From 1494a09ff707358aa709d062a471de424bec213e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 30 Jan 2025 16:45:45 +0100 Subject: [PATCH] test_suite_ssl: require GCM or ChaChaPoly in handshake_serialization() Hanshake serialization requires that the selected ciphersuite uses an AEAD algorithm. However, following the DHE-RSA removal, trying to still use RSA signature might select a ciphersuite which is not using AEAD, but CBC instead (see preference order in "ssl_ciphersuite.c"). This is especially problematic in tests scenarios where both GCM and ChaChaPoly are disabled, so that CCM remains as the only AEAD algorithm. Ciphersuites using RSA signature and CCM are very low on the preference list, so very unlikely to be picked in tests. This cause a CBC one to be selected in this case and the handshake_serialization() function to fail. In order to prevent failures from happening, in this commit we require that either GCM or ChaChaPoly are enabled, so that ciphersuites using one of these are likely to be picked. Signed-off-by: Valerio Setti --- tests/suites/test_suite_ssl.data | 1 - tests/suites/test_suite_ssl.function | 6 +++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 8d9e8bbc3f..cd0c303e91 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -417,7 +417,6 @@ depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_W handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1 DTLS Handshake with serialization, tls1_2 -depends_on:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS handshake_serialization DTLS Handshake fragmentation, MFL=512 diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 6bb4dfee7f..2b50f0e3f2 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -63,6 +63,10 @@ exit: } #endif +#if defined(PSA_WANT_ALG_GCM) || defined(PSA_WANT_ALG_CHACHA20_POLY1305) +#define TEST_GCM_OR_CHACHAPOLY_ENABLED +#endif + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -2744,7 +2748,7 @@ void app_data_dtls(int mfl, int cli_msg_len, int srv_msg_len, } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY:TEST_GCM_OR_CHACHAPOLY_ENABLED */ void handshake_serialization() { mbedtls_test_handshake_test_options options;