yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
20902 commits 1 branch 0 tags 94 MiB
Commit graph

7008 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
2d08ea49c8 Some PK test functions no longer depend on MD 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:20 +02:00
Manuel Pégourié-Gonnard
043c8c5de8 Add USE_PSA version of PK test functions 
While at it, also fix buffer size for functions that already depend on
USE_PSA: it should be PSA_HASH_MAX_SIZE for functions that always use
PSA, and the new macro MBEDTLS_USE_PSA_MD_MAX_SIZE for functions that
use it or not depending on USE_PSA.

The only case where MBEDTLS_MD_MAX_SIZE is OK is when the function
always uses MD - currently this is the case with
pk_sign_verify_restart() as it is incompatible with USE_PSA anyway.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:20 +02:00
Manuel Pégourié-Gonnard
525add631e Add component with accelerated hashes and USE_PSA 
Currently the test suites are passing because a lot of tests
functions/cases explicitly depend on SHAxxx_C, resulting in them being
skipped in this build. The goal of the next few commits is going to make
them pass and achieve test parity with a non-accelerated build for
selected modules.

Note: compared to the previous component, I'm using 'make tests' not
'make' (ie not building program) because I'm betting build failures
(some header not found) in programs which are not my interest atm.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard
97ab2a3ae2 Clean up two accel tests in all.sh 
- TLS versions earlier than 1.2 have been removed
- fix a copy-paste typo

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard
46a295422d Build and test RSA PKCS#1v1.5 without MD 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard
e496c6273e Sort out MD dependencies in RSA tests 
When MD is only used to compute a size, use md_internal.h instead.

When it's actually used to compute a hash, mark the test function as
depending on it. This is probably suboptimal in the long run, and we
might want to either adapt the code so that it can use PSA Crypto
instead, or just pre-compute the hash in the test data.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard
b86279fc63 Build and test PK without MD 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:18 +02:00
Manuel Pégourié-Gonnard
6a0a160f99 Avoid a dependency on MD in test_suite_pk 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:18 +02:00
Zhangsen Wang
91385121b9 delete openssl version requirement for openssl client, because the bug only occurs on openssl server 
Signed-off-by: Zhangsen Wang <zhangsen.wang@arm.com>
 2022-07-12 01:56:57 +00:00
Paul Elliott
7adb8cbc0e Revert "Add generated files for 3.2.0 release" 
This reverts commit cb21f2eab3.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-07-11 18:18:30 +01:00
Paul Elliott
cb21f2eab3 Add generated files for 3.2.0 release 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-07-11 13:56:01 +01:00
Paul Elliott
20362cd1ca Bump library and so versions for 3.2.0 release 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-07-11 13:56:01 +01:00
Paul Elliott
9a8d78419f Fixup test tls13_server_certificate_msg_invalid_vector_len 
The parameters for init_handshake_options had changed on the development
branch after this test was created, so fixing up this test in order to
correct build failures after merge.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-07-11 11:34:14 +01:00
Ronald Cron
ce7d76e2ee Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr 2022-07-11 10:22:37 +02:00
Paul Elliott
6e80e09bd1
Merge pull request #5915 from AndrzejKurek/cid-resumption-clash 
Fix DTLS 1.2 session resumption
 2022-07-06 15:03:36 +01:00
Paul Elliott
826762e315
Merge pull request #5765 from leorosen/fix-some-resource-leaks 
Fix resource leaks
 2022-07-05 23:12:02 +01:00
Dave Rodgman
c6a4a1cc13
Merge pull request #6011 from gabor-mezei-arm/coverity_22_07_01 
Fix uninitialised memory access in test
 2022-07-05 13:59:34 +01:00
Andrzej Kurek
ddb8cd601d test_suite_ssl: Fix handshake options cleanup 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 16:07:28 -04:00
Andrzej Kurek
9dc4402afa test_suite_ssl: zeroize the cache pointer in case if the struct memory gets reused 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:40:15 -04:00
Andrzej Kurek
1e085686ec test_suite_ssl: remove unnecessary user data checks 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:40:09 -04:00
Andrzej Kurek
3d0d501517 test_suite_ssl: prefer ASSERT_ALLOC over malloc 
Fix formatting for option initialization
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:39:34 -04:00
Andrzej Kurek
92d7417d89 Formatting fixes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:21:59 -04:00
Andrzej Kurek
e11acb2c9b test_suite_ssl: add proper cache cleanup 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:21:59 -04:00
Andrzej Kurek
e8ad0d7d42 Disable bad session id length test in TLS 1.3 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:21:59 -04:00
Andrzej Kurek
456a109edb test_suite_ssl: add required dependencies for default handshake parameters 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:21:59 -04:00
Andrzej Kurek
6e518ab086 test_suite_ssl: add missing options cleanup 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:21:59 -04:00
Andrzej Kurek
ed58b50ea6 test_suite_ssl: add missing MBEDTLS_SSL_SERVER_C dependency 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:21:59 -04:00
Andrzej Kurek
626a931bb9 test_suite_ssl: Add missing arguments in endpoint initialization 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:21:59 -04:00
Andrzej Kurek
514683abdc Add a test with a bad session_id_len that makes cache setting fail 
Force a bad session_id_len before handshake wrapup. This should
result in a forced jump to a clean up of a serialized session.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:18:29 -04:00
Andrzej Kurek
780dc18f74 Refactor test_suite_ssl tests to enable cache setting 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-04 10:18:28 -04:00
Manuel Pégourié-Gonnard
4d7af2aee0
Merge pull request #5835 from superna9999/5831-tls-1-2-ciphersuite-selection 
Permissions 2a: TLS 1.2 ciphersuite selection
 2022-07-04 12:37:02 +02:00
Paul Elliott
41aa808a56
Merge pull request #952 from gilles-peskine-arm/stdio_buffering-setbuf 
Turn off stdio buffering with setbuf()
 2022-07-04 10:12:22 +01:00
Ronald Cron
0e39ece23f
Merge pull request #5916 from yuhaoth/pr/tls13-refactor-get-sig-alg-from-pk 
Refactor signature algorithm chooser
 2022-07-04 09:10:08 +02:00
Neil Armstrong
6931e439e4 Fix Handshake select ECDH-RSA- test dependencies 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-07-01 18:30:10 +02:00
Paul Elliott
bae7a1a5a6
Merge pull request #5620 from gstrauss/dn_hints 
Add accessors to config DN hints for cert request
 2022-07-01 17:23:14 +01:00
Neil Armstrong
c67e6e96f8 Depends on MBEDTLS_X509_REMOVE_INFO disable for double Opaque keys test requiring cert infos to determine selected key 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-07-01 15:48:10 +02:00
Gabor Mezei
dc3f3bb8b1
Initilize variable 
Coverity scan detected a problem of an uinitilized variable.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-07-01 15:06:34 +02:00
Jerry Yu
7ac0d498de remove force_version for client 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-01 19:29:30 +08:00
Manuel Pégourié-Gonnard
790ab52ee0
Merge pull request #5962 from gilles-peskine-arm/storage-format-doc-202206 
Documentation about storage format compatibility
 2022-07-01 12:21:17 +02:00
Jerry Yu
52b7d923fe fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-01 18:12:44 +08:00
Neil Armstrong
7999cb3896 Remove auth_mode=required and client crt_file/key_file when testing server authentication 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-07-01 09:51:33 +02:00
Neil Armstrong
4b10209568 Use different certs for double opaque keys and check certificate issuer CN 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-07-01 09:48:09 +02:00
Neil Armstrong
1948a20796 Cleanup Order & Title of Opaque TLS tests, fix RSA- test definition 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-30 18:05:57 +02:00
Gilles Peskine
6497b5a1d1 Add setbuf platform function 
Add a platform function mbedtls_setbuf(), defaulting to setbuf().

