From 0c9c10a4013d08c265482584a6b4661a88cfff1d Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Thu, 12 May 2022 14:15:06 +0200 Subject: [PATCH 01/18] Introduce mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg() and use it in ssl_pick_cert() Signed-off-by: Neil Armstrong --- include/mbedtls/ssl_ciphersuites.h | 4 +++ library/ssl_ciphersuites.c | 47 ++++++++++++++++++++++++++++++ library/ssl_tls12_server.c | 22 ++++++++++++++ 3 files changed, 73 insertions(+) diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index c77052877d..5352d75929 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -389,6 +389,10 @@ const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuit #if defined(MBEDTLS_PK_C) mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg( const mbedtls_ssl_ciphersuite_t *info ); +psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_ext_usage( const mbedtls_ssl_ciphersuite_t *info ); +#endif mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ); #endif diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 7deb57a1d1..73a99e3208 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1921,6 +1921,53 @@ mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciph } } +#if defined(MBEDTLS_USE_PSA_CRYPTO) +psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + return( PSA_ALG_RSA_PKCS1V15_CRYPT ); + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + return( PSA_ALG_RSA_PKCS1V15_SIGN( + mbedtls_psa_translate_md( info->mac ) ) ); + + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( PSA_ALG_ECDSA( mbedtls_psa_translate_md( info->mac ) ) ); + + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + return( PSA_ALG_ECDH ); + + default: + return( PSA_ALG_NONE ); + } +} + +psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_ext_usage( const mbedtls_ssl_ciphersuite_t *info ) +{ + switch( info->key_exchange ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + return( PSA_KEY_USAGE_DECRYPT ); + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( PSA_KEY_USAGE_SIGN_HASH ); + + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + return( PSA_KEY_USAGE_DERIVE ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ) { switch( info->key_exchange ) diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 21e5cda97d..161a5ebe35 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -682,8 +682,15 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, const mbedtls_ssl_ciphersuite_t * ciphersuite_info ) { mbedtls_ssl_key_cert *cur, *list; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_algorithm_t pk_alg = + mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg( ciphersuite_info ); + psa_key_usage_t pk_usage = + mbedtls_ssl_get_ciphersuite_sig_pk_ext_usage( ciphersuite_info ); +#else mbedtls_pk_type_t pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ uint32_t flags; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) @@ -693,7 +700,11 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, #endif list = ssl->conf->key_cert; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( pk_alg == PSA_ALG_NONE ) +#else if( pk_alg == MBEDTLS_PK_NONE ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ return( 0 ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) ); @@ -710,7 +721,18 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate", cur->cert ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + if( ( ssl->conf->f_async_sign_start == NULL && + ssl->conf->f_async_decrypt_start == NULL && + ! mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) ) || + ! mbedtls_pk_can_do_ext( &cur->cert->pk, pk_alg, pk_usage ) ) +#else + if( ! mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) ) +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ +#else if( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) ) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ { MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) ); continue; From eb4390b27c83593de4248be1a5af91131f52f983 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 27 May 2022 10:26:02 +0200 Subject: [PATCH 02/18] Add Cipersuite selection negative testing by using invalid algs for server-side opaque key Signed-off-by: Neil Armstrong --- tests/ssl-opt.sh | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0b6711cdd4..29f330a1af 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1735,6 +1735,23 @@ run_test "TLS-ECDHE-RSA Opaque key for client authentication" \ -S "error" \ -C "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "TLS-ECDHE-ECDSA Opaque key for server authentication, invalid algs" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \ + debug_level=1" \ + "$P_CLI crt_file=data_files/server5.crt \ + key_file=data_files/server5.key" \ + 1 \ + -s "key types: Opaque, none" \ + -s "got ciphersuites in common, but none of them usable" \ + -s "error" \ + -c "error" + requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C @@ -1802,6 +1819,24 @@ run_test "TLS-ECDHE-ECDSA Opaque key for server authentication" \ -S "error" \ -C "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "TLS-ECDHE-RSA Opaque key for server authentication, invalid algs" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ + key_file=data_files/server2.key key_opaque_algs=ecdh,none \ + debug_level=1" \ + "$P_CLI crt_file=data_files/server2-sha256.crt \ + key_file=data_files/server2.key" \ + 1 \ + -s "key types: Opaque, none" \ + -s "got ciphersuites in common, but none of them usable" \ + -s "error" \ + -c "error" + requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C From 8c52ed8d1ee04125a63e1d18cbcbaa3ab2bb91fe Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 27 May 2022 13:14:55 +0200 Subject: [PATCH 03/18] Add negative testing of ciphersuite selection using Opaque algs & usage Signed-off-by: Neil Armstrong --- tests/suites/test_suite_ssl.data | 52 ++++++++++++ tests/suites/test_suite_ssl.function | 120 +++++++++++++++++++++++---- 2 files changed, 156 insertions(+), 16 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index f643335cc0..07d85e97bc 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -269,6 +269,58 @@ Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0 +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_NONE:PSA_ALG_NONE:0:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH ):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad usage +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS +handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_NONE:PSA_ALG_NONE:0:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing usage +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, non-opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS +handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_NONE:PSA_ALG_NONE:0:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM + +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM + +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad alg +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad usage +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + Handshake, PSK-WITH-AES-128-CBC-SHA depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index b8caca397d..d325bf3c27 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -60,7 +60,12 @@ typedef struct handshake_test_options mbedtls_ssl_protocol_version server_min_version; mbedtls_ssl_protocol_version server_max_version; mbedtls_ssl_protocol_version expected_negotiated_version; + int expected_handshake_result; + int expected_ciphersuite; int pk_alg; + int opaque_alg; + int opaque_alg2; + int opaque_usage; data_t *psk_str; int dtls; int srv_auth_mode; @@ -87,7 +92,12 @@ void init_handshake_options( handshake_test_options *opts ) opts->server_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; opts->server_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; opts->expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2; + opts->expected_handshake_result = 0; + opts->expected_ciphersuite = 0; opts->pk_alg = MBEDTLS_PK_RSA; + opts->opaque_alg = 0; + opts->opaque_alg2 = 0; + opts->opaque_usage = 0; opts->psk_str = NULL; opts->dtls = 0; opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; @@ -759,11 +769,16 @@ typedef struct mbedtls_endpoint * * \retval 0 on success, otherwise error code. */ -int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg ) +int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg, + int opaque_alg, int opaque_alg2, + int opaque_usage ) { int i = 0; int ret = -1; mbedtls_endpoint_certificate *cert; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_svc_key_id_t key_slot = MBEDTLS_SVC_KEY_ID_INIT; +#endif if( ep == NULL ) { @@ -846,6 +861,19 @@ int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg ) } } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opaque_alg != 0 ) + { + TEST_EQUAL( mbedtls_pk_wrap_as_opaque( &( cert->pkey ), &key_slot, + opaque_alg, opaque_usage, + opaque_alg2 ), 0 ); + } +#else + (void) opaque_alg; + (void) opaque_alg2; + (void) opaque_usage; +#endif + mbedtls_ssl_conf_ca_chain( &( ep->conf ), &( cert->ca_cert ), NULL ); ret = mbedtls_ssl_conf_own_cert( &( ep->conf ), &( cert->cert ), @@ -866,6 +894,10 @@ exit: { mbedtls_x509_crt_free( &( cert->ca_cert ) ); mbedtls_x509_crt_free( &( cert->cert ) ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( opaque_alg != 0 ) + psa_destroy_key( key_slot ); +#endif mbedtls_pk_free( &( cert->pkey ) ); } @@ -888,6 +920,7 @@ exit: */ int mbedtls_endpoint_init( mbedtls_endpoint *ep, int endpoint_type, int pk_alg, + int opaque_alg, int opaque_alg2, int opaque_usage, mbedtls_test_message_socket_context *dtls_context, mbedtls_test_message_queue *input_queue, mbedtls_test_message_queue *output_queue, @@ -977,7 +1010,8 @@ int mbedtls_endpoint_init( mbedtls_endpoint *ep, int endpoint_type, int pk_alg, mbedtls_ssl_conf_dtls_cookies( &( ep->conf ), NULL, NULL, NULL ); #endif - ret = mbedtls_endpoint_certificate_init( ep, pk_alg ); + ret = mbedtls_endpoint_certificate_init( ep, pk_alg, opaque_alg, + opaque_alg2, opaque_usage ); TEST_ASSERT( ret == 0 ); TEST_EQUAL( mbedtls_ssl_conf_get_user_data_n( &ep->conf ), user_data_n ); @@ -997,6 +1031,14 @@ void mbedtls_endpoint_certificate_free( mbedtls_endpoint *ep ) mbedtls_endpoint_certificate *cert = &( ep->cert ); mbedtls_x509_crt_free( &( cert->ca_cert ) ); mbedtls_x509_crt_free( &( cert->cert ) ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( mbedtls_pk_get_type( &( cert->pkey ) ) == MBEDTLS_PK_OPAQUE ) + { + mbedtls_svc_key_id_t *key_slot = cert->pkey.pk_ctx; + + psa_destroy_key( *key_slot ); + } +#endif mbedtls_pk_free( &( cert->pkey ) ); } @@ -1929,7 +1971,7 @@ void perform_handshake( handshake_test_options* options ) #if defined(MBEDTLS_SSL_RENEGOTIATION) int ret = -1; #endif - int expected_handshake_result = 0; + int expected_handshake_result = options->expected_handshake_result; USE_PSA_INIT( ); @@ -1942,7 +1984,11 @@ void perform_handshake( handshake_test_options* options ) if( options->dtls != 0 ) { TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, - options->pk_alg, &client_context, + options->pk_alg, + options->opaque_alg, + options->opaque_alg2, + options->opaque_usage, + &client_context, &client_queue, &server_queue, NULL ) == 0 ); #if defined(MBEDTLS_TIMING_C) @@ -1954,7 +2000,11 @@ void perform_handshake( handshake_test_options* options ) else { TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, - options->pk_alg, NULL, NULL, + options->pk_alg, + options->opaque_alg, + options->opaque_alg2, + options->opaque_usage, + NULL, NULL, NULL, NULL ) == 0 ); } @@ -1988,7 +2038,11 @@ void perform_handshake( handshake_test_options* options ) if( options->dtls != 0 ) { TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, - options->pk_alg, &server_context, + options->pk_alg, + options->opaque_alg, + options->opaque_alg2, + options->opaque_usage, + &server_context, &server_queue, &client_queue, NULL ) == 0 ); #if defined(MBEDTLS_TIMING_C) @@ -2000,7 +2054,11 @@ void perform_handshake( handshake_test_options* options ) else { TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, - options->pk_alg, NULL, NULL, + options->pk_alg, + options->opaque_alg, + options->opaque_alg2, + options->opaque_usage, + NULL, NULL, NULL, NULL ) == 0 ); } @@ -2106,7 +2164,6 @@ void perform_handshake( handshake_test_options* options ) MBEDTLS_SSL_HANDSHAKE_OVER ), 0 ); TEST_ASSERT( mbedtls_ssl_is_handshake_over( &server.ssl ) == 1 ); - /* Check that both sides have negotiated the expected version. */ mbedtls_test_set_step( 0 ); if( ! check_ssl_version( options->expected_negotiated_version, @@ -2118,6 +2175,12 @@ void perform_handshake( handshake_test_options* options ) &server.ssl ) ) goto exit; + if( options->expected_ciphersuite != 0 ) + { + TEST_EQUAL( server.ssl.session->ciphersuite, + options->expected_ciphersuite ); + } + #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) if( options->resize_buffers != 0 ) { @@ -4710,13 +4773,13 @@ void mbedtls_endpoint_sanity( int endpoint_type ) int ret = -1; ret = mbedtls_endpoint_init( NULL, endpoint_type, MBEDTLS_PK_RSA, - NULL, NULL, NULL, NULL ); + 0, 0, 0, NULL, NULL, NULL, NULL ); TEST_ASSERT( MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret ); - ret = mbedtls_endpoint_certificate_init( NULL, MBEDTLS_PK_RSA ); + ret = mbedtls_endpoint_certificate_init( NULL, MBEDTLS_PK_RSA, 0, 0, 0 ); TEST_ASSERT( MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret ); - ret = mbedtls_endpoint_init( &ep, endpoint_type, MBEDTLS_PK_RSA, + ret = mbedtls_endpoint_init( &ep, endpoint_type, MBEDTLS_PK_RSA, 0, 0, 0, NULL, NULL, NULL, NULL ); TEST_ASSERT( ret == 0 ); @@ -4735,13 +4798,14 @@ void move_handshake_to_state(int endpoint_type, int state, int need_pass) USE_PSA_INIT( ); ret = mbedtls_endpoint_init( &base_ep, endpoint_type, MBEDTLS_PK_RSA, - NULL, NULL, NULL, NULL ); + 0, 0, 0, NULL, NULL, NULL, NULL ); TEST_ASSERT( ret == 0 ); ret = mbedtls_endpoint_init( &second_ep, ( endpoint_type == MBEDTLS_SSL_IS_SERVER ) ? MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, - MBEDTLS_PK_RSA, NULL, NULL, NULL, NULL ); + MBEDTLS_PK_RSA, 0, 0, 0, + NULL, NULL, NULL, NULL ); TEST_ASSERT( ret == 0 ); ret = mbedtls_mock_socket_connect( &(base_ep.socket), @@ -4824,6 +4888,30 @@ void handshake_cipher( char* cipher, int pk_alg, int dtls ) } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ +void handshake_ciphersuite_select( char* cipher, int pk_alg, int psa_alg, + int psa_alg2, int psa_usage, int dtls, + int expected_handshake_result, + int expected_ciphersuite ) +{ + handshake_test_options options; + init_handshake_options( &options ); + + options.cipher = cipher; + options.dtls = dtls; + options.pk_alg = pk_alg; + options.opaque_alg = psa_alg; + options.opaque_alg2 = psa_alg2; + options.opaque_usage = psa_usage; + options.expected_handshake_result = expected_handshake_result; + options.expected_ciphersuite = expected_ciphersuite; + perform_handshake( &options ); + + /* The goto below is used to avoid an "unused label" warning.*/ + goto exit; +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ void app_data( int mfl, int cli_msg_len, int srv_msg_len, int expected_cli_fragments, @@ -5479,13 +5567,13 @@ void raw_key_agreement_fail( int bad_server_ecdhe_key ) * the raw key agreement. Flipping the first byte makes the * required 0x04 identifier invalid. */ TEST_EQUAL( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_PK_ECDSA, NULL, NULL, + MBEDTLS_PK_ECDSA, 0, 0, 0, NULL, NULL, NULL, iana_tls_group_list ), 0 ); /* Server side */ TEST_EQUAL( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, - MBEDTLS_PK_ECDSA, NULL, NULL, - NULL, NULL ), 0 ); + MBEDTLS_PK_ECDSA, 0, 0, 0, + NULL, NULL, NULL, NULL ), 0 ); TEST_EQUAL( mbedtls_mock_socket_connect( &(client.socket), &(server.socket), From 9f4606e6d2fcbd14556bbfc483f63c05db001e33 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 24 Jun 2022 15:00:50 +0200 Subject: [PATCH 04/18] Rename mbedtls_ssl_get_ciphersuite_sig_pk_ext_XXX in mbedtls_ssl_get_ciphersuite_sig_pk_ext_XXX() Signed-off-by: Neil Armstrong --- include/mbedtls/ssl_ciphersuites.h | 4 ++-- library/ssl_ciphersuites.c | 4 ++-- library/ssl_tls12_server.