399 commits

Author	SHA1	Message	Date
Valerio Setti	1b08d421a7	test: fix: replace CAN_ECDSA_SOME with CAN_ECDSA_SIGN+CAN_ECDSA_VERIFY when both are needed ... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-13 15:35:37 +01:00
Valerio Setti	16f02e0196	test: adjust include after PK_CAN_ECDSA_SOME was moved ... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-13 15:35:37 +01:00
Valerio Setti	d928aeb9ac	test_suite_ssl: use new macros for ECDSA capabilities ... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-13 15:35:37 +01:00
Andrzej Kurek	a86cef32cf	Add missing KEX DHE-RSA requirement for one ssl test ... This specific cipher is used to test record splitting. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-01-19 18:27:57 -05:00
Andrzej Kurek	9113df8c8f	Add missing RSA-type dependencies in test_suite_ssl ... These tests are not run in development because of the overlapping !TLS_1_3 requirement and usage of full config. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-01-19 18:26:31 -05:00
Andrzej Kurek	714ae6551e	Add missing key exchange requirements to test_suite_ssl ... Some of the tests use mbedtls_test_cli_key_rsa_der and mbedtls_test_cli_crt_rsa_der, and these can be used with specific ciphersuites. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-01-17 10:38:11 -05:00
Gilles Peskine	449bd8303e	Switch to the new code style ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-11 14:50:10 +01:00
Manuel Pégourié-Gonnard	28d4d43416	Merge pull request #6863 from valeriosetti/issue6830 ... Remove uses of mbedtls_ecp_curve_info in TLS (with USE_PSA)	2023-01-10 10:01:17 +01:00
Valerio Setti	2c12185b88	test: fix dependencies on function and data files ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-09 18:00:39 +01:00
Valerio Setti	1e868ccbac	fix several typos and extra blank spaces ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-09 17:59:46 +01:00
Valerio Setti	67419f0e11	tls: fix + save code size when DEBUG_C is not enabled ... Some PSA curves' symbols (PSA_WANT_) were not matching the corresponding MBEDTLS_ECP_DP_. This was fixed together with the removal of extra code when DEBUG_C is not enabled. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-04 17:36:00 +01:00
Valerio Setti	73260b6e65	test: extend test_suite_ssl for testing new functions ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-03 16:05:02 +01:00
Manuel Pégourié-Gonnard	7a389ddc84	Merge pull request #6784 from valeriosetti/issue6702 ... Make SHA224_C/SHA384_C independent from SHA256_C/SHA512_C	2023-01-03 09:36:58 +01:00
Valerio Setti	77b1452784	test: fix error in test_suite_ssl ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-23 10:53:06 +01:00
Manuel Pégourié-Gonnard	c98624af3c	Merge pull request #6680 from valeriosetti/issue6599 ... Allow isolation of EC J-PAKE password when used in TLS	2022-12-14 11:04:33 +01:00
Valerio Setti	785116a5be	test: pake: modify opaque key verification before destruction ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-12 11:59:25 +01:00
Valerio Setti	31e99bb0c7	test: pake: fix: destroy key only in opaque case ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-09 14:35:10 +01:00
Valerio Setti	9d313dfeeb	test: pake: minor enhancement for opaque keys ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-09 11:38:59 +01:00
Valerio Setti	2a3ffb4203	test: pake: add test for opaque password key ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-08 16:27:46 +01:00
Valerio Setti	f11e05a413	test: psa: minor improvements to test ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-07 16:02:45 +01:00
Dave Rodgman	1fe45295d7	Merge pull request #6685 from gilles-peskine-arm/valgrind-cf-skip-tests ... Rationalize Valgrind tests	2022-12-06 18:39:32 +00:00
Valerio Setti	ba22c9c1ff	test: pake: remove useless check in ssl_ecjpake_set_password() ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-06 11:42:33 +01:00
Valerio Setti	2e1e43fb82	test: pake: fix error in ssl_ecjpake_set_password() ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-06 11:41:57 +01:00
Tom Cosgrove	1797b05602	Fix typos prior to release ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-12-04 17:19:59 +00:00
Valerio Setti	e7518ba28e	test: pake: reshaping the ssl_ecjpake_set_password() ... Removed the "error injection" strategy. Now the functions checks for all the errors in a row. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-02 12:09:43 +01:00
Valerio Setti	4452e98ec1	test: pake: add tests for set password functions ... Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-01 15:08:35 +01:00
Gilles Peskine	3ffd6bce81	Create a separate test suite for constant-time functions ... This is the first step in arranging that functions from constant_time.c are tested in test_suite_constant_time.function. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-29 15:44:21 +01:00
Gilles Peskine	77e68c3176	Move constant-time HMAC testing to its own suite ... These are very CPU-intensive, so make it easy to skip them. And conversely, make it easy to run them without the growing body of SSL tests. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-29 15:42:36 +01:00
Ronald Cron	73fe8df922	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED ... Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to guard TLS code (both 1.2 and 1.3) specific to handshakes involving PSKs. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	e68ab4f55e	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED ... Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to guard TLS code (both TLS 1.2 and 1.3) specific to handshakes involving certificates. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Andrzej Kurek	b50754ae86	Switch from x509_CRT_PARSE to KEY_EXCHANGE_WITH_CERT_ENABLED ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	a2a9688501	Fix the memory allocation in test_suite_ssl ... ASSERT_ALLOC calculates the size itself, and the parameter indicates number of elements. ``` mbedtls_calloc( sizeof( *( pointer ) ), ( length ) ); ``` Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	658442fe78	Remove unnecessary ECP_C dependencies ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	daf43fbe21	Move the location of MBEDTLS_ECP_C dependencies ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	2d637c4cbb	Fix unchecked allocation in test_suite_ssl ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	84f30f2eb0	Add missing SHA256 dependency ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	90e8204476	Add missing SHA256 and ECDSA_C dependencies in test_suite_ssl ... Most of the tests (including those using endpoint_init functions) parse certificates that require MBEDTLS_SHA256_C to be present. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	0abebebe6d	Refactor ssl test suite to use pointers more ... This way it's easier to track structures that are partially set up. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Manuel Pégourié-Gonnard	47b8de834d	Fix usage of ASSERT_ALLOC() ... The second argument is the number of elements of the type the first argument is pointing to, so we shouldn't be using sizeof there. This was resulting in overly large allocations. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-14 09:35:55 +02:00
Jerry Yu	8897c07075	Add server only guards for psk callback ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Manuel Pégourié-Gonnard	1367f40d38	Fix memory corruption in an SSL test function ... Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 11:00:23 +02:00
Manuel Pégourié-Gonnard	07018f97d2	Make legacy_or_psa.h public. ... As a public header, it should no longer include common.h, just use build_info.h which is what we actually need anyway. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 12:02:48 +02:00
Andrzej Kurek	32bd063773	test_suite_ssl: Add minimal handshake requirements ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-23 05:42:44 -04:00
Andrzej Kurek	299b1d6c93	Remove unnecessary psa/crypto.h include ... This is now included in `legacy_or_psa.h`. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-23 05:42:33 -04:00
Andrzej Kurek	cccb044804	Style & formatting fixes ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-23 05:26:02 -04:00
Andrzej Kurek	21b6870301	test_suite_ssl: remove unnecessary usage of mbedtls_md_get_size ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-22 17:46:50 -04:00
Andrzej Kurek	8c95ac4500	Add missing dependencies / alternatives ... A number of places lacked the necessary dependencies on one of the used features: MD, key exchange with certificate, entropy, or ETM. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-22 17:46:50 -04:00
