mirror of
https://github.com/ARMmbed/mbedtls.git
synced 2025-06-26 23:14:07 +08:00
Add supported_curves/groups extension
This allows us to use a ciphersuite that will still be supported in 4.0. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
parent
6637ef798f
commit
e916652390
@ -3330,7 +3330,7 @@ tls13_srv_max_early_data_size:TEST_EARLY_DATA_HRR:3:3
|
|||||||
TLS 1.3 srv, max early data size, HRR, 98, wsz=49
|
TLS 1.3 srv, max early data size, HRR, 98, wsz=49
|
||||||
tls13_srv_max_early_data_size:TEST_EARLY_DATA_HRR:97:0
|
tls13_srv_max_early_data_size:TEST_EARLY_DATA_HRR:97:0
|
||||||
|
|
||||||
# 1.2 minimal ClientHello breakdown:
|
# (Minimal) ClientHello breakdown:
|
||||||
# 160303rlrl - record header, 2-byte record contents len
|
# 160303rlrl - record header, 2-byte record contents len
|
||||||
# 01hlhlhl - handshake header, 3-byte handshake message len
|
# 01hlhlhl - handshake header, 3-byte handshake message len
|
||||||
# 0303 - protocol version: 1.2
|
# 0303 - protocol version: 1.2
|
||||||
@ -3338,23 +3338,37 @@ tls13_srv_max_early_data_size:TEST_EARLY_DATA_HRR:97:0
|
|||||||
# 00 - session ID (empty)
|
# 00 - session ID (empty)
|
||||||
# 0002cvcv - ciphersuite list: 2-byte len + list of 2-byte values (see below)
|
# 0002cvcv - ciphersuite list: 2-byte len + list of 2-byte values (see below)
|
||||||
# 0100 - compression methods: 1-byte len then "null" (only legal value now)
|
# 0100 - compression methods: 1-byte len then "null" (only legal value now)
|
||||||
# [then end, or extensions]
|
# [then end, or extensions, see notes below]
|
||||||
# elel - 2-byte extensions length
|
# elel - 2-byte extensions length
|
||||||
# ...
|
# ...
|
||||||
|
# 000a - elliptic_curves aka supported_groups
|
||||||
|
# 0004 - extension length
|
||||||
|
# 0002 - length of named_curve_list / named_group_list
|
||||||
|
# 0017 - secp256r1 aka NIST P-256
|
||||||
|
# ...
|
||||||
#
|
#
|
||||||
# Note: currently our TLS "1.3 or 1.2" code requires extension length to be
|
# Note: currently our TLS "1.3 or 1.2" code requires extension length to be
|
||||||
# present even it it's 0. This is not strictly compliant but doesn't matter
|
# present even it it's 0. This is not strictly compliant but doesn't matter
|
||||||
# much in practice as these days everyone wants to use signature_algorithms
|
# much in practice as these days everyone wants to use signature_algorithms
|
||||||
# (for hashes better than SHA-1), secure_renego (even if you have renego
|
# (for hashes better than SHA-1), secure_renego (even if you have renego
|
||||||
# disabled), and most people want either ECC or PSK related extensions.
|
# disabled), and most people want either ECC or PSK related extensions.
|
||||||
|
# See https://github.com/Mbed-TLS/mbedtls/issues/9963
|
||||||
|
#
|
||||||
|
# Also, currently we won't negotiate ECC ciphersuites unless at least the
|
||||||
|
# supported_groups extension is present, see
|
||||||
|
# https://github.com/Mbed-TLS/mbedtls/issues/7458
|
||||||
#
|
#
|
||||||
# Note: cccc is currently not assigned, so can be used get a consistent
|
# Note: cccc is currently not assigned, so can be used get a consistent
|
||||||
# "no matching ciphersuite" behaviour regardless of the configuration.
|
# "no matching ciphersuite" behaviour regardless of the configuration.
|
||||||
# 002f is MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, MTI in 1.2, but removed in 4.0.
|
# c02b is MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (1.2)
|
||||||
Inject ClientHello - TLS 1.2 good (for reference)
|
|
||||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_HAVE_CBC
|
|
||||||
