ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-06-05 14:26:42 +08:00
Code Issues Releases Wiki Activity
31,785 Commits 172 Branches 268 Tags
Commit Graph

31785 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
cc856a2c0e Handshake defragmentation: reassemble incrementally 
Reassemble handshake fragments incrementally instead of all at the end. That
is, every time we receive a non-initial handshake fragment, append it to the
initial fragment. Since we only have to deal with at most two handshake
fragments at the same time, this simplifies the code (no re-parsing of a
record) and is a little more memory-efficient (no need to store one record
header per record).

This commit also fixes a bug. The previous code did not calculate offsets
correctly when records use an explicit IV, which is the case in TLS 1.2 with
CBC (encrypt-then-MAC or not), GCM and CCM encryption (i.e. all but null and
ChachaPoly). This led to the wrong data when an encrypted handshake message
was fragmented (Finished or renegotiation). The new code handles this
correctly.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-05 17:03:20 +01:00
Gilles Peskine
22c51b9a0b mbedtls_ssl_prepare_handshake_record(): log offsets after decryption 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-05 17:03:20 +01:00
Gilles Peskine
af0c461f39 mbedtls_ssl_prepare_handshake_record(): refactor first fragment prep 
Minor refactoring of the initial checks and preparation when receiving the
first fragment. Use `ssl->in_hsfraglen` to determine whether there is a
pending handshake fragment, for consistency, and possibly for more
robustness in case handshake fragments are mixed with non-handshake
records (although this is not currently supported anyway).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-05 17:03:20 +01:00
Gilles Peskine
1e81d349b8 Tweak handshake fragment log message 
In preparation for reworking mbedtls_ssl_prepare_handshake_record(),
tweak the "handshake fragment:" log message.

