We are about to have full support for TLS 1.2
CH reassembly on server side. The equivalent
positive test would be a duplicate of one of
the tests generated by generate_tls_handshake_tests.py.
Thus just removing the negative test.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In the TLS-Exporter for TLS 1.3 we mistakenly call PSA_HASH_LENGTH() on
an mbedtls_md_type_t when it should be called on a psa_algorithm_t.
Fortunately, these two types have almost the same values, since we have
previously aligned them to make conversion more efficient. As a result,
PSA_HASH_LENGTH() produces exactly the same value when called on an
mbedtls_md_type_t as with the equivalent psa_algorithm_t.
Thanks to this happy coincidence, fix a largely cosmetic issue (rather
than a major functional bug).
Signed-off-by: David Horstmann <david.horstmann@arm.com>
We do not return failure, but return -1u which is documented as a value
that indicates that the result is not available.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
When we are using PSK or when authmode == MBEDTLS_SSL_VERIFY_NONE, we
intentionally do not verify the certificate. In these cases, do not keep
verify_result at -1u but set it to MBEDTLS_X509_BADCERT_SKIP_VERIFY to
indicate that no certificate verification took place.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
TLS-PRF uses either SHA-256 and SHA-384, so the removed paragraph was not
correct. The correct version is already available few lines below in the
same header file.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Initialize the verify_result field in mbedtls_ssl_session_free().
Previously we were just zeroising the entire session object, which would
yield a default 'success' value if the same object were reused.
Test that this initialisation is actually happening by setting
verify_result manually to zero and calling mbedtls_ssl_session_free() on
the session before checking its value.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Since we explicitly document the value 0xFFFFFFFF or -1u as representing
'result not available', we can use it as a sensible default value
without creating an API change. Use this value instead of introducing a
new verification result value.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Write a testcase to get verify_result before we have performed a
handshake and make sure that it is initialised to a failure value.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
At initialization, set the verify_result field of the ssl session to
MBEDTLS_X509_VERIFY_NOT_STARTED, rather than 0 as it is by default
currently. This prevents mbedtls_ssl_get_verify_result() from indicating
that certificate verification has passed if it is called prior to the
handshake happening.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Add a new verification result bitflag MBEDTLS_X509_VERIFY_NOT_STARTED
to use as a safe initial value for verify_result. This is better than
the current initial value which is 0 (indicating success).
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Specify that the cryptographic operations of Mbed TLS are governed by
its threat model and point specifically to block ciphers as an important
case of this.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
To avoid confusion about the threat model of cryptographic code, add a
link to the SECURITY.md of TF-PSA-Crypto. This should help users who are
unaware that the cryptography has been split into a separate repository.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Add new field that tells if the corresponding group is supported or not
in the current build.
Test function "test_mbedtls_ssl_get_supported_group_list" is extended
to verify this new feature.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is already indirectly checked in 'test_mbedtls_tls_id_group_name_table'
because it's the last item of the list.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is only done when MBEDTLS_DEBUG_C is declared in order not to inflate
the library size.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Check provided group_name also against the value returned from
mbedtls_ssl_get_curve_name_from_tls_id().
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
- let the macro be an initializer for the array of known TLS IDs, not
a variable declarator;
- last item's group name is NULL, not an empty string
- change then name of the macro from MBEDTLS_TLS_ID_GROUP_NAME_TABLE to
MBEDTLS_SSL_IANA_TLS_GROUPS_INFO
- define a new public structure "mbedtls_ssl_iana_tls_group_info_t" to
hold each element of the table and that can be used the go over the
list from user code.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
- adjust function name to mbedtls_ssl_get_fatal_alert
- fix missing property name changes for mbedtls_ssl_context
Signed-off-by: Nico Geyso <ng@gsmk.de>
