Merge pull request #5293 from ronald-cron-arm/tls13-mvp-misc

Miscellaneous final changes for TLS 1.3 MVP release
This commit is contained in:
Ronald Cron 2021-12-10 17:46:47 +01:00 committed by GitHub
commit 2331fdb280
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
31 changed files with 530 additions and 535 deletions

View File

@ -0,0 +1,7 @@
Features
* Mbed TLS provides a minimum viable implementation of the TLS 1.3
protocol. See docs/architecture/tls13-support.md for the definition of
the TLS 1.3 Minimum Viable Product (MVP). The MBEDTLS_SSL_PROTO_TLS1_3
configuration option controls the enablement of the support. The APIs
mbedtls_ssl_conf_min_version() and mbedtls_ssl_conf_max_version() allow
to select the 1.3 version of the protocol to establish a TLS connection.

View File

@ -1,71 +1,19 @@
TLS 1.3 Experimental Developments
=================================
TLS 1.3 support
===============
Overview
--------
Mbed TLS doesn't support the TLS 1.3 protocol yet, but a prototype is in development.
Stable parts of this prototype that can be independently tested are being successively
upstreamed under the guard of the following macro:
Mbed TLS provides a minimum viable implementation of the TLS 1.3 protocol
defined in the "MVP definition" section below. The TLS 1.3 support enablement
is controlled by the MBEDTLS_SSL_PROTO_TLS1_3 configuration option.
```
MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
```
This macro will likely be renamed to `MBEDTLS_SSL_PROTO_TLS1_3` once a minimal viable
implementation of the TLS 1.3 protocol is available.
See the [documentation of `MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL`](../../include/mbedtls/mbedtls_config.h)
for more information.
Status
------
The following lists which parts of the TLS 1.3 prototype have already been upstreamed
together with their level of testing:
* TLS 1.3 record protection mechanisms
The record protection routines `mbedtls_ssl_{encrypt|decrypt}_buf()` have been extended
to support the modified TLS 1.3 record protection mechanism, including modified computation
of AAD, IV, and the introduction of a flexible padding.
Those record protection routines have unit tests in `test_suite_ssl` alongside the
tests for the other record protection routines.
TODO: Add some test vectors from RFC 8448.
- The HKDF key derivation function on which the TLS 1.3 key schedule is based,
is already present as an independent module controlled by `MBEDTLS_HKDF_C`
independently of the development of the TLS 1.3 prototype.
- The TLS 1.3-specific HKDF-based key derivation functions (see RFC 8446):
* HKDF-Expand-Label
* Derive-Secret
- Secret evolution
* The traffic {Key,IV} generation from secret
Those functions are implemented in `library/ssl_tls13_keys.c` and
tested in `test_suite_ssl` using test vectors from RFC 8448 and
https://tls13.ulfheim.net/.
- New TLS Message Processing Stack (MPS)
The TLS 1.3 prototype is developed alongside a rewrite of the TLS messaging layer,
encompassing low-level details such as record parsing, handshake reassembly, and
DTLS retransmission state machine.
MPS has the following components:
- Layer 1 (Datagram handling)
- Layer 2 (Record handling)
- Layer 3 (Message handling)
- Layer 4 (Retransmission State Machine)
- Reader (Abstracted pointer arithmetic and reassembly logic for incoming data)
- Writer (Abstracted pointer arithmetic and fragmentation logic for outgoing data)
Of those components, the following have been upstreamed
as part of `MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL`:
- Reader ([`library/mps_reader.h`](../../library/mps_reader.h))
The development of the TLS 1.3 protocol is based on the TLS 1.3 prototype
located at https://github.com/hannestschofenig/mbedtls. The prototype is
itself based on a version of the development branch that we aim to keep as
recent as possible (ideally the head) by merging regularly commits of the
development branch into the prototype. The section "Prototype upstreaming
status" below describes what remains to be upstreamed.
MVP definition
@ -231,6 +179,41 @@ MVP definition
response to the MVP ClientHello, server sending a CertificateRequest
message ...
Prototype upstreaming status
----------------------------
The following summarizes which parts of the TLS 1.3 prototype remain to be
upstreamed:
- Ephemeral only handshake on client side: client authentication,
HelloRetryRequest support, version negotiation.
- Ephemeral only handshake server side.
- Pre-shared keys, session resumption and 0-RTT data (both client and server
side).
- New TLS Message Processing Stack (MPS)
The TLS 1.3 prototype is developed alongside a rewrite of the TLS messaging layer,
encompassing low-level details such as record parsing, handshake reassembly, and
DTLS retransmission state machine.
MPS has the following components:
- Layer 1 (Datagram handling)
- Layer 2 (Record handling)
- Layer 3 (Message handling)
- Layer 4 (Retransmission State Machine)
- Reader (Abstracted pointer arithmetic and reassembly logic for incoming data)
- Writer (Abstracted pointer arithmetic and fragmentation logic for outgoing data)
Of those components, the following have been upstreamed
as part of `MBEDTLS_SSL_PROTO_TLS1_3`:
- Reader ([`library/mps_reader.h`](../../library/mps_reader.h))
Coding rules checklist for TLS 1.3
----------------------------------

View File

@ -12,9 +12,8 @@ Compile-time: enabling `MBEDTLS_USE_PSA_CRYPTO` requires
`MBEDTLS_ECP_RESTARTABLE` and
`MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER` to be disabled.
Effect: `MBEDTLS_USE_PSA_CRYPTO` currently has no effect on TLS 1.3 (which is
itself experimental and only partially supported so far): TLS 1.3 always uses
the legacy APIs even when this option is set.
Effect: `MBEDTLS_USE_PSA_CRYPTO` has no effect on TLS 1.3 for which PSA
cryptography is mandatory.
Stability: any API that's only available when `MBEDTLS_USE_PSA_CRYPTO` is
defined is considered experimental and may change in incompatible ways at any
@ -157,11 +156,6 @@ Parts that are not covered yet
This is only a high-level overview, grouped by theme
TLS: 1.3 experimental support
-----------------------------
No part of the experimental support for TLS 1.3 is covered at the moment.
TLS: key exchanges / asymmetric crypto
--------------------------------------