The intent is to allow disabling stdio buffering when reading or writing
files with sensitive data, because this exposes the sensitive data to a
subsequent memory disclosure vulnerability.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 17:01:40 +02:00
Ronald Cron
cb67e1a890
Merge pull request #5917 from gilles-peskine-arm/asn1write-0-fix 
Improve ASN.1 write tests
 2022-06-30 15:42:16 +02:00
Neil Armstrong
167d82c4df Add dual keys Opaque ssl-opt tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-30 11:32:00 +02:00
Neil Armstrong
36b022334c Reorganize Opaque ssl-opt tests, pass key_opaque_algs=, add less wrong negative server testings 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-30 11:16:53 +02:00
Neil Armstrong
b2c3b5be2d Fix depends on handshake_ciphersuite_select tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-30 10:49:04 +02:00
Neil Armstrong
db13497490 Reorganize & add more handshake_ciphersuite_select to test all MBEDTLS_KEY_EXCHANGE_XXX cases 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-30 09:06:28 +02:00
Zhangsen Wang
9b64546eb2 Update tests/ssl-opt.sh, delete 1 blank line. 
Co-authored-by: Xiaokang Qian <53458466+xkqian@users.noreply.github.com>
Signed-off-by: Zhangsen Wang <zhangsen.wang@arm.com>
 2022-06-30 02:35:18 +00:00
Paul Elliott
f6a56cf5ff
Merge pull request #939 from ronald-cron-arm/tls13-add-missing-overread-check 
TLS 1.3: Add missing overread check
 2022-06-29 17:01:14 +01:00
Werner Lewis
ec0193d019 Update test to cover move-decrypt sequence 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-29 16:17:50 +01:00
Werner Lewis
dd76ef359d Refactor AES context to be shallow-copyable 
Replace RK pointer in AES context with a buffer offset, to allow
shallow copying. Fixes #2147.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-29 16:17:50 +01:00
Dave Rodgman
5b50f38f92
Merge pull request #934 from gilles-peskine-arm/mpi-0-mod-2 
Fix null pointer dereference in mpi_mod_int(0, 2)
 2022-06-29 15:02:59 +01:00
Jerry Yu
aae28f178b add tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:21:32 +08:00
Jerry Yu
a0bb906c9f fix handshake_version test fail. 
when both tls13 and tls12 are enabled, the
test will fail.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:16:09 +08:00
Jerry Yu
f55886a217 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:13:46 +08:00
Jerry Yu
a6076aa8b8 Revert temp test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:13:45 +08:00
Jerry Yu
7ab7f2b184 Remove pkcs1 from certificate_verify 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:13:44 +08:00
Ronald Cron
7898fd456a
Merge pull request #5970 from gabor-mezei-arm/5229_Send_dummy_change_cipher_spec_records_from_server 
TLS 1.3 server: Send dummy change_cipher_spec records

