mbedtls

Author	SHA1	Message	Date
Gilles Peskine	c6d197b68a	ssl-opt needs debug messages Many test cases in ssl-opt.sh need error messages (MBEDTLS_ERROR_C) or SSL traces (MBEDTLS_DEBUG_C). Some sample configurations don't include these options. When running ssl-opt.sh on those configurations, enable the required options. They must be listed in the config*.h file, commented out. Run ssl-opt in the following configurations with debug options: ccm-psk-tls1_2, ccm-psk-dtls1_2, suite-b. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-25 21:22:25 +01:00
Gilles Peskine	6e86e54abb	Adapt tests for PSK in PSK-only builds In a PSK-only build: * Skip tests that rely on a specific non-PSK cipher suite. * Skip tests that exercise a certificate authentication feature. * Pass a pre-shared key in tests that don't mind the key exchange type. This commit only considers PSK-only builds vs builds with certificates. It does not aim to do something useful for builds with an asymmetric key exchange and a pre-shared key for authentication. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-25 21:06:21 +01:00
Gilles Peskine	2fe796f1b7	Add some missing dependencies: EXTENDED_MASTER_SECRET, CACHE This commit is not necessarily complete, but it's a step forward. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-25 21:06:21 +01:00
Gilles Peskine	3561526249	Only run "Default" tests if the expected ciphersuite is enabled These tests ensure that a certain cipher suite is in use, so they fail in builds that lack one of the corresponding algorithms. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-25 21:06:21 +01:00
Gilles Peskine	a165b5ced6	Automatically skip tests for some absent features: tickets, ALPN Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-25 21:06:21 +01:00
Gilles Peskine	82a4ab2486	ssl-opt: automatically skip DTLS tests in builds without DTLS Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-25 21:06:21 +01:00
Gilles Peskine	168f17c233	New sample/test configuration: small DTLS 1.2 1. Copy config-ccm-psk-tls1_2.h 2. Add DTLS support 3. Add some TLS and DTLS features that are useful in low-bandwidth, low-reliability networks 4. Reduce the SSL buffer to a very small size Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-25 21:06:11 +01:00
Ronald Cron	4579a972bf	Merge pull request #5426 from gilles-peskine-arm/ssl-get-version-3.1 Add accessors to mbedtls_ssl_context: user data, version ABI-API-checking fails which was expected as this PR adds a new field in mbedtls_ssl_context and mbedtls_ssl_config.	2022-02-21 17:03:24 +01:00
Manuel Pégourié-Gonnard	e3a2dd787e	Merge pull request #5521 from AndrzejKurek/rsa-pss-use-psa Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO	2022-02-21 16:58:57 +01:00
Gilles Peskine	860429f8af	Add version number debug check to the GnuTLS interop test as well Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:02 +01:00
Gilles Peskine	49d7ddf7f3	Serializing a context does not save the user data The user data is typically a pointer to a data structure or a handle which may no longer be valid after the session is restored. If the user data needs to be preserved, let the application do it. This way, it is a conscious decision for the application to save/restore either the pointer/handle itself or the object it refers to. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	80dae04f24	Make user_data fields private Add accessor functions. Add unit tests for the accessor functions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	c63a1e0e15	Fix mbedtls_ssl_get_version() for TLSv1.3 Test it in ssl-opt.sh. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	1255b0de98	Positive unit testing for SSL context version functions Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Paul Elliott	436b72690d	Merge pull request #5362 from yuhaoth/pr/enable-tls13-only-build TLS1.3:Enable tls13 only build	2022-02-21 11:22:37 +00:00
Manuel Pégourié-Gonnard	9b545c04f7	Merge pull request #5520 from gabor-mezei-arm/5402_implement_hkdf_expand_based_on_psa_hmac HKDF 1b: Implement Expand in TLS 1.3 based on PSA HMAC	2022-02-21 09:30:31 +01:00
Jerry Yu	baa4934e7b	Add check tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	53d23e2c95	Guards tls_prf functions with TLS1_2 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	6331909d12	remove ifndef guard Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	81d5e1feca	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	da5af22015	tls13_only: add tls13_only test component Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	ab08290c09	tls13_only: skip tls12 tests. TLS1.2 test depends on MBEDTLS_SSL_PROTO_TLS1_2. Skip them if it is not set Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	8a497205cc	tls13_only: tls 1.3 suite pass Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	c10f6b4735	tls13_only: simple test pass Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Gabor Mezei	cbe5ba500a	Add tests for mbedtls_psa_hkdf_expand Add test cases which test psa_import_key and psa_mac_sign_setup function call if they return error. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-17 17:01:49 +01:00