View File

@ -598,9 +598,16 @@
#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && ( !defined(MBEDTLS_HKDF_C) && \
!defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA512_C) )
#error "MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL defined, but not all prerequisites"
/*
* HKDF is mandatory for TLS 1.3.
* Otherwise support for at least one ciphersuite mandates either SHA_256 or
* SHA_384.
*/
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
( ( !defined(MBEDTLS_HKDF_C) ) || \
( !defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA384_C) ) || \
( !defined(MBEDTLS_PSA_CRYPTO_C) ) )
#error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \

View File

@ -1487,23 +1487,19 @@
#define MBEDTLS_SSL_PROTO_TLS1_2
/**
* \def MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
* \def MBEDTLS_SSL_PROTO_TLS1_3
*
* This macro is used to selectively enable experimental parts
* of the code that contribute to the ongoing development of
* the prototype TLS 1.3 and DTLS 1.3 implementation, and provide
* no other purpose.
* Enable support for TLS 1.3.
*
* \warning TLS 1.3 and DTLS 1.3 aren't yet supported in Mbed TLS,
* and no feature exposed through this macro is part of the
* public API. In particular, features under the control
* of this macro are experimental and don't come with any
* stability guarantees.
* \note The support for TLS 1.3 is not comprehensive yet, in particular
* pre-shared keys are not supported.
* See docs/architecture/tls13-support.md for a description of the TLS
* 1.3 support that this option enables.
*
* Uncomment this macro to enable the support for TLS 1.3.
*
* Uncomment this macro to enable experimental and partial
* functionality specific to TLS 1.3.
*/
//#define MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
//#define MBEDTLS_SSL_PROTO_TLS1_3
/**
* \def MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
@ -1521,8 +1517,8 @@
* recommended to set this option.
*
* Comment to disable compatibility mode for TLS 1.3. If
* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL is not enabled, this option does not
* have any effect on the build.
* MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any
* effect on the build.
*
*/
//#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE

View File

@ -250,7 +250,7 @@
*/
#define MBEDTLS_SSL_MAJOR_VERSION_3 3
#define MBEDTLS_SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */
#define MBEDTLS_SSL_MINOR_VERSION_4 4 /*!< TLS v1.3 (experimental) */
#define MBEDTLS_SSL_MINOR_VERSION_4 4 /*!< TLS v1.3 */
#define MBEDTLS_SSL_TRANSPORT_STREAM 0 /*!< TLS */
#define MBEDTLS_SSL_TRANSPORT_DATAGRAM 1 /*!< DTLS */
@ -638,13 +638,13 @@ typedef enum
MBEDTLS_SSL_HANDSHAKE_OVER,
MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET,
MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT,
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
MBEDTLS_SSL_ENCRYPTED_EXTENSIONS,
MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY,
#if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE)
MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED,
#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
}
mbedtls_ssl_states;
@ -1154,7 +1154,7 @@ struct mbedtls_ssl_session
int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
mbedtls_ssl_tls13_application_secrets MBEDTLS_PRIVATE(app_secrets);
#endif
};
@ -1175,14 +1175,14 @@ mbedtls_tls_prf_types;
typedef enum
{
MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET = 0,
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_EARLY_SECRET,
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_EARLY_EXPORTER_SECRET,
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_HANDSHAKE_TRAFFIC_SECRET,
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_APPLICATION_TRAFFIC_SECRET,
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_APPLICATION_TRAFFIC_SECRET,
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
} mbedtls_ssl_key_export_type;
/**
@ -1277,10 +1277,10 @@ struct mbedtls_ssl_config
/** Allowed ciphersuites for (D)TLS 1.2 (0-terminated) */
const int *MBEDTLS_PRIVATE(ciphersuite_list);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/** Allowed TLS 1.3 key exchange modes. */
int MBEDTLS_PRIVATE(tls13_kex_modes);
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/** Callback for printing debug output */
void (*MBEDTLS_PRIVATE(f_dbg))(void *, int, const char *, int, const char *);
@ -1361,9 +1361,9 @@ struct mbedtls_ssl_config
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
const int *MBEDTLS_PRIVATE(sig_hashes); /*!< allowed signature hashes */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
const uint16_t *MBEDTLS_PRIVATE(tls13_sig_algs); /*!< allowed signature algorithms for TLS 1.3 */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif
#if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
@ -1511,11 +1511,11 @@ struct mbedtls_ssl_context
* This pointer owns the transform
* it references. */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/*! The application data transform in TLS 1.3.
* This pointer owns the transform it references. */
mbedtls_ssl_transform *MBEDTLS_PRIVATE(transform_application);
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/*
* Timers
@ -2753,7 +2753,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
const int *ciphersuites );
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/**
* \brief Set the supported key exchange modes for TLS 1.3 connections.
*
@ -2798,7 +2798,7 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config* conf,
const int kex_modes );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
#define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0
@ -3299,7 +3299,7 @@ void mbedtls_ssl_conf_groups( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
const int *hashes );
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/**
* \brief Configure allowed signature algorithms for use in TLS 1.3
*
@ -3311,7 +3311,7 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
*/
void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf,
const uint16_t* sig_algs );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_X509_CRT_PARSE_C)

View File

@ -728,7 +728,7 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
#endif
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
static int ecdh_tls13_make_params_internal( mbedtls_ecdh_context_mbed *ctx,
size_t *out_len, int point_format,
@ -861,6 +861,6 @@ int mbedtls_ecdh_tls13_read_public( mbedtls_ecdh_context *ctx,
#endif
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_ECDH_C */

View File

@ -27,7 +27,7 @@
#if defined(MBEDTLS_ECDH_C)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/*
* Setup context without Everest
@ -50,7 +50,7 @@ int mbedtls_ecdh_tls13_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf,
size_t buf_len );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_ECDH_C */

