yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
25856 commits 1 branch 0 tags 94 MiB
Commit graph

116 commits

Author SHA1 Message Date
Przemek Stekiel
3484db4ce7 Change ffdh testing strategy 
- Full tests generated by script only for ffdhe2048 group
- Single G->m and m->G exchange test for each other group

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-28 13:31:38 +02:00
Przemek Stekiel
c31a798f45 Replace MBEDTLS_ECDH_C dependency in ssl-opt tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-27 10:58:50 +02:00
Przemek Stekiel
8bfe897ab0 Add ssl-opt functions to check openssl with ffdh support and openssl ephemeral key exchange 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-26 16:33:00 +02:00
Przemek Stekiel
6d00c67d89 Allow second run for ffdhe8192 ssl-opt tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-25 21:14:39 +02:00
Przemek Stekiel
1f5c2ba495 Add missing ECDH dependencies in ssl-opt tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-15 17:07:16 +02:00
Przemek Stekiel
a53dca125e Limit number ffdh test cases (ffdhe2048, ffdhe8192) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-14 20:53:09 +02:00
Przemek Stekiel
422ab1f835 Add FFDH tests to ssl-opt 
Add FFDH support to the test case generator script: generate_tls13_compat_tests.py.
Add dependency for openssl as FFDH is supported from version 3.0.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-14 11:04:28 +02:00
Ronald Cron
50ae84ed97 ssl-opt.sh: Remove some unnecessary forcing of TLS 1.3 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:18 +02:00
Xiaokang Qian
0de0d863b6 Rebase code to restore reco-delay and fix some style issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 07:41:42 +00:00
Xiaokang Qian
57a138d5c3 Update message log for end of early data test cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:44:00 +00:00
Xiaokang Qian
7ed30e59af Fix the issue that gnutls server doesn't support packet 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:44:00 +00:00
Xiaokang Qian
94dd1dd6fa Update test case to indicate parsing of end of early data 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:43:59 +00:00
Xiaokang Qian
125afcb060 Add end-of-early-data write 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-02-08 05:43:58 +00:00
Pengyu Lv
2bfd716293 simplify test case dependencies and test commands 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-01-16 13:44:10 +08:00
Pengyu Lv
c1334d934c correct test case dependencies 
Now the config dependencies used for ticket_flags
test cases are TLS 1.2 specified. Correct them to
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_*

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-01-13 11:06:01 +08:00
Pengyu Lv
06cf66d2ab unroll test cases to improve coverage of check_test_cases in all.sh 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-01-13 11:05:58 +08:00
Pengyu Lv
302feb3955 add cases to test session resumption with different ticket_flags 
This commit add test cases to test if the check of kex change mode
in SessionTicket works well.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-01-13 11:05:56 +08:00
Jerry Yu
a15af37867 Change time resolution of reco_delay from second to millionseconds 
Per gnutls anti replay issue, it needs millionsecond time delay for
improve the fail rate.

From test result of #6712, this can improve the fail rate from 4%
to 92%.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-01-07 13:01:42 +08:00
Jerry Yu
f05b6eed0c Revert "Skip early data basic check temp" 
This reverts commit 4e83173bb7.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-01-07 13:01:42 +08:00
Ronald Cron
f5b4706974 TLS 1.3: Fix some test dependencies 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-12-15 13:46:23 +01:00
Xiaokang Qian
8bee89994d Add parse function for early data in encrypted extentions 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-22 09:40:07 +00:00
Xiaokang Qian
4e83173bb7 Skip early data basic check temp 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-18 10:57:46 +00:00
Xiaokang Qian
e9622ac4ba Remove the fore_tls13 option case from client side 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-17 09:23:32 +00:00
Xiaokang Qian
e7bab00825 Update enabled guards for early data cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-16 10:06:50 +00:00
Xiaokang Qian
f3cefb4f4c Move early data test cases to tls13-misc.sh 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-16 03:23:46 +00:00
Jerry Yu
97be6a913e fix various issues 
- typo error
- replace `ssl->hanshake` with handshake

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-09 22:43:31 +08:00
Jerry Yu
616ba75c23 move test cases and mark tls13-kex-modes.sh as locked 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-08 23:51:39 +08:00
Jerry Yu
e5991328ff fix tls13 psk only test fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-08 16:16:29 +08:00
Jerry Yu
f467d46bbb move get_srv_psk_list 
It can be reused in other test-suites

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-07 13:17:08 +08:00
Ronald Cron
eac00ad2a6 tls13: server: Note down client not being authenticated in SSL context 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-25 20:02:03 +02:00
Ronald Cron
a709a0f2c6 tls13: Declare PSK ephemeral key exchange mode first 
In the PSK exchange modes extension declare first
PSK ephemeral if we support both PSK ephemeral
and PSK. This is aligned with our implementation
giving precedence to PSK ephemeral over pure PSK
and improve compatibility with GnuTLS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-25 19:05:26 +02:00
Ronald Cron
dd0c8f9c26 tls13-kex-modes.sh: Remove unnecessary GnuTLS option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-25 17:35:50 +02:00
Ronald Cron
8328113cad ssl-opt.sh: Fix some test checks for ephemeral only kex build 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-22 14:42:04 +02:00
Ronald Cron
59625848e6 ssl-opt.sh: TLS 1.3 kex: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_*ENABLED 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-22 14:42:04 +02:00
Ronald Cron
928cbd34e7 tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 
Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard
code specific to the TLS 1.3 ephemeral key exchange mode.

Use it also for the dependencies of TLS 1.3 only tests
relying on ephemeral key exchange mode, but for
tests in tls13-kex-modes.sh where the change is done
later using all
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-22 14:42:04 +02:00
Ronald Cron
bc5adf4ef8 ssl-opt.sh: Add dependencies on handshake with cert 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-21 14:47:00 +02:00
Ronald Cron
2ea36af693 ssl-opt.sh: TLS 1.3 kex: Do not use sig_algs if no cert 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-21 14:47:00 +02:00
Jerry Yu
c2bfaf00d9 fix wrong typo 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-11 18:07:19 +08:00
Jerry Yu
03aa174d7c Improve test message and title 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-10 21:48:37 +08:00
Jerry Yu
63b06ea06e Update test cases 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-08 14:56:38 +08:00
Jerry Yu
25ab654781 Add dummy ticket support 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-07 10:11:05 +08:00
Xiaokang Qian
a70bd9108a Fix the description of psk client cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-28 07:50:13 +00:00
Xiaokang Qian
ca343ae280 Improve message logs and test cases description in psk 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-28 02:07:54 +00:00
Xiaokang Qian
9c172042b6 Change cases description base on comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-27 11:41:50 +00:00
Xiaokang Qian
954d5769ef PSK: change descriptions base on comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-26 08:40:10 +00:00
Xiaokang Qian
ac8195f4f7 Fix wrongly kex mode fallback issue in psk cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-26 06:31:58 +00:00
Xiaokang Qian
210727f3b1 Skip some psk cases cause wrong fallback to ephemeral 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 07:25:40 +00:00
Xiaokang Qian
dea2cbe199 Fix various test issues in psk m->m cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian
658204c71e Remove negative test cases for m->O and m->G 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian
8939930b82 Rebase and fix some test failures 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00