Merge pull request from ronald-cron-arm/tls13-kex-build-options

TLS 1.3 Introduce and use key exchange mode config options
This commit is contained in:
Ronald Cron 2022-10-24 15:21:37 +02:00 committed by GitHub
commit 2012361ae6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
26 changed files with 2062 additions and 878 deletions

@ -141,10 +141,33 @@ Support description
| MBEDTLS_USE_PSA_CRYPTO | yes |
(1) These options must remain in their default state of enabled.
(2) Key exchange configuration options for TLS 1.3 will likely to be
organized around the notion of key exchange mode along the line
of the MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE/PSK/PSK_EPHEMERAL/EPHEMERAL
runtime configuration macros.
(2) See the TLS 1.3 specific build options section below.
- TLS 1.3 specific build options:
- MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE enables the support for middlebox
compatibility mode as defined in section D.4 of RFC 8446.
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED enables the support for
the PSK key exchange mode as defined by RFC 8446. If it is the only key
exchange mode enabled, the TLS 1.3 implementation does not contain any code
related to key exchange protocols, certificates and signatures.
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED enables the
support for the ephemeral key exchange mode. If it is the only key exchange
mode enabled, the TLS 1.3 implementation does not contain any code related
to PSK based key exchange. The ephemeral key exchange mode requires at least
one of the key exchange protocol allowed by the TLS 1.3 specification, the
parsing and validation of x509 certificates and at least one signature
algorithm allowed by the TLS 1.3 specification for signature computing and
verification.
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED enables the
support for the PSK ephemeral key exchange mode. If it is the only key
exchange mode enabled, the TLS 1.3 implementation does not contain any code
related to certificates and signatures. The PSK ephemeral key exchange
mode requires at least one of the key exchange protocol allowed by the
TLS 1.3 specification.
Prototype upstreaming status

@ -78,6 +78,36 @@
#define MBEDTLS_PK_WRITE_C
#endif
#if !defined(MBEDTLS_SSL_PROTO_TLS1_2)
#undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
#endif
#if !defined(MBEDTLS_SSL_PROTO_TLS1_3)
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
#endif
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) || \
defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED)
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED
#endif
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) || \
defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED)
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED
#endif
/* Make sure all configuration symbols are set before including check_config.h,
* even the ones that are calculated programmatically. */
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) /* PSA_WANT_xxx influences MBEDTLS_xxx */ || \

@ -806,6 +806,19 @@
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
#if !( defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_X509_CRT_PARSE_C) && \
( defined(MBEDTLS_ECDSA_C) || defined(MBEDTLS_PKCS1_V21) ) )
#error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED defined, but not all prerequisites"
#endif
#endif
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED)
#if !( defined(MBEDTLS_ECDH_C) )
#error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED defined, but not all prerequisites"
#endif
#endif
/*
* The current implementation of TLS 1.3 requires MBEDTLS_SSL_KEEP_PEER_CERTIFICATE.
*/

@ -1552,6 +1552,47 @@
*/
//#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
/**
* \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
*
* Enable TLS 1.3 PSK key exchange mode.
*
* Comment to disable support for the PSK key exchange mode in TLS 1.3. If
* MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any
* effect on the build.
*
*/
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
/**
* \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
*
* Enable TLS 1.3 ephemeral key exchange mode.
*
* Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C, MBEDTLS_ECDSA_C or
* MBEDTLS_PKCS1_V21
*
* Comment to disable support for the ephemeral key exchange mode in TLS 1.3.
* If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any
* effect on the build.
*
*/
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
/**
* \def MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
*
* Enable TLS 1.3 PSK ephemeral key exchange mode.
*
* Requires: MBEDTLS_ECDH_C
*
* Comment to disable support for the PSK ephemeral key exchange mode in
* TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not
* have any effect on the build.
*
*/
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
/**
* \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE
*

@ -1393,7 +1393,7 @@ struct mbedtls_ssl_config
void *MBEDTLS_PRIVATE(p_vrfy); /*!< context for X.509 verify calllback */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_SSL_SRV_C)
/** Callback to retrieve PSK key from identity */
int (*MBEDTLS_PRIVATE(f_psk))(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
@ -1444,13 +1444,13 @@ struct mbedtls_ssl_config
void *MBEDTLS_PRIVATE(p_async_config_data); /*!< Configuration data set by mbedtls_ssl_conf_async_private_cb(). */
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
const int *MBEDTLS_PRIVATE(sig_hashes); /*!< allowed signature hashes */
#endif
const uint16_t *MBEDTLS_PRIVATE(sig_algs); /*!< allowed signature algorithms */
#endif
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
const mbedtls_ecp_group_id *MBEDTLS_PRIVATE(curve_list); /*!< allowed curves */
@ -1463,7 +1463,7 @@ struct mbedtls_ssl_config
mbedtls_mpi MBEDTLS_PRIVATE(dhm_G); /*!< generator for DHM */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psk_opaque); /*!< PSA key slot holding opaque PSK. This field
@ -1494,7 +1494,7 @@ struct mbedtls_ssl_config
* Its value is non-zero if and only if
* \c psk is not \c NULL or \c psk_opaque
* is not \c 0. */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_SSL_ALPN)
const char **MBEDTLS_PRIVATE(alpn_list); /*!< ordered list of protocols */
@ -3296,7 +3296,7 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
mbedtls_pk_context *pk_key );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
/**
* \brief Configure pre-shared keys (PSKs) and their
* identities to be used in PSK-based ciphersuites.
@ -3465,7 +3465,7 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
size_t),
void *p_psk );
#endif /* MBEDTLS_SSL_SRV_C */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
/**
@ -3598,7 +3598,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_groups( mbedtls_ssl_config *conf,
const uint16_t *groups );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
/**
* \brief Set the allowed hashes for signatures during the handshake.
@ -3644,7 +3644,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
*/
void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf,
const uint16_t* sig_algs );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/**

@ -292,6 +292,11 @@ typedef enum {
#define MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) || \
defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
#define MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED
#endif
/* Key exchanges allowing client certificate requests */
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
@ -341,6 +346,11 @@ typedef enum {
#define MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) || \
defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
#define MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED
#endif
/* Key exchanges using DHE */
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)

@ -608,7 +608,7 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
}
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if(
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
( propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled( ssl ) ) ||
@ -623,7 +623,7 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
return( ret );
p += output_len;
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( propose_tls12 )
@ -637,8 +637,7 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
/* The "pre_shared_key" extension (RFC 8446 Section 4.2.11)
* MUST be the last extension in the ClientHello.
*/
@ -650,7 +649,7 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
return( ret );
p += output_len;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
/* Write the length of the list of extensions. */
extensions_len = p - p_extensions_len - 2;
@ -957,8 +956,7 @@ int mbedtls_ssl_write_client_hello( mbedtls_ssl_context *ssl )
mbedtls_ssl_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO,
msg_len );
ssl->handshake->update_checksum( ssl, buf, msg_len - binders_len );
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
if( binders_len > 0 )
{
MBEDTLS_SSL_PROC_CHK(
@ -967,7 +965,7 @@ int mbedtls_ssl_write_client_hello( mbedtls_ssl_context *ssl )
ssl->handshake->update_checksum( ssl, buf + msg_len - binders_len,
binders_len );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg( ssl,
buf_len,

@ -245,7 +245,7 @@
#define MBEDTLS_RECEIVED_SIG_ALGS_SIZE 20
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#define MBEDTLS_TLS_SIG_NONE MBEDTLS_TLS1_3_SIG_NONE
@ -255,7 +255,7 @@
#define MBEDTLS_SSL_TLS12_HASH_ALG_FROM_SIG_AND_HASH_ALG(alg) (alg >> 8)
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
/*
* Check that we obey the standard's message size bounds
@ -600,8 +600,6 @@ struct mbedtls_ssl_handshake_params
size_t ecrs_n; /*!< place for saving a length */
#endif
size_t pmslen; /*!< premaster length */
mbedtls_ssl_ciphersuite_t const *ciphersuite_info;
void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
@ -621,7 +619,7 @@ struct mbedtls_ssl_handshake_params
#if defined(MBEDTLS_SSL_SRV_C)
/** selected_group of key_share extension in HelloRetryRequest message. */
uint16_t hrr_selected_group;
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
uint8_t tls13_kex_modes; /*!< Key exchange modes supported by the client */
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
@ -631,7 +629,7 @@ struct mbedtls_ssl_handshake_params
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
uint16_t received_sig_algs[MBEDTLS_RECEIVED_SIG_ALGS_SIZE];
#endif
@ -677,7 +675,7 @@ struct mbedtls_ssl_handshake_params
const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t psk_opaque; /*!< Opaque PSK from the callback */
uint8_t psk_opaque_is_internal;
@ -686,7 +684,7 @@ struct mbedtls_ssl_handshake_params
size_t psk_len; /*!< Length of PSK from callback */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
uint16_t selected_identity;
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */
@ -853,15 +851,18 @@ struct mbedtls_ssl_handshake_params
unsigned char randbytes[MBEDTLS_CLIENT_HELLO_RANDOM_LEN +
MBEDTLS_SERVER_HELLO_RANDOM_LEN];
/*!< random bytes */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
/*!< premaster secret */
size_t pmslen; /*!< premaster length */
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
int extensions_present; /*!< extension presence; Each bitfield
represents an extension and defined
as \c MBEDTLS_SSL_EXT_XXX */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
unsigned char certificate_request_context_len;
unsigned char *certificate_request_context;
#endif
@ -1365,11 +1366,13 @@ MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl,
mbedtls_key_exchange_type_t key_ex );
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_SSL_CLI_C)
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf );
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/**
* Get the first defined opaque PSK by order of precedence:
@ -1422,7 +1425,7 @@ static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl,
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_PK_C)
unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk );
@ -1784,7 +1787,8 @@ static inline int mbedtls_ssl_conf_tls13_some_psk_enabled( mbedtls_ssl_context *
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
}
#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_SRV_C) && \
defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
/**
* Given a list of key exchange modes, check if at least one of them is
* supported.
@ -1831,7 +1835,8 @@ static inline int mbedtls_ssl_tls13_some_psk_enabled( mbedtls_ssl_context *ssl )
return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
}
#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_SRV_C &&
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
/*
* Helper functions to check the selected key exchange mode.
@ -1871,7 +1876,7 @@ int mbedtls_ssl_tls13_fetch_handshake_msg( mbedtls_ssl_context *ssl,
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
/*
* Handler of TLS 1.3 write Certificate message
*/
@ -1884,7 +1889,7 @@ int mbedtls_ssl_tls13_write_certificate( mbedtls_ssl_context *ssl );
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
/*
* Generic handler of Certificate Verify
@ -1914,7 +1919,7 @@ int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange(
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
* Parse TLS Signature Algorithm extension
*/
@ -1922,7 +1927,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_parse_sig_alg_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf,
const unsigned char *end );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
/* Get handshake transcript */
MBEDTLS_CHECK_RETURN_CRITICAL
@ -2042,7 +2047,7 @@ static inline int mbedtls_ssl_named_group_is_supported( uint16_t named_group )
static inline const void *mbedtls_ssl_get_sig_algs(
const mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
if( ssl->handshake != NULL &&
@ -2054,17 +2059,14 @@ static inline const void *mbedtls_ssl_get_sig_algs(
#endif
return( ssl->conf->sig_algs );
#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#else /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
((void) ssl);
return( NULL );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
static inline int mbedtls_ssl_sig_alg_is_received( const mbedtls_ssl_context *ssl,
uint16_t own_sig_alg )
{
@ -2079,61 +2081,7 @@ static inline int mbedtls_ssl_sig_alg_is_received( const mbedtls_ssl_context *ss
}
return( 0 );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
static inline int mbedtls_ssl_sig_alg_is_offered( const mbedtls_ssl_context *ssl,
uint16_t proposed_sig_alg )
{
const uint16_t *sig_alg = mbedtls_ssl_get_sig_algs( ssl );
if( sig_alg == NULL )
return( 0 );
for( ; *sig_alg != MBEDTLS_TLS_SIG_NONE; sig_alg++ )
{
if( *sig_alg == proposed_sig_alg )
return( 1 );
}
return( 0 );
}
static inline int mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg(
uint16_t sig_alg, mbedtls_pk_type_t *pk_type, mbedtls_md_type_t *md_alg )
{
*pk_type = mbedtls_ssl_pk_alg_from_sig( sig_alg & 0xff );
*md_alg = mbedtls_ssl_md_alg_from_hash( ( sig_alg >> 8 ) & 0xff );
if( *pk_type != MBEDTLS_PK_NONE && *md_alg != MBEDTLS_MD_NONE )
return( 0 );
switch( sig_alg )
{
#if defined(MBEDTLS_PKCS1_V21)
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:
*md_alg = MBEDTLS_MD_SHA256;
*pk_type = MBEDTLS_PK_RSASSA_PSS;
break;
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:
*md_alg = MBEDTLS_MD_SHA384;
*pk_type = MBEDTLS_PK_RSASSA_PSS;
break;
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512:
*md_alg = MBEDTLS_MD_SHA512;
*pk_type = MBEDTLS_PK_RSASSA_PSS;
break;
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#endif /* MBEDTLS_PKCS1_V21 */
default:
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
return( 0 );
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
static inline int mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported(
const uint16_t sig_alg )
{
@ -2201,7 +2149,63 @@ static inline int mbedtls_ssl_tls13_sig_alg_is_supported(
return( 1 );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_tls13_check_sig_alg_cert_key_match( uint16_t sig_alg,
mbedtls_pk_context *key );
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
static inline int mbedtls_ssl_sig_alg_is_offered( const mbedtls_ssl_context *ssl,
uint16_t proposed_sig_alg )
{
const uint16_t *sig_alg = mbedtls_ssl_get_sig_algs( ssl );
if( sig_alg == NULL )
return( 0 );
for( ; *sig_alg != MBEDTLS_TLS_SIG_NONE; sig_alg++ )
{
if( *sig_alg == proposed_sig_alg )
return( 1 );
}
return( 0 );
}
static inline int mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg(
uint16_t sig_alg, mbedtls_pk_type_t *pk_type, mbedtls_md_type_t *md_alg )
{
*pk_type = mbedtls_ssl_pk_alg_from_sig( sig_alg & 0xff );
*md_alg = mbedtls_ssl_md_alg_from_hash( ( sig_alg >> 8 ) & 0xff );
if( *pk_type != MBEDTLS_PK_NONE && *md_alg != MBEDTLS_MD_NONE )
return( 0 );
switch( sig_alg )
{
#if defined(MBEDTLS_PKCS1_V21)
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:
*md_alg = MBEDTLS_MD_SHA256;
*pk_type = MBEDTLS_PK_RSASSA_PSS;
break;
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:
*md_alg = MBEDTLS_MD_SHA384;
*pk_type = MBEDTLS_PK_RSASSA_PSS;
break;
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512:
*md_alg = MBEDTLS_MD_SHA512;
*pk_type = MBEDTLS_PK_RSASSA_PSS;
break;
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
#endif /* MBEDTLS_PKCS1_V21 */
default:
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
return( 0 );
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
static inline int mbedtls_ssl_tls12_sig_alg_is_supported(
@ -2279,26 +2283,17 @@ static inline int mbedtls_ssl_sig_alg_is_supported(
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
if( ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 )
{
return( mbedtls_ssl_tls13_sig_alg_is_supported( sig_alg ) );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif
((void) ssl);
((void) sig_alg);
return( 0 );
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_tls13_check_sig_alg_cert_key_match( uint16_t sig_alg,
mbedtls_pk_context *key );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
/* Corresponding PSA algorithm for MBEDTLS_CIPHER_NULL.
@ -2459,7 +2454,7 @@ int mbedtls_ssl_check_dtls_clihlo_cookie(
unsigned char *obuf, size_t buf_len, size_t *olen );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
/**
* \brief Given an SSL context and its associated configuration, write the TLS
* 1.3 specific Pre-Shared key extension.
@ -2492,7 +2487,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext(
mbedtls_ssl_context *ssl,
unsigned char *buf, unsigned char *end );
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_SSL_SESSION_TICKETS) && \

@ -843,7 +843,7 @@ static int ssl_handshake_init( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
/* Heap allocate and translate sig_hashes from internal hash identifiers to
@ -909,7 +909,7 @@ static int ssl_handshake_init( mbedtls_ssl_context *ssl )
ssl->handshake->sig_algs_heap_allocated = 0;
}
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
return( 0 );
}
@ -1599,16 +1599,21 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
}
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_conf_psk_is_configured( mbedtls_ssl_config const *conf )
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf )
{
if( conf->psk_identity == NULL ||
conf->psk_identity_len == 0 )
{
return( 0 );
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( !mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
return( 1 );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( conf->psk != NULL )
if( conf->psk != NULL && conf->psk_len != 0 )
return( 1 );
return( 0 );
@ -1654,6 +1659,7 @@ static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf,
{
/* Identity len will be encoded on two bytes */
if( psk_identity == NULL ||
psk_identity_len == 0 ||
( psk_identity_len >> 16 ) != 0 ||
psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
{
@ -1677,7 +1683,7 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* We currently only support one PSK, raw or opaque. */
if( ssl_conf_psk_is_configured( conf ) )
if( mbedtls_ssl_conf_has_static_psk( conf ) )
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
/* Check and set raw PSK */
@ -1795,7 +1801,7 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* We currently only support one PSK, raw or opaque. */
if( ssl_conf_psk_is_configured( conf ) )
if( mbedtls_ssl_conf_has_static_psk( conf ) )
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
/* Check and set opaque PSK */
@ -1836,7 +1842,7 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
}
#endif /* MBEDTLS_SSL_SRV_C */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
static mbedtls_ssl_mode_t mbedtls_ssl_get_base_mode(
@ -2389,7 +2395,7 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
}
#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
/*
* Set allowed/preferred hashes for handshake signatures
@ -2410,7 +2416,7 @@ void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf,
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
conf->sig_algs = sig_algs;
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_ECP_C)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
@ -3581,7 +3587,7 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
if ( ssl->handshake->sig_algs_heap_allocated )
mbedtls_free( (void*) handshake->sig_algs );
@ -3593,7 +3599,7 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
mbedtls_free( (void*) handshake->certificate_request_context );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 )
@ -3639,7 +3645,7 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
mbedtls_free( (void *) handshake->curves );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
{
@ -3659,7 +3665,7 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
mbedtls_free( handshake->psk );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#endif
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
@ -4459,7 +4465,7 @@ static int ssl_preset_suiteb_ciphersuites[] = {
0
};
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/* NOTICE:
* For ssl_preset_*_sig_algs and ssl_tls12_preset_*_sig_algs, the following
@ -4604,7 +4610,7 @@ static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = {
};
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
static uint16_t ssl_preset_suiteb_groups[] = {
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
@ -4616,7 +4622,7 @@ static uint16_t ssl_preset_suiteb_groups[] = {
MBEDTLS_SSL_IANA_TLS_GROUP_NONE
};
#if defined(MBEDTLS_DEBUG_C) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_DEBUG_C) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/* Function for checking `ssl_preset_*_sig_algs` and `ssl_tls12_preset_*_sig_algs`
* to make sure there are no duplicated signature algorithm entries. */
MBEDTLS_CHECK_RETURN_CRITICAL
@ -4640,7 +4646,7 @@ static int ssl_check_no_sig_alg_duplication( uint16_t * sig_algs )
return( ret );
}
#endif /* MBEDTLS_DEBUG_C && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_DEBUG_C && MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
/*
* Load default in mbedtls_ssl_config
@ -4652,7 +4658,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
#endif
#if defined(MBEDTLS_DEBUG_C) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_DEBUG_C) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if( ssl_check_no_sig_alg_duplication( ssl_preset_suiteb_sig_algs ) )
{
mbedtls_printf( "ssl_preset_suiteb_sig_algs has duplicated entries\n" );
@ -4678,7 +4684,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
return( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#endif /* MBEDTLS_DEBUG_C && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_DEBUG_C && MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
/* Use the functions here so that they are covered in tests,
* but otherwise access member directly for efficiency */
@ -4809,14 +4815,14 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
conf->cert_profile = &mbedtls_x509_crt_profile_suiteb;
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_conf_is_tls12_only( conf ) )
conf->sig_algs = ssl_tls12_preset_suiteb_sig_algs;
else
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
conf->sig_algs = ssl_preset_suiteb_sig_algs;
#endif
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
conf->curve_list = NULL;
@ -4835,14 +4841,14 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
conf->cert_profile = &mbedtls_x509_crt_profile_default;
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_conf_is_tls12_only( conf ) )
conf->sig_algs = ssl_tls12_preset_default_sig_algs;
else
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
conf->sig_algs = ssl_preset_default_sig_algs;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
conf->curve_list = NULL;
@ -4867,7 +4873,7 @@ void mbedtls_ssl_config_free( mbedtls_ssl_config *conf )
mbedtls_mpi_free( &conf->dhm_G );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
{
@ -4889,7 +4895,7 @@ void mbedtls_ssl_config_free( mbedtls_ssl_config *conf )
conf->psk_identity = NULL;
conf->psk_identity_len = 0;
}
#endif
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
ssl_key_cert_free( conf->key_cert );
@ -5268,7 +5274,7 @@ int mbedtls_ssl_get_handshake_transcript( mbedtls_ssl_context *ssl,
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/* mbedtls_ssl_parse_sig_alg_ext()
*
* The `extension_data` field of signature algorithm contains a `SignatureSchemeList`
@ -5376,7 +5382,7 @@ int mbedtls_ssl_parse_sig_alg_ext( mbedtls_ssl_context *ssl,
return( 0 );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
@ -8582,7 +8588,7 @@ int mbedtls_ssl_validate_ciphersuite(
return( 0 );
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
* Function for writing a signature algorithm extension.
*
@ -8685,7 +8691,7 @@ int mbedtls_ssl_write_sig_alg_ext( mbedtls_ssl_context *ssl, unsigned char *buf,
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
return( 0 );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
/*

@ -49,27 +49,6 @@
#include "hash_info.h"
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
int mbedtls_ssl_conf_has_static_psk( mbedtls_ssl_config const *conf )
{
if( conf->psk_identity == NULL ||
conf->psk_identity_len == 0 )
{
return( 0 );
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) )
return( 1 );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( conf->psk != NULL && conf->psk_len != 0 )
return( 1 );
return( 0 );
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#if defined(MBEDTLS_SSL_RENEGOTIATION)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,

@ -210,6 +210,7 @@ static int ssl_tls13_reset_key_share( mbedtls_ssl_context *ssl )
/*
* Functions for writing key_share extension.
*/
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_get_default_group_id( mbedtls_ssl_context *ssl,
uint16_t *group_id )
@ -364,7 +365,7 @@ cleanup:
return( ret );
}
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */
/*
* ssl_tls13_parse_hrr_key_share_ext()
@ -602,7 +603,7 @@ static int ssl_tls13_write_cookie_ext( mbedtls_ssl_context *ssl,
return( 0 );
}
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
/*
* ssl_tls13_write_psk_key_exchange_modes_ext() structure:
*
@ -728,11 +729,6 @@ static int ssl_tls13_ticket_get_psk( mbedtls_ssl_context *ssl,
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
static int ssl_tls13_has_configured_psk( const mbedtls_ssl_config *conf )
{
return( conf->psk != NULL && conf->psk_identity != NULL );
}
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_psk_get_identity( mbedtls_ssl_context *ssl,
psa_algorithm_t *hash_alg,
@ -740,7 +736,7 @@ static int ssl_tls13_psk_get_identity( mbedtls_ssl_context *ssl,
size_t *identity_len )
{
if( !ssl_tls13_has_configured_psk( ssl->conf ) )
if( ! mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
return( -1 );
*hash_alg = PSA_ALG_SHA_256;
@ -756,7 +752,7 @@ static int ssl_tls13_psk_get_psk( mbedtls_ssl_context *ssl,
size_t *psk_len )
{
if( !ssl_tls13_has_configured_psk( ssl->conf ) )
if( ! mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
return( -1 );
*hash_alg = PSA_ALG_SHA_256;
@ -775,7 +771,7 @@ static int ssl_tls13_get_configured_psk_count( mbedtls_ssl_context *ssl )
configured_psk_count++;
}
#endif
if( ssl_tls13_has_configured_psk( ssl->conf ) )
if( mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "PSK is configured" ) );
configured_psk_count++;
@ -1094,7 +1090,7 @@ static int ssl_tls13_parse_server_pre_shared_key_ext( mbedtls_ssl_context *ssl,
}
else
#endif
if( ssl_tls13_has_configured_psk( ssl->conf ) )
if( mbedtls_ssl_conf_has_static_psk( ssl->conf ) )
{
ret = ssl_tls13_psk_get_psk( ssl, &hash_alg, &psk, &psk_len );
}
@ -1117,8 +1113,7 @@ static int ssl_tls13_parse_server_pre_shared_key_ext( mbedtls_ssl_context *ssl,
return( 0 );
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
unsigned char *buf,
@ -1148,6 +1143,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
return( ret );
p += ext_len;
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED)
if( mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
{
ret = ssl_tls13_write_key_share_ext( ssl, p, end, &ext_len );
@ -1155,8 +1151,9 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
return( ret );
p += ext_len;
}
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
/* For PSK-based key exchange we need the pre_shared_key extension
* and the psk_key_exchange_modes extension.
*
@ -1170,7 +1167,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
if( ret != 0 )
return( ret );
p += ext_len;
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif
*out_len = p - buf;
@ -1686,7 +1683,7 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
goto cleanup;
break;
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
case MBEDTLS_TLS_EXT_PRE_SHARED_KEY:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) );
if( is_hrr )
@ -1703,7 +1700,7 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
return( ret );
}
break;
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif
case MBEDTLS_TLS_EXT_KEY_SHARE:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) );
@ -2070,7 +2067,7 @@ static int ssl_tls13_process_encrypted_extensions( mbedtls_ssl_context *ssl )
mbedtls_ssl_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
buf, buf_len );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
if( mbedtls_ssl_tls13_key_exchange_mode_with_psk( ssl ) )
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
else
@ -2087,7 +2084,7 @@ cleanup:
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
/*
* STATE HANDLING: CertificateRequest
*
@ -2324,7 +2321,7 @@ static int ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl )
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
return( 0 );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
/*
* Handler for MBEDTLS_SSL_SERVER_FINISHED
@ -2370,7 +2367,7 @@ static int ssl_tls13_write_client_certificate( mbedtls_ssl_context *ssl )
( "Switch to handshake traffic keys for outbound traffic" ) );
mbedtls_ssl_set_outbound_transform( ssl, ssl->handshake->transform_handshake );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
if( ssl->handshake->client_auth )
{
int ret = mbedtls_ssl_tls13_write_certificate( ssl );
@ -2400,7 +2397,7 @@ static int ssl_tls13_write_client_certificate( mbedtls_ssl_context *ssl )
return( 0 );
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
/*
* Handler for MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY
*/
@ -2414,7 +2411,7 @@ static int ssl_tls13_write_client_certificate_verify( mbedtls_ssl_context *ssl )
return( ret );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
/*
* Handler for MBEDTLS_SSL_CLIENT_FINISHED
@ -2727,7 +2724,7 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
ret = ssl_tls13_process_encrypted_extensions( ssl );
break;
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
case MBEDTLS_SSL_CERTIFICATE_REQUEST:
ret = ssl_tls13_process_certificate_request( ssl );
break;
@ -2739,7 +2736,7 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
case MBEDTLS_SSL_CERTIFICATE_VERIFY:
ret = ssl_tls13_process_certificate_verify( ssl );
break;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
case MBEDTLS_SSL_SERVER_FINISHED:
ret = ssl_tls13_process_server_finished( ssl );
@ -2749,11 +2746,11 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
ret = ssl_tls13_write_client_certificate( ssl );
break;
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
case MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY:
ret = ssl_tls13_write_client_certificate_verify( ssl );
break;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
case MBEDTLS_SSL_CLIENT_FINISHED:
ret = ssl_tls13_write_client_finished( ssl );

@ -83,7 +83,7 @@ cleanup:
return( ret );
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
/*
* STATE HANDLING: Read CertificateVerify
*/
@ -285,12 +285,12 @@ error:
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
int mbedtls_ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char verify_buffer[SSL_VERIFY_STRUCT_MAX_SIZE];
size_t verify_buffer_len;
@ -348,7 +348,7 @@ cleanup:
((void) ssl);
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
}
/*
@ -357,7 +357,7 @@ cleanup:
*
*/
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
/*
* Structure of Certificate message:
@ -534,9 +534,9 @@ int mbedtls_ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
/* Validate certificate chain sent by the server. */
MBEDTLS_CHECK_RETURN_CRITICAL
@ -727,14 +727,14 @@ static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
unsigned char *buf;
size_t buf_len;
@ -752,12 +752,12 @@ int mbedtls_ssl_tls13_process_certificate( mbedtls_ssl_context *ssl )
buf, buf_len );
cleanup:
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
return( ret );
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
/*
* enum {
* X509(0),
@ -1078,7 +1078,7 @@ cleanup:
return( ret );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
/*
*

@ -38,9 +38,6 @@
#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \
.name = string,
#define TLS1_3_EVOLVE_INPUT_SIZE ( PSA_HASH_MAX_SIZE > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE ) ? \
PSA_HASH_MAX_SIZE : PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
struct mbedtls_ssl_tls13_labels_struct const mbedtls_ssl_tls13_labels =
{
/* This seems to work in C, despite the string literal being one
@ -334,9 +331,12 @@ int mbedtls_ssl_tls13_evolve_secret(
int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
size_t hlen, ilen;
size_t hlen;
unsigned char tmp_secret[ PSA_MAC_MAX_SIZE ] = { 0 };
unsigned char tmp_input [ TLS1_3_EVOLVE_INPUT_SIZE ] = { 0 };
const unsigned char all_zeroes_input[ MBEDTLS_TLS1_3_MD_MAX_SIZE ] = { 0 };
const unsigned char *l_input = NULL;
size_t l_input_len;
psa_key_derivation_operation_t operation =
PSA_KEY_DERIVATION_OPERATION_INIT;
@ -364,12 +364,13 @@ int mbedtls_ssl_tls13_evolve_secret(
if( input != NULL && input_len != 0 )
{
memcpy( tmp_input, input, input_len );
ilen = input_len;
l_input = input;
l_input_len = input_len;
}
else
{
ilen = hlen;
l_input = all_zeroes_input;
l_input_len = hlen;
}
status = psa_key_derivation_setup( &operation,
@ -388,8 +389,7 @@ int mbedtls_ssl_tls13_evolve_secret(
status = psa_key_derivation_input_bytes( &operation,
PSA_KEY_DERIVATION_INPUT_SECRET,
tmp_input,
ilen );
l_input, l_input_len );
if( status != PSA_SUCCESS )
goto cleanup;
@ -406,7 +406,6 @@ int mbedtls_ssl_tls13_evolve_secret(
status = ( status == PSA_SUCCESS ? abort_status : status );
ret = ( ret == 0 ? psa_ssl_status_to_mbedtls ( status ) : ret );
mbedtls_platform_zeroize( tmp_secret, sizeof(tmp_secret) );
mbedtls_platform_zeroize( tmp_input, sizeof(tmp_input) );
return( ret );
}
@ -1068,7 +1067,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl )
}
hash_alg = mbedtls_hash_info_psa_from_md( handshake->ciphersuite_info->mac );
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
if( mbedtls_ssl_tls13_key_exchange_mode_with_psk( ssl ) )
{
ret = mbedtls_ssl_tls13_export_handshake_psk( ssl, &psk, &psk_len );
@ -1084,7 +1083,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_early( mbedtls_ssl_context *ssl )
ret = mbedtls_ssl_tls13_evolve_secret( hash_alg, NULL, psk, psk_len,
handshake->tls13_master_secrets.early );
#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
mbedtls_free( (void*)psk );
#endif
if( ret != 0 )
@ -1251,14 +1250,13 @@ exit:
int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) && defined(MBEDTLS_ECDH_C)
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED && MBEDTLS_ECDH_C */
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
psa_algorithm_t const hash_alg = mbedtls_hash_info_psa_from_md(
handshake->ciphersuite_info->mac );
unsigned char *shared_secret = NULL;
size_t shared_secret_len = 0;
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED)
/*
* Compute ECDHE secret used to compute the handshake secret from which
* client_handshake_traffic_secret and server_handshake_traffic_secret
@ -1270,60 +1268,75 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_ECDH_C)
/* Compute ECDH shared secret. */
status = psa_raw_key_agreement(
PSA_ALG_ECDH, handshake->ecdh_psa_privkey,
handshake->ecdh_psa_peerkey, handshake->ecdh_psa_peerkey_len,
handshake->premaster, sizeof( handshake->premaster ),
&handshake->pmslen );
if( status != PSA_SUCCESS )
{
ret = psa_ssl_status_to_mbedtls( status );
MBEDTLS_SSL_DEBUG_RET( 1, "psa_raw_key_agreement", ret );
return( ret );
}
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
status = psa_destroy_key( handshake->ecdh_psa_privkey );
if( status != PSA_SUCCESS )
{
ret = psa_ssl_status_to_mbedtls( status );
MBEDTLS_SSL_DEBUG_RET( 1, "psa_destroy_key", ret );
return( ret );
}
status = psa_get_key_attributes( handshake->ecdh_psa_privkey,
&key_attributes );
if( status != PSA_SUCCESS )
ret = psa_ssl_status_to_mbedtls( status );
handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
shared_secret_len = PSA_BITS_TO_BYTES(
psa_get_key_bits( &key_attributes ) );
shared_secret = mbedtls_calloc( 1, shared_secret_len );
if( shared_secret == NULL )
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
status = psa_raw_key_agreement(
PSA_ALG_ECDH, handshake->ecdh_psa_privkey,
handshake->ecdh_psa_peerkey, handshake->ecdh_psa_peerkey_len,
shared_secret, shared_secret_len, &shared_secret_len );
if( status != PSA_SUCCESS )
{
ret = psa_ssl_status_to_mbedtls( status );
MBEDTLS_SSL_DEBUG_RET( 1, "psa_raw_key_agreement", ret );
goto cleanup;
}
status = psa_destroy_key( handshake->ecdh_psa_privkey );
if( status != PSA_SUCCESS )
{
ret = psa_ssl_status_to_mbedtls( status );
MBEDTLS_SSL_DEBUG_RET( 1, "psa_destroy_key", ret );
goto cleanup;
}
handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
#endif /* MBEDTLS_ECDH_C */
}
else if( mbedtls_ssl_tls13_named_group_is_dhe( handshake->offered_group_id ) )
else
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHE not supported." ) );
return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Group not supported." ) );
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
}
#else
return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */
/*
* Compute the Handshake Secret
*/
ret = mbedtls_ssl_tls13_evolve_secret( hash_alg,
handshake->tls13_master_secrets.early,
handshake->premaster, handshake->pmslen,
shared_secret, shared_secret_len,
handshake->tls13_master_secrets.handshake );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_evolve_secret", ret );
return( ret );
goto cleanup;
}
MBEDTLS_SSL_DEBUG_BUF( 4, "Handshake secret",
handshake->tls13_master_secrets.handshake,
PSA_HASH_LENGTH( hash_alg ) );
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
mbedtls_platform_zeroize( handshake->premaster, sizeof( handshake->premaster ) );
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED */
return( 0 );
cleanup:
if( shared_secret != NULL )
{
mbedtls_platform_zeroize( shared_secret, shared_secret_len );
mbedtls_free( shared_secret );
}
return( ret );
}
/* Generate application traffic keys since any records following a 1-RTT Finished message
@ -1601,7 +1614,7 @@ cleanup:
return( ret );
}
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
int mbedtls_ssl_tls13_export_handshake_psk( mbedtls_ssl_context *ssl,
unsigned char **psk,
size_t *psk_len )
@ -1642,7 +1655,7 @@ int mbedtls_ssl_tls13_export_handshake_psk( mbedtls_ssl_context *ssl,
return( 0 );
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

