mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-14 16:20:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

TLS context serialization needs an AEAD ciphersuite

Browse Source 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
This commit is contained in:
Gabor Mezei 2025-03-06 16:06:42 +01:00
parent ea4df49272
commit 149509362b
No known key found for this signature in database
GPG Key ID: 6310BD29B0BFF98C
2 changed files with 32 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
tests/include/test/ssl_helpers.h
View File

@ -70,6 +70,13 @@
defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
#endif
#if defined(PSA_WANT_ALG_GCM) ||\
defined(PSA_WANT_ALG_CCM) ||\
defined(PSA_WANT_ALG_CHACHA20_POLY1305)
#define MBEDTLS_TEST_HAS_AEAD_ALG
#endif
enum {
#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \
tls13_label_ ## name,

29
tests/suites/test_suite_ssl.function
View File

@ -2858,13 +2858,34 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_TEST_HAS_AEAD_ALG:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
void resize_buffers_serialize_mfl(int mfl)
{
/* Choose an AEAD ciphersuite */
const int *ciphersuites = mbedtls_ssl_list_ciphersuites();
const mbedtls_ssl_ciphersuite_t *ciphersuite = NULL;
int i = 0;
while (ciphersuites[i] != 0) {
ciphersuite = mbedtls_ssl_ciphersuite_from_id(ciphersuites[i]);
if (ciphersuite->min_tls_version == MBEDTLS_SSL_VERSION_TLS1_2) {
const mbedtls_ssl_mode_t mode =
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM)
mbedtls_ssl_get_mode_from_ciphersuite(0, ciphersuite);
#else
mbedtls_ssl_get_mode_from_ciphersuite(ciphersuite);
#endif
if (mode == MBEDTLS_SSL_MODE_AEAD)
break;
}
i++;
}
TEST_ASSERT(ciphersuite != NULL);
test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1,
(char *) "");
/* The goto below is used to avoid an "unused label" warning.*/
goto exit;
(char *) ciphersuite->name);
}
/* END_CASE */