1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00

Add missing key exchange dependencies

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
Andrzej Kurek
2022-10-18 08:30:50 -04:00
parent b3b0ec9bed
commit 4ed670f0cd
3 changed files with 28 additions and 21 deletions

View File

@ -527,7 +527,7 @@ struct options
#include "ssl_test_common_source.c" #include "ssl_test_common_source.c"
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
static unsigned char peer_crt_info[1024]; static unsigned char peer_crt_info[1024];
/* /*
@ -559,7 +559,7 @@ static int my_verify( void *data, mbedtls_x509_crt *crt,
return( 0 ); return( 0 );
} }
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage( mbedtls_ssl_context *ssl, int report_cid_usage( mbedtls_ssl_context *ssl,
@ -689,7 +689,7 @@ int main( int argc, char *argv[] )
psa_status_t status; psa_status_t status;
#endif #endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif #endif
rng_context_t rng; rng_context_t rng;
@ -702,7 +702,9 @@ int main( int argc, char *argv[] )
mbedtls_timing_delay_context timer; mbedtls_timing_delay_context timer;
#endif #endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
uint32_t flags; uint32_t flags;
#endif
mbedtls_x509_crt cacert; mbedtls_x509_crt cacert;
mbedtls_x509_crt clicert; mbedtls_x509_crt clicert;
mbedtls_pk_context pkey; mbedtls_pk_context pkey;
@ -2022,7 +2024,8 @@ int main( int argc, char *argv[] )
} }
#endif #endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
if( opt.context_crt_cb == 1 ) if( opt.context_crt_cb == 1 )
mbedtls_ssl_set_verify( &ssl, my_verify, NULL ); mbedtls_ssl_set_verify( &ssl, my_verify, NULL );
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C */
@ -2325,7 +2328,8 @@ int main( int argc, char *argv[] )
} }
} }
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/* /*
* 5. Verify the server certificate * 5. Verify the server certificate
*/ */
@ -2347,7 +2351,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Peer certificate information ...\n" ); mbedtls_printf( " . Peer certificate information ...\n" );
mbedtls_printf( "%s\n", peer_crt_info ); mbedtls_printf( "%s\n", peer_crt_info );
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ret = report_cid_usage( &ssl, "initial handshake" ); ret = report_cid_usage( &ssl, "initial handshake" );
@ -2675,9 +2679,10 @@ send_request:
mbedtls_printf( " . Restarting connection from same port..." ); mbedtls_printf( " . Restarting connection from same port..." );
fflush( stdout ); fflush( stdout );
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{ {
@ -2911,9 +2916,10 @@ reconnect:
mbedtls_printf( " . Reconnecting with saved session..." ); mbedtls_printf( " . Reconnecting with saved session..." );
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{ {

View File

@ -1301,7 +1301,8 @@ int main( int argc, char *argv[] )
mbedtls_ssl_cookie_ctx cookie_ctx; mbedtls_ssl_cookie_ctx cookie_ctx;
#endif #endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif #endif
rng_context_t rng; rng_context_t rng;

View File

@ -220,23 +220,23 @@ depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_
handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0 handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0
Handshake, RSA-WITH-AES-128-CCM Handshake, RSA-WITH-AES-128-CCM
depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0 handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0
Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256
depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:0 handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:0
Handshake, ECDHE-ECDSA-WITH-AES-256-CCM Handshake, ECDHE-ECDSA-WITH-AES-256-CCM
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0 handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0
Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0 handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0
Handshake, PSK-WITH-AES-128-CBC-SHA Handshake, PSK-WITH-AES-128-CBC-SHA
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0
DTLS Handshake, tls1_1 DTLS Handshake, tls1_1
@ -252,23 +252,23 @@ depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_
handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1
DTLS Handshake, RSA-WITH-AES-128-CCM DTLS Handshake, RSA-WITH-AES-128-CCM
depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1 handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1
DTLS Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 DTLS Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256
depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:1 handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:1
DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM
depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1 handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1
DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1 handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1
DTLS Handshake, PSK-WITH-AES-128-CBC-SHA DTLS Handshake, PSK-WITH-AES-128-CBC-SHA
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SHA1_C depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SHA1_C:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1 handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1
DTLS Handshake with serialization, tls1_2 DTLS Handshake with serialization, tls1_2