Commit graph

185 commits

Author SHA1 Message Date
Valerio Setti
2c12185b88 test: fix dependencies on function and data files
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2023-01-09 18:00:39 +01:00
Valerio Setti
73260b6e65 test: extend test_suite_ssl for testing new functions
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2023-01-03 16:05:02 +01:00
Manuel Pégourié-Gonnard
c98624af3c
Merge pull request #6680 from valeriosetti/issue6599
Allow isolation of EC J-PAKE password when used in TLS
2022-12-14 11:04:33 +01:00
Dave Rodgman
1fe45295d7
Merge pull request #6685 from gilles-peskine-arm/valgrind-cf-skip-tests
Rationalize Valgrind tests
2022-12-06 18:39:32 +00:00
Valerio Setti
e7518ba28e test: pake: reshaping the ssl_ecjpake_set_password()
Removed the "error injection" strategy. Now the functions checks
for all the errors in a row.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-02 12:09:43 +01:00
Valerio Setti
4452e98ec1 test: pake: add tests for set password functions
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-01 15:08:35 +01:00
Gilles Peskine
3ffd6bce81 Create a separate test suite for constant-time functions
This is the first step in arranging that functions from constant_time.c are
tested in test_suite_constant_time.function.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-29 15:44:21 +01:00
Gilles Peskine
77e68c3176 Move constant-time HMAC testing to its own suite
These are very CPU-intensive, so make it easy to skip them. And conversely,
make it easy to run them without the growing body of SSL tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-29 15:42:36 +01:00
Aditya Deshpande
d1b72a7b83 Merge branch 'development' into driver-wrapper-key-agreement 2022-11-07 17:36:23 +00:00
Aditya Deshpande
ec6bb5879a Disabled tests in test_suite_ssl that won't work without builtin ECDH
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2022-11-07 17:11:48 +00:00
Ronald Cron
928cbd34e7 tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard
code specific to the TLS 1.3 ephemeral key exchange mode.

Use it also for the dependencies of TLS 1.3 only tests
relying on ephemeral key exchange mode, but for
tests in tls13-kex-modes.sh where the change is done
later using all
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-22 14:42:04 +02:00
Ronald Cron
f64cc03b09 tests: ssl: Add missing dependencies on certificate based handshake
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-21 14:47:00 +02:00
Ronald Cron
457fb7a523 tests: ssl: Fix ciphersuite identifier
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-10-21 14:44:45 +02:00
Andrzej Kurek
658442fe78 Remove unnecessary ECP_C dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
e5a5cc1944 Remove the dependency of tls1_3 key evolution tests on curve25519
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
daf43fbe21 Move the location of MBEDTLS_ECP_C dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:09 -04:00
Andrzej Kurek
e64bd43495 Add missing ECP and ECDH dependencies in ssl test suites
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
8e44139ca0 Add missing CURVE25519 requirements to TLS 1.3 tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
e38b788b79 Add missing key exchange dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
90e8204476 Add missing SHA256 and ECDSA_C dependencies in test_suite_ssl
Most of the tests (including those using endpoint_init functions) parse
certificates that require MBEDTLS_SHA256_C to be present.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
f502bcb13e Fix missing AES dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-19 08:35:08 -04:00
Andrzej Kurek
7bb8bab457 Update SHA and MD5 dependencies in the SSL tests
The same elements are now also used when MBEDTLS_USE_PSA_CRYPTO
is defined and respective SHA / MD5 defines are missing.
A new set of macros added in #6065 is used to reflect these dependencies.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-22 17:46:50 -04:00
Jerry Yu
bc7c1a4260 fix typo/format/name issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:09:40 +08:00
Jerry Yu
f092629997 Add save load test for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
a180f99a55 Add load-save tests for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
1ac476cc1e Add save buf size test for tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
6e8fec2908 add session serialization load buf
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
534ff400d4 Add serialize_version_check for tls13
Add population session also

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
a357cf4d4c Rename new_session_ticket state
Both client and server side use
`MBEDTLS_SSL_NEW_SESSION_TICKET` now

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Ronald Cron
ce7d76e2ee Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr 2022-07-11 10:22:37 +02:00
Andrzej Kurek
514683abdc Add a test with a bad session_id_len that makes cache setting fail
Force a bad session_id_len before handshake wrapup. This should
result in a forced jump to a clean up of a serialized session.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-07-04 10:18:29 -04:00
Manuel Pégourié-Gonnard
4d7af2aee0
Merge pull request #5835 from superna9999/5831-tls-1-2-ciphersuite-selection
Permissions 2a: TLS 1.2 ciphersuite selection
2022-07-04 12:37:02 +02:00
Neil Armstrong
6931e439e4 Fix Handshake select ECDH-RSA- test dependencies
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-07-01 18:30:10 +02:00
Neil Armstrong
b2c3b5be2d Fix depends on handshake_ciphersuite_select tests
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-06-30 10:49:04 +02:00
Neil Armstrong
db13497490 Reorganize & add more handshake_ciphersuite_select to test all MBEDTLS_KEY_EXCHANGE_XXX cases
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-06-30 09:06:28 +02:00
Jerry Yu
a0bb906c9f fix handshake_version test fail.
when both tls13 and tls12 are enabled, the
test will fail.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-06-29 16:16:09 +08:00
Neil Armstrong
2407279fa4 Add tests with specific hash for handshake_ciphersuite_select positive tests
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-06-28 18:12:17 +02:00
Neil Armstrong
8c52ed8d1e Add negative testing of ciphersuite selection using Opaque algs & usage
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-06-28 18:12:17 +02:00
Ronald Cron
e3dac4aaa1 tls13: Add Certificate msg parsing tests with invalid vector lengths
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-06-27 09:28:42 +02:00
Przemek Stekiel
0c9e74bd55 Remove mbedtls_psa_hkdf_expand() and mbedtls_psa_hkdf_extract() tests
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-21 07:22:33 +02:00
Gilles Peskine
e0469b5908
Merge pull request #931 from AndrzejKurek/clihlo_cookie_pxy_fix
Add a client hello cookie_len overflow test
2022-06-20 19:35:54 +02:00
Andrzej Kurek
ca35f5bed0 test_suite_ssl: Use a zero fragment offset in a test with a too short record
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-06-15 07:19:40 -04:00
Ronald Cron
00e5eaad62 test: ssl: Remove more TLS 1.2 dependencies in handshake state tests
That way the concerned tests are also run in the
TLS 1.3 only configuration where a TLS 1.3
handshake is performed.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-06-07 11:14:01 +02:00
Ronald Cron
bdddaef9bb test: ssl: Enable client authentication in handshake state tests
The endpoint initialization function was setting up
a certificate but the client certificate was not
used because client authentication was not enabled
(not enabled in the default SSL server configuration).

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-06-07 11:13:49 +02:00
Andrzej Kurek
cfb01948c8 Add cookie parsing tests to test_suite_ssl
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-06-06 15:29:15 -04:00
Jerry Yu
6994e3e0c2 fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-06-06 11:50:49 +08:00
Jerry Yu
f2d32e6c3d fix tls13_only test fail
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-06-01 18:05:18 +08:00
Jerry Yu
7bf3358a2d Remove duplicated tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-06-01 16:55:17 +08:00
Jerry Yu
66537f40b6 fix certificate request fail
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-31 19:53:05 +08:00
Jerry Yu
1e7c438b67 remove tls1.3 dependancy
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-31 19:51:38 +08:00