View File

@ -21,7 +21,7 @@
#include "common.h"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#include "mps_reader.h"
#include "mps_common.h"
@ -561,4 +561,4 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd,
MBEDTLS_MPS_TRACE_RETURN( 0 );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

View File

@ -21,7 +21,7 @@
#include "common.h"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#include "mps_common.h"
@ -124,4 +124,4 @@ void mbedtls_mps_trace_indent( int level, mbedtls_mps_trace_type ty )
}
#endif /* MBEDTLS_MPS_ENABLE_TRACE */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

View File

@ -52,14 +52,14 @@ static const int ciphersuite_preference[] =
#if defined(MBEDTLS_SSL_CIPHERSUITES)
MBEDTLS_SSL_CIPHERSUITES,
#else
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/* TLS 1.3 ciphersuites */
MBEDTLS_TLS1_3_AES_128_GCM_SHA256,
MBEDTLS_TLS1_3_AES_256_GCM_SHA384,
MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS1_3_AES_128_CCM_SHA256,
MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256,
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/* Chacha-Poly ephemeral suites */
MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
@ -292,7 +292,7 @@ static const int ciphersuite_preference[] =
static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
{
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_AES_C)
#if defined(MBEDTLS_GCM_C)
#if defined(MBEDTLS_SHA384_C)
@ -336,7 +336,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
0 },
#endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_SHA256_C */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_CHACHAPOLY_C) && \
defined(MBEDTLS_SHA256_C) && \

View File

@ -581,9 +581,9 @@ struct mbedtls_ssl_handshake_params
/*
* Handshake specific crypto variables
*/
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
int tls13_kex_modes; /*!< key exchange modes for TLS 1.3 */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
@ -715,12 +715,12 @@ struct mbedtls_ssl_handshake_params
uint16_t mtu; /*!< Handshake mtu, used to fragment outgoing messages */
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/*! TLS 1.3 transforms for 0-RTT and encrypted handshake messages.
* Those pointers own the transforms they reference. */
mbedtls_ssl_transform *transform_handshake;
mbedtls_ssl_transform *transform_earlydata;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/*
* Checksum contexts
@ -742,7 +742,7 @@ struct mbedtls_ssl_handshake_params
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
uint16_t offered_group_id; /* The NamedGroup value for the group
* that is being used for ephemeral
* key exchange.
@ -750,7 +750,7 @@ struct mbedtls_ssl_handshake_params
* On the client: Defaults to the first
* entry in the client's group list,
* but can be overwritten by the HRR. */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/*
* State-local variables used during the processing
@ -790,7 +790,7 @@ struct mbedtls_ssl_handshake_params
unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
/*!< premaster secret */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
int extensions_present; /*!< extension presence; Each bitfield
represents an extension and defined
as \c MBEDTLS_SSL_EXT_XXX */
@ -803,7 +803,7 @@ struct mbedtls_ssl_handshake_params
} tls13_master_secrets;
mbedtls_ssl_tls13_handshake_secrets tls13_hs_secrets;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
/** Asynchronous operation context. This field is meant for use by the
@ -1477,7 +1477,7 @@ void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight );
* ssl utils functions for checking configuration.
*/
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
static inline int mbedtls_ssl_conf_is_tls13_only( const mbedtls_ssl_config *conf )
{
if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 &&
@ -1489,7 +1489,7 @@ static inline int mbedtls_ssl_conf_is_tls13_only( const mbedtls_ssl_config *conf
}
return( 0 );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
static inline int mbedtls_ssl_conf_is_tls12_only( const mbedtls_ssl_config *conf )
@ -1505,7 +1505,7 @@ static inline int mbedtls_ssl_conf_is_tls12_only( const mbedtls_ssl_config *conf
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3)
static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_config *conf )
{
if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 &&
@ -1517,9 +1517,9 @@ static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_conf
}
return( 0 );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL*/
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl );
int mbedtls_ssl_tls13_write_finished_message( mbedtls_ssl_context *ssl );
@ -1711,7 +1711,7 @@ int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/* Get handshake transcript */
int mbedtls_ssl_get_handshake_transcript( mbedtls_ssl_context *ssl,

View File

@ -293,8 +293,7 @@ static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl )
* Encryption/decryption functions
*/
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) || \
defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) || defined(MBEDTLS_SSL_PROTO_TLS1_3)
static size_t ssl_compute_padding_length( size_t len,
size_t granularity )
@ -376,8 +375,7 @@ static int ssl_parse_inner_plaintext( unsigned char const *content,
return( 0 );
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID ||
MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID || MBEDTLS_SSL_PROTO_TLS1_3 */
/* `add_data` must have size 13 Bytes if the CID extension is disabled,
* and 13 + 1 + CID-length Bytes if the CID extension is enabled. */
@ -422,7 +420,7 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
unsigned char *cur = add_data;
size_t ad_len_field = rec->data_len;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
{
/* In TLS 1.3, the AAD contains the length of the TLSCiphertext,
@ -431,7 +429,7 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
ad_len_field += taglen;
}
else
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
{
((void) minor_ver);
((void) taglen);
@ -593,7 +591,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
* since they apply to different versions of the protocol. There
* is hence no risk of double-addition of the inner plaintext.
*/
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
{
size_t padding =
@ -610,7 +608,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
rec->type = MBEDTLS_SSL_MSG_APPLICATION_DATA;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/*
@ -1459,7 +1457,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
{
/* Remove inner padding and infer true content type. */
@ -1469,7 +1467,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
if( ret != 0 )
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( rec->cid_len != 0 )
@ -2325,12 +2323,12 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
/* Skip writing the record content type to after the encryption,
* as it may change when using the CID extension. */
int minor_ver = ssl->minor_ver;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/* TLS 1.3 still uses the TLS 1.2 version identifier
* for backwards compatibility. */
if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
mbedtls_ssl_write_version( ssl->major_ver, minor_ver,
ssl->conf->transport, ssl->out_hdr + 1 );
@ -3340,14 +3338,14 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
* as unencrypted. The only thing we do with them is
* check the length and content and ignore them.
*/
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( ssl->transform_in != NULL &&
ssl->transform_in->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
{
if( rec->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
done = 1;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
if( !done && ssl->transform_in != NULL )
{
@ -4400,7 +4398,7 @@ int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl )
}
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
{
#if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE)
@ -4413,7 +4411,7 @@ int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
}
if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT )

View File

@ -720,14 +720,14 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
memcpy( transform->randbytes, randbytes, sizeof( transform->randbytes ) );
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
{
/* At the moment, we keep TLS <= 1.2 and TLS 1.3 transform
* generation separate. This should never happen. */
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/*
* Get various info structures
@ -3166,7 +3166,7 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl )
static int ssl_conf_version_check( const mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) )
{
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
@ -3187,7 +3187,7 @@ static int ssl_conf_version_check( const mbedtls_ssl_context *ssl )
}
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( mbedtls_ssl_conf_is_hybrid_tls12_tls13( ssl->conf ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" ) );
@ -3574,13 +3574,13 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
conf->ciphersuite_list = ciphersuites;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config *conf,
const int kex_modes )
{
conf->tls13_kex_modes = kex_modes & MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
@ -3968,14 +3968,14 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
conf->sig_hashes = hashes;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/* Configure allowed signature algorithms for use in TLS 1.3 */
void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf,
const uint16_t* sig_algs )
{
conf->tls13_sig_algs = sig_algs;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_ECP_C)
@ -5219,10 +5219,10 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_SSL_CLI_C)
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
{
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) )
ret = mbedtls_ssl_tls13_handshake_client_step( ssl );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) )
@ -5233,10 +5233,10 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_SSL_SRV_C)
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
{
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) )
ret = mbedtls_ssl_tls13_handshake_server_step( ssl );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) )
@ -5556,12 +5556,12 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
psa_destroy_key( handshake->ecdh_psa_privkey );
#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
mbedtls_ssl_transform_free( handshake->transform_handshake );
mbedtls_ssl_transform_free( handshake->transform_earlydata );
mbedtls_free( handshake->transform_earlydata );
mbedtls_free( handshake->transform_handshake );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
@ -6257,10 +6257,10 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
mbedtls_free( ssl->session_negotiate );
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
mbedtls_ssl_transform_free( ssl->transform_application );
mbedtls_free( ssl->transform_application );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
if( ssl->session )
{
@ -6361,16 +6361,16 @@ static int ssl_preset_suiteb_hashes[] = {
MBEDTLS_MD_NONE
};
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
static uint16_t ssl_preset_default_sig_algs[] = {
/* ECDSA algorithms */
#if defined(MBEDTLS_ECDSA_C)
#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256,
#endif /* MBEDTLS_SHA256_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED */
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384,
#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#endif /* MBEDTLS_SHA384_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512,
#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP521R1_ENABLED */
@ -6391,9 +6391,9 @@ static uint16_t ssl_preset_suiteb_sig_algs[] = {
#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256,
#endif /* MBEDTLS_SHA256_C && MBEDTLS_ECP_DP_SECP256R1_ENABLED */
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
#if defined(MBEDTLS_SHA384_C) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384,
#endif /* MBEDTLS_SHA512_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#endif /* MBEDTLS_SHA384_C && MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#endif /* MBEDTLS_ECDSA_C */
/* RSA algorithms */
@ -6404,7 +6404,7 @@ static uint16_t ssl_preset_suiteb_sig_algs[] = {
MBEDTLS_TLS1_3_SIG_NONE
};
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif
static uint16_t ssl_preset_suiteb_groups[] = {
@ -6495,12 +6495,12 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
}
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/*
* Allow all TLS 1.3 key exchange modes by default.
*/
conf->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/*
* Preset-specific defaults
@ -6524,9 +6524,9 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
conf->sig_hashes = ssl_preset_suiteb_hashes;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
conf->tls13_sig_algs = ssl_preset_suiteb_sig_algs;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif
#if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)
@ -6562,9 +6562,9 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
conf->sig_hashes = ssl_preset_default_hashes;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
conf->tls13_sig_algs = ssl_preset_default_sig_algs;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_DEPRECATED_REMOVED)

View File

@ -21,7 +21,7 @@
#include "common.h"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_CLI_C)
@ -1790,4 +1790,4 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_SSL_CLI_C */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

View File

@ -21,7 +21,7 @@
#if defined(MBEDTLS_SSL_TLS_C)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#include <string.h>
@ -1196,6 +1196,6 @@ cleanup:
#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_SSL_TLS_C */

View File

@ -19,7 +19,7 @@
#include "common.h"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#include <stdint.h>
#include <string.h>
@ -1248,4 +1248,4 @@ int mbedtls_ssl_tls13_generate_application_keys(
return( ret );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

View File

@ -19,7 +19,7 @@
#include "common.h"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_SRV_C)
@ -40,4 +40,4 @@ int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_SSL_SRV_C */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

View File

@ -268,7 +268,7 @@ int main( void )
#define USAGE_CURVES ""
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#define USAGE_SIG_ALGS \
" sig_algs=a,b,c,d default: \"default\" (library default)\n" \
@ -343,13 +343,13 @@ int main( void )
#define USAGE_SERIALIZATION ""
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES \
" tls13_kex_modes=%%s default: all\n" \
" options: psk, psk_ephemeral, ephemeral, ephemeral_all, psk_all, all\n"
#else
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES ""
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/* USAGE is arbitrarily split to stay under the portable string literal
* length limit: 4095 bytes in C99. */
@ -413,11 +413,11 @@ int main( void )
USAGE_DHMLEN \
"\n"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define TLS1_3_VERSION_OPTIONS ", tls13"
#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#else /* MBEDTLS_SSL_PROTO_TLS1_3 */
#define TLS1_3_VERSION_OPTIONS ""
#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* !MBEDTLS_SSL_PROTO_TLS1_3 */
#define USAGE4 \
" allow_sha1=%%d default: 0\n" \
@ -471,9 +471,9 @@ struct options
const char *ecjpake_pw; /* the EC J-PAKE password */
int ec_max_ops; /* EC consecutive operations limit */
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
int tls13_kex_modes; /* supported TLS 1.3 key exchange modes */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
int renegotiation; /* enable / disable renegotiation */
int allow_legacy; /* allow legacy renegotiation */
int renegotiate; /* attempt renegotiation? */
@ -653,11 +653,10 @@ int main( int argc, char *argv[] )
mbedtls_net_context server_fd;
io_ctx_t io_ctx;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
uint16_t sig_alg_list[SIG_ALG_LIST_SIZE];
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
unsigned char buf[MAX_REQUEST_SIZE + 1];
@ -840,9 +839,9 @@ int main( int argc, char *argv[] )
opt.ecjpake_pw = DFL_ECJPAKE_PW;
opt.ec_max_ops = DFL_EC_MAX_OPS;
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
opt.tls13_kex_modes = DFL_TLS1_3_KEX_MODES;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
opt.renegotiation = DFL_RENEGOTIATION;
opt.allow_legacy = DFL_ALLOW_LEGACY;
opt.renegotiate = DFL_RENEGOTIATE;
@ -1093,12 +1092,11 @@ int main( int argc, char *argv[] )
}
else if( strcmp( p, "curves" ) == 0 )
opt.curves = q;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
else if( strcmp( p, "sig_algs" ) == 0 )
opt.sig_algs = q;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
else if( strcmp( p, "etm" ) == 0 )
{
switch( atoi( q ) )
@ -1108,7 +1106,7 @@ int main( int argc, char *argv[] )
default: goto usage;
}
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( p, "tls13_kex_modes" ) == 0 )
{
if( strcmp( q, "psk" ) == 0 )
@ -1125,16 +1123,16 @@ int main( int argc, char *argv[] )
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
else goto usage;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else if( strcmp( p, "min_version" ) == 0 )
{
if( strcmp( q, "tls12" ) == 0 ||
strcmp( q, "dtls12" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
goto usage;
}
@ -1143,10 +1141,10 @@ int main( int argc, char *argv[] )
if( strcmp( q, "tls12" ) == 0 ||
strcmp( q, "dtls12" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
goto usage;
}
@ -1172,13 +1170,13 @@ int main( int argc, char *argv[] )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
goto usage;
}
@ -1504,7 +1502,7 @@ int main( int argc, char *argv[] )
}
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
if( opt.sig_algs != NULL )
{
@ -1565,8 +1563,7 @@ int main( int argc, char *argv[] )
sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
@ -1866,9 +1863,9 @@ int main( int argc, char *argv[] )
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
mbedtls_ssl_conf_tls13_key_exchange_modes( &conf, opt.tls13_kex_modes );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
@ -1907,10 +1904,10 @@ int main( int argc, char *argv[] )
}
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( opt.sig_algs != NULL )
mbedtls_ssl_conf_sig_algs( &conf, sig_alg_list );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)

View File

@ -425,7 +425,7 @@ int main( void )
#define USAGE_CURVES ""
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#define USAGE_SIG_ALGS \
" sig_algs=a,b,c,d default: \"default\" (library default)\n" \
@ -448,13 +448,13 @@ int main( void )
#define USAGE_SERIALIZATION ""
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES \
" tls13_kex_modes=%%s default: all\n" \
" options: psk, psk_ephemeral, ephemeral, ephemeral_all, psk_all, all\n"
#else
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES ""
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/* USAGE is arbitrarily split to stay under the portable string literal
@ -513,11 +513,11 @@ int main( void )
USAGE_SIG_ALGS \
"\n"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define TLS1_3_VERSION_OPTIONS ", tls13"
#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#else /* MBEDTLS_SSL_PROTO_TLS1_3 */
#define TLS1_3_VERSION_OPTIONS ""
#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* !MBEDTLS_SSL_PROTO_TLS1_3 */
#define USAGE4 \
USAGE_SSL_ASYNC \
@ -594,9 +594,9 @@ struct options
char *psk_list; /* list of PSK id/key pairs for callback */
const char *ecjpake_pw; /* the EC J-PAKE password */
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
int tls13_kex_modes; /* supported TLS 1.3 key exchange modes */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
int renegotiation; /* enable / disable renegotiation */
int allow_legacy; /* allow legacy renegotiation */
int renegotiate; /* attempt renegotiation? */
@ -1364,11 +1364,10 @@ int main( int argc, char *argv[] )
size_t context_buf_len = 0;
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
uint16_t sig_alg_list[SIG_ALG_LIST_SIZE];
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
int i;
char *p, *q;
@ -1521,9 +1520,9 @@ int main( int argc, char *argv[] )
opt.psk_list = DFL_PSK_LIST;
opt.ecjpake_pw = DFL_ECJPAKE_PW;
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
opt.tls13_kex_modes = DFL_TLS1_3_KEX_MODES;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
opt.renegotiation = DFL_RENEGOTIATION;
opt.allow_legacy = DFL_ALLOW_LEGACY;
opt.renegotiate = DFL_RENEGOTIATE;
@ -1716,12 +1715,11 @@ int main( int argc, char *argv[] )
}
else if( strcmp( p, "curves" ) == 0 )
opt.curves = q;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
else if( strcmp( p, "sig_algs" ) == 0 )
opt.sig_algs = q;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL && && \
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
else if( strcmp( p, "renegotiation" ) == 0 )
{
opt.renegotiation = (atoi( q )) ?
@ -1771,7 +1769,7 @@ int main( int argc, char *argv[] )
if( opt.exchanges < 0 )
goto usage;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( p, "tls13_kex_modes" ) == 0 )
{
if( strcmp( q, "psk" ) == 0 )
@ -1788,17 +1786,17 @@ int main( int argc, char *argv[] )
opt.tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
else goto usage;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else if( strcmp( p, "min_version" ) == 0 )
{
if( strcmp( q, "tls12" ) == 0 ||
strcmp( q, "dtls12" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
goto usage;
}
@ -1807,10 +1805,10 @@ int main( int argc, char *argv[] )
if( strcmp( q, "tls12" ) == 0 ||
strcmp( q, "dtls12" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
goto usage;
}
@ -1836,13 +1834,13 @@ int main( int argc, char *argv[] )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
goto usage;
}
@ -2248,7 +2246,7 @@ int main( int argc, char *argv[] )
}
#endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
if( opt.sig_algs != NULL )
{
@ -2299,8 +2297,7 @@ int main( int argc, char *argv[] )
sig_alg_list[i] = MBEDTLS_TLS1_3_SIG_NONE;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
@ -2767,9 +2764,9 @@ int main( int argc, char *argv[] )
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
mbedtls_ssl_conf_tls13_key_exchange_modes( &conf, opt.tls13_kex_modes );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
@ -2911,10 +2908,10 @@ int main( int argc, char *argv[] )
}
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( opt.sig_algs != NULL )
mbedtls_ssl_conf_sig_algs( &conf, sig_alg_list );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)

View File

@ -1089,7 +1089,7 @@ all_final += cert_md5.crt
# TLSv1.3 test certificates
ecdsa_secp256r1.key: ec_256_prv.pem
ln -s $< $@
cp $< $@
ecdsa_secp256r1.csr: ecdsa_secp256r1.key
$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
@ -1102,7 +1102,7 @@ all_final += ecdsa_secp256r1.crt ecdsa_secp256r1.key
tls13_certs: ecdsa_secp256r1.crt ecdsa_secp256r1.key
ecdsa_secp384r1.key: ec_384_prv.pem
ln -s $< $@
cp $< $@
ecdsa_secp384r1.csr: ecdsa_secp384r1.key
$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
-key $< -out $@
@ -1114,7 +1114,7 @@ all_final += ecdsa_secp384r1.crt ecdsa_secp384r1.key
tls13_certs: ecdsa_secp384r1.crt ecdsa_secp384r1.key
ecdsa_secp521r1.key: ec_521_prv.pem
ln -s $< $@
cp $< $@
ecdsa_secp521r1.csr: ecdsa_secp521r1.key
$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
-key $< -out $@

View File

@ -1 +0,0 @@
ec_256_prv.pem

View File

@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIEnJqMGMS4hWOMQxzx3xyZQTFgm1gNT9Q6DKsX2y8T7uoAoGCCqGSM49
AwEHoUQDQgAEd3Jlb4FLOZJ51eHxeB+sbwmaPFyhsONTUYNLCLZeC1clkM2vj3aT
YbzzSs/BHl4HToQmvd4Evm5lOUVElhfeRQ==
-----END EC PRIVATE KEY-----

View File

@ -1 +0,0 @@
ec_384_prv.pem

View File

@ -0,0 +1,6 @@
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDA/XY2b4oC1aWzFzJ+Uz4r35rYd1lkrKrKzpMYHRQQX7DJ9zcrtfBAF
PXGaBXTwp2qgBwYFK4EEACKhZANiAATZxmK1C6KcpHmQRQ4EOur08MabFWdtES9i
KnHJMFmvmZaRxWgNK0TREVedsS9KQTou1cRfz7Z7W2PgC5Hr5Z0JprGsLAxCgqoS
MX7VkU+Zm8SIuxMug0LMNvLKXjN5x0c=
-----END EC PRIVATE KEY-----

View File

@ -1 +0,0 @@
ec_521_prv.pem

View File

@ -0,0 +1,7 @@
-----BEGIN EC PRIVATE KEY-----
MIHcAgEBBEIBsbatB7t55zINpZhg6ijgVShPYFjyed5mbgbUNdKve9oo2Z+ke33Q
lj4WsAcweO6LijjZZqWC9G0Z/5XfOtloWq6gBwYFK4EEACOhgYkDgYYABAAd4ULV
T2nrA47kt6+dPKB3Nv2c9xnrNU1ph57n88E2+w+/nwj4a+X6Eo7BoFHT5sZD6Fra
j/rPNmPCYL0shEtvVgDO6OSKnmXQnK3YnyNd7gXzuKZGvnFfH2fVtDTg/yOh/Afv
d0AZPkDu/287zf12WqkVUDNST+TyBfVETiksTC9qwQ==
-----END EC PRIVATE KEY-----

File diff suppressed because it is too large Load Diff

View File

@ -1531,6 +1531,7 @@ component_test_no_use_psa_crypto_full_cmake_asan() {
scripts/config.py set MBEDTLS_ECP_RESTARTABLE # not using PSA, so enable restartable ECC
scripts/config.py unset MBEDTLS_PSA_CRYPTO_C
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C
scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
@ -1866,8 +1867,8 @@ component_build_psa_accel_alg_hkdf() {
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_HKDF_C
# Make sure to unset TLS1_3_EXPERIMENTAL since it requires HKDF_C and will not build properly without it.
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
# Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it.
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
}
@ -2723,69 +2724,69 @@ component_build_armcc () {
armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a"
}
component_test_tls13_experimental () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
component_test_tls13 () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding"
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
make test
msg "ssl-opt.sh (TLS 1.3 experimental)"
msg "ssl-opt.sh (TLS 1.3)"
if_build_succeeded tests/ssl-opt.sh
}
component_test_tls13_experimental_no_compatibility_mode () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
component_test_tls13_no_compatibility_mode () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding"
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding"
make test
msg "ssl-opt.sh (TLS 1.3 experimental)"
msg "ssl-opt.sh (TLS 1.3 no compatibility mode)"
if_build_succeeded tests/ssl-opt.sh
}
component_test_tls13_experimental_with_padding () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
component_test_tls13_with_padding () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, with padding"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding"
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, with padding"
make test
msg "ssl-opt.sh (TLS 1.3 experimental)"
msg "ssl-opt.sh (TLS 1.3 with padding)"
if_build_succeeded tests/ssl-opt.sh
}
component_test_tls13_experimental_with_ecp_restartable () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with ecp_restartable"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
component_test_tls13_with_ecp_restartable () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, with ecp_restartable"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
scripts/config.py set MBEDTLS_ECP_RESTARTABLE
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with ecp_restartable"
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, with ecp_restartable"
make test
msg "ssl-opt.sh (TLS 1.3 experimental)"
msg "ssl-opt.sh (TLS 1.3 with ecp_restartable)"
if_build_succeeded tests/ssl-opt.sh
}
component_test_tls13_experimental_with_everest () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with Everest"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
component_test_tls13_with_everest () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, with Everest"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with Everest"
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, with Everest"
make test
msg "ssl-opt.sh (TLS 1.3 experimental)"
msg "ssl-opt.sh (TLS 1.3 with everest)"
if_build_succeeded tests/ssl-opt.sh
}

View File

@ -278,7 +278,7 @@ class MbedTLSCli(TLSProgram):
def pre_checks(self):
ret = ['requires_config_enabled MBEDTLS_DEBUG_C',
'requires_config_enabled MBEDTLS_SSL_CLI_C',
'requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL',
'requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3',
'requires_config_disabled MBEDTLS_USE_PSA_CRYPTO']
if self._compat_mode:

View File

@ -1697,32 +1697,32 @@ run_test "SHA-256 allowed by default in client certificate" \
# Dummy TLS 1.3 test
# Currently only checking that passing TLS 1.3 key exchange modes to
# ssl_client2/ssl_server2 example programs works.
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
run_test "TLS 1.3, key exchange mode parameter passing: PSK only" \
"$P_SRV tls13_kex_modes=psk" \
"$P_CLI tls13_kex_modes=psk" \
0
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
run_test "TLS 1.3, key exchange mode parameter passing: PSK-ephemeral only" \
"$P_SRV tls13_kex_modes=psk_ephemeral" \
"$P_CLI tls13_kex_modes=psk_ephemeral" \
0
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
run_test "TLS 1.3, key exchange mode parameter passing: Pure-ephemeral only" \
"$P_SRV tls13_kex_modes=ephemeral" \
"$P_CLI tls13_kex_modes=ephemeral" \
0
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
run_test "TLS 1.3, key exchange mode parameter passing: All ephemeral" \
"$P_SRV tls13_kex_modes=ephemeral_all" \
"$P_CLI tls13_kex_modes=ephemeral_all" \
0
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
run_test "TLS 1.3, key exchange mode parameter passing: All PSK" \
"$P_SRV tls13_kex_modes=psk_all" \
"$P_CLI tls13_kex_modes=psk_all" \
0
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
run_test "TLS 1.3, key exchange mode parameter passing: All" \
"$P_SRV tls13_kex_modes=all" \
"$P_CLI tls13_kex_modes=all" \
@ -8790,7 +8790,7 @@ run_test "TLS 1.3: Test gnutls tls1_3 feature" \
# TLS1.3 test cases
# TODO: remove or rewrite this test case if #4832 is resolved.
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
skip_handshake_stage_check
run_test "TLS 1.3: Not supported version check: tls12 and tls13" \
"$P_SRV debug_level=1 min_version=tls12 max_version=tls13" \
@ -8802,7 +8802,7 @@ run_test "TLS 1.3: Not supported version check: tls12 and tls13" \
-c "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
run_test "TLS 1.3: handshake dispatch test: tls13 only" \
"$P_SRV debug_level=2 min_version=tls13 max_version=tls13" \
"$P_CLI debug_level=2 min_version=tls13 max_version=tls13" \
@ -8811,7 +8811,7 @@ run_test "TLS 1.3: handshake dispatch test: tls13 only" \
-c "tls13 client state: MBEDTLS_SSL_HELLO_REQUEST"
requires_openssl_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -8844,7 +8844,7 @@ run_test "TLS 1.3: minimal feature sets - openssl" \
requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -8876,7 +8876,7 @@ run_test "TLS 1.3: minimal feature sets - gnutls" \
-c "<= parse finished message" \
-c "HTTP/1.0 200 OK"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
skip_handshake_stage_check
@ -8890,7 +8890,7 @@ run_test "TLS 1.3:Not supported version check:gnutls: srv max TLS 1.0" \
-S "Version: TLS1.0" \
-C "Protocol is TLSv1.0"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
skip_handshake_stage_check
@ -8904,7 +8904,7 @@ run_test "TLS 1.3:Not supported version check:gnutls: srv max TLS 1.1" \
-S "Version: TLS1.1" \
-C "Protocol is TLSv1.1"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
skip_handshake_stage_check
@ -8918,7 +8918,7 @@ run_test "TLS 1.3:Not supported version check:gnutls: srv max TLS 1.2" \
-S "Version: TLS1.2" \
-C "Protocol is TLSv1.2"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
skip_handshake_stage_check
@ -8932,7 +8932,7 @@ run_test "TLS 1.3:Not supported version check:openssl: srv max TLS 1.0" \
-S "Version: TLS1.0" \
-C "Protocol : TLSv1.0"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
skip_handshake_stage_check
@ -8946,7 +8946,7 @@ run_test "TLS 1.3:Not supported version check:openssl: srv max TLS 1.1" \
-S "Version: TLS1.1" \
-C "Protocol : TLSv1.1"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
skip_handshake_stage_check
@ -8961,7 +8961,7 @@ run_test "TLS 1.3:Not supported version check:openssl: srv max TLS 1.2" \
-C "Protocol : TLSv1.2"
requires_openssl_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -8974,7 +8974,7 @@ run_test "TLS 1.3: CertificateRequest check - openssl" \
requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -8985,7 +8985,7 @@ run_test "TLS 1.3: CertificateRequest check - gnutls" \
1 \
-c "CertificateRequest not supported"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -9001,7 +9001,7 @@ run_test "TLS 1.3: HelloRetryRequest check - openssl" \
requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -9021,7 +9021,7 @@ do
done
requires_openssl_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -9033,7 +9033,7 @@ run_test "TLS 1.3 m->O both peers do not support middlebox compatibility" \
-c "HTTP/1.0 200 ok"
requires_openssl_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -9047,7 +9047,7 @@ run_test "TLS 1.3 m->O server with middlebox compat support, not client" \
requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_gnutls_next_disable_tls13_compat
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -9060,7 +9060,7 @@ run_test "TLS 1.3 m->G both peers do not support middlebox compatibility" \
requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C

