lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity

Merge pull request #8508 from valeriosetti/issue6323

Browse Source 
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
This commit is contained in:
Manuel Pégourié-Gonnard
2023-11-14 11:39:06 +00:00
committed by GitHub
parent cf582df426 04c85e146c
commit 752dd39a69
5 changed files with 129 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
tests/scripts/all.sh
View File

@@ -3702,7 +3702,7 @@ common_psa_crypto_config_accel_cipher_aead() {
# are meant to be used together in analyze_outcomes.py script in order to test
# driver's coverage for ciphers and AEADs.
component_test_psa_crypto_config_accel_cipher_aead () {
msg "test: crypto config with accelerated cipher and AEAD"
msg "build: crypto config with accelerated cipher and AEAD"
loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB \
ALG_OFB ALG_XTS ALG_STREAM_CIPHER \
@@ -3758,13 +3758,22 @@ component_test_psa_crypto_config_accel_cipher_aead () {
msg "test: crypto config with accelerated cipher and AEAD"
make test
msg "ssl-opt: crypto config with accelerated cipher and AEAD"
tests/ssl-opt.sh
}
component_test_psa_crypto_config_reference_cipher_aead () {
msg "build: crypto config with non-accelerated cipher and AEAD"
common_psa_crypto_config_accel_cipher_aead
make
msg "test: crypto config with non-accelerated cipher and AEAD"
make test
msg "ssl-opt: crypto config with non-accelerated cipher and AEAD"
tests/ssl-opt.sh
}
component_test_aead_chachapoly_disabled() {

58
tests/ssl-opt.sh
View File

@@ -368,6 +368,34 @@ requires_ciphersuite_enabled() {
esac
}
requires_cipher_enabled() {
KEY_TYPE=$1
MODE=${2:-}
if is_config_enabled MBEDTLS_USE_PSA_CRYPTO; then
case "$KEY_TYPE" in
CHACHA20)
requires_config_enabled PSA_WANT_ALG_CHACHA20_POLY1305
requires_config_enabled PSA_WANT_KEY_TYPE_CHACHA20
;;
*)
requires_config_enabled PSA_WANT_ALG_${MODE}
requires_config_enabled PSA_WANT_KEY_TYPE_${KEY_TYPE}
;;
esac
else
case "$KEY_TYPE" in
CHACHA20)
requires_config_enabled MBEDTLS_CHACHA20_C
requires_config_enabled MBEDTLS_CHACHAPOLY_C
;;
*)
requires_config_enabled MBEDTLS_${MODE}_C
requires_config_enabled MBEDTLS_${KEY_TYPE}_C
;;
esac
fi
}
# Automatically detect required features based on command line parameters.
# Parameters are:
# - $1 = command line (call to a TLS client or server program)
@@ -2090,6 +2118,11 @@ run_test "key size: TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
-c "Key size is 128"
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_MD_CAN_MD5
# server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM
# module does not support PSA dispatching so we need builtin support.
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_config_enabled MBEDTLS_AES_C
requires_hash_alg SHA_256
run_test "TLS: password protected client key" \
"$P_SRV force_version=tls12 auth_mode=required" \
@@ -2097,6 +2130,11 @@ run_test "TLS: password protected client key" \
0
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_MD_CAN_MD5
# server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM
# module does not support PSA dispatching so we need builtin support.
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_config_enabled MBEDTLS_AES_C
requires_hash_alg SHA_256
run_test "TLS: password protected server key" \
"$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key.enc key_pwd=PolarSSLTest" \
@@ -2105,6 +2143,11 @@ run_test "TLS: password protected server key" \
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_MD_CAN_MD5
# server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM
# module does not support PSA dispatching so we need builtin support.
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_config_enabled MBEDTLS_AES_C
requires_hash_alg SHA_256
run_test "TLS: password protected server key, two certificates" \
"$P_SRV force_version=tls12\
@@ -3833,6 +3876,7 @@ run_test "Session resume using tickets: openssl client" \
-s "session successfully restored from ticket" \
-s "a session has been resumed"
requires_cipher_enabled "AES" "GCM"
run_test "Session resume using tickets: AES-128-GCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-GCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3847,6 +3891,7 @@ run_test "Session resume using tickets: AES-128-GCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "AES" "GCM"
run_test "Session resume using tickets: AES-192-GCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-GCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3861,6 +3906,7 @@ run_test "Session resume using tickets: AES-192-GCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "AES" "CCM"
run_test "Session resume using tickets: AES-128-CCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-CCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3875,6 +3921,7 @@ run_test "Session resume using tickets: AES-128-CCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "AES" "CCM"
run_test "Session resume using tickets: AES-192-CCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-CCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3889,6 +3936,7 @@ run_test "Session resume using tickets: AES-192-CCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "AES" "CCM"
run_test "Session resume using tickets: AES-256-CCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=AES-256-CCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3903,6 +3951,7 @@ run_test "Session resume using tickets: AES-256-CCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "CAMELLIA" "CCM"
run_test "Session resume using tickets: CAMELLIA-128-CCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-128-CCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3917,6 +3966,7 @@ run_test "Session resume using tickets: CAMELLIA-128-CCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "CAMELLIA" "CCM"
run_test "Session resume using tickets: CAMELLIA-192-CCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-192-CCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3931,6 +3981,7 @@ run_test "Session resume using tickets: CAMELLIA-192-CCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "CAMELLIA" "CCM"
run_test "Session resume using tickets: CAMELLIA-256-CCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-256-CCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3945,6 +3996,7 @@ run_test "Session resume using tickets: CAMELLIA-256-CCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "ARIA" "GCM"
run_test "Session resume using tickets: ARIA-128-GCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-GCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3959,6 +4011,7 @@ run_test "Session resume using tickets: ARIA-128-GCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "ARIA" "GCM"
run_test "Session resume using tickets: ARIA-192-GCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-GCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3973,6 +4026,7 @@ run_test "Session resume using tickets: ARIA-192-GCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "ARIA" "GCM"
run_test "Session resume using tickets: ARIA-256-GCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-GCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -3987,6 +4041,7 @@ run_test "Session resume using tickets: ARIA-256-GCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "ARIA" "CCM"
run_test "Session resume using tickets: ARIA-128-CCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-CCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -4001,6 +4056,7 @@ run_test "Session resume using tickets: ARIA-128-CCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "ARIA" "CCM"
run_test "Session resume using tickets: ARIA-192-CCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-CCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -4015,6 +4071,7 @@ run_test "Session resume using tickets: ARIA-192-CCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "ARIA" "CCM"
run_test "Session resume using tickets: ARIA-256-CCM" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-CCM" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \
@@ -4029,6 +4086,7 @@ run_test "Session resume using tickets: ARIA-256-CCM" \
-s "a session has been resumed" \
-c "a session has been resumed"
requires_cipher_enabled "CHACHA20"
run_test "Session resume using tickets: CHACHA20-POLY1305" \
"$P_SRV debug_level=3 tickets=1 ticket_aead=CHACHA20-POLY1305" \
"$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \