e739892cf8
ssl-opt.sh: Rework m->m resumption tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-15 10:21:35 +01:00
3cf41457ee
ssl-opt.sh: Move m->m resumption tests
...
Move m->m resumption tests just
before resumption and early data tests
against GnuTLS and OpenSSL.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-15 09:41:03 +01:00
820199a2ef
ssl-opt.sh: Rework O->m placeholder test
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:04:07 +01:00
1ccd7a72c8
ssp-opt.sh: Expand G->m resumption and early data tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:04:07 +01:00
854df135ab
ssl-opt.sh: Group TLS 1.3 resumption and early data G->m tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:04:07 +01:00
00fa13bf78
ssl-opt.sh: Rework m->O resumption and early data tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:04:07 +01:00
47d4a52483
ssl-opt.sh: Remove m->O early data test based on external PSK
...
Eventually we do not support early data with
external PSK thus no point to do a positive
test on that basis.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:04:07 +01:00
05210086c0
ssl-opt.sh: Expand m->G resumption and early data tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:04:07 +01:00
c893779bb5
ssl-opt.sh: Remove redundant early data test
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:04:07 +01:00
c8d604d0a1
ssl-opt.sh: Group TLS 1.3 resumption and early data m->G tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:04:07 +01:00
f1ad73f6ca
ssl-opt.sh: Group TLS 1.3 resumption and early data compat tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:04:05 +01:00
74191a56e8
ssl_server2: Split early data enablement from max_early_data_size setting
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-14 20:00:42 +01:00
e1b50f38e4
Document unsupported concurrency scenario in psa_exercise_key
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-14 17:51:09 +00:00
6de38ac91c
Add missing PSA_ASSERT in mbedtls_test_psa_raw_key_agreement_with_self
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-14 17:50:39 +00:00
3de040f62d
Use TEST_FAIL in threaded tests
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-14 17:50:06 +00:00
6c488709d6
Fix typo in thread_import_key
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-14 17:49:44 +00:00
7b333f1e88
Merge pull request #8913 from ronald-cron-arm/tls13-ticket-lifetime
...
TLS 1.3: Enforce ticket maximum lifetime and discard tickets with 0 lifetime
2024-03-14 15:59:25 +00:00
1c5ebf4352
Merge pull request #8697 from BensonLiou/random_bye_on_hrr
...
Do not generate new random number while receiving HRR
2024-03-14 15:59:21 +00:00
e7c08af465
Merge pull request #8575 from lpy4105/issue/wrong-suite-name-in-check_test_cases_py
...
Fix wrong suite name in check_test_cases.py
2024-03-14 15:31:27 +00:00
0a8abdea8b
Update wrapper generation script and regenerate
...
Update the guards generated by the wrapper generation script to use
!MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS and regenerate the PSA test
wrappers.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-14 14:47:48 +00:00
4a48becdba
Invert and rename config option
...
Replace MBEDTLS_PSA_COPY_CALLER_BUFFERS with inverse:
!MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS. This ensures that buffer
protection is enabled by default without any change to the Mbed TLS
config file.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-14 14:47:48 +00:00
93071cfeec
Merge pull request #8920 from valeriosetti/issue8919
...
Generalize some PK functions from MBEDTLS_PSA_CRYPTO_C to MBEDTLS_PSA_CRYPTO_CLIENT
2024-03-14 11:32:23 +00:00
719c2ed9cb
Bugfix
...
* In TLS 1.3 clients, fix an interoperability problem due to the client
generating a new random after a HelloRetryRequest. Fixes #8669 .
Signed-off-by: BensonLiou <momo1208@gmail.com >
2024-03-14 11:47:38 +08:00
3720809d19
Merge branch 'development' into random_bye_on_hrr
...
Signed-off-by: BensonLiou <momo1208@gmail.com >
2024-03-14 11:44:21 +08:00
368debd384
Merge branch 'development' of https://github.com/Mbed-TLS/mbedtls into random_bye_on_hrr
2024-03-14 11:42:25 +08:00
5bc5263b2c
Add code improvments and refactoring in dealing with ALPN
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2024-03-13 16:50:01 +00:00
883f77cb08
Add mbedtls_ssl_session_set_alpn() function
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2024-03-13 16:50:01 +00:00
2824a209bc
Add ALPN information in session tickets
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2024-03-13 16:50:01 +00:00
f111f35478
Add test cases for concurrently_use_same_persistent_key
...
There is a 1-1 correlation between these test cases and the test cases for import_and_exercise_key.
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-13 14:31:11 +00:00
50619991c8
Add test function for concurrently using the same persistent key
...
The thread functions can also be used in future tests for other key types
and other test scenarios
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-13 14:31:11 +00:00
fbf815d9cb
Add key_destroyable parameter to key export smoke tests
...
These are only called from mbedtls_test_psa_exercise_key
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-13 14:31:11 +00:00
73e4ea37f4
Add key_destroyable parameter to non-raw key agreement smoke tests
...
All current usages have this parameter set to 0 (this means the tests are unchanged).
Remove the GENERIC_ERROR return behaviour, in favour of returning the actual status.
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-13 14:31:11 +00:00
775c7768ee
Merge pull request #8877 from gilles-peskine-arm/split-minimal-3.6
...
Create a minimal framework submodule
2024-03-13 14:30:09 +00:00
0493ab56a4
Add PSA threaded init tests
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2024-03-13 12:39:02 +00:00
bedd2519e6
fix code style
...
Signed-off-by: BensonLiou <momo1208@gmail.com >
2024-03-13 20:31:24 +08:00
40043d03a5
Merge pull request #8884 from ronald-cron-arm/improve-early-data-status
...
TLS 1.3: CLI: Split early data user status and internal state
2024-03-13 11:59:49 +00:00
fac1122b85
Rename solution files to referece VS2017
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com >
2024-03-13 11:23:16 +01:00
60c2f47f98
Merge pull request #8888 from minosgalanakis/features/add_ssl_session_accessor_8529
...
[MBEDTLS_PRIVATE] Add accessor for session and ciphersuite_id
2024-03-13 10:02:15 +00:00
4de4cc4a29
Merge pull request #8891 from Ryan-Everett-arm/document-SE_C-not-threadsafe
...
Officially document non thread-safety of MBEDTLS_PSA_CRYPTO_SE_C
2024-03-13 09:42:49 +00:00
13beaa2e60
psa_crypto_stubs: extend stub functions for the CRYPTO_CLIENT tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-03-13 09:52:36 +01:00
63097759f8
all.sh: modify/add test components for CRYPTO_CLIENT
...
The already existing component_test_psa_crypto_client() is renamed
as component_test_default_psa_crypto_client_without_crypto_provider()
while component_build_full_psa_crypto_client_without_crypto_provider()
was added.
- Both of them check that the missing symbols at link time (if any)
belong to the psa_xxx() family.
- The former builds with default config + CRYPTO_CLIENT - CRYPTO_C and
then runs test suites.
- The latter only perform the builds using the full config and then
it checks that PK-PSA bridge functions are present.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-03-13 09:52:36 +01:00
3b20bda352
Merge pull request #8899 from gilles-peskine-arm/pk_copy_public_from_psa
...
New function mbedtls_pk_copy_public_from_psa
2024-03-13 06:56:17 +00:00
68f46414cb
Merge pull request #8894 from daverodgman/quietbuild2
...
Follow-up non-verbose logs
2024-03-13 00:50:42 +00:00
80a5dbd1cd
Regenerate PSA wrappers for new PSA functions
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-12 17:02:48 +00:00
8163028fbd
Add key_destroyable parameter to raw key agreement smoke tests
...
All current usages have this parameter set to 0 (meaning the behaviour
of these tests hasn't changed). We also now return the actual error code, not GENERIC_ERROR
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-12 17:01:09 +00:00
c1cc6686f0
Add key_destroyable parameter to key derivation smoke tests
...
All current usages have this parameter set to 0 (in this case the behaviour of
the test is unchanged)
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-12 17:01:09 +00:00
d48fc102d3
Add key_destroyable parameter to exercise_asymmetric_encryption_key
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-12 17:01:09 +00:00
6edd40819e
Add key_destroyable parameter to exercise_signature_key
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-12 17:01:09 +00:00
fbe703de2a
Add key_destroyable parameter to exercise_aead_key
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-12 17:01:09 +00:00
70691f3082
Add key_destroyable parameter to psa_exercise_cipher_key
...
If the key has been destroyed (and the new parameter is 1), we test that
psa_cipher_abort succeeds in this scenario.
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-12 17:01:09 +00:00
