yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
20511 commits 1 branch 0 tags 94 MiB
Commit graph

893 commits

Author SHA1 Message Date
XiaokangQian
ac41edfc5e Enable requires_gnutls_tls1_3 in sni test cases 
Change-Id: Iea18f4e6a6b4c6b90612b43a5bcd396cdd506335
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-31 13:22:13 +00:00
XiaokangQian
2ccd97b8ef Change test case name to sni 
Change-Id: I8f6e68deab71cc49741cbdf233cf876e29683db9
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-31 08:30:17 +00:00
XiaokangQian
d5d5b60c07 Add comprehensive test cases for TLS1.3 server side 
Change-Id: I544cb12b3ffe5edd7d59fa54342ca7db5b5c8a2a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-31 02:51:26 +00:00
XiaokangQian
f2a942073e Fix SNI test failure 
Change-Id: Id3fce36af9bc52cac858b473168451945aa974f4
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-30 08:07:16 +00:00
XiaokangQian
40a3523eb7 Add support of server name extension to server side 
Change-Id: Iccf5017e306ba6ead2e1026a29f397ead084cc4d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-30 08:07:16 +00:00
XiaokangQian
9a4e1dd8a6 Add back openssl client auth test 
Change-Id: Iea3b70381c3851102c542d1c55c0303bc3a14a92
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:58:11 +00:00
XiaokangQian
aca9048b5f Change base on review 
Fix comments
Add test cases for client authentication with empty certificate

Change-Id: Id8a741ddd997ca92e36832f26088eb0e67830ad8
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:47:11 +00:00
XiaokangQian
c3017f620f Remove useless guards and refine checking 
Change-Id: I9cd3073826fc65c203e479d83bed72331ff8963d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:47:10 +00:00
XiaokangQian
189ded2b07 Remove coordinate functions and change state machine in server side 
Change-Id: Id4abf78f493e77afc289409db691c9c61acde1d2
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:46:13 +00:00
Paul Elliott
8fba70f66c
Merge pull request #5749 from yuhaoth/pr/add-tls13-finished-message-and-wrapup 
TLS 1.3: Add Finished Message and wrapup
 2022-05-25 12:02:06 +01:00
Jerry Yu
5491f857d2 skip openssl client auth test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-23 22:36:16 +08:00
Jerry Yu
090378c685 change exit code of cli auth test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-23 21:03:52 +08:00
Jerry Yu
7eaadae941 fix no x509 info fail. 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-23 16:17:25 +08:00
Manuel Pégourié-Gonnard
6ab65e28cf
Merge pull request #5842 from mprse/decrypt_tests 
RSA decrypt 2: TLS 1.2 integration testing
 2022-05-18 12:58:50 +02:00
Jerry Yu
36becb1b81 update hrr tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-18 09:58:48 +08:00
Jerry Yu
a7abc5eaa8 fix ci test fails 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-18 09:58:48 +08:00
Jerry Yu
155493d4f5 fix openssl test fail. 
different version openssl client return
different output. remove string check
to workaround it

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-18 09:58:48 +08:00
Jerry Yu
6622049bcc test:add state check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-18 09:58:48 +08:00
Jerry Yu
4d8567fa9e fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-18 09:58:48 +08:00
Paul Elliott
a478441517
Merge pull request #5748 from yuhaoth/pr/add-tls13-write-certificate-and-verify 
TLS1.3:Add Certificate and CertificateVerify message on Server Side
 2022-05-17 15:47:36 +01:00
Przemek Stekiel
8da6da3da2 ssl-opt.sh: add test of RSA Opaque keys with TLS 1.2 server for decryption 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-05-16 14:37:50 +02:00
Jerry Yu
b89125b81a Add test without server certificate 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-13 15:50:04 +08:00
Jerry Yu
c450566b85 Update client auth tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-12 14:44:59 +08:00
Jerry Yu
c8bdbf72d3 test:add state check for certificate and verify 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-12 14:44:59 +08:00
Andrzej Kurek
5c65c5781f Fix additional misspellings found by codespell 
Remaining hits seem to be hex data, certificates,
and other miscellaneous exceptions.
List generated by running codespell -w -L 
keypair,Keypair,KeyPair,keyPair,ciph,nd

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-05-11 21:25:54 +01:00
Shaun Case
8b0ecbccf4 Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell. 
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-05-11 21:25:51 +01:00
Paul Elliott
d1a954d243
Merge pull request #5707 from yuhaoth/pr/add-tls13-write-hello-retry-request 
TLS1.3: Add  HelloRetryRequest Write
 2022-05-10 17:25:33 +01:00
Manuel Pégourié-Gonnard
9bbb7bacae
Merge pull request #5791 from superna9999/5788-unify-non-opaque-and-opaque-psks 
Unify non-opaque and opaque PSKs
 2022-05-09 10:15:16 +02:00
Jerry Yu
ede50ea891 move hrr tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-09 15:49:09 +08:00
XiaokangQian
a987e1d2f8 Change state machine after encrypted extension and update cases 
Change-Id: Ie84a2d52a08538afb8f6096af0c054bd55ed66cb
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-07 01:37:04 +00:00
XiaokangQian
45c22201b3 Update test cases and encrypted extension state set 
Change-Id: Ie1acd10b61cefa9414169b276a0c5c5ff2f9eb79
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-07 01:37:04 +00:00
XiaokangQian
2f150e184f Update status and add test cases for client certificate request 
Change-Id: If9b9672540d2b427496b7297aa484b8bcfeb75c5
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-07 01:37:04 +00:00
Ronald Cron
25b1f5d2b7
Merge pull request #5545 from xffbai/tls13-write-enc-ext 
TLS1.3: add writing encrypted extensions on server side.
 2022-05-06 13:54:45 +02:00
Neil Armstrong
cd05f0b9e5 Drop skip PMS generation for opaque XXX-PSK now Opaque PSA key is always present when MBEDTLS_USE_PSA_CRYPTO selected 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-04 11:08:41 +02:00
Jerry Yu
7c0da07445 Update state check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-03 15:08:54 +08:00
Manuel Pégourié-Gonnard
67397fa4fd
Merge pull request #5704 from mprse/mixed_psk_2cx 
Mixed PSK 2a, 2b, 2c: enable client/server support opaque RSA-PSK, ECDHE-PSK, DHE-PSK
 2022-04-29 10:47:16 +02:00
Gilles Peskine
4098083ed4
Merge pull request #5745 from superna9999/5712-pk-opaque-rsa-pss-sign-tls 
RSA-PSS sign 2: TLS 1.3 integration testing
 2022-04-28 18:16:44 +02:00
Manuel Pégourié-Gonnard
ad47487e25
Merge pull request #5742 from superna9999/5669-review-test-incompatible-psa 
Fixup or re-enable tests with Use PSA
 2022-04-28 09:57:13 +02:00
Jerry Yu
cef55dbd6a ssl-opt: add state check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-04-25 19:41:47 +08:00
Jerry Yu
955ddd75a3 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-04-22 22:27:33 +08:00
Przemek Stekiel
85d46fe6cf ssl-opt.sh: add tests for clent/server psa opaque dhe-psk key exchange 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-22 14:54:33 +02:00
Przemek Stekiel
b6a0503dda ssl-opt.sh: add tests for clent/server psa opaque ecdhe-psk key exchange 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-22 14:53:55 +02:00
Przemek Stekiel
b270b56372 ssl-opt.sh: add tests for server psa opaque rsa-psk key exchange 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-22 14:52:28 +02:00
Przemek Stekiel
8e0495e0f4 ssl-opt.sh: add tests for client psa opaque rsa-psk key exchange 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-04-22 14:52:28 +02:00
Jerry Yu
8b9fd374b8 Add P_CLI test to easy debug 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-04-22 16:45:01 +08:00
Jerry Yu
abf20c7564 add state check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-04-22 16:45:01 +08:00
Ronald Cron
38b8aa4f63
Merge pull request #5539 from xkqian/add_client_hello_to_server 
Add client hello into server side
 2022-04-22 10:26:00 +02:00
Neil Armstrong
7f6f672d7e Add Opaque PK test case for TLS 1.3 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-22 10:23:10 +02:00
Manuel Pégourié-Gonnard
21f82c7510
Merge pull request #5709 from superna9999/5625-pk-opaque-rsa-tls12 
RSA sign 3b: TLS 1.2 integration testing
 2022-04-22 10:05:43 +02:00
XiaokangQian
e8ff350698 Update code to align with tls13 coding standard 
Change-Id: I3c98b7d0db63aecc712a67f4e8da2cb9945c8f17
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-22 02:34:40 +00:00
Gilles Peskine
afbfed9397
Merge pull request #5582 from gilles-peskine-arm/ssl-opt-auto-psk 
Run ssl-opt.sh in more reduced configurations
 2022-04-21 12:03:53 +02:00
XiaokangQian
318dc763a6 Fix test failure issue and update code styles 
Change-Id: I0b08da1b083abdb19dc383e6f4b210f66659c109
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 09:43:51 +00:00
XiaokangQian
3f84d5d0cd Update test cases and fix the test failure 
Change-Id: If93506fc3764d49836b229d51e4ad5b008cc3343
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:45:50 +00:00
XiaokangQian
cfd925f3e8 Fix comments and remove hrr related code 
Change-Id: Iab1fc5415b3b7f7b5bcb0a41a01f4234cc3497d6
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:45:50 +00:00
XiaokangQian
ed582dd023 Update based on comments 
Remove cookie support from server side
Change code to align with coding styles
Re-order functions of client_hello

