diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index ab6b5dd6ef..08874e3ce8 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -304,15 +304,26 @@ #endif #endif /* MBEDTLS_USE_PSA_CRYPTO */ +/* Helper for ECDH dependencies, will be undefined at the end of the file */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(PSA_HAVE_FULL_ECDH) +#define MBEDTLS_PK_HAVE_ECDH +#endif +#else /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_ECDH_C) +#define MBEDTLS_PK_HAVE_ECDH +#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \ - ( !defined(MBEDTLS_ECDH_C) || \ + ( !defined(MBEDTLS_PK_HAVE_ECDH) || \ !defined(MBEDTLS_PK_HAVE_ECDSA) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) ) #error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites" #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \ - ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) || \ + ( !defined(MBEDTLS_PK_HAVE_ECDH) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) ) #error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites" #endif @@ -1100,6 +1111,7 @@ /* Undefine helper symbols */ #undef MBEDTLS_PK_HAVE_ECDSA #undef MBEDTLS_PK_HAVE_JPAKE +#undef MBEDTLS_PK_HAVE_ECDH /* * Avoid warning from -pedantic. This is a convenient place for this diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index cedce1e7f8..d0c24d886f 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -853,6 +853,11 @@ extern "C" { #define PSA_HAVE_FULL_JPAKE 1 #endif +#if defined(PSA_WANT_ALG_ECDH) && defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \ + defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#define PSA_HAVE_FULL_ECDH 1 +#endif + /* These features are always enabled. */ #define PSA_WANT_KEY_TYPE_DERIVE 1 #define PSA_WANT_KEY_TYPE_PASSWORD 1 diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 3de7a8fa04..f029265e3e 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -193,6 +193,12 @@ typedef struct mbedtls_pk_rsassa_pss_options { #endif /* PSA_WANT_ALG_ECDSA */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ +/* Symbol for ECDH capabilities, no matter how it is provided */ +#if (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_HAVE_FULL_ECDH)) || \ + (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C)) +#define MBEDTLS_PK_CAN_ECDH +#endif + #if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) || defined(MBEDTLS_PK_CAN_ECDSA_SIGN) #define MBEDTLS_PK_CAN_ECDSA_SOME #endif diff --git a/library/ssl_tls.c b/library/ssl_tls.c index a6129da397..c91a12f8e4 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4220,7 +4220,7 @@ void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl) mbedtls_ssl_buffering_free(ssl); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_ECDH_C) && \ +#if defined(MBEDTLS_PK_CAN_ECDH) && \ (defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)) if (handshake->ecdh_psa_privkey_is_external == 0) { psa_destroy_key(handshake->ecdh_psa_privkey); diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 46706971ce..555db66e2d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2255,8 +2255,6 @@ config_psa_crypto_config_ecdh_use_psa () { scripts/config.py unset MBEDTLS_ECDH_C fi # Disable things that depend on it (regardless of driver or built-in) - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index bae9ee53f7..566860d3cb 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -284,6 +284,12 @@ TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \ TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT="MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED" +TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED" + requires_key_exchange_with_cert_in_tls12_or_tls13_enabled() { if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2 then @@ -368,48 +374,66 @@ requires_ciphersuite_enabled() { # - $1 = command line (call to a TLS client or server program) # - $2 = client/server # - $3 = TLS version (TLS12 or TLS13) -# - $4 = run test options +# - $4 = Use an external tool without ECDH support +# - $5 = run test options detect_required_features() { - case "$1" in + CMD_LINE=$1 + ROLE=$2 + TLS_VERSION=$3 + EXT_WO_ECDH=$4 + TEST_OPTIONS=${5:-} + + case "$CMD_LINE" in *\ force_version=*) - tmp="${1##*\ force_version=}" + tmp="${CMD_LINE##*\ force_version=}" tmp="${tmp%%[!