This changes what information is displayed when a record contains data
beyond the expected end of the handshake message. This case is currently
untested and its handling will change in a subsequent commit.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-05 17:03:20 +01:00
Gilles Peskine
3d490a91ad Tweak "waiting for more handshake fragments" log message 
In preparation for reworking mbedtls_ssl_prepare_handshake_record(), tweak
the "waiting for more handshake fragments" log message in
ssl_consume_current_message(), and add a similar one in
mbedtls_ssl_prepare_handshake_record(). Assert both.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-05 17:03:20 +01:00
Gilles Peskine
b6102b6ccf Fix Doxygen markup 
Pacify `clang -Wdocumentation`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-05 17:03:20 +01:00
Gilles Peskine
134677d44c
Merge pull request #10029 from gilles-peskine-arm/tls-defragment-generate-tests-3.6 
Backport 3.6: Generate TLS handshake defragmentation tests
 2025-03-05 16:49:21 +01:00
Gilles Peskine
2e7def5748 Update framework 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-05 10:08:29 +01:00
Gilles Peskine
9d54be57b0 Generate handshake defragmentation test cases: update analyze_outcomes 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-05 10:08:21 +01:00
Gilles Peskine
2e7f2a2e48 Switch to generated handshake tests 
Replace `tests/opt-testcases/handshake-manual.sh` by
`tests/opt-testcases/handshake-generated.sh`. They are identical except for
comments, and for some extra dependencies on
`MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED` which are needed in `development,
but not in `mbedtls-3.6. Those dependencies don't hurt the useful coverage
of the tests, so we'll live with them.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 21:03:22 +01:00
Gilles Peskine
6183a645fc Normalize requirements in defragmentation test cases 
Be more uniform in where certificate authentication and ECDSA are explicitly
required. A few test cases now run in PSK-only configurations where they
always could. Add a missing requirement on ECDSA to test cases that are
currently skipped.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 21:00:50 +01:00
Gilles Peskine
49e1ed277e Normalize messages in defragmentation test cases 
Make some test case descriptions and log patterns follow more systematic
patterns.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 21:00:50 +01:00
Gilles Peskine
8321ab574c Normalize whitespace in defragmentation test cases 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 21:00:50 +01:00
Gilles Peskine
8ef2e74704 Move most TLS handshake defragmentation tests to a separate file 
Prepare for those test cases to be automatically generated by a script.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 21:00:48 +01:00
Gilles Peskine
28f953c5ec New generated file: tests/opt-testcases/handshake-generated.sh 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 20:58:32 +01:00
David Horstmann
abb08f1088
Merge pull request #10024 from gilles-peskine-arm/tls-defragmentation-merge-3.6-20250303 
[tls-defragmentation/3.6] Update main branch
 2025-03-03 14:03:37 +00:00
Gilles Peskine
e0f1240cd5 Merge remote-tracking branch 'mbedtls-3.6' into tls-defragmentation-merge-3.6-20250303 2025-03-02 21:16:08 +01:00
Gilles Peskine
b55fd70a05
Merge pull request #10016 from minosgalanakis/issue9887_add_basic_defragmentation_tests_36 
[3.6 Backport] Add basic handshake defragmentation tests in ssl-opt
 2025-02-28 12:55:56 +01:00
Minos Galanakis
5764816335 ssl-opt: Re-introduce certificate dependency for HS negative tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 22:39:56 +00:00
Minos Galanakis
97a24ebdb1 ssl-opt: Removed dependencies for HS defrag negative tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 18:11:20 +00:00
Minos Galanakis
48348261d4 ssl-opt: Adjusted reference hs defragmentation tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:26:25 +00:00
Minos Galanakis
19d857d74c ssl-opt: Minor typos and documentation fixes. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:26:24 +00:00
Minos Galanakis
21e4f21df9 analyze_outcomes: Temporary disabled 3 HS Degragmentation tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:25:50 +00:00
Minos Galanakis
618ad79395 ssl-opt: Updated documentation of HS-Defrag tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:25:50 +00:00
Minos Galanakis
bb1bd8bf9e ssl-opt: Removed redundant dependencies: requires_openssl_3_x 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:25:49 +00:00
Minos Galanakis
065b89c7ad ssl-opt.sh: Disabled HS Defrag Tests for TLS1.2 where len < 16 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:24:37 +00:00
Minos Galanakis
4335125664 ssl-opt: Replaced max_send_frag with split_send_frag 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:24:37 +00:00
Minos Galanakis
ee8e7c3fb3 ssl-opt: Added coverage for hs defragmentation TLS 1.2 tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:24:35 +00:00
Minos Galanakis
2622aea537 ChangeLog: Updated the entry for tls-hs-defragmentation 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:23:38 +00:00
Minos Galanakis
e6dbf495b1 ssl-opt: Updated documentation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:23:38 +00:00
Minos Galanakis
79693bf48a ssl-opt: Added negative tests for handshake fragmentation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:20:41 +00:00
Minos Galanakis
03ae352340 ssl-opt: Added handshake fragmentation tests for 4 byte fragments. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:20:41 +00:00
Minos Galanakis
871469a106 ssl-opt: Added negative-assertion testing, (HS Fragmentation disabled) 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:20:41 +00:00
Minos Galanakis
48aa2deb0b ssl-opt: Added tls 1.2 tests for HS defragmentation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:20:40 +00:00
Minos Galanakis
1d47cebde1 ssl-opt: Dependency resolving set to use to requires_protocol_version HS deframentation tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:20:40 +00:00
Minos Galanakis
502da02817 ssl-opt: Adjusted the wording on handshake fragmentation tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:20:40 +00:00
Minos Galanakis
9886fd17db ssl-opt: Added requires_openssl_3_x to defragmentation tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:20:40 +00:00
Minos Galanakis
afb428e584 ssl-opt: Updated the keywords to look up during handshake fragmentation tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-02-27 15:20:40 +00:00
Waleed Elmelegy
c5f1ba3d50 Add missing client certificate check in handshake defragmentation tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:40 +00:00
Waleed Elmelegy
5fc8d3f035 Test Handshake defragmentation only for TLS 1.3 only for small values 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:39 +00:00
Waleed Elmelegy
be59ab5671 Add guard to handshake defragmentation tests for client certificate 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:39 +00:00
Waleed Elmelegy
99f4691bd6 Add a comment to elaborate using split_send_frag in handshake defragmentation tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:39 +00:00
Waleed Elmelegy
57f61f82fd Enforce client authentication in handshake fragmentation tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:39 +00:00
Waleed Elmelegy
826fc5c383 Remove unneeded mtu option from handshake fragmentation tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:39 +00:00
Waleed Elmelegy
e9b08846da Add client authentication to handshake defragmentation tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:38 +00:00
Waleed Elmelegy
1b2590b125 Require openssl to support TLS 1.3 in handshake defragmentation tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:38 +00:00
Waleed Elmelegy
5b7c8bb064 Remove unnecessary string check in handshake defragmentation tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:38 +00:00
Waleed Elmelegy
8870b99da4 Fix typo in TLS Handshake defrafmentation tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:38 +00:00
Waleed Elmelegy
e11d8c9333 Improve TLS handshake defragmentation tests 
* Add tests for the server side.
* Remove restriction for TLS 1.2 so that we can test TLS 1.2 & 1.3.
* Use latest version of openSSL to make sure -max_send_frag &
  -split_send_frag flags are supported.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:38 +00:00
Waleed Elmelegy
29581ce229 Add TLS Hanshake defragmentation tests 
Tests uses openssl s_server with a mix of max_send_frag
and split_send_frag options.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2025-02-27 15:20:37 +00:00