Merge remote-tracking branch 'origin/features/tls-defragmentation/development' into feature_merge_defragmentation_dev
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
diff --git a/ChangeLog.d/9956.txt b/ChangeLog.d/9956.txt
new file mode 100644
index 0000000..cea4af1
--- /dev/null
+++ b/ChangeLog.d/9956.txt
@@ -0,0 +1,6 @@
+Removals
+ * Following the removal of DHM module (#9972 and TF-PSA-Crypto#175) the
+ following SSL functions are removed:
+ - mbedtls_ssl_conf_dh_param_bin
+ - mbedtls_ssl_conf_dh_param_ctx
+ - mbedtls_ssl_conf_dhm_min_bitlen
diff --git a/doxygen/input/doc_encdec.h b/doxygen/input/doc_encdec.h
index cf77690..068e716 100644
--- a/doxygen/input/doc_encdec.h
+++ b/doxygen/input/doc_encdec.h
@@ -39,8 +39,6 @@
* and \c mbedtls_des3_crypt_cbc()).
* - GCM (AES-GCM and CAMELLIA-GCM) (see \c mbedtls_gcm_init())
* - Asymmetric:
- * - Diffie-Hellman-Merkle (see \c mbedtls_dhm_read_public(), \c mbedtls_dhm_make_public()
- * and \c mbedtls_dhm_calc_secret()).
* - RSA (see \c mbedtls_rsa_public() and \c mbedtls_rsa_private()).
* - Elliptic Curves over GF(p) (see \c mbedtls_ecp_point_init()).
* - Elliptic Curve Digital Signature Algorithm (ECDSA) (see \c mbedtls_ecdsa_init()).
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 4547976..681584b 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -24,10 +24,6 @@
#include "mbedtls/x509_crl.h"
#endif
-#if defined(MBEDTLS_DHM_C)
-#include "mbedtls/dhm.h"
-#endif
-
#include "mbedtls/md.h"
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED)
@@ -1562,11 +1558,6 @@
const uint16_t *MBEDTLS_PRIVATE(group_list); /*!< allowed IANA NamedGroups */
-#if defined(MBEDTLS_DHM_C)
- mbedtls_mpi MBEDTLS_PRIVATE(dhm_P); /*!< prime modulus for DHM */
- mbedtls_mpi MBEDTLS_PRIVATE(dhm_G); /*!< generator for DHM */
-#endif
-
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psk_opaque); /*!< PSA key slot holding opaque PSK. This field
@@ -1642,10 +1633,6 @@
unsigned int MBEDTLS_PRIVATE(badmac_limit); /*!< limit of records with a bad MAC */
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
- unsigned int MBEDTLS_PRIVATE(dhm_min_bitlen); /*!< min. bit length of the DHM prime */
-#endif
-
/** User data pointer or handle.
*
* The library sets this to \p 0 when creating a context and does not
@@ -3755,49 +3742,6 @@
#endif /* MBEDTLS_SSL_SRV_C */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
-/**
- * \brief Set the Diffie-Hellman public P and G values
- * from big-endian binary presentations.
- * (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]_BIN)
- *
- * \param conf SSL configuration
- * \param dhm_P Diffie-Hellman-Merkle modulus in big-endian binary form
- * \param P_len Length of DHM modulus
- * \param dhm_G Diffie-Hellman-Merkle generator in big-endian binary form
- * \param G_len Length of DHM generator
- *
- * \return 0 if successful
- */
-int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf,
- const unsigned char *dhm_P, size_t P_len,
- const unsigned char *dhm_G, size_t G_len);
-
-/**
- * \brief Set the Diffie-Hellman public P and G values,
- * read from existing context (server-side only)
- *
- * \param conf SSL configuration
- * \param dhm_ctx Diffie-Hellman-Merkle context
- *
- * \return 0 if successful
- */
-int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx);
-#endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
-/**
- * \brief Set the minimum length for Diffie-Hellman parameters.
- * (Client-side only.)
- * (Default: 1024 bits.)
- *
- * \param conf SSL configuration
- * \param bitlen Minimum bit length of the DHM prime
- */
-void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf,
- unsigned int bitlen);
-#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
-
/**
* \brief Set the allowed groups in order of preference.
*
diff --git a/library/Makefile b/library/Makefile
index b874acf..61b2623 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -139,7 +139,6 @@
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/constant_time.o \
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ctr_drbg.o \
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/des.o \
- $(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/dhm.o \
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecdh.o \
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecdsa.o \
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecjpake.o \
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 2140ac4..164a230 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -763,10 +763,6 @@
const uint16_t *sig_algs;
#endif
-#if defined(MBEDTLS_DHM_C)
- mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */
-#endif
-
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_ANY_ENABLED)
psa_key_type_t xxdh_psa_type;
size_t xxdh_psa_bits;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 7d20b3c..3572f3f 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -915,9 +915,6 @@
handshake->update_checksum = ssl_update_checksum_start;
-#if defined(MBEDTLS_DHM_C)
- mbedtls_dhm_init(&handshake->dhm_ctx);
-#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
handshake->psa_pake_ctx = psa_pake_operation_init();
handshake->psa_pake_password = MBEDTLS_SVC_KEY_ID_INIT;
@@ -2438,57 +2435,6 @@
return PSA_SUCCESS;
}
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
-int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf,
- const unsigned char *dhm_P, size_t P_len,
- const unsigned char *dhm_G, size_t G_len)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
- mbedtls_mpi_free(&conf->dhm_P);
- mbedtls_mpi_free(&conf->dhm_G);
-
- if ((ret = mbedtls_mpi_read_binary(&conf->dhm_P, dhm_P, P_len)) != 0 ||
- (ret = mbedtls_mpi_read_binary(&conf->dhm_G, dhm_G, G_len)) != 0) {
- mbedtls_mpi_free(&conf->dhm_P);
- mbedtls_mpi_free(&conf->dhm_G);
- return ret;
- }
-
- return 0;
-}
-
-int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx)
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
- mbedtls_mpi_free(&conf->dhm_P);
- mbedtls_mpi_free(&conf->dhm_G);
-
- if ((ret = mbedtls_dhm_get_value(dhm_ctx, MBEDTLS_DHM_PARAM_P,
- &conf->dhm_P)) != 0 ||
- (ret = mbedtls_dhm_get_value(dhm_ctx, MBEDTLS_DHM_PARAM_G,
- &conf->dhm_G)) != 0) {
- mbedtls_mpi_free(&conf->dhm_P);
- mbedtls_mpi_free(&conf->dhm_G);
- return ret;
- }
-
- return 0;
-}
-#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
-/*
- * Set the minimum length for Diffie-Hellman parameters
- */
-void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf,
- unsigned int bitlen)
-{
- conf->dhm_min_bitlen = bitlen;
-}
-#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
-
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
/*
@@ -4544,10 +4490,6 @@
psa_hash_abort(&handshake->fin_sha384_psa);
#endif
-#if defined(MBEDTLS_DHM_C)
- mbedtls_dhm_free(&handshake->dhm_ctx);
-#endif
-
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
psa_pake_abort(&handshake->psa_pake_ctx);
/*
@@ -5558,10 +5500,6 @@
int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf,
int endpoint, int transport, int preset)
{
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-#endif
-
#if defined(MBEDTLS_DEBUG_C) && defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if (ssl_check_no_sig_alg_duplication(ssl_preset_suiteb_sig_algs)) {
mbedtls_printf("ssl_preset_suiteb_sig_algs has duplicated entries\n");
@@ -5636,21 +5574,6 @@
memset(conf->renego_period + 2, 0xFF, 6);
#endif
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
- if (endpoint == MBEDTLS_SSL_IS_SERVER) {
- const unsigned char dhm_p[] =
- MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN;
- const unsigned char dhm_g[] =
- MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;
-
- if ((ret = mbedtls_ssl_conf_dh_param_bin(conf,
- dhm_p, sizeof(dhm_p),
- dhm_g, sizeof(dhm_g))) != 0) {
- return ret;
- }
- }
-#endif
-
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_EARLY_DATA)
@@ -5740,10 +5663,6 @@
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
conf->group_list = ssl_preset_default_groups;
-
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
- conf->dhm_min_bitlen = 1024;
-#endif
}
return 0;
@@ -5758,11 +5677,6 @@
return;
}
-#if defined(MBEDTLS_DHM_C)
- mbedtls_mpi_free(&conf->dhm_P);
- mbedtls_mpi_free(&conf->dhm_G);
-#endif
-
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) {
conf->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT;
diff --git a/programs/Makefile b/programs/Makefile
index 79bb402..9a4237c 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -41,9 +41,7 @@
hash/generic_sum \
hash/hello \
hash/md_hmac_demo \
- pkey/dh_client \
pkey/dh_genprime \
- pkey/dh_server \
pkey/ecdh_curve25519 \
pkey/ecdsa \
pkey/gen_key \
@@ -177,18 +175,10 @@
echo " CC hash/md_hmac_demo.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/md_hmac_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-pkey/dh_client$(EXEXT): pkey/dh_client.c $(DEP)
- echo " CC pkey/dh_client.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_client.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
pkey/dh_genprime$(EXEXT): pkey/dh_genprime.c $(DEP)
echo " CC pkey/dh_genprime.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_genprime.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-pkey/dh_server$(EXEXT): pkey/dh_server.c $(DEP)
- echo " CC pkey/dh_server.c"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/dh_server.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
pkey/ecdh_curve25519$(EXEXT): pkey/ecdh_curve25519.c $(DEP)
echo " CC pkey/ecdh_curve25519.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/ecdh_curve25519.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
diff --git a/programs/README.md b/programs/README.md
index 5e5f40a..2d9c187 100644
--- a/programs/README.md
+++ b/programs/README.md
@@ -41,8 +41,6 @@
### Diffie-Hellman key exchange examples
-* [`pkey/dh_client.c`](pkey/dh_client.c), [`pkey/dh_server.c`](pkey/dh_server.c): secure channel demonstrators (client, server). This pair of programs illustrates how to set up a secure channel using RSA for authentication and Diffie-Hellman to generate a shared AES session key.
-
* [`pkey/ecdh_curve25519.c`](pkey/ecdh_curve25519.c): demonstration of a elliptic curve Diffie-Hellman (ECDH) key agreement.
