test: pake: allow opaque password only when USE_PSA is enabled
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit is contained in:
parent
e7518ba28e
commit
d6feb20869
2 changed files with 26 additions and 4 deletions
|
@ -319,12 +319,17 @@ int main( void )
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
#define USAGE_ECJPAKE \
|
#define USAGE_ECJPAKE \
|
||||||
" ecjpake_pw=%%s default: none (disabled)\n" \
|
" ecjpake_pw=%%s default: none (disabled)\n" \
|
||||||
" ecjpake_pw_opaque=%%d default: 0 (disabled)\n"
|
" ecjpake_pw_opaque=%%d default: 0 (disabled)\n"
|
||||||
#else
|
#else /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
#define USAGE_ECJPAKE \
|
||||||
|
" ecjpake_pw=%%s default: none (disabled)\n"
|
||||||
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
#else /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||||
#define USAGE_ECJPAKE ""
|
#define USAGE_ECJPAKE ""
|
||||||
#endif
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
#if defined(MBEDTLS_ECP_RESTARTABLE)
|
||||||
#define USAGE_ECRESTART \
|
#define USAGE_ECRESTART \
|
||||||
|
@ -494,7 +499,9 @@ struct options
|
||||||
const char *psk; /* the pre-shared key */
|
const char *psk; /* the pre-shared key */
|
||||||
const char *psk_identity; /* the pre-shared key identity */
|
const char *psk_identity; /* the pre-shared key identity */
|
||||||
const char *ecjpake_pw; /* the EC J-PAKE password */
|
const char *ecjpake_pw; /* the EC J-PAKE password */
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
int ecjpake_pw_opaque; /* set to 1 to use the opaque method for setting the password */
|
int ecjpake_pw_opaque; /* set to 1 to use the opaque method for setting the password */
|
||||||
|
#endif
|
||||||
int ec_max_ops; /* EC consecutive operations limit */
|
int ec_max_ops; /* EC consecutive operations limit */
|
||||||
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
|
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||||
|
@ -926,7 +933,9 @@ int main( int argc, char *argv[] )
|
||||||
#endif
|
#endif
|
||||||
opt.psk_identity = DFL_PSK_IDENTITY;
|
opt.psk_identity = DFL_PSK_IDENTITY;
|
||||||
opt.ecjpake_pw = DFL_ECJPAKE_PW;
|
opt.ecjpake_pw = DFL_ECJPAKE_PW;
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
opt.ecjpake_pw_opaque = DFL_ECJPAKE_PW_OPAQUE;
|
opt.ecjpake_pw_opaque = DFL_ECJPAKE_PW_OPAQUE;
|
||||||
|
#endif
|
||||||
opt.ec_max_ops = DFL_EC_MAX_OPS;
|
opt.ec_max_ops = DFL_EC_MAX_OPS;
|
||||||
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
|
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||||
|
@ -1102,8 +1111,10 @@ int main( int argc, char *argv[] )
|
||||||
opt.psk_identity = q;
|
opt.psk_identity = q;
|
||||||
else if( strcmp( p, "ecjpake_pw" ) == 0 )
|
else if( strcmp( p, "ecjpake_pw" ) == 0 )
|
||||||
opt.ecjpake_pw = q;
|
opt.ecjpake_pw = q;
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
else if( strcmp( p, "ecjpake_pw_opaque" ) == 0 )
|
else if( strcmp( p, "ecjpake_pw_opaque" ) == 0 )
|
||||||
opt.ecjpake_pw_opaque = atoi( q );
|
opt.ecjpake_pw_opaque = atoi( q );
|
||||||
|
#endif
|
||||||
else if( strcmp( p, "ec_max_ops" ) == 0 )
|
else if( strcmp( p, "ec_max_ops" ) == 0 )
|
||||||
opt.ec_max_ops = atoi( q );
|
opt.ec_max_ops = atoi( q );
|
||||||
else if( strcmp( p, "force_ciphersuite" ) == 0 )
|
else if( strcmp( p, "force_ciphersuite" ) == 0 )
|
||||||
|
|
|
@ -419,12 +419,17 @@ int main( void )
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
#define USAGE_ECJPAKE \
|
#define USAGE_ECJPAKE \
|
||||||
" ecjpake_pw=%%s default: none (disabled)\n" \
|
" ecjpake_pw=%%s default: none (disabled)\n" \
|
||||||
" ecjpake_pw_opaque=%%d default: 0 (disabled)\n"
|
" ecjpake_pw_opaque=%%d default: 0 (disabled)\n"
|
||||||
#else
|
#else /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
#define USAGE_ECJPAKE \
|
||||||
|
" ecjpake_pw=%%s default: none (disabled)\n"
|
||||||
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
#else /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||||
#define USAGE_ECJPAKE ""
|
#define USAGE_ECJPAKE ""
|
||||||
#endif
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECP_C)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
#define USAGE_CURVES \
|
#define USAGE_CURVES \
|
||||||
|
@ -623,7 +628,9 @@ struct options
|
||||||
const char *psk_identity; /* the pre-shared key identity */
|
const char *psk_identity; /* the pre-shared key identity */
|
||||||
char *psk_list; /* list of PSK id/key pairs for callback */
|
char *psk_list; /* list of PSK id/key pairs for callback */
|
||||||
const char *ecjpake_pw; /* the EC J-PAKE password */
|
const char *ecjpake_pw; /* the EC J-PAKE password */
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
int ecjpake_pw_opaque; /* set to 1 to use the opaque method for setting the password */
|
int ecjpake_pw_opaque; /* set to 1 to use the opaque method for setting the password */
|
||||||
|
#endif
|
||||||
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
|
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||||
int tls13_kex_modes; /* supported TLS 1.3 key exchange modes */
|
int tls13_kex_modes; /* supported TLS 1.3 key exchange modes */
|
||||||
|
@ -1668,7 +1675,9 @@ int main( int argc, char *argv[] )
|
||||||
opt.psk_identity = DFL_PSK_IDENTITY;
|
opt.psk_identity = DFL_PSK_IDENTITY;
|
||||||
opt.psk_list = DFL_PSK_LIST;
|
opt.psk_list = DFL_PSK_LIST;
|
||||||
opt.ecjpake_pw = DFL_ECJPAKE_PW;
|
opt.ecjpake_pw = DFL_ECJPAKE_PW;
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
opt.ecjpake_pw_opaque = DFL_ECJPAKE_PW_OPAQUE;
|
opt.ecjpake_pw_opaque = DFL_ECJPAKE_PW_OPAQUE;
|
||||||
|
#endif
|
||||||
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
|
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||||
opt.tls13_kex_modes = DFL_TLS1_3_KEX_MODES;
|
opt.tls13_kex_modes = DFL_TLS1_3_KEX_MODES;
|
||||||
|
@ -1872,8 +1881,10 @@ int main( int argc, char *argv[] )
|
||||||
opt.psk_list = q;
|
opt.psk_list = q;
|
||||||
else if( strcmp( p, "ecjpake_pw" ) == 0 )
|
else if( strcmp( p, "ecjpake_pw" ) == 0 )
|
||||||
opt.ecjpake_pw = q;
|
opt.ecjpake_pw = q;
|
||||||
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||||
else if( strcmp( p, "ecjpake_pw_opaque" ) == 0 )
|
else if( strcmp( p, "ecjpake_pw_opaque" ) == 0 )
|
||||||
opt.ecjpake_pw_opaque = atoi( q );
|
opt.ecjpake_pw_opaque = atoi( q );
|
||||||
|
#endif
|
||||||
else if( strcmp( p, "force_ciphersuite" ) == 0 )
|
else if( strcmp( p, "force_ciphersuite" ) == 0 )
|
||||||
{
|
{
|
||||||
opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q );
|
opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q );
|
||||||
|
|
Loading…
Reference in a new issue