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 5352d75929..cd6ccbc90a 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -390,8 +390,8 @@ const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuit #if defined(MBEDTLS_PK_C) mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ); #if defined(MBEDTLS_USE_PSA_CRYPTO) -psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg( const mbedtls_ssl_ciphersuite_t *info ); -psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_ext_usage( const mbedtls_ssl_ciphersuite_t *info ); +psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg( const mbedtls_ssl_ciphersuite_t *info ); +psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage( const mbedtls_ssl_ciphersuite_t *info ); #endif mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ); #endif diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 73a99e3208..9b980234a0 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1922,7 +1922,7 @@ mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciph } #if defined(MBEDTLS_USE_PSA_CRYPTO) -psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg( const mbedtls_ssl_ciphersuite_t *info ) +psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg( const mbedtls_ssl_ciphersuite_t *info ) { switch( info->key_exchange ) { @@ -1946,7 +1946,7 @@ psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg( const mbedtls_ssl_ci } } -psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_ext_usage( const mbedtls_ssl_ciphersuite_t *info ) +psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage( const mbedtls_ssl_ciphersuite_t *info ) { switch( info->key_exchange ) { diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 161a5ebe35..2e2a5734f0 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -684,9 +684,9 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, mbedtls_ssl_key_cert *cur, *list; #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_algorithm_t pk_alg = - mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg( ciphersuite_info ); + mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg( ciphersuite_info ); psa_key_usage_t pk_usage = - mbedtls_ssl_get_ciphersuite_sig_pk_ext_usage( ciphersuite_info ); + mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage( ciphersuite_info ); #else mbedtls_pk_type_t pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); From ed917bf548aeb68b4004b890379d76e481addf85 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 24 Jun 2022 15:03:25 +0200 Subject: [PATCH 05/18] Update description for negative key_opaque_algs tests Signed-off-by: Neil Armstrong --- tests/ssl-opt.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 29f330a1af..5a1a7d60d9 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1740,7 +1740,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-ECDHE-ECDSA Opaque key for server authentication, invalid algs" \ +run_test "Opaque key for server authentication: invalid alg: decrypt with ECC key" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \ debug_level=1" \ @@ -1825,7 +1825,7 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-ECDHE-RSA Opaque key for server authentication, invalid algs" \ +run_test "Opaque key for server authentication: invalid alg: ecdh with RSA key" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=ecdh,none \ debug_level=1" \ From 9f1176a79313f652da960fc515fc9e5cd148203a Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 24 Jun 2022 18:19:19 +0200 Subject: [PATCH 06/18] Move preferred_hash_for_sig_alg() check after ssl_pick_cert() and check if hash alg is supported with mbedtls_pk_can_do_ext() Signed-off-by: Neil Armstrong --- library/ssl_tls.c | 51 +++++++++++++++++++++++++++++++++++--- library/ssl_tls12_server.c | 30 +++++++++++----------- 2 files changed, 62 insertions(+), 19 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 5fa02d26f6..23a12d2bf9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7691,10 +7691,53 @@ unsigned int mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg( for( i = 0; received_sig_algs[i] != MBEDTLS_TLS_SIG_NONE; i++ ) { - if( sig_alg == MBEDTLS_SSL_TLS12_SIG_ALG_FROM_SIG_AND_HASH_ALG( - received_sig_algs[i] ) ) - return( MBEDTLS_SSL_TLS12_HASH_ALG_FROM_SIG_AND_HASH_ALG( - received_sig_algs[i] ) ); + unsigned int hash_alg_received = + MBEDTLS_SSL_TLS12_HASH_ALG_FROM_SIG_AND_HASH_ALG( + received_sig_algs[i] ); + unsigned int sig_alg_received = + MBEDTLS_SSL_TLS12_SIG_ALG_FROM_SIG_AND_HASH_ALG( + received_sig_algs[i] ); + + if( sig_alg == sig_alg_received ) + { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( ssl->handshake->key_cert && ssl->handshake->key_cert->key ) + { + psa_algorithm_t alg = PSA_ALG_NONE; + psa_algorithm_t alg2 = PSA_ALG_NONE; + psa_key_usage_t usage = 0; + psa_key_usage_t usage2 = 0; + + if( sig_alg_received == MBEDTLS_SSL_SIG_ECDSA ) + { + + alg = PSA_ALG_ECDSA( + mbedtls_psa_translate_md( hash_alg_received ) ); + usage = PSA_KEY_USAGE_SIGN_HASH; + alg2 = PSA_ALG_ECDH; + usage2 = PSA_KEY_USAGE_DERIVE; + } + else if( sig_alg_received == MBEDTLS_SSL_SIG_RSA ) + { + alg = PSA_ALG_RSA_PKCS1V15_SIGN( + mbedtls_psa_translate_md( hash_alg_received ) ); + usage = PSA_KEY_USAGE_SIGN_HASH; + alg2 = PSA_ALG_RSA_PKCS1V15_CRYPT; + usage2 = PSA_KEY_USAGE_DECRYPT; + } + else + continue; + + if( ! mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key, + alg, usage ) && + ! mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key, + alg2, usage2 ) ) + continue; + } + +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + return( hash_alg_received ); + } } return( MBEDTLS_SSL_HASH_NONE ); diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 2e2a5734f0..7258230e16 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -843,21 +843,6 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, } #endif -#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - /* If the ciphersuite requires signing, check whether - * a suitable hash algorithm is present. */ - sig_type = mbedtls_ssl_get_ciphersuite_sig_alg( suite_info ); - if( sig_type != MBEDTLS_PK_NONE && - mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg( - ssl, mbedtls_ssl_sig_from_pk_alg( sig_type ) ) == MBEDTLS_SSL_HASH_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm " - "for signature algorithm %u", (unsigned) sig_type ) ); - return( 0 ); - } - -#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ - #if defined(MBEDTLS_X509_CRT_PARSE_C) /* * Final check: if ciphersuite requires us to have a @@ -874,6 +859,21 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, } #endif +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + /* If the ciphersuite requires signing, check whether + * a suitable hash algorithm is present. */ + sig_type = mbedtls_ssl_get_ciphersuite_sig_alg( suite_info ); + if( sig_type != MBEDTLS_PK_NONE && + mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg( + ssl, mbedtls_ssl_sig_from_pk_alg( sig_type ) ) == MBEDTLS_SSL_HASH_NONE ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm " + "for signature algorithm %u", (unsigned) sig_type ) ); + return( 0 ); + } + +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + *ciphersuite_info = suite_info; return( 0 ); } From 2407279fa437060ad64dc8322d563041addb3d60 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Mon, 27 Jun 2022 14:43:30 +0200 Subject: [PATCH 07/18] Add tests with specific hash for handshake_ciphersuite_select positive tests Signed-off-by: Neil Armstrong --- tests/suites/test_suite_ssl.data | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 07d85e97bc..9f025e8390 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -273,10 +273,14 @@ Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_NONE:PSA_ALG_NONE:0:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 -Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_ANY_HASH depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 +Zbob Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_SHA_384 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_384 ):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 @@ -293,10 +297,14 @@ Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_NONE:PSA_ALG_NONE:0:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 -Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 @@ -309,10 +317,14 @@ Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, non-opaque depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_NONE:PSA_ALG_NONE:0:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM -Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_ANY_HASH depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_SHA_256 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM + Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad alg depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 From db134974907879fb1342141b74b28c20a0a90790 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Thu, 30 Jun 2022 09:06:28 +0200 Subject: [PATCH 08/18] Reorganize & add more handshake_ciphersuite_select to test all MBEDTLS_KEY_EXCHANGE_XXX cases Signed-off-by: Neil Armstrong --- tests/suites/test_suite_ssl.data | 204 ++++++++++++++++++--------- tests/suites/test_suite_ssl.function | 8 +- 2 files changed, 144 insertions(+), 68 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 9f025e8390..e9a1cafa22 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -269,70 +269,6 @@ Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0 -Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS -handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_NONE:PSA_ALG_NONE:0:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - -Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - -Zbob Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_384 ):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - -Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - -Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH ):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - -Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad usage -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH ):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - -Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS -handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_NONE:PSA_ALG_NONE:0:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - -Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - -Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - -Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - -Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing usage -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - -Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS -handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_NONE:PSA_ALG_NONE:0:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM - -Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM - -Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_SHA_256 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM - -Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad alg -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - -Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad usage -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO -handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - Handshake, PSK-WITH-AES-128-CBC-SHA depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 @@ -381,6 +317,146 @@ Handshake min/max version check, all -> 1.2 depends_on:MBEDTLS_SSL_PROTO_TLS1_2 handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_2 +Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + +Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + +Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, non-opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + +Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + +Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad usage +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, no psk +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + +Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_ANY_HASH +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + +Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_SHA_384 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + +Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad usage +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_ANY_HASH +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_SHA_384 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad usage +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, non-opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS +handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM + +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_ANY_HASH +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM + +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_SHA_256 +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM + +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad alg +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad usage +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, non-opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + +Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + +Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad usage +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS +handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + +Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing usage +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 + Sending app data via TLS, MFL=512 without fragmentation depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH app_data_tls:MBEDTLS_SSL_MAX_FRAG_LEN_512:400:512:1:1 diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index d325bf3c27..efec5ea463 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -4889,16 +4889,16 @@ void handshake_cipher( char* cipher, int pk_alg, int dtls ) /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void handshake_ciphersuite_select( char* cipher, int pk_alg, int psa_alg, - int psa_alg2, int psa_usage, int dtls, +void handshake_ciphersuite_select( char* cipher, int pk_alg, data_t *psk_str, + int psa_alg, int psa_alg2, int psa_usage, int expected_handshake_result, - int expected_ciphersuite ) + int expected_ciphersuite ) { handshake_test_options options; init_handshake_options( &options ); options.cipher = cipher; - options.dtls = dtls; + options.psk_str = psk_str; options.pk_alg = pk_alg; options.opaque_alg = psa_alg; options.opaque_alg2 = psa_alg2; From b2c3b5be2ddb45b0acb1f98e71a5c046a104a4f5 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Thu, 30 Jun 2022 10:49:04 +0200 Subject: [PATCH 09/18] Fix depends on handshake_ciphersuite_select tests Signed-off-by: Neil Armstrong --- tests/suites/test_suite_ssl.data | 70 ++++++++++++++++---------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index e9a1cafa22..5235824691 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -318,143 +318,143 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_2 handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_2 Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA256_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA256_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA256_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA256_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad usage -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, no psk -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad usage -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad usage -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_SHA_256 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad alg -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad usage -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad usage -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing usage -depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Sending app data via TLS, MFL=512 without fragmentation From 36b022334c8ed04c98e253cbb86a1917a44b36c6 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Thu, 30 Jun 2022 11:16:53 +0200 Subject: [PATCH 10/18] Reorganize Opaque ssl-opt tests, pass key_opaque_algs=, add less wrong negative server testings Signed-off-by: Neil Armstrong --- tests/ssl-opt.sh | 128 +++++++++++++++++++++++++++++++---------------- 1 file changed, 84 insertions(+), 44 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 5a1a7d60d9..91c892697b 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1706,7 +1706,7 @@ run_test "TLS-ECDHE-ECDSA Opaque key for client authentication" \ "$P_SRV auth_mode=required crt_file=data_files/server5.crt \ key_file=data_files/server5.key" \ "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ - key_file=data_files/server5.key" \ + key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ 0 \ -c "key type: Opaque" \ -c "Ciphersuite is TLS-ECDHE-ECDSA" \ @@ -1726,7 +1726,7 @@ run_test "TLS-ECDHE-RSA Opaque key for client authentication" \ "$P_SRV auth_mode=required crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key" \ "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key" \ + key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ 0 \ -c "key type: Opaque" \ -c "Ciphersuite is TLS-ECDHE-RSA" \ @@ -1735,23 +1735,6 @@ run_test "TLS-ECDHE-RSA Opaque key for client authentication" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SHA256_C -run_test "Opaque key for server authentication: invalid alg: decrypt with ECC key" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ - key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \ - debug_level=1" \ - "$P_CLI crt_file=data_files/server5.crt \ - key_file=data_files/server5.key" \ - 1 \ - -s "key types: Opaque, none" \ - -s "got ciphersuites in common, but none of them usable" \ - -s "error" \ - -c "error" - requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C @@ -1761,7 +1744,8 @@ run_test "TLS-DHE-RSA Opaque key for client authentication" \ "$P_SRV auth_mode=required crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key" \ "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + key_opaque_algs=rsa-sign-pkcs1,none" \ 0 \ -c "key type: Opaque" \ -c "Ciphersuite is TLS-DHE-RSA" \ @@ -1770,20 +1754,6 @@ run_test "TLS-DHE-RSA Opaque key for client authentication" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_RSA_C -run_test "RSA opaque key on server configured for decryption" \ - "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-decrypt,none" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ - 0 \ - -c "Verifying peer X.509 certificate... ok" \ - -c "Ciphersuite is TLS-RSA-" \ - -s "key types: Opaque, Opaque" \ - -s "Ciphersuite is TLS-RSA-" \ - -S "error" \ - -C "error" - requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_RSA_C @@ -1808,7 +1778,7 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "TLS-ECDHE-ECDSA Opaque key for server authentication" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ - key_file=data_files/server5.key" \ + key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ "$P_CLI crt_file=data_files/server5.crt \ key_file=data_files/server5.key" \ 0 \ @@ -1819,6 +1789,23 @@ run_test "TLS-ECDHE-ECDSA Opaque key for server authentication" \ -S "error" \ -C "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Opaque key for server authentication: invalid alg: decrypt with ECC key" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \ + debug_level=1" \ + "$P_CLI crt_file=data_files/server5.crt \ + key_file=data_files/server5.key" \ + 1 \ + -s "key types: Opaque, none" \ + -s "got ciphersuites in common, but none of them usable" \ + -s "error" \ + -c "error" + requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C @@ -1845,7 +1832,7 @@ requires_config_enabled MBEDTLS_SHA256_C run_test "Opaque key for server authentication (ECDH-)" \ "$P_SRV force_version=tls12 auth_mode=required key_opaque=1\ crt_file=data_files/server5.ku-ka.crt\ - key_file=data_files/server5.key" \ + key_file=data_files/server5.key key_opaque_algs=ecdh,none" \ "$P_CLI" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ @@ -1855,6 +1842,24 @@ run_test "Opaque key for server authentication (ECDH-)" \ -S "error" \ -C "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +requires_config_enabled MBEDTLS_CCM_C +run_test "Opaque key for server authentication: invalid alg: TLS-ECDHE-ECDSA with ecdh" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key key_opaque_algs=ecdh,none \ + debug_level=1" \ + "$P_CLI crt_file=data_files/server5.crt \ + key_file=data_files/server5.key force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ + 1 \ + -s "key types: Opaque, none" \ + -s "got ciphersuites in common, but none of them usable" \ + -s "error" \ + -c "error" + # Test using a RSA opaque private key for server authentication requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO @@ -1864,7 +1869,7 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "TLS-ECDHE-RSA Opaque key for server authentication" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key" \ + key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ "$P_CLI crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key" \ 0 \ @@ -1875,6 +1880,22 @@ run_test "TLS-ECDHE-RSA Opaque key for server authentication" \ -S "error" \ -C "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "RSA opaque key on server configured for decryption" \ + "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-sign-pkcs1,none" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-RSA-" \ + -s "key types: Opaque, Opaque" \ + -s "Ciphersuite is TLS-RSA-" \ + -S "error" \ + -C "error" + requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C @@ -1883,7 +1904,7 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "TLS-DHE-RSA Opaque key for server authentication" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key" \ + key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ "$P_CLI crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ @@ -1894,6 +1915,23 @@ run_test "TLS-DHE-RSA Opaque key for server authentication" \ -S "error" \ -C "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Opaque key for server authentication: TLS-DHE-RSA, PSS instead of PKCS1" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ + key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none debug_level=1" \ + "$P_CLI crt_file=data_files/server2-sha256.crt \ + key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + 1 \ + -s "key types: Opaque, none" \ + -s "got ciphersuites in common, but none of them usable" \ + -s "error" \ + -c "error" + # Test using an EC opaque private key for client/server authentication requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO @@ -1902,9 +1940,9 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "TLS-ECDHE-ECDSA Opaque key for client/server authentication" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ - key_file=data_files/server5.key" \ + key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ - key_file=data_files/server5.key" \ + key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ 0 \ -c "key type: Opaque" \ -c "Verifying peer X.509 certificate... ok" \ @@ -1924,9 +1962,9 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "TLS-ECDHE-RSA Opaque key for client/server authentication" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key" \ + key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key" \ + key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ 0 \ -c "key type: Opaque" \ -c "Verifying peer X.509 certificate... ok" \ @@ -1945,9 +1983,10 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "TLS-DHE-RSA Opaque key for client/server authentication" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key" \ + key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none \ + force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -c "key type: Opaque" \ -c "Verifying peer X.509 certificate... ok" \ @@ -1958,6 +1997,7 @@ run_test "TLS-DHE-RSA Opaque key for client/server authentication" \ -S "error" \ -C "error" + # Test ciphersuites which we expect to be fully supported by PSA Crypto # and check that we don't fall back to Mbed TLS' internal crypto primitives. run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM From 167d82c4df0336673d2bbbd572980c121791eb64 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Thu, 30 Jun 2022 11:32:00 +0200 Subject: [PATCH 11/18] Add dual keys Opaque ssl-opt tests Signed-off-by: Neil Armstrong --- tests/ssl-opt.sh | 86 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 91c892697b..4bf99170eb 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1860,6 +1860,48 @@ run_test "Opaque key for server authentication: invalid alg: TLS-ECDHE-ECDSA -s "error" \ -c "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Two Opaque keys for server authentication: EC with different algs" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key key_opaque_algs=ecdh,none \ + crt_file2=data_files/server5.crt key_file2=data_files/server5.key \ + key_opaque_algs2=ecdsa-sign,none" \ + "$P_CLI crt_file=data_files/server5.crt \ + key_file=data_files/server5.key" \ + 0 \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-ECDHE-ECDSA" \ + -s "key types: Opaque, Opaque" \ + -s "Ciphersuite is TLS-ECDHE-ECDSA" \ + -S "error" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA384_C +requires_config_enabled MBEDTLS_CCM_C +run_test "Two Opaque keys for server authentication: EC + RSA, force TLS-ECDHE-ECDSA" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \ + crt_file2=data_files/server2-sha256.crt \ + key_file2=data_files/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \ + "$P_CLI crt_file=data_files/server2-sha256.crt \ + key_file=data_files/server2.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ + 0 \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-ECDHE-ECDSA" \ + -s "key types: Opaque, Opaque" \ + -s "Ciphersuite is TLS-ECDHE-ECDSA" \ + -S "error" \ + -C "error" + # Test using a RSA opaque private key for server authentication requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO @@ -1932,6 +1974,50 @@ run_test "Opaque key for server authentication: TLS-DHE-RSA, PSS instead of P -s "error" \ -c "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Two Opaque keys for server authentication: RSA with different algs" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ + key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none \ + crt_file2=data_files/server2-sha256.crt \ + key_file2=data_files/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \ + "$P_CLI crt_file=data_files/server2-sha256.crt \ + key_file=data_files/server2.key" \ + 0 \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-ECDHE-RSA" \ + -s "key types: Opaque, Opaque" \ + -s "Ciphersuite is TLS-ECDHE-RSA" \ + -S "error" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_SHA384_C +requires_config_enabled MBEDTLS_GCM_C +run_test "Two Opaque keys for server authentication: EC + RSA, force TLS-DHE-RSA" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \ + crt_file2=data_files/server2-sha256.crt \ + key_file2=data_files/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \ + "$P_CLI crt_file=data_files/server2-sha256.crt \ + key_file=data_files/server2.key \ + force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-DHE-RSA" \ + -s "key types: Opaque, Opaque" \ + -s "Ciphersuite is TLS-DHE-RSA" \ + -S "error" \ + -C "error" + # Test using an EC opaque private key for client/server authentication requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO From 96eceb80226ee96f8e249032b0ef3bd83fbd6925 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Thu, 30 Jun 2022 18:05:05 +0200 Subject: [PATCH 12/18] Refine mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg() when USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong --- library/ssl_tls.c | 42 +++++++++++++++--------------------------- 1 file changed, 15 insertions(+), 27 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 23a12d2bf9..aa4aa0855b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7703,39 +7703,27 @@ unsigned int mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg( #if defined(MBEDTLS_USE_PSA_CRYPTO) if( ssl->handshake->key_cert && ssl->handshake->key_cert->key ) { - psa_algorithm_t alg = PSA_ALG_NONE; - psa_algorithm_t alg2 = PSA_ALG_NONE; - psa_key_usage_t usage = 0; - psa_key_usage_t usage2 = 0; + psa_algorithm_t psa_hash_alg = + mbedtls_psa_translate_md( hash_alg_received ); - if( sig_alg_received == MBEDTLS_SSL_SIG_ECDSA ) - { - - alg = PSA_ALG_ECDSA( - mbedtls_psa_translate_md( hash_alg_received ) ); - usage = PSA_KEY_USAGE_SIGN_HASH; - alg2 = PSA_ALG_ECDH; - usage2 = PSA_KEY_USAGE_DERIVE; - } - else if( sig_alg_received == MBEDTLS_SSL_SIG_RSA ) - { - alg = PSA_ALG_RSA_PKCS1V15_SIGN( - mbedtls_psa_translate_md( hash_alg_received ) ); - usage = PSA_KEY_USAGE_SIGN_HASH; - alg2 = PSA_ALG_RSA_PKCS1V15_CRYPT; - usage2 = PSA_KEY_USAGE_DECRYPT; - } - else + if( sig_alg_received == MBEDTLS_SSL_SIG_ECDSA && + ! mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key, + PSA_ALG_ECDSA( psa_hash_alg ), + PSA_KEY_USAGE_SIGN_HASH ) ) continue; - if( ! mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key, - alg, usage ) && - ! mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key, - alg2, usage2 ) ) + if( sig_alg_received == MBEDTLS_SSL_SIG_RSA && + ! ( mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key, + PSA_ALG_RSA_PKCS1V15_CRYPT, + PSA_KEY_USAGE_DECRYPT ) || + mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key, + PSA_ALG_RSA_PKCS1V15_SIGN( + psa_hash_alg ), + PSA_KEY_USAGE_SIGN_HASH ) ) ) continue; } - #endif /* MBEDTLS_USE_PSA_CRYPTO */ + return( hash_alg_received ); } } From 1948a20796bf8a53f4a2e25b53e911f9e5471e1a Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Thu, 30 Jun 2022 18:05:57 +0200 Subject: [PATCH 13/18] Cleanup Order & Title of Opaque TLS tests, fix RSA- test definition Signed-off-by: Neil Armstrong --- tests/ssl-opt.sh | 132 ++++++++++++++++++++++++----------------------- 1 file changed, 67 insertions(+), 65 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 4bf99170eb..20a3e283c8 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1702,7 +1702,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-ECDHE-ECDSA Opaque key for client authentication" \ +run_test "Opaque key for client authentication: ECDHE-ECDSA" \ "$P_SRV auth_mode=required crt_file=data_files/server5.crt \ key_file=data_files/server5.key" \ "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ @@ -1722,7 +1722,7 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-ECDHE-RSA Opaque key for client authentication" \ +run_test "Opaque key for client authentication: ECDHE-RSA" \ "$P_SRV auth_mode=required crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key" \ "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ @@ -1740,7 +1740,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-DHE-RSA Opaque key for client authentication" \ +run_test "Opaque key for client authentication: DHE-RSA" \ "$P_SRV auth_mode=required crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key" \ "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ @@ -1754,29 +1754,13 @@ run_test "TLS-DHE-RSA Opaque key for client authentication" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_RSA_C -run_test "RSA-PSK opaque key on server configured for decryption" \ - "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-decrypt,none \ - psk=abc123 psk_identity=foo" \ - "$P_CLI force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ - psk=abc123 psk_identity=foo" \ - 0 \ - -c "Verifying peer X.509 certificate... ok" \ - -c "Ciphersuite is TLS-RSA-PSK-" \ - -s "key types: Opaque, Opaque" \ - -s "Ciphersuite is TLS-RSA-PSK-" \ - -S "error" \ - -C "error" - # Test using an EC opaque private key for server authentication requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-ECDHE-ECDSA Opaque key for server authentication" \ +run_test "Opaque key for server authentication: ECDHE-ECDSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ "$P_CLI crt_file=data_files/server5.crt \ @@ -1789,6 +1773,24 @@ run_test "TLS-ECDHE-ECDSA Opaque key for server authentication" \ -S "error" \ -C "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Opaque key for server authentication: ECDH-" \ + "$P_SRV force_version=tls12 auth_mode=required key_opaque=1\ + crt_file=data_files/server5.ku-ka.crt\ + key_file=data_files/server5.key key_opaque_algs=ecdh,none" \ + "$P_CLI" \ + 0 \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-ECDH-" \ + -s "key types: Opaque, none" \ + -s "Ciphersuite is TLS-ECDH-" \ + -S "error" \ + -C "error" + requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C @@ -1824,31 +1826,13 @@ run_test "Opaque key for server authentication: invalid alg: ecdh with RSA ke -s "error" \ -c "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SHA256_C -run_test "Opaque key for server authentication (ECDH-)" \ - "$P_SRV force_version=tls12 auth_mode=required key_opaque=1\ - crt_file=data_files/server5.ku-ka.crt\ - key_file=data_files/server5.key key_opaque_algs=ecdh,none" \ - "$P_CLI" \ - 0 \ - -c "Verifying peer X.509 certificate... ok" \ - -c "Ciphersuite is TLS-ECDH-" \ - -s "key types: Opaque, none" \ - -s "Ciphersuite is TLS-ECDH-" \ - -S "error" \ - -C "error" - requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C requires_config_enabled MBEDTLS_CCM_C -run_test "Opaque key for server authentication: invalid alg: TLS-ECDHE-ECDSA with ecdh" \ +run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdh,none \ debug_level=1" \ @@ -1865,7 +1849,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "Two Opaque keys for server authentication: EC with different algs" \ +run_test "Opaque keys for server authentication: EC keys with different algs" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdh,none \ crt_file2=data_files/server5.crt key_file2=data_files/server5.key \ @@ -1886,7 +1870,7 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA384_C requires_config_enabled MBEDTLS_CCM_C -run_test "Two Opaque keys for server authentication: EC + RSA, force TLS-ECDHE-ECDSA" \ +run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \ crt_file2=data_files/server2-sha256.crt \ @@ -1909,7 +1893,7 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-ECDHE-RSA Opaque key for server authentication" \ +run_test "Opaque key for server authentication: ECDHE-RSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ "$P_CLI crt_file=data_files/server2-sha256.crt \ @@ -1922,29 +1906,13 @@ run_test "TLS-ECDHE-RSA Opaque key for server authentication" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_SHA256_C -run_test "RSA opaque key on server configured for decryption" \ - "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-sign-pkcs1,none" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ - 0 \ - -c "Verifying peer X.509 certificate... ok" \ - -c "Ciphersuite is TLS-RSA-" \ - -s "key types: Opaque, Opaque" \ - -s "Ciphersuite is TLS-RSA-" \ - -S "error" \ - -C "error" - requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-DHE-RSA Opaque key for server authentication" \ +run_test "Opaque key for server authentication: DHE-RSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ "$P_CLI crt_file=data_files/server2-sha256.crt \ @@ -1957,13 +1925,47 @@ run_test "TLS-DHE-RSA Opaque key for server authentication" \ -S "error" \ -C "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Opaque key for server authentication: RSA-PSK" \ + "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-decrypt,none \ + psk=abc123 psk_identity=foo" \ + "$P_CLI force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ + psk=abc123 psk_identity=foo" \ + 0 \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-RSA-PSK-" \ + -s "key types: Opaque, Opaque" \ + -s "Ciphersuite is TLS-RSA-PSK-" \ + -S "error" \ + -C "error" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Opaque key for server authentication: RSA-" \ + "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \ + 0 \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-RSA-" \ + -s "key types: Opaque, Opaque" \ + -s "Ciphersuite is TLS-RSA-" \ + -S "error" \ + -C "error" + requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "Opaque key for server authentication: TLS-DHE-RSA, PSS instead of PKCS1" \ +run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none debug_level=1" \ "$P_CLI crt_file=data_files/server2-sha256.crt \ @@ -1980,7 +1982,7 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "Two Opaque keys for server authentication: RSA with different algs" \ +run_test "Opaque keys for server authentication: RSA keys with different algs" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none \ crt_file2=data_files/server2-sha256.crt \ @@ -2002,7 +2004,7 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA384_C requires_config_enabled MBEDTLS_GCM_C -run_test "Two Opaque keys for server authentication: EC + RSA, force TLS-DHE-RSA" \ +run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \ crt_file2=data_files/server2-sha256.crt \ @@ -2024,7 +2026,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-ECDHE-ECDSA Opaque key for client/server authentication" \ +run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ @@ -2046,7 +2048,7 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-ECDHE-RSA Opaque key for client/server authentication" \ +run_test "Opaque key for client/server authentication: ECDHE-RSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ @@ -2067,7 +2069,7 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "TLS-DHE-RSA Opaque key for client/server authentication" \ +run_test "Opaque key for client/server authentication: DHE-RSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ From 4b10209568cef039222843eedf2fb9ed25f9088c Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 1 Jul 2022 09:42:29 +0200 Subject: [PATCH 14/18] Use different certs for double opaque keys and check certificate issuer CN Signed-off-by: Neil Armstrong --- tests/ssl-opt.sh | 46 ++++++++++++++++++++++++++++++++++------------ 1 file changed, 34 insertions(+), 12 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 20a3e283c8..6d74d87820 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1849,9 +1849,9 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C -run_test "Opaque keys for server authentication: EC keys with different algs" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ - key_file=data_files/server5.key key_opaque_algs=ecdh,none \ +run_test "Opaque keys for server authentication: EC keys with different algs, force ECDHE-ECDSA" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server7.crt \ + key_file=data_files/server7.key key_opaque_algs=ecdh,none \ crt_file2=data_files/server5.crt key_file2=data_files/server5.key \ key_opaque_algs2=ecdsa-sign,none" \ "$P_CLI crt_file=data_files/server5.crt \ @@ -1859,11 +1859,33 @@ run_test "Opaque keys for server authentication: EC keys with different algs" 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-ECDSA" \ + -c "CN=Polarssl Test EC CA" \ -s "key types: Opaque, Opaque" \ -s "Ciphersuite is TLS-ECDHE-ECDSA" \ -S "error" \ -C "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA384_C +run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server7.crt \ + key_file=data_files/server7.key key_opaque_algs=ecdsa-sign,none \ + crt_file2=data_files/server5.crt key_file2=data_files/server5.key \ + key_opaque_algs2=ecdh,none debug_level=3" \ + "$P_CLI crt_file=data_files/server5.crt \ + key_file=data_files/server5.key force_ciphersuite=TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384" \ + 0 \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-ECDH-ECDSA" \ + -c "CN=Polarssl Test EC CA" \ + -s "key types: Opaque, Opaque" \ + -s "Ciphersuite is TLS-ECDH-ECDSA" \ + -S "error" \ + -C "error" + requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C @@ -1881,6 +1903,7 @@ run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-ECDSA" \ + -c "CN=Polarssl Test EC CA" \ -s "key types: Opaque, Opaque" \ -s "Ciphersuite is TLS-ECDHE-ECDSA" \ -S "error" \ @@ -1985,13 +2008,13 @@ requires_config_enabled MBEDTLS_SHA256_C run_test "Opaque keys for server authentication: RSA keys with different algs" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none \ - crt_file2=data_files/server2-sha256.crt \ - key_file2=data_files/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \ - "$P_CLI crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key" \ + crt_file2=data_files/server4.crt \ + key_file2=data_files/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \ + "$P_CLI" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-RSA" \ + -c "CN=Polarssl Test EC CA" \ -s "key types: Opaque, Opaque" \ -s "Ciphersuite is TLS-ECDHE-RSA" \ -S "error" \ @@ -2007,14 +2030,13 @@ requires_config_enabled MBEDTLS_GCM_C run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \ - crt_file2=data_files/server2-sha256.crt \ - key_file2=data_files/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \ - "$P_CLI crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key \ - force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + crt_file2=data_files/server4.crt \ + key_file2=data_files/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-DHE-RSA" \ + -c "CN=Polarssl Test EC CA" \ -s "key types: Opaque, Opaque" \ -s "Ciphersuite is TLS-DHE-RSA" \ -S "error" \ From 7999cb3896e47e9683d81859cfa7c9e396dcac35 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 1 Jul 2022 09:51:33 +0200 Subject: [PATCH 15/18] Remove auth_mode=required and client crt_file/key_file when testing server authentication Signed-off-by: Neil Armstrong --- tests/ssl-opt.sh | 46 ++++++++++++++++++---------------------------- 1 file changed, 18 insertions(+), 28 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 6d74d87820..474ec0731e 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1761,10 +1761,9 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "Opaque key for server authentication: ECDHE-ECDSA" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ - "$P_CLI crt_file=data_files/server5.crt \ - key_file=data_files/server5.key" \ + "$P_CLI" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-ECDSA" \ @@ -1797,11 +1796,10 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "Opaque key for server authentication: invalid alg: decrypt with ECC key" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \ debug_level=1" \ - "$P_CLI crt_file=data_files/server5.crt \ - key_file=data_files/server5.key" \ + "$P_CLI" \ 1 \ -s "key types: Opaque, none" \ -s "got ciphersuites in common, but none of them usable" \ @@ -1815,11 +1813,10 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "Opaque key for server authentication: invalid alg: ecdh with RSA key" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ + "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=ecdh,none \ debug_level=1" \ - "$P_CLI crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key" \ + "$P_CLI" \ 1 \ -s "key types: Opaque, none" \ -s "got ciphersuites in common, but none of them usable" \ @@ -1833,11 +1830,10 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C requires_config_enabled MBEDTLS_CCM_C run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdh,none \ debug_level=1" \ - "$P_CLI crt_file=data_files/server5.crt \ - key_file=data_files/server5.key force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 1 \ -s "key types: Opaque, none" \ -s "got ciphersuites in common, but none of them usable" \ @@ -1850,12 +1846,11 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "Opaque keys for server authentication: EC keys with different algs, force ECDHE-ECDSA" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server7.crt \ + "$P_SRV key_opaque=1 crt_file=data_files/server7.crt \ key_file=data_files/server7.key key_opaque_algs=ecdh,none \ crt_file2=data_files/server5.crt key_file2=data_files/server5.key \ key_opaque_algs2=ecdsa-sign,none" \ - "$P_CLI crt_file=data_files/server5.crt \ - key_file=data_files/server5.key" \ + "$P_CLI" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-ECDSA" \ @@ -1871,12 +1866,11 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA384_C run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server7.crt \ + "$P_SRV key_opaque=1 crt_file=data_files/server7.crt \ key_file=data_files/server7.key key_opaque_algs=ecdsa-sign,none \ crt_file2=data_files/server5.crt key_file2=data_files/server5.key \ key_opaque_algs2=ecdh,none debug_level=3" \ - "$P_CLI crt_file=data_files/server5.crt \ - key_file=data_files/server5.key force_ciphersuite=TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384" \ + "$P_CLI force_ciphersuite=TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDH-ECDSA" \ @@ -1893,13 +1887,11 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA384_C requires_config_enabled MBEDTLS_CCM_C run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \ crt_file2=data_files/server2-sha256.crt \ key_file2=data_files/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \ - "$P_CLI crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-ECDSA" \ @@ -1917,10 +1909,9 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "Opaque key for server authentication: ECDHE-RSA" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ + "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ - "$P_CLI crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key" \ + "$P_CLI" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-RSA" \ @@ -1936,10 +1927,9 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "Opaque key for server authentication: DHE-RSA" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ + "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ - "$P_CLI crt_file=data_files/server2-sha256.crt \ - key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-DHE-RSA" \ From c67e6e96f8fd8a656adc2d80bf27bd75123fe00b Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 1 Jul 2022 15:48:10 +0200 Subject: [PATCH 16/18] Depends on MBEDTLS_X509_REMOVE_INFO disable for double Opaque keys test requiring cert infos to determine selected key Signed-off-by: Neil Armstrong --- tests/ssl-opt.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 474ec0731e..ca34753d3c 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1845,6 +1845,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: EC keys with different algs, force ECDHE-ECDSA" \ "$P_SRV key_opaque=1 crt_file=data_files/server7.crt \ key_file=data_files/server7.key key_opaque_algs=ecdh,none \ @@ -1865,6 +1866,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA384_C +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \ "$P_SRV key_opaque=1 crt_file=data_files/server7.crt \ key_file=data_files/server7.key key_opaque_algs=ecdsa-sign,none \ @@ -1886,6 +1888,7 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA384_C requires_config_enabled MBEDTLS_CCM_C +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" \ "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \ @@ -1995,6 +1998,7 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA256_C +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: RSA keys with different algs" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none \ @@ -2017,6 +2021,7 @@ requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SHA384_C requires_config_enabled MBEDTLS_GCM_C +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \ From 971f30d917fe9ce34a03ca8812dce9e744269228 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 1 Jul 2022 16:23:50 +0200 Subject: [PATCH 17/18] Fix mbedtls_ssl_get_ciphersuite_sig_alg() by returning MBEDTLS_PK_NONE for MBEDTLS_KEY_EXCHANGE_RSA Signed-off-by: Neil Armstrong --- library/ssl_ciphersuites.c | 1 - library/ssl_tls.c | 11 ++++------- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 9b980234a0..62988f259f 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1972,7 +1972,6 @@ mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphers { switch( info->key_exchange ) { - case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: return( MBEDTLS_PK_RSA ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index aa4aa0855b..0abf2b99cb 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7713,13 +7713,10 @@ unsigned int mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg( continue; if( sig_alg_received == MBEDTLS_SSL_SIG_RSA && - ! ( mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key, - PSA_ALG_RSA_PKCS1V15_CRYPT, - PSA_KEY_USAGE_DECRYPT ) || - mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key, - PSA_ALG_RSA_PKCS1V15_SIGN( - psa_hash_alg ), - PSA_KEY_USAGE_SIGN_HASH ) ) ) + ! mbedtls_pk_can_do_ext( ssl->handshake->key_cert->key, + PSA_ALG_RSA_PKCS1V15_SIGN( + psa_hash_alg ), + PSA_KEY_USAGE_SIGN_HASH ) ) continue; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ From 6931e439e4e51a89f534d31855e2be1fa848dfce Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 1 Jul 2022 18:30:10 +0200 Subject: [PATCH 18/18] Fix Handshake select ECDH-RSA- test dependencies Signed-off-by: Neil Armstrong --- tests/suites/test_suite_ssl.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 5235824691..91175d7f55 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -422,19 +422,19 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad alg -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad usage -depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque