Przemek Stekiel
cd00d7f724
test PSA key derivation: add positive and negative cases for mixed-psk
...
Mix-PSK-to-MS test vectors are generated using python-tls library:
https://github.com/python-tls/tls
Steps to generate test vectors:
1. git clone git@github.com:python-tls/tls.git
2. cd tls
3. python3 setup.py build
4. sudo python3 setup.py install
5. Use the python script below to generate Master Secret (see description for details):
"""
Script to derive MS using mixed PSK to MS algorithm.
Script can be used to generate expected result for mixed PSK to MS tests.
Script uses python tls library:
https://github.com/python-tls/tls
Example usage:
derive_ms.py <secret> <other_secret> <seed> <label> <hash>
derive_ms.py 01020304 ce2fa604b6a3e08fc42eda74ab647adace1168b199ed178dbaae12521d68271d7df56eb56c55878034cf01bd887ba4d7 5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f 6d617374657220736563726574 SHA256
secret : 01020304
other_secret : ce2fa604b6a3e08fc42eda74ab647adace1168b199ed178dbaae12521d68271d7df56eb56c55878034cf01bd887ba4d7
pms : 0030ce2fa604b6a3e08fc42eda74ab647adace1168b199ed178dbaae12521d68271d7df56eb56c55878034cf01bd887ba4d7000401020304
seed : 5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f
label : 6d617374657220736563726574
output : 168fecea35190f9df34c042f24ecaa5e7825337f2cd82719464df5462f16aae84cb38a65c0d612ca9273f998ad32c05b
"""
from cryptography.hazmat.primitives import hashes
from tls._common.prf import prf
import os
import sys
def build_pms(other_secret: bytes, secret: bytes) -> bytes:
other_secret_size = len(other_secret).to_bytes(2, byteorder='big')
secret_size = len(secret).to_bytes(2, byteorder='big')
return(other_secret_size + other_secret + secret_size + secret)
def derive_ms(secret: bytes, other_secret: bytes, seed: bytes, label: bytes, hash: hashes.HashAlgorithm) -> bytes:
return prf(build_pms(other_secret, secret), label, seed, hash, 48)
def main():
#check args
if len(sys.argv) != 6:
print("Invalid number of arguments. Expected: <secret> <other_secret> <seed> <label> <hash>" )
return
if sys.argv[5] != 'SHA384' and sys.argv[5] != 'SHA256':
print("Invalid hash algorithm. Expected: SHA256 or SHA384" )
return
secret = bytes.fromhex(sys.argv[1])
other_secret = bytes.fromhex(sys.argv[2])
seed = bytes.fromhex(sys.argv[3])
label = bytes.fromhex(sys.argv[4])
hash_func = hashes.SHA384() if sys.argv[5] == 'SHA384' else hashes.SHA256()
pms = build_pms(other_secret, secret)
actual_output = derive_ms(secret, other_secret, seed, label, hash_func)
print('secret : ' + secret.hex())
print('other_secret : ' + other_secret.hex())
print('pms : ' + pms.hex())
print('seed : ' + seed.hex())
print('label : ' + label.hex())
print('output : ' + actual_output.hex())
if __name__ == "__main__":
main()
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:41:41 +02:00
Przemek Stekiel
ffbb7d35fc
derive_output: add optional step for derivation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-12 11:27:00 +02:00
Ronald Cron
cccbe0eb88
Merge pull request #5516 from tom-daubney-arm/M-AEAD_dispatch_tests
...
M-AEAD driver dispatch tests
2022-04-05 16:35:37 +02:00
Gilles Peskine
1c7c5969ea
Merge pull request #5683 from paul-elliott-arm/fix_pk_test
...
Prevent free of uninitialised MPI variables
2022-04-04 17:51:49 +02:00
Gilles Peskine
c82f62e3a5
Merge pull request #4907 from gilles-peskine-arm/config-baremetal-size-3.0
...
Disable debugging features in the primary code size measurement job
2022-04-04 16:12:58 +02:00
Thomas Daubney
f38c8c6459
Adds test data for insufficient memory case
...
This commit adds tests data for the encrypt setup function
to cover the case where there is insufficent memory when
trying to undertake the operation.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-04-04 14:21:18 +01:00
Thomas Daubney
30583c3e92
Adds test data for fallback test
...
Commit adds test data needed to test the case where driver
does not support selected algorithm but the library does.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-04-04 14:21:18 +01:00
Thomas Daubney
5e896d914a
Adds test data for encrypt setup test case
...
This commit adds a positive test case for the
encrypt setup function test.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-04-04 14:21:18 +01:00
Thomas Daubney
d610191ad6
Adds driver dispatch test for M-AEAD encryption setup
...
This commit adds a test called aead_encrypt_setup()
which tests that the relevant drivers get called the correct
amount of times when running the multipart AEAD encrypt
setup API.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-04-04 14:21:10 +01:00
Manuel Pégourié-Gonnard
de68e39ddf
Merge pull request #5568 from superna9999/5159-pk-rsa-verification
...
PK: RSA verification
2022-04-04 11:23:33 +02:00
Ronald Cron
0e980e8e84
Merge pull request #5640 from ronald-cron-arm/version-negotiation-2
...
TLS 1.2/1.3 version negotiation - 2
2022-04-01 12:29:06 +02:00
Manuel Pégourié-Gonnard
33a9d61885
Merge pull request #5638 from paul-elliott-arm/ssl_cid_accessors
...
Accessors to own CID within mbedtls_ssl_context
2022-04-01 11:36:00 +02:00
Manuel Pégourié-Gonnard
6a25159c69
Merge pull request #5648 from gabor-mezei-arm/5403_hkdf_use_internal_psa_implementations
...
HKDF 2: use internal implementations in TLS 1.3
2022-04-01 11:15:29 +02:00
Paul Elliott
02758a51df
Add tls CID tests
...
Add tests to test tls coneection id functionality, including the new
'own cid' accessor.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-31 19:21:41 +01:00
Ronald Cron
cbd7bfd30e
ssl-opt.sh: Force TLS 1.2 on server for TLS 1.2 specific tests
...
Force TLS 1.2 on OpenSSL/GnuTLS server
for TLS 1.2 specific tests.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-31 18:25:27 +02:00
Ronald Cron
634d865d80
ssl-opt.sh: Fix "no TLS 1.3 server support" test check
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-31 18:25:27 +02:00
Paul Elliott
ff59a34606
Prevent free of uninitialised variables
...
In an error case it was possible for mbedtls_mpi variables to be free'd
uninitialised.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-31 17:14:13 +01:00
Dave Rodgman
017a19997a
Update references to old Github organisation
...
Replace references to ARMmbed organisation with the new
org, Mbed-TLS, following project migration.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-03-31 14:43:16 +01:00
Ronald Cron
a980adf4ce
Merge pull request #5637 from ronald-cron-arm/version-negotiation-1
...
TLS 1.2/1.3 version negotiation - 1
2022-03-31 11:47:16 +02:00
Ronald Cron
37bdaab64f
tls: Simplify the logic of the config version check and test it
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-31 09:26:58 +02:00
Neil Armstrong
56d51274d8
Initialize PSA crypto in test_suite_pk for RSA verify tests
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-30 16:39:07 +02:00
Manuel Pégourié-Gonnard
3304f253d7
Merge pull request #5653 from paul-elliott-arm/handshake_over
...
Add mbedtls_ssl_is_handshake_over()
2022-03-30 12:16:40 +02:00
Ronald Cron
3cec8e8864
tests: Init PSA crypto if TLS 1.3 is enabled
...
Initialize PSA crypto in tests if TLS 1.3 is
enabled as done when MBEDTLS_USE_PSA_CRYPTO
is enabled.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
a1b8f6e914
ssl-opt.sh: Do not force TLS 1.3 on client
...
For TLS 1.3 tests, do not force TLS 1.3
version on client to play the negotiation
game whenever possible.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
f3b425bbde
ssl-opt.sh: Force TLS 1.2 on server
...
To maximize the number of tests where MbedTLS
client proposes both TLS 1.2 and TLS 1.3 to
the server, force the TLS 1.2 version on the
server side rather than on the client side
in TLS 1.2 specific tests.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
f660655b84
TLS: Allow hybrid TLS 1.2/1.3 in default configurations
...
This implies that when both TLS 1.2 and TLS 1.3
are included in the build all the TLS 1.2 tests
using the default configuration now go through
a version negotiation on the client side.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
e1d3f06399
Allow hybrid TLS 1.3 + TLS 1.2 configuration
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
7320e6436b
ssl_tls12_client.c: Switch to generic Client Hello state handler
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Ronald Cron
27c85e743f
ssl_tls.c: Unify TLS 1.2 and TLS 1.3 SSL state logs
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 18:58:31 +02:00
Paul Elliott
571f1187b6
Merge pull request #5642 from mprse/ecp_export
...
Add ECP keypair export function
2022-03-29 17:19:04 +01:00
Dave Rodgman
1c41501949
Merge pull request #5632 from tom-cosgrove-arm/seclib-667-sha512-acceleration-mbedtls-internal
...