Change-Id: If31509ece402f8276e6cac37f261e0b166d05e18
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:43:48 +00:00
XiaokangQian
c4b8c99a38 Rebase and solve conflicts and issues 
Change-Id: I17246c5b2f8a8ec4989c8b0b83b55cad0491b78a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:43:48 +00:00
XiaokangQian
5e4528cd12 Add test cases for server side parse client hello 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:43:48 +00:00
Ronald Cron
df5f8681cc ssl-opt.sh: Fix/Unify TLS 1.3 test descriptions 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-04-19 18:31:24 +02:00
Gilles Peskine
5bd0b51048 Use terse output from lsof 
This both simplifies parsing a little, and suppresses warnings. Suppressing
warnings is both good and bad: on the one hand it resolves problems such as
https://github.com/Mbed-TLS/mbedtls/issues/5731, on the other hand it may
hide clues as to why lsof wouldn't be working as expected.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-16 11:34:23 +02:00
Neil Armstrong
eed1c6255d Enable TLS 1.3 ALPN tests when MBEDTLS_USE_PSA_CRYPTO is enabled 
Those were disabled in original submission, but it works fine
with PSA crypto enabled.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-15 09:30:31 +02:00
Gilles Peskine
2ecf4ff349 Restore explicit version requirement on 1.3 HelloRetryRequest tests 
A concurrent branch changes the way the test cases run to no longer use
force_version=tls13, so the automatic version requirement detection will no
longer work after that branch is merged. Therefore, keep the manual
requirement (at least until automatic detection gets smarter).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-13 19:08:38 +02:00
Gilles Peskine
c912673f8d Automatically detect protocol version requirement from force_version 
When the client or server uses a specific protocol version, automatically
require that version to be enabled at compile time.

