We usually follow the pattern that a zero-initialised struct is safe to
free. This wasn't the case here.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This root certificate uses SECP-384 and if we don't have it in the
build, the parsing already fails even if we don't try to use it, there
is no reason to have it in the build without the SECP-384.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This will be needed when TF-PSA-Crypto's `build_info.h` stops including
`limits.h`, which it currently does by accident because it includes
`check_config.h` which wants `limits.h` to check `CHAR_BIT`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Split `mbedtls_test_ssl_endpoint_init()` into two separate stages:
constructing the SSL configuration, and setting up an SSL session context
with that configuration.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This will allow splitting the configuration and setup stages of
`mbedtls_test_ssl_endpoint_init()`, while still checking that the value is
carried over from the configuration to the session context.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In `mbedtls_test_ssl_endpoint_init()`, don't change the SSL configuration
object (`mbedtls_ssl_config`) after setting up an SSL context by calling
`mbedtls_ssl_setup()`. This works in practice, but is officially forbidden.
No intended behavior change. The test code calls the library slightly
differently, but this shouldn't make any difference in practice. If it does
make a difference, it fixes a bug in the test code.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
There was a discrepancy between how `mbedtls_test_ssl_endpoint_init()` and
`mbedtls_test_ssl_perform_handshake()` handled client authentication:
`mbedtls_test_ssl_endpoint_init()` defaulted to
`MBEDTLS_SSL_VERIFY_REQUIRED` on both sides, whereas
`mbedtls_test_ssl_perform_handshake()` obeyed `options->srv_auth_mode` which
defaulted to no verification of the client certificate.
Make this more uniform. Now `mbedtls_test_ssl_endpoint_init()` obeys
`options->srv_auth_mode` on servers (still forcing verification on clients,
which is the library default anyway). Also, `options->srv_auth_mode` is now
enabled by default. Thus:
* Tests that call `mbedtls_test_ssl_perform_handshake()` now perform client
certificate verification, unless they disable it explicitly.
* Tests that call `mbedtls_test_ssl_endpoint_init()` on a server are
unchanged. (They would change if they were setting
`options->srv_auth_mode` explicitly, which previously was ignored, but
no test function did this.)
This means that a few test functions now perform client certificate
verification whereas they previously don't. This is harmless except in
`handshake_ciphersuite_select`, where one test case
`Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque` fails with
client authentication because the test code doesn't deal with the weirdness
of static ECDH correctly with respect to client authentication. So keep
the previous behavior in `handshake_ciphersuite_select`, by explicitly
turning off client authentication.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Applying SSL configuration settings recorded in the
`mbedtls_test_handshake_test_options` structure to an
`mbedtls_test_ssl_endpoint` object was split between
`mbedtls_test_ssl_endpoint_init()` and `mbedtls_test_ssl_perform_handshake()`.
This was surprising, and made it harder to use
`mbedtls_test_ssl_endpoint_init()` for custom behavior. It also meant some
code duplication in `mbedtls_test_ssl_perform_handshake()`.
Move most configuration setup from `mbedtls_test_ssl_perform_handshake()` to
`mbedtls_test_ssl_endpoint_init()`. This changes the behavior in two ways:
* `mbedtls_test_ssl_endpoint_init()` now takes some options into account
that it previously ignored. This is ok because we don't set these options
in any of the existing tests.
* When calling `mbedtls_test_ssl_perform_handshake()`, some SSL configuration
settings are now set (calls to `mbedtls_ssl_conf_xxx()`) before the call
to `mbedtls_ssl_setup()` instead of after. This should be ok since it is
forbidden to change the configuration after `mbedtls_ssl_setup()`,
although the previous test code was getting away with it. This commit does
not move all configuration before `mbedtls_ssl_setup()`, that would be out
of scope of the current series of patches.
Thus there are some internal behavior changes, but they should not affect
any relevant aspect of the tests' behavior.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Split mbedtls_test_ssl_perform_connection() out of
mbedtls_test_ssl_perform_handshake().
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Stop calling mbedtls_test_set_step() in
mbedtls_test_ssl_perform_handshake(). This leaves the caller free to use the
test step as they wish.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This will facilitate future refactoring that breaks out code into auxiliary
functions.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The DTLS context and the queues now conveyed inside the endpoint object.
Remove the unused parameters.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This allows mbedtls_test_ssl_endpoint_init() to no longer interact with the
other endpoint.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Create an auxiliary function to perform some endpoint setup that involves
both the client and the server. This is only needed for DTLS.
The code that will eventually be in this function is currently mostly in
mbedtls_test_ssl_endpoint_init(). This commit adds the new function to the
control flow; a subsequent commit will move the relevant code.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is a step towards making mbedtls_test_ssl_endpoint_init() and
mbedtls_test_ssl_endpoint_free() more self-contained.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Link the ciphersuite list that's passed to mbedtls_ssl_conf_ciphersuites(),
and needs to survive in memory as long as the configuration object is live,
in the endpoint structure. This way it doesn't have to be a local variable
in mbedtls_test_ssl_do_handshake_with_endpoints().
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
* development-restricted:
Add missing credit for set_hostname issue
Add changelog entry for TLS 1.2 Finished fix
TLS1.2: Check for failures in Finished calculation
ssl_session_reset: preserve HOSTNAME_SET flag
Document the need to call mbedtls_ssl_set_hostname
Improve documentation of mbedtls_ssl_set_hostname
Changelog entries for requiring mbedls_ssl_set_hostname() in TLS clients
Add a note about calling mbedtls_ssl_set_hostname to mbedtls_ssl_setup
mbedtls_ssl_set_hostname tests: add tests with CA callback
Call mbedtls_ssl_set_hostname in the generic endpoint setup in unit tests
Require calling mbedtls_ssl_set_hostname() for security
Create error code for mbedtls_ssl_set_hostname not called
Keep track of whether mbedtls_ssl_set_hostname() has been called
Access ssl->hostname through abstractions in certificate verification
mbedtls_ssl_set_hostname tests: baseline
Add a flags field to mbedtls_ssl_context
Automate MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK dependency
Make guards more consistent between X.509-has-certs and SSL-has-certs
Fix Doxygen markup
Make ticket_alpn field private
Conflicts:
programs/ssl/ssl_test_common_source.c
Everything not TLS-related and not ALT-interface-related has been moved
out of tests/src and tests/include and into the framework, except for
the PSA test wrappers.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Janos Follath