diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h index e5b8d74416..ef4927f72e 100644 --- a/tests/include/test/ssl_helpers.h +++ b/tests/include/test/ssl_helpers.h @@ -70,6 +70,13 @@ defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY #endif + +#if defined(PSA_WANT_ALG_GCM) || \ + defined(PSA_WANT_ALG_CCM) || \ + defined(PSA_WANT_ALG_CHACHA20_POLY1305) +#define MBEDTLS_TEST_HAS_AEAD_ALG +#endif + enum { #define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ tls13_label_ ## name, diff --git a/tests/scripts/components-configuration-tls.sh b/tests/scripts/components-configuration-tls.sh index 917ceefaa9..6b3f9c2a67 100644 --- a/tests/scripts/components-configuration-tls.sh +++ b/tests/scripts/components-configuration-tls.sh @@ -242,8 +242,8 @@ component_test_small_mbedtls_ssl_dtls_max_buffering () { tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" } -# Common helper for component_full_without_ecdhe_ecdsa() and -# component_full_without_ecdhe_ecdsa_and_tls13() which: +# Common helper for component_full_without_ecdhe_ecdsa(), +# component_full_without_ecdhe_ecdsa_and_tls13() and component_full_without_tls13 which: # - starts from the "full" configuration minus the list of symbols passed in # as 1st parameter # - build @@ -277,6 +277,10 @@ component_full_without_ecdhe_ecdsa_and_tls13 () { MBEDTLS_SSL_PROTO_TLS1_3" } +component_full_without_tls13 () { + build_full_minus_something_and_test_tls "MBEDTLS_SSL_PROTO_TLS1_3" +} + component_build_no_ssl_srv () { msg "build: full config except SSL server, make, gcc" # ~ 30s scripts/config.py full diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 23b692c723..75ab93861b 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2502,20 +2502,6 @@ run_test "Opaque key for server authentication: ECDHE-RSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_RSA_C -requires_hash_alg SHA_256 -run_test "Opaque key for server authentication: RSA-" \ - "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \ - "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \ - 0 \ - -c "Verifying peer X.509 certificate... ok" \ - -c "Ciphersuite is TLS-RSA-" \ - -s "key types: Opaque, Opaque" \ - -s "Ciphersuite is TLS-RSA-" \ - -S "error" \ - -C "error" - requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 @@ -3618,7 +3604,7 @@ run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" run_test "Encrypt then MAC: default" \ "$P_SRV debug_level=3 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ "$P_CLI debug_level=3" \ 0 \ -c "client hello, adding encrypt_then_mac extension" \ @@ -3630,7 +3616,7 @@ run_test "Encrypt then MAC: default" \ run_test "Encrypt then MAC: client enabled, server disabled" \ "$P_SRV debug_level=3 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ "$P_CLI debug_level=3 etm=1" \ 0 \ -c "client hello, adding encrypt_then_mac extension" \ @@ -3642,7 +3628,7 @@ run_test "Encrypt then MAC: client enabled, server disabled" \ run_test "Encrypt then MAC: client enabled, aead cipher" \ "$P_SRV debug_level=3 etm=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256" \ "$P_CLI debug_level=3 etm=1" \ 0 \ -c "client hello, adding encrypt_then_mac extension" \ @@ -3654,7 +3640,7 @@ run_test "Encrypt then MAC: client enabled, aead cipher" \ run_test "Encrypt then MAC: client disabled, server enabled" \ "$P_SRV debug_level=3 etm=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ "$P_CLI debug_level=3 etm=0" \ 0 \ -C "client hello, adding encrypt_then_mac extension" \ @@ -3740,7 +3726,7 @@ run_test "Encrypt then MAC, DTLS: disabled, empty application data record" \ run_test "CBC Record splitting: TLS 1.2, no splitting" \ "$P_SRV force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \ request_size=123" \ 0 \ -s "Read from client: 123 bytes read" \ @@ -7776,20 +7762,6 @@ run_test "keyUsage srv 1.2: ECC, keyEncipherment -> fail" \ # Tests for keyUsage in leaf certificates, part 2: # client-side checking of server cert -# -# TLS 1.3 uses only signature, but for 1.2 it depends on the key exchange. -# In 4.0 this will probably change as all TLS 1.2 key exchanges will use -# signatures too, following the removal of RSA #8170 and static ECDH #9201. - -run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, RSA: OK" \ - "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ - -cert $DATA_FILES_PATH/server2.ku-ds_ke.crt" \ - "$P_CLI debug_level=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, ECDHE-RSA: OK" \ "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ @@ -7801,16 +7773,6 @@ run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, ECDHE-RSA: OK" -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is TLS-" -run_test "keyUsage cli 1.2: KeyEncipherment, RSA: OK" \ - "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ - -cert $DATA_FILES_PATH/server2.ku-ke.crt" \ - "$P_CLI debug_level=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" - run_test "keyUsage cli 1.2: KeyEncipherment, ECDHE-RSA: fail (hard)" \ "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ -cert $DATA_FILES_PATH/server2.ku-ke.crt" \ @@ -7846,31 +7808,6 @@ run_test "keyUsage cli 1.2: DigitalSignature, ECDHE-RSA: OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is TLS-" -run_test "keyUsage cli 1.2: DigitalSignature, RSA: fail (hard)" \ - "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ - -cert $DATA_FILES_PATH/server2.ku-ds.crt" \ - "$P_CLI debug_level=3 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -c "bad certificate (usage extensions)" \ - -c "Processing of the Certificate handshake message failed" \ - -C "Ciphersuite is TLS-" \ - -c "send alert level=2 message=43" \ - -c "! Usage does not match the keyUsage extension" - # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT - -run_test "keyUsage cli 1.2: DigitalSignature, RSA: fail (soft)" \ - "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ - -cert $DATA_FILES_PATH/server2.ku-ds.crt" \ - "$P_CLI debug_level=3 auth_mode=optional \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -c "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" \ - -C "send alert level=2 message=43" \ - -c "! Usage does not match the keyUsage extension" - requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli 1.3: DigitalSignature, RSA: OK" \ @@ -8981,14 +8918,14 @@ run_test "mbedtls_ssl_get_bytes_avail: extra data (max)" \ run_test "Small client packet TLS 1.2 BlockCipher" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA etm=0" \ 0 \ -s "Read from client: 1 bytes read" @@ -9002,14 +8939,14 @@ run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \ run_test "Small client packet TLS 1.2 AEAD" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 AEAD shorter tag" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \ 0 \ -s "Read from client: 1 bytes read" @@ -9035,7 +8972,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small client packet DTLS 1.2" \ "$P_SRV dtls=1 force_version=dtls12" \ "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "Read from client: 1 bytes read" @@ -9043,7 +8980,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small client packet DTLS 1.2, without EtM" \ "$P_SRV dtls=1 force_version=dtls12 etm=0" \ "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "Read from client: 1 bytes read" @@ -9051,13 +8988,13 @@ run_test "Small client packet DTLS 1.2, without EtM" \ run_test "Small server packet TLS 1.2 BlockCipher" \ "$P_SRV response_size=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV response_size=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA etm=0" \ 0 \ -c "Read from server: 1 bytes read" @@ -9069,13 +9006,13 @@ run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \ run_test "Small server packet TLS 1.2 AEAD" \ "$P_SRV response_size=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 AEAD shorter tag" \ "$P_SRV response_size=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \ 0 \ -c "Read from server: 1 bytes read" @@ -9099,7 +9036,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small server packet DTLS 1.2" \ "$P_SRV dtls=1 response_size=1 force_version=dtls12" \ "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "Read from server: 1 bytes read" @@ -9107,7 +9044,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small server packet DTLS 1.2, without EtM" \ "$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \ "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "Read from server: 1 bytes read" @@ -9121,7 +9058,7 @@ fragments_for_write() { run_test "Large client packet TLS 1.2 BlockCipher" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=16384 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -9129,7 +9066,7 @@ run_test "Large client packet TLS 1.2 BlockCipher" \ run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=16384 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -9144,7 +9081,7 @@ run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \ run_test "Large client packet TLS 1.2 AEAD" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=16384 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -9152,7 +9089,7 @@ run_test "Large client packet TLS 1.2 AEAD" \ run_test "Large client packet TLS 1.2 AEAD shorter tag" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=16384 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -9178,13 +9115,13 @@ run_test "Large client packet TLS 1.3 AEAD shorter tag" \ # The tests below fail when the server's OUT_CONTENT_LEN is less than 16384. run_test "Large server packet TLS 1.2 BlockCipher" \ "$P_SRV response_size=16384 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "Read from server: 16384 bytes read" run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV response_size=16384 force_version=tls12" \ - "$P_CLI etm=0 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + "$P_CLI etm=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "16384 bytes written in 1 fragments" \ -c "Read from server: 16384 bytes read" @@ -9197,20 +9134,20 @@ run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \ run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ "$P_SRV response_size=16384 trunc_hmac=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ 0 \ -s "16384 bytes written in 1 fragments" \ -c "Read from server: 16384 bytes read" run_test "Large server packet TLS 1.2 AEAD" \ "$P_SRV response_size=16384 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 0 \ -c "Read from server: 16384 bytes read" run_test "Large server packet TLS 1.2 AEAD shorter tag" \ "$P_SRV response_size=16384 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \ 0 \ -c "Read from server: 16384 bytes read" @@ -9538,51 +9475,6 @@ run_test "SSL async private: sign, SNI" \ -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, delay=0" \ - "$P_SRV \ - async_operations=d async_private_delay1=0 async_private_delay2=0" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, delay=1" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): call 0 more times." \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign callback not present" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI force_version=tls12; [ \$? -eq 1 ] && - $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -S "Async sign callback" \ - -s "! mbedtls_ssl_handshake returned" \ - -s "The own private key or pre-shared key is not set, but needed" \ - -s "Async resume (slot [0-9]): decrypt done, status=0" \ - -s "Successful connection" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt callback not present" \ - "$P_SRV debug_level=1 \ - async_operations=s async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA; - [ \$? -eq 1 ] && $P_CLI force_version=tls12" \ - 0 \ - -S "Async decrypt callback" \ - -s "! mbedtls_ssl_handshake returned" \ - -s "got no RSA private key" \ - -s "Async resume (slot [0-9]): sign done, status=0" \ - -s "Successful connection" - # key1: ECDSA, key2: RSA; use key1 from slot 0 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE run_test "SSL async private: slot 0 used with key1" \ @@ -9668,41 +9560,6 @@ run_test "SSL async private: sign, error in resume" \ -S "Async cancel" \ -s "! mbedtls_ssl_handshake returned" -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, error in start" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - async_private_error=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -s "Async decrypt callback: injected error" \ - -S "Async resume" \ - -S "Async cancel" \ - -s "! mbedtls_ssl_handshake returned" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, cancel after start" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - async_private_error=2" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -s "Async decrypt callback: using key slot " \ - -S "Async resume" \ - -s "Async cancel" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, error in resume" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - async_private_error=3" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume callback: decrypt done but injected error" \ - -S "Async cancel" \ - -s "! mbedtls_ssl_handshake returned" - requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE run_test "SSL async private: cancel after start then operate correctly" \ "$P_SRV force_version=tls12 \ @@ -9790,37 +9647,13 @@ run_test "SSL async private: renegotiation: server-initiated, sign" \ -s "Async sign callback: using key slot " \ -s "Async resume (slot [0-9]): sign done, status=0" -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "SSL async private: renegotiation: client-initiated, decrypt" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - exchanges=2 renegotiation=1" \ - "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "SSL async private: renegotiation: server-initiated, decrypt" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - exchanges=2 renegotiation=1 renegotiate=1" \ - "$P_CLI exchanges=2 renegotiation=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - # Tests for ECC extensions (rfc 4492) requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED run_test "Force a non ECC ciphersuite in the client side" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ + "$P_SRV debug_level=3 psk=73776f726466697368" \ + "$P_CLI debug_level=3 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA256" \ 0 \ -C "client hello, adding supported_groups extension" \ -C "client hello, adding supported_point_formats extension" \ @@ -9828,10 +9661,10 @@ run_test "Force a non ECC ciphersuite in the client side" \ -S "found supported point formats extension" requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED run_test "Force a non ECC ciphersuite in the server side" \ - "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ - "$P_CLI debug_level=3" \ + "$P_SRV debug_level=3 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA256" \ + "$P_CLI debug_level=3 psk=73776f726466697368" \ 0 \ -C "found supported_point_formats extension" \ -S "server hello, supported_point_formats extension" @@ -11792,11 +11625,11 @@ run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ -c "HTTP/1.0 200 OK" client_needs_more_time 2 -run_test "DTLS proxy: 3d, \"short\" RSA handshake" \ +run_test "DTLS proxy: 