Gabor Mezei	8e3602569b	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-17 11:50:02 +01:00
Manuel Pégourié-Gonnard	4fa604cc3b	Merge pull request #5511 from SiliconLabs/feature/PSEC-3195-PSA-test-suites-NOT-using-UID-0 feat: Update test_suite_psa_its to NOT use UID=0	2022-02-17 11:49:33 +01:00
Manuel Pégourié-Gonnard	3d1f8b9c00	Merge pull request #5532 from ronald-cron-arm/tls13_and_use_psa_crypto Make TLS 1.3 compatible with MBEDTLS_USE_PSA_CRYPTO	2022-02-16 17:33:47 +01:00
Andrzej Kurek	32048a6d92	pk_verify_ext: introduce more tests for signature length mismatches Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-16 06:17:00 -05:00
Gabor Mezei	d917081b8b	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-15 16:25:27 +01:00
Gabor Mezei	7381242748	Use PSA_INIT() Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-15 16:24:58 +01:00
Andrzej Kurek	8666df6f18	Add signature length mismatch handling when using PSA in pk_verify_ext Introduce a regression test for that too. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-15 08:23:02 -05:00
Ronald Cron	a7a1deabf8	Merge pull request #5393 from gilles-peskine-arm/opt-testcases-outcomes-fix Fix test suite name reporting of opt-testcases/tls13-compat.sh	2022-02-15 13:53:10 +01:00
Andrzej Kurek	853ad7bfcf	Use macros in tests for PSA init/deinit routines Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-15 07:13:03 -05:00
Ronald Cron	135427cb35	Run TLS 1.3 tests when MBEDTLS_USE_PSA_CRYPTO is enabled Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-02-11 16:10:44 +01:00
Gilles Peskine	bebeae9428	Merge pull request #5504 from gstrauss/mbedtls_pem_get_der Add accessor to get der from mbedtls_pem_context	2022-02-10 23:56:57 +01:00
Gabor Mezei	b35759ded8	Add tests for mbedtls_psa_hkdf_expand The tests are based on the test of mbedtls_hkdf_expand. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-10 10:57:24 +01:00
Glenn Strauss	e328245618	Add test case use of mbedtls_ssl_ticket_rotate Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 14:33:16 -05:00
Andrzej Kurek	7db1b78fff	Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO Duplicate a test case but with a different expected error due to error translation to and from PSA. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-09 14:13:44 -05:00
Gabor Mezei	748ab4ae77	Use ASSERT_ALLOC Change the calloc functions to ASSERT_ALLOC to check the return value of calloc as well. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-09 16:31:48 +01:00
Ronald Cron	6ca6faa67e	Merge pull request #5080 from xffbai/add-tls13-read-certificate-request add tls1_3 read certificate request	2022-02-09 09:51:55 +01:00
Manuel Pégourié-Gonnard	1df23b903f	Check the result of PEM decoding Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-08 14:53:50 -05:00
Manuel Pégourié-Gonnard	33ab075f45	Add success case for pem_read testing Currently all cases were negative, so the block that exercised mbedtls_pem_get_der() would never be reached. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-08 14:53:50 -05:00
Glenn Strauss	72bd4e4d6a	Add accessor to get buf from mbedtls_pem_context Co-authored-by: Gilles Peskine <gilles.peskine@arm.com> Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-08 14:53:46 -05:00
pespacek	443c78eb83	BUGFIX: PSA test vectors use UID 1 instead of 0. Test vector to test rejection of uid = 0 was added. Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-08 15:19:26 +01:00
pespacek	d62e906b1c	TEST: added psa_its_set expected failure test Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-08 15:19:26 +01:00
Manuel Pégourié-Gonnard	45c5768a74	Merge pull request #5434 from mprse/tls_use_psa TLS Cipher: use PSA crypto	2022-02-08 10:27:25 +01:00
Ronald Cron	6a0b1ef27e	Merge pull request #5282 from AndrzejKurek/import-opaque-driver-wrappers Add tests for an opaque import in the driver wrappers	2022-02-07 11:14:43 +01:00
Manuel Pégourié-Gonnard	d81e774083	Merge pull request #5463 from gilles-peskine-arm/cmake-test-suite-enumeration CMake: generate the list of test suites automatically	2022-02-07 09:48:23 +01:00
Gilles Peskine	827dbd9d35	Remove obsolete calls to if_build_succeeded This is now a no-op. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-04 00:32:58 +01:00

1 2 3 4 5 ...

6206 commits