An explicit call is still needed in test cases that require a specific
protocol version (due to analyzing version-specific behavior, or checking
the version in logs), but do not force that specific protocol version, or that
force a specific version only on the openssl/gnutls side.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-13 16:14:01 +02:00
Gilles Peskine
740b734f25 Move ticket, alpn detection into maybe_requires_ciphersuite_enabled 
No intended behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-13 11:32:46 +02:00
Gilles Peskine
b898b3df90 Prepare to generalize maybe_requires_ciphersuite_enabled 
Rename maybe_requires_ciphersuite_enabled() to detect_required_features()
and refactor its code a little. No intended behavior change. In subsequent
commits, this function will detect other requirements in a similar way.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-13 11:32:46 +02:00
Neil Armstrong
a4dbfddba2 Add DHE-RSA Opaque PK key tests variants in ssl-opt.sh 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-13 10:49:25 +02:00
Neil Armstrong
3e9a142017 Add RSA Opaque PK key tests variants in ssl-opt.sh 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-13 10:49:25 +02:00
Gilles Peskine
8e5e8d73db
Merge pull request #5686 from AndrzejKurek/off-by-one-ssl-opt 
Fix an off-by-one error in ssl-opt.sh
 2022-04-07 16:20:55 +02:00
Manuel Pégourié-Gonnard
1b05aff3ad
Merge pull request #5624 from superna9999/5312-tls-server-ecdh 
TLS ECDH 3b: server-side static ECDH (1.2)
 2022-04-07 11:46:25 +02:00
Gilles Peskine
d2d90af7d9 Make mbedtls_ssl_get_bytes_avail tests more independent 
Don't depend on the default sizes in the test programs: pass explicit
request and buffer sizes.

