TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-07 12:57:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
32,990 Commits 179 Branches 280 Tags
f0ca71cb3cd180574def971d470df80e9c4e2d11
Commit Graph

553 Commits

Author SHA1 Message Date
Gabor Mezei
5ba9b57cbd Convert test function to a static function 
The `resize_buffers` function is no more used as a test
function to convert it to a static function.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-20 17:55:35 +01:00
Gabor Mezei
9ee58e43e1 Update test dependencies 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-20 17:55:30 +01:00
Gabor Mezei
47c6277480 Update dependencies 
Let the TLS context serialiazation tests to run with other than RSA
ciphersuites.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-20 17:53:07 +01:00
Manuel Pégourié-Gonnard
6dcfdf1f48 Adapt dependencies to the new world 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
af4606d743 Re-introduce log asserts on positive cases 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
47d0b796af Improve a test assertion 
That way if it ever fails it will print the values.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
ed873f9e59 Adjust logic around log pattern 
This is more flexible: the test data gets to decide whether we want to
assert the presence of a pattern or not.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
1038b22d74 Reduce the level of logging used in tests 
This should avoid running into a bug with printf format specifiers one
windows.

It's also a logical move for actual tests: I used the highest debug
level for discovery, but we don't need that all the time.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
299f94a5d2 Fix dependency issues 
Declare the same dependencies as for the previous TLS 1.3 tests, except
for part that varies with the cipher suite (ie AES-GCM).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
1bed827d22 New test function for large ClientHello 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
ae567ad011 Add missing dependency declaration 
This guards the definition of mbedtls_test_ssl_endpoint which we rely
on, so the function won't compile without it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
73247c6e19 Fix dependency issues 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
e916652390 Add supported_curves/groups extension 
This allows us to use a ciphersuite that will still be supported in 4.0.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
6637ef798f New test function inject_client_content_on_the_wire() 
Not used for real stuff so far, just getting the tooling in place.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Gabor Mezei
8829aa336c Fix code style 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-07 13:21:37 +01:00
Gabor Mezei
149509362b TLS context serialization needs an AEAD ciphersuite 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-06 16:06:42 +01:00
Gabor Mezei
dcbe4ce9db Update dependencies 
Pre-existing but not having TLS 1.3 in the build does not seem to be
necessary actually. These test functions set the dtls flag when
calling `test_resize_buffers` and then `test_resize_buffers` sets the
`options.dtls` flag which eventually forces the TLS 1.2 version of the
protocol (in `mbedtls_test_ssl_endpoint_init()` call of
`mbedtls_ssl_config_defaults()` with `MBEDTLS_SSL_TRANSPORT_DATAGRAM`
as the transport).

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:47 +01:00
Gabor Mezei
8adcfc8240 Add ECDSA ciphersuite support for resize_buffer tests 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-05 12:18:47 +01:00
Valerio Setti
1494a09ff7 test_suite_ssl: require GCM or ChaChaPoly in handshake_serialization() 
Hanshake serialization requires that the selected ciphersuite uses
an AEAD algorithm. However, following the DHE-RSA removal, trying to
still use RSA signature might select a ciphersuite which is not using
AEAD, but CBC instead (see preference order in "ssl_ciphersuite.c").

This is especially problematic in tests scenarios where both GCM and
ChaChaPoly are disabled, so that CCM remains as the only AEAD algorithm.
Ciphersuites using RSA signature and CCM are very low on the preference
list, so very unlikely to be picked in tests. This cause a CBC one to
be selected in this case and the handshake_serialization() function
to fail.