Andrzej Kurek	7bb8bab457	Update SHA and MD5 dependencies in the SSL tests ... The same elements are now also used when MBEDTLS_USE_PSA_CRYPTO is defined and respective SHA / MD5 defines are missing. A new set of macros added in #6065 is used to reflect these dependencies. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-22 17:46:50 -04:00
Andrzej Kurek	635c2c2be5	test_suite_ssl: replace CTR_DRBG with a fake rng source ... This way there are less dependencies in the SSL test suite. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-22 17:46:50 -04:00
Gilles Peskine	194556034d	Merge pull request #6169 from tom-cosgrove-arm/fix-incorrect-use-of-mbedtls_ecp_group_id ... Fix incorrect use of mbedtls_ecp_group_id in test_suite_ssl.function	2022-08-22 17:26:18 +02:00
Tom Cosgrove	a327b52427	Fix incorrect use of mbedtls_ecp_group_id in test_suite_ssl.function ... MBEDTLS_SSL_IANA_TLS_GROUP_SECP192R1 and friends are not members of the mbedtls_ecp_group_id enum Found by clang's -Wassign-enum Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-08-19 10:50:26 +01:00
Jerry Yu	e28d9745a1	fix coding style issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-18 15:44:03 +08:00
Jerry Yu	5b7c7caee6	fix wrong condition issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-18 11:28:41 +08:00
Przemek Stekiel	cc59c998d8	test_suite_ssl: make PSA build independent on MD module ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-08-01 14:29:56 +02:00
Dave Rodgman	aba26d0099	Merge pull request #5963 from tom-daubney-arm/remove_ssl_compression_new ... Remove use of SSL session compression	2022-07-28 10:28:23 +01:00
Manuel Pégourié-Gonnard	f6b8c3297a	Merge pull request #6065 from mpg/explore2 ... Driver-only hashes: RSA 1.5 and PK + strategy doc	2022-07-28 10:43:38 +02:00
Thomas Daubney	20f89a9605	Remove uses of SSL compression ... Remove or modify current uses of session compression. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2022-07-26 16:13:03 +01:00
Jerry Yu	6ac7c0349a	TLS 1.3: Add session test checks ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:09:40 +08:00
Jerry Yu	bc7c1a4260	fix typo/format/name issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:09:40 +08:00
Jerry Yu	f092629997	Add save load test for tls13 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:08:43 +08:00
Jerry Yu	a180f99a55	Add load-save tests for tls13 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:08:43 +08:00
Jerry Yu	1ac476cc1e	Add save buf size test for tls13 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:08:43 +08:00
Jerry Yu	6e8fec2908	add session serialization load buf ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:08:43 +08:00
Jerry Yu	534ff400d4	Add serialize_version_check for tls13 ... Add population session also Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:08:43 +08:00
Manuel Pégourié-Gonnard	abac037a7b	Migrate from old inline to new actual function. ... This is mostly: sed -i 's/mbedtls_psa_translate_md/mbedtls_hash_info_psa_from_md/' \ library/*.c tests/suites/*.function This should be good for code size as the old inline function was used from 10 translation units inside the library, so we have 10 copies at least. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-18 21:28:38 +02:00
Paul Elliott	9a8d78419f	Fixup test tls13_server_certificate_msg_invalid_vector_len ... The parameters for init_handshake_options had changed on the development branch after this test was created, so fixing up this test in order to correct build failures after merge. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 11:34:14 +01:00
Ronald Cron	ce7d76e2ee	Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr	2022-07-11 10:22:37 +02:00
Andrzej Kurek	ddb8cd601d	test_suite_ssl: Fix handshake options cleanup ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 16:07:28 -04:00
Andrzej Kurek	9dc4402afa	test_suite_ssl: zeroize the cache pointer in case if the struct memory gets reused ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:40:15 -04:00
Andrzej Kurek	1e085686ec	test_suite_ssl: remove unnecessary user data checks ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:40:09 -04:00
Andrzej Kurek	3d0d501517	test_suite_ssl: prefer ASSERT_ALLOC over malloc ... Fix formatting for option initialization Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:39:34 -04:00
Andrzej Kurek	92d7417d89	Formatting fixes ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Andrzej Kurek	e11acb2c9b	test_suite_ssl: add proper cache cleanup ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Andrzej Kurek	e8ad0d7d42	Disable bad session id length test in TLS 1.3 ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Andrzej Kurek	456a109edb	test_suite_ssl: add required dependencies for default handshake parameters ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Andrzej Kurek	6e518ab086	test_suite_ssl: add missing options cleanup ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Andrzej Kurek	ed58b50ea6	test_suite_ssl: add missing MBEDTLS_SSL_SERVER_C dependency ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Andrzej Kurek	626a931bb9	test_suite_ssl: Add missing arguments in endpoint initialization ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Andrzej Kurek	514683abdc	Add a test with a bad session_id_len that makes cache setting fail ... Force a bad session_id_len before handshake wrapup. This should result in a forced jump to a clean up of a serialized session. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:18:29 -04:00
Andrzej Kurek	780dc18f74	Refactor test_suite_ssl tests to enable cache setting ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:18:28 -04:00
Neil Armstrong	db13497490	Reorganize & add more handshake_ciphersuite_select to test all MBEDTLS_KEY_EXCHANGE_XXX cases ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-06-30 09:06:28 +02:00
Neil Armstrong	8c52ed8d1e	Add negative testing of ciphersuite selection using Opaque algs & usage ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-06-28 18:12:17 +02:00
Ronald Cron	585cd70d04	tests: ssl: Fix coverity deadcode issue ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:21:13 +02:00
Ronald Cron	cf600bc07c	Comment fixes ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-27 09:28:49 +02:00
Ronald Cron	e7b9b6b380	tls13: Add checks of overread check failures ... In Certificate message parsing tests with invalid vector lengths, add checks that the parsing failed on the expected overread check. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-27 09:28:49 +02:00
Ronald Cron	e3dac4aaa1	tls13: Add Certificate msg parsing tests with invalid vector lengths ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-27 09:28:42 +02:00
Ronald Cron	21a1b2d374	Enable "Sending app data" SSL unit tests for TLS 1.3 ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-24 12:06:46 +02:00
Przemek Stekiel	0c9e74bd55	Remove mbedtls_psa_hkdf_expand() and mbedtls_psa_hkdf_extract() tests ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-21 07:22:33 +02:00
Gilles Peskine	e0469b5908	Merge pull request #931 from AndrzejKurek/clihlo_cookie_pxy_fix ... Add a client hello cookie_len overflow test	2022-06-20 19:35:54 +02:00
Andrzej Kurek	ed4d217874	Add missing test dependencies for cookie parsing ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-06-08 11:57:57 -04:00
Andrzej Kurek	078e9bcda6	Add the mbedtls prefix to ssl_check_dtls_clihlo_cookie ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-06-08 11:47:33 -04:00
Ronald Cron	bdddaef9bb	test: ssl: Enable client authentication in handshake state tests ... The endpoint initialization function was setting up a certificate but the client certificate was not used because client authentication was not enabled (not enabled in the default SSL server configuration). Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-07 11:13:49 +02:00
Andrzej Kurek	cfb01948c8	Add cookie parsing tests to test_suite_ssl ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-06-06 15:29:15 -04:00
Jerry Yu	6994e3e0c2	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-06 11:50:49 +08:00
Jerry Yu	1443537da3	fix test fail when WANT_READ/WRITE returned ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-01 15:53:31 +08:00
Jerry Yu	66adf3155c	Update comments ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-31 15:23:29 +08:00
Jerry Yu	df0a71a0b0	Add handshake version test ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-31 15:06:04 +08:00
Jerry Yu	d9d049d180	revert dbg config ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-31 15:06:04 +08:00
Jerry Yu	d8c57feaf9	Add moving state test for TLS1.3 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-31 15:06:04 +08:00
Jerry Yu	023ff7acb1	Move dependes_on of move handshakes state ... Prepare share move_handshake_state function with TLSv1.3 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-31 15:06:04 +08:00