@ -691,7 +691,7 @@ int mbedtls_ssl_tls13_compute_handshake_transform( mbedtls_ssl_context *ssl );
MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_tls13_compute_application_transform( mbedtls_ssl_context *ssl );
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
/**
* \brief Export TLS 1.3 PSK from handshake context
*
@ -707,7 +707,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_ssl_tls13_export_handshake_psk( mbedtls_ssl_context *ssl,
unsigned char **psk,
size_t *psk_len );
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

@ -59,7 +59,7 @@ static const mbedtls_ssl_ciphersuite_t *ssl_tls13_validate_peer_ciphersuite(
return( ciphersuite_info );
}
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
/* From RFC 8446:
*
* enum { psk_ke(0), psk_dhe_ke(1), (255) } PskKeyExchangeMode;
@ -701,7 +701,7 @@ static int ssl_tls13_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl,
return( 0 );
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
/* From RFC 8446:
* struct {
@ -993,7 +993,7 @@ static int ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(
MBEDTLS_SSL_EXT_SIG_ALG ) );
}
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_client_hello_has_exts_for_psk_key_exchange(
mbedtls_ssl_context *ssl )
@ -1015,7 +1015,7 @@ static int ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange(
MBEDTLS_SSL_EXT_PRE_SHARED_KEY |
MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES ) );
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
@ -1027,7 +1027,7 @@ static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_check_psk_key_exchange( mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
return( mbedtls_ssl_conf_tls13_psk_enabled( ssl ) &&
mbedtls_ssl_tls13_psk_enabled( ssl ) &&
ssl_tls13_client_hello_has_exts_for_psk_key_exchange( ssl ) );
@ -1040,7 +1040,7 @@ static int ssl_tls13_check_psk_key_exchange( mbedtls_ssl_context *ssl )
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_check_psk_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
return( mbedtls_ssl_conf_tls13_psk_ephemeral_enabled( ssl ) &&
mbedtls_ssl_tls13_psk_ephemeral_enabled( ssl ) &&
ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange( ssl ) );
@ -1104,7 +1104,7 @@ static int ssl_tls13_determine_key_exchange_mode( mbedtls_ssl_context *ssl )
}
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
static psa_algorithm_t ssl_tls13_iana_sig_alg_to_psa_alg( uint16_t sig_alg )
@ -1229,7 +1229,7 @@ static int ssl_tls13_pick_key_cert( mbedtls_ssl_context *ssl )
return( -1 );
}
#endif /* MBEDTLS_X509_CRT_PARSE_C &&
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
/*
*
@ -1289,11 +1289,11 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
const unsigned char *extensions_end;
int hrr_required = 0;
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
const unsigned char *cipher_suites;
const unsigned char *pre_shared_key_ext = NULL;
const unsigned char *pre_shared_key_ext_end = NULL;
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif
ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE;
@ -1400,7 +1400,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
* with CipherSuite defined as:
* uint8 CipherSuite[2];
*/
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
cipher_suites = p;
#endif
cipher_suites_end = p + cipher_suites_len;
@ -1581,7 +1581,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SUPPORTED_VERSIONS;
break;
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
case MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found psk key exchange modes extension" ) );
@ -1596,7 +1596,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PSK_KEY_EXCHANGE_MODES;
break;
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif
case MBEDTLS_TLS_EXT_PRE_SHARED_KEY:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found pre_shared_key extension" ) );
@ -1608,14 +1608,14 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
}
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
/* Delay processing of the PSK identity once we have
* found out which algorithms to use. We keep a pointer
* to the buffer and the size for later processing.
*/
pre_shared_key_ext = p;
pre_shared_key_ext_end = extension_data_end;
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_PRE_SHARED_KEY;
break;
@ -1634,7 +1634,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
break;
#endif /* MBEDTLS_SSL_ALPN */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
case MBEDTLS_TLS_EXT_SIG_ALG:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
@ -1649,7 +1649,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
}
ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SIG_ALG;
break;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
default:
MBEDTLS_SSL_DEBUG_MSG( 3,
@ -1669,7 +1669,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_HS_CLIENT_HELLO,
p - buf );
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
/* Update checksum with either
* - The entire content of the CH message, if no PSK extension is present
* - The content up to but excluding the PSK extension, if present.
@ -1698,7 +1698,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
}
}
else
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */
{
ssl->handshake->update_checksum( ssl, buf, p - buf );
}
@ -2154,7 +2154,7 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl,
p += output_len;
}
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
if( !is_hrr && mbedtls_ssl_tls13_key_exchange_mode_with_psk( ssl ) )
{
ret = ssl_tls13_write_server_pre_shared_key_ext( ssl, p, end, &output_len );
@ -2166,7 +2166,7 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl,
}
p += output_len;
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif
MBEDTLS_PUT_UINT16_BE( p - p_extensions_len - 2, p_extensions_len, 0 );
@ -2390,7 +2390,7 @@ static int ssl_tls13_write_encrypted_extensions( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg(
ssl, buf_len, msg_len ) );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
if( mbedtls_ssl_tls13_key_exchange_mode_with_psk( ssl ) )
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
else
@ -2405,7 +2405,7 @@ cleanup:
return( ret );
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
#define SSL_CERTIFICATE_REQUEST_SEND_REQUEST 0
#define SSL_CERTIFICATE_REQUEST_SKIP 1
/* Coordination:
@ -2573,7 +2573,7 @@ static int ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl )
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
return( 0 );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
/*
* Handler for MBEDTLS_SSL_SERVER_FINISHED
@ -2984,7 +2984,7 @@ int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl )
}
break;
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
case MBEDTLS_SSL_CERTIFICATE_REQUEST:
ret = ssl_tls13_write_certificate_request( ssl );
break;
@ -2996,7 +2996,7 @@ int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl )
case MBEDTLS_SSL_CERTIFICATE_VERIFY:
ret = ssl_tls13_write_certificate_verify( ssl );
break;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
/*
* Injection of dummy-CCS's for middlebox compatibility
@ -3027,6 +3027,7 @@ int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl )
ret = ssl_tls13_handshake_wrapup( ssl );
break;
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
case MBEDTLS_SSL_CLIENT_CERTIFICATE:
ret = mbedtls_ssl_tls13_process_certificate( ssl );
if( ret == 0 )
@ -3053,6 +3054,7 @@ int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl )
ssl, MBEDTLS_SSL_CLIENT_FINISHED );
}
break;
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
case MBEDTLS_SSL_NEW_SESSION_TICKET:

@ -120,7 +120,7 @@ int main( void )
#define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: "
#define GET_REQUEST_END "\r\n\r\n"
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#define USAGE_CONTEXT_CRT_CB \
" context_crt_cb=%%d This determines whether the CRT verification callback is bound\n" \
" to the SSL configuration of the SSL context.\n" \
@ -129,8 +129,8 @@ int main( void )
" - 1: Use CRT callback bound to SSL context\n"
#else
#define USAGE_CONTEXT_CRT_CB ""
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_FS_IO)
#define USAGE_IO \
" ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \
@ -148,10 +148,10 @@ int main( void )
#define USAGE_IO \
" No file operations available (MBEDTLS_FS_IO not defined)\n"
#endif /* MBEDTLS_FS_IO */
#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#else /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#define USAGE_IO ""
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#define USAGE_KEY_OPAQUE \
" key_opaque=%%d Handle your private key as if it were opaque\n" \
" default: 0 (disabled)\n"
@ -173,7 +173,7 @@ int main( void )
#define USAGE_CID ""
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#define USAGE_PSK_RAW \
" psk=%%s default: \"\" (disabled)\n" \
" The PSK values are in hex, without 0x.\n" \
@ -195,7 +195,7 @@ int main( void )
#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
#else
#define USAGE_PSK ""
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
#define USAGE_CA_CALLBACK \
@ -269,8 +269,7 @@ int main( void )
#define USAGE_CURVES ""
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#define USAGE_SIG_ALGS \
" sig_algs=a,b,c,d default: \"default\" (library default)\n" \
" example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n"
@ -541,7 +540,7 @@ struct options
#include "ssl_test_common_source.c"
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
static unsigned char peer_crt_info[1024];
/*
@ -579,7 +578,7 @@ static int my_verify( void *data, mbedtls_x509_crt *crt,
return( 0 );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage( mbedtls_ssl_context *ssl,
@ -719,14 +718,13 @@ int main( int argc, char *argv[] )
mbedtls_net_context server_fd;
io_ctx_t io_ctx;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
uint16_t sig_alg_list[SIG_ALG_LIST_SIZE];
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif
unsigned char buf[MAX_REQUEST_SIZE + 1];
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
unsigned char psk[MBEDTLS_PSK_MAX_LEN];
size_t psk_len = 0;
#endif
@ -758,7 +756,7 @@ int main( int argc, char *argv[] )
const char *pers = "ssl_client2";
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
mbedtls_svc_key_id_t slot = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t alg = 0;
psa_key_attributes_t key_attributes;
@ -777,7 +775,7 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_TIMING_C)
mbedtls_timing_delay_context timer;
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
uint32_t flags;
mbedtls_x509_crt cacert;
mbedtls_x509_crt clicert;
@ -786,7 +784,7 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t key_slot = MBEDTLS_SVC_KEY_ID_INIT; /* invalid key slot */
#endif
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
char *p, *q;
const int *list;
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
@ -827,7 +825,7 @@ int main( int argc, char *argv[] )
mbedtls_ssl_config_init( &conf );
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
rng_init( &rng );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
mbedtls_pk_init( &pkey );
@ -1027,7 +1025,7 @@ int main( int argc, char *argv[] )
opt.key_file = q;
else if( strcmp( p, "key_pwd" ) == 0 )
opt.key_pwd = q;
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
else if( strcmp( p, "key_opaque" ) == 0 )
opt.key_opaque = atoi( q );
#endif
@ -1165,11 +1163,10 @@ int main( int argc, char *argv[] )
}
else if( strcmp( p, "curves" ) == 0 )
opt.curves = q;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
else if( strcmp( p, "sig_algs" ) == 0 )
opt.sig_algs = q;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif
else if( strcmp( p, "etm" ) == 0 )
{
switch( atoi( q ) )
@ -1406,7 +1403,7 @@ int main( int argc, char *argv[] )
mbedtls_debug_set_threshold( opt.debug_level );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
/*
* Unhexify the pre-shared key if any is given
*/
@ -1419,7 +1416,7 @@ int main( int argc, char *argv[] )
goto exit;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( opt.psk_opaque != 0 )
@ -1478,7 +1475,7 @@ int main( int argc, char *argv[] )
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined (MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined (MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
if( opt.psk_opaque != 0 )
{
/* Determine KDF algorithm the opaque PSK will be used in. */
@ -1489,7 +1486,7 @@ int main( int argc, char *argv[] )
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
}
@ -1572,8 +1569,7 @@ int main( int argc, char *argv[] )
}
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if( opt.sig_algs != NULL )
{
p = (char *) opt.sig_algs;
@ -1672,7 +1668,7 @@ int main( int argc, char *argv[] )
sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
@ -1705,7 +1701,7 @@ int main( int argc, char *argv[] )
goto exit;
mbedtls_printf( " ok\n" );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
* 1.1. Load the trusted CA
*/
@ -1827,7 +1823,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( " ok (key type: %s)\n",
strlen( opt.key_file ) || strlen( opt.key_opaque_alg1 ) ?
mbedtls_pk_get_name( &pkey ) : "none" );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
/*
* 2. Setup stuff
@ -1845,7 +1841,7 @@ int main( int argc, char *argv[] )
goto exit;
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/* The default algorithms profile disables SHA-1, but our tests still
rely on it heavily. */
if( opt.allow_sha1 > 0 )
@ -1858,7 +1854,7 @@ int main( int argc, char *argv[] )
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
@ -1995,7 +1991,7 @@ int main( int argc, char *argv[] )
mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if( strcmp( opt.ca_path, "none" ) != 0 &&
strcmp( opt.ca_file, "none" ) != 0 )
{
@ -2016,7 +2012,7 @@ int main( int argc, char *argv[] )
goto exit;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_ECP_C)
if( opt.curves != NULL &&
@ -2026,13 +2022,12 @@ int main( int argc, char *argv[] )
}
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if( opt.sig_algs != NULL )
mbedtls_ssl_conf_sig_algs( &conf, sig_alg_list );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( opt.psk_opaque != 0 )
{
@ -2070,7 +2065,7 @@ int main( int argc, char *argv[] )
goto exit;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
if( opt.min_version != DFL_MIN_VERSION )
mbedtls_ssl_conf_min_tls_version( &conf, opt.min_version );
@ -2104,7 +2099,7 @@ int main( int argc, char *argv[] )
}
#endif /* MBEDTLS_SSL_DTLS_SRTP */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n",
@ -2127,10 +2122,10 @@ int main( int argc, char *argv[] )
}
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if( opt.context_crt_cb == 1 )
mbedtls_ssl_set_verify( &ssl, my_verify, NULL );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
io_ctx.ssl = &ssl;
io_ctx.net = &server_fd;
@ -2451,7 +2446,7 @@ int main( int argc, char *argv[] )
}
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
* 5. Verify the server certificate
*/
@ -2474,7 +2469,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Peer certificate information ...\n" );
mbedtls_printf( "%s\n", peer_crt_info );
#endif /* !MBEDTLS_X509_REMOVE_INFO */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ret = report_cid_usage( &ssl, "initial handshake" );
@ -2849,9 +2844,9 @@ send_request:
mbedtls_printf( " . Restarting connection from same port..." );
fflush( stdout );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{
@ -3085,9 +3080,9 @@ reconnect:
mbedtls_printf( " . Reconnecting with saved session..." );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{
@ -3191,16 +3186,16 @@ exit:
mbedtls_free( context_buf );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
mbedtls_x509_crt_free( &clicert );
mbedtls_x509_crt_free( &cacert );
mbedtls_pk_free( &pkey );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key( key_slot );
#endif
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \
defined(MBEDTLS_USE_PSA_CRYPTO)
if( opt.psk_opaque != 0 )
{
@ -3219,7 +3214,7 @@ exit:
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED &&
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED &&
MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)

