Merge pull request #9916 from valeriosetti/issue9688
Migrate DHE test cases to ECDHE
diff --git a/ChangeLog.d/9684.txt b/ChangeLog.d/9684.txt
new file mode 100644
index 0000000..115ded8
--- /dev/null
+++ b/ChangeLog.d/9684.txt
@@ -0,0 +1,2 @@
+Removals
+ * Remove support for the DHE-PSK key exchange in TLS 1.2.
diff --git a/configs/ext/crypto_config_profile_medium.h b/configs/ext/crypto_config_profile_medium.h
index 637c2ff..83048d0 100644
--- a/configs/ext/crypto_config_profile_medium.h
+++ b/configs/ext/crypto_config_profile_medium.h
@@ -549,16 +549,10 @@
* MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
* MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
* MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
* MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
* MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
* MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
* MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
diff --git a/docs/architecture/tls13-support.md b/docs/architecture/tls13-support.md
index 52669fd..c98ccf7 100644
--- a/docs/architecture/tls13-support.md
+++ b/docs/architecture/tls13-support.md
@@ -115,7 +115,6 @@
| MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED | no |
| | |
| MBEDTLS_KEY_EXCHANGE_PSK_ENABLED | n/a (2) |
- | MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_RSA_ENABLED | n/a |
| MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED | n/a |
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index eebe164..abce71b 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -69,10 +69,6 @@
#error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(MBEDTLS_DHM_C)
-#error "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites"
-#endif
-
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \
!defined(MBEDTLS_CAN_ECDH)
#error "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites"
@@ -180,7 +176,6 @@
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) )
#error "One or more versions of the TLS protocol are enabled " \
diff --git a/include/mbedtls/config_adjust_ssl.h b/include/mbedtls/config_adjust_ssl.h
index ce90991..0b1551b 100644
--- a/include/mbedtls/config_adjust_ssl.h
+++ b/include/mbedtls/config_adjust_ssl.h
@@ -66,7 +66,6 @@
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
-#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 64bf7ee..57bc673 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -207,36 +207,6 @@
#define MBEDTLS_DEBUG_C
/**
- * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
- *
- * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_DHM_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
- * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *
- * \warning Using DHE constitutes a security risk as it
- * is not possible to validate custom DH parameters.
- * If possible, it is recommended users should consider
- * preferring other methods of key exchange.
- * See dhm.h for more details.
- *
- */
-#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
-
-
-/**
* \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
*
* Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index c0ec6fb..6010941 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -669,10 +669,6 @@
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
unsigned char _pms_psk[4 + 2 * MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 2 */
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
- unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE
- + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */
-#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES
+ MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */
diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
index 18e3c4a..17a0121 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@@ -28,7 +28,6 @@
#define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */
-#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */
#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
@@ -51,9 +50,6 @@
#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
-#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
-#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
-
#define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */
#define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */
@@ -61,19 +57,12 @@
#define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */
-#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
-#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
-#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */
-#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */
-
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */
@@ -148,12 +137,8 @@
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0xC063 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 0xC064 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065 /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066 /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071 /**< TLS 1.2 */
@@ -181,13 +166,9 @@
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
-#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
-#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
@@ -201,12 +182,8 @@
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */
/* The last two are named with PSK_DHE in the RFC, which looks like a typo */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */
@@ -222,7 +199,6 @@
#define MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC /**< TLS 1.2 */
-#define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD /**< TLS 1.2 */
/* RFC 8446, Appendix B.4 */
#define MBEDTLS_TLS1_3_AES_128_GCM_SHA256 0x1301 /**< TLS 1.3 */
@@ -241,7 +217,6 @@
MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
MBEDTLS_KEY_EXCHANGE_PSK,
- MBEDTLS_KEY_EXCHANGE_DHE_PSK,
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
@@ -318,7 +293,6 @@
/* Key exchanges that involve ephemeral keys */
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
@@ -328,14 +302,12 @@
/* Key exchanges using a PSK */
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#define MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
#endif
/* Key exchanges using DHE */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
#define MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED
#endif
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index f462187..8f41f2d 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -119,34 +119,15 @@
/* The PSK ephemeral suites */
MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
- MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
- MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
- MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
- MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
- MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
- MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
- MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
- MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
- MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
- MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
- MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
- MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
- MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
- MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
- MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
- MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
/* The ECJPAKE suite */
MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
@@ -239,9 +220,6 @@
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
- MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
- MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
- MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
MBEDTLS_TLS_RSA_WITH_NULL_SHA,
@@ -342,14 +320,6 @@
0,
MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
- { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
- "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
- MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
- MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 &&
PSA_WANT_ALG_SHA_256 &&
MBEDTLS_SSL_PROTO_TLS1_2 */
@@ -1051,107 +1021,6 @@
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-#if defined(PSA_WANT_KEY_TYPE_AES)
-#if defined(PSA_WANT_ALG_GCM)
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
- MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
- MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* PSA_WANT_ALG_GCM */
-
-#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
- MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
- MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-
-#if defined(PSA_WANT_ALG_SHA_1)
- { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
- MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-
- { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
- MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_1 */
-#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
-#if defined(PSA_WANT_ALG_CCM)
- { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
- MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
- { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
- MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- MBEDTLS_CIPHERSUITE_SHORT_TAG,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
- { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
- MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
- { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
- MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- MBEDTLS_CIPHERSUITE_SHORT_TAG,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_CCM */
-#endif /* PSA_WANT_KEY_TYPE_AES */
-
-#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
-#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
- MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
- MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* PSA_WANT_ALG_CBC_NO_PADDING */
-
-#if defined(PSA_WANT_ALG_GCM)
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
- MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_256 */
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
- MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* PSA_WANT_ALG_GCM */
-#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */
-
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#if defined(PSA_WANT_KEY_TYPE_AES)
@@ -1264,29 +1133,6 @@
#endif /* PSA_WANT_ALG_SHA_384 */
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-#if defined(PSA_WANT_ALG_SHA_1)
- { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
- MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- MBEDTLS_CIPHERSUITE_WEAK,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_1 */
-
-#if defined(PSA_WANT_ALG_SHA_256)
- { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
- MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- MBEDTLS_CIPHERSUITE_WEAK,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-
-#if defined(PSA_WANT_ALG_SHA_384)
- { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
- MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- MBEDTLS_CIPHERSUITE_WEAK,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif /* PSA_WANT_ALG_SHA_384 */
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#if defined(PSA_WANT_ALG_SHA_1)
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
@@ -1579,41 +1425,6 @@
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
-
-#if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384))
- { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
- "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
- MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
- defined(PSA_WANT_ALG_SHA_384))
- { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
- "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
- MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-#if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256))
- { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
- "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
- MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-#if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
- defined(PSA_WANT_ALG_SHA_256))
- { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
- "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
- MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- 0,
- MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
-#endif
-
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
-
#endif /* PSA_WANT_KEY_TYPE_ARIA */
@@ -1863,7 +1674,6 @@
{
switch (info->key_exchange) {
case MBEDTLS_KEY_EXCHANGE_PSK:
- case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
return 1;
diff --git a/library/ssl_ciphersuites_internal.h b/library/ssl_ciphersuites_internal.h
index 4f71bc0..5c7e7f9 100644
--- a/library/ssl_ciphersuites_internal.h
+++ b/library/ssl_ciphersuites_internal.h
@@ -29,7 +29,6 @@
{
switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
- case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
@@ -109,7 +108,6 @@
{
switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
- case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
return 1;
default:
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 159f2c3..56fdb1e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6955,7 +6955,6 @@
* length of the other key.
*/
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
- case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
other_secret_len = MBEDTLS_GET_UINT16_BE(handshake->premaster, 0);
other_secret = handshake->premaster + 2;
break;
@@ -7256,14 +7255,9 @@
/*
* This should never happen because the existence of a PSK is always
* checked before calling this function.
- *
- * The exception is opaque DHE-PSK. For DHE-PSK fill premaster with
- * the shared secret without PSK.
