Commit graph

5504 commits

Author SHA1 Message Date
Jerry Yu
31c01d303e Rename available values for tls13_kex_modes
Rename `psk_pure` to `psk` and `ephemeral_pure` to `ephemeral`

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-25 18:13:53 +08:00
Hanno Becker
932064d660 Add ssl-opt.sh tests for ssl_client/server TLS 1.3 kex parameters
Those tests are so far only checking that ssl_client2/ssl_server2
recognize the arguments, nothing more.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:31:14 +01:00
Hanno Becker
ae336852c5 Add ssl-opt.sh run to TLS 1.3 test in all.sh
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-12 06:28:45 +01:00
Dave Rodgman
2aec149e13
Merge pull request #4248 from hanno-arm/tls13_populate_transform
Fix and test compliance of TLS 1.3 record protection
2021-08-11 16:41:51 +01:00
Manuel Pégourié-Gonnard
448c80727d
Merge pull request #4853 from yuhaoth/pr/add-tls13-config-check-and-dummy-handshake
TLS1_3:add tls13 config check and dummy handshake
2021-08-10 12:59:09 +02:00
Jerry Yu
b9930e7d70 Add dummy tls1.3 handshake dispatch functions
Base on version config, `handshack_{clinet,server}_step`
will call different step function. TLS1.3 features will
be gradully added base on it.

And a new test cases is added to make sure it reports
`feature is not available`.

Change-Id: I4f0e36cb610f5aa59f97910fb8204bfbf2825949
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-10 13:34:32 +08:00
Jerry Yu
b19ccc3998 fix test_suite_debug test fail
Before `mbedtls_ssl_setup`, config functions should
be called. Without it, `mbedtls_ssl_setup` will raise
invalid value error.

Change-Id: I46fdaa5e8eb83d06c620087a9e1e7e14e1c5d9b5
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-10 13:34:32 +08:00
Jerry Yu
c46e9b4091 tests: Add negative version config tests.
tls1.3 and tls1.2 can not be enabled at same
time before #4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-10 13:34:32 +08:00
Janos Follath
f8f88d6b00
Merge pull request #4746 from gilles-peskine-arm/bump-version-3.0
Fix release scripts for 3.0
2021-08-09 15:28:28 +01:00
Gilles Peskine
78f6f05778
Merge pull request #4695 from yutotakano/fix-ssl-opt.sh-hard-abort
ssl-opt.sh: Skip tests instead of conditional hard abort
2021-08-04 10:16:19 +02:00
Gilles Peskine
8bb9b80d18
Merge pull request #4806 from hanno-arm/ssl_session_serialization_version
Store TLS version in SSL session structure
2021-08-02 12:45:55 +02:00
Hanno Becker
d7e4b2ce42 Remove duplicated test from SSL test suite
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
6c53ecc01d all.sh: Run basic TLS 1.3 with and without record padding
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
1f91878281 Specify padding granularity in TLS 1.3 record protection KATs
Still check that encryption and decryption are inverse to each other
if the granularity does not match the one used in the KAT.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
41537452f4 Add comment regarding the wire-version used in TLS 1.3 records
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
80e760e006 Fix memory leak in TLS 1.3 record protection unit test
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:02 +01:00
Hanno Becker
a77d005d39 Add known answer tests for TLS 1.3 record protection
This commit adds four known answer tests for TLS 1.3 record protection
from the following sources:

- RFC 8448 "Example Handshake Traces for TLS 1.3"
- tls13.ulfheim.net "The New Illustrated TLS Connection"

It extends the test coverage of the existing record protection tests
in the following ways:

- The existing record protection tests hand-craft record transform
  structures; the new tests use the function

     mbedtls_ssl_tls13_populate_transform()

  from library source to create an TLS 1.3 transform from raw
  key material and connection information.
- The existing record protection tests only check that encryption
  and decryption are inverse to each other; as such, they don't
  catch non-compliant implementations of encryption and decryption
  which happen to be inverse to each other. By adding a known answer
  test for TLS 1.3 record protection, can gain confidence that our
  implementation is indeed standards-compliant.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:53:58 +01:00
Gilles Peskine
69813477b0
Merge pull request #4758 from paul-elliott-arm/fix_cipher_output_size
Fix divide by zero if macro used with wrong key type
2021-07-30 18:56:18 +02:00
Manuel Pégourié-Gonnard
8da9dc05e8
Merge pull request #4748 from TRodziewicz/re-introduce_ext_checks_for_psa_unlock-wipe_key_slot
Re-introduction of key slot checks
2021-07-29 13:45:57 +02:00
Manuel Pégourié-Gonnard
1a515d1bc2
Merge pull request #4777 from gilles-peskine-arm/save-coverage-summary-3.0
Save the basic-build-test.sh test report summary to coverage-summary.txt
2021-07-29 10:52:35 +02:00
Manuel Pégourié-Gonnard
06672ef771
Merge pull request #4776 from gilles-peskine-arm/generate_psa_tests-robutness-202107
Fix bugs around generate_psa_tests.py invocation from tests/Makefile
2021-07-29 09:58:19 +02:00
Manuel Pégourié-Gonnard
b637150dfe
Merge pull request #4730 from TRodziewicz/finish_removing_tls_1.0_and_1.1
Remove all TLS 1.0 and 1.1 instances and add some compatibility tests
2021-07-27 09:42:53 +02:00
Hanno Becker
fadbdbb576 Store TLS version in SSL session structure
Instances of `mbedtls_ssl_session` represent data enabling session resumption.

With the introduction of TLS 1.3, the format of this data changes. We therefore
need TLS-version field as part of `mbedtlsl_ssl_session` which allows distinguish
1.2 and 1.3 sessions.

This commit introduces such a TLS-version field to mbedtls_ssl_session.

The change has a few ramifications:

- Session serialization/deserialization routines need to be adjusted.

  This is achieved by adding the TLS-version after the header of
  Mbed TLS version+config, and by having the subsequent structure
  of the serialized data depend on the value of this field.

  The details are described in terms of the RFC 8446 presentation language.

  The 1.2 session (de)serialization are moved into static helper functions,
  while the top-level session (de)serialization only parses the Mbed TLS
  version+config header and the TLS-version field, and dispatches according
  to the found version.

  This way, it will be easy to add support for TLS 1.3 sessions in the future.

- Tests for session serialization need to be adjusted

- Once we add support for TLS 1.3, with runtime negotiation of 1.2 vs. 1.3,
  we will need to have some logic comparing the TLS version of the proposed session
  to the negotiated TLS version. For now, however, we only support TLS 1.2,
  and no such logic is needed. Instead, we just store the TLS version in the
  session structure at the same point when we populate mbedtls_ssl_context.minor_ver.

The change introduces some overlap between `mbedtls_ssl_session.minor_ver` and
`mbedtls_ssl_context.minor_ver`, which should be studied and potentially resolved.
However, with both fields being private and explicitly marked so, this can happen
in a later change.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-07-23 06:25:48 +01:00
Gilles Peskine
d8d19327d5 Fix mixup about the directory containing the success indicator file
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 12:30:14 +02:00
Ronald Cron
dfce58f32d
Merge pull request #4753 from JoeSubbiani/TestBlockSizes_dev
Test block sizes are powers of 2
2021-07-22 11:19:18 +02:00
Gilles Peskine
6ee3b7ed1f More robust failure detection for the coverage report generation
The previous implementation was hard to understand and could in principle
fail to notice if there was a test case failure and the writing of the
line "Note: $TOTAL_FAIL failures." failed. KISS.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 11:08:30 +02:00
Gilles Peskine
b969570650 Explain the final error checking
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 10:56:39 +02:00
TRodziewicz
3daaea858b Changing the places of the mbedtls_test_hook_test_fail callback declaration
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-07-20 13:36:16 +02:00
TRodziewicz
12c77410eb Removing unneded extern declaration of a callback and including common.h where the cb is needed
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-07-15 16:12:54 +02:00
Joe Subbiani
5ccdc556b1 Remove trailing whitespace
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-07-15 09:03:51 +01:00
Joe Subbiani
113d80c219 Simplify the test and description
Previously the check was convoluted. This has been simplified
and given a more appropriate suggestion as per gilles suggestion

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-07-14 15:16:09 +01:00
Paul Elliott
a417f56d28 Add non regression test for cipher output size
Call the output size macros specifically with asymmetric keys, which
would cause a crash (and thus test fail) should this fix get regressed.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-14 12:39:54 +01:00
Gilles Peskine
fc70b5252b Save the coverage report to a file
Save the "Test Report Summary" to a file. This can help both CI scripts and
human readers who want the summary after the fact without having to copy the
console output.