@ -175,7 +175,7 @@ int main( void )
*/
#define DFL_IO_BUF_LEN 200
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_FS_IO)
#define USAGE_IO \
" ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \
@ -206,8 +206,8 @@ int main( void )
#endif /* MBEDTLS_FS_IO */
#else
#define USAGE_IO ""
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#define USAGE_KEY_OPAQUE \
" key_opaque=%%d Handle your private keys as if they were opaque\n" \
" default: 0 (disabled)\n"
@ -241,7 +241,7 @@ int main( void )
#define USAGE_CID ""
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#define USAGE_PSK_RAW \
" psk=%%s default: \"\" (disabled)\n" \
" The PSK values are in hex, without 0x.\n" \
@ -276,7 +276,7 @@ int main( void )
#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
#else
#define USAGE_PSK ""
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
#define USAGE_CA_CALLBACK \
" ca_callback=%%d default: 0 (disabled)\n" \
@ -435,8 +435,7 @@ int main( void )
#define USAGE_CURVES ""
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#define USAGE_SIG_ALGS \
" sig_algs=a,b,c,d default: \"default\" (library default)\n" \
" example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n"
@ -908,7 +907,7 @@ int cert_callback( mbedtls_ssl_context *ssl )
#endif /* SNI_OPTION */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
typedef struct _psk_entry psk_entry;
@ -1021,7 +1020,7 @@ int psk_callback( void *p_info, mbedtls_ssl_context *ssl,
return( -1 );
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
static mbedtls_net_context listen_fd, client_fd;
@ -1114,7 +1113,7 @@ typedef struct
unsigned remaining_delay;
} ssl_async_operation_context_t;
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/* Note that ssl_async_operation_type_t and the array below need to be kept in sync!
* `ssl_async_operation_names[op]` is the name of op for each value `op`
@ -1277,11 +1276,11 @@ static void ssl_async_cancel( mbedtls_ssl_context *ssl )
mbedtls_printf( "Async cancel callback.\n" );
mbedtls_free( ctx );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
static psa_status_t psa_setup_psk_key_slot( mbedtls_svc_key_id_t *slot,
psa_algorithm_t alg,
unsigned char *psk,
@ -1304,7 +1303,7 @@ static psa_status_t psa_setup_psk_key_slot( mbedtls_svc_key_id_t *slot,
return( PSA_SUCCESS );
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
@ -1432,7 +1431,7 @@ int main( int argc, char *argv[] )
int query_config_ret = 0;
io_ctx_t io_ctx;
unsigned char* buf = 0;
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_algorithm_t alg = 0;
mbedtls_svc_key_id_t psk_slot = MBEDTLS_SVC_KEY_ID_INIT;
@ -1456,7 +1455,7 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_RENEGOTIATION)
unsigned char renego_period[8] = { 0 };
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
uint32_t flags;
mbedtls_x509_crt cacert;
mbedtls_x509_crt srvcert;
@ -1469,7 +1468,7 @@ int main( int argc, char *argv[] )
mbedtls_svc_key_id_t key_slot2 = MBEDTLS_SVC_KEY_ID_INIT; /* invalid key slot */
#endif
int key_cert_init = 0, key_cert_init2 = 0;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
ssl_async_key_context_t ssl_async_keys;
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
@ -1506,10 +1505,9 @@ int main( int argc, char *argv[] )
size_t context_buf_len = 0;
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
uint16_t sig_alg_list[SIG_ALG_LIST_SIZE];
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif
int i;
char *p, *q;
@ -1554,7 +1552,7 @@ int main( int argc, char *argv[] )
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
rng_init( &rng );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &srvcert );
mbedtls_pk_init( &pkey );
@ -1783,7 +1781,7 @@ int main( int argc, char *argv[] )
opt.key_file = q;
else if( strcmp( p, "key_pwd" ) == 0 )
opt.key_pwd = q;
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
else if( strcmp( p, "key_opaque" ) == 0 )
opt.key_opaque = atoi( q );
#endif
@ -1867,11 +1865,10 @@ int main( int argc, char *argv[] )
}
else if( strcmp( p, "curves" ) == 0 )
opt.curves = q;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
else if( strcmp( p, "sig_algs" ) == 0 )
opt.sig_algs = q;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif
else if( strcmp( p, "renegotiation" ) == 0 )
{
opt.renegotiation = (atoi( q )) ?
@ -2339,7 +2336,7 @@ int main( int argc, char *argv[] )
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 )
{
/* Determine KDF algorithm the opaque PSK will be used in. */
@ -2350,7 +2347,7 @@ int main( int argc, char *argv[] )
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
}
@ -2377,7 +2374,7 @@ int main( int argc, char *argv[] )
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
/*
* Unhexify the pre-shared key and parse the list if any given
*/
@ -2396,7 +2393,7 @@ int main( int argc, char *argv[] )
goto exit;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_ECP_C)
if( opt.curves != NULL )
@ -2454,8 +2451,7 @@ int main( int argc, char *argv[] )
}
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if( opt.sig_algs != NULL )
{
p = (char *) opt.sig_algs;
@ -2554,7 +2550,7 @@ int main( int argc, char *argv[] )
sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
@ -2587,7 +2583,7 @@ int main( int argc, char *argv[] )
goto exit;
mbedtls_printf( " ok\n" );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
* 1.1. Load the trusted CA
*/
@ -2795,7 +2791,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( " ok (key types: %s, %s)\n",
key_cert_init ? mbedtls_pk_get_name( &pkey ) : "none",
key_cert_init2 ? mbedtls_pk_get_name( &pkey2 ) : "none" );
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
if( opt.dhm_file != NULL )
@ -2845,7 +2841,7 @@ int main( int argc, char *argv[] )
goto exit;
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/* The default algorithms profile disables SHA-1, but our tests still
rely on it heavily. Hence we allow it here. A real-world server
should use the default profile unless there is a good reason not to. */
@ -2855,7 +2851,7 @@ int main( int argc, char *argv[] )
mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test );
mbedtls_ssl_conf_sig_algs( &conf, ssl_sig_algs_for_test );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
if( opt.auth_mode != DFL_AUTH_MODE )
mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
@ -3106,7 +3102,7 @@ int main( int argc, char *argv[] )
}
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if( strcmp( opt.ca_path, "none" ) != 0 &&
strcmp( opt.ca_file, "none" ) != 0 )
{
@ -3195,7 +3191,7 @@ int main( int argc, char *argv[] )
&ssl_async_keys );
}
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(SNI_OPTION)
if( opt.sni != NULL )
@ -3232,13 +3228,12 @@ int main( int argc, char *argv[] )
}
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if( opt.sig_algs != NULL )
mbedtls_ssl_conf_sig_algs( &conf, sig_alg_list );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 )
{
@ -3547,7 +3542,7 @@ handshake:
{
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
{
char vrfy_buf[512];
@ -3602,7 +3597,7 @@ handshake:
}
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
* 5. Verify the client certificate
*/
@ -3631,7 +3626,7 @@ handshake:
mbedtls_printf( "%s\n", crt_buf );
}
#endif /* MBEDTLS_X509_REMOVE_INFO */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
if( opt.eap_tls != 0 )
{
@ -4319,13 +4314,13 @@ exit:
sni_free( sni_info );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
ret = psk_free( psk_info );
if( ( ret != 0 ) && ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) )
mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
mbedtls_x509_crt_free( &cacert );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );
@ -4353,7 +4348,7 @@ exit:
}
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \
defined(MBEDTLS_USE_PSA_CRYPTO)
if( opt.psk_opaque != 0 )
{
@ -4370,7 +4365,7 @@ exit:
(int) status );
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED &&
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED &&
MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

@ -3218,11 +3218,90 @@ component_test_tls13_only () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3, without MBEDTLS_SSL_PROTO_TLS1_2"
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without MBEDTLS_SSL_PROTO_TLS1_2"
if_build_succeeded make test
msg "test_suite_ssl: TLS 1.3 only, all key exchange modes enabled"
cd tests; ./test_suite_ssl; cd ..
msg "ssl-opt.sh (TLS 1.3)"
if_build_succeeded tests/ssl-opt.sh
msg "ssl-opt.sh: TLS 1.3 only, all key exchange modes enabled"
tests/ssl-opt.sh
}
component_test_tls13_only_psk () {
msg "build: TLS 1.3 only from default, only PSK key exchange mode"
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
scripts/config.py unset MBEDTLS_ECDH_C
scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C
scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
scripts/config.py unset MBEDTLS_ECDSA_C
scripts/config.py unset MBEDTLS_PKCS1_V21
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
msg "test_suite_ssl: TLS 1.3 only, only PSK key exchange mode enabled"
cd tests; ./test_suite_ssl; cd ..
msg "ssl-opt.sh: TLS 1.3 only, only PSK key exchange mode enabled"
tests/ssl-opt.sh
}
component_test_tls13_only_ephemeral () {
msg "build: TLS 1.3 only from default, only ephemeral key exchange mode"
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
msg "test_suite_ssl: TLS 1.3 only, only ephemeral key exchange mode"
cd tests; ./test_suite_ssl; cd ..
msg "ssl-opt.sh: TLS 1.3 only, only ephemeral key exchange mode"
tests/ssl-opt.sh
}
component_test_tls13_only_psk_ephemeral () {
msg "build: TLS 1.3 only from default, only PSK ephemeral key exchange mode"
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C
scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
scripts/config.py unset MBEDTLS_ECDSA_C
scripts/config.py unset MBEDTLS_PKCS1_V21
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral key exchange mode"
cd tests; ./test_suite_ssl; cd ..
msg "ssl-opt.sh: TLS 1.3 only, only PSK ephemeral key exchange mode"
tests/ssl-opt.sh
}
component_test_tls13_only_psk_all () {
msg "build: TLS 1.3 only from default, without ephemeral key exchange mode"
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C
scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
scripts/config.py unset MBEDTLS_ECDSA_C
scripts/config.py unset MBEDTLS_PKCS1_V21
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
msg "test_suite_ssl: TLS 1.3 only, PSK and PSK ephemeral key exchange modes"
cd tests; ./test_suite_ssl; cd ..
msg "ssl-opt.sh: TLS 1.3 only, PSK and PSK ephemeral key exchange modes"
tests/ssl-opt.sh
}
component_test_tls13_only_ephemeral_all () {
msg "build: TLS 1.3 only from default, without PSK key exchange mode"
scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
msg "test_suite_ssl: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes"
cd tests; ./test_suite_ssl; cd ..
msg "ssl-opt.sh: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes"
tests/ssl-opt.sh
}
component_test_tls13_only_with_hooks () {

@ -237,7 +237,9 @@ REVERSE_DEPENDENCIES = {
'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
'MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED',
'MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED',
'MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED'],
'MBEDTLS_ECP_DP_SECP256R1_ENABLED': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
'MBEDTLS_PKCS1_V21': ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'],
'MBEDTLS_PKCS1_V15': ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',

@ -357,7 +357,7 @@ class MbedTLSBase(TLSProgram):
def pre_checks(self):
ret = ['requires_config_enabled MBEDTLS_DEBUG_C',
'requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3']
'requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED']
if self._compat_mode:
ret += ['requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE']

File diff suppressed because it is too large Load Diff

@ -261,7 +261,7 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_2
handshake_version:0:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2
Handshake, tls1_3
depends_on:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2
depends_on:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
handshake_version:0:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3
Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384
@ -3131,7 +3131,7 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1
# - Complete record: 1703030015c74061535eb12f5f25a781957874742ab7fb305dd5
# - Padding used: No (== granularity 1)
depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5"
ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5"
SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2
# - Server App Key: 0b6d22c8ff68097ea871c672073773bf
@ -3142,7 +3142,7 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2
# - Complete record: 1703030015370e5f168afa7fb16b663ecdfca3dbb81931a90ca7
# - Padding used: No (== granularity 1)
depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7"
ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7"
SSL TLS 1.3 Record Encryption RFC 8448 Example #1
# Application Data record sent by Client in 1-RTT example of RFC 8448, Section 3
@ -3161,7 +3161,7 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #1
# 3a ee bb 21 69 49 15 e4
# - Padding used: No (== granularity 1)
depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4"
ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4"
SSL TLS 1.3 Record Encryption RFC 8448 Example #2
# Application Data record sent by Server in 1-RTT example of RFC 8448, Section 3
@ -3180,7 +3180,7 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #2
# 0d d0 32 e1 67 c2 95 5d
# - Padding used: No (== granularity 1)
depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
ssl_tls13_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d"
ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d"
SSL TLS 1.3 Key schedule: Application secrets derivation helper
# Vector from RFC 8448

@ -31,7 +31,7 @@ typedef struct log_pattern
size_t counter;
} log_pattern;
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
static int rng_seed = 0xBEEF;
static int rng_get( void *p_rng, unsigned char *output, size_t output_len )
{
@ -103,7 +103,7 @@ typedef struct handshake_test_options
void init_handshake_options( handshake_test_options *opts )
{
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
srand( rng_seed );
rng_seed += 0xD0;
#endif
@ -790,7 +790,7 @@ int mbedtls_mock_tcp_recv_msg( void *ctx, unsigned char *buf, size_t buf_len )
return msg_len;
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
/*
* Structure with endpoint's certificates for SSL communication tests.
@ -1178,7 +1178,7 @@ int mbedtls_move_handshake_to_state( mbedtls_ssl_context *ssl,
return ( max_steps >= 0 ) ? ret : -1;
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
/*
* Write application data. Increase write counter if necessary.
@ -1750,7 +1750,7 @@ static int ssl_tls12_populate_session( mbedtls_ssl_session *session,
memset( session->id, 66, session->id_len );
memset( session->master, 17, sizeof( session->master ) );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && defined(MBEDTLS_FS_IO)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && defined(MBEDTLS_FS_IO)
if( crt_file != NULL && strlen( crt_file ) != 0 )
{
mbedtls_x509_crt tmp_crt;
@ -1801,9 +1801,9 @@ static int ssl_tls12_populate_session( mbedtls_ssl_session *session,
mbedtls_x509_crt_free( &tmp_crt );
}
#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */
#else /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */
(void) crt_file;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */
session->verify_result = 0xdeadbeef;
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
@ -2029,7 +2029,7 @@ int exchange_data( mbedtls_ssl_context *ssl_1,
ssl_2, 256, 1 );
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
static int check_ssl_version( mbedtls_ssl_protocol_version expected_negotiated_version,
const mbedtls_ssl_context *ssl )
{
@ -2066,17 +2066,17 @@ static int check_ssl_version( mbedtls_ssl_protocol_version expected_negotiated_v
exit:
return( 0 );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
void perform_handshake( handshake_test_options *options )
{
/* forced_ciphersuite needs to last until the end of the handshake */
int forced_ciphersuite[2];
enum { BUFFSIZE = 17000 };
mbedtls_endpoint client, server;
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
const char *psk_identity = "foo";
#endif
#if defined(MBEDTLS_TIMING_C)
@ -2188,7 +2188,7 @@ void perform_handshake( handshake_test_options *options )
TEST_ASSERT( MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl );
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
if( options->psk_str != NULL && options->psk_str->len > 0 )
{
TEST_ASSERT( mbedtls_ssl_conf_psk( &client.conf, options->psk_str->x,
@ -2467,7 +2467,7 @@ exit:
#endif
USE_PSA_DONE( );
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_TEST_HOOKS)
/*
@ -3685,7 +3685,7 @@ void ssl_dtls_replay( data_t * prevs, data_t * new, int ret )
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
void ssl_set_hostname_twice( char *hostname0, char *hostname1 )
{
mbedtls_ssl_context ssl;
@ -4752,7 +4752,7 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file,
TEST_ASSERT( memcmp( original.master,
restored.master, sizeof( original.master ) ) == 0 );
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
TEST_ASSERT( ( original.peer_cert == NULL ) ==
( restored.peer_cert == NULL ) );
@ -4778,7 +4778,7 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file,
original.peer_cert_digest_len ) == 0 );
}
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
TEST_ASSERT( original.verify_result == restored.verify_result );
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
@ -5100,7 +5100,7 @@ void ssl_session_serialize_version_check( int corrupt_major,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void mbedtls_endpoint_sanity( int endpoint_type )
{
enum { BUFFSIZE = 1024 };
@ -5127,7 +5127,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C */
void move_handshake_to_state(int endpoint_type, int state, int need_pass)
{
enum { BUFFSIZE = 1024 };
@ -5183,7 +5183,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C */
void handshake_version( int dtls, int client_min_version, int client_max_version,
int server_min_version, int server_max_version,
int expected_negotiated_version )
@ -5208,7 +5208,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void handshake_psk_cipher( char* cipher, int pk_alg, data_t *psk_str, int dtls )
{
handshake_test_options options;
@ -5229,7 +5229,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void handshake_cipher( char* cipher, int pk_alg, int dtls )
{
test_handshake_psk_cipher( cipher, pk_alg, NULL, dtls );
@ -5239,7 +5239,7 @@ void handshake_cipher( char* cipher, int pk_alg, int dtls )
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void handshake_ciphersuite_select( char* cipher, int pk_alg, data_t *psk_str,
int psa_alg, int psa_alg2, int psa_usage,
int expected_handshake_result,
@ -5266,7 +5266,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void app_data( int mfl, int cli_msg_len, int srv_msg_len,
int expected_cli_fragments,
int expected_srv_fragments, int dtls )
@ -5294,7 +5294,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C */
void app_data_tls( int mfl, int cli_msg_len, int srv_msg_len,
int expected_cli_fragments,
int expected_srv_fragments )
@ -5306,7 +5306,7 @@ void app_data_tls( int mfl, int cli_msg_len, int srv_msg_len,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void app_data_dtls( int mfl, int cli_msg_len, int srv_msg_len,
int expected_cli_fragments,
int expected_srv_fragments )
@ -5318,7 +5318,7 @@ void app_data_dtls( int mfl, int cli_msg_len, int srv_msg_len,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void handshake_serialization( )
{
handshake_test_options options;
@ -5334,7 +5334,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void handshake_fragmentation( int mfl, int expected_srv_hs_fragmentation, int expected_cli_hs_fragmentation)
{
handshake_test_options options;
@ -5373,7 +5373,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void renegotiation( int legacy_renegotiation )
{
handshake_test_options options;
@ -5392,7 +5392,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void resize_buffers( int mfl, int renegotiation, int legacy_renegotiation,
int serialize, int dtls, char *cipher )
{
@ -5416,7 +5416,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void resize_buffers_serialize_mfl( int mfl )
{
test_resize_buffers( mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1,
@ -5427,7 +5427,7 @@ void resize_buffers_serialize_mfl( int mfl )
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void resize_buffers_renegotiate_mfl( int mfl, int legacy_renegotiation,
char *cipher )
{
@ -5621,7 +5621,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
void test_multiple_psks()
{
unsigned char psk0[10] = { 0 };
@ -5651,7 +5651,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO */
void test_multiple_psks_opaque( int mode )
{
/*
@ -5828,7 +5828,7 @@ void conf_group()
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_CACHE_C:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_DEBUG_C:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_CACHE_C:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_DEBUG_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void force_bad_session_id_len( )
{
enum { BUFFSIZE = 1024 };
@ -6015,7 +6015,7 @@ void cid_sanity( )
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_C */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_C */
void raw_key_agreement_fail( int bad_server_ecdhe_key )
{
enum { BUFFSIZE = 17000 };
@ -6086,7 +6086,7 @@ exit:
USE_PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED */
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED */
void tls13_server_certificate_msg_invalid_vector_len( )
{
int ret = -1;

@ -235,7 +235,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void x509_crt_check( char *subject_key_file, char *subject_pwd,
char *subject_name, char *issuer_key_file,
char *issuer_pwd, char *issuer_name,