inject_client_content_on_the_wire:MBEDTLS_SSL_CLIENT_HELLO:"160303002f0100002b03030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef000002002f01000000":"<= parse client hello":0
|
|
||||||
|
|
||||||
|
# See "ClientHello breakdown" above
|
||||||
|
# MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 with secp256r1
|
||||||
|
Inject ClientHello - TLS 1.2 good (for reference)
|
||||||
|
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1
|
||||||
|
inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300370100003303030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef000002c02b01000008000a000400020017":"<= parse client hello":0
|
||||||
|
|
||||||
|
# See "ClientHello breakdown" above
|
||||||
Inject ClientHello - TLS 1.2 unknown ciphersuite (for reference)
|
Inject ClientHello - TLS 1.2 unknown ciphersuite (for reference)
|
||||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2
|
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C
|
||||||
inject_client_content_on_the_wire:MBEDTLS_SSL_CLIENT_HELLO:"160303002f0100002b03030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef000002cccc01000000":"got no ciphersuites in common":MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE
|
inject_client_content_on_the_wire:MBEDTLS_PK_RSA:MBEDTLS_SSL_CLIENT_HELLO:"160303002f0100002b03030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef000002cccc01000000":"got no ciphersuites in common":MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE
|
||||||
|
|||||||
@ -5015,8 +5015,9 @@ exit:
|
|||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE */
|
/* BEGIN_CASE */
|
||||||
void inject_client_content_on_the_wire(int state, data_t *hello, char *log_pattern,
|
void inject_client_content_on_the_wire(int pk_alg,
|
||||||
int expected_ret)
|
int state, data_t *data,
|
||||||
|
char *log_pattern, int expected_ret)
|
||||||
{
|
{
|
||||||
/* This function allows us to inject content at a specific state
|
/* This function allows us to inject content at a specific state
|
||||||
* in the handshake, or when it's completed. The content is injected
|
* in the handshake, or when it's completed. The content is injected
|
||||||
@ -5045,7 +5046,9 @@ void inject_client_content_on_the_wire(int state, data_t *hello, char *log_patte
|
|||||||
srv_pattern.pattern = log_pattern;
|
srv_pattern.pattern = log_pattern;
|
||||||
options.srv_log_obj = &srv_pattern;
|
options.srv_log_obj = &srv_pattern;
|
||||||
options.srv_log_fun = mbedtls_test_ssl_log_analyzer;
|
options.srv_log_fun = mbedtls_test_ssl_log_analyzer;
|
||||||
mbedtls_debug_set_threshold(3);
|
mbedtls_debug_set_threshold(5);
|
||||||
|
|
||||||
|
options.pk_alg = pk_alg;
|
||||||
|
|
||||||
ret = mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
|
ret = mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
|
||||||
&options, NULL, NULL, NULL);
|
&options, NULL, NULL, NULL);
|
||||||
@ -5064,8 +5067,8 @@ void inject_client_content_on_the_wire(int state, data_t *hello, char *log_patte
|
|||||||
TEST_EQUAL(ret, 0);
|
TEST_EQUAL(ret, 0);
|
||||||
|
|
||||||
/* Send the crafted message */
|
/* Send the crafted message */
|
||||||
ret = mbedtls_test_mock_tcp_send_b(&client.socket, hello->x, hello->len);
|
ret = mbedtls_test_mock_tcp_send_b(&client.socket, data->x, data->len);
|
||||||
TEST_ASSERT(ret >= 0 && (size_t) ret == hello->len);
|
TEST_ASSERT(ret >= 0 && (size_t) ret == data->len);
|
||||||
|
|
||||||
/* Have the server process it.
|
/* Have the server process it.
|
||||||
* Need the loop because a server that support 1.3 and 1.2
|
* Need the loop because a server that support 1.3 and 1.2
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user