yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
21290 commits 89 branches 205 tags 114 MiB
Commit graph

7198 commits

Author SHA1 Message Date
Ronald Cron 77c691f099
Merge pull request #6194 from xkqian/tls13_add_psk_client_cases 
TLS 1.3: Add PSK client cases
 2022-09-28 17:08:06 +02:00
Xiaokang Qian a70bd9108a Fix the description of psk client cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-28 07:50:13 +00:00
Manuel Pégourié-Gonnard e3358e14b2
Merge pull request #6051 from mprse/permissions_2b_v2 
Permissions 2b: TLS 1.3 sigalg selection
 2022-09-28 09:50:04 +02:00
Manuel Pégourié-Gonnard f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 
Ad-hoc KDF for EC J-PAKE in TLS 1.2
 2022-09-28 09:47:32 +02:00
Xiaokang Qian ca343ae280 Improve message logs and test cases description in psk 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-28 02:07:54 +00:00
Xiaokang Qian 9c172042b6 Change cases description base on comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-27 11:41:50 +00:00
Xiaokang Qian e12d30d751 Move psk related cases into tls13-kex-modes.sh 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-27 11:34:14 +00:00
Andrzej Kurek 3539f2c90b Improve readability in ecjpake tests 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-26 10:56:02 -04:00
Xiaokang Qian 954d5769ef PSK: change descriptions base on comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-26 08:40:10 +00:00
Xiaokang Qian ac8195f4f7 Fix wrongly kex mode fallback issue in psk cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-26 06:31:58 +00:00
Gilles Peskine 12a1e85caa
Merge pull request #6138 from Zaya-dyno/validation_remove_change_key_agree 
Validation remove change key agree
 2022-09-23 17:04:20 +02:00
Gilles Peskine f70f4ead7f
Merge pull request #6248 from gilles-peskine-arm/all-sh-force-3.2 
Fix all.sh --force
 2022-09-23 17:04:00 +02:00
Gilles Peskine 87953f228f
Merge pull request #6091 from Zaya-dyno/validation_remove_change_pk 
Validation remove change pk
 2022-09-23 17:03:30 +02:00
Paul Elliott 2c282c9bd0
Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets 
TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.
 2022-09-23 15:48:33 +01:00
Xiaokang Qian 210727f3b1 Skip some psk cases cause wrong fallback to ephemeral 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 07:25:40 +00:00
Xiaokang Qian dea2cbe199 Fix various test issues in psk m->m cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian 658204c71e Remove negative test cases for m->O and m->G 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian 8939930b82 Rebase and fix some test failures 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian cffb18cee7 Fix various issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian 8f7d7c7aaf Address comments about description of psk cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian edc35e7ffd Refine the psk test cases for m->G 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian 2efece22a0 Refine the psk test cases for m->O 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian 3cbbbbcb08 Shorten the description in psk m->m test cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian d7dcc4274b Unified the test title of psk cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian 2aaf1c1d74 Re-work psk test cases against openssl and gnutls 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian 8e76e1de21 Add m->m cases with client be set to psk_all or all mode 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian ca48dddf62 Add m->m with client be set to ephemeral or ephemeral_all mode 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian 198cefd1fa Add force_version tls13 to the psk test cases 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian f9b694ba8f Add m->m cases with client be set to psk and psk_ephemeral mode 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian e0cc584f70 Change result strings based on actula psk test result 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian df6a3891e8 Add client psk test cases for all mode 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian a39d0d5e2b Add client test cases for ephemeral_all mode 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian 01173c21b1 Add client test cases for ephemeral mode 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian ff5705bdd7 Add client test cases for psk_ephemeral mode 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian 73894232e8 Add client test cases for psk_all mode 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:33 +00:00
Xiaokang Qian cf6442e2e4 Add client test cases for psk mode 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-09-23 01:49:30 +00:00
XiaokangQian 335cfaadf9 Finalize client side code for psk 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-09-23 01:48:26 +00:00
Gilles Peskine 07ba2be20b
Merge pull request #6304 from yuhaoth/pr/exclude-pre_shared_key-from-hrr-msg 
TLS 1.3: PSK: Exclude pre_shared_key for HRR
 2022-09-22 10:21:06 +02:00
Manuel Pégourié-Gonnard 1475ac49a4
Merge pull request #6107 from Zaya-dyno/validation_remove_change_hash 
Validation remove change hash
 2022-09-22 09:24:44 +02:00
Manuel Pégourié-Gonnard d5c82fb821
Merge pull request #6085 from Zaya-dyno/validation_remove_change_cipher 
Validation remove and change in files related to cipher in library
 2022-09-22 09:10:13 +02:00
Jerry Yu 9370612312 remove certificate setting from psk_ephemeral HRR test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-21 22:44:24 +08:00
Manuel Pégourié-Gonnard d433cd7d07
Merge pull request #6283 from mpg/driver-only-hashes-wrap-up 
Driver only hashes wrap-up
 2022-09-21 08:29:46 +02:00
Jerry Yu 2db49df44b Add psk_ephemeral HRR tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-21 11:03:28 +08:00
Dave Rodgman 36e1d9ef1d
Merge pull request #6203 from wernerlewis/ecp_group_test 
Add test for ECP group metadata
 2022-09-20 17:35:53 +01:00
Ronald Cron 50969e3af5 ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-09-20 15:57:57 +02:00
Ronald Cron 277cdcbcde ssl-opt.sh: tls13 opaque key: Enable client authentication 
Enable client authentication in TLS 1.3 opaque
key tests to use the opaque key on client side.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-09-20 14:30:13 +02:00
Ronald Cron e3196d270c ssl-opt.sh: tls13 opaque key: Do not force version on client side 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-09-20 14:30:13 +02:00
Ronald Cron 6ec2123bf3 ssl-opt.sh: Align prefix of TLS 1.3 opaque key tests 
Align prefix of TLS 1.3 opaque key tests
with the prefix of the othe TLS 1.3 tests.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-09-20 14:30:13 +02:00
Ronald Cron 067a1e735e tls13: Try reasonable sig alg for CertificateVerify signature 
Instead of fully validating beforehand
signature algorithms with regards to the
private key, do minimum validation and then
just try to compute the signature. If it
fails try another reasonable algorithm if any.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-09-20 14:30:13 +02:00
Ronald Cron 67ea2543ed tls13: server: Add sig alg checks when selecting best certificate 
When selecting the server certificate based on
the signature algorithms supported by the client,
check the signature algorithms as close as possible
to the way they are checked to compute the
signature for the server to prove it possesses
the private key associated to the certificate.

That way we minimize the odds of selecting a
certificate for which the server will not be
able to compute the signature to prove it
possesses the private key associated to the
certificate.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-09-20 14:26:32 +02:00