mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-16 08:42:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

test: psa_pake: add a separate test for opaque password

Browse Source 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit is contained in:
Valerio Setti 2022-11-30 16:44:49 +01:00
parent 661b9bca75
commit a6b69dabc5
2 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
tests/scripts/all.sh
View File

@ -1456,13 +1456,28 @@ component_test_tls1_2_ecjpake_compatibility() {
make -C programs test/udp_proxy test/query_compile_time_config make -C programs test/udp_proxy test/query_compile_time_config
msg "test: server w/o USE_PSA - client w/ USE_PSA" msg "test: server w/o USE_PSA - client w/ USE_PSA"
P_SRV=../s2_no_use_psa tests/ssl-opt.sh -f ECJPAKE P_SRV=../s2_no_use_psa tests/ssl-opt.sh -f ECJPAKE -e ECJPAKE_OPAQUE_PW
msg "test: client w/o USE_PSA - server w/ USE_PSA" msg "test: client w/o USE_PSA - server w/ USE_PSA"
P_CLI=../c2_no_use_psa tests/ssl-opt.sh -f ECJPAKE P_CLI=../c2_no_use_psa tests/ssl-opt.sh -f ECJPAKE -e ECJPAKE_OPAQUE_PW
rm s2_no_use_psa c2_no_use_psa rm s2_no_use_psa c2_no_use_psa
} }
# Opaque password testing requires a separate test with repect to
# "test_tls1_2_ecjpake_compatibility". In that case there's a mix of PSA and
# MbedTLS based implementations of EC-JPAKE which makes it difficult to parse
# proper strings during the test. As a consequence here we just build the
# PSA variant for both client and server.
component_test_tls1_2_ecjpake_opaque_password() {
msg "build: TLS1.2 server+client w/ opaque password support"
scripts/config.py set MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
make -C programs ssl/ssl_server2 ssl/ssl_client2
make -C programs test/udp_proxy test/query_compile_time_config
tests/ssl-opt.sh -f ECJPAKE_OPAQUE_PW
}
component_test_psa_external_rng_use_psa_crypto () { component_test_psa_external_rng_use_psa_crypto () {
msg "build: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" msg "build: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG"
scripts/config.py full scripts/config.py full

3
tests/ssl-opt.sh
View File

@ -8008,8 +8008,9 @@ run_test "ECJPAKE: working, TLS" \
-S "SSL - Verification of the message MAC failed" -S "SSL - Verification of the message MAC failed"
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "ECJPAKE: working, TLS, opaque password" \ run_test "ECJPAKE_OPAQUE_PW: working, TLS, opaque password" \
"$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \ "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \
"$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\ "$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\
force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \