mbedtls

Author	SHA1	Message	Date
Xiaokang Qian	e0cc584f70	Change result strings based on actula psk test result Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	df6a3891e8	Add client psk test cases for all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	a39d0d5e2b	Add client test cases for ephemeral_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	01173c21b1	Add client test cases for ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	ff5705bdd7	Add client test cases for psk_ephemeral mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	73894232e8	Add client test cases for psk_all mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:33 +00:00
Xiaokang Qian	cf6442e2e4	Add client test cases for psk mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-09-23 01:49:30 +00:00
XiaokangQian	335cfaadf9	Finalize client side code for psk Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-09-23 01:48:26 +00:00
Jerry Yu	40b4a01388	Improve documents Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-22 23:48:38 +08:00
Jerry Yu	359e65f784	limit session ticket number when resumption Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-22 23:47:43 +08:00
Jerry Yu	f3bdf9dd51	fix various issues - improve document about configuration item. - format issue - variable type issue. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-22 23:47:14 +08:00
Gilles Peskine	07ba2be20b	Merge pull request #6304 from yuhaoth/pr/exclude-pre_shared_key-from-hrr-msg TLS 1.3: PSK: Exclude pre_shared_key for HRR	2022-09-22 10:21:06 +02:00
Manuel Pégourié-Gonnard	1475ac49a4	Merge pull request #6107 from Zaya-dyno/validation_remove_change_hash Validation remove change hash	2022-09-22 09:24:44 +02:00
Manuel Pégourié-Gonnard	d5c82fb821	Merge pull request #6085 from Zaya-dyno/validation_remove_change_cipher Validation remove and change in files related to cipher in library	2022-09-22 09:10:13 +02:00
Jerry Yu	b7e3fa7fbd	move count decrement after success sent Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-22 13:21:29 +08:00
Jerry Yu	d0766eca58	fix various issues - Improve comments - Align count variable name to `new_session_tickets_count` - move tickets_count init to handshake init Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-22 13:21:29 +08:00
Jerry Yu	9370612312	remove certificate setting from psk_ephemeral HRR test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-21 22:44:24 +08:00
Manuel Pégourié-Gonnard	e5833c182c	Merge pull request #6300 from davidhorstmann-arm/syntax-highlighting-function-files Use GitHub C syntax highlighting on test files	2022-09-21 10:52:14 +02:00
Manuel Pégourié-Gonnard	d433cd7d07	Merge pull request #6283 from mpg/driver-only-hashes-wrap-up Driver only hashes wrap-up	2022-09-21 08:29:46 +02:00
Jerry Yu	2db49df44b	Add psk_ephemeral HRR tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-21 11:03:28 +08:00
Dave Rodgman	36e1d9ef1d	Merge pull request #6203 from wernerlewis/ecp_group_test Add test for ECP group metadata	2022-09-20 17:35:53 +01:00
Ronald Cron	50969e3af5	ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 15:57:57 +02:00
David Horstmann	b5d884815c	Use GitHub C syntax highlighting on test files Add a .gitattributes file that tells GitHub to highlight all .function files as if they were .c files. This aids in reviewing changes to tests. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-09-20 13:31:23 +01:00
Ronald Cron	277cdcbcde	ssl-opt.sh: tls13 opaque key: Enable client authentication Enable client authentication in TLS 1.3 opaque key tests to use the opaque key on client side. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	e3196d270c	ssl-opt.sh: tls13 opaque key: Do not force version on client side Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	6ec2123bf3	ssl-opt.sh: Align prefix of TLS 1.3 opaque key tests Align prefix of TLS 1.3 opaque key tests with the prefix of the othe TLS 1.3 tests. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	067a1e735e	tls13: Try reasonable sig alg for CertificateVerify signature Instead of fully validating beforehand signature algorithms with regards to the private key, do minimum validation and then just try to compute the signature. If it fails try another reasonable algorithm if any. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:30:13 +02:00
Ronald Cron	38391bf9b6	tls13: Do not impose minimum hash size for RSA PSS signatures When providing proof of possession of an RSA private key, allow the usage for RSA PSS signatures of a hash with a security level lower that the security level of the RSA private key. We did not allow this in the first place to align with the ECDSA case. But as it is not mandated by the TLS 1.3 specification (in contrary to ECDSA), let's allow it. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:29:41 +02:00
Ronald Cron	67ea2543ed	tls13: server: Add sig alg checks when selecting best certificate When selecting the server certificate based on the signature algorithms supported by the client, check the signature algorithms as close as possible to the way they are checked to compute the signature for the server to prove it possesses the private key associated to the certificate. That way we minimize the odds of selecting a certificate for which the server will not be able to compute the signature to prove it possesses the private key associated to the certificate. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 14:26:32 +02:00
Werner Lewis	05feee1841	Restore vbuf value after modification Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 12:05:58 +01:00
Werner Lewis	ccae25b4bf	Add explicit mbedtls_ecp_tls_read_group_id call Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 10:00:07 +01:00
Werner Lewis	7403d93f8a	Add leading zeros to group metadata Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 09:41:05 +01:00
Werner Lewis	57807308d5	Fix typo in MBEDTLS_ECP_DP_BP512R1 Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-20 09:16:11 +01:00
Manuel Pégourié-Gonnard	b4e28aa2f7	Fix two typos Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 11:55:00 +02:00
Manuel Pégourié-Gonnard	1367f40d38	Fix memory corruption in an SSL test function Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 11:00:23 +02:00
Manuel Pégourié-Gonnard	3c16abebd4	Fix dependencies of KEY_EXCHANGE_ECJPAKE The EC J-PAKE module the ability to "fall back" to PSA when MD is not present a few PRs ago, but the dependency of this key exchange on SHA-256 wasn't updated at the time. (Note: the crypto primitive doesn't depend on SHA-256, only its use in the TLS key exchange does.) Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 10:47:05 +02:00
Manuel Pégourié-Gonnard	73f9233a73	Use full config for testing driver-only hashes Stating from the default config means a few things are implicitly excluded; starting from the full config makes it all fully explicit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 10:47:05 +02:00
Manuel Pégourié-Gonnard	79e1467799	Fix include path for programs Same problem as #6101, same fix (the second commit of #6111). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 09:27:53 +02:00
Jerry Yu	7a51305478	Add multi-session tickets test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-19 14:26:07 +08:00
Jerry Yu	d4e7500a07	Enable multi session tickets on Server Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-19 14:24:03 +08:00
Jerry Yu	1ad7ace6b7	Add conf new session tickets Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-19 14:22:21 +08:00
Ronald Cron	be0224aef3	Merge pull request #6167 from yuhaoth/pr/finalize-tls13-session-tickets	2022-09-18 21:18:13 +02:00
Gilles Peskine	1716f06ee3	Merge pull request #6093 from wernerlewis/bignum_test_script Add bignum test case generation script	2022-09-17 10:37:26 +02:00
Andrzej Kurek	7763829c5c	Add missing ifdef when calculating operation capacity Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 12:24:52 -04:00
Werner Lewis	c2fb540c67	Use a script specific description in CLI help Previous changes used the docstring of the test_generation module, which does not inform a user about the script. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-09-16 17:03:54 +01:00
Andrzej Kurek	3c4c514302	Remove `PSA_ALG_IS_TLS12_ECJPAKE_TO_PMS` Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 07:24:14 -04:00
Andrzej Kurek	1fafb1f778	Documentation clarifications for ECJPAKE-to-PMS Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 07:19:49 -04:00
Manuel Pégourié-Gonnard	1be45825ab	Remove useless guard around include Including a header is harmless, so we can include do it unconditionally. The condition was wrong, should have been USE_PSA \|\| PROTO_TLS1_3. If we just fixed to condition, then we would need to make sure things like: #define MBEDTLS_TLS1_3_MD_MAX_SIZE PSA_HASH_MAX_SIZE are also guarded, which is useless (extra defines are harmless) and annoying, so just remove the condition altogether. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 13:18:36 +02:00
Andrzej Kurek	2be1689504	Add capacity testing to EC J-PAKE to PMS tests Let the caller restrict the capacity but limit it to 32 bytes. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 07:14:04 -04:00
Andrzej Kurek	b093650033	Add proper capacity calculation for EC J-PAKE to PMS KDF Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 07:13:00 -04:00

1 2 3 4 5 ...

21283 commits