In order to prevent failures from happening, in this commit we require
that either GCM or ChaChaPoly are enabled, so that ciphersuites using one
of these are likely to be picked.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:12:02 +01:00
Valerio Setti
b8ef2a4455 test_suite_ssl: adapt handshake_fragmentation() to use ECDHE-RSA 
Use ECDHE-RSA instead of DHE-RSA.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-27 12:38:39 +01:00
Manuel Pégourié-Gonnard
c4e768a8a6 Fix incorrect test function 
We should not manually set the TLS version, the tests are supposed to
pass in 1.3-only builds as well. Instead do the normal thing of setting
defaults. This doesn't interfere with the rest of the testing, so I'm
not sure why we were not doing it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-22 10:04:43 +01:00
Manuel Pégourié-Gonnard
4c3134a396 Remove useless dependency from test function 
This dependency was never right in the first place.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:25:52 +01:00
Manuel Pégourié-Gonnard
93d4591255 Remove deprecated function mbedtls_ssl_conf_curves() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:06:31 +01:00
Gilles Peskine
bc7c523420 Remove uses of secp244k1 
Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will
not be implemented. (It would be K1_225 anyway, but we don't intend to
implement it anyway.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-01-08 16:51:23 +01:00
Elena Uziunaite
8d8620bf18 Address review comments: add PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-09-09 11:18:10 +01:00
Elena Uziunaite
bed21b55a6 Replace MBEDTLS_PK_CAN_ECDSA_VERIFY with PSA_HAVE_ALG_ECDSA_VERIFY 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-09-09 11:18:10 +01:00
Elena Uziunaite
a6950b8ce7 Replace MBEDTLS_PK_CAN_ECDSA_SOME with PSA_HAVE_ALG_SOME_ECDSA 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-09-09 11:17:36 +01:00
Elena Uziunaite
63cb13e494 Replace MBEDTLS_ECP_HAVE_SECP224K1 with PSA_WANT_ECC_SECP_K1_224 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-09-05 12:43:14 +01:00
Gilles Peskine
b8457fff9f Merge pull request #9353 from eleuzi01/replace-ecp-have-secp384r1 
Replace MBEDTLS_ECP_HAVE_SECP384R1 with PSA_WANT_ECC_SECP_R1_384
 2024-08-12 14:37:10 +00:00
Gilles Peskine
0858fdca38 Merge pull request #9189 from misch7/fix-v3.6-issues-9186-and-9188 
Fix build of v3.6 (issues #9186 and #9188)
 2024-08-12 09:34:17 +00:00
Michael Schuster
bd89b791a4 Adjust spacing in tests/suites function sources 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-09 10:29:58 +01:00
Elena Uziunaite
6b4cd48d24 Replace MBEDTLS_ECP_HAVE_SECP384R1 with PSA_WANT_ECC_SECP_R1_384 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-08-09 09:49:03 +01:00
Elena Uziunaite
8dde3b3dec Replace MBEDTLS_PK_HAVE_ECC_KEYS with PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-08-05 15:41:58 +01:00
Elena Uziunaite
74342c7c2b Replace MBEDTLS_SSL_HAVE_CBC with PSA_WANT_ALG_CBC_NO_PADDING 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-31 16:19:15 +01:00
Elena Uziunaite
6121a344dd Replace MBEDTLS_SSL_HAVE_AES with PSA_WANT_KEY_TYPE_AES 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-30 18:42:19 +01:00
Elena Uziunaite
417d05f7c5 Replace MBEDTLS_ECP_HAVE_SECP256R1 with PSA_WANT_ECC_SECP_R1_256 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-29 11:31:20 +01:00
Paul Elliott
b449476595 Merge pull request #9354 from eleuzi01/replace-ecp-have-secp512r1 
Replace MBEDTLS_ECP_HAVE_SECP521R1 with PSA_WANT_ECC_SECP_R1_521
 2024-07-18 15:55:41 +00:00
Paul Elliott
df772da34e Merge pull request #9358 from eleuzi01/replace-curve 
Replace MBEDTLS_ECP_HAVE_CURVE* with PSA_WANT counterparts
 2024-07-18 13:54:26 +00:00
Gilles Peskine
9a75dddb5c Merge pull request #9350 from eleuzi01/replace-ecp-have-secp224r1 
Replace MBEDTLS_ECP_HAVE_SECP224R1 with PSA_WANT_ECC_SECP_R1_224
 2024-07-17 13:48:40 +00:00
Elena Uziunaite
b8d10876d1 Replace MBEDTLS_ECP_HAVE_BP*R1 with PSA_WANT counterparts 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-16 21:48:55 +03:00
Elena Uziunaite
24e24f2b5a Replace MBEDTLS_ECP_HAVE_SECP521R1 with PSA_WANT_ECC_SECP_R1_521 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-16 21:43:30 +03:00
Elena Uziunaite
eaa0cf0de6 Replace MBEDTLS_ECP_HAVE_SECP224R1 with PSA_WANT_ECC_SECP_R1_224 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-16 17:00:31 +03:00
Gilles Peskine
cb854d5d19 Merge pull request #9356 from eleuzi01/replace-ecp-have-secp-k1 
Replace MBEDTLS_ECP_HAVE_SECP*K1 with PSA_WANT counterparts
 2024-07-16 13:57:46 +00:00
Elena Uziunaite
9e85c9f0f4 Replace MBEDTLS_ECP_HAVE_SECP*K1 with PSA_WANT counterparts 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-15 12:11:55 +03:00
Elena Uziunaite
a363286c9f Replace MBEDTLS_ECP_HAVE_SECP192R1 with PSA_WANT_ECC_SECP_R1_192 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-15 11:24:49 +03:00
Elena Uziunaite
0b5d48ebbf Replace MBEDTLS_ECP_HAVE_CURVE* with PSA_WANT counterparts 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-11 13:20:35 +03:00
Elena Uziunaite
0916cd702f Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-11 11:13:35 +03:00
Valerio Setti
8473390bbb tests: fix guards in test suites to allow testing with PSASIM 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-07-02 15:45:55 +02:00
Ronald Cron
8d15e0114b tests: ssl: Add hostname checks in session serialization tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:37:31 +01:00
Ronald Cron
ad0ee1a7c4 tests: ssl: Remove redundant test 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:18:04 +01:00