From 50969e3af51afdf4bae470b3cb9b5e174e0e2850 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 16 Sep 2022 15:54:33 +0200 Subject: [PATCH] ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg Signed-off-by: Ronald Cron --- programs/ssl/ssl_client2.c | 9 +++++---- programs/ssl/ssl_server2.c | 20 +++++++++++--------- programs/ssl/ssl_test_lib.c | 21 +++++++++++++++++++++ tests/ssl-opt.sh | 14 ++++++++++++++ 4 files changed, 51 insertions(+), 13 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 3db2b5201..d3141b33e 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -346,10 +346,11 @@ int main( void ) #define USAGE_KEY_OPAQUE_ALGS \ " key_opaque_algs=%%s Allowed opaque key algorithms.\n" \ - " comma-separated pair of values among the following:\n" \ - " rsa-sign-pkcs1, rsa-sign-pss, rsa-decrypt,\n" \ - " ecdsa-sign, ecdh, none (only acceptable for\n" \ - " the second value).\n" \ + " comma-separated pair of values among the following:\n" \ + " rsa-sign-pkcs1, rsa-sign-pss, rsa-sign-pss-sha256,\n" \ + " rsa-sign-pss-sha384, rsa-sign-pss-sha512, rsa-decrypt,\n" \ + " ecdsa-sign, ecdh, none (only acceptable for\n" \ + " the second value).\n" \ #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #define USAGE_TLS1_3_KEY_EXCHANGE_MODES \ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index a1b29786d..4021e946d 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -458,15 +458,17 @@ int main( void ) #endif #define USAGE_KEY_OPAQUE_ALGS \ - " key_opaque_algs=%%s Allowed opaque key 1 algorithms.\n" \ - " comma-separated pair of values among the following:\n" \ - " rsa-sign-pkcs1, rsa-sign-pss, rsa-decrypt,\n" \ - " ecdsa-sign, ecdh, none (only acceptable for\n" \ - " the second value).\n" \ - " key_opaque_algs2=%%s Allowed opaque key 2 algorithms.\n" \ - " comma-separated pair of values among the following:\n" \ - " rsa-sign-pkcs1, rsa-sign-pss, rsa-decrypt,\n" \ - " ecdsa-sign, ecdh, none (only acceptable for\n" \ + " key_opaque_algs=%%s Allowed opaque key 1 algorithms.\n" \ + " comma-separated pair of values among the following:\n" \ + " rsa-sign-pkcs1, rsa-sign-pss, rsa-sign-pss-sha256,\n" \ + " rsa-sign-pss-sha384, rsa-sign-pss-sha512, rsa-decrypt,\n" \ + " ecdsa-sign, ecdh, none (only acceptable for\n" \ + " the second value).\n" \ + " key_opaque_algs2=%%s Allowed opaque key 2 algorithms.\n" \ + " comma-separated pair of values among the following:\n" \ + " rsa-sign-pkcs1, rsa-sign-pss, rsa-sign-pss-sha256,\n" \ + " rsa-sign-pss-sha384, rsa-sign-pss-sha512, rsa-decrypt,\n" \ + " ecdsa-sign, ecdh, none (only acceptable for\n" \ " the second value).\n" #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #define USAGE_TLS1_3_KEY_EXCHANGE_MODES \ diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index a7f3d0e38..cf810a303 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -205,6 +205,9 @@ int key_opaque_alg_parse( const char *arg, const char **alg1, const char **alg2 if( strcmp( *alg1, "rsa-sign-pkcs1" ) != 0 && strcmp( *alg1, "rsa-sign-pss" ) != 0 && + strcmp( *alg1, "rsa-sign-pss-sha256" ) != 0 && + strcmp( *alg1, "rsa-sign-pss-sha384" ) != 0 && + strcmp( *alg1, "rsa-sign-pss-sha512" ) != 0 && strcmp( *alg1, "rsa-decrypt" ) != 0 && strcmp( *alg1, "ecdsa-sign" ) != 0 && strcmp( *alg1, "ecdh" ) != 0 ) @@ -212,6 +215,9 @@ int key_opaque_alg_parse( const char *arg, const char **alg1, const char **alg2 if( strcmp( *alg2, "rsa-sign-pkcs1" ) != 0 && strcmp( *alg2, "rsa-sign-pss" ) != 0 && + strcmp( *alg1, "rsa-sign-pss-sha256" ) != 0 && + strcmp( *alg1, "rsa-sign-pss-sha384" ) != 0 && + strcmp( *alg1, "rsa-sign-pss-sha512" ) != 0 && strcmp( *alg2, "rsa-decrypt" ) != 0 && strcmp( *alg2, "ecdsa-sign" ) != 0 && strcmp( *alg2, "ecdh" ) != 0 && @@ -245,6 +251,21 @@ int key_opaque_set_alg_usage( const char *alg1, const char *alg2, *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH ); *usage |= PSA_KEY_USAGE_SIGN_HASH; } + else if( strcmp( algs[i], "rsa-sign-pss-sha256" ) == 0 ) + { + *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ); + *usage |= PSA_KEY_USAGE_SIGN_HASH; + } + else if( strcmp( algs[i], "rsa-sign-pss-sha384" ) == 0 ) + { + *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_384 ); + *usage |= PSA_KEY_USAGE_SIGN_HASH; + } + else if( strcmp( algs[i], "rsa-sign-pss-sha512" ) == 0 ) + { + *psa_algs[i] = PSA_ALG_RSA_PSS( PSA_ALG_SHA_512 ); + *usage |= PSA_KEY_USAGE_SIGN_HASH; + } else if( strcmp( algs[i], "rsa-decrypt" ) == 0 ) { *psa_algs[i] = PSA_ALG_RSA_PKCS1V15_CRYPT; diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 6fde7b681..68380245a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2068,6 +2068,20 @@ run_test "TLS 1.3 opaque key: suitable algorithm found" \ -C "error" \ -S "error" \ +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_RSA_C +run_test "TLS 1.3 opaque key: first client sig alg not suitable" \ + "$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pss-sha512,none" \ + "$P_CLI debug_level=4 sig_algs=rsa_pss_rsae_sha256,rsa_pss_rsae_sha512" \ + 0 \ + -s "The SSL configuration is tls13 only" \ + -s "key types: Opaque, Opaque" \ + -s "CertificateVerify signature failed with rsa_pss_rsae_sha256" \ + -s "CertificateVerify signature with rsa_pss_rsae_sha512" \ + -C "error" \ + -S "error" \ + requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_RSA_C