From fc42c22c7b67eea5c717aaecbd3c028dd1892102 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Wed, 5 Feb 2025 17:28:03 +0100 Subject: [PATCH 01/15] Migrate RSA key exchange tests Signed-off-by: Gabor Mezei --- tests/ssl-opt.sh | 171 ++++++++----------------------- tests/suites/test_suite_ssl.data | 96 ++++++++--------- 2 files changed, 81 insertions(+), 186 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 23b692c723..7972ae5c32 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2502,20 +2502,6 @@ run_test "Opaque key for server authentication: ECDHE-RSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_RSA_C -requires_hash_alg SHA_256 -run_test "Opaque key for server authentication: RSA-" \ - "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \ - "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \ - 0 \ - -c "Verifying peer X.509 certificate... ok" \ - -c "Ciphersuite is TLS-RSA-" \ - -s "key types: Opaque, Opaque" \ - -s "Ciphersuite is TLS-RSA-" \ - -S "error" \ - -C "error" - requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 @@ -3618,7 +3604,7 @@ run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" run_test "Encrypt then MAC: default" \ "$P_SRV debug_level=3 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ "$P_CLI debug_level=3" \ 0 \ -c "client hello, adding encrypt_then_mac extension" \ @@ -3630,7 +3616,7 @@ run_test "Encrypt then MAC: default" \ run_test "Encrypt then MAC: client enabled, server disabled" \ "$P_SRV debug_level=3 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ "$P_CLI debug_level=3 etm=1" \ 0 \ -c "client hello, adding encrypt_then_mac extension" \ @@ -3642,7 +3628,7 @@ run_test "Encrypt then MAC: client enabled, server disabled" \ run_test "Encrypt then MAC: client enabled, aead cipher" \ "$P_SRV debug_level=3 etm=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256" \ "$P_CLI debug_level=3 etm=1" \ 0 \ -c "client hello, adding encrypt_then_mac extension" \ @@ -3654,7 +3640,7 @@ run_test "Encrypt then MAC: client enabled, aead cipher" \ run_test "Encrypt then MAC: client disabled, server enabled" \ "$P_SRV debug_level=3 etm=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ "$P_CLI debug_level=3 etm=0" \ 0 \ -C "client hello, adding encrypt_then_mac extension" \ @@ -3740,7 +3726,7 @@ run_test "Encrypt then MAC, DTLS: disabled, empty application data record" \ run_test "CBC Record splitting: TLS 1.2, no splitting" \ "$P_SRV force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \ request_size=123" \ 0 \ -s "Read from client: 123 bytes read" \ @@ -7776,20 +7762,6 @@ run_test "keyUsage srv 1.2: ECC, keyEncipherment -> fail" \ # Tests for keyUsage in leaf certificates, part 2: # client-side checking of server cert -# -# TLS 1.3 uses only signature, but for 1.2 it depends on the key exchange. -# In 4.0 this will probably change as all TLS 1.2 key exchanges will use -# signatures too, following the removal of RSA #8170 and static ECDH #9201. - -run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, RSA: OK" \ - "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ - -cert $DATA_FILES_PATH/server2.ku-ds_ke.crt" \ - "$P_CLI debug_level=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, ECDHE-RSA: OK" \ "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ @@ -7801,16 +7773,6 @@ run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, ECDHE-RSA: OK" -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is TLS-" -run_test "keyUsage cli 1.2: KeyEncipherment, RSA: OK" \ - "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ - -cert $DATA_FILES_PATH/server2.ku-ke.crt" \ - "$P_CLI debug_level=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -C "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" - run_test "keyUsage cli 1.2: KeyEncipherment, ECDHE-RSA: fail (hard)" \ "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ -cert $DATA_FILES_PATH/server2.ku-ke.crt" \ @@ -7846,31 +7808,6 @@ run_test "keyUsage cli 1.2: DigitalSignature, ECDHE-RSA: OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is TLS-" -run_test "keyUsage cli 1.2: DigitalSignature, RSA: fail (hard)" \ - "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ - -cert $DATA_FILES_PATH/server2.ku-ds.crt" \ - "$P_CLI debug_level=3 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -c "bad certificate (usage extensions)" \ - -c "Processing of the Certificate handshake message failed" \ - -C "Ciphersuite is TLS-" \ - -c "send alert level=2 message=43" \ - -c "! Usage does not match the keyUsage extension" - # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT - -run_test "keyUsage cli 1.2: DigitalSignature, RSA: fail (soft)" \ - "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ - -cert $DATA_FILES_PATH/server2.ku-ds.crt" \ - "$P_CLI debug_level=3 auth_mode=optional \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -c "bad certificate (usage extensions)" \ - -C "Processing of the Certificate handshake message failed" \ - -c "Ciphersuite is TLS-" \ - -C "send alert level=2 message=43" \ - -c "! Usage does not match the keyUsage extension" - requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli 1.3: DigitalSignature, RSA: OK" \ @@ -8981,14 +8918,14 @@ run_test "mbedtls_ssl_get_bytes_avail: extra data (max)" \ run_test "Small client packet TLS 1.2 BlockCipher" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA etm=0" \ 0 \ -s "Read from client: 1 bytes read" @@ -9002,14 +8939,14 @@ run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \ run_test "Small client packet TLS 1.2 AEAD" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + force_ciphersuite=TLS-ECDSA-RSA-WITH-AES-256-CCM" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 AEAD shorter tag" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + force_ciphersuite=TLS-ECDSA-RSA-WITH-AES-256-CCM-8" \ 0 \ -s "Read from client: 1 bytes read" @@ -9035,7 +8972,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small client packet DTLS 1.2" \ "$P_SRV dtls=1 force_version=dtls12" \ "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "Read from client: 1 bytes read" @@ -9043,7 +8980,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small client packet DTLS 1.2, without EtM" \ "$P_SRV dtls=1 force_version=dtls12 etm=0" \ "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "Read from client: 1 bytes read" @@ -9051,13 +8988,13 @@ run_test "Small client packet DTLS 1.2, without EtM" \ run_test "Small server packet TLS 1.2 BlockCipher" \ "$P_SRV response_size=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV response_size=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA etm=0" \ 0 \ -c "Read from server: 1 bytes read" @@ -9069,13 +9006,13 @@ run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \ run_test "Small server packet TLS 1.2 AEAD" \ "$P_SRV response_size=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 AEAD shorter tag" \ "$P_SRV response_size=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM-8" \ 0 \ -c "Read from server: 1 bytes read" @@ -9099,7 +9036,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small server packet DTLS 1.2" \ "$P_SRV dtls=1 response_size=1 force_version=dtls12" \ "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "Read from server: 1 bytes read" @@ -9107,7 +9044,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small server packet DTLS 1.2, without EtM" \ "$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \ "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "Read from server: 1 bytes read" @@ -9121,7 +9058,7 @@ fragments_for_write() { run_test "Large client packet TLS 1.2 BlockCipher" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=16384 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -9129,7 +9066,7 @@ run_test "Large client packet TLS 1.2 BlockCipher" \ run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=16384 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -9144,7 +9081,7 @@ run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \ run_test "Large client packet TLS 1.2 AEAD" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=16384 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -9152,7 +9089,7 @@ run_test "Large client packet TLS 1.2 AEAD" \ run_test "Large client packet TLS 1.2 AEAD shorter tag" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=16384 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM-8" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -9178,13 +9115,13 @@ run_test "Large client packet TLS 1.3 AEAD shorter tag" \ # The tests below fail when the server's OUT_CONTENT_LEN is less than 16384. run_test "Large server packet TLS 1.2 BlockCipher" \ "$P_SRV response_size=16384 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -c "Read from server: 16384 bytes read" run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \ "$P_SRV response_size=16384 force_version=tls12" \ - "$P_CLI etm=0 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + "$P_CLI etm=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 0 \ -s "16384 bytes written in 1 fragments" \ -c "Read from server: 16384 bytes read" @@ -9197,20 +9134,20 @@ run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \ run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ "$P_SRV response_size=16384 trunc_hmac=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ 0 \ -s "16384 bytes written in 1 fragments" \ -c "Read from server: 16384 bytes read" run_test "Large server packet TLS 1.2 AEAD" \ "$P_SRV response_size=16384 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM" \ 0 \ -c "Read from server: 16384 bytes read" run_test "Large server packet TLS 1.2 AEAD shorter tag" \ "$P_SRV response_size=16384 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM-8" \ 0 \ -c "Read from server: 16384 bytes read" @@ -9542,7 +9479,7 @@ requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE run_test "SSL async private: decrypt, delay=0" \ "$P_SRV \ async_operations=d async_private_delay1=0 async_private_delay2=0" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -s "Async decrypt callback: using key slot " \ -s "Async resume (slot [0-9]): decrypt done, status=0" @@ -9551,38 +9488,12 @@ requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE run_test "SSL async private: decrypt, delay=1" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -s "Async decrypt callback: using key slot " \ -s "Async resume (slot [0-9]): call 0 more times." \ -s "Async resume (slot [0-9]): decrypt done, status=0" -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: sign callback not present" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI force_version=tls12; [ \$? -eq 1 ] && - $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -S "Async sign callback" \ - -s "! mbedtls_ssl_handshake returned" \ - -s "The own private key or pre-shared key is not set, but needed" \ - -s "Async resume (slot [0-9]): decrypt done, status=0" \ - -s "Successful connection" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt callback not present" \ - "$P_SRV debug_level=1 \ - async_operations=s async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA; - [ \$? -eq 1 ] && $P_CLI force_version=tls12" \ - 0 \ - -S "Async decrypt callback" \ - -s "! mbedtls_ssl_handshake returned" \ - -s "got no RSA private key" \ - -s "Async resume (slot [0-9]): sign done, status=0" \ - -s "Successful connection" - # key1: ECDSA, key2: RSA; use key1 from slot 0 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE run_test "SSL async private: slot 0 used with key1" \ @@ -9673,7 +9584,7 @@ run_test "SSL async private: decrypt, error in start" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1 \ async_private_error=1" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ 1 \ -s "Async decrypt callback: injected error" \ -S "Async resume" \ @@ -9685,7 +9596,7 @@ run_test "SSL async private: decrypt, cancel after start" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1 \ async_private_error=2" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ 1 \ -s "Async decrypt callback: using key slot " \ -S "Async resume" \ @@ -9696,7 +9607,7 @@ run_test "SSL async private: decrypt, error in resume" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1 \ async_private_error=3" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ 1 \ -s "Async decrypt callback: using key slot " \ -s "Async resume callback: decrypt done but injected error" \ @@ -9797,7 +9708,7 @@ run_test "SSL async private: renegotiation: client-initiated, decrypt" \ async_operations=d async_private_delay1=1 async_private_delay2=1 \ exchanges=2 renegotiation=1" \ "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -s "Async decrypt callback: using key slot " \ -s "Async resume (slot [0-9]): decrypt done, status=0" @@ -9809,7 +9720,7 @@ run_test "SSL async private: renegotiation: server-initiated, decrypt" \ async_operations=d async_private_delay1=1 async_private_delay2=1 \ exchanges=2 renegotiation=1 renegotiate=1" \ "$P_CLI exchanges=2 renegotiation=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -s "Async decrypt callback: using key slot " \ -s "Async resume (slot [0-9]): decrypt done, status=0" @@ -9817,10 +9728,10 @@ run_test "SSL async private: renegotiation: server-initiated, decrypt" \ # Tests for ECC extensions (rfc 4492) requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED run_test "Force a non ECC ciphersuite in the client side" \ - "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ + "$P_SRV debug_level=3 psk=73776f726466697368" \ + "$P_CLI debug_level=3 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA256" \ 0 \ -C "client hello, adding supported_groups extension" \ -C "client hello, adding supported_point_formats extension" \ @@ -9828,10 +9739,10 @@ run_test "Force a non ECC ciphersuite in the client side" \ -S "found supported point formats extension" requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED run_test "Force a non ECC ciphersuite in the server side" \ - "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ - "$P_CLI debug_level=3" \ + "$P_SRV debug_level=3 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA256" \ + "$P_CLI debug_level=3 psk=73776f726466697368" \ 0 \ -C "found supported_point_formats extension" \ -S "server hello, supported_point_formats extension" @@ -11792,11 +11703,11 @@ run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ -c "HTTP/1.0 200 OK" client_needs_more_time 2 -run_test "DTLS proxy: 3d, \"short\" RSA handshake" \ +run_test "DTLS proxy: 3d, \"short\" ECDHE-RSA handshake" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -s "Extra-header:" \ -c "HTTP/1.0 200 OK" diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index cd0c303e91..1d07c42adf 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -368,9 +368,9 @@ Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0 -Handshake, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0 +Handshake, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM":MBEDTLS_PK_ECDSA:0 Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH @@ -396,9 +396,9 @@ DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 -DTLS Handshake, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1 +DTLS Handshake, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM":MBEDTLS_PK_ECDSA:1 DTLS Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH @@ -435,22 +435,6 @@ Handshake min/max version check, all -> 1.3 depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_3 -Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - -Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - -Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - -Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH -handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 - Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 @@ -712,53 +696,53 @@ DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256- depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" -DTLS no legacy renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=512, PSK-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" -DTLS no legacy renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=1024, PSK-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" -DTLS no legacy renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=2048, PSK-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" -DTLS no legacy renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=4096, PSK-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=512, PSK-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=1024, PSK-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=2048, PSK-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=4096, PSK-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy break handshake renegotiation with MFL=512, PSK-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" +DTLS legacy break handshake renegotiation with MFL=1024, PSK-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=2048, RSA-WITH-AES-128-CCM +DTLS legacy break handshake renegotiation with MFL=2048, PSK-WITH-AES-128-CCM depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=4096, RSA-WITH-AES-128-CCM +DTLS legacy break handshake renegotiation with MFL=4096, PSK-WITH-AES-128-CCM depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH From 00ab71035e1398b5fb2328de84989e1151c7223b Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Wed, 12 Feb 2025 17:52:22 +0100 Subject: [PATCH 02/15] Delete SSL async decryption tests Signed-off-by: Gabor Mezei --- tests/ssl-opt.sh | 78 ------------------------------------------------ 1 file changed, 78 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 7972ae5c32..9cec49641d 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -9475,25 +9475,6 @@ run_test "SSL async private: sign, SNI" \ -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, delay=0" \ - "$P_SRV \ - async_operations=d async_private_delay1=0 async_private_delay2=0" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, delay=1" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): call 0 more times." \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - # key1: ECDSA, key2: RSA; use key1 from slot 0 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE run_test "SSL async private: slot 0 used with key1" \ @@ -9579,41 +9560,6 @@ run_test "SSL async private: sign, error in resume" \ -S "Async cancel" \ -s "! mbedtls_ssl_handshake returned" -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, error in start" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - async_private_error=1" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -s "Async decrypt callback: injected error" \ - -S "Async resume" \ - -S "Async cancel" \ - -s "! mbedtls_ssl_handshake returned" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, cancel after start" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - async_private_error=2" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -s "Async decrypt callback: using key slot " \ - -S "Async resume" \ - -s "Async cancel" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -run_test "SSL async private: decrypt, error in resume" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - async_private_error=3" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ - 1 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume callback: decrypt done but injected error" \ - -S "Async cancel" \ - -s "! mbedtls_ssl_handshake returned" - requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE run_test "SSL async private: cancel after start then operate correctly" \ "$P_SRV force_version=tls12 \ @@ -9701,30 +9647,6 @@ run_test "SSL async private: renegotiation: server-initiated, sign" \ -s "Async sign callback: using key slot " \ -s "Async resume (slot [0-9]): sign done, status=0" -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "SSL