Merge pull request #5973 from ronald-cron-arm/tls13-misc-tests
TLS 1.3: Enable and add tests
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 2b82fa0..5fa02d2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6139,7 +6139,7 @@
ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE &&
memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer has no certificate" ) );
return( 0 );
}
return( -1 );
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index b498fd4..ead0db8 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1532,9 +1532,12 @@
if( ( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) &&
( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ) )
{
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "got a certificate request" ) );
return( SSL_CERTIFICATE_REQUEST_EXPECT_REQUEST );
}
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "got no certificate request" ) );
+
return( SSL_CERTIFICATE_REQUEST_SKIP );
}
@@ -1687,7 +1690,6 @@
}
else if( ret == SSL_CERTIFICATE_REQUEST_SKIP )
{
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip tls13 parse certificate request" ) );
ret = 0;
}
else
@@ -1697,9 +1699,6 @@
goto cleanup;
}
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request",
- ssl->handshake->client_auth ? "a" : "no" ) );
-
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CERTIFICATE );
cleanup:
@@ -1803,7 +1802,10 @@
MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY );
}
else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "skip write certificate verify" ) );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED );
+ }
return( 0 );
}
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index f508bca..acd227d 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -567,7 +567,7 @@
*/
if( ssl->session_negotiate->peer_cert == NULL )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer has not sent a certificate" ) );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer has no certificate" ) );
#if defined(MBEDTLS_SSL_SRV_C)
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 7114501..719bf05 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -1644,7 +1644,11 @@
mbedtls_ssl_set_inbound_transform( ssl, ssl->handshake->transform_handshake );
}
else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "skip parse certificate" ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "skip parse certificate verify" ) );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED );
+ }
return( 0 );
}
@@ -1774,8 +1778,11 @@
ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY );
}
else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "skip parse certificate verify" ) );
mbedtls_ssl_handshake_set_state(
ssl, MBEDTLS_SSL_CLIENT_FINISHED );
+ }
}
break;
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 9e53336..0b6711c 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -4747,7 +4747,6 @@
# Tests for auth_mode, there are duplicated tests using ca callback for authentication
# When updating these tests, modify the matching authentication tests accordingly
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: server badcert, client required" \
"$P_SRV crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \
@@ -4781,7 +4780,6 @@
-C "X509 - Certificate verification failed" \
-C "SSL - No CA Chain is set, but required to operate"
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: server goodcert, client required, no trusted CA" \
"$P_SRV" \
"$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \
@@ -4852,7 +4850,6 @@
-c "Supported Signature Algorithm found: 4," \
-c "Supported Signature Algorithm found: 5,"
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client has no cert, server required (TLS)" \
"$P_SRV debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=none \
@@ -4864,12 +4861,10 @@
-c "= write certificate$" \
-C "skip write certificate$" \
-S "x509_verify_cert() returned" \
- -s "client has no certificate" \
+ -s "peer has no certificate" \
-s "! mbedtls_ssl_handshake returned" \
- -c "! mbedtls_ssl_handshake returned" \
-s "No client certification received from the client, but required by the authentication mode"
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client badcert, server required" \
"$P_SRV debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
@@ -4885,13 +4880,11 @@
-s "! The certificate is not correctly signed by the trusted CA" \
-s "! mbedtls_ssl_handshake returned" \
-s "send alert level=2 message=48" \
- -c "! mbedtls_ssl_handshake returned" \
-s "X509 - Certificate verification failed"
# We don't check that the client receives the alert because it might
# detect that its write end of the connection is closed and abort
# before reading the alert message.
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client cert self-signed and trusted, server required" \
"$P_SRV debug_level=3 auth_mode=required ca_file=data_files/server5-selfsigned.crt" \
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
@@ -4907,7 +4900,6 @@
-S "! The certificate is not correctly signed" \
-S "X509 - Certificate verification failed"
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client cert not trusted, server required" \
"$P_SRV debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
@@ -4922,10 +4914,8 @@
-s "x509_verify_cert() returned" \
-s "! The certificate is not correctly signed by the trusted CA" \
-s "! mbedtls_ssl_handshake returned" \
- -c "! mbedtls_ssl_handshake returned" \
-s "X509 - Certificate verification failed"
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client badcert, server optional" \
"$P_SRV debug_level=3 auth_mode=optional" \
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
@@ -4943,7 +4933,6 @@
-C "! mbedtls_ssl_handshake returned" \
-S "X509 - Certificate verification failed"
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client badcert, server none" \
"$P_SRV debug_level=3 auth_mode=none" \
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
@@ -4961,7 +4950,6 @@
-C "! mbedtls_ssl_handshake returned" \
-S "X509 - Certificate verification failed"
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client no cert, server optional" \
