @@ static uint16_t ssl_preset_suiteb_sig_algs[] = {
|
|||
/* NOTICE: see above */
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = {
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256),
|
||||
#endif
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA256),
|
||||
#endif
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256*/
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384),
|
||||
#endif
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA384),
|
||||
#endif
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256*/
|
||||
MBEDTLS_TLS_SIG_NONE
|
||||
};
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||
|
@ -5481,27 +5481,27 @@ mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig)
|
|||
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash)
|
||||
{
|
||||
switch (hash) {
|
||||
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_MD5)
|
||||
case MBEDTLS_SSL_HASH_MD5:
|
||||
return MBEDTLS_MD_MD5;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
case MBEDTLS_SSL_HASH_SHA1:
|
||||
return MBEDTLS_MD_SHA1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA224)
|
||||
case MBEDTLS_SSL_HASH_SHA224:
|
||||
return MBEDTLS_MD_SHA224;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
case MBEDTLS_SSL_HASH_SHA256:
|
||||
return MBEDTLS_MD_SHA256;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
case MBEDTLS_SSL_HASH_SHA384:
|
||||
return MBEDTLS_MD_SHA384;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
case MBEDTLS_SSL_HASH_SHA512:
|
||||
return MBEDTLS_MD_SHA512;
|
||||
#endif
|
||||
|
@ -5516,27 +5516,27 @@ mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash)
|
|||
unsigned char mbedtls_ssl_hash_from_md_alg(int md)
|
||||
{
|
||||
switch (md) {
|
||||
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_MD5)
|
||||
case MBEDTLS_MD_MD5:
|
||||
return MBEDTLS_SSL_HASH_MD5;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
case MBEDTLS_MD_SHA1:
|
||||
return MBEDTLS_SSL_HASH_SHA1;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA224)
|
||||
case MBEDTLS_MD_SHA224:
|
||||
return MBEDTLS_SSL_HASH_SHA224;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
case MBEDTLS_MD_SHA256:
|
||||
return MBEDTLS_SSL_HASH_SHA256;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
case MBEDTLS_MD_SHA384:
|
||||
return MBEDTLS_SSL_HASH_SHA384;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
case MBEDTLS_MD_SHA512:
|
||||
return MBEDTLS_SSL_HASH_SHA512;
|
||||
#endif
|
||||
|
@ -5772,13 +5772,13 @@ int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl,
|
|||
*olen = 0;
|
||||
|
||||
switch (md) {
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
case MBEDTLS_MD_SHA384:
|
||||
hash_operation_to_clone = &ssl->handshake->fin_sha384_psa;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
case MBEDTLS_MD_SHA256:
|
||||
hash_operation_to_clone = &ssl->handshake->fin_sha256_psa;
|
||||
break;
|
||||
|
@ -5799,15 +5799,15 @@ int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
exit:
|
||||
#if !defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
|
||||
!defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if !defined(MBEDTLS_MD_CAN_SHA384) && \
|
||||
!defined(MBEDTLS_MD_CAN_SHA256)
|
||||
(void) ssl;
|
||||
#endif
|
||||
return PSA_TO_MBEDTLS_ERR(status);
|
||||
}
|
||||
#else /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_handshake_transcript_sha384(mbedtls_ssl_context *ssl,
|
||||
unsigned char *dst,
|
||||
|
@ -5843,9 +5843,9 @@ exit:
|
|||
mbedtls_md_free(&sha384);
|
||||
return ret;
|
||||
}
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384 */
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_get_handshake_transcript_sha256(mbedtls_ssl_context *ssl,
|
||||
unsigned char *dst,
|
||||
|
@ -5881,7 +5881,7 @@ exit:
|
|||
mbedtls_md_free(&sha256);
|
||||
return ret;
|
||||
}
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
|
||||
int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl,
|
||||
const mbedtls_md_type_t md,
|
||||
|
@ -5891,19 +5891,19 @@ int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl,
|
|||
{
|
||||
switch (md) {
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
case MBEDTLS_MD_SHA384:
|
||||
return ssl_get_handshake_transcript_sha384(ssl, dst, dst_len, olen);
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384*/
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
case MBEDTLS_MD_SHA256:
|
||||
return ssl_get_handshake_transcript_sha256(ssl, dst, dst_len, olen);
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256*/
|
||||
|
||||
default:
|
||||
#if !defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
|
||||
!defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if !defined(MBEDTLS_MD_CAN_SHA384) && \
|
||||
!defined(MBEDTLS_MD_CAN_SHA256)
|
||||
(void) ssl;
|
||||
(void) dst;
|
||||
(void) dst_len;
|
||||
|
@ -6169,8 +6169,8 @@ static int tls_prf_generic(mbedtls_md_type_t md_type,
|
|||
#else /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#if defined(MBEDTLS_MD_C) && \
|
||||
(defined(MBEDTLS_SHA256_C) || \
|
||||
defined(MBEDTLS_SHA384_C))
|
||||
(defined(MBEDTLS_MD_CAN_SHA256) || \
|
||||
defined(MBEDTLS_MD_CAN_SHA384))
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_generic(mbedtls_md_type_t md_type,
|
||||
const unsigned char *secret, size_t slen,
|
||||
|
@ -6274,10 +6274,10 @@ exit:
|
|||
|
||||
return ret;
|
||||
}
|
||||
#endif /* MBEDTLS_MD_C && ( MBEDTLS_SHA256_C || MBEDTLS_SHA384_C ) */
|
||||
#endif /* MBEDTLS_MD_C && ( MBEDTLS_MD_CAN_SHA256 || MBEDTLS_MD_CAN_SHA384 ) */
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_sha256(const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
|
@ -6287,9 +6287,9 @@ static int tls_prf_sha256(const unsigned char *secret, size_t slen,
|
|||
return tls_prf_generic(MBEDTLS_MD_SHA256, secret, slen,
|
||||
label, random, rlen, dstbuf, dlen);
|
||||
}
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256*/
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int tls_prf_sha384(const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
|
@ -6299,7 +6299,7 @@ static int tls_prf_sha384(const unsigned char *secret, size_t slen,
|
|||
return tls_prf_generic(MBEDTLS_MD_SHA384, secret, slen,
|
||||
label, random, rlen, dstbuf, dlen);
|
||||
}
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384*/
|
||||
|
||||
/*
|
||||
* Set appropriate PRF function and other SSL / TLS1.2 functions
|
||||
|
@ -6314,14 +6314,14 @@ MBEDTLS_CHECK_RETURN_CRITICAL
|
|||
static int ssl_set_handshake_prfs(mbedtls_ssl_handshake_params *handshake,
|
||||
mbedtls_md_type_t hash)
|
||||
{
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
if (hash == MBEDTLS_MD_SHA384) {
|
||||
handshake->tls_prf = tls_prf_sha384;
|
||||
handshake->calc_verify = ssl_calc_verify_tls_sha384;
|
||||
handshake->calc_finished = ssl_calc_finished_tls_sha384;
|
||||
} else
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
{
|
||||
(void) hash;
|
||||
handshake->tls_prf = tls_prf_sha256;
|
||||
|
@ -6611,12 +6611,12 @@ int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl)
|
|||
int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md)
|
||||
{
|
||||
switch (md) {
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
case MBEDTLS_SSL_HASH_SHA384:
|
||||
ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384;
|
||||
break;
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
case MBEDTLS_SSL_HASH_SHA256:
|
||||
ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256;
|
||||
break;
|
||||
|
@ -6624,14 +6624,14 @@ int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md)
|
|||
default:
|
||||
return -1;
|
||||
}
|
||||
#if !defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
|
||||
!defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if !defined(MBEDTLS_MD_CAN_SHA384) && \
|
||||
!defined(MBEDTLS_MD_CAN_SHA256)
|
||||
(void) ssl;
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
int ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *ssl,
|
||||
unsigned char *hash,
|
||||
size_t *hlen)
|
||||
|
@ -6691,9 +6691,9 @@ exit:
|
|||
return ret;
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
}
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
int ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *ssl,
|
||||
unsigned char *hash,
|
||||
size_t *hlen)
|
||||
|
@ -6753,7 +6753,7 @@ exit:
|
|||
return ret;
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
}
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384 */
|
||||
|
||||
#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
|
@ -7693,7 +7693,7 @@ exit:
|
|||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
static int ssl_calc_finished_tls_sha256(
|
||||
mbedtls_ssl_context *ssl, unsigned char *buf, int from)
|
||||
{
|
||||
|
@ -7780,10 +7780,10 @@ exit:
|
|||
return ret;
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
}
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256*/
|
||||
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
static int ssl_calc_finished_tls_sha384(
|
||||
mbedtls_ssl_context *ssl, unsigned char *buf, int from)
|
||||
{
|
||||
|
@ -7869,7 +7869,7 @@ exit:
|
|||
return ret;
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
