Merge pull request #9490 from waleed-elmelegy-arm/add-iop-key-agrmnt-api
Add PSA interruptible key agreement APIs
diff --git a/ChangeLog.d/psa_util-bits-0.txt b/ChangeLog.d/psa_util-bits-0.txt
new file mode 100644
index 0000000..9aa70ad
--- /dev/null
+++ b/ChangeLog.d/psa_util-bits-0.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Fix undefined behavior in some cases when mbedtls_psa_raw_to_der() or
+ mbedtls_psa_der_to_raw() is called with bits=0.
diff --git a/ChangeLog.d/tls-key-exchange-rsa.txt b/ChangeLog.d/tls-key-exchange-rsa.txt
new file mode 100644
index 0000000..4df6b3e
--- /dev/null
+++ b/ChangeLog.d/tls-key-exchange-rsa.txt
@@ -0,0 +1,2 @@
+Removals
+ * Remove support for the RSA-PSK key exchange in TLS 1.2.
diff --git a/docs/architecture/tls13-support.md b/docs/architecture/tls13-support.md
index d6fc19e..6904c50 100644
--- a/docs/architecture/tls13-support.md
+++ b/docs/architecture/tls13-support.md
@@ -117,7 +117,6 @@
| MBEDTLS_KEY_EXCHANGE_PSK_ENABLED | n/a (2) |
| MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED | n/a |
- | MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_RSA_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED | n/a |
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index a710208..d7cc365 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -310,12 +310,6 @@
#error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) && \
- ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
- !defined(MBEDTLS_PKCS1_V15) )
-#error "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
-#endif
-
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \
( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
!defined(MBEDTLS_PKCS1_V15) )
@@ -797,7 +791,6 @@
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) )
#error "One or more versions of the TLS protocol are enabled " \
diff --git a/include/mbedtls/config_adjust_ssl.h b/include/mbedtls/config_adjust_ssl.h
index 1f82d9c..ce90991 100644
--- a/include/mbedtls/config_adjust_ssl.h
+++ b/include/mbedtls/config_adjust_ssl.h
@@ -67,7 +67,6 @@
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
-#undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index ba1dd42..fa223ff 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -523,9 +523,6 @@
* MBEDTLS_TLS_RSA_WITH_NULL_SHA256
* MBEDTLS_TLS_RSA_WITH_NULL_SHA
* MBEDTLS_TLS_RSA_WITH_NULL_MD5
- * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
* MBEDTLS_TLS_PSK_WITH_NULL_SHA384
* MBEDTLS_TLS_PSK_WITH_NULL_SHA256
* MBEDTLS_TLS_PSK_WITH_NULL_SHA
@@ -746,29 +743,6 @@
#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
/**
- * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
- *
- * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- * MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
- */
-#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
-
-/**
* \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
*
* Enable the RSA-only based ciphersuite modes in SSL / TLS.
@@ -2140,12 +2114,6 @@
* MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
* MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
* MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
* MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
* MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
* MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
@@ -2283,10 +2251,6 @@
* MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
* MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
* MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
* MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
* MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
* MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
@@ -2333,14 +2297,10 @@
* MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
* MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
* MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
* MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
* MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
* MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
* MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
- * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
- * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
* MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
* MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
*/
@@ -3081,7 +3041,7 @@
* library/ssl*_server.c
*
* This module is used by the following key exchanges:
- * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
+ * RSA, DHE-RSA, ECDHE-RSA
*
* Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
*/
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 4246677..9353eb4 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -673,9 +673,6 @@
unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE
+ MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
- unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 4 */
-#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES
+ MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */
diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
index 4685c72..3e235f3 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@@ -29,7 +29,6 @@
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */
#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */
-#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */
#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
@@ -55,9 +54,6 @@
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
-#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
-#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
-
#define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */
@@ -67,8 +63,6 @@
#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
@@ -80,11 +74,6 @@
#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */
#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */
-#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
-#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
-#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */
-#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */
-
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */
@@ -161,14 +150,10 @@
#define MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067 /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 0xC068 /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 0xC069 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0xC06E /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0xC06F /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071 /**< TLS 1.2 */
@@ -198,15 +183,11 @@
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
-#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098
-#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
@@ -242,7 +223,6 @@
#define MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD /**< TLS 1.2 */
-#define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE /**< TLS 1.2 */
/* RFC 8446, Appendix B.4 */
#define MBEDTLS_TLS1_3_AES_128_GCM_SHA256 0x1301 /**< TLS 1.3 */
@@ -262,7 +242,6 @@
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
MBEDTLS_KEY_EXCHANGE_PSK,
MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- MBEDTLS_KEY_EXCHANGE_RSA_PSK,
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
@@ -274,7 +253,6 @@
defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
#define MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED
@@ -294,19 +272,14 @@
/* Key exchanges allowing client certificate requests.
*
- * Note: that's almost the same as MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED
- * above, except RSA-PSK uses a server certificate but no client cert.
- *
- * Note: this difference is specific to TLS 1.2, as with TLS 1.3, things are
- * more symmetrical: client certs and server certs are either both allowed
- * (Ephemeral mode) or both disallowed (PSK and PKS-Ephemeral modes).
+ * This is now the same as MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED,
+ * and the two macros could be unified.
+ * Until Mbed TLS 3.x, the two sets were different because
+ * MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED covers
+ * MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED plus RSA-PSK.
+ * But RSA-PSK was removed in Mbed TLS 4.0.
*/
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
#define MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED
#endif
@@ -339,7 +312,6 @@
/* Key exchanges that don't involve ephemeral keys */
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
#define MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED
#endif
@@ -356,7 +328,6 @@
/* Key exchanges using a PSK */
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#define MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 1495950..f462187 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -211,24 +211,6 @@
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
- /* The RSA PSK suites */
- MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
- MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
- MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
- MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
- MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
- MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
- MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
-
- MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
- MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
- MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
- MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
- MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
- MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
-
/* The PSK suites */
MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
@@ -266,9 +248,6 @@
MBEDTLS_TLS_RSA_WITH_NULL_MD5,
MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
- MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
- MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
- MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
MBEDTLS_TLS_PSK_WITH_NULL_SHA,
@@ -371,14 +350,6 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
- { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
- "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
- MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
- MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 &&
PSA_WANT_ALG_SHA_256 &&
MBEDTLS_SSL_PROTO_TLS1_2 */
@@ -1235,89 +1206,6 @@
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-#if defined(PSA_WANT_KEY_TYPE_AES)
-#if defined(PSA_WANT_ALG_GCM)
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
- MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
- MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* PSA_WANT_ALG_GCM */
-
-#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
- MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
- MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-
-#if defined(PSA_WANT_ALG_SHA_1)
- { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
- MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-
- { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
- MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_1 */
-#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
-#endif /* PSA_WANT_KEY_TYPE_AES */
-
-#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
-#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
- MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
- MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
-
-#if defined(PSA_WANT_ALG_GCM)
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
- MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
- MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* PSA_WANT_ALG_GCM */
-#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
-
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
-
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(PSA_WANT_ALG_CCM)
@@ -1421,29 +1309,6 @@
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif /* PSA_WANT_ALG_SHA_384 */
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-#if defined(PSA_WANT_ALG_SHA_1)
- { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
- MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- MBEDTLS_CIPHERSUITE_WEAK,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_1 */
-
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
- MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- MBEDTLS_CIPHERSUITE_WEAK,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
- MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- MBEDTLS_CIPHERSUITE_WEAK,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
#if defined(PSA_WANT_KEY_TYPE_ARIA)
@@ -1483,41 +1348,6 @@
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
-
-#if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384))
- { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
- "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
- MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
- defined(PSA_WANT_ALG_SHA_384))
- { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
- "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
- MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-#if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256))
- { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
- "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
- MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
- defined(PSA_WANT_ALG_SHA_256))
- { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
- "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
- MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
-
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
#if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384))
@@ -1932,7 +1762,6 @@
case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
- case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
return MBEDTLS_PK_RSA;
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
@@ -1952,7 +1781,6 @@
{
switch (info->key_exchange) {
case MBEDTLS_KEY_EXCHANGE_RSA:
- case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
return PSA_ALG_RSA_PKCS1V15_CRYPT;
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
@@ -1975,7 +1803,6 @@
{
switch (info->key_exchange) {
case MBEDTLS_KEY_EXCHANGE_RSA:
- case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
return PSA_KEY_USAGE_DECRYPT;
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
@@ -2036,7 +1863,6 @@
{
switch (info->key_exchange) {
case MBEDTLS_KEY_EXCHANGE_PSK:
- case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
return 1;
diff --git a/library/ssl_ciphersuites_internal.h b/library/ssl_ciphersuites_internal.h
index 27ff721..4f71bc0 100644
--- a/library/ssl_ciphersuites_internal.h
+++ b/library/ssl_ciphersuites_internal.h
@@ -50,7 +50,6 @@
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_PSK:
- case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
return 1;
default:
@@ -93,7 +92,6 @@
{
switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_RSA:
- case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 39c7a2e..8b8f519 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7016,11 +7016,6 @@
* Other secret is stored in premaster, where first 2 bytes hold the
* length of the other key.
*/
- case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
- /* For RSA-PSK other key length is always 48 bytes. */
- other_secret_len = 48;
- other_secret = handshake->premaster + 2;
- break;
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
other_secret_len = MBEDTLS_GET_UINT16_BE(handshake->premaster, 0);
@@ -7357,21 +7352,6 @@
p += psk_len;
} else
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
- if (key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
- /*
- * other_secret already set by the ClientKeyExchange message,
- * and is 48 bytes long
- */
- if (end - p < 2) {
- return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
- }
-
- *p++ = 0;
- *p++ = 48;
- p += 48;
- } else
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
if (key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -7835,10 +7815,6 @@
#if defined(MBEDTLS_SSL_SRV_C)
if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
- return SSL_CERTIFICATE_SKIP;
- }
-
if (authmode == MBEDTLS_SSL_VERIFY_NONE) {
ssl->session_negotiate->verify_result =
MBEDTLS_X509_BADCERT_SKIP_VERIFY;
@@ -9685,7 +9661,6 @@
/* TLS 1.2 server part of the key exchange */
switch (ciphersuite->key_exchange) {
case MBEDTLS_KEY_EXCHANGE_RSA:
- case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT;
break;
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index 0affc91..14ce377 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -1900,8 +1900,7 @@
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
/*
* Generate a pre-master secret and encrypt it with the server's RSA key
*/
@@ -1976,8 +1975,7 @@
#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
return 0;
}
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ||
- MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
@@ -2139,12 +2137,11 @@
}
/*
- * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server
+ * ServerKeyExchange may be skipped with PSK when the server
* doesn't use a psk_identity_hint
*/
if (ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE) {
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
+ if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK) {
/* Current message is probably either
* CertificateRequest or ServerHelloDone */
ssl->keep_current_message = 1;
@@ -2174,7 +2171,6 @@
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
if (ssl_parse_server_psk_hint(ssl, &p, end) != 0) {
@@ -2188,14 +2184,11 @@
} /* FALLTHROUGH */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+ if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK) {
; /* nothing more to do */
} else
-#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ||
- MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ||
@@ -3050,14 +3043,6 @@
content_len = 0;
} else
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
- if ((ret = ssl_write_encrypted_pms(ssl, header_len,
- &content_len, 2)) != 0) {
- return ret;
- }
- } else
-#endif
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
/*
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 76200be..9e7c52c 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -3414,8 +3414,7 @@
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
MBEDTLS_CHECK_RETURN_CRITICAL
@@ -3601,8 +3600,7 @@
return 0;
}
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ||
- MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
MBEDTLS_CHECK_RETURN_CRITICAL
@@ -3671,10 +3669,8 @@
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client key exchange"));
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && \
- (defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED))
- if ((ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) &&
+ defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+ if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA &&
(ssl->handshake->async_in_progress != 0)) {
/* We've already read a record and there is an asynchronous
* operation in progress to decrypt it. So skip reading the
@@ -3842,39 +3838,6 @@
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
} else
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) {
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
- if (ssl->handshake->async_in_progress != 0) {
- /* There is an asynchronous operation in progress to
- * decrypt the encrypted premaster secret, so skip
- * directly to resuming this operation. */
- MBEDTLS_SSL_DEBUG_MSG(3, ("PSK identity already parsed"));
- /* Update p to skip the PSK identity. ssl_parse_encrypted_pms
- * won't actually use it, but maintain p anyway for robustness. */
- p += ssl->conf->psk_identity_len + 2;
- } else
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
- if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret);
- return ret;
- }
-
- if ((ret = ssl_parse_encrypted_pms(ssl, p, end, 2)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_encrypted_pms"), ret);
- return ret;
- }
-
-#if !defined(MBEDTLS_USE_PSA_CRYPTO)
- if ((ret = mbedtls_ssl_psk_derive_premaster(ssl,
- (mbedtls_key_exchange_type_t) ciphersuite_info->
- key_exchange)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret);
- return ret;
- }
-#endif /* !MBEDTLS_USE_PSA_CRYPTO */
- } else
-#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) {
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 9b36507..1bd18c1 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -357,8 +357,6 @@
goto exit;
}
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
exit:
mbedtls_net_free(&client_fd);
mbedtls_net_free(&listen_fd);
diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c
index 7213f8a..43d2e8c 100644
--- a/programs/test/udp_proxy.c
+++ b/programs/test/udp_proxy.c
@@ -938,8 +938,6 @@
}
- exit_code = MBEDTLS_EXIT_SUCCESS;
-
exit:
#ifdef MBEDTLS_ERROR_C
diff --git a/tests/compat.sh b/tests/compat.sh
index 22da5ee..05102e3 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -369,10 +369,6 @@
# Based on client's naming convention, all ciphersuite names will be
# translated into another naming format before sent to the client.
#
-# NOTE: for some reason RSA-PSK doesn't work with OpenSSL,
-# so RSA-PSK ciphersuites need to go in other sections, see
-# https://github.com/Mbed-TLS/mbedtls/issues/1419
-#
# ChachaPoly suites are here rather than in "common", as they were added in
# GnuTLS in 3.5.0 and the CI only has 3.4.x so far.
add_openssl_ciphersuites()
@@ -514,18 +510,6 @@
TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 \
TLS_PSK_WITH_NULL_SHA256 \
TLS_PSK_WITH_NULL_SHA384 \
- TLS_RSA_PSK_WITH_AES_128_CBC_SHA \
- TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 \
- TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 \
- TLS_RSA_PSK_WITH_AES_256_CBC_SHA \
- TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 \
- TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 \
- TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 \
- TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 \
- TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 \
- TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 \
- TLS_RSA_PSK_WITH_NULL_SHA256 \
- TLS_RSA_PSK_WITH_NULL_SHA384 \
"
;;
esac
@@ -579,12 +563,6 @@
TLS_PSK_WITH_ARIA_128_CBC_SHA256 \
TLS_PSK_WITH_ARIA_256_CBC_SHA384 \
TLS_PSK_WITH_NULL_SHA \
- TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 \
- TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 \
- TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 \
- TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 \
- TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 \
- TLS_RSA_PSK_WITH_NULL_SHA \
"
;;
esac
@@ -642,7 +620,7 @@
M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE"
O_SERVER_ARGS="-accept $PORT -cipher ALL,COMPLEMENTOFALL -$O_MODE"
G_SERVER_ARGS="-p $PORT --http $G_MODE"
- G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
+ G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:-VERS-TLS-ALL:$G_PRIO_MODE"
# The default prime for `openssl s_server` depends on the version:
# * OpenSSL <= 1.0.2a: 512-bit
@@ -751,11 +729,9 @@
;;
"PSK")
- # give RSA-PSK-capable server a RSA cert
- # (should be a separate type, but harder to close with openssl)
- M_SERVER_ARGS="$M_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70 ca_file=none crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key"
+ M_SERVER_ARGS="$M_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70 ca_file=none"
O_SERVER_ARGS="$O_SERVER_ARGS -psk 6162636465666768696a6b6c6d6e6f70 -nocert"
- G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile $DATA_FILES_PATH/server2-sha256.crt --x509keyfile $DATA_FILES_PATH/server2.key --pskpasswd $DATA_FILES_PATH/passwd.psk"
+ G_SERVER_ARGS="$G_SERVER_ARGS --pskpasswd $DATA_FILES_PATH/passwd.psk"
M_CLIENT_ARGS="$M_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70 crt_file=none key_file=none"
O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70"
diff --git a/tests/scripts/all-core.sh b/tests/scripts/all-core.sh
index 926ee45..5cb1da8 100644
--- a/tests/scripts/all-core.sh
+++ b/tests/scripts/all-core.sh
@@ -109,11 +109,12 @@
# means that components can assume that the working directory is in a
# cleaned-up state, and don't need to perform the cleanup themselves.
# * Run `make clean`.
-# * Restore `include/mbedtls/mbedtls_config.h` from a backup made before running
-# the component.
-# * Check out `Makefile`, `library/Makefile`, `programs/Makefile`,
-# `tests/Makefile` and `programs/fuzz/Makefile` from git.
-# This cleans up after an in-tree use of CMake.
+# * Restore the various config files (potentially modified by config.py) from
+# a backup made when starting the script.
+# * If in Mbed TLS, restore the various `Makefile`s (potentially modified by
+# in-tree use of CMake) from a backup made when starting the script. (Note:
+# if the files look generated when starting the script, they will be
+# restored from the git index before making the backup.)
################################################################
@@ -156,8 +157,8 @@
# Must be called before pre_initialize_variables which sets ALL_COMPONENTS.
pre_load_components () {
# Include the components from components.sh
- test_script_dir="${0%/*}"
- for file in "$test_script_dir"/components-*.sh; do
+ # Use a path relative to the current directory, aka project's root.
+ for file in tests/scripts/components-*.sh; do
source $file
done
}
@@ -165,6 +166,7 @@
pre_initialize_variables () {
if in_mbedtls_repo; then
CONFIG_H='include/mbedtls/mbedtls_config.h'
+ CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h'
if [ -d tf-psa-crypto ]; then
CRYPTO_CONFIG_H='tf-psa-crypto/include/psa/crypto_config.h'
PSA_CORE_PATH='tf-psa-crypto/core'
@@ -176,20 +178,21 @@
PSA_CORE_PATH=''
BUILTIN_SRC_PATH=''
fi
+ config_files="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H"
else
- CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h'
CRYPTO_CONFIG_H='include/psa/crypto_config.h'
PSA_CORE_PATH='core'
BUILTIN_SRC_PATH='drivers/builtin/src'
+
+ config_files="$CRYPTO_CONFIG_H"
fi
- CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h'
# Files that are clobbered by some jobs will be backed up. Use a different
# suffix from auxiliary scripts so that all.sh and auxiliary scripts can
# independently decide when to remove the backup file.
backup_suffix='.all.bak'
# Files clobbered by config.py
- files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H"
+ files_to_back_up="$config_files"
if in_mbedtls_repo; then
# Files clobbered by in-tree cmake
files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile"
@@ -623,7 +626,7 @@
pre_check_git () {
if [ $FORCE -eq 1 ]; then
rm -rf "$OUT_OF_SOURCE_DIR"
- git checkout-index -f -q $CONFIG_H
+ git checkout-index -f -q $config_files
cleanup
else
@@ -634,12 +637,14 @@
exit 1
fi
- if ! git diff --quiet "$CONFIG_H"; then
- err_msg "Warning - the configuration file '$CONFIG_H' has been edited. "
- echo "You can either delete or preserve your work, or force the test by rerunning the"
- echo "script as: $0 --force"
- exit 1
- fi
+ for config in $config_files; do
+ if ! git diff --quiet "$config"; then
+ err_msg "Warning - the configuration file '$config' has been edited. "
+ echo "You can either delete or preserve your work, or force the test by rerunning the"
+ echo "script as: $0 --force"
+ exit 1
+ fi
+ done
fi
}
@@ -866,7 +871,8 @@
set "$@" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;;
*) set "$@" RUN_ARMCC=0;;
esac
- "$@" scripts/output_env.sh
+ # Use a path relative to the currently-sourced file.
+ "$@" "${BASH_SOURCE%/*}"/../../scripts/output_env.sh
}
pre_generate_files() {
@@ -881,8 +887,8 @@
}
pre_load_helpers () {
- # The path is going to change when this is moved to the framework
- test_script_dir="${0%/*}"
+ # Use a path relative to the currently-sourced file.
+ test_script_dir="${BASH_SOURCE%/*}"
source "$test_script_dir"/all-helpers.sh
}
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 6708de1..b1261bf 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1,15 +1,112 @@
#! /usr/bin/env bash
-# all.sh
+# all.sh (transitional wrapper)
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
-# This file is executable; it is the entry point for users and the CI.
-# See "Files structure" in all-core.sh for other files used.
+# This is a transitional wrapper that's only meant for the CI.
+# Developers should directly invoke on or two of:
+# - tests/scripts/mbedtls-all.sh ...
+# - (cd tf-psa-crypto && tests/scripts/all.sh ...)
+#
+# During the transition, it's illegal for a tf-psa-crypto component to have
+# the same name as an mbedtls components; since this wrapper handles both
+# sides at once, component names need to be globally unique. Once the
+# transition period is over, unicity on each side will be enough.
+#
+# For context, here are the steps of the transition:
+# 1. We have an all.sh in tf-psa-crypto but for now we don't invoke it directly
+# on the CI, only through this transitional wrapper in mbedtls. (tf-psa-crypto
+# doesn't have its own CI initially and runs Mbed TLS's instead.)
+# 2. We move all relevant components to tf-psa-crypto so that it gets the level of
+# coverage we want. We need to make sure the new names are unique.
+# 3. We change the CI job on tf-psa-crypto to stop checking out mbedtls and running
+# its all.sh - instead we do the normal thing of checking out tf-psa-crypto and
+# running its all.sh. (In two steps: (a) add the new job, (b) remove the old
+# one.)
+# 4. We remove the transitional wrapper in mbedtls and we're now free to rename
+# tf-psa-crypto components as we want. If we followed a consistent naming
+# pattern, this can be as simple as s/_tf_psa_crypto// in components-*.sh.
-# The path is going to change when this is moved to the framework
-test_script_dir="${0%/*}"
-source "$test_script_dir"/all-core.sh
+# This script must be invoked from the project's root.
-main "$@"
+# There are exactly 4 ways this is invoked in the CI:
+# 1. tests/scripts/all.sh --help
+# 2. tests/scripts/all.sh --list-all-components
+# 3. tests/scripts/all.sh --list-components
+# 4. tests/scripts/all.sh --seed 4 --keep-going single_component_name
+# This wrapper does not support other invocations.
+
+set -eu
+
+# Cases 1-3
+if [ "$#" -eq 1 ]; then
+ if [ "$1" = '--help' ]; then
+ # It doesn't matter which one we use, they're the same
+ tests/scripts/mbedtls-all.sh "$1"
+ exit 0
+ fi
+ if [ "$1" = '--list-all-components' -o "$1" = '--list-components' ]; then
+ # Invoke both
+ tests/scripts/mbedtls-all.sh "$1"
+ (cd tf-psa-crypto && tests/scripts/all.sh "$1")
+ exit 0
+ fi
+fi
+
+if [ "$#" -ne 4 -o "${1:-unset}" != '--seed' -o "${3:-unset}" != '--keep-going' ]; then
+ echo "This invocation is not supported by the transitional wrapper." >&2
+ echo "See the comments at the top of $0." >&2
+ exit 1
+fi
+
+# Case 4: invoke the right all.sh for this component
+comp_name=$4
+
+# Get the list of components available on each side.
+COMP_MBEDTLS=$(tests/scripts/mbedtls-all.sh --list-all-components | tr '\n' ' ')
+COMP_CRYPTO=$(cd tf-psa-crypto && tests/scripts/all.sh --list-all-components | tr '\n' ' ')
+
+# tell if $1 is in space-separated list $2
+is_in() {
+ needle=$1
+ haystack=$2
+ case " $haystack " in
+ *" $needle "*) echo 1;;
+ *) echo 0;;
+ esac
+}
+
+is_crypto=$(is_in "$comp_name" "$COMP_CRYPTO")
+is_mbedtls=$(is_in "$comp_name" "$COMP_MBEDTLS")
+
+# Component should be on exactly one side (see comment near the top).
+if [ "$is_crypto" -eq 1 -a "$is_mbedtls" -eq 1 ]; then
+ echo "Component '$comp_name' is both in crypto and Mbed TLS". >&2
+ echo "See the comments at the top of $0." >&2
+ exit 1
+fi
+if [ "$is_crypto" -eq 0 -a "$is_mbedtls" -eq 0 ]; then
+ echo "Component '$comp_name' is neither in crypto nor in Mbed TLS". >&2
+ echo "See the comments at the top of $0." >&2
+ exit 1
+fi
+
+
+# Invoke the real thing
+if [ "$is_crypto" -eq 1 ]; then
+ # Make sure the path to the outcomes file is absolute. This is done by
+ # pre_prepare_outcome_file() however by the time it runs we've already
+ # changed the working directory, so do it now.
+ if [ -n "${MBEDTLS_TEST_OUTCOME_FILE+set}" ]; then
+ case "$MBEDTLS_TEST_OUTCOME_FILE" in
+ [!/]*) MBEDTLS_TEST_OUTCOME_FILE="$PWD/$MBEDTLS_TEST_OUTCOME_FILE";;
+ esac
+ export MBEDTLS_TEST_OUTCOME_FILE
+ fi
+ cd tf-psa-crypto
+ exec tests/scripts/all.sh "$@"
+else
+ exec tests/scripts/mbedtls-all.sh "$@"
+fi
diff --git a/tests/scripts/components-build-system.sh b/tests/scripts/components-build-system.sh
index 3047e76..f2b74a9 100644
--- a/tests/scripts/components-build-system.sh
+++ b/tests/scripts/components-build-system.sh
@@ -85,26 +85,6 @@
rm -rf "$OUT_OF_SOURCE_DIR"
}
-component_test_cmake_tf_psa_crypto_out_of_source () {
- # Remove existing generated files so that we use the ones cmake
- # generates
- make neat
- msg "build: cmake tf-psa-crypto 'out-of-source' build"
- MBEDTLS_ROOT_DIR="$PWD"
- cd tf-psa-crypto
- TF_PSA_CRYPTO_ROOT_DIR="$PWD"
- mkdir "$OUT_OF_SOURCE_DIR"
- cd "$OUT_OF_SOURCE_DIR"
- # Note: Explicitly generate files as these are turned off in releases
- cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$TF_PSA_CRYPTO_ROOT_DIR"
- make
- msg "test: cmake tf-psa-crypto 'out-of-source' build"
- make test
- cd "$TF_PSA_CRYPTO_ROOT_DIR"
- rm -rf "$OUT_OF_SOURCE_DIR"
- cd "$MBEDTLS_ROOT_DIR"
-}
-
component_test_cmake_as_subdirectory () {
# Remove existing generated files so that we use the ones CMake
# generates
diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index eaa0bca..33f3902 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@@ -1243,7 +1243,6 @@
scripts/config.py unset MBEDTLS_PKCS1_V21
scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
# Also disable key exchanges that depend on RSA
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
@@ -1619,7 +1618,6 @@
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
scripts/config.py unset MBEDTLS_RSA_C
scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py
index 5eddaae..cc7aca9 100755
--- a/tests/scripts/depends.py
+++ b/tests/scripts/depends.py
@@ -56,6 +56,8 @@
import scripts_path # pylint: disable=unused-import
import config
from mbedtls_framework import c_build_helper
+from mbedtls_framework import crypto_knowledge
+from mbedtls_framework import psa_information
class Colors: # pylint: disable=too-few-public-methods
"""Minimalistic support for colored output.
@@ -241,22 +243,22 @@
# This file includes a copy because it changes rarely and it would be a pain
# to extract automatically.
REVERSE_DEPENDENCIES = {
- 'MBEDTLS_AES_C': ['MBEDTLS_CTR_DRBG_C',
- 'MBEDTLS_NIST_KW_C',
- 'PSA_WANT_KEY_TYPE_AES',
- 'PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128'],
- 'MBEDTLS_ARIA_C': ['PSA_WANT_KEY_TYPE_ARIA'],
- 'MBEDTLS_CAMELLIA_C': ['PSA_WANT_KEY_TYPE_CAMELLIA'],
- 'MBEDTLS_CCM_C': ['PSA_WANT_ALG_CCM',
- 'PSA_WANT_ALG_CCM_STAR_NO_TAG'],
- 'MBEDTLS_CHACHA20_C': ['MBEDTLS_CHACHAPOLY_C',
- 'PSA_WANT_KEY_TYPE_CHACHA20',
- 'PSA_WANT_ALG_CHACHA20_POLY1305',
- 'PSA_WANT_ALG_STREAM_CIPHER'],
- 'MBEDTLS_CMAC_C': ['PSA_WANT_ALG_CMAC',
- 'PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128'],
- 'MBEDTLS_DES_C': ['PSA_WANT_KEY_TYPE_DES'],
- 'MBEDTLS_GCM_C': ['PSA_WANT_ALG_GCM'],
+ 'PSA_WANT_KEY_TYPE_AES': ['PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128',
+ 'MBEDTLS_CTR_DRBG_C',
+ 'MBEDTLS_NIST_KW_C',
+ 'MBEDTLS_AES_C'],
+ 'PSA_WANT_KEY_TYPE_ARIA': ['MBEDTLS_ARIA_C'],
+ 'PSA_WANT_KEY_TYPE_CAMELLIA': ['MBEDTLS_CAMELLIA_C'],
+ 'PSA_WANT_KEY_TYPE_CHACHA20': ['PSA_WANT_ALG_CHACHA20_POLY1305',
+ 'PSA_WANT_ALG_STREAM_CIPHER',
+ 'MBEDTLS_CHACHA20_C',
+ 'MBEDTLS_CHACHAPOLY_C'],
+ 'PSA_WANT_KEY_TYPE_DES': ['MBEDTLS_DES_C'],
+ 'PSA_WANT_ALG_CCM': ['PSA_WANT_ALG_CCM_STAR_NO_TAG',
+ 'MBEDTLS_CCM_C'],
+ 'PSA_WANT_ALG_CMAC': ['PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128',
+ 'MBEDTLS_CMAC_C'],
+ 'PSA_WANT_ALG_GCM': ['MBEDTLS_GCM_C'],
'MBEDTLS_CIPHER_MODE_CBC': ['PSA_WANT_ALG_CBC_PKCS7',
'PSA_WANT_ALG_CBC_NO_PADDING'],
@@ -312,7 +314,6 @@
'PSA_WANT_ALG_RSA_PSS'],
'MBEDTLS_PKCS1_V15': ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED',
- 'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED',
'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED',
'PSA_WANT_ALG_RSA_PKCS1V15_CRYPT',
'PSA_WANT_ALG_RSA_PKCS1V15_SIGN'],
@@ -363,20 +364,20 @@
'MBEDTLS_ECP_DP_CURVE25519_ENABLED': ['-MBEDTLS_ECDSA_C',
'-MBEDTLS_ECDSA_DETERMINISTIC',
'-MBEDTLS_ECJPAKE_C'],
- 'MBEDTLS_ARIA_C': ['-MBEDTLS_CMAC_C',
- '-MBEDTLS_CCM_C',
- '-MBEDTLS_GCM_C',
- '-MBEDTLS_SSL_TICKET_C',
- '-MBEDTLS_SSL_CONTEXT_SERIALIZATION'],
- 'MBEDTLS_CAMELLIA_C': ['-MBEDTLS_CMAC_C'],
- 'MBEDTLS_CHACHA20_C': ['-MBEDTLS_CMAC_C',
- '-MBEDTLS_CCM_C',
- '-MBEDTLS_GCM_C',
- '-PSA_WANT_ALG_ECB_NO_PADDING'],
- 'MBEDTLS_DES_C': ['-MBEDTLS_CCM_C',
- '-MBEDTLS_GCM_C',
- '-MBEDTLS_SSL_TICKET_C',
- '-MBEDTLS_SSL_CONTEXT_SERIALIZATION'],
+ 'PSA_WANT_KEY_TYPE_ARIA': ['-PSA_WANT_ALG_CMAC',
+ '-PSA_WANT_ALG_CCM',
+ '-PSA_WANT_ALG_GCM',
+ '-MBEDTLS_SSL_TICKET_C',
+ '-MBEDTLS_SSL_CONTEXT_SERIALIZATION'],
+ 'PSA_WANT_KEY_TYPE_CAMELLIA': ['-PSA_WANT_ALG_CMAC'],
+ 'PSA_WANT_KEY_TYPE_CHACHA20': ['-PSA_WANT_ALG_CMAC',
+ '-PSA_WANT_ALG_CCM',
+ '-PSA_WANT_ALG_GCM',
+ '-PSA_WANT_ALG_ECB_NO_PADDING'],
+ 'PSA_WANT_KEY_TYPE_DES': ['-PSA_WANT_ALG_CCM',
+ '-PSA_WANT_ALG_GCM',
+ '-MBEDTLS_SSL_TICKET_C',
+ '-MBEDTLS_SSL_CONTEXT_SERIALIZATION'],
}
def handle_exclusive_groups(config_settings, symbol):
"""For every symbol tested in an exclusive group check if there are other
@@ -464,20 +465,6 @@
each call adds respective jobs. The job array initialization is done once in
BaseDomain, before the parent __init__ calls."""
-class CipherInfo: # pylint: disable=too-few-public-methods
- """Collect data about cipher.h."""
- def __init__(self):
- self.base_symbols = set()
- if os.path.isdir('tf-psa-crypto'):
- cipher_h_path = 'tf-psa-crypto/drivers/builtin/include/mbedtls/cipher.h'
- else:
- cipher_h_path = 'include/mbedtls/cipher.h'
- with open(cipher_h_path, encoding="utf-8") as fh:
- for line in fh:
- m = re.match(r' *MBEDTLS_CIPHER_ID_(\w+),', line)
- if m and m.group(1) not in ['NONE', 'NULL', '3DES']:
- self.base_symbols.add('MBEDTLS_' + m.group(1) + '_C')
-
class DomainData:
"""A container for domains and jobs, used to structurize testing."""
def config_symbols_matching(self, regexp):
@@ -485,28 +472,44 @@
return [symbol for symbol in self.all_config_symbols
if re.match(regexp, symbol)]
+ # pylint: disable=too-many-locals
def __init__(self, options, conf):
"""Gather data about the library and establish a list of domains to test."""
build_command = [options.make_command, 'CFLAGS=-Werror -O2']
build_and_test = [build_command, [options.make_command, 'test']]
self.all_config_symbols = set(conf.settings.keys())
+ psa_info = psa_information.Information().constructors
+ algs = {crypto_knowledge.Algorithm(alg): symbol
+ for alg, symbol in ((alg, psa_information.psa_want_symbol(alg))
+ for alg in psa_info.algorithms)
+ if symbol in self.all_config_symbols}
+ cipher_algs = {alg
+ for alg in algs
+ if alg.can_do(crypto_knowledge.AlgorithmCategory.CIPHER)}
+ key_types = {crypto_knowledge.KeyType(expr): symbol
+ for key_type in psa_info.key_types
+ for expr, symbol in ((expr, psa_information.psa_want_symbol(key_type))
+ for expr in psa_info.generate_expressions([key_type]))
+ if symbol in self.all_config_symbols}
+
# Find hash modules by name.
hash_symbols = self.config_symbols_matching(r'MBEDTLS_(MD|RIPEMD|SHA)[0-9]+_C\Z')
# Find elliptic curve enabling macros by name.
curve_symbols = self.config_symbols_matching(r'MBEDTLS_ECP_DP_\w+_ENABLED\Z')
# Find key exchange enabling macros by name.
key_exchange_symbols = self.config_symbols_matching(r'MBEDTLS_KEY_EXCHANGE_\w+_ENABLED\Z')
- # Find cipher IDs (block permutations and stream ciphers --- chaining
- # and padding modes are exercised separately) information by parsing
- # cipher.h, as the information is not readily available in mbedtls_config.h.
- cipher_info = CipherInfo()
+
+ # Find cipher key types
+ cipher_key_types = {symbol
+ for key_type, symbol in key_types.items()
+ for alg in cipher_algs
+ if key_type.can_do(alg)}
# Find block cipher chaining and padding mode enabling macros by name.
cipher_chaining_symbols = self.config_symbols_matching(r'MBEDTLS_CIPHER_MODE_\w+\Z')
cipher_padding_symbols = self.config_symbols_matching(r'MBEDTLS_CIPHER_PADDING_\w+\Z')
self.domains = {
- # Cipher IDs, chaining modes and padding modes. Run the test suites.
- 'cipher_id': ExclusiveDomain(cipher_info.base_symbols,
- build_and_test),
+ # Cipher key types
+ 'cipher_id': ExclusiveDomain(cipher_key_types, build_and_test),
'cipher_chaining': ExclusiveDomain(cipher_chaining_symbols,
build_and_test),
'cipher_padding': ExclusiveDomain(cipher_padding_symbols,
diff --git a/tests/scripts/mbedtls-all.sh b/tests/scripts/mbedtls-all.sh
new file mode 100755
index 0000000..cdf296d
--- /dev/null
+++ b/tests/scripts/mbedtls-all.sh
@@ -0,0 +1,16 @@
+#! /usr/bin/env bash
+
+# all.sh (mbedtls part)
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+# This file is executable; it is the entry point for users and the CI.
+# See "Files structure" in all-core.sh for other files used.
+
+# This script must be invoked from the project's root.
+
+# The path is going to change when this is moved to the framework
+source tests/scripts/all-core.sh
+
+main "$@"
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index bf39952..ef6c607 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -312,7 +312,6 @@
MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
- MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
@@ -322,8 +321,7 @@
TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
- MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
- MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED"
+ MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED"
requires_certificate_authentication () {
if is_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
@@ -584,7 +582,7 @@
# with a pre-shared key, skip it. If the test looks like it's already using
# a pre-shared key, do nothing.
#
-# This code does not consider builds with ECDHE-PSK or RSA-PSK.
+# This code does not consider builds with ECDHE-PSK.
#
# Inputs:
# * $CLI_CMD, $SRV_CMD, $PXY_CMD: client/server/proxy commands.
@@ -2540,22 +2538,6 @@
requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
requires_config_enabled MBEDTLS_RSA_C
requires_hash_alg SHA_256
-run_test "Opaque key for server authentication: RSA-PSK" \
- "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-decrypt,none \
- psk=73776f726466697368 psk_identity=foo" \
- "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
- psk=73776f726466697368 psk_identity=foo" \
- 0 \
- -c "Verifying peer X.509 certificate... ok" \
- -c "Ciphersuite is TLS-RSA-PSK-" \
- -s "key types: Opaque, Opaque" \
- -s "Ciphersuite is TLS-RSA-PSK-" \
- -S "error" \
- -C "error"
-
-requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
-requires_config_enabled MBEDTLS_RSA_C
-requires_hash_alg SHA_256
run_test "Opaque key for server authentication: RSA-" \
"$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \
"$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \
@@ -8584,50 +8566,6 @@
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
-run_test "PSK callback: opaque rsa-psk on client, no callback" \
- "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
- "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
- psk_identity=foo psk=73776f726466697368 psk_opaque=1" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \
- "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
- "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=foo psk=73776f726466697368 psk_opaque=1" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \
- "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
- "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
- psk_identity=foo psk=73776f726466697368 psk_opaque=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" \
- "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
- "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=foo psk=73776f726466697368 psk_opaque=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
run_test "PSK callback: opaque ecdhe-psk on client, no callback" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
@@ -8762,52 +8700,6 @@
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
-run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback" \
- "$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
- psk_identity=foo psk=73776f726466697368" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, SHA-384" \
- "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
- "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=foo psk=73776f726466697368" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS" \
- "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
- force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
- psk_identity=foo psk=73776f726466697368 extended_ms=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS, SHA384" \
- "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
- force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=foo psk=73776f726466697368 extended_ms=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback" \
"$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
@@ -8946,52 +8838,6 @@
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
-run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback" \
- "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
- psk_identity=def psk=beef" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, SHA-384" \
- "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=def psk=beef" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS" \
- "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
- force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
- psk_identity=abc psk=dead extended_ms=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS, SHA384" \
- "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
- force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=abc psk=dead extended_ms=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
@@ -9996,27 +9842,6 @@
-s "Async resume (slot [0-9]): decrypt done, status=0"
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt RSA-PSK, delay=0" \
- "$P_SRV psk=73776f726466697368 \
- async_operations=d async_private_delay1=0 async_private_delay2=0" \
- "$P_CLI psk=73776f726466697368 \
- force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
- 0 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume (slot [0-9]): decrypt done, status=0"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test "SSL async private: decrypt RSA-PSK, delay=1" \
- "$P_SRV psk=73776f726466697368 \
- async_operations=d async_private_delay1=1 async_private_delay2=1" \
- "$P_CLI psk=73776f726466697368 \
- force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
- 0 \
- -s "Async decrypt callback: using key slot " \
- -s "Async resume (slot [0-9]): call 0 more times." \
- -s "Async resume (slot [0-9]): decrypt done, status=0"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
run_test "SSL async private: sign callback not present" \
"$P_SRV \
async_operations=d async_private_delay1=1 async_private_delay2=1" \
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index c522459..8135ef1 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -452,26 +452,6 @@
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
-Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, non-opaque
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
-
-Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
-
-Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad alg
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
-
-Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad usage
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
-
-Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, no psk
-depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
-
Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque
depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
diff --git a/tf-psa-crypto/core/psa_crypto.c b/tf-psa-crypto/core/psa_crypto.c
index 81c33cc..ceaa243 100644
--- a/tf-psa-crypto/core/psa_crypto.c
+++ b/tf-psa-crypto/core/psa_crypto.c
@@ -7019,12 +7019,11 @@
* uint16 with the value N, and the PSK itself.
*
* mixed-PSK:
- * In a DHE-PSK, RSA-PSK, ECDHE-PSK the premaster secret is formed as
+ * In a DHE-PSK, ECDHE-PSK the premaster secret is formed as
* follows: concatenate a uint16 with the length of the other secret,
* the other secret itself, uint16 with the length of PSK, and the
* PSK itself.
* For details please check:
- * - RFC 4279, Section 4 for the definition of RSA-PSK,
* - RFC 4279, Section 3 for the definition of DHE-PSK,
* - RFC 5489 for the definition of ECDHE-PSK.
*/
diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h
index 08fa5b3..bf2748a 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h
@@ -161,6 +161,16 @@
* \param[out] der_len On success it contains the amount of valid data
* (in bytes) written to \p der. It's undefined
* in case of failure.
+ *
+ * \note The behavior is undefined if \p der is null,
+ * even if \p der_size is 0.
+ *
+ * \return 0 if successful.
+ * \return #MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if \p der_size
+ * is too small or if \p bits is larger than the
+ * largest supported curve.
+ * \return #MBEDTLS_ERR_ASN1_INVALID_DATA if one of the
+ * numbers in the signature is 0.
*/
int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_len,
unsigned char *der, size_t der_size, size_t *der_len);
@@ -177,6 +187,15 @@
* \param[out] raw_len On success it is updated with the amount of valid
* data (in bytes) written to \p raw. It's undefined
* in case of failure.
+ *
+ * \return 0 if successful.
+ * \return #MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if \p raw_size
+ * is too small or if \p bits is larger than the
+ * largest supported curve.
+ * \return #MBEDTLS_ERR_ASN1_INVALID_DATA if the data in
+ * \p der is inconsistent with \p bits.
+ * \return An \c MBEDTLS_ERR_ASN1_xxx error code if
+ * \p der is malformed.
*/
int mbedtls_ecdsa_der_to_raw(size_t bits, const unsigned char *der, size_t der_len,
unsigned char *raw, size_t raw_size, size_t *raw_len);
diff --git a/tf-psa-crypto/drivers/builtin/src/psa_util.c b/tf-psa-crypto/drivers/builtin/src/psa_util.c
index 55803ea..b2d2cd9 100644
--- a/tf-psa-crypto/drivers/builtin/src/psa_util.c
+++ b/tf-psa-crypto/drivers/builtin/src/psa_util.c
@@ -440,6 +440,9 @@
unsigned char *p = der + der_size;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ if (bits == 0) {
+ return MBEDTLS_ERR_ASN1_INVALID_DATA;
+ }
if (raw_len != (2 * coordinate_len)) {
return MBEDTLS_ERR_ASN1_INVALID_DATA;
}
@@ -559,6 +562,9 @@
size_t coordinate_size = PSA_BITS_TO_BYTES(bits);
int ret;
+ if (bits == 0) {
+ return MBEDTLS_ERR_ASN1_INVALID_DATA;
+ }
/* The output raw buffer should be at least twice the size of a raw
* coordinate in order to store r and s. */
if (raw_size < coordinate_size * 2) {
diff --git a/tf-psa-crypto/include/psa/crypto_values.h b/tf-psa-crypto/include/psa/crypto_values.h
index 1d678db..ad43797 100644
--- a/tf-psa-crypto/include/psa/crypto_values.h
+++ b/tf-psa-crypto/include/psa/crypto_values.h
@@ -2020,13 +2020,6 @@
* this input may be an output of `psa_raw_key_agreement()` passed with
* psa_key_derivation_input_bytes(), or an equivalent input passed with
* psa_key_derivation_input_bytes() or psa_key_derivation_input_key().
- * - for a RSA-PSK cipher suite (RFC 4279, Section 4), the other secret
- * should be the 48-byte client challenge (the PreMasterSecret of
- * (RFC 5246, Section 7.4.7.1)) concatenation of the TLS version and
- * a 46-byte random string chosen by the client. On the server, this is
- * typically an output of psa_asymmetric_decrypt() using
- * PSA_ALG_RSA_PKCS1V15_CRYPT, passed to the key derivation operation
- * with `psa_key_derivation_input_bytes()`.
*
* For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)` represents the
* TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256.
diff --git a/tf-psa-crypto/tests/scripts/all.sh b/tf-psa-crypto/tests/scripts/all.sh
new file mode 100755
index 0000000..e26abd8
--- /dev/null
+++ b/tf-psa-crypto/tests/scripts/all.sh
@@ -0,0 +1,23 @@
+#! /usr/bin/env bash
+
+# all.sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+# This file is executable; it is the entry point for users and the CI.
+# See "Files structure" in all-core.sh for other files used.
+
+# This script must be invoked from the project's root.
+
+# Prevent silly mistakes when people would invoke this from mbedtls
+if [ -d tf-psa-crypto -a -d library ]; then
+ echo "When invoking this script from an mbedtls checkout," >&2
+ echo "you must change the working directory to tf-psa-crypto." >&2
+ exit 255
+fi
+
+# The path is going to change when this is moved to the framework
+source ../tests/scripts/all-core.sh
+
+main "$@"
diff --git a/tf-psa-crypto/tests/scripts/components-build-system.sh b/tf-psa-crypto/tests/scripts/components-build-system.sh
new file mode 100644
index 0000000..957e23a
--- /dev/null
+++ b/tf-psa-crypto/tests/scripts/components-build-system.sh
@@ -0,0 +1,24 @@
+# components-build-system.sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+
+# This file contains test components that are executed by all.sh
+
+################################################################
+#### Build System Testing
+################################################################
+
+component_test_cmake_tf_psa_crypto_out_of_source () {
+ msg "build: cmake tf-psa-crypto 'out-of-source' build"
+ TF_PSA_CRYPTO_ROOT_DIR="$PWD"
+ mkdir "$OUT_OF_SOURCE_DIR"
+ cd "$OUT_OF_SOURCE_DIR"
+ # Note: Explicitly generate files as these are turned off in releases
+ cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$TF_PSA_CRYPTO_ROOT_DIR"
+ make
+ msg "test: cmake tf-psa-crypto 'out-of-source' build"
+ make test
+ cd "$TF_PSA_CRYPTO_ROOT_DIR"
+ rm -rf "$OUT_OF_SOURCE_DIR"
+}
diff --git a/tf-psa-crypto/tests/suites/test_suite_bignum.function b/tf-psa-crypto/tests/suites/test_suite_bignum.function
index 3d2b8a1..36f1476 100644
--- a/tf-psa-crypto/tests/suites/test_suite_bignum.function
+++ b/tf-psa-crypto/tests/suites/test_suite_bignum.function
@@ -212,28 +212,22 @@
int output_size, int result)
{
mbedtls_mpi X;
- unsigned char buf[1000];
- size_t buflen;
-
- memset(buf, 0x00, 1000);
-
mbedtls_mpi_init(&X);
+ unsigned char *buf = NULL;
- TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+ TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
- buflen = mbedtls_mpi_size(&X);
- if (buflen > (size_t) output_size) {
- buflen = (size_t) output_size;
- }
+ TEST_CALLOC(buf, output_size);
- TEST_ASSERT(mbedtls_mpi_write_binary(&X, buf, buflen) == result);
+ TEST_EQUAL(mbedtls_mpi_write_binary(&X, buf, output_size), result);
+
if (result == 0) {
-
- TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x,
- buflen, input_A->len) == 0);
+ TEST_EQUAL(mbedtls_test_hexcmp(buf, input_A->x,
+ output_size, input_A->len), 0);
}
exit:
+ mbedtls_free(buf);
mbedtls_mpi_free(&X);
}
/* END_CASE */
@@ -243,28 +237,22 @@
int output_size, int result)
{
mbedtls_mpi X;
- unsigned char buf[1000];
- size_t buflen;
-
- memset(buf, 0x00, 1000);
-
mbedtls_mpi_init(&X);
+ unsigned char *buf = NULL;
- TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0);
+ TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0);
- buflen = mbedtls_mpi_size(&X);
- if (buflen > (size_t) output_size) {
- buflen = (size_t) output_size;
- }
+ TEST_CALLOC(buf, output_size);
- TEST_ASSERT(mbedtls_mpi_write_binary_le(&X, buf, buflen) == result);
+ TEST_EQUAL(mbedtls_mpi_write_binary_le(&X, buf, output_size), result);
+
if (result == 0) {
-
- TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x,
- buflen, input_A->len) == 0);
+ TEST_EQUAL(mbedtls_test_hexcmp(buf, input_A->x,
+ output_size, input_A->len), 0);
}
exit:
+ mbedtls_free(buf);
mbedtls_mpi_free(&X);
}
/* END_CASE */
diff --git a/tf-psa-crypto/tests/suites/test_suite_bignum.misc.data b/tf-psa-crypto/tests/suites/test_suite_bignum.misc.data
index de2ea87..1228a4d 100644
--- a/tf-psa-crypto/tests/suites/test_suite_bignum.misc.data
+++ b/tf-psa-crypto/tests/suites/test_suite_bignum.misc.data
@@ -92,7 +92,10 @@
mpi_read_binary_le:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"24448B952FBBEF93F89286BA330E62528B151EAC265CC8CE3038519D09E148AF89288E91F48B41ACAD55D9DC5E2B18097C106BE4CE132721BF6359EAF403E7FF90623E8866EE5C192320418DAA682F144ADEDF84F25DE11F49D1FE009D374109"
Base test mbedtls_mpi_write_binary #1
-mpi_write_binary:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0
+mpi_write_binary:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":100:0
+
+Test mbedtls_mpi_write_binary #1 (Buffer is larger)
+mpi_write_binary:"123123123123123123123123123":"000123123123123123123123123123":15:0
Test mbedtls_mpi_write_binary #1 (Buffer just fits)
mpi_write_binary:"123123123123123123123123123":"0123123123123123123123123123":14:0
@@ -100,8 +103,17 @@
Test mbedtls_mpi_write_binary #2 (Buffer too small)
mpi_write_binary:"123123123123123123123123123":"23123123123123123123123123":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+Test mbedtls_mpi_write_binary: nonzero to NULL
+mpi_write_binary:"01":"":0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+
+Test mbedtls_mpi_write_binary: 0 to NULL
+mpi_write_binary:"00":"":0:0
+
Base test mbedtls_mpi_write_binary_le #1
-mpi_write_binary_le:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"24448b952fbbef93f89286ba330e62528b151eac265cc8ce3038519d09e148af89288e91f48b41acad55d9dc5e2b18097c106be4ce132721bf6359eaf403e7ff90623e8866ee5c192320418daa682f144adedf84f25de11f49d1fe009d374109":200:0
+mpi_write_binary_le:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"24448b952fbbef93f89286ba330e62528b151eac265cc8ce3038519d09e148af89288e91f48b41acad55d9dc5e2b18097c106be4ce132721bf6359eaf403e7ff90623e8866ee5c192320418daa682f144adedf84f25de11f49d1fe009d37410900000000":100:0
+
+Test mbedtls_mpi_write_binary_le #1 (Buffer is larger)
+mpi_write_binary_le:"123123123123123123123123123":"233112233112233112233112230100":15:0
Test mbedtls_mpi_write_binary_le #1 (Buffer just fits)
mpi_write_binary_le:"123123123123123123123123123":"2331122331122331122331122301":14:0
@@ -109,6 +121,12 @@
Test mbedtls_mpi_write_binary_le #2 (Buffer too small)
mpi_write_binary_le:"123123123123123123123123123":"23311223311223311223311223":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+Test mbedtls_mpi_write_binary_le: nonzero to NULL
+mpi_write_binary_le:"01":"":0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+
+Test mbedtls_mpi_write_binary_le: 0 to NULL
+mpi_write_binary_le:"00":"":0:0
+
Base test mbedtls_mpi_read_file #1
mpi_read_file:"../../framework/data_files/mpi_16":"01f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":0
diff --git a/tf-psa-crypto/tests/suites/test_suite_ccm.function b/tf-psa-crypto/tests/suites/test_suite_ccm.function
index dbb313b..798be77 100644
--- a/tf-psa-crypto/tests/suites/test_suite_ccm.function
+++ b/tf-psa-crypto/tests/suites/test_suite_ccm.function
@@ -79,11 +79,11 @@