View File

@ -20,7 +20,7 @@
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
* depends_on:MBEDTLS_SSL_PROTO_TLS1_3
* END_DEPENDENCIES
*/

View File

@ -2363,7 +2363,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, AES-128-GCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_GCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, AES-128-GCM, 1.2, CID 4+4
@ -2391,7 +2391,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, AES-192-GCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_GCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, AES-192-GCM, 1.2, CID 4+4
@ -2419,7 +2419,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, AES-256-GCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_GCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, AES-256-GCM, 1.2, CID 4+4
@ -2519,7 +2519,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, AES-128-CCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_CCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, AES-128-CCM, 1.2, CID 4+4
@ -2547,7 +2547,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, AES-192-CCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_CCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, AES-192-CCM, 1.2, CID 4+4
@ -2575,7 +2575,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, AES-256-CCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_CCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, AES-256-CCM, 1.2, CID 4+4
@ -2739,7 +2739,7 @@ depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_2
ssl_crypt_record:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, ChachaPoly, 1.3
depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_3
ssl_crypt_record:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, little space, ChachaPoly
@ -2747,7 +2747,7 @@ depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_2
ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, little space, ChachaPoly, 1.3
depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_3
ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, little space, ChachaPoly, CID 4+4
@ -4491,7 +4491,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, little space, AES-128-GCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_GCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, little space, AES-128-GCM, 1.2, CID 4+4
@ -4519,7 +4519,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, little space, AES-192-GCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_GCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, little space, AES-192-GCM, 1.2, CID 4+4
@ -4547,7 +4547,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, little space, AES-256-GCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_GCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, little space, AES-256-GCM, 1.2, CID 4+4
@ -4647,7 +4647,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, little space, AES-128-CCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_CCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, little space, AES-128-CCM, 1.2, CID 4+4
@ -4675,7 +4675,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, little space, AES-192-CCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_CCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, little space, AES-192-CCM, 1.2, CID 4+4
@ -4703,7 +4703,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
Record crypt, little space, AES-256-CCM, 1.3
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_CCM_C
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_4:0:0
Record crypt, little space, AES-256-CCM, 1.2, CID 4+4
@ -5889,7 +5889,7 @@ ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:255
SSL TLS 1.3 Key schedule: Secret evolution #1
# Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/)
# Initial secret to Early Secret
depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
depends_on:MBEDTLS_SSL_PROTO_TLS1_3
ssl_tls13_key_evolution:MBEDTLS_MD_SHA256:"":"":"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a"
SSL TLS 1.3 Key schedule: Secret evolution #2

View File

@ -1323,14 +1323,14 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
{
case MBEDTLS_MODE_GCM:
case MBEDTLS_MODE_CCM:
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( ver == MBEDTLS_SSL_MINOR_VERSION_4 )
{
t_out->fixed_ivlen = 12;
t_in->fixed_ivlen = 12;
}
else
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
{
t_out->fixed_ivlen = 4;
t_in->fixed_ivlen = 4;
@ -3254,7 +3254,7 @@ void ssl_crypt_record( int cipher_type, int hash_id,
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
{
/* TLS 1.3 hides the real content type and
@ -3262,7 +3262,7 @@ void ssl_crypt_record( int cipher_type, int hash_id,
* for protected records. Double-check this. */
TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/* Decrypt record with t_dec */
ret = mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec );
@ -3418,7 +3418,7 @@ void ssl_crypt_record_small( int cipher_type, int hash_id,
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
{
/* TLS 1.3 hides the real content type and
@ -3426,7 +3426,7 @@ void ssl_crypt_record_small( int cipher_type, int hash_id,
* for protected records. Double-check this. */
TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/* Decrypt record with t_dec */
TEST_ASSERT( mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec ) == 0 );
@ -3669,7 +3669,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */
void ssl_tls13_hkdf_expand_label( int hash_alg,
data_t *secret,
int label_idx,
@ -3707,7 +3707,7 @@ MBEDTLS_SSL_TLS1_3_LABEL_LIST
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */
void ssl_tls13_traffic_key_generation( int hash_alg,
data_t *server_secret,
data_t *client_secret,
@ -3754,7 +3754,7 @@ void ssl_tls13_traffic_key_generation( int hash_alg,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */
void ssl_tls13_derive_secret( int hash_alg,
data_t *secret,
int label_idx,
@ -3794,7 +3794,7 @@ MBEDTLS_SSL_TLS1_3_LABEL_LIST
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */
void ssl_tls13_derive_early_secrets( int hash_alg,
data_t *secret,
data_t *transcript,
@ -3824,7 +3824,7 @@ void ssl_tls13_derive_early_secrets( int hash_alg,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */
void ssl_tls13_derive_handshake_secrets( int hash_alg,
data_t *secret,
data_t *transcript,
@ -3854,7 +3854,7 @@ void ssl_tls13_derive_handshake_secrets( int hash_alg,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */
void ssl_tls13_derive_application_secrets( int hash_alg,
data_t *secret,
data_t *transcript,
@ -3888,7 +3888,7 @@ void ssl_tls13_derive_application_secrets( int hash_alg,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */
void ssl_tls13_derive_resumption_secrets( int hash_alg,
data_t *secret,
data_t *transcript,
@ -3914,7 +3914,7 @@ void ssl_tls13_derive_resumption_secrets( int hash_alg,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */
void ssl_tls13_create_psk_binder( int hash_alg,
data_t *psk,
int psk_type,
@ -3944,7 +3944,7 @@ void ssl_tls13_create_psk_binder( int hash_alg,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */
void ssl_tls13_record_protection( int ciphersuite,
int endpoint,
int ctr,
@ -4042,7 +4042,7 @@ void ssl_tls13_record_protection( int ciphersuite,
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */
void ssl_tls13_key_evolution( int hash_alg,
data_t *secret,
data_t *input,