}
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384*/
|
||||
|
||||
void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl)
|
||||
{
|
||||
|
@ -8161,20 +8161,20 @@ static tls_prf_fn ssl_tls12prf_from_cs(int ciphersuite_id)
|
|||
{
|
||||
const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
|
||||
mbedtls_ssl_ciphersuite_from_id(ciphersuite_id);
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
if (ciphersuite_info != NULL && ciphersuite_info->mac == MBEDTLS_MD_SHA384) {
|
||||
return tls_prf_sha384;
|
||||
} else
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
{
|
||||
if (ciphersuite_info != NULL && ciphersuite_info->mac == MBEDTLS_MD_SHA256) {
|
||||
return tls_prf_sha256;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#if !defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
|
||||
!defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if !defined(MBEDTLS_MD_CAN_SHA384) && \
|
||||
!defined(MBEDTLS_MD_CAN_SHA256)
|
||||
(void) ciphersuite_info;
|
||||
#endif
|
||||
|
||||
|
@ -8185,12 +8185,12 @@ static tls_prf_fn ssl_tls12prf_from_cs(int ciphersuite_id)
|
|||
static mbedtls_tls_prf_types tls_prf_get_type(mbedtls_ssl_tls_prf_cb *tls_prf)
|
||||
{
|
||||
((void) tls_prf);
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
if (tls_prf == tls_prf_sha384) {
|
||||
return MBEDTLS_SSL_TLS_PRF_SHA384;
|
||||
} else
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
if (tls_prf == tls_prf_sha256) {
|
||||
return MBEDTLS_SSL_TLS_PRF_SHA256;
|
||||
} else
|
||||
|
|
|
@ -17,8 +17,8 @@
|
|||
defined(MBEDTLS_ENTROPY_C) && \
|
||||
defined(MBEDTLS_CTR_DRBG_C) && \
|
||||
defined(MBEDTLS_TIMING_C) && \
|
||||
(defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) || \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
|
||||
(defined(MBEDTLS_MD_CAN_SHA384) || \
|
||||
defined(MBEDTLS_MD_CAN_SHA256))
|
||||
const char *pers = "fuzz_dtlsserver";
|
||||
const unsigned char client_ip[4] = { 0x7F, 0, 0, 1 };
|
||||
static int initialized = 0;
|
||||
|
@ -36,8 +36,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
|
|||
defined(MBEDTLS_ENTROPY_C) && \
|
||||
defined(MBEDTLS_CTR_DRBG_C) && \
|
||||
defined(MBEDTLS_TIMING_C) && \
|
||||
(defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) || \
|
||||
defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
|
||||
(defined(MBEDTLS_MD_CAN_SHA384) || \
|
||||
defined(MBEDTLS_MD_CAN_SHA256))
|
||||
int ret;
|
||||
size_t len;
|
||||
mbedtls_ssl_context ssl;
|
||||
|
|
|
@ -1463,11 +1463,11 @@ usage:
|
|||
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
|
||||
if (opt.psk_opaque != 0) {
|
||||
/* Determine KDF algorithm the opaque PSK will be used in. */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) {
|
||||
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
|
||||
} else
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384 */
|
||||
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
|
||||
|
|
|
@ -2338,11 +2338,11 @@ usage:
|
|||
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
|
||||
if (opt.psk_opaque != 0 || opt.psk_list_opaque != 0) {
|
||||
/* Determine KDF algorithm the opaque PSK will be used in. */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) {
|
||||
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
|
||||
} else
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA384 */
|
||||
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
|
||||
|
|
|
@ -304,22 +304,22 @@ int send_cb(void *ctx, unsigned char const *buf, size_t len)
|
|||
#endif
|
||||
|
||||
uint16_t ssl_sig_algs_for_test[] = {
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA512)
|
||||
MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA512)
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA384)
|
||||
MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA384)
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA256)
|
||||
#endif
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA224)
|
||||
MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA224)
|
||||
#endif
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
/* Allow SHA-1 as we use it extensively in tests. */
|
||||
MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA1)
|
||||
#endif
|
||||
|
|
|
@ -124,9 +124,9 @@ int rng_seed(rng_context_t *rng, int reproducible, const char *pers)
|
|||
(const unsigned char *) pers,
|
||||
strlen(pers));
|
||||
#elif defined(MBEDTLS_HMAC_DRBG_C)
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256;
|
||||
#elif defined(MBEDTLS_SHA512_C)
|
||||
#elif defined(MBEDTLS_MD_CAN_SHA512)