async private: renegotiation: client-initiated, decrypt" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - exchanges=2 renegotiation=1" \ - "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \ - force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "SSL async private: renegotiation: server-initiated, decrypt" \ - "$P_SRV \ - async_operations=d async_private_delay1=1 async_private_delay2=1 \ - exchanges=2 renegotiation=1 renegotiate=1" \ - "$P_CLI exchanges=2 renegotiation=1 \ - force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \ - 0 \ - -s "Async decrypt callback: using key slot " \ - -s "Async resume (slot [0-9]): decrypt done, status=0" - # Tests for ECC extensions (rfc 4492) requires_hash_alg SHA_256 From 9d7fd3dfe1f45cf5e654b6bda6b3088f8cd25865 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Thu, 13 Feb 2025 13:30:23 +0100 Subject: [PATCH 03/15] Migrate the RSA key exchage tests Migrate to ECDHE-ECDSA instead of PSK Signed-off-by: Gabor Mezei --- tests/suites/test_suite_ssl.data | 72 ++++++++++++++++---------------- 1 file changed, 36 insertions(+), 36 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 1d07c42adf..7772c74fc8 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -696,53 +696,53 @@ DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256- depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" -DTLS no legacy renegotiation with MFL=512, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS no legacy renegotiation with MFL=1024, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS no legacy renegotiation with MFL=2048, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS no legacy renegotiation with MFL=4096, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" +DTLS no legacy renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=512, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=1024, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=2048, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy allow renegotiation with MFL=4096, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM" +DTLS legacy allow renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=512, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM" +DTLS legacy break handshake renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=1024, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM" +DTLS legacy break handshake renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=2048, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM" +DTLS legacy break handshake renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" -DTLS legacy break handshake renegotiation with MFL=4096, PSK-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM" +DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH From dd7c0f1e661395e3dde5c6b1540fdf9be9d00b2c Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Mon, 17 Feb 2025 13:42:46 +0100 Subject: [PATCH 04/15] Fix ciphersuit Signed-off-by: Gabor Mezei --- tests/ssl-opt.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 9cec49641d..75ab93861b 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -8939,14 +8939,14 @@ run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \ run_test "Small client packet TLS 1.2 AEAD" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=1 \ - force_ciphersuite=TLS-ECDSA-RSA-WITH-AES-256-CCM" \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 0 \ -s "Read from client: 1 bytes read" run_test "Small client packet TLS 1.2 AEAD shorter tag" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=1 \ - force_ciphersuite=TLS-ECDSA-RSA-WITH-AES-256-CCM-8" \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \ 0 \ -s "Read from client: 1 bytes read" @@ -9006,13 +9006,13 @@ run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \ run_test "Small server packet TLS 1.2 AEAD" \ "$P_SRV response_size=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 0 \ -c "Read from server: 1 bytes read" run_test "Small server packet TLS 1.2 AEAD shorter tag" \ "$P_SRV response_size=1 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM-8" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \ 0 \ -c "Read from server: 1 bytes read" @@ -9081,7 +9081,7 @@ run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \ run_test "Large client packet TLS 1.2 AEAD" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=16384 \ - force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM" \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -9089,7 +9089,7 @@ run_test "Large client packet TLS 1.2 AEAD" \ run_test "Large client packet TLS 1.2 AEAD shorter tag" \ "$P_SRV force_version=tls12" \ "$P_CLI request_size=16384 \ - force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM-8" \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \ 0 \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" @@ -9141,13 +9141,13 @@ run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC run_test "Large server packet TLS 1.2 