lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Driver-only FFDH is not good enough for DHE support in TLS 1.2

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2024-04-30 14:25:30 +02:00
parent 21ad57677c
commit 89ef2fabb5
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/scripts/analyze_outcomes.py
View File

@ -468,6 +468,12 @@ KNOWN_TASKS = {
'bignum.generated', 'bignum.misc',
],
'ignored_tests': {
'ssl-opt': [
# DHE support in TLS 1.2 requires built-in MBEDTLS_DHM_C
# (because it needs custom groups, which PSA does not
# provide), even with MBEDTLS_USE_PSA_CRYPTO.
re.compile(r'PSK callback:.*\bdhe-psk\b.*'),
],
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component