Xiaokang Qian
01173c21b1
Add client test cases for ephemeral mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
ff5705bdd7
Add client test cases for psk_ephemeral mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
73894232e8
Add client test cases for psk_all mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:33 +00:00
Xiaokang Qian
cf6442e2e4
Add client test cases for psk mode
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-09-23 01:49:30 +00:00
XiaokangQian
335cfaadf9
Finalize client side code for psk
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-09-23 01:48:26 +00:00
Jerry Yu
40b4a01388
Improve documents
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 23:48:38 +08:00
Jerry Yu
359e65f784
limit session ticket number when resumption
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 23:47:43 +08:00
Jerry Yu
f3bdf9dd51
fix various issues
...
- improve document about configuration item.
- format issue
- variable type issue.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 23:47:14 +08:00
Gilles Peskine
07ba2be20b
Merge pull request #6304 from yuhaoth/pr/exclude-pre_shared_key-from-hrr-msg
...
TLS 1.3: PSK: Exclude pre_shared_key for HRR
2022-09-22 10:21:06 +02:00
Manuel Pégourié-Gonnard
1475ac49a4
Merge pull request #6107 from Zaya-dyno/validation_remove_change_hash
...
Validation remove change hash
2022-09-22 09:24:44 +02:00
Manuel Pégourié-Gonnard
d5c82fb821
Merge pull request #6085 from Zaya-dyno/validation_remove_change_cipher
...
Validation remove and change in files related to cipher in library
2022-09-22 09:10:13 +02:00
Jerry Yu
b7e3fa7fbd
move count decrement after success sent
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 13:21:29 +08:00
Jerry Yu
d0766eca58
fix various issues
...
- Improve comments
- Align count variable name to `new_session_tickets_count`
- move tickets_count init to handshake init
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 13:21:29 +08:00
Jerry Yu
9370612312
remove certificate setting from psk_ephemeral HRR test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-21 22:44:24 +08:00
Tom Cosgrove
119eae2e51
Update names of test cases in generate_bignum_tests.py
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-21 12:19:18 +01:00
Tom Cosgrove
c573882674
Merge remote-tracking branch 'upstream/development' into issue-6015-montgomery-multiplication
2022-09-21 12:08:43 +01:00
Manuel Pégourié-Gonnard
e5833c182c
Merge pull request #6300 from davidhorstmann-arm/syntax-highlighting-function-files
...
Use GitHub C syntax highlighting on test files
2022-09-21 10:52:14 +02:00
Manuel Pégourié-Gonnard
d433cd7d07
Merge pull request #6283 from mpg/driver-only-hashes-wrap-up
...
Driver only hashes wrap-up
2022-09-21 08:29:46 +02:00
Jerry Yu
2db49df44b
Add psk_ephemeral HRR tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-21 11:03:28 +08:00
Dave Rodgman
36e1d9ef1d
Merge pull request #6203 from wernerlewis/ecp_group_test
...
Add test for ECP group metadata
2022-09-20 17:35:53 +01:00
Ronald Cron
50969e3af5
ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 15:57:57 +02:00
Tom Cosgrove
4782823ec3
Ensure we explicitly document the modulus for fixed-width arithmetic
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-20 13:51:50 +01:00
Tom Cosgrove
b0b77e1b13
Document and test aliasing of the bignums given to mbedtls_mpi_core_mla()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-20 13:33:40 +01:00
David Horstmann
b5d884815c
Use GitHub C syntax highlighting on test files
...
Add a .gitattributes file that tells GitHub to highlight all .function
files as if they were .c files. This aids in reviewing changes to tests.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-09-20 13:31:23 +01:00
Ronald Cron
277cdcbcde
ssl-opt.sh: tls13 opaque key: Enable client authentication
...
Enable client authentication in TLS 1.3 opaque
key tests to use the opaque key on client side.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:30:13 +02:00
Ronald Cron
e3196d270c
ssl-opt.sh: tls13 opaque key: Do not force version on client side
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:30:13 +02:00
Ronald Cron
6ec2123bf3
ssl-opt.sh: Align prefix of TLS 1.3 opaque key tests
...
Align prefix of TLS 1.3 opaque key tests
with the prefix of the othe TLS 1.3 tests.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:30:13 +02:00
Ronald Cron
067a1e735e
tls13: Try reasonable sig alg for CertificateVerify signature
...
