Merge pull request #8861 from ronald-cron-arm/tls13-srv-select-kex
TLS 1.3: SRV: Improve key exchange mode selection
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3c2b6a0..d4a8307 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -6940,7 +6940,7 @@
size_t peer_key_length)
{
psa_status_t status;
- uint8_t shared_secret[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE];
+ uint8_t shared_secret[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE] = { 0 };
size_t shared_secret_length = 0;
psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(operation->alg);
diff --git a/library/ssl_client.c b/library/ssl_client.c
index 6d988a8..8892acf 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -765,11 +765,6 @@
MBEDTLS_SSL_SESSION_TICKETS &&
MBEDTLS_HAVE_TIME */
- if (ssl->conf->f_rng == NULL) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided"));
- return MBEDTLS_ERR_SSL_NO_RNG;
- }
-
/* Bet on the highest configured version if we are not in a TLS 1.2
* renegotiation or session resumption.
*/
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b09db1e..aa967d8 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1361,6 +1361,11 @@
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
+ if (ssl->conf->f_rng == NULL) {
+ MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided"));
+ return MBEDTLS_ERR_SSL_NO_RNG;
+ }
+
/* Space for further checks */
return 0;
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 5bee188..b49a8ae 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -2178,11 +2178,6 @@
}
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
- if (ssl->conf->f_rng == NULL) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided"));
- return MBEDTLS_ERR_SSL_NO_RNG;
- }
-
/*
* 0 . 0 handshake type
* 1 . 3 handshake length
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 7b66820..9ea581e 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -1970,10 +1970,6 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char *server_randbytes =
ssl->handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN;
- if (ssl->conf->f_rng == NULL) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided"));
- return MBEDTLS_ERR_SSL_NO_RNG;
- }
if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, server_randbytes,
MBEDTLS_SERVER_HELLO_RANDOM_LEN)) != 0) {
diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h
index 5b071f7..110e2ed 100644
--- a/tests/include/test/ssl_helpers.h
+++ b/tests/include/test/ssl_helpers.h
@@ -196,6 +196,13 @@
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
/*
+ * Random number generator aimed for TLS unitary tests. Its main purpose is to
+ * simplify the set-up of a random number generator for TLS
+ * unitary tests: no need to set up a good entropy source for example.
+ */
+int mbedtls_test_random(void *p_rng, unsigned char *output, size_t output_len);
+
+/*
* This function can be passed to mbedtls to receive output logs from it. In
* this case, it will count the instances of a mbedtls_test_ssl_log_pattern
* in the received logged messages.
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index 5d4cb1c..045ed39 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -12,9 +12,7 @@
#include "mbedtls/psa_util.h"
#if defined(MBEDTLS_SSL_TLS_C)
-#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
-static int rng_seed = 0xBEEF;
-static int rng_get(void *p_rng, unsigned char *output, size_t output_len)
+int mbedtls_test_random(void *p_rng, unsigned char *output, size_t output_len)
{
(void) p_rng;
for (size_t i = 0; i < output_len; i++) {
@@ -23,7 +21,6 @@
return 0;
}
-#endif
void mbedtls_test_ssl_log_analyzer(void *ctx, int level,
const char *file, int line,
@@ -46,6 +43,8 @@
mbedtls_test_handshake_test_options *opts)
{
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
+ static int rng_seed = 0xBEEF;
+
srand(rng_seed);
rng_seed += 0xD0;
#endif
@@ -755,7 +754,7 @@
mbedtls_ssl_init(&(ep->ssl));
mbedtls_ssl_config_init(&(ep->conf));
- mbedtls_ssl_conf_rng(&(ep->conf), rng_get, NULL);
+ mbedtls_ssl_conf_rng(&(ep->conf), mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&ep->conf) == NULL);
TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), 0);
diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function
index eeefc95..70e7bad 100644
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@@ -2,6 +2,7 @@
#include "debug_internal.h"
#include "string.h"
#include "mbedtls/pk.h"
+#include <test/ssl_helpers.h>
struct buffer_data {
char buf[2000];
@@ -65,11 +66,12 @@
memset(buffer.buf, 0, 2000);
buffer.ptr = buffer.buf;
- mbedtls_ssl_config_defaults(&conf,
- MBEDTLS_SSL_IS_CLIENT,
- MBEDTLS_SSL_TRANSPORT_STREAM,
- MBEDTLS_SSL_PRESET_DEFAULT);
-
+ TEST_EQUAL(mbedtls_ssl_config_defaults(&conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT),
+ 0);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -103,11 +105,12 @@
memset(buffer.buf, 0, 2000);
buffer.ptr = buffer.buf;
- mbedtls_ssl_config_defaults(&conf,
- MBEDTLS_SSL_IS_CLIENT,
- MBEDTLS_SSL_TRANSPORT_STREAM,
- MBEDTLS_SSL_PRESET_DEFAULT);
-
+ TEST_EQUAL(mbedtls_ssl_config_defaults(&conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT),
+ 0);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -138,11 +141,12 @@
memset(buffer.buf, 0, 2000);
buffer.ptr = buffer.buf;
- mbedtls_ssl_config_defaults(&conf,
- MBEDTLS_SSL_IS_CLIENT,
- MBEDTLS_SSL_TRANSPORT_STREAM,
- MBEDTLS_SSL_PRESET_DEFAULT);
-
+ TEST_EQUAL(mbedtls_ssl_config_defaults(&conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT),
+ 0);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -175,11 +179,12 @@
memset(buffer.buf, 0, 2000);
buffer.ptr = buffer.buf;
- mbedtls_ssl_config_defaults(&conf,
- MBEDTLS_SSL_IS_CLIENT,
- MBEDTLS_SSL_TRANSPORT_STREAM,
- MBEDTLS_SSL_PRESET_DEFAULT);
-
+ TEST_EQUAL(mbedtls_ssl_config_defaults(&conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT),
+ 0);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -214,11 +219,12 @@
memset(buffer.buf, 0, 2000);
buffer.ptr = buffer.buf;
- mbedtls_ssl_config_defaults(&conf,
- MBEDTLS_SSL_IS_CLIENT,
- MBEDTLS_SSL_TRANSPORT_STREAM,
- MBEDTLS_SSL_PRESET_DEFAULT);
-
+ TEST_EQUAL(mbedtls_ssl_config_defaults(&conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT),
+ 0);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index d327828..2d124c5 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -1131,6 +1131,8 @@
MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
MBEDTLS_SSL_PRESET_DEFAULT) == 0);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
+
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
/* Read previous record numbers */
@@ -2879,6 +2881,7 @@
mbedtls_ssl_conf_transport(&conf, transport);
mbedtls_ssl_conf_min_tls_version(&conf, min_tls_version);
mbedtls_ssl_conf_max_tls_version(&conf, max_tls_version);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == expected_ssl_setup_result);
TEST_EQUAL(mbedtls_ssl_conf_get_endpoint(
@@ -2920,6 +2923,8 @@
mbedtls_ssl_init(&ssl);
MD_OR_USE_PSA_INIT();
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
+
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
TEST_ASSERT(ssl.handshake != NULL && ssl.handshake->group_list != NULL);
@@ -2951,6 +2956,7 @@
mbedtls_ssl_config conf;
mbedtls_ssl_config_init(&conf);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
mbedtls_ssl_conf_max_tls_version(&conf, MBEDTLS_SSL_VERSION_TLS1_2);
mbedtls_ssl_conf_min_tls_version(&conf, MBEDTLS_SSL_VERSION_TLS1_2);
@@ -3059,6 +3065,7 @@
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
MBEDTLS_SSL_PRESET_DEFAULT),
0);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0);
TEST_EQUAL(mbedtls_ssl_check_dtls_clihlo_cookie(&ssl, ssl.cli_id,
@@ -3113,6 +3120,7 @@
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT)
== 0);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0);
@@ -3371,6 +3379,7 @@
MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT), 0);
+ mbedtls_ssl_conf_rng(&conf, mbedtls_test_random, NULL);
TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0);