HKDF-Expand can produce at most 255 * hash_size bytes of key material,
so this limit applies to the TLS 1.3 key material exporter.
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
This is more flexible: the test data gets to decide whether we want to
assert the presence of a pattern or not.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This should avoid running into a bug with printf format specifiers one
windows.
It's also a logical move for actual tests: I used the highest debug
level for discovery, but we don't need that all the time.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Declare the same dependencies as for the previous TLS 1.3 tests, except
for part that varies with the cipher suite (ie AES-GCM).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
We're not sending a signature_algorithm extension, which means SHA-1.
Caught by depends.py hashes
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
In addition to secp256r1 for the handshake, we need secp384r1 as it's
used by the CA certificate.
Caught by depends.py curves
Also, for the "unknown ciphersuite" 1.2 test, use the same key type and
all the same dependencies as of the "good" test above, to avoid having
to determine a second set of correct dependencies just for this one.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This guards the definition of mbedtls_test_ssl_endpoint which we rely
on, so the function won't compile without it.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Two of these tests reveal bugs in the code, so they're commented out for
now.
For the other tests, the high-level behaviour is OK (break the
handshake) but the details of why are IMO not good: they should be
rejected because interleaving non-HS record between HS fragments is not
valid according to the spec.
To be fixed in future commits.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The Windows CRT treats any invalid format specifiers passed to the CRT
as fatal assertion failures. Disable thie behaviour temporarily while
testing if the format specifiers we use are supported.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Move the suite's global dependency on MBEDTLS_SSL_TLS_C to the
individual test cases.
Add an preprocesor guard around string_debug to prevent warning about unused
functions.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Pre-existing but not having TLS 1.3 in the build does not seem to be
necessary actually. These test functions set the dtls flag when
calling `test_resize_buffers` and then `test_resize_buffers` sets the
`options.dtls` flag which eventually forces the TLS 1.2 version of the
protocol (in `mbedtls_test_ssl_endpoint_init()` call of
`mbedtls_ssl_config_defaults()` with `MBEDTLS_SSL_TRANSPORT_DATAGRAM`
as the transport).
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