AEAD" \ "$P_SRV response_size=16384 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 0 \ -c "Read from server: 16384 bytes read" run_test "Large server packet TLS 1.2 AEAD shorter tag" \ "$P_SRV response_size=16384 force_version=tls12" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM-8" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \ 0 \ -c "Read from server: 16384 bytes read" From ff9b2e742ae5371669fd92a817ec29bf7a26481d Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Mon, 17 Feb 2025 13:44:13 +0100 Subject: [PATCH 05/15] Delete test cases Only RSA cipgersuits are accepted for these tests and there is no ECDHE-RSA alternative for AES-128-CCM so delete them. Signed-off-by: Gabor Mezei --- tests/suites/test_suite_ssl.data | 48 -------------------------------- 1 file changed, 48 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 7772c74fc8..7ba79ee6da 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -696,54 +696,6 @@ DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256- depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" -DTLS no legacy renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS no legacy renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS no legacy renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS no legacy renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS legacy allow renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS legacy allow renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS legacy allow renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS legacy allow renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS legacy break handshake renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS legacy break handshake renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS legacy break handshake renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - -DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" - DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" From 973a712dd8d664262a60d6fa7c9dd90200c02410 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Tue, 18 Feb 2025 12:31:25 +0100 Subject: [PATCH 06/15] Migrate to a usable ciphersuite Signed-off-by: Gabor Mezei --- tests/suites/test_suite_ssl.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 7ba79ee6da..fadff46b16 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -368,9 +368,9 @@ Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0 -Handshake, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM":MBEDTLS_PK_ECDSA:0 +Handshake, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256":MBEDTLS_PK_RSA:0 Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH @@ -396,9 +396,9 @@ DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 -DTLS Handshake, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM":MBEDTLS_PK_ECDSA:1 +DTLS Handshake, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256":MBEDTLS_PK_RSA:1 DTLS Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH From cdd34742cfd35e311f3c17ce78ab1296594c4302 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Fri, 21 Feb 2025 18:07:41 +0100 Subject: [PATCH 07/15] Fix test case name Signed-off-by: Gabor Mezei --- tests/suites/test_suite_ssl.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index fadff46b16..ed6f816a46 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -368,7 +368,7 @@ Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0 -Handshake, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 +Handshake, ECDHE-RSA-WITH-AES-128-CBC-SHA256 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256":MBEDTLS_PK_RSA:0 @@ -396,7 +396,7 @@ DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 -DTLS Handshake, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 +DTLS Handshake, ECDHE-RSA-WITH-AES-128-CBC-SHA256 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256":MBEDTLS_PK_RSA:1 From ab02cd5e7b7d3a8ffbb26bd800cb7fdfd8351d03 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Fri, 21 Feb 2025 18:10:45 +0100 Subject: [PATCH 08/15] Revert "Delete test cases" This reverts commit ecc5d31139dc6877f135e8090e805c250e32a31d. Signed-off-by: Gabor Mezei --- tests/suites/test_suite_ssl.data | 48 ++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index ed6f816a46..818997a55b 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -696,6 +696,54 @@ DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256- depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" +DTLS no legacy renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS no legacy renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS no legacy renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS no legacy renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS legacy allow renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS legacy allow renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS legacy allow renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS legacy allow renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS legacy break handshake renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS legacy break handshake renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS legacy break handshake renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + +DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" + DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-CBC-SHA384 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" From 8adcfc8240146288c2e5691031720255ae12d3c8 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Wed, 26 Feb 2025 17:37:33 +0100 Subject: [PATCH 09/15] Add ECDSA ciphersuite support for `resize_buffer` tests Signed-off-by: Gabor Mezei --- tests/suites/test_suite_ssl.data | 12 ++++++++++++ tests/suites/test_suite_ssl.function | 10 ++++++++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 818997a55b..c3c5866b8d 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -613,39 +613,51 @@ DTLS serialization with MFL=4096 resize_buffers_serialize_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096 DTLS no legacy renegotiation with MFL=512 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"" DTLS no legacy renegotiation with MFL=1024 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"" DTLS no legacy renegotiation with MFL=2048 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"" DTLS no legacy renegotiation with MFL=4096 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"" DTLS legacy allow renegotiation with MFL=512 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"" DTLS legacy allow renegotiation with MFL=1024 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"" DTLS legacy allow renegotiation with MFL=2048 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"" DTLS legacy allow renegotiation with MFL=4096 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"" DTLS legacy break handshake renegotiation with MFL=512 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS legacy break handshake renegotiation with MFL=1024 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS legacy break handshake renegotiation with MFL=2048 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS legacy break handshake renegotiation with MFL=4096 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 2b50f0e3f2..7479f9ba95 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2825,7 +2825,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */ void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation, int serialize, int dtls, char *cipher) { @@ -2843,6 +2843,12 @@ void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation, } options.resize_buffers = 1; + const mbedtls_ssl_ciphersuite_t *ciphersuite = + mbedtls_ssl_ciphersuite_from_string(cipher); + if (ciphersuite != NULL) { + options.pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite); + } + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ @@ -2862,7 +2868,7 @@ void resize_buffers_serialize_mfl(int mfl) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */ void resize_buffers_renegotiate_mfl(int mfl, int legacy_renegotiation, char *cipher) { From c27757b1ebeb171d6b3541ad7c4405e5ab476dd6 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Thu, 27 Feb 2025 11:30:11 +0100 Subject: [PATCH 10/15] Add new test component New test component added to run test cases with ECDHE_ECDSA ciphersuits and without TLS 1.3. Signed-off-by: Gabor Mezei --- tests/scripts/components-configuration-tls.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/scripts/components-configuration-tls.sh b/tests/scripts/components-configuration-tls.sh index 83795012f3..f2ac152634 100644 --- a/tests/scripts/components-configuration-tls.sh +++ b/tests/scripts/components-configuration-tls.sh @@ -277,6 +277,10 @@ component_full_without_ecdhe_ecdsa_and_tls13 () { MBEDTLS_SSL_PROTO_TLS1_3" } +component_full_without_tls13 () { + build_full_minus_something_and_test_tls "MBEDTLS_SSL_PROTO_TLS1_3" +} + component_build_no_ssl_srv () { msg "build: full config except SSL server, make, gcc" # ~ 30s scripts/config.py full From 92e49e1bca7b4fd8f679aa9118d04ad44eeab81f Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Tue, 4 Mar 2025 11:57:08 +0100 Subject: [PATCH 11/15] Update comment Signed-off-by: Gabor Mezei --- tests/scripts/components-configuration-tls.