void mbedtls_ccm_setkey(int cipher_id, int key_size, int result)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
unsigned char key[32];
int ret;
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
memset(key, 0x2A, sizeof(key));
TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key));
@@ -101,6 +101,7 @@
void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
unsigned char key[16];
unsigned char msg[10];
unsigned char iv[14];
@@ -110,7 +111,6 @@
int decrypt_ret;
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_CALLOC_OR_SKIP(add, add_len);
memset(key, 0, sizeof(key));
@@ -146,6 +146,7 @@
int res)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
unsigned char key[16];
unsigned char msg[10];
unsigned char iv[14];
@@ -155,7 +156,6 @@
int decrypt_ret;
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
memset(key, 0, sizeof(key));
memset(msg, 0, sizeof(msg));
@@ -191,6 +191,7 @@
data_t *add, data_t *result)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
size_t n1, n1_add;
uint8_t *io_msg_buf = NULL;
uint8_t *tag_buf = NULL;
@@ -207,7 +208,6 @@
TEST_CALLOC(tag_buf, expected_tag_len);
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
/* Test with input == output */
TEST_EQUAL(mbedtls_ccm_encrypt_and_tag(&ctx, msg->len, iv->x, iv->len, add->x, add->len,
@@ -248,11 +248,11 @@
data_t *msg, data_t *iv, data_t *result)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t *output = NULL;
size_t olen;
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
TEST_EQUAL(0, mbedtls_ccm_set_lengths(&ctx, 0, msg->len, 0));
@@ -277,6 +277,7 @@
data_t *expected_msg)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
size_t n1, n1_add;
const size_t expected_msg_len = msg->len - expected_tag_len;
@@ -290,7 +291,6 @@
}
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
/* Test with input == output */
TEST_EQUAL(mbedtls_ccm_auth_decrypt(&ctx, expected_msg_len, iv->x, iv->len, add->x, add->len,
@@ -343,6 +343,7 @@
{
unsigned char iv[13];
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
size_t iv_len, expected_tag_len;
size_t n1, n1_add;
uint8_t *io_msg_buf = NULL;
@@ -379,7 +380,6 @@
iv_len = sizeof(iv);
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id,
key->x, key->len * 8), 0);
/* Test with input == output */
@@ -430,6 +430,7 @@
{
unsigned char iv[13];
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
size_t iv_len, expected_tag_len;
size_t n1, n1_add;
@@ -460,7 +461,6 @@
iv_len = sizeof(iv);
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0);
/* Test with input == output */
TEST_EQUAL(mbedtls_ccm_star_auth_decrypt(&ctx, expected_msg_len, iv, iv_len,
@@ -507,6 +507,7 @@
data_t *result, data_t *tag)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t *output = NULL;
size_t olen;
@@ -514,7 +515,6 @@
TEST_EQUAL(msg->len, result->len);
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
TEST_EQUAL(0, mbedtls_ccm_set_lengths(&ctx, 0, msg->len, tag->len));
@@ -547,10 +547,10 @@
data_t *tag)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t *output = NULL;
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
TEST_EQUAL(0, mbedtls_ccm_set_lengths(&ctx, add->len, 0, tag->len));
@@ -577,9 +577,12 @@
data_t *add)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
+
+ /* This test can't be run with empty additional data */
+ TEST_LE_U(1, add->len);
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded values for msg length and tag length. They are not a part of this test
@@ -600,9 +603,9 @@
data_t *add)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded values for msg length and tag length. They are not a part of this test
@@ -622,11 +625,11 @@
data_t *add)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t *output = NULL;
size_t olen;
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded value for tag length. It is not a part of this test
@@ -651,10 +654,13 @@
data_t *key, data_t *iv, data_t *add)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t *output = NULL;
+ /* This test can't be run with empty additional data */
+ TEST_LE_U(1, add->len);
+
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded values for msg length and tag length. They are not a part of this test
@@ -680,9 +686,9 @@
data_t *add)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded values for msg length and tag length. They are not a part of this test
@@ -706,13 +712,16 @@
data_t *add)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t add_second_buffer[2];
+ /* This test can't be run with empty additional data */
+ TEST_LE_U(1, add->len);
+
add_second_buffer[0] = add->x[add->len - 1];
add_second_buffer[1] = 0xAB; // some magic value
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded values for msg length and tag length. They are not a part of this test
@@ -735,11 +744,14 @@
data_t *add)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t *output = NULL;
size_t olen;
+ /* This test can't be run with an empty message */
+ TEST_LE_U(1, msg->len);
+
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded value for tag length. It is a not a part of this test
@@ -765,11 +777,14 @@
data_t *add)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t *output = NULL;
size_t olen;
+ /* This test can't be run with an empty message */
+ TEST_LE_U(1, msg->len);
+
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded value for tag length. It is not a part of this test
@@ -801,11 +816,11 @@
data_t *add)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t *output = NULL;
size_t olen;
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded value for tag length. It is a not a part of this test
@@ -834,15 +849,18 @@
data_t *add)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t *output = NULL;
size_t olen;
uint8_t msg_second_buffer[2];
+ /* This test can't be run with an empty message */
+ TEST_LE_U(1, msg->len);
+
msg_second_buffer[0] = msg->x[msg->len - 1];
msg_second_buffer[1] = 0xAB; // some magic value
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded value for tag length. It is a not a part of this test
@@ -869,10 +887,10 @@
data_t *key, data_t *iv)
{
mbedtls_ccm_context ctx;
+ mbedtls_ccm_init(&ctx);
uint8_t *output = NULL;
BLOCK_CIPHER_PSA_INIT();
- mbedtls_ccm_init(&ctx);
TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0);
TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len));
// use hardcoded values for add length, msg length and tag length.
diff --git a/tests/suites/test_suite_psa_crypto_ecp.data b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_ecp.data
similarity index 100%
rename from tests/suites/test_suite_psa_crypto_ecp.data
rename to tf-psa-crypto/tests/suites/test_suite_psa_crypto_ecp.data
diff --git a/tests/suites/test_suite_psa_crypto_ecp.function b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_ecp.function
similarity index 100%
rename from tests/suites/test_suite_psa_crypto_ecp.function
rename to tf-psa-crypto/tests/suites/test_suite_psa_crypto_ecp.function
diff --git a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.data b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.data
index c84a836..a0ec9fd 100644
--- a/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.data
+++ b/tf-psa-crypto/tests/suites/test_suite_psa_crypto_util.data
@@ -1,3 +1,12 @@
+# mbedtls_ecdsa_der_to_raw() doesn't accept a null output buffer,
+# even with otherwise invalid paramters,
+# so we pass it a (non-null) buffer of length 1.
+ECDSA Raw -> DER, 0bit
+ecdsa_raw_to_der:0:"":"00":MBEDTLS_ERR_ASN1_INVALID_DATA
+
+ECDSA DER -> Raw, 0bit
+ecdsa_der_to_raw:0:"":"":MBEDTLS_ERR_ASN1_INVALID_DATA
+
ECDSA Raw -> DER, 256bit, Success
depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256
ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0