### Bignum (`mpi`) usage examples
diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt
index c782ad4..df63ffc 100644
--- a/programs/pkey/CMakeLists.txt
+++ b/programs/pkey/CMakeLists.txt
@@ -1,16 +1,3 @@
-set(executables_mbedtls
- dh_client
- dh_server
-)
-add_dependencies(${programs_target} ${executables_mbedtls})
-
-foreach(exe IN LISTS executables_mbedtls)
- add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- set_base_compile_options(${exe})
- target_link_libraries(${exe} ${mbedtls_target} ${CMAKE_THREAD_LIBS_INIT})
- target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include)
-endforeach()
-
set(executables_mbedcrypto
dh_genprime
ecdh_curve25519
@@ -40,6 +27,6 @@
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include)
endforeach()
-install(TARGETS ${executables_mbedtls} ${executables_mbedcrypto}
+install(TARGETS ${executables_mbedcrypto}
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
deleted file mode 100644
index a3bc49d..0000000
--- a/programs/pkey/dh_client.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * Diffie-Hellman-Merkle key exchange (client side)
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-/* md.h is included this early since MD_CAN_XXX macros are defined there. */
-#include "mbedtls/md.h"
-
-#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
- defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
- defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
- defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#define SERVER_NAME "localhost"
-#define SERVER_PORT "11999"
-
-#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
- !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
- "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
- "PSA_WANT_ALG_SHA_256 and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n");
- mbedtls_exit(0);
-}
-
-#elif defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_BLOCK_CIPHER_NO_DECRYPT defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(void)
-{
- FILE *f;
-
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- unsigned int mdlen;
- size_t n, buflen;
- mbedtls_net_context server_fd;
-
- unsigned char *p, *end;
- unsigned char buf[2048];
- unsigned char hash[MBEDTLS_MD_MAX_SIZE];
- mbedtls_mpi N, E;
- const char *pers = "dh_client";
-
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_rsa_context rsa;
- mbedtls_dhm_context dhm;
- mbedtls_aes_context aes;
-
- mbedtls_net_init(&server_fd);
- mbedtls_dhm_init(&dhm);
- mbedtls_aes_init(&aes);
- mbedtls_ctr_drbg_init(&ctr_drbg);
- mbedtls_mpi_init(&N);
- mbedtls_mpi_init(&E);
-
- /*
- * 1. Setup the RNG
- */
- mbedtls_printf("\n . Seeding the random number generator");
- fflush(stdout);
-
- mbedtls_entropy_init(&entropy);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
- goto exit;
- }
-
- /*
- * 2. Read the server's public RSA key
- */
- mbedtls_printf("\n . Reading public key from rsa_pub.txt");
- fflush(stdout);
-
- if ((f = fopen("rsa_pub.txt", "rb")) == NULL) {
- mbedtls_printf(" failed\n ! Could not open rsa_pub.txt\n" \
- " ! Please run rsa_genkey first\n\n");
- goto exit;
- }
-
- mbedtls_rsa_init(&rsa);
- if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
- (ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E) != 0)) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret);
- fclose(f);
- goto exit;
- }
- fclose(f);
-
- /*
- * 3. Initiate the connection
- */
- mbedtls_printf("\n . Connecting to tcp/%s/%s", SERVER_NAME,
- SERVER_PORT);
- fflush(stdout);
-
- if ((ret = mbedtls_net_connect(&server_fd, SERVER_NAME,
- SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 4a. First get the buffer length
- */
- mbedtls_printf("\n . Receiving the server's DH parameters");
- fflush(stdout);
-
- memset(buf, 0, sizeof(buf));
-
- if ((ret = mbedtls_net_recv(&server_fd, buf, 2)) != 2) {
- mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret);
- goto exit;
- }
-
- n = buflen = (buf[0] << 8) | buf[1];
- if (buflen < 1 || buflen > sizeof(buf)) {
- mbedtls_printf(" failed\n ! Got an invalid buffer length\n\n");
- goto exit;
- }
-
- /*
- * 4b. Get the DHM parameters: P, G and Ys = G^Xs mod P
- */
- memset(buf, 0, sizeof(buf));
-
- if ((ret = mbedtls_net_recv(&server_fd, buf, n)) != (int) n) {
- mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret);
- goto exit;
- }
-
- p = buf, end = buf + buflen;
-
- if ((ret = mbedtls_dhm_read_params(&dhm, &p, end)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret);
- goto exit;
- }
-
- n = mbedtls_dhm_get_len(&dhm);
- if (n < 64 || n > 512) {
- mbedtls_printf(" failed\n ! Invalid DHM modulus size\n\n");
- goto exit;
- }
-
- /*
- * 5. Check that the server's RSA signature matches
- * the SHA-256 hash of (P,G,Ys)
- */
- mbedtls_printf("\n . Verifying the server's RSA signature");
- fflush(stdout);
-
- p += 2;
-
- if ((n = (size_t) (end - p)) != mbedtls_rsa_get_len(&rsa)) {
- mbedtls_printf(" failed\n ! Invalid RSA signature size\n\n");
- goto exit;
- }
-
- mdlen = (unsigned int) mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256));
- if (mdlen == 0) {
- mbedtls_printf(" failed\n ! Invalid digest type\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_sha256(buf, (int) (p - 2 - buf), hash, 0)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_sha256 returned %d\n\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, MBEDTLS_MD_SHA256,
- mdlen, hash, p)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 6. Send our public value: Yc = G ^ Xc mod P
- */
- mbedtls_printf("\n . Sending own public value to server");
- fflush(stdout);
-
- n = mbedtls_dhm_get_len(&dhm);
- if ((ret = mbedtls_dhm_make_public(&dhm, (int) n, buf, n,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_net_send(&server_fd, buf, n)) != (int) n) {
- mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 7. Derive the shared secret: K = Ys ^ Xc mod P
- */
- mbedtls_printf("\n . Shared secret: ");
- fflush(stdout);
-
- if ((ret = mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &n,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret);
- goto exit;
- }
-
- for (n = 0; n < 16; n++) {
- mbedtls_printf("%02x", buf[n]);
- }
-
- /*
- * 8. Setup the AES-256 decryption key
- *
- * This is an overly simplified example; best practice is
- * to hash the shared secret with a random value to derive
- * the keying material for the encryption/decryption keys,
- * IVs and MACs.
- */
- mbedtls_printf("...\n . Receiving and decrypting the ciphertext");
- fflush(stdout);
-
- ret = mbedtls_aes_setkey_dec(&aes, buf, 256);
- if (ret != 0) {
- goto exit;
- }
-
- memset(buf, 0, sizeof(buf));
-
- if ((ret = mbedtls_net_recv(&server_fd, buf, 16)) != 16) {
- mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret);
- goto exit;
- }
-
- ret = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_DECRYPT, buf, buf);
- if (ret != 0) {
- goto exit;
- }
- buf[16] = '\0';
- mbedtls_printf("\n . Plaintext is \"%s\"\n\n", (char *) buf);
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_net_free(&server_fd);
-
- mbedtls_aes_free(&aes);
- mbedtls_rsa_free(&rsa);
- mbedtls_dhm_free(&dhm);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
- mbedtls_mpi_free(&N);
- mbedtls_mpi_free(&E);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
- MBEDTLS_NET_C && MBEDTLS_RSA_C && PSA_WANT_ALG_SHA_256 &&
- MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
deleted file mode 100644
index 26b48e3..0000000
--- a/programs/pkey/dh_server.c
+++ /dev/null
@@ -1,306 +0,0 @@
-/*
- * Diffie-Hellman-Merkle key exchange (server side)
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/platform.h"
-/* md.h is included this early since MD_CAN_XXX macros are defined there. */
-#include "mbedtls/md.h"
-
-#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
- defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
- defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
- defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/net_sockets.h"
-#include "mbedtls/aes.h"
-#include "mbedtls/dhm.h"
-#include "mbedtls/rsa.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
-
-#include <stdio.h>
-#include <string.h>
-#endif
-
-#define SERVER_PORT "11999"
-#define PLAINTEXT "==Hello there!=="
-
-#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
- !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
-int main(void)
-{
- mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
- "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
- "PSA_WANT_ALG_SHA_256 and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n");
- mbedtls_exit(0);
-}
-#else
-
-
-int main(void)
-{
- FILE *f;
-
- int ret = 1;
- int exit_code = MBEDTLS_EXIT_FAILURE;
- unsigned int mdlen;
- size_t n, buflen;
- mbedtls_net_context listen_fd, client_fd;
-
- unsigned char buf[2048];
- unsigned char hash[MBEDTLS_MD_MAX_SIZE];
- unsigned char buf2[2];
- const char *pers = "dh_server";
-
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_rsa_context rsa;
- mbedtls_dhm_context dhm;
- mbedtls_aes_context aes;
-
- mbedtls_mpi N, P, Q, D, E, dhm_P, dhm_G;
-
- mbedtls_net_init(&listen_fd);
- mbedtls_net_init(&client_fd);
- mbedtls_dhm_init(&dhm);
- mbedtls_aes_init(&aes);
- mbedtls_ctr_drbg_init(&ctr_drbg);
-
- mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
- mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&dhm_P);
- mbedtls_mpi_init(&dhm_G);
- /*
- * 1. Setup the RNG
- */
- mbedtls_printf("\n . Seeding the random number generator");
- fflush(stdout);
-
- mbedtls_entropy_init(&entropy);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen(pers))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
