TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / b092e78ab3017df9addd531230141e1764b00036 / . / tests / include / test / ssl_helpers.h
blob: ca43663632feb79e1853c648ee9267ea448d5272 [file] [log] [blame]
Yanray Wang47907a42022-10-24 14:42:01 +0800[diff] [blame]1/** \file ssl_helpers.h
2 *
3 * \brief This file contains helper functions to set up a TLS connection.
4 */
5
6/*
7 * Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +0000[diff] [blame]8 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Yanray Wang47907a42022-10-24 14:42:01 +0800[diff] [blame]9 */
10
11#ifndef SSL_HELPERS_H
12#define SSL_HELPERS_H
13
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]14#include "mbedtls/build_info.h"
15
16#include <string.h>
17
Yanray Wang47907a42022-10-24 14:42:01 +0800[diff] [blame]18#include <test/helpers.h>
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]19#include <test/macros.h>
20#include <test/random.h>
21#include <test/psa_crypto_helpers.h>
22
23#if defined(MBEDTLS_SSL_TLS_C)
24#include <ssl_misc.h>
25#include <mbedtls/timing.h>
26#include <mbedtls/debug.h>
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]27
28#include "test/certs.h"
Yanray Wang55a66192022-10-26 09:57:53 +0800[diff] [blame]29
30#if defined(MBEDTLS_SSL_CACHE_C)
31#include "mbedtls/ssl_cache.h"
32#endif
33
Yanray Wang5ba709c2023-02-03 11:07:56 +0800[diff] [blame]34#if defined(MBEDTLS_USE_PSA_CRYPTO)
35#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \
36 psa_to_ssl_errors, \
37 psa_generic_status_to_mbedtls)
38#endif
39
Ronald Cron43263c02023-03-09 16:48:10 +0100[diff] [blame]40#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
Elena Uziunaite6121a342024-07-05 11:16:53 +0100[diff] [blame]41#if defined(PSA_WANT_KEY_TYPE_AES)
Elena Uziunaite83a0d9d2024-07-05 11:41:22 +0100[diff] [blame]42#if defined(PSA_WANT_ALG_GCM)
Elena Uziunaiteb476d4b2024-05-23 15:33:41 +0100[diff] [blame]43#if defined(PSA_WANT_ALG_SHA_384)
Ronald Cron43263c02023-03-09 16:48:10 +0100[diff] [blame]44#define MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384
45#endif
Elena Uziunaite0916cd72024-05-23 17:01:07 +0100[diff] [blame]46#if defined(PSA_WANT_ALG_SHA_256)
Ronald Cron43263c02023-03-09 16:48:10 +0100[diff] [blame]47#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256
48#endif
Elena Uziunaite83a0d9d2024-07-05 11:41:22 +0100[diff] [blame]49#endif /* PSA_WANT_ALG_GCM */
Elena Uziunaitec2561722024-07-05 11:37:33 +0100[diff] [blame]50#if defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_ALG_SHA_256)
Ronald Cron43263c02023-03-09 16:48:10 +0100[diff] [blame]51#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256
52#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256
53#endif
Elena Uziunaite6121a342024-07-05 11:16:53 +0100[diff] [blame]54#endif /* PSA_WANT_KEY_TYPE_AES */
Elena Uziunaite5c70c302024-07-05 11:44:44 +0100[diff] [blame]55#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) && defined(PSA_WANT_ALG_SHA_256)
Ronald Cron43263c02023-03-09 16:48:10 +0100[diff] [blame]56#define MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256
57#endif
58
59#if defined(MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384) || \
60 defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256) || \
61 defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256) || \
62 defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256) || \
63 defined(MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256)
64#define MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE
65#endif
66
67#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
68
Gabor Mezeie1e27302025-02-26 18:06:05 +0100[diff] [blame]69#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Yanray Wang5ba709c2023-02-03 11:07:56 +0800[diff] [blame]70#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY
71#endif
Gabor Mezei14950932025-03-06 16:06:42 +0100[diff] [blame]72
Gabor Mezei8829aa32025-03-07 13:21:37 +0100[diff] [blame]73#if defined(PSA_WANT_ALG_GCM) || \
74 defined(PSA_WANT_ALG_CCM) || \
Gabor Mezei14950932025-03-06 16:06:42 +0100[diff] [blame]75 defined(PSA_WANT_ALG_CHACHA20_POLY1305)
76#define MBEDTLS_TEST_HAS_AEAD_ALG
77#endif
78
Yanray Wang5ba709c2023-02-03 11:07:56 +0800[diff] [blame]79enum {
80#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \
81 tls13_label_ ## name,
82 MBEDTLS_SSL_TLS1_3_LABEL_LIST
83#undef MBEDTLS_SSL_TLS1_3_LABEL
84};
85
Waleed Elmelegy4dfb0e72024-03-14 01:48:40 +0000[diff] [blame]86#if defined(MBEDTLS_SSL_ALPN)
87#define MBEDTLS_TEST_MAX_ALPN_LIST_SIZE 10
88#endif
89
Yanray Wang55a66192022-10-26 09:57:53 +0800[diff] [blame]90typedef struct mbedtls_test_ssl_log_pattern {
91 const char *pattern;
92 size_t counter;
93} mbedtls_test_ssl_log_pattern;
94
95typedef struct mbedtls_test_handshake_test_options {
96 const char *cipher;
Ronald Cronfb536472024-01-26 14:55:25 +0100[diff] [blame]97 uint16_t *group_list;
Yanray Wang55a66192022-10-26 09:57:53 +0800[diff] [blame]98 mbedtls_ssl_protocol_version client_min_version;
99 mbedtls_ssl_protocol_version client_max_version;
100 mbedtls_ssl_protocol_version server_min_version;
101 mbedtls_ssl_protocol_version server_max_version;
102 mbedtls_ssl_protocol_version expected_negotiated_version;
103 int expected_handshake_result;
104 int expected_ciphersuite;
105 int pk_alg;
106 int opaque_alg;
107 int opaque_alg2;
108 int opaque_usage;
109 data_t *psk_str;
110 int dtls;
111 int srv_auth_mode;
112 int serialize;
113 int mfl;
114 int cli_msg_len;
115 int srv_msg_len;
116 int expected_cli_fragments;
117 int expected_srv_fragments;
118 int renegotiate;
119 int legacy_renegotiation;
120 void *srv_log_obj;
121 void *cli_log_obj;
122 void (*srv_log_fun)(void *, int, const char *, int, const char *);
123 void (*cli_log_fun)(void *, int, const char *, int, const char *);
124 int resize_buffers;
Ronald Cronced99be2024-01-26 15:49:12 +0100[diff] [blame]125 int early_data;
Ronald Cron5d3036e2024-02-23 07:43:45 +0100[diff] [blame]126 int max_early_data_size;
Yanray Wang55a66192022-10-26 09:57:53 +0800[diff] [blame]127#if defined(MBEDTLS_SSL_CACHE_C)
128 mbedtls_ssl_cache_context *cache;
129#endif
Waleed Elmelegy4dfb0e72024-03-14 01:48:40 +0000[diff] [blame]130#if defined(MBEDTLS_SSL_ALPN)
131 const char *alpn_list[MBEDTLS_TEST_MAX_ALPN_LIST_SIZE];
132#endif
Yanray Wang55a66192022-10-26 09:57:53 +0800[diff] [blame]133} mbedtls_test_handshake_test_options;
134
Yanray Wang25b766f2023-03-15 16:39:05 +0800[diff] [blame]135/*
136 * Buffer structure for custom I/O callbacks.
137 */
Yanray Wang55a66192022-10-26 09:57:53 +0800[diff] [blame]138typedef struct mbedtls_test_ssl_buffer {
139 size_t start;
140 size_t content_length;
141 size_t capacity;
142 unsigned char *buffer;
143} mbedtls_test_ssl_buffer;
144
145/*
146 * Context for a message metadata queue (fifo) that is on top of the ring buffer.
147 */
148typedef struct mbedtls_test_ssl_message_queue {
149 size_t *messages;
150 int pos;
151 int num;
152 int capacity;
153} mbedtls_test_ssl_message_queue;
154
155/*
156 * Context for the I/O callbacks simulating network connection.
157 */
158
159#define MBEDTLS_MOCK_SOCKET_CONNECTED 1
160
161typedef struct mbedtls_test_mock_socket {
162 int status;
163 mbedtls_test_ssl_buffer *input;
164 mbedtls_test_ssl_buffer *output;
165 struct mbedtls_test_mock_socket *peer;
166} mbedtls_test_mock_socket;
167
168/* Errors used in the message socket mocks */
169
170#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55
171#define MBEDTLS_TEST_ERROR_SEND_FAILED -66
172#define MBEDTLS_TEST_ERROR_RECV_FAILED -77
173
174/*
175 * Structure used as an addon, or a wrapper, around the mocked sockets.
176 * Contains an input queue, to which the other socket pushes metadata,
177 * and an output queue, to which this one pushes metadata. This context is
178 * considered as an owner of the input queue only, which is initialized and
179 * freed in the respective setup and free calls.
180 */
181typedef struct mbedtls_test_message_socket_context {
182 mbedtls_test_ssl_message_queue *queue_input;
183 mbedtls_test_ssl_message_queue *queue_output;
184 mbedtls_test_mock_socket *socket;
185} mbedtls_test_message_socket_context;
186
187#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
188
189/*
Yanray Wang55a66192022-10-26 09:57:53 +0800[diff] [blame]190 * Endpoint structure for SSL communication tests.
191 */
192typedef struct mbedtls_test_ssl_endpoint {
193 const char *name;
194 mbedtls_ssl_context ssl;
195 mbedtls_ssl_config conf;
196 mbedtls_test_mock_socket socket;
Gilles Peskine29969592025-05-27 19:24:28 +0200[diff] [blame]197
198 /* Objects only used by DTLS.
199 * They should be guarded by MBEDTLS_SSL_PROTO_DTLS, but
200 * currently aren't because some code accesses them without guards. */
201 mbedtls_test_message_socket_context dtls_context;
Gilles Peskine0677e022025-05-27 18:05:20 +0200[diff] [blame]202#if defined(MBEDTLS_TIMING_C)
203 mbedtls_timing_delay_context timer;
204#endif
Gilles Peskineb6bb3fb2025-05-26 21:57:52 +0200[diff] [blame]205
206 /* Objects owned by the endpoint */
Gilles Peskine2744a432025-05-27 13:27:22 +0200[diff] [blame]207 int *ciphersuites;
Gilles Peskineb6bb3fb2025-05-26 21:57:52 +0200[diff] [blame]208 mbedtls_x509_crt *ca_chain;
209 mbedtls_x509_crt *cert;
210 mbedtls_pk_context *pkey;
Yanray Wang55a66192022-10-26 09:57:53 +0800[diff] [blame]211} mbedtls_test_ssl_endpoint;
212
213#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
Yanray Wang47907a42022-10-24 14:42:01 +0800[diff] [blame]214
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]215/*
Ronald Cron10b040f2024-02-05 09:38:09 +0100[diff] [blame]216 * Random number generator aimed for TLS unitary tests. Its main purpose is to
217 * simplify the set-up of a random number generator for TLS
218 * unitary tests: no need to set up a good entropy source for example.
219 */
220int mbedtls_test_random(void *p_rng, unsigned char *output, size_t output_len);
Yanray Wangf88e5292023-12-01 16:39:34 +0800[diff] [blame]221
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]222/*
223 * This function can be passed to mbedtls to receive output logs from it. In
224 * this case, it will count the instances of a mbedtls_test_ssl_log_pattern
225 * in the received logged messages.