*/
- if (key_ex != MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
- return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
- }
+ MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
+ return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
/*
@@ -7290,24 +7284,6 @@
p += psk_len;
} else
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
- if (key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t len;
-
- /* Write length only when we know the actual value */
- if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx,
- p + 2, (size_t) (end - (p + 2)), &len,
- ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret);
- return ret;
- }
- MBEDTLS_PUT_UINT16_BE(len, p, 0);
- p += 2 + len;
-
- MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K);
- } else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
if (key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -9616,7 +9592,6 @@
/* Don't use default: we want warnings when adding new values */
case MBEDTLS_KEY_EXCHANGE_NONE:
case MBEDTLS_KEY_EXCHANGE_PSK:
- case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
usage = 0;
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index 14ce377..63f4240 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -1660,8 +1660,7 @@
return 0;
}
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_parse_server_dh_params(mbedtls_ssl_context *ssl,
unsigned char **p,
@@ -1699,8 +1698,7 @@
return ret;
}
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
- MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
@@ -2171,7 +2169,6 @@
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
if (ssl_parse_server_psk_hint(ssl, &p, end) != 0) {
MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message"));
@@ -2189,10 +2186,8 @@
; /* nothing more to do */
} else
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+ if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA) {
if (ssl_parse_server_dh_params(ssl, &p, end) != 0) {
MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message"));
mbedtls_ssl_send_alert_message(
@@ -2202,8 +2197,7 @@
return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
}
} else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
- MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
@@ -3043,51 +3037,6 @@
content_len = 0;
} else
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
- /*
- * ClientDiffieHellmanPublic public (DHM send G^X mod P)
- */
- content_len = mbedtls_dhm_get_len(&ssl->handshake->dhm_ctx);
-
- if (header_len + 2 + content_len >
- MBEDTLS_SSL_OUT_CONTENT_LEN) {
- MBEDTLS_SSL_DEBUG_MSG(1,
- ("psk identity or DHM size too long or SSL buffer too short"));
- return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
- }
-
- ssl->out_msg[header_len++] = MBEDTLS_BYTE_1(content_len);
- ssl->out_msg[header_len++] = MBEDTLS_BYTE_0(content_len);
-
- ret = mbedtls_dhm_make_public(&ssl->handshake->dhm_ctx,
- (int) mbedtls_dhm_get_len(&ssl->handshake->dhm_ctx),
- &ssl->out_msg[header_len], content_len,
- ssl->conf->f_rng, ssl->conf->p_rng);
- if (ret != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_make_public", ret);
- return ret;
- }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- unsigned char *pms = ssl->handshake->premaster;
- unsigned char *pms_end = pms + sizeof(ssl->handshake->premaster);
- size_t pms_len;
-
- /* Write length only when we know the actual value */
- if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx,
- pms + 2, pms_end - (pms + 2), &pms_len,
- ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret);
- return ret;
- }
- MBEDTLS_PUT_UINT16_BE(pms_len, pms, 0);
- pms += 2 + pms_len;
-
- MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K);
-#endif
- } else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 191031e..86a8cb1 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -2887,19 +2887,16 @@
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
/*
- * For (EC)DHE key exchanges with PSK, parameters are prefixed by support
+ * For ECDHE key exchanges with PSK, parameters are prefixed by support
* identity hint (RFC 4279, Sec. 3). Until someone needs this feature,
* we use empty support identity hints here.
**/
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+ if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
ssl->out_msg[ssl->out_msglen++] = 0x00;
ssl->out_msg[ssl->out_msglen++] = 0x00;
}
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
- MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
/*
* - DHE key exchanges
@@ -3375,8 +3372,7 @@
return 0;
}
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_parse_client_dh_public(mbedtls_ssl_context *ssl, unsigned char **p,
const unsigned char *end)
@@ -3411,8 +3407,7 @@
return ret;
}
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
- MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
@@ -3838,48 +3833,6 @@
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
} else
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
- if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) {
- if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret);
- return ret;
- }
- if ((ret = ssl_parse_client_dh_public(ssl, &p, end)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_dh_public"), ret);
- return ret;
- }
-
- if (p != end) {
- MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange"));
- return MBEDTLS_ERR_SSL_DECODE_ERROR;
- }
-
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- unsigned char *pms = ssl->handshake->premaster;
