test_suite_ssl: require GCM or ChaChaPoly in handshake_serialization() Hanshake serialization requires that the selected ciphersuite uses an AEAD algorithm. However, following the DHE-RSA removal, trying to still use RSA signature might select a ciphersuite which is not using AEAD, but CBC instead (see preference order in "ssl_ciphersuite.c"). This is especially problematic in tests scenarios where both GCM and ChaChaPoly are disabled, so that CCM remains as the only AEAD algorithm. Ciphersuites using RSA signature and CCM are very low on the preference list, so very unlikely to be picked in tests. This cause a CBC one to be selected in this case and the handshake_serialization() function to fail. In order to prevent failures from happening, in this commit we require that either GCM or ChaChaPoly are enabled, so that ciphersuites using one of these are likely to be picked. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

commit: 1494a09ff707358aa709d062a471de424bec213e [log] [tgz]
author: Valerio Setti <valerio.setti@nordicsemi.no> Thu Jan 30 16:45:45 2025 +0100
committer: Valerio Setti <valerio.setti@nordicsemi.no> Thu Feb 06 10:12:02 2025 +0100
tree: 4bbc48101e8f8adf5413b139c6a27072c059011b
parent: d137f15e1bc6d422c3b4999eea326b9f04ddf4fd [diff]
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index 8d9e8bb..cd0c303 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data

@@ -417,7 +417,6 @@
 handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1
 
 DTLS Handshake with serialization, tls1_2
-depends_on:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS
 handshake_serialization
 
 DTLS Handshake fragmentation, MFL=512

diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 6bb4dfe..2b50f0e 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function

@@ -63,6 +63,10 @@
 }
 #endif
 
+#if defined(PSA_WANT_ALG_GCM) || defined(PSA_WANT_ALG_CHACHA20_POLY1305)
+#define TEST_GCM_OR_CHACHAPOLY_ENABLED
+#endif
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -2744,7 +2748,7 @@
 }
 /* END_CASE */
 
-/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:PSA_WANT_ALG_SHA_256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY:TEST_GCM_OR_CHACHAPOLY_ENABLED */
 void handshake_serialization()
 {
     mbedtls_test_handshake_test_options options;
commit	1494a09ff707358aa709d062a471de424bec213e	[log] [tgz]
author	Valerio Setti <valerio.setti@nordicsemi.no>	Thu Jan 30 16:45:45 2025 +0100
committer	Valerio Setti <valerio.setti@nordicsemi.no>	Thu Feb 06 10:12:02 2025 +0100
tree	4bbc48101e8f8adf5413b139c6a27072c059011b
parent	d137f15e1bc6d422c3b4999eea326b9f04ddf4fd [diff]