- goto exit;
- }
-
- /*
- * 2a. Read the server's private RSA key
- */
- mbedtls_printf("\n . Reading private key from rsa_priv.txt");
- fflush(stdout);
-
- if ((f = fopen("rsa_priv.txt", "rb")) == NULL) {
- mbedtls_printf(" failed\n ! Could not open rsa_priv.txt\n" \
- " ! Please run rsa_genkey first\n\n");
- goto exit;
- }
-
- mbedtls_rsa_init(&rsa);
-
- if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n",
- ret);
- fclose(f);
- goto exit;
- }
- fclose(f);
-
- if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n",
- ret);
- goto exit;
- }
-
- if ((ret = mbedtls_rsa_complete(&rsa)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_complete returned %d\n\n",
- ret);
- goto exit;
- }
-
- /*
- * 2b. Get the DHM modulus and generator
- */
- mbedtls_printf("\n . Reading DH parameters from dh_prime.txt");
- fflush(stdout);
-
- if ((f = fopen("dh_prime.txt", "rb")) == NULL) {
- mbedtls_printf(" failed\n ! Could not open dh_prime.txt\n" \
- " ! Please run dh_genprime first\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_mpi_read_file(&dhm_P, 16, f)) != 0 ||
- (ret = mbedtls_mpi_read_file(&dhm_G, 16, f)) != 0 ||
- (ret = mbedtls_dhm_set_group(&dhm, &dhm_P, &dhm_G) != 0)) {
- mbedtls_printf(" failed\n ! Invalid DH parameter file\n\n");
- fclose(f);
- goto exit;
- }
-
- fclose(f);
-
- /*
- * 3. Wait for a client to connect
- */
- mbedtls_printf("\n . Waiting for a remote connection");
- fflush(stdout);
-
- if ((ret = mbedtls_net_bind(&listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_net_accept(&listen_fd, &client_fd,
- NULL, 0, NULL)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 4. Setup the DH parameters (P,G,Ys)
- */
- mbedtls_printf("\n . Sending the server's DH parameters");
- fflush(stdout);
-
- memset(buf, 0, sizeof(buf));
-
- if ((ret =
- mbedtls_dhm_make_params(&dhm, (int) mbedtls_dhm_get_len(&dhm), buf, &n,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 5. Sign the parameters and send them
- */
-
- mdlen = (unsigned int) mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256));
- if (mdlen == 0) {
- mbedtls_printf(" failed\n ! Invalid digest type\n\n");
- goto exit;
- }
-
- if ((ret = mbedtls_sha256(buf, n, hash, 0)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_sha256 returned %d\n\n", ret);
- goto exit;
- }
-
- const size_t rsa_key_len = mbedtls_rsa_get_len(&rsa);
- buf[n] = (unsigned char) (rsa_key_len >> 8);
- buf[n + 1] = (unsigned char) (rsa_key_len);
-
- if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, mbedtls_ctr_drbg_random, &ctr_drbg,
- MBEDTLS_MD_SHA256, mdlen,
- hash, buf + n + 2)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret);
- goto exit;
- }
-
- buflen = n + 2 + rsa_key_len;
- buf2[0] = (unsigned char) (buflen >> 8);
- buf2[1] = (unsigned char) (buflen);
-
- if ((ret = mbedtls_net_send(&client_fd, buf2, 2)) != 2 ||
- (ret = mbedtls_net_send(&client_fd, buf, buflen)) != (int) buflen) {
- mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 6. Get the client's public value: Yc = G ^ Xc mod P
- */
- mbedtls_printf("\n . Receiving the client's public value");
- fflush(stdout);
-
- memset(buf, 0, sizeof(buf));
-
- n = mbedtls_dhm_get_len(&dhm);
- if ((ret = mbedtls_net_recv(&client_fd, buf, n)) != (int) n) {
- mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret);
- goto exit;
- }
-
- if ((ret = mbedtls_dhm_read_public(&dhm, buf, n)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret);
- goto exit;
- }
-
- /*
- * 7. Derive the shared secret: K = Ys ^ Xc mod P
- */
- mbedtls_printf("\n . Shared secret: ");
- fflush(stdout);
-
- if ((ret = mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &n,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret);
- goto exit;
- }
-
- for (n = 0; n < 16; n++) {
- mbedtls_printf("%02x", buf[n]);
- }
-
- /*
- * 8. Setup the AES-256 encryption key
- *
- * This is an overly simplified example; best practice is
- * to hash the shared secret with a random value to derive
- * the keying material for the encryption/decryption keys
- * and MACs.
- */
- mbedtls_printf("...\n . Encrypting and sending the ciphertext");
- fflush(stdout);
-
- ret = mbedtls_aes_setkey_enc(&aes, buf, 256);
- if (ret != 0) {
- goto exit;
- }
- memcpy(buf, PLAINTEXT, 16);
- ret = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_ENCRYPT, buf, buf);
- if (ret != 0) {
- goto exit;
- }
-
- if ((ret = mbedtls_net_send(&client_fd, buf, 16)) != 16) {
- mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret);
- goto exit;
- }
-
- mbedtls_printf("\n\n");
-
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
-exit:
-
- mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
- mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&dhm_P);
- mbedtls_mpi_free(&dhm_G);
-
- mbedtls_net_free(&client_fd);
- mbedtls_net_free(&listen_fd);
-
- mbedtls_aes_free(&aes);
- mbedtls_rsa_free(&rsa);
- mbedtls_dhm_free(&dhm);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
-
- mbedtls_exit(exit_code);
-}
-#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C &&
- MBEDTLS_NET_C && MBEDTLS_RSA_C && PSA_WANT_ALG_SHA_256 &&
- MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index f009a31..6742925 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -71,7 +71,6 @@
#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE
#define DFL_TRUNC_HMAC -1
#define DFL_RECSPLIT -1
-#define DFL_DHMLEN -1
#define DFL_RECONNECT 0
#define DFL_RECO_SERVER_NAME NULL
#define DFL_RECO_DELAY 0
@@ -234,13 +233,6 @@
#define USAGE_MAX_FRAG_LEN ""
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_DHM_C)
-#define USAGE_DHMLEN \
- " dhmlen=%%d default: (library default: 1024 bits)\n"
-#else
-#define USAGE_DHMLEN
-#endif
-
#if defined(MBEDTLS_SSL_ALPN)
#define USAGE_ALPN \
" alpn=%%s default: \"\" (disabled)\n" \
@@ -433,7 +425,6 @@
USAGE_GROUPS \
USAGE_SIG_ALGS \
USAGE_EARLY_DATA \
- USAGE_DHMLEN \
USAGE_KEY_OPAQUE_ALGS \
"\n"
@@ -508,7 +499,6 @@
unsigned char mfl_code; /* code for maximum fragment length */
int trunc_hmac; /* negotiate truncated hmac or not */
int recsplit; /* enable record splitting? */
- int dhmlen; /* minimum DHM params len in bits */
int reconnect; /* attempt to resume session */
const char *reco_server_name; /* hostname of the server (re-connect) */
int reco_delay; /* delay in seconds before resuming session */
@@ -956,7 +946,6 @@
opt.mfl_code = DFL_MFL_CODE;
opt.trunc_hmac = DFL_TRUNC_HMAC;
opt.recsplit = DFL_RECSPLIT;
- opt.dhmlen = DFL_DHMLEN;
opt.reconnect = DFL_RECONNECT;
opt.reco_server_name = DFL_RECO_SERVER_NAME;
opt.reco_delay = DFL_RECO_DELAY;
@@ -1388,11 +1377,6 @@
if (opt.recsplit < 0 || opt.recsplit > 1) {
goto usage;
}
- } else if (strcmp(p, "dhmlen") == 0) {
- opt.dhmlen = atoi(q);
- if (opt.dhmlen < 0) {
- goto usage;
- }
} else if (strcmp(p, "query_config") == 0) {
opt.query_config_mode = 1;
query_config_ret = query_config(q);
@@ -1898,12 +1882,6 @@
}
#endif
-#if defined(MBEDTLS_DHM_C)
- if (opt.dhmlen != DFL_DHMLEN) {
- mbedtls_ssl_conf_dhm_min_bitlen(&conf, opt.dhmlen);
- }
-#endif
-
#if defined(MBEDTLS_SSL_ALPN)
if (opt.alpn_string != NULL) {
if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) {
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index d9e5701..dc7ca8f 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -58,7 +58,6 @@
#endif
#include "mbedtls/pk.h"
-#include "mbedtls/dhm.h"
/* Size of memory to be allocated for the heap, when using the library's memory
* management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
@@ -127,7 +126,6 @@
#define DFL_EARLY_DATA -1
#define DFL_MAX_EARLY_DATA_SIZE ((uint32_t) -1)
#define DFL_SIG_ALGS NULL
-#define DFL_DHM_FILE NULL
#define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM
#define DFL_COOKIES 1
#define DFL_ANTI_REPLAY -1
@@ -192,9 +190,7 @@
" note: if neither crt_file/key_file nor crt_file2/key_file2 are used,\n" \
" preloaded certificate(s) and key(s) are used if available\n" \
" key_pwd2=%%s Password for key specified by key_file2 argument\n" \
- " default: none\n" \
- " dhm_file=%%s File containing Diffie-Hellman parameters\n" \
- " default: preloaded parameters\n"
+ " default: none\n"
#else
#define USAGE_IO \
"\n" \
@@ -675,7 +671,6 @@
const char *groups; /* list of supported groups */
const char *sig_algs; /* supported TLS 1.3 signature algorithms */
const char *alpn_string; /* ALPN supported protocols */
- const char *dhm_file; /* the file with the DH parameters */
int extended_ms; /* allow negotiation of extended MS? */
int etm; /* allow negotiation of encrypt-then-MAC? */
int transport; /* TLS or DTLS? */
@@ -1590,9 +1585,6 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
ssl_async_key_context_t ssl_async_keys;
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
- mbedtls_dhm_context dhm;
-#endif
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_context cache;
#endif
@@ -1681,9 +1673,6 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
memset(&ssl_async_keys, 0, sizeof(ssl_async_keys));
#endif
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
- mbedtls_dhm_init(&dhm);
-#endif
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_init(&cache);
#endif
@@ -1793,7 +1782,6 @@
opt.max_early_data_size = DFL_MAX_EARLY_DATA_SIZE;
#endif
opt.sig_algs = DFL_SIG_ALGS;
- opt.dhm_file = DFL_DHM_FILE;
opt.transport = DFL_TRANSPORT;
opt.cookies = DFL_COOKIES;
opt.anti_replay = DFL_ANTI_REPLAY;
@@ -1943,8 +1931,6 @@
opt.key_file2 = q;
} else if (strcmp(p, "key_pwd2") == 0) {
opt.key_pwd2 = q;
- } else if (strcmp(p, "dhm_file") == 0) {
