Ronald Cron
ba65fbbe30
Fix comments
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-06-22 17:36:12 +02:00
Ronald Cron
d28f5a98f1
ssl-opt.sh: Add certificate key usage tests for TLS 1.3
...
Those are adaptations of the already existing
TLS 1.2 tests. It is not really possible to just
remove the TLS 1.2 dependency of the existing tests
because of the following:
. in TLS 1.3 the ciphersuite selection on server
side is not related to the server certificate
. for tests involving OpenSSL the OpenSSL command line
as to be adapted to TLS 1.3
. server authentication is mandatory in TLS 1.3
. a key with KeyEncipherment and not DigitalSignature
usage is never acceptable
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-06-17 08:46:27 +02:00
Ronald Cron
4ccd226cbf
Merge pull request #5864 from xkqian/tls13_add_comprehensive_cases
...
Tls13 add comprehensive cases
2022-06-15 09:18:11 +02:00
Jerry Yu
b7c12a466f
Refactor compat scripts
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-06-12 20:53:02 +08:00
XiaokangQian
fb1a3fe7f3
Address comments about python syntax
...
CustomizedGitHooks: yes
Change-Id: I5c4d39789df802d0b839061ce8c59ad241917d0b
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-06-10 02:27:52 +00:00
XiaokangQian
b1847a234e
Re-structure to share more common code
...
Change-Id: I5034485f7511238d083c2725fbef8818d33ffb07
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-06-09 02:53:23 +00:00
Andrzej Kurek
140b589ec6
Fix a bug with executing ssl-client2 in ssl-opt.sh in a subshell
...
When executing eval in the background, the next "$!" gives the
eval PID, not the ssl-client2 pid. This causes problems when
a client times out and the script tries to kill it. Instead, it
kills the parent eval call.
This caused problems with subsequent proxy tests receiving
old packets from a client from a previous test.
Moving the "&" to inside the eval call fixes the problem.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-06-06 15:02:36 -04:00
XiaokangQian
d5d5b60c07
Add comprehensive test cases for TLS1.3 server side
...
Change-Id: I544cb12b3ffe5edd7d59fa54342ca7db5b5c8a2a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-05-31 02:51:26 +00:00
XiaokangQian
9a4e1dd8a6
Add back openssl client auth test
...
Change-Id: Iea3b70381c3851102c542d1c55c0303bc3a14a92
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-05-26 00:58:11 +00:00
XiaokangQian
aca9048b5f
Change base on review
...
Fix comments
Add test cases for client authentication with empty certificate
Change-Id: Id8a741ddd997ca92e36832f26088eb0e67830ad8
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-05-26 00:47:11 +00:00
XiaokangQian
c3017f620f
Remove useless guards and refine checking
...
Change-Id: I9cd3073826fc65c203e479d83bed72331ff8963d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-05-26 00:47:10 +00:00
XiaokangQian
189ded2b07
Remove coordinate functions and change state machine in server side
...
Change-Id: Id4abf78f493e77afc289409db691c9c61acde1d2
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-05-26 00:46:13 +00:00
Paul Elliott
8fba70f66c
Merge pull request #5749 from yuhaoth/pr/add-tls13-finished-message-and-wrapup
...
TLS 1.3: Add Finished Message and wrapup
2022-05-25 12:02:06 +01:00
Jerry Yu
5491f857d2
skip openssl client auth test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-23 22:36:16 +08:00
Jerry Yu
090378c685
change exit code of cli auth test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-23 21:03:52 +08:00
Jerry Yu
7eaadae941
fix no x509 info fail.
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-23 16:17:25 +08:00
Manuel Pégourié-Gonnard
6ab65e28cf
Merge pull request #5842 from mprse/decrypt_tests
...
RSA decrypt 2: TLS 1.2 integration testing
2022-05-18 12:58:50 +02:00
Jerry Yu
36becb1b81
update hrr tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-18 09:58:48 +08:00
Jerry Yu
a7abc5eaa8
fix ci test fails
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-18 09:58:48 +08:00
Jerry Yu
155493d4f5
fix openssl test fail.
...
different version openssl client return
different output. remove string check
to workaround it
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-18 09:58:48 +08:00
Jerry Yu
6622049bcc
test:add state check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-18 09:58:48 +08:00
Jerry Yu
4d8567fa9e
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-18 09:58:48 +08:00
Paul Elliott
a478441517
Merge pull request #5748 from yuhaoth/pr/add-tls13-write-certificate-and-verify
...