"$P_SRV debug_level=3 auth_mode=optional" \
"$P_CLI debug_level=3 crt_file=none key_file=none" \
@@ -5023,7 +5011,6 @@
# are in place so that the semantics are consistent with the test description.
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: server max_int chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
key_file=data_files/dir-maxpath/09.key" \
@@ -5033,7 +5020,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: server max_int+1 chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
key_file=data_files/dir-maxpath/10.key" \
@@ -5065,7 +5051,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client max_int+1 chain, server default" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
@@ -5075,7 +5060,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client max_int+1 chain, server optional" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
@@ -5085,7 +5069,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client max_int+1 chain, server required" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
@@ -5095,7 +5078,6 @@
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Authentication: client max_int chain, server required" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
"$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
@@ -5657,7 +5639,6 @@
# Tests for non-blocking I/O: exercise a variety of handshake flows
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Non-blocking I/O: basic handshake" \
"$P_SRV nbio=2 tickets=0 auth_mode=none" \
"$P_CLI nbio=2 tickets=0" \
@@ -5666,7 +5647,6 @@
-C "mbedtls_ssl_handshake returned" \
-c "Read from server: .* bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Non-blocking I/O: client auth" \
"$P_SRV nbio=2 tickets=0 auth_mode=required" \
"$P_CLI nbio=2 tickets=0" \
@@ -5722,7 +5702,6 @@
# Tests for event-driven I/O: exercise a variety of handshake flows
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Event-driven I/O: basic handshake" \
"$P_SRV event=1 tickets=0 auth_mode=none" \
"$P_CLI event=1 tickets=0" \
@@ -5731,7 +5710,6 @@
-C "mbedtls_ssl_handshake returned" \
-c "Read from server: .* bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Event-driven I/O: client auth" \
"$P_SRV event=1 tickets=0 auth_mode=required" \
"$P_CLI event=1 tickets=0" \
@@ -7355,6 +7333,20 @@
0 \
-s "Read from client: 1 bytes read"
+run_test "Small client packet TLS 1.3 AEAD" \
+ "$P_SRV force_version=tls13" \
+ "$P_CLI request_size=1 \
+ force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
+ 0 \
+ -s "Read from client: 1 bytes read"
+
+run_test "Small client packet TLS 1.3 AEAD shorter tag" \
+ "$P_SRV force_version=tls13" \
+ "$P_CLI request_size=1 \
+ force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
+ 0 \
+ -s "Read from client: 1 bytes read"
+
# Tests for small client packets in DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
@@ -7405,6 +7397,18 @@
0 \
-c "Read from server: 1 bytes read"
+run_test "Small server packet TLS 1.3 AEAD" \
+ "$P_SRV response_size=1 force_version=tls13" \
+ "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.3 AEAD shorter tag" \
+ "$P_SRV response_size=1 force_version=tls13" \
+ "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
# Tests for small server packets in DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
@@ -7469,6 +7473,22 @@
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
+run_test "Large client packet TLS 1.3 AEAD" \
+ "$P_SRV force_version=tls13" \
+ "$P_CLI request_size=16384 \
+ force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
+ 0 \
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
+
+run_test "Large client packet TLS 1.3 AEAD shorter tag" \
+ "$P_SRV force_version=tls13" \
+ "$P_CLI request_size=16384 \
+ force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
+ 0 \
+ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
+ -s "Read from client: $MAX_CONTENT_LEN bytes read"
+
# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
run_test "Large server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=16384 force_version=tls12" \
@@ -7508,6 +7528,18 @@
0 \
-c "Read from server: 16384 bytes read"
+run_test "Large server packet TLS 1.3 AEAD" \
+ "$P_SRV response_size=16384 force_version=tls13" \
+ "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.3 AEAD shorter tag" \
+ "$P_SRV response_size=16384 force_version=tls13" \
+ "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
# Tests for restartable ECC
# Force the use of a curve that supports restartable ECC (secp256r1).
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index ad29f6c..9be1bff 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -4829,7 +4829,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
void app_data( int mfl, int cli_msg_len, int srv_msg_len,
int expected_cli_fragments,
int expected_srv_fragments, int dtls )
@@ -4843,6 +4843,9 @@
options.expected_cli_fragments = expected_cli_fragments;
options.expected_srv_fragments = expected_srv_fragments;
options.dtls = dtls;
+#if ! defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_3;
+#endif
perform_handshake( &options );
/* The goto below is used to avoid an "unused label" warning.*/
@@ -4850,7 +4853,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
void app_data_tls( int mfl, int cli_msg_len, int srv_msg_len,
int expected_cli_fragments,
int expected_srv_fragments )