|
||||
const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA512;
|
||||
#else
|
||||
#error "No message digest available for HMAC_DRBG"
|
||||
|
|
|
@ -32,7 +32,7 @@
|
|||
#elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
|
||||
#define HAVE_RNG
|
||||
#elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) && \
|
||||
(defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C))
|
||||
(defined(MBEDTLS_MD_CAN_SHA256) || defined(MBEDTLS_MD_CAN_SHA512))
|
||||
#define HAVE_RNG
|
||||
#endif
|
||||
|
||||
|
|
|
@ -1569,13 +1569,13 @@ const size_t mbedtls_test_cli_crt_ec_len =
|
|||
* Dispatch between SHA-1 and SHA-256
|
||||
*/
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
#define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA256
|
||||
#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA256
|
||||
#else
|
||||
#define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA1
|
||||
#define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA1
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
|
||||
const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA;
|
||||
const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA;
|
||||
|
@ -1674,10 +1674,10 @@ const size_t mbedtls_test_cli_crt_len =
|
|||
|
||||
/* List of CAs in PEM or DER, depending on config */
|
||||
const char *mbedtls_test_cas[] = {
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1)
|
||||
mbedtls_test_ca_crt_rsa_sha1,
|
||||
#endif
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
|
||||
mbedtls_test_ca_crt_rsa_sha256,
|
||||
#endif
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
|
@ -1686,10 +1686,10 @@ const char *mbedtls_test_cas[] = {
|
|||
NULL
|
||||
};
|
||||
const size_t mbedtls_test_cas_len[] = {
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1)
|
||||
sizeof(mbedtls_test_ca_crt_rsa_sha1),
|
||||
#endif
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256)
|
||||
sizeof(mbedtls_test_ca_crt_rsa_sha256),
|
||||
#endif
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
|
@ -1701,12 +1701,12 @@ const size_t mbedtls_test_cas_len[] = {
|
|||
/* List of all available CA certificates in DER format */
|
||||
const unsigned char *mbedtls_test_cas_der[] = {
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
mbedtls_test_ca_crt_rsa_sha256_der,
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
mbedtls_test_ca_crt_rsa_sha1_der,
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA1 */
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
mbedtls_test_ca_crt_ec_der,
|
||||
|
@ -1716,12 +1716,12 @@ const unsigned char *mbedtls_test_cas_der[] = {
|
|||
|
||||
const size_t mbedtls_test_cas_der_len[] = {
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
sizeof(mbedtls_test_ca_crt_rsa_sha256_der),
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
sizeof(mbedtls_test_ca_crt_rsa_sha1_der),
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA1 */
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
sizeof(mbedtls_test_ca_crt_ec_der),
|
||||
|
@ -1733,12 +1733,12 @@ const size_t mbedtls_test_cas_der_len[] = {
|
|||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
const char mbedtls_test_cas_pem[] =
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#if defined(MBEDTLS_MD_CAN_SHA256)
|
||||
TEST_CA_CRT_RSA_SHA256_PEM
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
#endif /* MBEDTLS_MD_CAN_SHA256 */
|
||||
#if defined(MBEDTLS_MD_CAN_SHA1)
|
||||
TEST_CA_CRT_RSA_SHA1_PEM
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
#endif /* MBEDTLS_MD_CAN_SHA1 */
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
|
||||
TEST_CA_CRT_EC_PEM
|
||||
|
|
|
@ -1,15 +1,15 @@
|
|||
Constant-flow HMAC: MD5
|
||||
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
depends_on:MBEDTLS_MD_CAN_MD5
|
||||
ssl_cf_hmac:MBEDTLS_MD_MD5
|
||||
|
||||
Constant-flow HMAC: SHA1
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
depends_on:MBEDTLS_MD_CAN_SHA1
|
||||
ssl_cf_hmac:MBEDTLS_MD_SHA1
|
||||
|
||||
Constant-flow HMAC: SHA256
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
depends_on:MBEDTLS_MD_CAN_SHA256
|
||||
ssl_cf_hmac:MBEDTLS_MD_SHA256
|
||||
|
||||
Constant-flow HMAC: SHA384
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
depends_on:MBEDTLS_MD_CAN_SHA384
|
||||
ssl_cf_hmac:MBEDTLS_MD_SHA384
|
||||
|
|
|
@ -59,9 +59,9 @@ Debug print mbedtls_mpi: 764 bits #2
|
|||
mbedtls_debug_print_mpi:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
|
||||
|
||||
Debug print certificate #1 (RSA)
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:!MBEDTLS_X509_REMOVE_INFO
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO
|
||||
mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n"
|
||||
|
||||
Debug print certificate #2 (EC)
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:!MBEDTLS_X509_REMOVE_INFO
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO
|
||||
mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n"
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -1948,7 +1948,7 @@ void ssl_tls13_create_psk_binder(int hash_alg,
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_MD_CAN_SHA256 */
|
||||
void ssl_tls13_record_protection(int ciphersuite,
|
||||
int endpoint,
|
||||
int ctr,
|
||||
|
@ -2485,7 +2485,7 @@ void ssl_session_serialize_version_check(int corrupt_major,
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256 */
|
||||
void mbedtls_endpoint_sanity(int endpoint_type)
|
||||
{
|
||||
enum { BUFFSIZE = 1024 };
|
||||
|
@ -2513,7 +2513,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_C */
|
||||
void move_handshake_to_state(int endpoint_type, int state, int need_pass)
|
||||
{
|
||||
enum { BUFFSIZE = 1024 };
|
||||
|
@ -2567,7 +2567,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
void handshake_version(int dtls, int client_min_version, int client_max_version,
|
||||
int server_min_version, int server_max_version,
|
||||
int expected_negotiated_version)
|
||||
|
@ -2592,7 +2592,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 */
|
||||
void handshake_psk_cipher(char *cipher, int pk_alg, data_t *psk_str, int dtls)
|
||||
{
|
||||
mbedtls_test_handshake_test_options options;
|
||||
|
@ -2613,7 +2613,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 */
|
||||
void handshake_cipher(char *cipher, int pk_alg, int dtls)
|
||||
{
|
||||
test_handshake_psk_cipher(cipher, pk_alg, NULL, dtls);
|
||||
|
@ -2623,7 +2623,7 @@ void handshake_cipher(char *cipher, int pk_alg, int dtls)
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 */
|
||||
void handshake_ciphersuite_select(char *cipher, int pk_alg, data_t *psk_str,
|
||||
int psa_alg, int psa_alg2, int psa_usage,
|
||||
int expected_handshake_result,
|
||||
|
@ -2650,7 +2650,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */
|
||||
void app_data(int mfl, int cli_msg_len, int srv_msg_len,
|
||||
int expected_cli_fragments,
|
||||
int expected_srv_fragments, int dtls)
|
||||
|
@ -2678,7 +2678,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
void app_data_tls(int mfl, int cli_msg_len, int srv_msg_len,
|
||||
int expected_cli_fragments,
|
||||
int expected_srv_fragments)
|
||||
|
@ -2690,7 +2690,7 @@ void app_data_tls(int mfl, int cli_msg_len, int srv_msg_len,
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
void app_data_dtls(int mfl, int cli_msg_len, int srv_msg_len,
|
||||
int expected_cli_fragments,
|
||||
int expected_srv_fragments)
|
||||
|
@ -2702,7 +2702,7 @@ void app_data_dtls(int mfl, int cli_msg_len, int srv_msg_len,
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
void handshake_serialization()
|
||||
{
|
||||
mbedtls_test_handshake_test_options options;
|
||||
|
@ -2718,7 +2718,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||
void handshake_fragmentation(int mfl,
|
||||
int expected_srv_hs_fragmentation,
|
||||
int expected_cli_hs_fragmentation)
|
||||
|
@ -2757,7 +2757,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
void renegotiation(int legacy_renegotiation)
|
||||
{
|
||||
mbedtls_test_handshake_test_options options;
|
||||
|
@ -2776,7 +2776,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */
|
||||
void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation,
|
||||
int serialize, int dtls, char *cipher)
|
||||
{
|
||||
|
@ -2800,7 +2800,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
void resize_buffers_serialize_mfl(int mfl)
|
||||
{
|
||||
test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1,
|
||||
|
@ -2811,7 +2811,7 @@ void resize_buffers_serialize_mfl(int mfl)
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
|
||||
void resize_buffers_renegotiate_mfl(int mfl, int legacy_renegotiation,
|
||||
char *cipher)
|
||||
{
|
||||
|
@ -3038,7 +3038,7 @@ void conf_group()
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_CACHE_C:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_DEBUG_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_CACHE_C:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_DEBUG_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256 */
|
||||
void force_bad_session_id_len()
|
||||
{
|
||||
enum { BUFFSIZE = 1024 };
|
||||
|
|
Loading…
Reference in a new issue