Take care to exit with a nonzero status if there is a failure while
generating the test report summary.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-13 23:27:01 +02:00
Gilles Peskine
bbced87390 Show the udp_proxy seed in the console log
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-13 23:26:00 +02:00
Gilles Peskine
a3d2264b88 Only run an unbridled parallel make (make -j) if MAKEFLAGS is unset
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-13 23:23:23 +02:00
Gilles Peskine
6ee3bc09ed Fix typo in test dependencies
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-13 20:34:55 +02:00
Gilles Peskine
e9ad95a63c Error out if enumerating the generated data files fails
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-13 18:36:05 +02:00
Gilles Peskine
8b427c851e Use python3 when building on non-Windows for Windows
The makefiles look for python3 on Unix-like systems where python is often
Python 2. This uses sh code so it doesn't work on Windows. On Windows, the
makefiles just assume that python is Python 3.

The code was incorrectly deciding not to try python3 based on WINDOWS_BUILD,
which indicates that the build is *for* Windows. Switch to checking WINDOWS,
which indicates that the build is *on* Windows.

Fix #4774

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-13 18:26:08 +02:00
Gilles Peskine
5df77c63fb Fix race condition when running generate_psa_tests.py
Fix a race condition in parallel builds: when generating *.data files with
generate_psa_tests.py, make instantiated the recipe once per output file,
potentially resulting in multiple instances of generate_psa_tests.py running
in parallel. This not only was inefficient, but occasionally caused the
output to be corrupted (https://github.com/ARMmbed/mbedtls/issues/4773). Fix
this by ensuring the recipe only runs once.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-13 18:02:27 +02:00
Gilles Peskine
bf4d0ce88d Remove obsolete MBEDTLS_xxx dependencies
This file had temporary MBEDTLS_xxx dependencies because it was created when
support for PSA_WANT_xxx was still incomplete. Switch to the PSA_WANT_xxx
dependencies

This fixes the bug that "PSA storage read: AES-GCM+CTR" was never executed
because there was a typo in a dependency.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-13 17:12:53 +02:00
TRodziewicz
829fe7038d Correction to callback declaration and usage
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-07-13 12:23:12 +02:00
Archana
c590611e97
Add requested montgomery curve tests
* Add tests to validate MSB not ok for Curve25519 and
  Curve448.
* Add a test to generate key for for Curve448.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-07-12 20:47:11 +05:30
Archana
8584f5b68b
test: psa: Improve description of curve 448 tests
Improve the description of some curve 448 tests

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-07-12 20:11:08 +05:30
Archana
ef6aa5c46d Support Curve448 via the PSA API
Enable Curve448 support
Add test vectors to evaluate
* RFC 7748
* a known-answer public key export test.
* a known-answer ECDH (X448) test.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-07-12 08:07:14 +05:30
Archana
1d2e2bb8cc Add missing Curve448 support for PSA keys
mbedtls_ecp_read_key and mbedtls_ecp_write_key are updated to include
support for Curve448 as prescribed by RFC 7748 §5.

Test suites have been updated to validate curve448 under Montgomery
curves.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-07-12 08:02:54 +05:30
TRodziewicz
c3366a4185 Added mis-removed test and removed unneeded tests
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-07-09 16:57:20 +02:00
TRodziewicz
299510e889 Correction to comments and changelog removed
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-07-09 16:55:11 +02:00
TRodziewicz
7871c2e736 Adding new macro for tests failing
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-07-09 14:27:04 +02:00
Joe Subbiani
da36c9f2ce Improve Code Style
add space between bracket and a newline that had occured
through changes but do not match the original file style

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-07-09 12:03:06 +01:00
Yuto Takano
3fa1673cf6 Fix grammar suggesting an upper bound on MAX_CONTENT_LEN
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
2021-07-09 11:23:40 +01:00