Don't depend on MAX_CONTENT_LEN (other than it not being extremely small:
this commit assumes that it will never be less than 101).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-06 23:39:06 +02:00
Gilles Peskine
c8d242f625 set_maybe_calc_verify: $1 is intended to be auth_mode 
Document that this is what it is. Don't allow made-up numerical values.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-06 22:23:45 +02:00
Gilles Peskine
1438e1620a Add requirements of "Default" 
The log checks require a specific hash and a specific curve.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-05 22:00:32 +02:00
Gilles Peskine
59601d76ad Documentation improvements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-04-05 22:00:17 +02:00
Andrzej Kurek
8db7c0e9ac Fix an off-by-one error in ssl-opt.sh 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-04-01 08:55:40 -04:00
Ronald Cron
0e980e8e84
Merge pull request #5640 from ronald-cron-arm/version-negotiation-2 
TLS 1.2/1.3 version negotiation - 2
 2022-04-01 12:29:06 +02:00
Ronald Cron
cbd7bfd30e ssl-opt.sh: Force TLS 1.2 on server for TLS 1.2 specific tests 
Force TLS 1.2 on OpenSSL/GnuTLS server
for TLS 1.2 specific tests.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-31 18:25:27 +02:00
Ronald Cron
634d865d80 ssl-opt.sh: Fix "no TLS 1.3 server support" test check 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-31 18:25:27 +02:00
Dave Rodgman
017a19997a Update references to old Github organisation 
Replace references to ARMmbed organisation with the new
org, Mbed-TLS, following project migration.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-03-31 14:43:16 +01:00
Neil Armstrong
b7b549aa71 Force server-side TLS1.2 for ECDH- Opaque PK key test 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-31 15:24:18 +02:00
Neil Armstrong
023bf8d7c2 Add ECDH- Opaque PK key test 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-31 15:24:17 +02:00
Ronald Cron
a1b8f6e914 ssl-opt.sh: Do not force TLS 1.3 on client 
For TLS 1.3 tests, do not force TLS 1.3
version on client to play the negotiation
game whenever possible.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-29 18:58:31 +02:00
Ronald Cron
f3b425bbde ssl-opt.sh: Force TLS 1.2 on server 
To maximize the number of tests where MbedTLS
client proposes both TLS 1.2 and TLS 1.3 to
the server, force the TLS 1.2 version on the
server side rather than on the client side
in TLS 1.2 specific tests.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-29 18:58:31 +02:00
Ronald Cron
e1d3f06399 Allow hybrid TLS 1.3 + TLS 1.2 configuration 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-29 18:58:31 +02:00
Ronald Cron
7320e6436b ssl_tls12_client.c: Switch to generic Client Hello state handler 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-29 18:58:31 +02:00
Ronald Cron
27c85e743f ssl_tls.c: Unify TLS 1.2 and TLS 1.3 SSL state logs 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-29 18:58:31 +02:00
Ronald Cron
086ee0be0e ssl_tls.c: Reject TLS 1.3 version configuration for server 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-29 14:42:17 +02:00
Jerry Yu
3a58b462b6 add pss_rsae_sha{384,512} 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
919130c035 Add rsa_pss_rsae_sha256 support 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:33 +08:00
Manuel Pégourié-Gonnard
7c92fe966a
Merge pull request #5614 from gabor-mezei-arm/5203_tls_cipher_tickets_use_psa_for_protection 
TLS Cipher 2a: tickets: use PSA for protection
 2022-03-17 09:50:09 +01:00
Gilles Peskine
6f160cab59 Skip some DTLS reordering tests in PSK-only builds 
Some DTLS reordering tests rely on certificate authentication messages. It
is probably possible to adapt them to rely on different messages, but for
now, skip them in PSK-only builds.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-03-14 20:32:20 +01:00
Gilles Peskine
309ca65846 calc_verify is only called in some configurations 
If MBEDTLS_SSL_EXTENDED_MASTER_SECRET is disabled or the feature is disabled
at runtime, and if client authentication is not used, then calc_verify is not
called, so don't require the corresponding debug trace.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-03-14 20:32:20 +01:00
Gilles Peskine
aa162b5bea Remove negative check for a message that no longer exists 
The message was removed in 6be9cf542f without
a replacement. A failure would cause the test case to fail anyway, so this
negative check is not really useful.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-03-14 19:49:18 +01:00
Gabor Mezei
49c8eb3a5a
Enable chachcapoly cipher for SSL tickets 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-10 17:09:59 +01:00
Gabor Mezei
2fa1c311cd
Remove test dependency 
The SSL ticket rotation test case is enabled when PSA is used.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-03-10 17:09:59 +01:00
Manuel Pégourié-Gonnard
10e5cdbbbf
Merge pull request #5454 from gstrauss/cert_cb-user_data 
server certificate selection callback
 2022-03-10 11:51:42 +01:00
Paul Elliott
17f452aec4
Merge pull request #5448 from lhuang04/tls13_alpn 
Port ALPN support for tls13 client from tls13-prototype
 2022-03-08 17:53:38 +00:00
Glenn Strauss
6989407261 Add accessor to retrieve SNI during handshake 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-25 19:55:53 -05:00
Gilles Peskine
588d7a7538 Add a missing requires_max_content_len 
Slightly reduce the amount of data so that the test passes with 512.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-25 21:23:25 +01:00
Gilles Peskine
6e86e54abb Adapt tests for PSK in PSK-only builds 
In a PSK-only build:
* Skip tests that rely on a specific non-PSK cipher suite.
* Skip tests that exercise a certificate authentication feature.
* Pass a pre-shared key in tests that don't mind the key exchange type.

This commit only considers PSK-only builds vs builds with certificates. It
does not aim to do something useful for builds with an asymmetric key
exchange and a pre-shared key for authentication.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-25 21:06:21 +01:00
Gilles Peskine
2fe796f1b7 Add some missing dependencies: EXTENDED_MASTER_SECRET, CACHE 
This commit is not necessarily complete, but it's a step forward.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-25 21:06:21 +01:00
Gilles Peskine
3561526249 Only run "Default" tests if the expected ciphersuite is enabled 
These tests ensure that a certain cipher suite is in use, so they fail in
builds that lack one of the corresponding algorithms.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-25 21:06:21 +01:00