Follow the same pattern that was used in the past to remove dependency
on MBEDTLS_RSA_C and use PSA_WANT instead.
Relying on MBEDTLS_RSA_C is fine only when builtin drivers are compiled
since all PSA_WANT are converted to legacy build symbols. However when
builtin drivers are not built (ex: in case of TF-M), then part of the code
in TLS/X509 won't be compiled because MBEDTLS_RSA_C is not set. OTOH
it's not possible to declare that symbol in a configuration file because
it's a legacy one and it will be rejected by buildtime checks.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Simplify and improve error reporting and remove unnecessary
initialisation (the caller is responsible for initialising those
values).
Signed-off-by: Janos Follath <janos.follath@arm.com>
DEBUG_C supposed to have been removed from the test dependencies, still
being there is an oversight. Removing it was the sole purpose of
3e58109fbd.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The caller is returning MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER if
ssl_parse_signature_algorithm() fails, but
ssl_parse_signature_algorithm() returns
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE upon failure. There is no good reason
for this mismatch and better to be aligned.
Signed-off-by: Janos Follath <janos.follath@arm.com>
After the recent refactoring ssl_parse_signature_algorithm() sends an
alert on failure, but the caller also sends an alert on failure. Sending
two alerts is at least a protocol violation, and might not leave the SSL
context in a good state.
It is simpler to have the caller read the two bytes, and pass them to
this function.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The unit test framework always loads the client key as well, which
requires a different curve and a hash than the server key.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Add a test case with a successful handshake for each test case that
causes the desired handshake failure, with minimal differences between
the two.
The reason is to have more assurance that the handshake is failing for
the desired reason (as opposed to not having done something correctly in
the test code).
Signed-off-by: Janos Follath <janos.follath@arm.com>
There are other issues that can fail with the same error code. Make sure
that the handshake fails exactly the way we want it to fail by analysing
the client logs.
Signed-off-by: Janos Follath <janos.follath@arm.com>
The logic was easier to follow before 693a47a, which removed the
ssl_parse_signature_algorithm function and introduced the bug being
fixed in this PR.
When validating multiple conditions, it's easier to read, easier to
debug and, as we can see, easier to get right if you validate them
separately.
Signed-off-by: Janos Follath <janos.follath@arm.com>
We usually follow the pattern that a zero-initialised struct is safe to
free. This wasn't the case here.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This root certificate uses SECP-384 and if we don't have it in the
build, the parsing already fails even if we don't try to use it, there
is no reason to have it in the build without the SECP-384.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This bug caused the client accepting sig_algs used by the server that
it explicitly wanted to disallow.
Signed-off-by: Janos Follath <janos.follath@arm.com>
In testcases where we are expecting handshake failure the message
"Certificate verification was skipped" is not printed, so do not check
for it.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This field reserves a small space for us to repurpose in the lifetime
of the 4.1 LTS release without breaking the ABI, if needed.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
These fields reserve a small space for us to repurpose in the lifetime
of the 4.1 LTS release without breaking the ABI, if needed.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Check for the 'Certificate verification was skipped' message only when
the testcase depends on
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED since in other
cases certificates may not be enabled at all and this message will not
be printed in the output.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Replace MBEDTLS_ECP_C with PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY which is
already used in all other profiles in this file.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Move a bunch of files from `scripts` and `mbedtls/scripts` to the framework.
Most are not called from any scripts invoked by the CI, but a couple are.
A subsequent commit will adapt the scripts. None of these scripts are
referenced from other repositories except in documentation.
The following files will be removed, and added to `mbedtls-framework`:
* `scripts/ecp_comb_table.py`
* `scripts/massif_max.pl`
* `tests/scripts/audit-validity-dates.py` (moved to `scripts/`)
* `tests/scripts/gen_ctr_drbg.pl` (moved to `scripts/`)
* `tests/scripts/gen_gcm_decrypt.pl` (moved to `scripts/`)
* `tests/scripts/gen_gcm_encrypt.pl` (moved to `scripts/`)
* `tests/scripts/gen_pkcs1_v21_sign_verify.pl` (moved to `scripts/`)
* `tests/scripts/generate-afl-tests.sh` (moved to `scripts/`)
* `tests/scripts/generate_server9_bad_saltlen.py` (moved to `scripts/`)
* `tests/scripts/run-metatests.sh` (moved to `scripts/`)
* `tests/scripts/run_demos.py` (moved to `scripts/`)
* `tests/scripts/test_config_script.py` (moved to `scripts/`)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We haven't used this in years. It's obsolete because this functionality
should now be provided by the more general PSA function
wrappers (`PSALoggingWrapper` generator), although that work is unfinished.
It belongs in TF-PSA-Crypto anyway. So remove it, it's one less little
amount of baggage.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In testcases in opt-testcases/tls13kex-modes.sh, check for the setting
of the failure flag MBEDTLS_X509_BADCERT_SKIP_VERIFY by looking for the
string "! Certificate verification was skipped" in the output in cases
where the key exchange is negotiated to use PSK.
Note that this check for output is only added to the success cases since
the negative tests fail before this string is printed.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Check that the message "! Certificate verification was skipped" is
present in the output when auth_mode=none. This indicates that the
certificate verify flag MBEDTLS_X509_BADCERT_SKIP_VERIFY was
correctly set.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