Instead of fully validating beforehand
signature algorithms with regards to the
private key, do minimum validation and then
just try to compute the signature. If it
fails try another reasonable algorithm if any.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:30:13 +02:00
Ronald Cron
38391bf9b6
tls13: Do not impose minimum hash size for RSA PSS signatures
...
When providing proof of possession of
an RSA private key, allow the usage for RSA
PSS signatures of a hash with a security
level lower that the security level of the
RSA private key.
We did not allow this in the first place to
align with the ECDSA case. But as it is not
mandated by the TLS 1.3 specification (in
contrary to ECDSA), let's allow it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:29:41 +02:00
Ronald Cron
67ea2543ed
tls13: server: Add sig alg checks when selecting best certificate
...
When selecting the server certificate based on
the signature algorithms supported by the client,
check the signature algorithms as close as possible
to the way they are checked to compute the
signature for the server to prove it possesses
the private key associated to the certificate.
That way we minimize the odds of selecting a
certificate for which the server will not be
able to compute the signature to prove it
possesses the private key associated to the
certificate.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:26:32 +02:00
Tom Cosgrove
ea45c1d2d4
Document and test aliasing of output for mbedtls_mpi_core_montmul()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-20 13:17:51 +01:00
Werner Lewis
05feee1841
Restore vbuf value after modification
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-20 12:05:58 +01:00
Werner Lewis
ccae25b4bf
Add explicit mbedtls_ecp_tls_read_group_id call
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-20 10:00:07 +01:00
Werner Lewis
7403d93f8a
Add leading zeros to group metadata
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-20 09:41:05 +01:00
Werner Lewis
57807308d5
Fix typo in MBEDTLS_ECP_DP_BP512R1
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-20 09:16:11 +01:00
Tom Cosgrove
f2b3818a69
Test when all three inputs to mbedtls_mpi_core_sub() are aliased
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-09-20 09:08:31 +01:00
Manuel Pégourié-Gonnard
b4e28aa2f7
Fix two typos
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-19 11:55:00 +02:00
Manuel Pégourié-Gonnard
1367f40d38
Fix memory corruption in an SSL test function
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-19 11:00:23 +02:00
Manuel Pégourié-Gonnard
3c16abebd4
Fix dependencies of KEY_EXCHANGE_ECJPAKE
...
The EC J-PAKE module the ability to "fall back" to PSA when MD is not
present a few PRs ago, but the dependency of this key exchange on
SHA-256 wasn't updated at the time.
(Note: the crypto primitive doesn't depend on SHA-256, only its use in
the TLS key exchange does.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-19 10:47:05 +02:00
Manuel Pégourié-Gonnard
73f9233a73
Use full config for testing driver-only hashes
...
Stating from the default config means a few things are implicitly
excluded; starting from the full config makes it all fully explicit.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-19 10:47:05 +02:00
Manuel Pégourié-Gonnard
79e1467799
Fix include path for programs
...
Same problem as #6101 , same fix (the second commit of #6111 ).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-19 09:27:53 +02:00
Jerry Yu
7a51305478
Add multi-session tickets test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-19 14:26:07 +08:00
Jerry Yu
d4e7500a07
Enable multi session tickets on Server
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-19 14:24:03 +08:00
Jerry Yu
1ad7ace6b7
Add conf new session tickets
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-19 14:22:21 +08:00
Ronald Cron
be0224aef3
Merge pull request #6167 from yuhaoth/pr/finalize-tls13-session-tickets
2022-09-18 21:18:13 +02:00
Gilles Peskine
1716f06ee3
Merge pull request #6093 from wernerlewis/bignum_test_script
...
Add bignum test case generation script
2022-09-17 10:37:26 +02:00
Andrzej Kurek
7763829c5c
Add missing ifdef when calculating operation capacity
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 12:24:52 -04:00
Werner Lewis
c2fb540c67
Use a script specific description in CLI help
...
Previous changes used the docstring of the test_generation module,
which does not inform a user about the script.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-09-16 17:03:54 +01:00
Andrzej Kurek
3c4c514302
Remove PSA_ALG_IS_TLS12_ECJPAKE_TO_PMS
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 07:24:14 -04:00
Andrzej Kurek
1fafb1f778
Documentation clarifications for ECJPAKE-to-PMS
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 07:19:49 -04:00