mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-26 15:08:51 +03:00

Author	SHA1	Message	Date
Valerio Setti	1494a09ff7	test_suite_ssl: require GCM or ChaChaPoly in handshake_serialization() Hanshake serialization requires that the selected ciphersuite uses an AEAD algorithm. However, following the DHE-RSA removal, trying to still use RSA signature might select a ciphersuite which is not using AEAD, but CBC instead (see preference order in "ssl_ciphersuite.c"). This is especially problematic in tests scenarios where both GCM and ChaChaPoly are disabled, so that CCM remains as the only AEAD algorithm. Ciphersuites using RSA signature and CCM are very low on the preference list, so very unlikely to be picked in tests. This cause a CBC one to be selected in this case and the handshake_serialization() function to fail. In order to prevent failures from happening, in this commit we require that either GCM or ChaChaPoly are enabled, so that ciphersuites using one of these are likely to be picked. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-02-06 10:12:02 +01:00
Valerio Setti	b8ef2a4455	test_suite_ssl: adapt handshake_fragmentation() to use ECDHE-RSA Use ECDHE-RSA instead of DHE-RSA. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-27 12:38:39 +01:00
Manuel Pégourié-Gonnard	c4e768a8a6	Fix incorrect test function We should not manually set the TLS version, the tests are supposed to pass in 1.3-only builds as well. Instead do the normal thing of setting defaults. This doesn't interfere with the rest of the testing, so I'm not sure why we were not doing it. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-22 10:04:43 +01:00
Manuel Pégourié-Gonnard	4c3134a396	Remove useless dependency from test function This dependency was never right in the first place. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-14 12:25:52 +01:00
Manuel Pégourié-Gonnard	93d4591255	Remove deprecated function mbedtls_ssl_conf_curves() Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-14 12:06:31 +01:00
Gilles Peskine	bc7c523420	Remove uses of secp244k1 Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will not be implemented. (It would be K1_225 anyway, but we don't intend to implement it anyway.) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2025-01-08 16:51:23 +01:00
Elena Uziunaite	8d8620bf18	Address review comments: add PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-09-09 11:18:10 +01:00
Elena Uziunaite	bed21b55a6	Replace MBEDTLS_PK_CAN_ECDSA_VERIFY with PSA_HAVE_ALG_ECDSA_VERIFY Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-09-09 11:18:10 +01:00
Elena Uziunaite	a6950b8ce7	Replace MBEDTLS_PK_CAN_ECDSA_SOME with PSA_HAVE_ALG_SOME_ECDSA Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-09-09 11:17:36 +01:00
Elena Uziunaite	63cb13e494	Replace MBEDTLS_ECP_HAVE_SECP224K1 with PSA_WANT_ECC_SECP_K1_224 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-09-05 12:43:14 +01:00
Gilles Peskine	b8457fff9f	Merge pull request #9353 from eleuzi01/replace-ecp-have-secp384r1 Replace MBEDTLS_ECP_HAVE_SECP384R1 with PSA_WANT_ECC_SECP_R1_384	2024-08-12 14:37:10 +00:00
Gilles Peskine	0858fdca38	Merge pull request #9189 from misch7/fix-v3.6-issues-9186-and-9188 Fix build of v3.6 (issues #9186 and #9188)	2024-08-12 09:34:17 +00:00
Michael Schuster	bd89b791a4	Adjust spacing in tests/suites function sources Signed-off-by: Michael Schuster <michael@schuster.ms>	2024-08-09 10:29:58 +01:00
Elena Uziunaite	6b4cd48d24	Replace MBEDTLS_ECP_HAVE_SECP384R1 with PSA_WANT_ECC_SECP_R1_384 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-08-09 09:49:03 +01:00
Elena Uziunaite	8dde3b3dec	Replace MBEDTLS_PK_HAVE_ECC_KEYS with PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-08-05 15:41:58 +01:00
Elena Uziunaite	74342c7c2b	Replace MBEDTLS_SSL_HAVE_CBC with PSA_WANT_ALG_CBC_NO_PADDING Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-31 16:19:15 +01:00
Elena Uziunaite	6121a344dd	Replace MBEDTLS_SSL_HAVE_AES with PSA_WANT_KEY_TYPE_AES Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-30 18:42:19 +01:00
Elena Uziunaite	417d05f7c5	Replace MBEDTLS_ECP_HAVE_SECP256R1 with PSA_WANT_ECC_SECP_R1_256 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-29 11:31:20 +01:00
Paul Elliott	b449476595	Merge pull request #9354 from eleuzi01/replace-ecp-have-secp512r1 Replace MBEDTLS_ECP_HAVE_SECP521R1 with PSA_WANT_ECC_SECP_R1_521	2024-07-18 15:55:41 +00:00
Paul Elliott	df772da34e	Merge pull request #9358 from eleuzi01/replace-curve Replace MBEDTLS_ECP_HAVE_CURVE* with PSA_WANT counterparts	2024-07-18 13:54:26 +00:00
Gilles Peskine	9a75dddb5c	Merge pull request #9350 from eleuzi01/replace-ecp-have-secp224r1 Replace MBEDTLS_ECP_HAVE_SECP224R1 with PSA_WANT_ECC_SECP_R1_224	2024-07-17 13:48:40 +00:00
Elena Uziunaite	b8d10876d1	Replace MBEDTLS_ECP_HAVE_BP*R1 with PSA_WANT counterparts Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-16 21:48:55 +03:00
Elena Uziunaite	24e24f2b5a	Replace MBEDTLS_ECP_HAVE_SECP521R1 with PSA_WANT_ECC_SECP_R1_521 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-16 21:43:30 +03:00
Elena Uziunaite	eaa0cf0de6	Replace MBEDTLS_ECP_HAVE_SECP224R1 with PSA_WANT_ECC_SECP_R1_224 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-16 17:00:31 +03:00
Gilles Peskine	cb854d5d19	Merge pull request #9356 from eleuzi01/replace-ecp-have-secp-k1 Replace MBEDTLS_ECP_HAVE_SECP*K1 with PSA_WANT counterparts	2024-07-16 13:57:46 +00:00
Elena Uziunaite	9e85c9f0f4	Replace MBEDTLS_ECP_HAVE_SECP*K1 with PSA_WANT counterparts Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-15 12:11:55 +03:00
Elena Uziunaite	a363286c9f	Replace MBEDTLS_ECP_HAVE_SECP192R1 with PSA_WANT_ECC_SECP_R1_192 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-15 11:24:49 +03:00
Elena Uziunaite	0b5d48ebbf	Replace MBEDTLS_ECP_HAVE_CURVE* with PSA_WANT counterparts Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-11 13:20:35 +03:00
Elena Uziunaite	0916cd702f	Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-11 11:13:35 +03:00
Valerio Setti	8473390bbb	tests: fix guards in test suites to allow testing with PSASIM Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-07-02 15:45:55 +02:00
Ronald Cron	8d15e0114b	tests: ssl: Add hostname checks in session serialization tests Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-27 09:37:31 +01:00
Ronald Cron	ad0ee1a7c4	tests: ssl: Remove redundant test Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-27 09:18:04 +01:00
Ronald Cron	18b92a1aec	tests: ssl: Fix session field guards Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-27 09:07:50 +01:00
Waleed Elmelegy	4dfb0e7c90	Add ALPN checking when accepting early data Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-15 12:12:15 +00:00
Ronald Cron	6bee910dbd	Merge pull request #8858 from waleed-elmelegy-arm/add_alpn_to_session Add ALPN information in session tickets	2024-03-15 09:50:24 +00:00
BensonLiou	719c2ed9cb	Bugfix * In TLS 1.3 clients, fix an interoperability problem due to the client generating a new random after a HelloRetryRequest. Fixes #8669. Signed-off-by: BensonLiou <momo1208@gmail.com>	2024-03-14 11:47:38 +08:00
BensonLiou	3720809d19	Merge branch 'development' into random_bye_on_hrr Signed-off-by: BensonLiou <momo1208@gmail.com>	2024-03-14 11:44:21 +08:00
BensonLiou	368debd384	Merge branch 'development' of https://github.com/Mbed-TLS/mbedtls into random_bye_on_hrr	2024-03-14 11:42:25 +08:00
Waleed Elmelegy	883f77cb08	Add mbedtls_ssl_session_set_alpn() function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	2824a209bc	Add ALPN information in session tickets Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
BensonLiou	bedd2519e6	fix code style Signed-off-by: BensonLiou <momo1208@gmail.com>	2024-03-13 20:31:24 +08:00
Ronald Cron	40043d03a5	Merge pull request #8884 from ronald-cron-arm/improve-early-data-status TLS 1.3: CLI: Split early data user status and internal state	2024-03-13 11:59:49 +00:00
Dave Rodgman	60c2f47f98	Merge pull request #8888 from minosgalanakis/features/add_ssl_session_accessor_8529 [MBEDTLS_PRIVATE] Add accessor for session and ciphersuite_id	2024-03-13 10:02:15 +00:00
Ronald Cron	840de7ff2f	tls13: cli: Rename STATUS_NOT_SENT to STATUS_NOT_INDICATED Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-12 17:48:18 +01:00
Ronald Cron	3641df2980	tls13: cli: Rename STATE_SENT to STATE_IND_SENT Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-12 17:48:18 +01:00
Ronald Cron	3c5a68339b	tls13: cli: Rename STATE_NOT_SENT to STATE_NO_IND_SENT Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-12 17:48:18 +01:00
Ronald Cron	0c80dc1ed5	tls13: cli: Rename STATUS_NOT_SENT to STATUS_NO_IND_SENT Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-12 17:48:18 +01:00
Ronald Cron	05d7cfbd9c	tls13: cli: Rename STATE_UNKNOWN to STATE_IDLE Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-12 17:48:18 +01:00
Ronald Cron	d2884662c1	tls13: cli: Split early data user status and internal state Do not use the return values of mbedtls_ssl_get_early_data_status() (MBEDTLS_SSL_EARLY_DATA_STATUS_ macros) for the state of the negotiation and transfer of early data during the handshake. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-12 17:48:15 +01:00
Ronald Cron	61fd13c6a5	Merge remote-tracking branch 'mbedtls/development' into tls13-cli-max-early-data-size	2024-03-10 18:09:47 +01:00

1 2 3 4 5 ...

535 Commits