Xiaokang Qian
cffb18cee7
Fix various issues
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
8f7d7c7aaf
Address comments about description of psk cases
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
5001bfc619
Add key exchange mode log in client side
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
edc35e7ffd
Refine the psk test cases for m->G
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
2efece22a0
Refine the psk test cases for m->O
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
3cbbbbcb08
Shorten the description in psk m->m test cases
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
d7dcc4274b
Unified the test title of psk cases
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
2aaf1c1d74
Re-work psk test cases against openssl and gnutls
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
8e76e1de21
Add m->m cases with client be set to psk_all or all mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
ca48dddf62
Add m->m with client be set to ephemeral or ephemeral_all mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
198cefd1fa
Add force_version tls13 to the psk test cases
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
f9b694ba8f
Add m->m cases with client be set to psk and psk_ephemeral mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
e0cc584f70
Change result strings based on actula psk test result
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
df6a3891e8
Add client psk test cases for all mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
a39d0d5e2b
Add client test cases for ephemeral_all mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
01173c21b1
Add client test cases for ephemeral mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
ff5705bdd7
Add client test cases for psk_ephemeral mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
73894232e8
Add client test cases for psk_all mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
cf6442e2e4
Add client test cases for psk mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:30 +00:00
XiaokangQian
335cfaadf9
Finalize client side code for psk
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-09-23 01:48:26 +00:00
Jerry Yu
40b4a01388
Improve documents
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 23:48:38 +08:00
Jerry Yu
359e65f784
limit session ticket number when resumption
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 23:47:43 +08:00
Jerry Yu
f3bdf9dd51
fix various issues
...
- improve document about configuration item.
- format issue
- variable type issue.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 23:47:14 +08:00
Gilles Peskine
07ba2be20b
Merge pull request #6304 from yuhaoth/pr/exclude-pre_shared_key-from-hrr-msg
...
TLS 1.3: PSK: Exclude pre_shared_key for HRR
2022-09-22 10:21:06 +02:00
Manuel Pégourié-Gonnard
1475ac49a4
Merge pull request #6107 from Zaya-dyno/validation_remove_change_hash
...
Validation remove change hash
2022-09-22 09:24:44 +02:00
Manuel Pégourié-Gonnard
d5c82fb821
Merge pull request #6085 from Zaya-dyno/validation_remove_change_cipher
...
Validation remove and change in files related to cipher in library
2022-09-22 09:10:13 +02:00
Jerry Yu
b7e3fa7fbd
move count decrement after success sent
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 13:21:29 +08:00
Jerry Yu
d0766eca58
fix various issues
...
- Improve comments
- Align count variable name to `new_session_tickets_count`
- move tickets_count init to handshake init
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 13:21:29 +08:00
Gilles Peskine
b3ea98c606
Replace the output file atomically
...
When writing the new .data file, first write the new content, then replace
the target. This way, there isn't a temporary state in which the file is
partially written. This temporary state can be misleading if the build is
interrupted. It's annoying if you're watching changes to the output and the
changes appear as emptying the file following by the new version appearing.
Now interrupted builds don't leave a file that appears to be up to date but
isn't, and when watching the output, there's a single transition to the new
version.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-21 22:00:06 +02:00
Jerry Yu
9370612312
remove certificate setting from psk_ephemeral HRR test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-21 22:44:24 +08:00
Tom Cosgrove
119eae2e51
Update names of test cases in generate_bignum_tests.py
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-21 12:19:18 +01:00
Tom Cosgrove
c573882674
Merge remote-tracking branch 'upstream/development' into issue-6015-montgomery-multiplication
2022-09-21 12:08:43 +01:00
Manuel Pégourié-Gonnard
e5833c182c
Merge pull request #6300 from davidhorstmann-arm/syntax-highlighting-function-files
...
Use GitHub C syntax highlighting on test files
2022-09-21 10:52:14 +02:00
Manuel Pégourié-Gonnard
d433cd7d07
Merge pull request #6283 from mpg/driver-only-hashes-wrap-up
...
Driver only hashes wrap-up
2022-09-21 08:29:46 +02:00
Jerry Yu
2db49df44b
Add psk_ephemeral HRR tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-21 11:03:28 +08:00
Dave Rodgman
36e1d9ef1d
Merge pull request #6203 from wernerlewis/ecp_group_test
...
Add test for ECP group metadata
2022-09-20 17:35:53 +01:00
Ronald Cron
50969e3af5
ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 15:57:57 +02:00
Tom Cosgrove
4782823ec3
Ensure we explicitly document the modulus for fixed-width arithmetic
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-20 13:51:50 +01:00
Tom Cosgrove
b0b77e1b13
Document and test aliasing of the bignums given to mbedtls_mpi_core_mla()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-20 13:33:40 +01:00
David Horstmann
b5d884815c
Use GitHub C syntax highlighting on test files
...
Add a .gitattributes file that tells GitHub to highlight all .function
files as if they were .c files. This aids in reviewing changes to tests.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-09-20 13:31:23 +01:00
Ronald Cron
277cdcbcde
ssl-opt.sh: tls13 opaque key: Enable client authentication
...
Enable client authentication in TLS 1.3 opaque
key tests to use the opaque key on client side.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:30:13 +02:00
Ronald Cron
e3196d270c
ssl-opt.sh: tls13 opaque key: Do not force version on client side
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:30:13 +02:00
Ronald Cron
6ec2123bf3
ssl-opt.sh: Align prefix of TLS 1.3 opaque key tests
...
Align prefix of TLS 1.3 opaque key tests
with the prefix of the othe TLS 1.3 tests.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:30:13 +02:00
Ronald Cron
067a1e735e
tls13: Try reasonable sig alg for CertificateVerify signature
...
Instead of fully validating beforehand
signature algorithms with regards to the
private key, do minimum validation and then
just try to compute the signature. If it
fails try another reasonable algorithm if any.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:30:13 +02:00
Ronald Cron
38391bf9b6
tls13: Do not impose minimum hash size for RSA PSS signatures
...
When providing proof of possession of
an RSA private key, allow the usage for RSA
PSS signatures of a hash with a security
level lower that the security level of the
RSA private key.
We did not allow this in the first place to
align with the ECDSA case. But as it is not
mandated by the TLS 1.3 specification (in
contrary to ECDSA), let's allow it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:29:41 +02:00
Ronald Cron
67ea2543ed
tls13: server: Add sig alg checks when selecting best certificate
...
When selecting the server certificate based on
the signature algorithms supported by the client,
check the signature algorithms as close as possible
to the way they are checked to compute the
signature for the server to prove it possesses
the private key associated to the certificate.
That way we minimize the odds of selecting a
certificate for which the server will not be
able to compute the signature to prove it
possesses the private key associated to the
certificate.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:26:32 +02:00
Tom Cosgrove
ea45c1d2d4
Document and test aliasing of output for mbedtls_mpi_core_montmul()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-20 13:17:51 +01:00
Werner Lewis
05feee1841
Restore vbuf value after modification
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-20 12:05:58 +01:00
Werner Lewis
ccae25b4bf
Add explicit mbedtls_ecp_tls_read_group_id call
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-20 10:00:07 +01:00
Werner Lewis
7403d93f8a
Add leading zeros to group metadata
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-20 09:41:05 +01:00