SECLIB-667: Accelerate SHA-512 with A64 crypto extensions
2022-03-29 15:34:12 +01:00
Ronald Cron
086ee0be0e
ssl_tls.c: Reject TLS 1.3 version configuration for server
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 14:42:17 +02:00
Ronald Cron
de1adee51a
Rename ssl_cli/srv.c
...
Rename ssl_cli.c and ssl_srv.c to reflect the fact
that they are TLS 1.2 specific now. Align there new
names with the TLS 1.3 ones.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 14:39:49 +02:00
Ronald Cron
63d97ad0bb
Merge pull request #5559 from yuhaoth/pr/add-rsae-sha384-sha512
...
Add rsae sha384 sha512
2022-03-29 14:01:51 +02:00
Manuel Pégourié-Gonnard
39f2f73e69
Merge pull request #5630 from ronald-cron-arm/restore-full-compat-testing
...
Restore full TLS compatibility testing
2022-03-28 18:31:17 +02:00
Ronald Cron
e44d8e7eea
Merge pull request #5369 from xkqian/add_2nd_client_hello
...
Add 2nd client hello
2022-03-28 12:18:41 +02:00
XiaokangQian
5c252620c5
Move MAC-ALL to self._ciphs in ssl-opt.sh
...
Change-Id: I60d29560f8937a0001ab4a30086bac255fc4b1eb
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-03-28 08:53:45 +00:00
Przemek Stekiel
6a478ef054
mbedtls_ecp_group_cmp: change names of parameters to more suitable
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-28 07:25:12 +02:00
XiaokangQian
2e17fb8c93
Change code base on comments
...
Add all of the group pairs for hrr cases
Re-order some parameters
Change-Id: Id7e131d1ed4279bbd586613800df7bd87dfa4c54
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-03-28 03:30:05 +00:00
Gabor Mezei
ed6d6589b3
Use hash algoritm for parameter instead of HMAC
...
To be compatible with the other functions `mbedtls_psa_hkdf_extract` and
`mbedtls_psa_hkdf_expand` use hash algorithm for parameter.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-26 17:28:06 +01:00
Gabor Mezei
07732f7015
Translate from mbedtls_md_type_t to psa_algorithm_t
...
Do the translation as early as possible from mbedtls_md_type_t to psa_algorithm_t.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-26 17:04:19 +01:00
Gabor Mezei
5d9a1fe9e9
PSA code depends on MBEDTLS_SSL_PROTO_TLS1_3
...
With TLS 1.3 support MBEDTLS_PSA_CRYPTO_C is enabled so PSA support
is always enabled.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-26 15:47:15 +01:00
Ronald Cron
618955d381
compat.sh: Fix check for OpenSSL support
...
If OpenSSL does not support a mode (tls12 or
dtls12 or tls13) just skip the tests involving
OpenSSL.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-25 16:50:18 +01:00
Ronald Cron
2c74ff629d
compat.sh: Restore full TLS compatibility testing
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-25 16:50:18 +01:00
XiaokangQian
a1931448f0
Update hrr test cases generation code without change class
...
Change-Id: I38f620213bf5349d33ecad080538294633f85566
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-03-25 11:58:22 +00:00
XiaokangQian
eff93f947d
Rebase code to latest and solve conflicts
...
Change-Id: Id89af63e5d63347f6365c87b2aed419cc31fe0d4
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-03-25 10:47:55 +00:00
XiaokangQian
8031ba7fbf
Update code base on comments
...
Change run title
Remove dedicate ciphersuite and sig alg
Update test cases
Change-Id: Ic0e9adf56062e744f7bafbc6bb562baeaafd89f0
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-03-25 09:27:53 +00:00
Manuel Pégourié-Gonnard
cefa904759
Merge pull request #5622 from paul-elliott-arm/timing_delay_accessor
...
Accessor for mbedtls_timing_delay_context final delay
2022-03-25 09:14:41 +01:00
XiaokangQian
83f818811e
Update test cases in tls13-compat.sh
...
Change-Id: I5e080b3343492dd80ede1305f95d4b5b98cd44a3
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-03-25 08:12:35 +00:00
XiaokangQian
68a87e4606
Remove the option r in generate_tls13_compat_tests.py
...
Integrate two options into one
Use one dedicate cipher suite TLS_AES_256_GCM_SHA384
Use on dedicate signature algorithm ecdsa_secp384r1_sha384
Change-Id: Icbe39b985e1942edc4b1e37ce3352eed4f316ab7
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-03-25 08:09:29 +00:00