Commit graph

1044 commits

Author SHA1 Message Date
Ronald Cron
c564938180 Add downgrade protection mechanism
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:32:05 +02:00
Ronald Cron
1a353ea4b8 ssl-opt.sh: Improve description of server negotiation tests
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
d120bd646c ssl-opt.sh: Add version selection by the server tests
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
50ae84ed97 ssl-opt.sh: Remove some unnecessary forcing of TLS 1.3
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
097ba146e7 tls: srv: Set hybrid TLS 1.2/1.3 as default configuration
Set hybrid TLS 1.2/1.3 as default server
configuration if both TLS 1.2 and TLS 1.3
are enabled at build time.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
f95d169d60 ssl-opt.sh: Force TLS 1.2 on TLS 1.2 specific tests
Force TLS 1.2 on TLS 1.2 specific tests in
preparation of TLS 1.3 being the default
protocol version when both TLS 1.2 and
TLS 1.3 are enabled.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:17 +02:00
Ronald Cron
fd4c6afcb4 ssl-opt.sh: Force TLS 1.2 version
Force TLS 1.2 version on tests related to
MBEDTLS_SSL_ASYNC_PRIVATE, CA callback and
MBEDTLS_SSL_MAX_FRAGMENT_LENGTH. Those
SSL options are not supported in TLS 1.3
for the time being. Thus force TLS 1.2
version in preparation of TLS 1.3 being
the default protocol version when both
TLS 1.2 and TLS 1.3 are enabled.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:17 +02:00
Ronald Cron
92dca39196 ssl-opt.sh: Extend scope of some tests to TLS 1.3
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:17 +02:00
Ronald Cron
0aa1b8843f ssl-opt.sh: Remove unnecessary explicit MBEDTLS_SSL_PROTO_TLS1_2 dep
Remove unnecessary explicit MBEDTLS_SSL_PROTO_TLS1_2
dependency if TLS 1.2 version is forced or a TLS 1.2
cipher suite is forced (as TLS 1.2 cipher suites are
available if and only if TLS 1.2 is enabled and
cipher suite availability is check automatically).

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:17 +02:00
Ronald Cron
65f9029741 ssl-opt.sh: Remove unnecessary TLS 1.3 forcing on client side
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:17 +02:00
Ronald Cron
c341ad717e ssl-opt.sh: Remove dummy TLS 1.3 kex modes tests
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:17 +02:00
Paul Elliott
d01a3bca05 Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback
Mbed TLS 3.4.0
2023-03-27 18:09:49 +01:00
Paul Elliott
f1eb5e2a04 Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-21 15:35:17 +00:00
Valerio Setti
2f8eb62946 ssl-opt: remove leftover debug commands and fix comment
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-20 14:02:07 +01:00
Valerio Setti
6ba247c236 ssl-opt: solve errors in ECDH reference tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-20 14:00:51 +01:00
Dave Rodgman
0e2b06a1ce
Merge pull request #7083 from KloolK/record-size-limit/parsing
Add parsing for Record Size Limit extension in TLS 1.3
2023-03-17 10:18:34 +00:00
Paul Elliott
646ee7ec2e Fix CI build after repo merge conflict
After merging the driver only ECDSA work, a conflict arose between that and
the previous work re-ordering the ciphersuite preference list. We can remove
the breaking requirement on this test, as this requirement is now auto-detected
when the server5 crt is used in the server's command line.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-16 17:10:34 +00:00
Gilles Peskine
2a44ac245f
Merge pull request #7217 from lpy4105/issue/6840/add-cache-entry-removal-api
ssl_cache: Add cache entry removal api
2023-03-15 15:38:06 +01:00
Jan Bruckner
151f64283f Add parsing for Record Size Limit extension in TLS 1.3
Fixes #7007

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-03-14 08:41:25 +01:00
Paul Elliott
e4622a3436 Merge remote-tracking branch 'development/development' into development-restricted
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-13 17:49:32 +00:00
Valerio Setti
e7f896d73f fix extra whitespaces
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-13 13:55:28 +01:00
Valerio Setti
80318d2775 ssl-opt: automatically detect requirements when using certs in dir-maxpath
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-13 12:26:42 +01:00
Valerio Setti
77588e9451 ssl-opt: uniformize requirements in tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-13 12:00:10 +01:00
Pengyu Lv
62ed1aa316 ssl-opt: Add test for cache entry removal
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-03-13 09:28:17 +08:00
valerio
f27472b128 ssl-opt: enable test and fix failures for reference ECDH + USE_PSA"
Signed-off-by: valerio <valerio.setti@nordicsemi.no>
2023-03-09 16:20:38 +01:00
Valerio Setti
1470ce3eba fix typos
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 16:50:12 +01:00
Valerio Setti
ccfad9ae0e ssl-opt: remove remaining redundant dependencies
There were some dependencies that are now automatically satisfied by the
detect_required_features() function.

After this check there should be no redundant requirement for:
- requires_pk_alg "ECDSA"
- requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT
- requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 10:25:05 +01:00
Valerio Setti
3b2c02821e ssl-opt: return to previous debug level in test
This was a leftover from some debug activity that unfortunately ended up
in previous commits.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 10:22:29 +01:00
Valerio Setti
213c4eae3a ssl-opt: enhance comment for get_tls_version() function
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-07 19:29:57 +01:00
Valerio Setti
194e2bdb6a fix typos
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-02 17:18:10 +01:00
Ronald Cron
7dc4130210 Improve GnuTLS client priority for resumption basic check
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-24 12:10:09 +01:00
Valerio Setti
1af76d119d ssl-opt: automatically detect requirements from the specified certificates
This moslty focus on tests using "server5*" cerificate. Several cases
are taken into account depending on:
- TLS version (1.2 or 1.3)
- server or client roles

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-23 16:55:59 +01:00
Valerio Setti
3f2309fea6 ssl-opt: remove redundant requires_config_enabled when force_ciphersuite is set
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-23 13:47:30 +01:00
Ronald Cron
1aa6e8d6e9 Restore same PSK length enforcement
Restore same PSK length enforcement in
conf_psk and set_hs_psk, whether the
negotiated protocol is TLS 1.2 or TLS 1.3.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-23 09:48:50 +01:00
Valerio Setti
d1f991c879 ssl-opt: fix required configs in ECDSA related tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-23 09:31:41 +01:00
Ronald Cron
d89360b87b Fix and improve documentation, comments and logs
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-21 14:57:25 +01:00
Ronald Cron
4bb6773640 tls13: Apply same preference rules for ciphersuites as for TLS 1.2
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-20 11:42:19 +01:00
Ronald Cron
b18c67af5f tls13: ssl-opt.sh: Add test of default crypto algo
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-20 11:42:19 +01:00
Ronald Cron
0a1c504156 tls13: Fix session resumption with 384 bits PSKs
MBEDTLS_PSK_MAX_LEN main purpose is to determine
a miximum size for the TLS 1.2 pre-master secret.

This is not relevant to TLS 1.3 thus disable in
TLS 1.3 case the check against MBEDTLS_PSK_MAX_LEN
when setting during the handshake the PSK through
mbedtls_ssl_set_hs_psk(). This fixes the session
resumption with 384 bits PSKs when MBEDTLS_PSK_MAX_LEN
is smaller than that.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-20 11:42:19 +01:00
Ronald Cron
25e9ec61f0 tls13: server: Select preferred cipher suite
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-20 11:42:19 +01:00
Jan Bruckner
aa31b19395 Extend test framework for Record Size Limit Extension
Fixes #7006

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-02-06 12:54:29 +01:00
Tom Cosgrove
fc0e79e70f Have compat.sh and ssl-opt.sh not return success for > 255 errors
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-01-13 12:13:41 +00:00
Ronald Cron
83c5ad4873
Merge pull request #6787 from yuhaoth/pr/workaround-gnutls_anti_replay_fail
TLS 1.3: EarlyData: Workaround anti replay fail from GnuTLS
2023-01-11 09:05:36 +01:00
Gilles Peskine
3900bddd77
Merge pull request #6823 from mpg/unify-openssl-variables
Use OPENSSL everywhere, not OPENSSL_CMD
2023-01-10 22:10:19 +01:00
Jerry Yu
a15af37867 Change time resolution of reco_delay from second to millionseconds
Per gnutls anti replay issue, it needs millionsecond time delay for
improve the fail rate.

From test result of #6712, this can improve the fail rate from 4%
to 92%.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-01-07 13:01:42 +08:00
Gilles Peskine
cd0a565644
Merge pull request #6703 from yuhaoth/pr/tls13-misc-from-prototype
TLS 1.3: Upstream misc fix from prototype
2023-01-05 14:35:54 +01:00
Manuel Pégourié-Gonnard
c572246fa5 Use OPENSSL everywhere, not OPENSSL_CMD
These variables were both uses to select the default version of OpenSSL
to use for tests:
- when running compat.sh or ssl-opt.sh directly, OPENSSL_CMD was used;
- when running all.sh, OPENSSL was used.

This caused surprising situations if you had one but not the other set
in your environment. For example I used to have OPENSSL_CMD set but not
OPENSSL, so ssl-opt.sh was failing in some all.sh components but passing
when I ran it manually in the same configuration and build, a rather
unpleasant experience.

The natural name would be OPENSSL, and that's what set in the Docker
images used by the CI. However back in the 1.3.x days, that name was
already used in library/Makefile, so it was preferable to pick a
different one, hence OPENSSL_CMD. However the build system has not been
using this name since at least Mbed TLS 2.0.0, so it's now free for use
again (as demonstrated by the fact that it's been set in the CI without
causing any trouble).

So, unify things and use OPENSSL everywhere. Just leave an error message
for the benefit of developers which might have OPENSSL_CMD, not OPENSSL,
set in their environment from the old days.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-19 11:42:12 +01:00
Gilles Peskine
d1dd41f3fc
Merge pull request #6723 from mpg/restartable-vs-use-psa
Document ECP_RESTARTABLE and make it compatible with USE_PSA
2022-12-15 19:47:44 +01:00
Manuel Pégourié-Gonnard
c98624af3c
Merge pull request #6680 from valeriosetti/issue6599
Allow isolation of EC J-PAKE password when used in TLS
2022-12-14 11:04:33 +01:00
Manuel Pégourié-Gonnard
55a188b420 Clarify the "restart vs use PSA" situation in TLS
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:33 +01:00