The internal CI PR-merge job ran successfully thus good to go.
 2022-06-29 09:47:49 +02:00
Glenn Strauss
bd10c4e2af Test accessors to config DN hints for cert request 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-06-29 02:54:28 -04:00
Zhangsen Wang
87a9c86d87 Re-enable five tests disabled because of an old OpenSSL bug 
Signed-off-by: Zhangsen Wang <zhangsen.wang@arm.com>
 2022-06-29 02:23:22 +00:00
Gilles Peskine
d86abf2392
Merge pull request #5861 from wernerlewis/csr_subject_comma 
Fix output of commas and other special characters in X509 DN values
 2022-06-28 21:00:49 +02:00
Neil Armstrong
2407279fa4 Add tests with specific hash for handshake_ciphersuite_select positive tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-28 18:12:17 +02:00
Neil Armstrong
ed917bf548 Update description for negative key_opaque_algs tests 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-28 18:12:17 +02:00
Neil Armstrong
8c52ed8d1e Add negative testing of ciphersuite selection using Opaque algs & usage 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-28 18:12:17 +02:00
Neil Armstrong
eb4390b27c Add Cipersuite selection negative testing by using invalid algs for server-side opaque key 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-28 18:10:48 +02:00
Gabor Mezei
9e4b7bd199
Do not force TLS 1.3 on client side for TLS 1.3 middlebox compatibility tests 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-06-28 16:22:14 +02:00
Gabor Mezei
f7044eaec8
Fix name 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-06-28 16:01:49 +02:00
Ronald Cron
585cd70d04 tests: ssl: Fix coverity deadcode issue 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-28 09:21:13 +02:00
Ronald Cron
b94854f8e3
Merge pull request #5973 from ronald-cron-arm/tls13-misc-tests 
TLS 1.3: Enable and add tests
 2022-06-28 09:15:17 +02:00
Gilles Peskine
5969a4b5e0 Don't call memcpy(NULL, 0) which has undefined behavior 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-27 23:59:53 +02:00
Dave Rodgman
f5b7082f6e
Merge pull request #5811 from polhenarejos/bug_x448 
Fix order value for curve x448
 2022-06-27 13:47:24 +01:00
Werner Lewis
9b0e940135 Fix case where final special char exceeds buffer 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-27 12:01:22 +01:00
Werner Lewis
31ecb9600a Add tests for exceeded buffer size 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-27 11:23:43 +01:00
Werner Lewis
b33dacdb50 Fix parsing of special chars in X509 DN values 
Use escape mechanism defined in RFC 1779 when parsing commas and other
special characters in X509 DN values. Resolves failures when generating
a certificate with a CSR containing a comma in subject value.
Fixes #769.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-27 11:19:50 +01:00
Ronald Cron
cf600bc07c Comment fixes 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-27 09:28:49 +02:00
Ronald Cron
e7b9b6b380 tls13: Add checks of overread check failures 
In Certificate message parsing tests with
invalid vector lengths, add checks that the
parsing failed on the expected overread check.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-27 09:28:49 +02:00
Ronald Cron
e3dac4aaa1 tls13: Add Certificate msg parsing tests with invalid vector lengths 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-27 09:28:42 +02:00
Ronald Cron
a8d79b9eb6 ssl-opt.sh: Remove one pattern check 
In "Authentication: client cert not trusted,
server required" ssl-opt.sh test, depending
on client and server execution speed, the
handshake on the client side may complete
successfully: the TLS connection is aborted
by the server because it is not able to
authenticate the client but at that time
the client may have completed the handshake
on its side. Thus, do not check that the
client handshake failed.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-27 09:05:35 +02:00
Ronald Cron
07040bb179
Merge pull request #5951 from xkqian/tls13_add_alpn 
Add ALPN extension to the server side
 2022-06-27 08:33:03 +02:00
Ronald Cron
9738a8d0fd
Merge pull request #943 from ronald-cron-arm/tls13-fix-key-usage-checks 
TLS 1.3: Fix certificate key usage checks
 2022-06-27 08:32:17 +02:00
Ronald Cron
21a1b2d374 Enable "Sending app data" SSL unit tests for TLS 1.3 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-24 12:06:46 +02:00
Ronald Cron
c78511b59a ssl-opt.sh: Enable some authentication tests for TLS 1.3 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-24 12:06:46 +02:00
Ronald Cron
1938588e80 tls13: Align some debug messages with TLS 1.2 ones 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-24 12:06:46 +02:00
Ronald Cron
a4417c13a1 ssl-opt.sh: Add Small/Large packets TLS 1.3 tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-24 12:06:46 +02:00
Ronald Cron
ba80d4d60b ssl-opt.sh: Enable Event-driven I/O tests for TLS 1.3 
The other "Event-driven I/O" tests are not relevant
to TLS 1.3 yet: no ticket and session resumption
support.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-24 12:06:46 +02:00
Ronald Cron
2cffd284bc ssl-opt.sh: Enable Non-blocking I/O tests for TLS 1.3 
The other "Non-blocking I/O" tests are not relevant
to TLS 1.3 yet: no ticket and session resumption
support.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-24 12:06:46 +02:00
Manuel Pégourié-Gonnard
93a7f7d7f8
Merge pull request #5954 from wernerlewis/x509_next_merged 
Add mbedtls_x509_dn_get_next function
 2022-06-24 09:59:22 +02:00
XiaokangQian
95d5f549f1 Fix coding styles 
Change-Id: I0ac8ddab13767b0188112dfbbdb2264d36ed230a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-24 05:42:15 +00:00
Werner Lewis
3e5585b45d Replace TEST_ASSERT macro uses 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-23 15:12:10 +01:00
Werner Lewis
ac80a66395 Reduce buffer sizes to expected size 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-23 15:11:50 +01:00
XiaokangQian
c740345c5b Adress review comments 
Change Code styles
Add test cases

Change-Id: I022bfc66fe509fe767319c4fe5f2541ee05e96fd
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-23 03:24:12 +00:00
Ronald Cron
f9c13fe69f ssl-opt.sh: Add positive check in successful "keyUsage client-auth" tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-22 17:36:21 +02:00
Ronald Cron
ba65fbbe30 Fix comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-22 17:36:12 +02:00
Gabor Mezei
7e2dbafe2d
Add test for dummy CCS records 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-06-22 17:07:21 +02:00
XiaokangQian
acb3992251 Add ALPN extension to the server side 
CustomizedGitHooks: yes
Change-Id: I6fe1516963e7b5727710872ee91fea7fc51d2776
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-22 06:34:58 +00:00
Przemek Stekiel
0c9e74bd55 Remove mbedtls_psa_hkdf_expand() and mbedtls_psa_hkdf_extract() tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-21 07:22:33 +02:00
Gilles Peskine
e0469b5908
Merge pull request #931 from AndrzejKurek/clihlo_cookie_pxy_fix 
Add a client hello cookie_len overflow test
 2022-06-20 19:35:54 +02:00
Gilles Peskine
76851ae3a6 Add warnings to test code and data about storage format stability 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-20 19:10:35 +02:00
Gilles Peskine
36aeb7f163
Merge pull request #5834 from mprse/HKDF_1 
HKDF 1: PSA: implement HKDF_Expand and HKDF_Extract algorithms
 2022-06-20 15:27:46 +02:00
Werner Lewis
12657cdcc6 Remove binary int use 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-20 11:57:35 +01:00
Werner Lewis
90c46c376b Use consistent test case names 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-20 11:53:17 +01:00
Werner Lewis
b3acb053fb Add mbedtls_x509_dn_get_next function 
Allow iteration through relative DNs when X509 name contains multi-
value RDNs.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-17 16:40:55 +01:00
Dave Rodgman
eb8570f174 Fix missing newline 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-06-17 14:59:36 +01:00
Dave Rodgman
5cab9dafb7 fix whitespace 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-06-17 13:48:29 +01:00
Dave Rodgman
57080461f7 Add test-case for checking curve order 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-06-17 13:42:40 +01:00
Tuvshinzaya Erdenekhuu
8988e23690 Add missing break 
In ''int execute_tests( int argc , const char ** argv )'' function,
switch case is missing break statement.

Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-06-17 10:55:42 +01:00
Ronald Cron
d28f5a98f1 ssl-opt.sh: Add certificate key usage tests for TLS 1.3 
Those are adaptations of the already existing
TLS 1.2 tests. It is not really possible to just
remove the TLS 1.2 dependency of the existing tests
because of the following:
. in TLS 1.3 the ciphersuite selection on server
  side is not related to the server certificate
. for tests involving OpenSSL the OpenSSL command line
  as to be adapted to TLS 1.3
. server authentication is mandatory in TLS 1.3
. a key with KeyEncipherment and not DigitalSignature
  usage is never acceptable

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-17 08:46:27 +02:00
Ronald Cron
ca3c6a5698
Merge pull request #5817 from xkqian/tls13_add_server_name 
Tls13 add server name
 2022-06-16 08:30:09 +02:00
Gilles Peskine
6194053feb ASN.1: test that we can parse what we can write 
In asn1_write tests, when there's a parsing function corresponding to the
write function, call it and check that it can parse what we wrote.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-15 21:17:25 +02:00
Gilles Peskine
b7e215f6bc Fix copypasta in test data 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-15 21:16:42 +02:00
Andrzej Kurek
ca35f5bed0 test_suite_ssl: Use a zero fragment offset in a test with a too short record 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-15 07:19:40 -04:00
Ronald Cron
4ccd226cbf
Merge pull request #5864 from xkqian/tls13_add_comprehensive_cases 
Tls13 add comprehensive cases
 2022-06-15 09:18:11 +02:00
Przemek Stekiel
6c9fd61565 exercise_key_agreement_key: add special handling for HKDF_EXPAND 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-14 14:41:42 +02:00
Andrzej Kurek
7cf872557a Rearrange the session resumption code 
Previously, the transforms were populated before extension
parsing, which resulted in the client rejecting a server
hello that contained a connection ID.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-14 08:26:19 -04:00
Przemek Stekiel
d898745f70 exercise_key_agreement_key: provide SALT for HKDF_EXTRACT 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-14 11:41:52 +02:00
XiaokangQian
3ed16231ab Refine server side SNI test cases 
Change-Id: Icdc91ed382e81702e3b46645d3ce3534e62d4a13
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-14 08:24:04 +00:00
Jerry Yu
b7c12a466f Refactor compat scripts 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-12 20:53:02 +08:00
Gilles Peskine
2c2730a372 ASN.1 write tests: test with larger buffer 
Test with the output buffer size up to *and including* the expected output
size plus one. `... < expected->len + 1` was evidently a mistake.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-10 20:15:44 +02:00
Gilles Peskine
321a08944b Fix bug whereby 0 was written as 0200 rather than 020100 
0200 is not just non-DER, it's completely invalid, since there has to be a
sign bit.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-10 20:13:33 +02:00
Gilles Peskine
c9a30fba74 Add MPI write tests when the MPI object has a leading zero limb 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-10 20:13:07 +02:00
Gilles Peskine
0ab804a794 Fix mismatch between test data and test description 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-10 20:12:25 +02:00
Gilles Peskine
d8579b7673 Uncomment mbedtls_asn1_write_mpi tests with leading 1 bit 
mbedtls_asn1_write_mpi() correctly handles the sign bit, so there's no
reason not to test that it's handled correctly.

Fix copypasta in test data that was commented out.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-10 20:10:37 +02:00
XiaokangQian
9b938b7c37 Share code with base class in generate_tls13_compat_tests.py 
Change-Id: I4540bdff7072cdb9bcc9fdb0799c4165ca381b2a
CustomizedGitHooks: yes
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-10 07:06:32 +00:00
XiaokangQian
fb1a3fe7f3 Address comments about python syntax 
CustomizedGitHooks: yes
Change-Id: I5c4d39789df802d0b839061ce8c59ad241917d0b
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-10 02:27:52 +00:00
Gilles Peskine
ae25bb043c Fix null pointer dereference in mpi_mod_int(0, 2) 
Fix a null pointer dereference when performing some operations on zero
represented with 0 limbs: mbedtls_mpi_mod_int() dividing by 2, or
mbedtls_mpi_write_string() in base 2.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-09 19:32:46 +02:00
XiaokangQian
b1847a234e Re-structure to share more common code 
Change-Id: I5034485f7511238d083c2725fbef8818d33ffb07
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-09 02:53:23 +00:00
Andrzej Kurek
ed4d217874 Add missing test dependencies for cookie parsing 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-08 11:57:57 -04:00
Andrzej Kurek
078e9bcda6 Add the mbedtls prefix to ssl_check_dtls_clihlo_cookie 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-08 11:47:33 -04:00
Paul Elliott
271c3052fb
Merge pull request #5892 from AndrzejKurek/ssl-opt-client-kill-fix 
Fix a bug with executing ssl-client2 in ssl-opt.sh in a subshell
 2022-06-08 14:27:01 +01:00
Dave Rodgman
11930699f1
Merge pull request #5827 from wernerlewis/time_utc 
Use ASN1 UTC tags for dates before 2000
 2022-06-08 13:54:19 +01:00
Paul Elliott
5f2bc754d6
Merge pull request #5792 from yuhaoth/pr/add-tls13-moving-state-tests 
Pr/add-tls13-moving-state-tests
 2022-06-08 13:39:52 +01:00
XiaokangQian
96287d98d8 Remove the certificate key check against the received signature 
Change-Id: I07d8d46c58dec499f96cb7307fc0af15149d9df7
CustomizedGitHooks: yes
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-08 08:37:53 +00:00
XiaokangQian
9850fa8e8d Refine ssl_tls13_pick_cert() 
Change-Id: I5448095e280d8968b20ade8b304d139e399e54f1
CustomizedGitHooks: yes
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-08 07:02:41 +00:00
Przemek Stekiel
b088a900f4 test_suite_psa_crypto_storage_format: disable KA(ECDH,HKDF_EXTRACT/EXPAND...) test cases 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-07 15:34:18 +02:00
Przemek Stekiel
d9e1287e64 crypto_config_test_driver_extension.h add HKDF_EXTRACT/EXPAND algs 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-07 14:19:39 +02:00
XiaokangQian
23c5be6b94 Enable SNI test for both tls12 and tls13 
Change-Id: Iae5c39668db7caa1a59d7e67f226a5286d91db22
CustomizedGitHooks: yes
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-07 09:43:13 +00:00
Ronald Cron
00e5eaad62 test: ssl: Remove more TLS 1.2 dependencies in handshake state tests 
That way the concerned tests are also run in the
TLS 1.3 only configuration where a TLS 1.3
handshake is performed.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-07 11:14:01 +02:00
Ronald Cron
bdddaef9bb test: ssl: Enable client authentication in handshake state tests 
The endpoint initialization function was setting up
a certificate but the client certificate was not
used because client authentication was not enabled
(not enabled in the default SSL server configuration).

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-07 11:13:49 +02:00
Dave Rodgman
4b55a89327
Merge pull request #5887 from tom-daubney-arm/mbedtls_x509_crt_ext_types_accessor 
Add accessor for x509 certificate extension types
 2022-06-06 21:51:38 +01:00
Andrzej Kurek
cfb01948c8 Add cookie parsing tests to test_suite_ssl 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-06 15:29:15 -04:00
Andrzej Kurek
140b589ec6 Fix a bug with executing ssl-client2 in ssl-opt.sh in a subshell 
When executing eval in the background, the next "$!" gives the
eval PID, not the ssl-client2 pid. This causes problems when
a client times out and the script tries to kill it. Instead, it
kills the parent eval call.
This caused problems with subsequent proxy tests receiving
old packets from a client from a previous test.
Moving the "&" to inside the eval call fixes the problem.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-06-06 15:02:36 -04:00
Thomas Daubney
5c9c2ce86d Add correct test dependencies 
Functions called within the test mean that MBEDTLS_X509_CRT_PARSE_C
is a test dependency and so is declared in this commit.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-06-06 16:36:43 +01:00
Thomas Daubney
a5f39e0ec2 Move accessor definition 
Move the definition of the accessor so that it is not defined
within the MBEDTLS_X509_CRT_WRITE_C guards. Thus remove the
dependency from the test and test cases.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-06-06 15:42:32 +01:00
Przemek Stekiel
221391b3d2 generate_psa_tests.py: REVERT adapt OpFail test generator for HKDF-Exract/Expand algs 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-06 11:26:43 +02:00
Przemek Stekiel
66867731aa derive_output tests: fix output key length to be consistent with teh description 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-06 11:26:02 +02:00
Przemek Stekiel
cde3f783f5 Make info valid only after secret for HKDF-EXPAND + adapt tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-06 11:26:02 +02:00
Przemek Stekiel
0586f4c4ea Make salt mandatory for HKDF-EXTRACT + adapt tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-06 11:25:43 +02:00
Jerry Yu
6994e3e0c2 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-06 11:50:49 +08:00
Przemek Stekiel
0e99391afe derive_output test: fix output key bit length 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-03 16:18:15 +02:00
Przemek Stekiel
3e8249cde0 Add PSA_WANT_ALG_HKDF_EXPAND, PSA_WANT_ALG_HKDF_EXTRACT, adapt code and dependencies 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-03 16:18:15 +02:00
Przemek Stekiel
f0f0bd068b test_suite_psa_crypto_metadata: add test cases for the HKDF-Extract/Expand algorithms 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-03 16:18:15 +02:00
XiaokangQian
129aeb9b0e Update test cases and support sni ca override 
Change-Id: I6052acde0b0ec1c25537f8dd81a35562da05a393
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-02 09:29:18 +00:00
Werner Lewis
acd01e58a3 Use ASN1 UTC tags for dates before 2000 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-01 16:24:28 +01:00
Jerry Yu
f2d32e6c3d fix tls13_only test fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-01 18:05:18 +08:00
Thomas Daubney
3ff4fc6997 Add test data 
Add two test cases for accessor test. One test where desired
ext type is presentent and the other of when the ext type is
not present.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-06-01 10:23:50 +01:00
Thomas Daubney
bd5466ab7e Add test for accessor 
Add test logic for accessor.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-06-01 10:23:50 +01:00
Jerry Yu
7bf3358a2d Remove duplicated tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-01 16:55:17 +08:00
Jerry Yu
1443537da3 fix test fail when WANT_READ/WRITE returned 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-01 15:53:31 +08:00
XiaokangQian
f4f0f6961a Enable requires_openssl_tls1_3 in sni test cases 
Change-Id: I71fbabe0b2ff80d5f1f15ae7df2b048503ccf965
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-06-01 00:42:27 +00:00
XiaokangQian
ac41edfc5e Enable requires_gnutls_tls1_3 in sni test cases 
Change-Id: Iea18f4e6a6b4c6b90612b43a5bcd396cdd506335
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-31 13:22:13 +00:00
Jerry Yu
66537f40b6 fix certificate request fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 19:53:05 +08:00
Jerry Yu
1e7c438b67 remove tls1.3 dependancy 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 19:51:38 +08:00
Gilles Peskine
09858ae664
Merge pull request #5813 from mprse/deprecate_mbedtls_cipher_setup_psa 
Deprecate mbedtls_cipher_setup_psa()
 2022-05-31 10:56:52 +02:00
XiaokangQian
2ccd97b8ef Change test case name to sni 
Change-Id: I8f6e68deab71cc49741cbdf233cf876e29683db9
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-31 08:30:17 +00:00
Jerry Yu
66adf3155c Update comments 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 15:23:29 +08:00
Jerry Yu
df0a71a0b0 Add handshake version test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 15:06:04 +08:00
Jerry Yu
b3d86de3ea fix hanshake wrapup fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 15:06:04 +08:00
Jerry Yu
df65b66003 Add handshake over test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 15:06:04 +08:00
Jerry Yu
85e5c81c37 fix check test cases fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 15:06:04 +08:00
Jerry Yu
d9d049d180 revert dbg config 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 15:06:04 +08:00
Jerry Yu
d8c57feaf9 Add moving state test for TLS1.3 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 15:06:04 +08:00
Jerry Yu
023ff7acb1 Move dependes_on of move handshakes state 
Prepare share move_handshake_state function with
TLSv1.3

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 15:06:04 +08:00
XiaokangQian
d5d5b60c07 Add comprehensive test cases for TLS1.3 server side 
Change-Id: I544cb12b3ffe5edd7d59fa54342ca7db5b5c8a2a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-31 02:51:26 +00:00
XiaokangQian
f2a942073e Fix SNI test failure 
Change-Id: Id3fce36af9bc52cac858b473168451945aa974f4
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-30 08:07:16 +00:00
XiaokangQian
40a3523eb7 Add support of server name extension to server side 
Change-Id: Iccf5017e306ba6ead2e1026a29f397ead084cc4d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-30 08:07:16 +00:00
XiaokangQian
9a4e1dd8a6 Add back openssl client auth test 
Change-Id: Iea3b70381c3851102c542d1c55c0303bc3a14a92
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:58:11 +00:00
XiaokangQian
aca9048b5f Change base on review 
Fix comments
Add test cases for client authentication with empty certificate

Change-Id: Id8a741ddd997ca92e36832f26088eb0e67830ad8
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:47:11 +00:00
XiaokangQian
c3017f620f Remove useless guards and refine checking 
Change-Id: I9cd3073826fc65c203e479d83bed72331ff8963d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:47:10 +00:00
XiaokangQian
189ded2b07 Remove coordinate functions and change state machine in server side 
Change-Id: Id4abf78f493e77afc289409db691c9c61acde1d2
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:46:13 +00:00
Paul Elliott
8fba70f66c
Merge pull request #5749 from yuhaoth/pr/add-tls13-finished-message-and-wrapup 
TLS 1.3: Add Finished Message and wrapup
 2022-05-25 12:02:06 +01:00
Jerry Yu
5491f857d2 skip openssl client auth test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-23 22:36:16 +08:00
Jerry Yu
090378c685 change exit code of cli auth test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-23 21:03:52 +08:00
Manuel Pégourié-Gonnard
69e348db85
Merge pull request #5833 from superna9999/5826-create-mbedtls-pk-can-do-psa 
Permissions 1: create `mbedtls_pk_can_do_ext()`
 2022-05-23 10:58:32 +02:00
Jerry Yu
7eaadae941 fix no x509 info fail. 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-23 16:17:25 +08:00
Neil Armstrong
c661ff51c9 Fix pk_can_do_ext tests with non-opaque keys 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 09:49:04 +02:00
Neil Armstrong
5c5b116a49 Add pk_can_do_ext test for non-opaque keys 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-19 18:07:53 +02:00
Paul Elliott
4283a6b121
Merge pull request #5736 from gilles-peskine-arm/psa-raw_key_agreement-buffer_too_small 
Make psa_raw_key_agreement return BUFFER_TOO_SMALL
 2022-05-19 16:06:02 +01:00
Przemek Stekiel
476d9c45b8 Use MBEDTLS_TEST_DEPRECATED only in tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-05-19 14:11:06 +02:00
Przemek Stekiel
fcdd023ba6 derive_output tests: add invalid input secret test for HKDF-Expand 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-05-19 10:28:58 +02:00
Manuel Pégourié-Gonnard
6ab65e28cf
Merge pull request #5842 from mprse/decrypt_tests 
RSA decrypt 2: TLS 1.2 integration testing
 2022-05-18 12:58:50 +02:00
Jerry Yu
36becb1b81 update hrr tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-18 09:58:48 +08:00
Jerry Yu
a7abc5eaa8 fix ci test fails 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-18 09:58:48 +08:00
Jerry Yu
155493d4f5 fix openssl test fail. 
different version openssl client return
different output. remove string check
to workaround it

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-18 09:58:48 +08:00
Jerry Yu
6622049bcc test:add state check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-18 09:58:48 +08:00
Jerry Yu
4d8567fa9e fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-18 09:58:48 +08:00
Gilles Peskine
42ed963c72 Update PSA compliance test branch 
Update to a branch with a fix for the test case
"expected error for psa_raw_key_agreement - Small buffer size"
since we just fixed the corresponding bug.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-05-17 17:23:09 +02:00
Paul Elliott
a478441517
Merge pull request #5748 from yuhaoth/pr/add-tls13-write-certificate-and-verify 
TLS1.3:Add Certificate and CertificateVerify message on Server Side
 2022-05-17 15:47:36 +01:00
Neil Armstrong
8eb0afb726 Remove duplicate pk_can_do_ext test 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-17 14:58:11 +02:00