diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 2b82fa05bb..5fa02d26f6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6139,7 +6139,7 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE && memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer has no certificate" ) ); return( 0 ); } return( -1 ); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index b498fd4909..ead0db8355 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1532,9 +1532,12 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl ) if( ( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) && ( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ) ) { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "got a certificate request" ) ); return( SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST ); } + MBEDTLS_SSL_DEBUG_MSG( 3, ( "got no certificate request" ) ); + return( SSL_CERTIFICATE_REQUEST_SKIP ); } @@ -1687,7 +1690,6 @@ static int ssl_tls13_process_certificate_request( mbedtls_ssl_context *ssl ) } else if( ret == SSL_CERTIFICATE_REQUEST_SKIP ) { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip tls13 parse certificate request" ) ); ret = 0; } else @@ -1697,9 +1699,6 @@ static int ssl_tls13_process_certificate_request( mbedtls_ssl_context *ssl ) goto cleanup; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request", - ssl->handshake->client_auth ? "a" : "no" ) ); - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CERTIFICATE ); cleanup: @@ -1803,7 +1802,10 @@ static int ssl_tls13_write_client_certificate( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY ); } else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "skip write certificate verify" ) ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); + } return( 0 ); } diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index f508bcad36..acd227defd 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -567,7 +567,7 @@ static int ssl_tls13_validate_certificate( mbedtls_ssl_context *ssl ) */ if( ssl->session_negotiate->peer_cert == NULL ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer has not sent a certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer has no certificate" ) ); #if defined(MBEDTLS_SSL_SRV_C) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 7114501881..719bf05225 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1644,7 +1644,11 @@ static int ssl_tls13_write_server_finished( mbedtls_ssl_context *ssl ) mbedtls_ssl_set_inbound_transform( ssl, ssl->handshake->transform_handshake ); } else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "skip parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "skip parse certificate verify" ) ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); + } return( 0 ); } @@ -1774,8 +1778,11 @@ int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY ); } else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "skip parse certificate verify" ) ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); + } } break; diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 9e533362ab..0b6711cdd4 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4747,7 +4747,6 @@ run_test "DER format: with 9 trailing random bytes" \ # Tests for auth_mode, there are duplicated tests using ca callback for authentication # When updating these tests, modify the matching authentication tests accordingly -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: server badcert, client required" \ "$P_SRV crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ @@ -4781,7 +4780,6 @@ run_test "Authentication: server goodcert, client optional, no trusted CA" \ -C "X509 - Certificate verification failed" \ -C "SSL - No CA Chain is set, but required to operate" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: server goodcert, client required, no trusted CA" \ "$P_SRV" \ "$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \ @@ -4852,7 +4850,6 @@ run_test "Authentication: client SHA384, server required" \ -c "Supported Signature Algorithm found: 4," \ -c "Supported Signature Algorithm found: 5," -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client has no cert, server required (TLS)" \ "$P_SRV debug_level=3 auth_mode=required" \ "$P_CLI debug_level=3 crt_file=none \ @@ -4864,12 +4861,10 @@ run_test "Authentication: client has no cert, server required (TLS)" \ -c "= write certificate$" \ -C "skip write certificate$" \ -S "x509_verify_cert() returned" \ - -s "client has no certificate" \ + -s "peer has no certificate" \ -s "! mbedtls_ssl_handshake returned" \ - -c "! mbedtls_ssl_handshake returned" \ -s "No client certification received from the client, but required by the authentication mode" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client badcert, server required" \ "$P_SRV debug_level=3 auth_mode=required" \ "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ @@ -4885,13 +4880,11 @@ run_test "Authentication: client badcert, server required" \ -s "! The certificate is not correctly signed by the trusted CA" \ -s "! mbedtls_ssl_handshake returned" \ -s "send alert level=2 message=48" \ - -c "! mbedtls_ssl_handshake returned" \ -s "X509 - Certificate verification failed" # We don't check that the client receives the alert because it might # detect that its write end of the connection is closed and abort # before reading the alert message. -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client cert self-signed and trusted, server required" \ "$P_SRV debug_level=3 auth_mode=required ca_file=data_files/server5-selfsigned.crt" \ "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \ @@ -4907,7 +4900,6 @@ run_test "Authentication: client cert self-signed and trusted, server require -S "! The certificate is not correctly signed" \ -S "X509 - Certificate verification failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client cert not trusted, server required" \ "$P_SRV debug_level=3 auth_mode=required" \ "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \ @@ -4922,10 +4914,8 @@ run_test "Authentication: client cert not trusted, server required" \ -s "x509_verify_cert() returned" \ -s "! The certificate is not correctly signed by the trusted CA" \ -s "! mbedtls_ssl_handshake returned" \ - -c "! mbedtls_ssl_handshake returned" \ -s "X509 - Certificate verification failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client badcert, server optional" \ "$P_SRV debug_level=3 auth_mode=optional" \ "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ @@ -4943,7 +4933,6 @@ run_test "Authentication: client badcert, server optional" \ -C "! mbedtls_ssl_handshake returned" \ -S "X509 - Certificate verification failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client badcert, server none" \ "$P_SRV debug_level=3 auth_mode=none" \ "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ @@ -4961,7 +4950,6 @@ run_test "Authentication: client badcert, server none" \ -C "! mbedtls_ssl_handshake returned" \ -S "X509 - Certificate verification failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client no cert, server optional" \ "$P_SRV debug_level=3 auth_mode=optional" \ "$P_CLI debug_level=3 crt_file=none key_file=none" \ @@ -5023,7 +5011,6 @@ MAX_IM_CA='8' # are in place so that the semantics are consistent with the test description. requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: server max_int chain, client default" \ "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \ key_file=data_files/dir-maxpath/09.key" \ @@ -5033,7 +5020,6 @@ run_test "Authentication: server max_int chain, client default" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: server max_int+1 chain, client default" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ key_file=data_files/dir-maxpath/10.key" \ @@ -5065,7 +5051,6 @@ run_test "Authentication: server max_int+1 chain, client none" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client max_int+1 chain, server default" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \ "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ @@ -5075,7 +5060,6 @@ run_test "Authentication: client max_int+1 chain, server default" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client max_int+1 chain, server optional" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \ "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ @@ -5085,7 +5069,6 @@ run_test "Authentication: client max_int+1 chain, server optional" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client max_int+1 chain, server required" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ @@ -5095,7 +5078,6 @@ run_test "Authentication: client max_int+1 chain, server required" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Authentication: client max_int chain, server required" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \ @@ -5657,7 +5639,6 @@ run_test "SNI: DTLS, CA override with CRL" \ # Tests for non-blocking I/O: exercise a variety of handshake flows -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Non-blocking I/O: basic handshake" \ "$P_SRV nbio=2 tickets=0 auth_mode=none" \ "$P_CLI nbio=2 tickets=0" \ @@ -5666,7 +5647,6 @@ run_test "Non-blocking I/O: basic handshake" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Non-blocking I/O: client auth" \ "$P_SRV nbio=2 tickets=0 auth_mode=required" \ "$P_CLI nbio=2 tickets=0" \ @@ -5722,7 +5702,6 @@ run_test "Non-blocking I/O: session-id resume" \ # Tests for event-driven I/O: exercise a variety of handshake flows -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Event-driven I/O: basic handshake" \ "$P_SRV event=1 tickets=0 auth_mode=none" \ "$P_CLI event=1 tickets=0" \ @@ -5731,7 +5710,6 @@ run_test "Event-driven I/O: basic handshake" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Event-driven I/O: client auth" \ "$P_SRV event=1 tickets=0 auth_mode=required" \ "$P_CLI event=1 tickets=0" \ @@ -7355,6 +7333,20 @@ run_test "Small client packet TLS 1.2 AEAD shorter tag" \ 0 \ -s "Read from client: 1 bytes read" +run_test "Small client packet TLS 1.3 AEAD" \ + "$P_SRV force_version=tls13" \ + "$P_CLI request_size=1 \ + force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small client packet TLS 1.3 AEAD shorter tag" \ + "$P_SRV force_version=tls13" \ + "$P_CLI request_size=1 \ + force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ + 0 \ + -s "Read from client: 1 bytes read" + # Tests for small client packets in DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS @@ -7405,6 +7397,18 @@ run_test "Small server packet TLS 1.2 AEAD shorter tag" \ 0 \ -c "Read from server: 1 bytes read" +run_test "Small server packet TLS 1.3 AEAD" \ + "$P_SRV response_size=1 force_version=tls13" \ + "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ + 0 \ + -c "Read from server: 1 bytes read" + +run_test "Small server packet TLS 1.3 AEAD shorter tag" \ + "$P_SRV response_size=1 force_version=tls13" \ + "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ + 0 \ + -c "Read from server: 1 bytes read" + # Tests for small server packets in DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS @@ -7469,6 +7473,22 @@ run_test "Large client packet TLS 1.2 AEAD shorter tag" \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" +run_test "Large client packet TLS 1.3 AEAD" \ + "$P_SRV force_version=tls13" \ + "$P_CLI request_size=16384 \ + force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + +run_test "Large client packet TLS 1.3 AEAD shorter tag" \ + "$P_SRV force_version=tls13" \ + "$P_CLI request_size=16384 \ + force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ + 0 \ + -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ + -s "Read from client: $MAX_CONTENT_LEN bytes read" + # The tests below fail when the server's OUT_CONTENT_LEN is less than 16384. run_test "Large server packet TLS 1.2 BlockCipher" \ "$P_SRV response_size=16384 force_version=tls12" \ @@ -7508,6 +7528,18 @@ run_test "Large server packet TLS 1.2 AEAD shorter tag" \ 0 \ -c "Read from server: 16384 bytes read" +run_test "Large server packet TLS 1.3 AEAD" \ + "$P_SRV response_size=16384 force_version=tls13" \ + "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ + 0 \ + -c "Read from server: 16384 bytes read" + +run_test "Large server packet TLS 1.3 AEAD shorter tag" \ + "$P_SRV response_size=16384 force_version=tls13" \ + "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ + 0 \ + -c "Read from server: 16384 bytes read" + # Tests for restartable ECC # Force the use of a curve that supports restartable ECC (secp256r1). diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index ad29f6cb7b..9be1bff82b 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -4829,7 +4829,7 @@ void handshake_cipher( char* cipher, int pk_alg, int dtls ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ void app_data( int mfl, int cli_msg_len, int srv_msg_len, int expected_cli_fragments, int expected_srv_fragments, int dtls ) @@ -4843,6 +4843,9 @@ void app_data( int mfl, int cli_msg_len, int srv_msg_len, options.expected_cli_fragments = expected_cli_fragments; options.expected_srv_fragments = expected_srv_fragments; options.dtls = dtls; +#if ! defined(MBEDTLS_SSL_PROTO_TLS1_2) + options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_3; +#endif perform_handshake( &options ); /* The goto below is used to avoid an "unused label" warning.*/ @@ -4850,7 +4853,7 @@ void app_data( int mfl, int cli_msg_len, int srv_msg_len, } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ void app_data_tls( int mfl, int cli_msg_len, int srv_msg_len, int expected_cli_fragments, int expected_srv_fragments )