-0-9A-Z_a-z]*}" requires_protocol_version "$tmp";; esac - case "$1" in + case "$CMD_LINE" in *\ force_ciphersuite=*) - tmp="${1##*\ force_ciphersuite=}" + tmp="${CMD_LINE##*\ force_ciphersuite=}" tmp="${tmp%%[!-0-9A-Z_a-z]*}" requires_ciphersuite_enabled "$tmp";; esac - case " $1 " in + case " $CMD_LINE " in *[-_\ =]tickets=[^0]*) requires_config_enabled MBEDTLS_SSL_TICKET_C;; esac - case " $1 " in + case " $CMD_LINE " in *[-_\ =]alpn=*) requires_config_enabled MBEDTLS_SSL_ALPN;; esac - case "$1" in + case "$CMD_LINE" in *server5*|\ *server7*|\ *dir-maxpath*) - if [ "$3" = "TLS13" ]; then + if [ "$TLS_VERSION" = "TLS13" ]; then # In case of TLS13 the support for ECDSA is enough requires_pk_alg "ECDSA" else # For TLS12 requirements are different between server and client - if [ "$2" = "server" ]; then + if [ "$ROLE" = "server" ]; then # If the server uses "server5*" certificates, then an ECDSA based - # key exchange is required - requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT - elif [ "$2" = "client" ]; then - # Otherwise for the client it is enough to have any certificate - # based authentication + support for ECDSA - requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT + # key exchange is required. However gnutls also does not + # support ECDH, so this limit the choice to ECDHE-ECDSA + if [ "$EXT_WO_ECDH" = "yes" ]; then + requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + else + requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT + fi + elif [ "$ROLE" = "client" ]; then + # On the client side it is enough to have any certificate + # based authentication together with support for ECDSA. + # Of course the GnuTLS limitation mentioned above applies + # also here. + if [ "$EXT_WO_ECDH" = "yes" ]; then + requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH + else + requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT + fi requires_pk_alg "ECDSA" fi fi @@ -1102,6 +1126,28 @@ is_gnutls() { esac } +# Some external tools (gnutls or openssl) might not have support for static ECDH +# and this limit the tests that can be run with them. This function checks server +# and client command lines, given as input, to verify if the current test +# is using one of these tools. +use_ext_tool_without_ecdh_support() { + case "$1" in + *$GNUTLS_SERV*|\ + *${GNUTLS_NEXT_SERV:-"gnutls-serv-dummy"}*|\ + *${OPENSSL_NEXT:-"openssl-dummy"}*) + echo "yes" + return;; + esac + case "$2" in + *$GNUTLS_CLI*|\ + *${GNUTLS_NEXT_CLI:-"gnutls-cli-dummy"}*|\ + *${OPENSSL_NEXT:-"openssl-dummy"}*) + echo "yes" + return;; + esac + echo "no" +} + # Generate random psk_list argument for ssl_server2 get_srv_psk_list () { @@ -1528,8 +1574,12 @@ run_test() { # If the client or server requires certain features that can be detected # from their command-line arguments, check that they're enabled. TLS_VERSION=$(get_tls_version "$SRV_CMD" "$CLI_CMD") - detect_required_features "$SRV_CMD" "server" "$TLS_VERSION" "$@" - detect_required_features "$CLI_CMD" "client" "$TLS_VERSION" "$@" + + # Check if we are trying to use an external tool wich does not support ECDH + EXT_WO_ECDH=$(use_ext_tool_without_ecdh_support "$SRV_CMD" "$CLI_CMD") + + detect_required_features "$SRV_CMD" "server" "$TLS_VERSION" "$EXT_WO_ECDH" "$@" + detect_required_features "$CLI_CMD" "client" "$TLS_VERSION" "$EXT_WO_ECDH" "$@" # If we're in a PSK-only build and the test can be adapted to PSK, do that. maybe_adapt_for_psk "$@" @@ -9468,7 +9518,7 @@ run_test "DTLS reassembly: no fragmentation (openssl server)" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS reassembly: some fragmentation (openssl server)" \ - "$O_SRV -dtls -mtu 768" \ + "$O_SRV -dtls -mtu 256" \ "$P_CLI dtls=1 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index c47f292435..43b4d21d92 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -440,39 +440,39 @@ depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C: handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED +depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad alg -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad usage -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing usage -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Sending app data via TLS, MFL=512 without fragmentation