- opt.dhm_file = q;
}
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
else if (strcmp(p, "async_operations") == 0) {
@@ -2787,21 +2773,6 @@
key_cert_init2 ? mbedtls_pk_get_name(&pkey2) : "none");
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
- if (opt.dhm_file != NULL) {
- mbedtls_printf(" . Loading DHM parameters...");
- fflush(stdout);
-
- if ((ret = mbedtls_dhm_parse_dhmfile(&dhm, opt.dhm_file)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n",
- (unsigned int) -ret);
- goto exit;
- }
-
- mbedtls_printf(" ok\n");
- }
-#endif
-
#if defined(SNI_OPTION)
if (opt.sni != NULL) {
mbedtls_printf(" . Setting up SNI information...");
@@ -3269,22 +3240,6 @@
}
#endif
-#if defined(MBEDTLS_DHM_C)
- /*
- * Use different group than default DHM group
- */
-#if defined(MBEDTLS_FS_IO)
- if (opt.dhm_file != NULL) {
- ret = mbedtls_ssl_conf_dh_param_ctx(&conf, &dhm);
- }
-#endif
- if (ret != 0) {
- mbedtls_printf(" failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n",
- (unsigned int) -ret);
- goto exit;
- }
-#endif
-
if (opt.min_version != DFL_MIN_VERSION) {
mbedtls_ssl_conf_min_tls_version(&conf, opt.min_version);
}
@@ -4284,10 +4239,6 @@
#endif
#endif
-#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
- mbedtls_dhm_free(&dhm);
-#endif
-
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
for (i = 0; (size_t) i < ssl_async_keys.slots_used; i++) {
if (ssl_async_keys.slots[i].pk_owned) {
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index e72386f..41252b6 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -10,7 +10,6 @@
#include "mbedtls/entropy.h"
#include "mbedtls/hmac_drbg.h"
#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/dhm.h"
#include "mbedtls/gcm.h"
#include "mbedtls/ccm.h"
#include "mbedtls/cmac.h"
@@ -350,9 +349,6 @@
#if defined(MBEDTLS_ECJPAKE_C)
{ "ecjpake", mbedtls_ecjpake_self_test },
#endif
-#if defined(MBEDTLS_DHM_C)
- { "dhm", mbedtls_dhm_self_test },
-#endif
#if defined(MBEDTLS_ENTROPY_C)
{ "entropy", mbedtls_entropy_self_test_wrapper },
#endif
diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt
index b60aba0..9be9674 100644
--- a/scripts/data_files/query_config.fmt
+++ b/scripts/data_files/query_config.fmt
@@ -34,7 +34,6 @@
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/debug.h"
#include "mbedtls/des.h"
-#include "mbedtls/dhm.h"
#include "mbedtls/ecdh.h"
#include "mbedtls/ecdsa.h"
#include "mbedtls/ecjpake.h"
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index c051842..aae1fc8 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -40,7 +40,7 @@
ENTROPY ERROR GCM HKDF HMAC_DRBG LMS MD5
NET OID PBKDF2 PLATFORM POLY1305 RIPEMD160
SHA1 SHA256 SHA512 SHA3 THREADING );
-my @high_level_modules = qw( CIPHER DHM ECP MD
+my @high_level_modules = qw( CIPHER ECP MD
PEM PK PKCS12 PKCS5
RSA SSL X509 PKCS7 );
diff --git a/tests/include/test/certs.h b/tests/include/test/certs.h
index db69536..31f4477 100644
--- a/tests/include/test/certs.h
+++ b/tests/include/test/certs.h
@@ -1,7 +1,7 @@
/**
* \file certs.h
*
- * \brief Sample certificates and DHM parameters for testing
+ * \brief Sample certificates for testing
*/
/*
* Copyright The Mbed TLS Contributors
diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h
index e5b8d74..ef4927f 100644
--- a/tests/include/test/ssl_helpers.h
+++ b/tests/include/test/ssl_helpers.h
@@ -70,6 +70,13 @@
defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
#endif
+
+#if defined(PSA_WANT_ALG_GCM) || \
+ defined(PSA_WANT_ALG_CCM) || \
+ defined(PSA_WANT_ALG_CHACHA20_POLY1305)
+#define MBEDTLS_TEST_HAS_AEAD_ALG
+#endif
+
enum {
#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \
tls13_label_ ## name,
diff --git a/tests/psa-client-server/psasim/src/psa_functions_codes.h b/tests/psa-client-server/psasim/src/psa_functions_codes.h
index 4be53c5..74746b6 100644
--- a/tests/psa-client-server/psasim/src/psa_functions_codes.h
+++ b/tests/psa-client-server/psasim/src/psa_functions_codes.h
@@ -26,6 +26,7 @@
PSA_AEAD_VERIFY,
PSA_ASYMMETRIC_DECRYPT,
PSA_ASYMMETRIC_ENCRYPT,
+ PSA_CAN_DO_HASH,
PSA_CIPHER_ABORT,
PSA_CIPHER_DECRYPT,
PSA_CIPHER_DECRYPT_SETUP,
@@ -39,6 +40,10 @@
PSA_DESTROY_KEY,
PSA_EXPORT_KEY,
PSA_EXPORT_PUBLIC_KEY,
+ PSA_EXPORT_PUBLIC_KEY_IOP_ABORT,
+ PSA_EXPORT_PUBLIC_KEY_IOP_COMPLETE,
+ PSA_EXPORT_PUBLIC_KEY_IOP_GET_NUM_OPS,
+ PSA_EXPORT_PUBLIC_KEY_IOP_SETUP,
PSA_GENERATE_KEY,
PSA_GENERATE_KEY_CUSTOM,
PSA_GENERATE_KEY_IOP_ABORT,
diff --git a/tests/psa-client-server/psasim/src/psa_sim_crypto_client.c b/tests/psa-client-server/psasim/src/psa_sim_crypto_client.c
index f6efd62..635a705 100644
--- a/tests/psa-client-server/psasim/src/psa_sim_crypto_client.c
+++ b/tests/psa-client-server/psasim/src/psa_sim_crypto_client.c
@@ -1544,6 +1544,68 @@
}
+int psa_can_do_hash(
+ psa_algorithm_t hash_alg
+ )
+{
+ uint8_t *ser_params = NULL;
+ uint8_t *ser_result = NULL;
+ size_t result_length;
+ int value = 0;
+
+ size_t needed =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_algorithm_t_needs(hash_alg);
+
+ ser_params = malloc(needed);
+ if (ser_params == NULL) {
+ goto fail;
+ }
+
+ uint8_t *pos = ser_params;
+ size_t remaining = needed;
+ int ok;
+ ok = psasim_serialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_psa_algorithm_t(
+ &pos, &remaining,
+ hash_alg);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psa_crypto_call(PSA_CAN_DO_HASH,
+ ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
+ if (!ok) {
+ printf("PSA_CAN_DO_HASH server call failed\n");
+ goto fail;
+ }
+
+ uint8_t *rpos = ser_result;
+ size_t rremain = result_length;
+
+ ok = psasim_deserialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_int(
+ &rpos, &rremain,
+ &value);
+ if (!ok) {
+ goto fail;
+ }
+
+fail:
+ free(ser_params);
+ free(ser_result);
+
+ return value;
+}
+
+
psa_status_t psa_cipher_abort(
psa_cipher_operation_t *operation
)
@@ -2725,6 +2787,324 @@
}
+psa_status_t psa_export_public_key_iop_abort(
+ psa_export_public_key_iop_t *operation
+ )
+{
+ uint8_t *ser_params = NULL;
+ uint8_t *ser_result = NULL;
+ size_t result_length;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ size_t needed =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_export_public_key_iop_t_needs(*operation);
+
+ ser_params = malloc(needed);
+ if (ser_params == NULL) {
+ status = PSA_ERROR_INSUFFICIENT_MEMORY;
+ goto fail;
+ }
+
+ uint8_t *pos = ser_params;
+ size_t remaining = needed;
+ int ok;
+ ok = psasim_serialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ *operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psa_crypto_call(PSA_EXPORT_PUBLIC_KEY_IOP_ABORT,
+ ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
+ if (!ok) {
+ printf("PSA_EXPORT_PUBLIC_KEY_IOP_ABORT server call failed\n");
+ goto fail;
+ }
+
+ uint8_t *rpos = ser_result;
+ size_t rremain = result_length;
+
+ ok = psasim_deserialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_status_t(
+ &rpos, &rremain,
+ &status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+fail:
+ free(ser_params);
+ free(ser_result);
+
+ return status;
+}
+
+
+psa_status_t psa_export_public_key_iop_complete(
+ psa_export_public_key_iop_t *operation,
+ uint8_t *data, size_t data_size,
+ size_t *data_length
+ )
+{
+ uint8_t *ser_params = NULL;
+ uint8_t *ser_result = NULL;
+ size_t result_length;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ size_t needed =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_export_public_key_iop_t_needs(*operation) +
+ psasim_serialise_buffer_needs(data, data_size) +
+ psasim_serialise_size_t_needs(*data_length);
+
+ ser_params = malloc(needed);
+ if (ser_params == NULL) {
+ status = PSA_ERROR_INSUFFICIENT_MEMORY;
+ goto fail;
+ }
+
+ uint8_t *pos = ser_params;
+ size_t remaining = needed;
+ int ok;
+ ok = psasim_serialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ *operation);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_buffer(
+ &pos, &remaining,
+ data, data_size);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_size_t(
+ &pos, &remaining,
+ *data_length);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psa_crypto_call(PSA_EXPORT_PUBLIC_KEY_IOP_COMPLETE,
+ ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
+ if (!ok) {
+ printf("PSA_EXPORT_PUBLIC_KEY_IOP_COMPLETE server call failed\n");
+ goto fail;
+ }
+
+ uint8_t *rpos = ser_result;
+ size_t rremain = result_length;
+
+ ok = psasim_deserialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_status_t(
+ &rpos, &rremain,
+ &status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_return_buffer(
+ &rpos, &rremain,
+ data, data_size);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_size_t(
+ &rpos, &rremain,
+ data_length);
+ if (!ok) {
+ goto fail;
+ }
+
+fail:
+ free(ser_params);
+ free(ser_result);
+
+ return status;
+}
+
+
+uint32_t psa_export_public_key_iop_get_num_ops(
+ psa_export_public_key_iop_t *operation
+ )
+{
+ uint8_t *ser_params = NULL;
+ uint8_t *ser_result = NULL;
+ size_t result_length;
+ uint32_t value = 0;
+
+ size_t needed =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_export_public_key_iop_t_needs(*operation);
+
+ ser_params = malloc(needed);
+ if (ser_params == NULL) {
+ value = 0;
+ goto fail;
+ }
+
+ uint8_t *pos = ser_params;
+ size_t remaining = needed;
+ int ok;
+ ok = psasim_serialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ *operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psa_crypto_call(PSA_EXPORT_PUBLIC_KEY_IOP_GET_NUM_OPS,
+ ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
+ if (!ok) {
+ printf("PSA_EXPORT_PUBLIC_KEY_IOP_GET_NUM_OPS server call failed\n");
+ goto fail;
+ }
+
+ uint8_t *rpos = ser_result;
+ size_t rremain = result_length;
+
+ ok = psasim_deserialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_uint32_t(
+ &rpos, &rremain,
+ &value);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+fail:
+ free(ser_params);
+ free(ser_result);
+
+ return value;
+}
+
+
+psa_status_t psa_export_public_key_iop_setup(
+ psa_export_public_key_iop_t *operation,
+ mbedtls_svc_key_id_t key
+ )
+{
+ uint8_t *ser_params = NULL;
+ uint8_t *ser_result = NULL;
+ size_t result_length;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ size_t needed =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_export_public_key_iop_t_needs(*operation) +
+ psasim_serialise_mbedtls_svc_key_id_t_needs(key);
+
+ ser_params = malloc(needed);
+ if (ser_params == NULL) {
+ status = PSA_ERROR_INSUFFICIENT_MEMORY;
+ goto fail;
+ }
+
+ uint8_t *pos = ser_params;
+ size_t remaining = needed;
+ int ok;
+ ok = psasim_serialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ *operation);
+ if (!ok) {
+ goto fail;
+ }
+ ok = psasim_serialise_mbedtls_svc_key_id_t(
+ &pos, &remaining,
+ key);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psa_crypto_call(PSA_EXPORT_PUBLIC_KEY_IOP_SETUP,
+ ser_params, (size_t) (pos - ser_params), &ser_result, &result_length);
+ if (!ok) {
+ printf("PSA_EXPORT_PUBLIC_KEY_IOP_SETUP server call failed\n");
+ goto fail;
+ }
+
+ uint8_t *rpos = ser_result;
+ size_t rremain = result_length;
+
+ ok = psasim_deserialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_status_t(
+ &rpos, &rremain,
+ &status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+fail:
+ free(ser_params);
+ free(ser_result);
+
+ return status;
+}
+
+
psa_status_t psa_generate_key(
const psa_key_attributes_t *attributes,
mbedtls_svc_key_id_t *key
diff --git a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c
index 599e55f..bd121c5 100644
--- a/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c
+++ b/tests/psa-client-server/psasim/src/psa_sim_crypto_server.c
@@ -1706,6 +1706,73 @@
}
// Returns 1 for success, 0 for failure
+int psa_can_do_hash_wrapper(
+ uint8_t *in_params, size_t in_params_len,
+ uint8_t **out_params, size_t *out_params_len)
+{
+ int value = 0;
+ psa_algorithm_t hash_alg;
+
+ uint8_t *pos = in_params;
+ size_t remaining = in_params_len;
+ uint8_t *result = NULL;
+ int ok;
+
+ ok = psasim_deserialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_algorithm_t(
+ &pos, &remaining,
+ &hash_alg);
+ if (!ok) {
+ goto fail;
+ }
+
+ // Now we call the actual target function
+
+ value = psa_can_do_hash(
+ hash_alg
+ );
+
+ // NOTE: Should really check there is no overflow as we go along.
+ size_t result_size =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_int_needs(value);
+
+ result = malloc(result_size);
+ if (result == NULL) {
+ goto fail;
+ }
+
+ uint8_t *rpos = result;
+ size_t rremain = result_size;
+
+ ok = psasim_serialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_int(
+ &rpos, &rremain,
+ value);
+ if (!ok) {
+ goto fail;
+ }
+
+ *out_params = result;
+ *out_params_len = result_size;
+
+ return 1; // success
+
+fail:
+ free(result);
+
+ return 0; // This shouldn't happen!
+}
+
+// Returns 1 for success, 0 for failure
int psa_cipher_abort_wrapper(
uint8_t *in_params, size_t in_params_len,
uint8_t **out_params, size_t *out_params_len)
@@ -3036,6 +3103,354 @@
}
// Returns 1 for success, 0 for failure
+int psa_export_public_key_iop_abort_wrapper(
+ uint8_t *in_params, size_t in_params_len,
+ uint8_t **out_params, size_t *out_params_len)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_export_public_key_iop_t operation;
+
+ uint8_t *pos = in_params;
+ size_t remaining = in_params_len;
+ uint8_t *result = NULL;
+ int ok;
+
+ ok = psasim_deserialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ &operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ // Now we call the actual target function
+
+ status = psa_export_public_key_iop_abort(
+ &operation
+ );
+
+ // NOTE: Should really check there is no overflow as we go along.
+ size_t result_size =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_status_t_needs(status) +
+ psasim_serialise_psa_export_public_key_iop_t_needs(operation);
+
+ result = malloc(result_size);
+ if (result == NULL) {
+ goto fail;
+ }
+
+ uint8_t *rpos = result;
+ size_t rremain = result_size;
+
+ ok = psasim_serialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_status_t(
+ &rpos, &rremain,
+ status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ *out_params = result;
+ *out_params_len = result_size;
+
+ return 1; // success
+
+fail:
+ free(result);
+
+ return 0; // This shouldn't happen!
+}
+
+// Returns 1 for success, 0 for failure
+int psa_export_public_key_iop_complete_wrapper(
+ uint8_t *in_params, size_t in_params_len,
+ uint8_t **out_params, size_t *out_params_len)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_export_public_key_iop_t operation;
+ uint8_t *data = NULL;
+ size_t data_size;
+ size_t data_length;
+
+ uint8_t *pos = in_params;
+ size_t remaining = in_params_len;
+ uint8_t *result = NULL;
+ int ok;
+
+ ok = psasim_deserialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ &operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_buffer(
+ &pos, &remaining,
+ &data, &data_size);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_size_t(
+ &pos, &remaining,
+ &data_length);
+ if (!ok) {
+ goto fail;
+ }
+
+ // Now we call the actual target function
+
+ status = psa_export_public_key_iop_complete(
+ &operation,
+ data, data_size,
+ &data_length
+ );
+
+ // NOTE: Should really check there is no overflow as we go along.
+ size_t result_size =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_status_t_needs(status) +
+ psasim_serialise_psa_export_public_key_iop_t_needs(operation) +
+ psasim_serialise_buffer_needs(data, data_size) +
+ psasim_serialise_size_t_needs(data_length);
+
+ result = malloc(result_size);
+ if (result == NULL) {
+ goto fail;
+ }
+
+ uint8_t *rpos = result;
+ size_t rremain = result_size;
+
+ ok = psasim_serialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_status_t(
+ &rpos, &rremain,
+ status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_buffer(
+ &rpos, &rremain,
+ data, data_size);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_size_t(
+ &rpos, &rremain,
+ data_length);
+ if (!ok) {
+ goto fail;
+ }
+
+ *out_params = result;
+ *out_params_len = result_size;
+
+ free(data);
+
+ return 1; // success
+
+fail:
+ free(result);
+
+ free(data);
+
+ return 0; // This shouldn't happen!
+}
+
+// Returns 1 for success, 0 for failure
+int psa_export_public_key_iop_get_num_ops_wrapper(
+ uint8_t *in_params, size_t in_params_len,
+ uint8_t **out_params, size_t *out_params_len)
+{
+ uint32_t value = 0;
+ psa_export_public_key_iop_t operation;
+
+ uint8_t *pos = in_params;
+ size_t remaining = in_params_len;
+ uint8_t *result = NULL;
+ int ok;
+
+ ok = psasim_deserialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ &operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ // Now we call the actual target function
+
+ value = psa_export_public_key_iop_get_num_ops(
+ &operation
+ );
+
+ // NOTE: Should really check there is no overflow as we go along.
+ size_t result_size =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_uint32_t_needs(value) +
+ psasim_serialise_psa_export_public_key_iop_t_needs(operation);
+
+ result = malloc(result_size);
+ if (result == NULL) {
+ goto fail;
+ }
+
+ uint8_t *rpos = result;
+ size_t rremain = result_size;
+
+ ok = psasim_serialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_uint32_t(
+ &rpos, &rremain,
+ value);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ *out_params = result;
+ *out_params_len = result_size;
+
+ return 1; // success
+
+fail:
+ free(result);
+
+ return 0; // This shouldn't happen!
+}
+
+// Returns 1 for success, 0 for failure
+int psa_export_public_key_iop_setup_wrapper(
+ uint8_t *in_params, size_t in_params_len,
+ uint8_t **out_params, size_t *out_params_len)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_export_public_key_iop_t operation;
+ mbedtls_svc_key_id_t key;
+
+ uint8_t *pos = in_params;
+ size_t remaining = in_params_len;
+ uint8_t *result = NULL;
+ int ok;
+
+ ok = psasim_deserialise_begin(&pos, &remaining);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_psa_export_public_key_iop_t(
+ &pos, &remaining,
+ &operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_deserialise_mbedtls_svc_key_id_t(
+ &pos, &remaining,
+ &key);
+ if (!ok) {
+ goto fail;
+ }
+
+ // Now we call the actual target function
+
+ status = psa_export_public_key_iop_setup(
+ &operation,
+ key
+ );
+
+ // NOTE: Should really check there is no overflow as we go along.
+ size_t result_size =
+ psasim_serialise_begin_needs() +
+ psasim_serialise_psa_status_t_needs(status) +
+ psasim_serialise_psa_export_public_key_iop_t_needs(operation);
+
+ result = malloc(result_size);
+ if (result == NULL) {
+ goto fail;
+ }
+
+ uint8_t *rpos = result;
+ size_t rremain = result_size;
+
+ ok = psasim_serialise_begin(&rpos, &rremain);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_status_t(
+ &rpos, &rremain,
+ status);
+ if (!ok) {
+ goto fail;
+ }
+
+ ok = psasim_serialise_psa_export_public_key_iop_t(
+ &rpos, &rremain,
+ operation);
+ if (!ok) {
+ goto fail;
+ }
+
+ *out_params = result;
+ *out_params_len = result_size;
+
+ return 1; // success
+
+fail:
+ free(result);
+
+ return 0; // This shouldn't happen!
+}
+
+// Returns 1 for success, 0 for failure
int psa_generate_key_wrapper(
uint8_t *in_params, size_t in_params_len,
uint8_t **out_params, size_t *out_params_len)
@@ -8478,6 +8893,10 @@
ok = psa_asymmetric_encrypt_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
break;
+ case PSA_CAN_DO_HASH:
+ ok = psa_can_do_hash_wrapper(in_params, in_params_len,
+ &out_params, &out_params_len);
+ break;
case PSA_CIPHER_ABORT:
ok = psa_cipher_abort_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
@@ -8530,6 +8949,22 @@
ok = psa_export_public_key_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
break;
+ case PSA_EXPORT_PUBLIC_KEY_IOP_ABORT:
+ ok = psa_export_public_key_iop_abort_wrapper(in_params, in_params_len,
+ &out_params, &out_params_len);
+ break;
+ case PSA_EXPORT_PUBLIC_KEY_IOP_COMPLETE:
+ ok = psa_export_public_key_iop_complete_wrapper(in_params, in_params_len,
+ &out_params, &out_params_len);
+ break;
+ case PSA_EXPORT_PUBLIC_KEY_IOP_GET_NUM_OPS:
+ ok = psa_export_public_key_iop_get_num_ops_wrapper(in_params, in_params_len,
+ &out_params, &out_params_len);
+ break;
+ case PSA_EXPORT_PUBLIC_KEY_IOP_SETUP:
+ ok = psa_export_public_key_iop_setup_wrapper(in_params, in_params_len,
+ &out_params, &out_params_len);
+ break;
case PSA_GENERATE_KEY:
ok = psa_generate_key_wrapper(in_params, in_params_len,
&out_params, &out_params_len);
diff --git a/tests/psa-client-server/psasim/src/psa_sim_generate.pl b/tests/psa-client-server/psasim/src/psa_sim_generate.pl
index fbceddf..5490337 100755
--- a/tests/psa-client-server/psasim/src/psa_sim_generate.pl
+++ b/tests/psa-client-server/psasim/src/psa_sim_generate.pl
@@ -1107,11 +1107,13 @@
my $ret_name = "";
$ret_name = "status" if $ret_type eq "psa_status_t";
$ret_name = "value" if $ret_type eq "uint32_t";
+ $ret_name = "value" if $ret_type eq "int";
$ret_name = "(void)" if $ret_type eq "void";
die("ret_name for $ret_type?") unless length($ret_name);
my $ret_default = "";
$ret_default = "PSA_ERROR_CORRUPTION_DETECTED" if $ret_type eq "psa_status_t";
$ret_default = "0" if $ret_type eq "uint32_t";
+ $ret_default = "0" if $ret_type eq "int";
$ret_default = "(void)" if $ret_type eq "void";
die("ret_default for $ret_type?") unless length($ret_default);
diff --git a/tests/psa-client-server/psasim/src/psa_sim_serialise.c b/tests/psa-client-server/psasim/src/psa_sim_serialise.c
index cd081e4..0dde934 100644
--- a/tests/psa-client-server/psasim/src/psa_sim_serialise.c
+++ b/tests/psa-client-server/psasim/src/psa_sim_serialise.c
@@ -1696,6 +1696,42 @@
return 1;
}
+size_t psasim_serialise_psa_export_public_key_iop_t_needs(
+ psa_export_public_key_iop_t value)
+{
+ return sizeof(value);
+}
+
+int psasim_serialise_psa_export_public_key_iop_t(uint8_t **pos,
+ size_t *remaining,
+ psa_export_public_key_iop_t value)
+{
+ if (*remaining < sizeof(value)) {
+ return 0;
+ }
+
+ memcpy(*pos, &value, sizeof(value));
+ *pos += sizeof(value);
+
+ return 1;
+}
+
+int psasim_deserialise_psa_export_public_key_iop_t(uint8_t **pos,
+ size_t *remaining,
+ psa_export_public_key_iop_t *value)
+{
+ if (*remaining < sizeof(*value)) {
+ return 0;
+ }
+
+ memcpy(value, *pos, sizeof(*value));
+
+ *pos += sizeof(*value);
+ *remaining -= sizeof(*value);
+
+ return 1;
+}
+
void psa_sim_serialize_reset(void)
{
memset(hash_operation_handles, 0,
diff --git a/tests/psa-client-server/psasim/src/psa_sim_serialise.h b/tests/psa-client-server/psasim/src/psa_sim_serialise.h
index a224d82..3b6f08e 100644
--- a/tests/psa-client-server/psasim/src/psa_sim_serialise.h
+++ b/tests/psa-client-server/psasim/src/psa_sim_serialise.h
@@ -1387,3 +1387,46 @@
int psasim_deserialise_psa_generate_key_iop_t(uint8_t **pos,
size_t *remaining,
psa_generate_key_iop_t *value);
+
+/** Return how much buffer space is needed by \c psasim_serialise_psa_export_public_key_iop_t()
+ * to serialise a `psa_export_public_key_iop_t`.
+ *
+ * \param value The value that will be serialised into the buffer
+ * (needed in case some serialisations are value-
+ * dependent).
+ *
+ * \return The number of bytes needed in the buffer by
+ * \c psasim_serialise_psa_export_public_key_iop_t() to serialise
+ * the given value.
+ */
+size_t psasim_serialise_psa_export_public_key_iop_t_needs(
+ psa_export_public_key_iop_t value);
+
+/** Serialise a `psa_export_public_key_iop_t` into a buffer.
+ *
+ * \param pos[in,out] Pointer to a `uint8_t *` holding current position
+ * in the buffer.
+ * \param remaining[in,out] Pointer to a `size_t` holding number of bytes
+ * remaining in the buffer.
+ * \param value The value to serialise into the buffer.
+ *
+ * \return \c 1 on success ("okay"), \c 0 on error.
+ */
+int psasim_serialise_psa_export_public_key_iop_t(uint8_t **pos,
+ size_t *remaining,
+ psa_export_public_key_iop_t value);
+
+/** Deserialise a `psa_export_public_key_iop_t` from a buffer.
+ *
+ * \param pos[in,out] Pointer to a `uint8_t *` holding current position
+ * in the buffer.
+ * \param remaining[in,out] Pointer to a `size_t` holding number of bytes
+ * remaining in the buffer.
+ * \param value Pointer to a `psa_export_public_key_iop_t` to receive the value
+ * deserialised from the buffer.
+ *
+ * \return \c 1 on success ("okay"), \c 0 on error.
+ */
+int psasim_deserialise_psa_export_public_key_iop_t(uint8_t **pos,
+ size_t *remaining,
+ psa_export_public_key_iop_t *value);
diff --git a/tests/psa-client-server/psasim/src/psa_sim_serialise.pl b/tests/psa-client-server/psasim/src/psa_sim_serialise.pl
index 0dba81e..0c9faf4 100755
--- a/tests/psa-client-server/psasim/src/psa_sim_serialise.pl
+++ b/tests/psa-client-server/psasim/src/psa_sim_serialise.pl
@@ -50,7 +50,8 @@
psa_verify_hash_interruptible_operation_t
mbedtls_svc_key_id_t
psa_key_agreement_iop_t
- sa_generate_key_iop_t);
+ psa_generate_key_iop_t
+ psa_export_public_key_iop_t);
grep(s/-/ /g, @types);
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index e68c2cb..5f8f910 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -474,7 +474,7 @@
DRIVER = 'test_psa_crypto_config_accel_ecc_ffdh_no_bignum'
IGNORED_SUITES = [
# Modules replaced by drivers
- 'ecp', 'ecdsa', 'ecdh', 'ecjpake', 'dhm',
+ 'ecp', 'ecdsa', 'ecdh', 'ecjpake',
'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw',
'bignum.generated', 'bignum.misc',
# Unit tests for the built-in implementation
@@ -483,7 +483,6 @@
IGNORED_TESTS = {
'test_suite_config': [
re.compile(r'.*\bMBEDTLS_BIGNUM_C\b.*'),
- re.compile(r'.*\bMBEDTLS_DHM_C\b.*'),
re.compile(r'.*\bMBEDTLS_(ECDH|ECDSA|ECJPAKE|ECP)_.*'),
re.compile(r'.*\bMBEDTLS_PK_PARSE_EC_COMPRESSED\b.*'),
],
@@ -516,11 +515,7 @@
class DriverVSReference_ffdh_alg(outcome_analysis.DriverVSReference):
REFERENCE = 'test_psa_crypto_config_reference_ffdh'
DRIVER = 'test_psa_crypto_config_accel_ffdh'
- IGNORED_SUITES = ['dhm']
IGNORED_TESTS = {
- 'test_suite_config': [
- re.compile(r'.*\bMBEDTLS_DHM_C\b.*'),
- ],
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
diff --git a/tests/scripts/components-build-system.sh b/tests/scripts/components-build-system.sh
index 91a999e..3108aa7 100644
--- a/tests/scripts/components-build-system.sh
+++ b/tests/scripts/components-build-system.sh
@@ -123,27 +123,6 @@
fi
}
-component_test_tf_psa_crypto_cmake_as_package () {
- # Remove existing generated files so that we use the ones CMake
- # generates
- make neat
-
- msg "build: cmake 'as-package' build"
- root_dir="$(pwd)"
- cd tf-psa-crypto/programs/test/cmake_package
- build_variant_dir="$(pwd)"
- cmake .
- make
- ./cmake_package
- if [[ "$OSTYPE" == linux* ]]; then
- PKG_CONFIG_PATH="${build_variant_dir}/tf-psa-crypto/pkgconfig" \
- ${root_dir}/framework/scripts/pkgconfig.sh \
- tfpsacrypto
- # This is the EXPECTED package name. Renaming it could break consumers
- # of pkg-config, consider carefully.
- fi
-}
-
support_test_cmake_as_package () {
support_test_cmake_out_of_source
}
diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index 34b3107..8ba4161 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@@ -668,9 +668,6 @@
# start with full (USE_PSA and TLS 1.3)
helper_libtestdriver1_adjust_config "full"
- # Disable the module that's accelerated
- scripts/config.py unset MBEDTLS_DHM_C
-
# Build
# -----
@@ -679,7 +676,7 @@
helper_libtestdriver1_make_main "$loc_accel_list"
# Make sure this was not re-enabled by accident (additive config)
- not grep mbedtls_dhm_ ${BUILTIN_SRC_PATH}/dhm.o
+ not grep mbedtls_psa_ffdh_key_agreement ${BUILTIN_SRC_PATH}/psa_crypto_ffdh.o
# Run the tests
# -------------
@@ -1178,12 +1175,6 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_FFDH
scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*"
scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_DH_RFC7919_[0-9]*"
- scripts/config.py unset MBEDTLS_DHM_C
- else
- # When testing ECC and DH instead, we disable DHM.
- if [ "$driver_only" -eq 1 ]; then
- scripts/config.py unset MBEDTLS_DHM_C
- fi
fi
# Restartable feature is not yet supported by PSA. Once it will in
@@ -1255,16 +1246,15 @@
not grep mbedtls_ecdsa_ ${BUILTIN_SRC_PATH}/ecdsa.o
not grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
not grep mbedtls_ecjpake_ ${BUILTIN_SRC_PATH}/ecjpake.o
- # Also ensure that ECP, RSA, [DHM] or BIGNUM modules were not re-enabled
+ # Also ensure that ECP, RSA or BIGNUM modules were not re-enabled
not grep mbedtls_ecp_ ${BUILTIN_SRC_PATH}/ecp.o
not grep mbedtls_rsa_ ${BUILTIN_SRC_PATH}/rsa.o
not grep mbedtls_mpi_ ${BUILTIN_SRC_PATH}/bignum.o
- not grep mbedtls_dhm_ ${BUILTIN_SRC_PATH}/dhm.o
# Run the tests
# -------------
- msg "test suites: full + accelerated $accel_text algs + USE_PSA - $removed_text - DHM - BIGNUM"
+ msg "test suites: full + accelerated $accel_text algs + USE_PSA - $removed_text - BIGNUM"
make test
@@ -1362,10 +1352,9 @@
not grep mbedtls_ecdsa_ ${BUILTIN_SRC_PATH}/ecdsa.o
not grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
not grep mbedtls_ecjpake_ ${BUILTIN_SRC_PATH}/ecjpake.o
- # Also ensure that ECP, RSA, DHM or BIGNUM modules were not re-enabled
+ # Also ensure that ECP, RSA or BIGNUM modules were not re-enabled
not grep mbedtls_ecp_ ${BUILTIN_SRC_PATH}/ecp.o
not grep mbedtls_rsa_ ${BUILTIN_SRC_PATH}/rsa.o
- not grep mbedtls_dhm_ ${BUILTIN_SRC_PATH}/dhm.o
not grep mbedtls_mpi_ ${BUILTIN_SRC_PATH}/bignum.o
# Check that p256m was built
grep -q p256_ecdsa_ library/libmbedcrypto.a
diff --git a/tests/scripts/components-configuration-tls.sh b/tests/scripts/components-configuration-tls.sh
index 8379501..6b3f9c2 100644
--- a/tests/scripts/components-configuration-tls.sh
+++ b/tests/scripts/components-configuration-tls.sh
@@ -242,8 +242,8 @@
tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket"
}
-# Common helper for component_full_without_ecdhe_ecdsa() and
-# component_full_without_ecdhe_ecdsa_and_tls13() which:
+# Common helper for component_full_without_ecdhe_ecdsa(),
+# component_full_without_ecdhe_ecdsa_and_tls13() and component_full_without_tls13 which:
# - starts from the "full" configuration minus the list of symbols passed in
# as 1st parameter
# - build
@@ -277,6 +277,10 @@
MBEDTLS_SSL_PROTO_TLS1_3"
}
+component_full_without_tls13 () {
+ build_full_minus_something_and_test_tls "MBEDTLS_SSL_PROTO_TLS1_3"
+}
+
component_build_no_ssl_srv () {
msg "build: full config except SSL server, make, gcc" # ~ 30s
scripts/config.py full
@@ -469,7 +473,6 @@
scripts/config.py unset MBEDTLS_ECDH_C
scripts/config.py unset MBEDTLS_ECDSA_C
scripts/config.py unset MBEDTLS_PKCS1_V21
- scripts/config.py unset MBEDTLS_DHM_C
make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py
index f68dfcb..2267311 100755
--- a/tests/scripts/set_psa_test_dependencies.py
+++ b/tests/scripts/set_psa_test_dependencies.py
@@ -58,7 +58,6 @@
'MBEDTLS_CMAC_C',
'MBEDTLS_CTR_DRBG_C',
'MBEDTLS_DES_C',
- 'MBEDTLS_DHM_C',
'MBEDTLS_ECDH_C',
'MBEDTLS_ECDSA_C',
'MBEDTLS_ECJPAKE_C',
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 40d1515..0736d0e 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2505,20 +2505,6 @@
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
-run_test "Opaque key for server authentication: RSA-" \
- "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \
- "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \
- 0 \
- -c "Verifying peer X.509 certificate... ok" \
- -c "Ciphersuite is TLS-RSA-" \
- -s "key types: Opaque, Opaque" \
- -s "Ciphersuite is TLS-RSA-" \
- -S "error" \
- -C "error"
-
-requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
-requires_config_enabled MBEDTLS_RSA_C
-requires_hash_alg SHA_256
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
run_test "Opaque key for server authentication: ECDHE-RSA, PSS instead of PKCS1" \
"$P_SRV auth_mode=required key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \
@@ -3618,7 +3604,7 @@
run_test "Encrypt then MAC: default" \
"$P_SRV debug_level=3 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
"$P_CLI debug_level=3" \
0 \
-c "client hello, adding encrypt_then_mac extension" \
@@ -3630,7 +3616,7 @@
run_test "Encrypt then MAC: client enabled, server disabled" \
"$P_SRV debug_level=3 etm=0 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
"$P_CLI debug_level=3 etm=1" \
0 \
-c "client hello, adding encrypt_then_mac extension" \
@@ -3642,7 +3628,7 @@
run_test "Encrypt then MAC: client enabled, aead cipher" \
"$P_SRV debug_level=3 etm=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256" \
"$P_CLI debug_level=3 etm=1" \
0 \
-c "client hello, adding encrypt_then_mac extension" \
@@ -3654,7 +3640,7 @@
run_test "Encrypt then MAC: client disabled, server enabled" \
"$P_SRV debug_level=3 etm=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
"$P_CLI debug_level=3 etm=0" \
0 \
-C "client hello, adding encrypt_then_mac extension" \
@@ -3740,7 +3726,7 @@
run_test "CBC Record splitting: TLS 1.2, no splitting" \
"$P_SRV force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
request_size=123" \
0 \
-s "Read from client: 123 bytes read" \
@@ -7776,20 +7762,6 @@
# Tests for keyUsage in leaf certificates, part 2:
# client-side checking of server cert
-#
-# TLS 1.3 uses only signature, but for 1.2 it depends on the key exchange.
-# In 4.0 this will probably change as all TLS 1.2 key exchanges will use
-# signatures too, following the removal of RSA #8170 and static ECDH #9201.
-
-run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, RSA: OK" \
- "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
- -cert $DATA_FILES_PATH/server2.ku-ds_ke.crt" \
- "$P_CLI debug_level=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -C "bad certificate (usage extensions)" \
- -C "Processing of the Certificate handshake message failed" \
- -c "Ciphersuite is TLS-"
run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, ECDHE-RSA: OK" \
"$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
@@ -7801,16 +7773,6 @@
-C "Processing of the Certificate handshake message failed" \
-c "Ciphersuite is TLS-"
-run_test "keyUsage cli 1.2: KeyEncipherment, RSA: OK" \
- "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
- -cert $DATA_FILES_PATH/server2.ku-ke.crt" \
- "$P_CLI debug_level=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -C "bad certificate (usage extensions)" \
- -C "Processing of the Certificate handshake message failed" \
- -c "Ciphersuite is TLS-"
-
run_test "keyUsage cli 1.2: KeyEncipherment, ECDHE-RSA: fail (hard)" \
"$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
-cert $DATA_FILES_PATH/server2.ku-ke.crt" \
@@ -7846,31 +7808,6 @@
-C "Processing of the Certificate handshake message failed" \
-c "Ciphersuite is TLS-"
-run_test "keyUsage cli 1.2: DigitalSignature, RSA: fail (hard)" \
- "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
- -cert $DATA_FILES_PATH/server2.ku-ds.crt" \
- "$P_CLI debug_level=3 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 1 \
- -c "bad certificate (usage extensions)" \
- -c "Processing of the Certificate handshake message failed" \
- -C "Ciphersuite is TLS-" \
- -c "send alert level=2 message=43" \
- -c "! Usage does not match the keyUsage extension"
- # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
-
-run_test "keyUsage cli 1.2: DigitalSignature, RSA: fail (soft)" \
- "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
- -cert $DATA_FILES_PATH/server2.ku-ds.crt" \
- "$P_CLI debug_level=3 auth_mode=optional \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -c "bad certificate (usage extensions)" \
- -C "Processing of the Certificate handshake message failed" \
- -c "Ciphersuite is TLS-" \
- -C "send alert level=2 message=43" \
- -c "! Usage does not match the keyUsage extension"
-
requires_openssl_tls1_3_with_compatible_ephemeral
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
run_test "keyUsage cli 1.3: DigitalSignature, RSA: OK" \
@@ -8981,14 +8918,14 @@
run_test "Small client packet TLS 1.2 BlockCipher" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA etm=0" \
0 \
-s "Read from client: 1 bytes read"
@@ -9002,14 +8939,14 @@
run_test "Small client packet TLS 1.2 AEAD" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
0 \
-s "Read from client: 1 bytes read"
run_test "Small client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \
0 \
-s "Read from client: 1 bytes read"
@@ -9035,7 +8972,7 @@
run_test "Small client packet DTLS 1.2" \
"$P_SRV dtls=1 force_version=dtls12" \
"$P_CLI dtls=1 request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
@@ -9043,7 +8980,7 @@
run_test "Small client packet DTLS 1.2, without EtM" \
"$P_SRV dtls=1 force_version=dtls12 etm=0" \
"$P_CLI dtls=1 request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
@@ -9051,13 +8988,13 @@
run_test "Small server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=1 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 1 bytes read"
run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV response_size=1 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA etm=0" \
0 \
-c "Read from server: 1 bytes read"
@@ -9069,13 +9006,13 @@
run_test "Small server packet TLS 1.2 AEAD" \
"$P_SRV response_size=1 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
0 \
-c "Read from server: 1 bytes read"
run_test "Small server packet TLS 1.2 AEAD shorter tag" \
"$P_SRV response_size=1 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \
0 \
-c "Read from server: 1 bytes read"
@@ -9099,7 +9036,7 @@
run_test "Small server packet DTLS 1.2" \
"$P_SRV dtls=1 response_size=1 force_version=dtls12" \
"$P_CLI dtls=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 1 bytes read"
@@ -9107,7 +9044,7 @@
run_test "Small server packet DTLS 1.2, without EtM" \
"$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \
"$P_CLI dtls=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 1 bytes read"
@@ -9121,7 +9058,7 @@
run_test "Large client packet TLS 1.2 BlockCipher" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9129,7 +9066,7 @@
run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 etm=0 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9144,7 +9081,7 @@
run_test "Large client packet TLS 1.2 AEAD" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
0 \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9152,7 +9089,7 @@
run_test "Large client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \
0 \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9178,13 +9115,13 @@
# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
run_test "Large server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=16384 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 16384 bytes read"
run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV response_size=16384 force_version=tls12" \
- "$P_CLI etm=0 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ "$P_CLI etm=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "16384 bytes written in 1 fragments" \
-c "Read from server: 16384 bytes read"
@@ -9197,20 +9134,20 @@
run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV response_size=16384 trunc_hmac=1 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
-s "16384 bytes written in 1 fragments" \
-c "Read from server: 16384 bytes read"
run_test "Large server packet TLS 1.2 AEAD" \
"$P_SRV response_size=16384 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
0 \
-c "Read from server: 16384 bytes read"
run_test "Large server packet TLS 1.2 AEAD shorter tag" \
"$P_SRV response_size=16384 force_version=tls12" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8" \
0 \
-c "Read from server: 16384 bytes read"
@@ -9538,51 +9475,6 @@
-c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
-c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt, delay=0" \
- "$P_SRV \
- async_operations=d async_private_delay1=0 async_private_delay2=0" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume (slot [0-9]): decrypt done, status=0"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt, delay=1" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume (slot [0-9]): call 0 more times." \
- -s "Async resume (slot [0-9]): decrypt done, status=0"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: sign callback not present" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1" \
- "$P_CLI force_version=tls12; [ \$? -eq 1 ] &&
- $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -S "Async sign callback" \
- -s "! mbedtls_ssl_handshake returned" \
- -s "The own private key or pre-shared key is not set, but needed" \
- -s "Async resume (slot [0-9]): decrypt done, status=0" \
- -s "Successful connection"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt callback not present" \
- "$P_SRV debug_level=1 \
- async_operations=s async_private_delay1=1 async_private_delay2=1" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA;
- [ \$? -eq 1 ] && $P_CLI force_version=tls12" \
- 0 \
- -S "Async decrypt callback" \
- -s "! mbedtls_ssl_handshake returned" \
- -s "got no RSA private key" \
- -s "Async resume (slot [0-9]): sign done, status=0" \
- -s "Successful connection"
-
# key1: ECDSA, key2: RSA; use key1 from slot 0
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
run_test "SSL async private: slot 0 used with key1" \
@@ -9669,41 +9561,6 @@
-s "! mbedtls_ssl_handshake returned"
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt, error in start" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1 \
- async_private_error=1" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 1 \
- -s "Async decrypt callback: injected error" \
- -S "Async resume" \
- -S "Async cancel" \
- -s "! mbedtls_ssl_handshake returned"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt, cancel after start" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1 \
- async_private_error=2" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 1 \
- -s "Async decrypt callback: using key slot " \
- -S "Async resume" \
- -s "Async cancel"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt, error in resume" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1 \
- async_private_error=3" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 1 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume callback: decrypt done but injected error" \
- -S "Async cancel" \
- -s "! mbedtls_ssl_handshake returned"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
run_test "SSL async private: cancel after start then operate correctly" \
"$P_SRV force_version=tls12 \
async_operations=s async_private_delay1=1 async_private_delay2=1 \
@@ -9790,37 +9647,13 @@
-s "Async sign callback: using key slot " \
-s "Async resume (slot [0-9]): sign done, status=0"
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-run_test "SSL async private: renegotiation: client-initiated, decrypt" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1 \
- exchanges=2 renegotiation=1" \
- "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume (slot [0-9]): decrypt done, status=0"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
-run_test "SSL async private: renegotiation: server-initiated, decrypt" \
- "$P_SRV \
- async_operations=d async_private_delay1=1 async_private_delay2=1 \
- exchanges=2 renegotiation=1 renegotiate=1" \
- "$P_CLI exchanges=2 renegotiation=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume (slot [0-9]): decrypt done, status=0"
-
# Tests for ECC extensions (rfc 4492)
requires_hash_alg SHA_256
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
run_test "Force a non ECC ciphersuite in the client side" \
- "$P_SRV debug_level=3" \
- "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
+ "$P_SRV debug_level=3 psk=73776f726466697368" \
+ "$P_CLI debug_level=3 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA256" \
0 \
-C "client hello, adding supported_groups extension" \
-C "client hello, adding supported_point_formats extension" \
@@ -9828,10 +9661,10 @@
-S "found supported point formats extension"
requires_hash_alg SHA_256
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
run_test "Force a non ECC ciphersuite in the server side" \
- "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
- "$P_CLI debug_level=3" \
+ "$P_SRV debug_level=3 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA256" \
+ "$P_CLI debug_level=3 psk=73776f726466697368" \
0 \
-C "found supported_point_formats extension" \
-S "server hello, supported_point_formats extension"
@@ -11792,11 +11625,11 @@
-c "HTTP/1.0 200 OK"
client_needs_more_time 2
-run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
+run_test "DTLS proxy: 3d, \"short\" ECDHE-RSA handshake" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
"$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
- force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
0 \
-s "Extra-header:" \
-c "HTTP/1.0 200 OK"
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index cd0c303..565588b 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -368,9 +368,9 @@
depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0
-Handshake, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0
+Handshake, ECDHE-RSA-WITH-AES-128-CBC-SHA256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256":MBEDTLS_PK_RSA:0
Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384
depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
@@ -396,9 +396,9 @@
depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1
-DTLS Handshake, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1
+DTLS Handshake, ECDHE-RSA-WITH-AES-128-CBC-SHA256
+depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_256:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256":MBEDTLS_PK_RSA:1
DTLS Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384
depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
@@ -435,22 +435,6 @@
depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT
handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_3
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
-
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
-
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
-
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
-
Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque
depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
@@ -629,39 +613,51 @@
resize_buffers_serialize_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096
DTLS no legacy renegotiation with MFL=512
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:""
DTLS no legacy renegotiation with MFL=1024
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:""
DTLS no legacy renegotiation with MFL=2048
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:""
DTLS no legacy renegotiation with MFL=4096
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:""
DTLS legacy allow renegotiation with MFL=512
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:""
DTLS legacy allow renegotiation with MFL=1024
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:""
DTLS legacy allow renegotiation with MFL=2048
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:""
DTLS legacy allow renegotiation with MFL=4096
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:""
DTLS legacy break handshake renegotiation with MFL=512
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:""
DTLS legacy break handshake renegotiation with MFL=1024
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:""
DTLS legacy break handshake renegotiation with MFL=2048
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:""
DTLS legacy break handshake renegotiation with MFL=4096
+depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:""
DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384
@@ -712,53 +708,53 @@
depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384"
-DTLS no legacy renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS no legacy renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS no legacy renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS no legacy renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy allow renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy allow renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy allow renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy allow renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy break handshake renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy break handshake renegotiation with MFL=512, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy break handshake renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy break handshake renegotiation with MFL=1024, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy break handshake renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy break handshake renegotiation with MFL=2048, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
-DTLS legacy break handshake renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM"
DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-CBC-SHA384
depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 2b50f0e..e9584dc 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -2825,7 +2825,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */
void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation,
int serialize, int dtls, char *cipher)
{
@@ -2843,6 +2843,12 @@
}
options.resize_buffers = 1;
+ const mbedtls_ssl_ciphersuite_t *ciphersuite =
+ mbedtls_ssl_ciphersuite_from_string(cipher);
+ if (ciphersuite != NULL) {
+ options.pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite);
+ }
+
mbedtls_test_ssl_perform_handshake(&options);
/* The goto below is used to avoid an "unused label" warning.*/
@@ -2852,17 +2858,39 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:PSA_WANT_ALG_SHA_256:MBEDTLS_TEST_HAS_AEAD_ALG:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
void resize_buffers_serialize_mfl(int mfl)
{
+ /* Choose an AEAD ciphersuite */
+ const int *ciphersuites = mbedtls_ssl_list_ciphersuites();
+ const mbedtls_ssl_ciphersuite_t *ciphersuite = NULL;
+ int i = 0;
+ while (ciphersuites[i] != 0) {
+ ciphersuite = mbedtls_ssl_ciphersuite_from_id(ciphersuites[i]);
+
+ if (ciphersuite->min_tls_version == MBEDTLS_SSL_VERSION_TLS1_2) {
+ const mbedtls_ssl_mode_t mode =
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM)
+ mbedtls_ssl_get_mode_from_ciphersuite(0, ciphersuite);
+#else
+ mbedtls_ssl_get_mode_from_ciphersuite(ciphersuite);
+#endif
+ if (mode == MBEDTLS_SSL_MODE_AEAD) {
+ break;
+ }
+ }
+
+ i++;
+ }
+
+ TEST_ASSERT(ciphersuite != NULL);
+
test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1,
- (char *) "");
- /* The goto below is used to avoid an "unused label" warning.*/
- goto exit;
+ (char *) ciphersuite->name);
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_ALG_SHA_256 */
void resize_buffers_renegotiate_mfl(int mfl, int legacy_renegotiation,
char *cipher)
{
diff --git a/tf-psa-crypto b/tf-psa-crypto
index 2cfed8e..7d941e8 160000
--- a/tf-psa-crypto
+++ b/tf-psa-crypto
@@ -1 +1 @@
-Subproject commit 2cfed8e711554ffc9432209caa62244938a7da7b
+Subproject commit 7d941e84a5b5c77f642186075ef45b3cc3214d57