Merge pull request #6638 from ronald-cron-arm/tls13-misc
TLS 1.3: Adjustments for the coming release
This commit is contained in:
commit
d8603a7b44
3 changed files with 12 additions and 2 deletions
|
@ -1648,7 +1648,7 @@
|
||||||
* production.
|
* production.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
#define MBEDTLS_SSL_EARLY_DATA
|
//#define MBEDTLS_SSL_EARLY_DATA
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \def MBEDTLS_SSL_PROTO_DTLS
|
* \def MBEDTLS_SSL_PROTO_DTLS
|
||||||
|
|
|
@ -96,7 +96,10 @@
|
||||||
/* Error space gap */
|
/* Error space gap */
|
||||||
/** Processing of the Certificate handshake message failed. */
|
/** Processing of the Certificate handshake message failed. */
|
||||||
#define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00
|
#define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00
|
||||||
/** Received NewSessionTicket Post Handshake Message */
|
/**
|
||||||
|
* Received NewSessionTicket Post Handshake Message.
|
||||||
|
* This error code is experimental and may be changed or removed without notice.
|
||||||
|
*/
|
||||||
#define MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET -0x7B00
|
#define MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET -0x7B00
|
||||||
/* Error space gap */
|
/* Error space gap */
|
||||||
/* Error space gap */
|
/* Error space gap */
|
||||||
|
|
|
@ -3250,6 +3250,7 @@ component_build_armcc () {
|
||||||
|
|
||||||
component_test_tls13_only () {
|
component_test_tls13_only () {
|
||||||
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3, without MBEDTLS_SSL_PROTO_TLS1_2"
|
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3, without MBEDTLS_SSL_PROTO_TLS1_2"
|
||||||
|
scripts/config.py set MBEDTLS_SSL_EARLY_DATA
|
||||||
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
||||||
|
|
||||||
msg "test: TLS 1.3 only, all key exchange modes enabled"
|
msg "test: TLS 1.3 only, all key exchange modes enabled"
|
||||||
|
@ -3269,6 +3270,7 @@ component_test_tls13_only_psk () {
|
||||||
scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
|
scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
|
||||||
scripts/config.py unset MBEDTLS_ECDSA_C
|
scripts/config.py unset MBEDTLS_ECDSA_C
|
||||||
scripts/config.py unset MBEDTLS_PKCS1_V21
|
scripts/config.py unset MBEDTLS_PKCS1_V21
|
||||||
|
scripts/config.py set MBEDTLS_SSL_EARLY_DATA
|
||||||
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
||||||
|
|
||||||
msg "test_suite_ssl: TLS 1.3 only, only PSK key exchange mode enabled"
|
msg "test_suite_ssl: TLS 1.3 only, only PSK key exchange mode enabled"
|
||||||
|
@ -3301,6 +3303,7 @@ component_test_tls13_only_psk_ephemeral () {
|
||||||
scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
|
scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
|
||||||
scripts/config.py unset MBEDTLS_ECDSA_C
|
scripts/config.py unset MBEDTLS_ECDSA_C
|
||||||
scripts/config.py unset MBEDTLS_PKCS1_V21
|
scripts/config.py unset MBEDTLS_PKCS1_V21
|
||||||
|
scripts/config.py set MBEDTLS_SSL_EARLY_DATA
|
||||||
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
||||||
|
|
||||||
msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral key exchange mode"
|
msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral key exchange mode"
|
||||||
|
@ -3318,6 +3321,7 @@ component_test_tls13_only_psk_all () {
|
||||||
scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
|
scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
|
||||||
scripts/config.py unset MBEDTLS_ECDSA_C
|
scripts/config.py unset MBEDTLS_ECDSA_C
|
||||||
scripts/config.py unset MBEDTLS_PKCS1_V21
|
scripts/config.py unset MBEDTLS_PKCS1_V21
|
||||||
|
scripts/config.py set MBEDTLS_SSL_EARLY_DATA
|
||||||
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
||||||
|
|
||||||
msg "test_suite_ssl: TLS 1.3 only, PSK and PSK ephemeral key exchange modes"
|
msg "test_suite_ssl: TLS 1.3 only, PSK and PSK ephemeral key exchange modes"
|
||||||
|
@ -3330,6 +3334,7 @@ component_test_tls13_only_psk_all () {
|
||||||
component_test_tls13_only_ephemeral_all () {
|
component_test_tls13_only_ephemeral_all () {
|
||||||
msg "build: TLS 1.3 only from default, without PSK key exchange mode"
|
msg "build: TLS 1.3 only from default, without PSK key exchange mode"
|
||||||
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
|
||||||
|
scripts/config.py set MBEDTLS_SSL_EARLY_DATA
|
||||||
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
|
||||||
|
|
||||||
msg "test_suite_ssl: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes"
|
msg "test_suite_ssl: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes"
|
||||||
|
@ -3344,6 +3349,7 @@ component_test_tls13 () {
|
||||||
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
|
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||||
scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
|
scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
|
||||||
|
scripts/config.py set MBEDTLS_SSL_EARLY_DATA
|
||||||
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
make
|
make
|
||||||
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
|
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
|
||||||
|
@ -3357,6 +3363,7 @@ component_test_tls13_no_compatibility_mode () {
|
||||||
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
|
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||||
scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
|
scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
|
||||||
|
scripts/config.py set MBEDTLS_SSL_EARLY_DATA
|
||||||
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
make
|
make
|
||||||
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
|
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
|
||||||
|
|
Loading…
Reference in a new issue