- unsigned char *pms_end = pms + sizeof(ssl->handshake->premaster);
- size_t pms_len;
-
- /* Write length only when we know the actual value */
- if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx,
- pms + 2, pms_end - (pms + 2), &pms_len,
- ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret);
- return ret;
- }
- MBEDTLS_PUT_UINT16_BE(pms_len, pms, 0);
- pms += 2 + pms_len;
-
- MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K);
-#else
- if ((ret = mbedtls_ssl_psk_derive_premaster(ssl,
- (mbedtls_key_exchange_type_t) ciphersuite_info->
- key_exchange)) != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret);
- return ret;
- }
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
- } else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) {
#if defined(MBEDTLS_USE_PSA_CRYPTO)
diff --git a/tests/compat.sh b/tests/compat.sh
index 05102e3..656b29d 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -406,9 +406,6 @@
"PSK")
CIPHERS="$CIPHERS \
- TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 \
- TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 \
- TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 \
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 \
TLS_PSK_WITH_ARIA_128_GCM_SHA256 \
TLS_PSK_WITH_ARIA_256_GCM_SHA384 \
@@ -472,22 +469,6 @@
"PSK")
CIPHERS="$CIPHERS \
- TLS_DHE_PSK_WITH_AES_128_CBC_SHA \
- TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 \
- TLS_DHE_PSK_WITH_AES_128_CCM \
- TLS_DHE_PSK_WITH_AES_128_CCM_8 \
- TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 \
- TLS_DHE_PSK_WITH_AES_256_CBC_SHA \
- TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 \
- TLS_DHE_PSK_WITH_AES_256_CCM \
- TLS_DHE_PSK_WITH_AES_256_CCM_8 \
- TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 \
- TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 \
- TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 \
- TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 \
- TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 \
- TLS_DHE_PSK_WITH_NULL_SHA256 \
- TLS_DHE_PSK_WITH_NULL_SHA384 \
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA \
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 \
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA \
@@ -554,9 +535,6 @@
"PSK")
# *PSK_NULL_SHA suites supported by GnuTLS 3.3.5 but not 3.2.15
M_CIPHERS="$M_CIPHERS \
- TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 \
- TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 \
- TLS_DHE_PSK_WITH_NULL_SHA \
TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 \
TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 \
TLS_ECDHE_PSK_WITH_NULL_SHA \
@@ -620,7 +598,7 @@
M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE"
O_SERVER_ARGS="-accept $PORT -cipher ALL,COMPLEMENTOFALL -$O_MODE"
G_SERVER_ARGS="-p $PORT --http $G_MODE"
- G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:-VERS-TLS-ALL:$G_PRIO_MODE"
+ G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+NULL:+MD5:+PSK:+ECDHE-PSK:+SHA256:+SHA384:-VERS-TLS-ALL:$G_PRIO_MODE"
# The default prime for `openssl s_server` depends on the version:
# * OpenSSL <= 1.0.2a: 512-bit
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index e8e830d..e68c2cb 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -481,17 +481,10 @@
'psa_crypto_ecp',
]
IGNORED_TESTS = {
- 'ssl-opt': [
- # DHE support in TLS 1.2 requires built-in MBEDTLS_DHM_C
- # (because it needs custom groups, which PSA does not
- # provide), even with MBEDTLS_USE_PSA_CRYPTO.
- re.compile(r'PSK callback:.*\bdhe-psk\b.*'),
- ],
'test_suite_config': [
re.compile(r'.*\bMBEDTLS_BIGNUM_C\b.*'),
re.compile(r'.*\bMBEDTLS_DHM_C\b.*'),
re.compile(r'.*\bMBEDTLS_(ECDH|ECDSA|ECJPAKE|ECP)_.*'),
- re.compile(r'.*\bMBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED\b.*'),
re.compile(r'.*\bMBEDTLS_PK_PARSE_EC_COMPRESSED\b.*'),
],
'test_suite_platform': [
diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index bb80bb4..c8c095f 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@@ -672,7 +672,6 @@
scripts/config.py unset MBEDTLS_DHM_C
# Disable things that depend on it
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
# Build
@@ -702,7 +701,6 @@
helper_libtestdriver1_adjust_config "full"
# Disable things that are not supported
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
make
@@ -1187,14 +1185,12 @@
scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*"
scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_DH_RFC7919_[0-9]*"
scripts/config.py unset MBEDTLS_DHM_C
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
else
# When testing ECC and DH instead, we disable DHM and depending key
# exchanges only in the accelerated build
if [ "$driver_only" -eq 1 ]; then
scripts/config.py unset MBEDTLS_DHM_C
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
fi
fi
diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py
index f7fc60f..2e8df33 100755
--- a/tests/scripts/depends.py
+++ b/tests/scripts/depends.py
@@ -274,21 +274,19 @@
'MBEDTLS_CIPHER_PADDING_ZEROS': ['MBEDTLS_CIPHER_MODE_CBC'],
'MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN': ['MBEDTLS_CIPHER_MODE_CBC'],
- 'MBEDTLS_ECP_DP_BP256R1_ENABLED': ['PSA_WANT_ECC_BRAINPOOL_P_R1_256'],
- 'MBEDTLS_ECP_DP_BP384R1_ENABLED': ['PSA_WANT_ECC_BRAINPOOL_P_R1_384'],
- 'MBEDTLS_ECP_DP_BP512R1_ENABLED': ['PSA_WANT_ECC_BRAINPOOL_P_R1_512'],
- 'MBEDTLS_ECP_DP_CURVE25519_ENABLED': ['PSA_WANT_ECC_MONTGOMERY_255'],
- 'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['PSA_WANT_ECC_MONTGOMERY_448'],
- 'MBEDTLS_ECP_DP_SECP192R1_ENABLED': ['PSA_WANT_ECC_SECP_R1_192'],
- 'MBEDTLS_ECP_DP_SECP224R1_ENABLED': ['PSA_WANT_ECC_SECP_R1_224'],
- 'MBEDTLS_ECP_DP_SECP256R1_ENABLED': ['PSA_WANT_ECC_SECP_R1_256',
- 'PSA_WANT_ALG_JPAKE',
- 'MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'],
- 'MBEDTLS_ECP_DP_SECP384R1_ENABLED': ['PSA_WANT_ECC_SECP_R1_384'],
- 'MBEDTLS_ECP_DP_SECP512R1_ENABLED': ['PSA_WANT_ECC_SECP_R1_512'],
- 'MBEDTLS_ECP_DP_SECP521R1_ENABLED': ['PSA_WANT_ECC_SECP_R1_521'],
- 'MBEDTLS_ECP_DP_SECP192K1_ENABLED': ['PSA_WANT_ECC_SECP_K1_192'],
- 'MBEDTLS_ECP_DP_SECP256K1_ENABLED': ['PSA_WANT_ECC_SECP_K1_256'],
+ 'PSA_WANT_ECC_BRAINPOOL_P_R1_256': ['MBEDTLS_ECP_DP_BP256R1_ENABLED'],
+ 'PSA_WANT_ECC_BRAINPOOL_P_R1_384': ['MBEDTLS_ECP_DP_BP384R1_ENABLED'],
+ 'PSA_WANT_ECC_BRAINPOOL_P_R1_512': ['MBEDTLS_ECP_DP_BP512R1_ENABLED'],
+ 'PSA_WANT_ECC_MONTGOMERY_255': ['MBEDTLS_ECP_DP_CURVE25519_ENABLED'],
+ 'PSA_WANT_ECC_MONTGOMERY_448': ['MBEDTLS_ECP_DP_CURVE448_ENABLED'],
+ 'PSA_WANT_ECC_SECP_R1_192': ['MBEDTLS_ECP_DP_SECP192R1_ENABLED'],
+ 'PSA_WANT_ECC_SECP_R1_224': ['MBEDTLS_ECP_DP_SECP224R1_ENABLED'],
+ 'PSA_WANT_ECC_SECP_R1_256': ['MBEDTLS_ECJPAKE_C',
+ 'MBEDTLS_ECP_DP_SECP256R1_ENABLED'],
+ 'PSA_WANT_ECC_SECP_R1_384': ['MBEDTLS_ECP_DP_SECP384R1_ENABLED'],
+ 'PSA_WANT_ECC_SECP_R1_521': ['MBEDTLS_ECP_DP_SECP521R1_ENABLED'],
+ 'PSA_WANT_ECC_SECP_K1_192': ['MBEDTLS_ECP_DP_SECP192K1_ENABLED'],
+ 'PSA_WANT_ECC_SECP_K1_256': ['MBEDTLS_ECP_DP_SECP256K1_ENABLED'],
'MBEDTLS_ECDSA_C': ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED',
'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED',
@@ -362,12 +360,12 @@
EXCLUSIVE_GROUPS = {
'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_COOKIE_C',
'-MBEDTLS_SSL_TLS_C'],
- 'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C',
- '-MBEDTLS_ECDSA_DETERMINISTIC',
- '-MBEDTLS_ECJPAKE_C',],
- 'MBEDTLS_ECP_DP_CURVE25519_ENABLED': ['-MBEDTLS_ECDSA_C',
- '-MBEDTLS_ECDSA_DETERMINISTIC',
- '-MBEDTLS_ECJPAKE_C'],
+ 'PSA_WANT_ECC_MONTGOMERY_448': ['-MBEDTLS_ECDSA_C',
+ '-MBEDTLS_ECDSA_DETERMINISTIC',
+ '-MBEDTLS_ECJPAKE_C',],
+ 'PSA_WANT_ECC_MONTGOMERY_255': ['-MBEDTLS_ECDSA_C',
+ '-MBEDTLS_ECDSA_DETERMINISTIC',
+ '-MBEDTLS_ECJPAKE_C'],
'PSA_WANT_KEY_TYPE_ARIA': ['-PSA_WANT_ALG_CMAC',
'-PSA_WANT_ALG_CCM',
'-PSA_WANT_ALG_GCM',
@@ -512,8 +510,12 @@
# Find hash modules by name.
hash_symbols = self.config_symbols_matching(r'MBEDTLS_(MD|RIPEMD|SHA)[0-9]+_C\Z')
- # Find elliptic curve enabling macros by name.
- curve_symbols = self.config_symbols_matching(r'MBEDTLS_ECP_DP_\w+_ENABLED\Z')
+
+ # Find elliptic curve enabling macros
+ # MBEDTLS_ECP_DP_SECP224K1_ENABLED added to disable it for all curves
+ curve_symbols = self.config_symbols_matching(r'PSA_WANT_ECC_\w+\Z|'
+ r'MBEDTLS_ECP_DP_SECP224K1_ENABLED')
+
# Find key exchange enabling macros by name.
key_exchange_symbols = self.config_symbols_matching(r'MBEDTLS_KEY_EXCHANGE_\w+_ENABLED\Z')
@@ -541,8 +543,11 @@
'cipher_padding': ExclusiveDomain(cipher_padding_symbols,
build_and_test),
+
# Elliptic curves. Run the test suites.
- 'curves': ExclusiveDomain(curve_symbols, build_and_test),
+ 'curves': ExclusiveDomain(curve_symbols, build_and_test,
+ exclude=r'MBEDTLS_ECP_DP_SECP224K1_ENABLED'),
+
# Hash algorithms. Excluding exclusive domains of MD, RIPEMD, SHA1,
# SHA224 and SHA384 because MBEDTLS_ENTROPY_C is extensively used
# across various modules, but it depends on either SHA256 or SHA512.
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 9652c8a..b1a4b92 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -8464,50 +8464,6 @@
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
-run_test "PSK callback: opaque dhe-psk on client, no callback" \
- "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
- "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
- psk_identity=foo psk=73776f726466697368 psk_opaque=1" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \
- "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \
- "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=foo psk=73776f726466697368 psk_opaque=1" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \
- "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
- "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
- psk_identity=foo psk=73776f726466697368 psk_opaque=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" \
- "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \
- "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=foo psk=73776f726466697368 psk_opaque=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
run_test "PSK callback: raw psk on client, static opaque on server, no callback" \
"$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@@ -8600,52 +8556,6 @@
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
-run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback" \
- "$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
- psk_identity=foo psk=73776f726466697368" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, SHA-384" \
- "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
- "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=foo psk=73776f726466697368" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS" \
- "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
- force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
- psk_identity=foo psk=73776f726466697368 extended_ms=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS, SHA384" \
- "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \
- force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=foo psk=73776f726466697368 extended_ms=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@@ -8738,52 +8648,6 @@
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"
-run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback" \
- "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
- psk_identity=def psk=beef" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, SHA-384" \
- "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
- "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=def psk=beef" \
- 0 \
- -C "session hash for extended master secret"\
- -S "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS" \
- "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
- force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
- psk_identity=abc psk=dead extended_ms=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
-run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS, SHA384" \
- "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
- force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
- "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
- psk_identity=abc psk=dead extended_ms=1" \
- 0 \
- -c "session hash for extended master secret"\
- -s "session hash for extended master secret"\
- -S "SSL - The handshake negotiation failed" \
- -S "SSL - Unknown identity received" \
- -S "SSL - Verification of the message MAC failed"
-
run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
"$P_SRV extended_ms=0 psk_identity=foo psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
diff --git a/tf-psa-crypto b/tf-psa-crypto
index 1bc29c9..df85eda 160000
--- a/tf-psa-crypto
+++ b/tf-psa-crypto
@@ -1 +1 @@
-Subproject commit 1bc29c97c99ad40aa9f17b5a873b391454c9c068
+Subproject commit df85eda50d5cd7dbbd06843eaf4ca2c5ee27a874