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/components-configuration-tls.sh b/tests/scripts/components-configuration-tls.sh index f2ac152634..293e88e8f3 100644 --- a/tests/scripts/components-configuration-tls.sh +++ b/tests/scripts/components-configuration-tls.sh @@ -242,8 +242,8 @@ component_test_small_mbedtls_ssl_dtls_max_buffering () { tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" } -# Common helper for component_full_without_ecdhe_ecdsa() and -# component_full_without_ecdhe_ecdsa_and_tls13() which: +# Common helper for component_full_without_ecdhe_ecdsa(), +# component_full_without_ecdhe_ecdsa_and_tls13() and component_full_without_tls13 which: # - starts from the "full" configuration minus the list of symbols passed in # as 1st parameter # - build From dcbe4ce9db23b5cff44ff9a9b002c2415857b8ee Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Tue, 4 Mar 2025 11:58:02 +0100 Subject: [PATCH 12/15] Update dependencies Pre-existing but not having TLS 1.3 in the build does not seem to be necessary actually. These test functions set the dtls flag when calling `test_resize_buffers` and then `test_resize_buffers` sets the `options.dtls` flag which eventually forces the TLS 1.2 version of the protocol (in `mbedtls_test_ssl_endpoint_init()` call of `mbedtls_ssl_config_defaults()` with `MBEDTLS_SSL_TRANSPORT_DATAGRAM` as the transport). Signed-off-by: Gabor Mezei --- tests/suites/test_suite_ssl.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 7479f9ba95..08ecd672f1 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2858,7 +2858,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ void resize_buffers_serialize_mfl(int mfl) { test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1, @@ -2868,7 +2868,7 @@ void resize_buffers_serialize_mfl(int mfl) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */ void resize_buffers_renegotiate_mfl(int mfl, int legacy_renegotiation, char *cipher) { From ea4df49272119ee10af7ef42f41ff504793d882a Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Tue, 4 Mar 2025 17:17:09 +0100 Subject: [PATCH 13/15] Update test dependencies Signed-off-by: Gabor Mezei --- tests/suites/test_suite_ssl.data | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index c3c5866b8d..565588bea6 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -709,51 +709,51 @@ depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_K resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-CBC-SHA384 From 149509362b9fe44001e523492dfb56cac94550ae Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Thu, 6 Mar 2025 16:06:42 +0100 Subject: [PATCH 14/15] TLS context serialization needs an AEAD ciphersuite Signed-off-by: Gabor Mezei --- tests/include/test/ssl_helpers.h | 7 +++++++ tests/suites/test_suite_ssl.function | 29 ++++++++++++++++++++++++---- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h index e5b8d74416..910329dd0d 100644 --- a/tests/include/test/ssl_helpers.h +++ b/tests/include/test/ssl_helpers.h @@ -70,6 +70,13 @@ defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY #endif + +#if defined(PSA_WANT_ALG_GCM) ||\ + defined(PSA_WANT_ALG_CCM) ||\ + defined(PSA_WANT_ALG_CHACHA20_POLY1305) +#define MBEDTLS_TEST_HAS_AEAD_ALG +#endif + enum { #define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ tls13_label_ ## name, diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 08ecd672f1..7d8bf90efd 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2858,13 +2858,34 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_TEST_HAS_AEAD_ALG:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ void resize_buffers_serialize_mfl(int mfl) { + /* Choose an AEAD ciphersuite */ + const int *ciphersuites = mbedtls_ssl_list_ciphersuites(); + const mbedtls_ssl_ciphersuite_t *ciphersuite = NULL; + int i = 0; + while (ciphersuites[i] != 0) { + ciphersuite = mbedtls_ssl_ciphersuite_from_id(ciphersuites[i]); + + if (ciphersuite->min_tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { + const mbedtls_ssl_mode_t mode = +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM) + mbedtls_ssl_get_mode_from_ciphersuite(0, ciphersuite); +#else + mbedtls_ssl_get_mode_from_ciphersuite(ciphersuite); +#endif + if (mode == MBEDTLS_SSL_MODE_AEAD) + break; + } + + i++; + } + + TEST_ASSERT(ciphersuite != NULL); + test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1, - (char *) ""); - /* The goto below is used to avoid an "unused label" warning.*/ - goto exit; + (char *) ciphersuite->name); } /* END_CASE */ From 8829aa336c6c9398a52225948380ff8170a31e07 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Fri, 7 Mar 2025 13:21:37 +0100 Subject: [PATCH 15/15] Fix code style Signed-off-by: Gabor Mezei --- tests/include/test/ssl_helpers.h | 4 ++-- tests/suites/test_suite_ssl.function | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h index 910329dd0d..ef4927f72e 100644 --- a/tests/include/test/ssl_helpers.h +++ b/tests/include/test/ssl_helpers.h @@ -71,8 +71,8 @@ #define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY #endif -#if defined(PSA_WANT_ALG_GCM) ||\ - defined(PSA_WANT_ALG_CCM) ||\ +#if defined(PSA_WANT_ALG_GCM) || \ + defined(PSA_WANT_ALG_CCM) || \ defined(PSA_WANT_ALG_CHACHA20_POLY1305) #define MBEDTLS_TEST_HAS_AEAD_ALG #endif diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 7d8bf90efd..e9584dcc1f 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2875,8 +2875,9 @@ void resize_buffers_serialize_mfl(int mfl) #else mbedtls_ssl_get_mode_from_ciphersuite(ciphersuite); #endif - if (mode == MBEDTLS_SSL_MODE_AEAD) + if (mode == MBEDTLS_SSL_MODE_AEAD) { break; + } } i++;