ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-10 17:01:41 +08:00
Code Issues Releases Wiki Activity
33,202 Commits 172 Branches 267 Tags
Commit Graph

12367 Commits

Author SHA1 Message Date
Gilles Peskine
94b9972124
Merge pull request #10007 from minosgalanakis/task9887_extend_defragmentation_tests 
Extend ssl-opt testing for TLS HS defragmentation
 2025-03-18 13:09:38 +00:00
Minos Galanakis
625c8fd2d9 ssl-opt: Added 4 and 128 bytes tests to HS defragmentation for server initiated reneg 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-18 10:31:37 +00:00
Minos Galanakis
dfc082e16c ssl-opt: Fixed a minor typo. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-18 10:25:24 +00:00
Manuel Pégourié-Gonnard
6dcfdf1f48 Adapt dependencies to the new world 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
af4606d743 Re-introduce log asserts on positive cases 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
47d0b796af Improve a test assertion 
That way if it ever fails it will print the values.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
f4a67cf892 Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
e5ddf36a66 Add test cases for EOF in the middle of fragments 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
ed873f9e59 Adjust logic around log pattern 
This is more flexible: the test data gets to decide whether we want to
assert the presence of a pattern or not.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
2285d6122d Add test for length larger than 2^16 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
4f1b38a65e Adapt "large ClientHello" tests to incremental 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
757040c47f Cleanly reject non-HS in-between HS fragments 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
1038b22d74 Reduce the level of logging used in tests 
This should avoid running into a bug with printf format specifiers one
windows.

It's also a logical move for actual tests: I used the highest debug
level for discovery, but we don't need that all the time.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
55d9124bb0 Move new tests to their own data file 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
299f94a5d2 Fix dependency issues 
Declare the same dependencies as for the previous TLS 1.3 tests, except
for part that varies with the cipher suite (ie AES-GCM).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
1bed827d22 New test function for large ClientHello 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
6e79ff5bb5 Fix hash dependencies for TLS 1.2 tests 
We're not sending a signature_algorithm extension, which means SHA-1.

Caught by depends.py hashes

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
e760d7be41 Fix curve dependencies 
In addition to secp256r1 for the handshake, we need secp384r1 as it's
used by the CA certificate.

Caught by depends.py curves

Also, for the "unknown ciphersuite" 1.2 test, use the same key type and
all the same dependencies as of the "good" test above, to avoid having
to determine a second set of correct dependencies just for this one.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
ae567ad011 Add missing dependency declaration 
This guards the definition of mbedtls_test_ssl_endpoint which we rely
on, so the function won't compile without it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
73247c6e19 Fix dependency issues 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
5d0a921e7a Add test with non-HS record in-between HS fragments 
Two of these tests reveal bugs in the code, so they're commented out for
now.

For the other tests, the high-level behaviour is OK (break the
handshake) but the details of why are IMO not good: they should be
rejected because interleaving non-HS record between HS fragments is not
valid according to the spec.

To be fixed in future commits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
de7aac782e Add test to TLS 1.3 ClientHello fragmentation 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
4afdf340dd Add reference tests with 1.3 ClientHello 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
e916652390 Add supported_curves/groups extension 
This allows us to use a ciphersuite that will still be supported in 4.0.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Manuel Pégourié-Gonnard
6637ef798f New test function inject_client_content_on_the_wire() 
Not used for real stuff so far, just getting the tooling in place.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-03-14 09:22:09 +01:00
Minos Galanakis
f475a15d5d ssl-opt: Disabled the renegotiation delay for fragmented HS renegotiation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-14 00:15:40 +00:00
Minos Galanakis
641e08e2aa ssl-opt: Updated documentation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:43:08 +00:00
Minos Galanakis
1d78c7d58d ssl-opt: Added client-initiated server-rejected renegotation test. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:44 +00:00
Minos Galanakis
a8f14384f8 ssl-opt: Updated O_NEXT_CLI_RENEGOTIATE used by fragmented HS renegotiation with certificates. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:44 +00:00
Minos Galanakis
df4ddfdf0c ssl-opt: Fragmented HS renegotiation, removed -legacy_renegotiation argument. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:44 +00:00
Minos Galanakis
0b830f145f ssl-opt: Fragmented HS renegotiation, removed requires_certificate_authentication dependency. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:44 +00:00
Minos Galanakis
9b2e4b80e7 ssl-opt: Fragmented HS renegotiation, removed requires_openssl_3_x dependency. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
af0e60b38f ssl-opt: Fragmented HS renegotiation, adjusted test names for consistency. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
70be67b97e ssl-opt: Fragmented HS renegotiation, updated matching regex 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
ae54c749fc ssl-opt: Added coverage for client-initiated fragmented HS renegotiation tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
a7b19aa857 ssl-opt: Refactored fragmented HS renegotiation tests. 
- Switched to using MBEDTLS_SSL_PROTO_TLS1_2 for dependency.
- Re-ordered tests.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
990a10909d ssl-opt: Fragmented HS renegotiation, updated documentation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
135ebd3241 ssl-opt: Removed mock-tests from HS renegotiation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
87be69a3fc sll-opt: Added refence fix for the Mock HS Defrag test using renegotitiation delay 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
05009c736c Added Mock Renegotiation negative test for testing. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
529188f30b ssl-opt: Added fragmented HS tests for server-initiated renegotiation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
5aaa6e048b ssl-opt: Added fragmented HS tests for client-initiated renegotiation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Minos Galanakis
daa14a4212 ssl-opt: Added fragmented HS tests for SSL_VARIABLE_BUFFER_LENGTH. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-13 11:06:43 +00:00
Bence Szépkúti
906d3cdff5
Merge pull request #10020 from bensze01/msvc-format-size-macros 
Fix preprocessor guards for C99 format size specifiers
 2025-03-13 10:09:06 +00:00
Bence Szépkúti
24f11a366d Use an array of strings instead of pointer smuggling 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 19:14:50 +01:00
Bence Szépkúti
46e0b1cac9 Use dummy typedef instead of macro 
Use a dummy definition of mbedtls_ms_time_t in builds without
MBEDTLS_HAVE_TIME.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 17:11:46 +01:00
Minos Galanakis
a2a0c2cbe7 Merge remote-tracking branch 'origin/features/tls-defragmentation/development' into feature_merge_defragmentation_dev 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-12 15:25:06 +00:00
Bence Szépkúti
58bb7ecd94 Disable fatal assertions in Windows printf tests 
The Windows CRT treats any invalid format specifiers passed to the CRT
as fatal assertion failures. Disable thie behaviour temporarily while
testing if the format specifiers we use are supported.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 16:16:20 +01:00
Bence Szépkúti
154066d118 Add testcase for MBEDTLS_PRINTF_MS_TIME 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 16:16:20 +01:00
Bence Szépkúti
c6a8bf0f8e Test handling of format macros defined in debug.h 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-03-12 16:16:20 +01:00