TLS1.3:Add Certificate and CertificateVerify message on Server Side
2022-05-17 15:47:36 +01:00
Przemek Stekiel
8da6da3da2
ssl-opt.sh: add test of RSA Opaque keys with TLS 1.2 server for decryption
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-16 14:37:50 +02:00
Jerry Yu
b89125b81a
Add test without server certificate
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-13 15:50:04 +08:00
Jerry Yu
c450566b85
Update client auth tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 14:44:59 +08:00
Jerry Yu
c8bdbf72d3
test:add state check for certificate and verify
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-12 14:44:59 +08:00
Andrzej Kurek
5c65c5781f
Fix additional misspellings found by codespell
...
Remaining hits seem to be hex data, certificates,
and other miscellaneous exceptions.
List generated by running codespell -w -L
keypair,Keypair,KeyPair,keyPair,ciph,nd
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-05-11 21:25:54 +01:00
Shaun Case
8b0ecbccf4
Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.
...
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:51 +01:00
Paul Elliott
d1a954d243
Merge pull request #5707 from yuhaoth/pr/add-tls13-write-hello-retry-request
...
TLS1.3: Add HelloRetryRequest Write
2022-05-10 17:25:33 +01:00
Manuel Pégourié-Gonnard
9bbb7bacae
Merge pull request #5791 from superna9999/5788-unify-non-opaque-and-opaque-psks
...
Unify non-opaque and opaque PSKs
2022-05-09 10:15:16 +02:00
Jerry Yu
ede50ea891
move hrr tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-09 15:49:09 +08:00
XiaokangQian
a987e1d2f8
Change state machine after encrypted extension and update cases
...
Change-Id: Ie84a2d52a08538afb8f6096af0c054bd55ed66cb
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-05-07 01:37:04 +00:00
XiaokangQian
45c22201b3
Update test cases and encrypted extension state set
...
Change-Id: Ie1acd10b61cefa9414169b276a0c5c5ff2f9eb79
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-05-07 01:37:04 +00:00
XiaokangQian
2f150e184f
Update status and add test cases for client certificate request
...
Change-Id: If9b9672540d2b427496b7297aa484b8bcfeb75c5
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-05-07 01:37:04 +00:00
Ronald Cron
25b1f5d2b7
Merge pull request #5545 from xffbai/tls13-write-enc-ext
...
TLS1.3: add writing encrypted extensions on server side.
2022-05-06 13:54:45 +02:00
Neil Armstrong
cd05f0b9e5
Drop skip PMS generation for opaque XXX-PSK now Opaque PSA key is always present when MBEDTLS_USE_PSA_CRYPTO selected
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-04 11:08:41 +02:00
Jerry Yu
7c0da07445
Update state check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-03 15:08:54 +08:00
Manuel Pégourié-Gonnard
67397fa4fd
Merge pull request #5704 from mprse/mixed_psk_2cx
...
Mixed PSK 2a, 2b, 2c: enable client/server support opaque RSA-PSK, ECDHE-PSK, DHE-PSK
2022-04-29 10:47:16 +02:00
Gilles Peskine
4098083ed4
Merge pull request #5745 from superna9999/5712-pk-opaque-rsa-pss-sign-tls
...
RSA-PSS sign 2: TLS 1.3 integration testing
2022-04-28 18:16:44 +02:00
Manuel Pégourié-Gonnard
ad47487e25
Merge pull request #5742 from superna9999/5669-review-test-incompatible-psa
...
Fixup or re-enable tests with Use PSA
2022-04-28 09:57:13 +02:00
Jerry Yu
cef55dbd6a
ssl-opt: add state check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-25 19:41:47 +08:00
Jerry Yu
955ddd75a3
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 22:27:33 +08:00
Przemek Stekiel
85d46fe6cf
ssl-opt.sh: add tests for clent/server psa opaque dhe-psk key exchange
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:54:33 +02:00
Przemek Stekiel
b6a0503dda
ssl-opt.sh: add tests for clent/server psa opaque ecdhe-psk key exchange
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:53:55 +02:00
Przemek Stekiel
b270b56372
ssl-opt.sh: add tests for server psa opaque rsa-psk key exchange
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:52:28 +02:00
Przemek Stekiel
8e0495e0f4
ssl-opt.sh: add tests for client psa opaque rsa-psk key exchange
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:52:28 +02:00
Jerry Yu
8b9fd374b8
Add P_CLI test to easy debug
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Jerry Yu
abf20c7564
add state check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Ronald Cron
38b8aa4f63
Merge pull request #5539 from xkqian/add_client_hello_to_server
...
Add client hello into server side
2022-04-22 10:26:00 +02:00