3d, \"short\" ECDHE-RSA handshake" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -s "Extra-header:" \ -c "HTTP/1.0 200 OK" diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index cd0c303e91..565588bea6 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -368,9 +368,9 @@ Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0 -Handshake, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0 +Handshake, ECDHE-RSA-WITH-AES-128-CBC-SHA256 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256":MBEDTLS_PK_RSA:0 Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH @@ -396,9 +396,9 @@ DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 -DTLS Handshake, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1 +DTLS Handshake, ECDHE-RSA-WITH-AES-128-CBC-SHA256 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256":MBEDTLS_PK_RSA:1 DTLS Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH @@ -435,22 +435,6 @@ Handshake min/max version check, all -> 1.3 depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_3 -Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - -Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - -Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - -Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 @@ -629,39 +613,51 @@ DTLS serialization with MFL=4096 resize_buffers_serialize_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096 DTLS no legacy renegotiation with MFL=512 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"" DTLS no legacy renegotiation with MFL=1024 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"" DTLS no legacy renegotiation with MFL=2048 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"" DTLS no legacy renegotiation with MFL=4096 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"" DTLS legacy allow renegotiation with MFL=512 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"" DTLS legacy allow renegotiation with MFL=1024 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"" DTLS legacy allow renegotiation with MFL=2048 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"" DTLS legacy allow renegotiation with MFL=4096 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"" DTLS legacy break handshake renegotiation with MFL=512 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS legacy break handshake renegotiation with MFL=1024 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS legacy break handshake renegotiation with MFL=2048 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS legacy break handshake renegotiation with MFL=4096 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 @@ -712,53 +708,53 @@ DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256- depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" -DTLS no legacy renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS no legacy renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS no legacy renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS no legacy renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy break handshake renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy break handshake renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy break handshake renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 2b50f0e3f2..e9584dcc1f 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2825,7 +2825,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */ void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation, int serialize, int dtls, char *cipher) { @@ -2843,6 +2843,12 @@ void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation, } options.resize_buffers = 1; + const mbedtls_ssl_ciphersuite_t *ciphersuite = + mbedtls_ssl_ciphersuite_from_string(cipher); + if (ciphersuite != NULL) { + options.pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite); + } + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ @@ -2852,17 +2858,39 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_TEST_HAS_AEAD_ALG:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ void resize_buffers_serialize_mfl(int mfl) { + /* Choose an AEAD ciphersuite */ + const int *ciphersuites = mbedtls_ssl_list_ciphersuites(); + const mbedtls_ssl_ciphersuite_t *ciphersuite = NULL; + int i = 0; + while (ciphersuites[i] != 0) { + ciphersuite = mbedtls_ssl_ciphersuite_from_id(ciphersuites[i]); + + if (ciphersuite->min_tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { + const mbedtls_ssl_mode_t mode = +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) + mbedtls_ssl_get_mode_from_ciphersuite(0, ciphersuite); +#else + mbedtls_ssl_get_mode_from_ciphersuite(ciphersuite); +#endif + if (mode == MBEDTLS_SSL_MODE_AEAD) { + break; + } + } + + i++; + } + + TEST_ASSERT(ciphersuite != NULL); + test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1, - (char *) ""); - /* The goto below is used to avoid an "unused label" warning.*/ - goto exit; + (char *) ciphersuite->name); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */ void resize_buffers_renegotiate_mfl(int mfl, int legacy_renegotiation, char *cipher) {