226 */
227void mbedtls_test_ssl_log_analyzer(void *ctx, int level,
228 const char *file, int line,
229 const char *str);
230
231void mbedtls_test_init_handshake_options(
232 mbedtls_test_handshake_test_options *opts);
233
234void mbedtls_test_free_handshake_options(
235 mbedtls_test_handshake_test_options *opts);
236
237/*
238 * Initialises \p buf. After calling this function it is safe to call
239 * `mbedtls_test_ssl_buffer_free()` on \p buf.
240 */
241void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf);
242
243/*
244 * Sets up \p buf. After calling this function it is safe to call
245 * `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()`
246 * on \p buf.
247 */
248int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf,
249 size_t capacity);
250
251void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf);
252
253/*
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]254 * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf.
255 *
256 * \p buf must have been initialized and set up by calling
257 * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`.
258 *
259 * \retval \p input_len, if the data fits.
260 * \retval 0 <= value < \p input_len, if the data does not fit.
261 * \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not
262 * zero and \p input is NULL.
263 */
264int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf,
265 const unsigned char *input, size_t input_len);
266
267/*
268 * Gets \p output_len bytes from the ring buffer \p buf into the
269 * \p output buffer. The output buffer can be NULL, in this case a part of the
270 * ring buffer will be dropped, if the requested length is available.
271 *
272 * \p buf must have been initialized and set up by calling
273 * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`.
274 *
275 * \retval \p output_len, if the data is available.
276 * \retval 0 <= value < \p output_len, if the data is not available.
277 * \retval -1, if \buf is NULL or it hasn't been set up.
278 */
279int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf,
280 unsigned char *output, size_t output_len);
281
282/*
283 * Errors used in the message transport mock tests
284 */
285 #define MBEDTLS_TEST_ERROR_ARG_NULL -11
286 #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44
287
288/*
289 * Setup and free functions for the message metadata queue.
290 *
291 * \p capacity describes the number of message metadata chunks that can be held
292 * within the queue.
293 *
294 * \retval 0, if a metadata queue of a given length can be allocated.
295 * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed.
296 */
297int mbedtls_test_ssl_message_queue_setup(
298 mbedtls_test_ssl_message_queue *queue, size_t capacity);
299
300void mbedtls_test_ssl_message_queue_free(
301 mbedtls_test_ssl_message_queue *queue);
302
303/*
304 * Push message length information onto the message metadata queue.
305 * This will become the last element to leave it (fifo).
306 *
307 * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
308 * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full.
309 * \retval \p len, if the push was successful.
310 */
311int mbedtls_test_ssl_message_queue_push_info(
312 mbedtls_test_ssl_message_queue *queue, size_t len);
313
314/*
315 * Pop information about the next message length from the queue. This will be
316 * the oldest inserted message length(fifo). \p msg_len can be null, in which
317 * case the data will be popped from the queue but not copied anywhere.
318 *
319 * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
320 * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty.
321 * \retval message length, if the pop was successful, up to the given
322 \p buf_len.
323 */
324int mbedtls_test_ssl_message_queue_pop_info(
325 mbedtls_test_ssl_message_queue *queue, size_t buf_len);
326
327/*
328 * Setup and teardown functions for mock sockets.
329 */
Yanray Wang5f86a422023-03-15 16:02:29 +0800[diff] [blame]330void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket);
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]331
332/*
333 * Closes the socket \p socket.
334 *
335 * \p socket must have been previously initialized by calling
Yanray Wang5f86a422023-03-15 16:02:29 +0800[diff] [blame]336 * mbedtls_test_mock_socket_init().
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]337 *
338 * This function frees all allocated resources and both sockets are aware of the
339 * new connection state.
340 *
341 * That is, this function does not simulate half-open TCP connections and the
342 * phenomenon that when closing a UDP connection the peer is not aware of the
343 * connection having been closed.
344 */
345void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket);
346
347/*
348 * Establishes a connection between \p peer1 and \p peer2.
349 *
350 * \p peer1 and \p peer2 must have been previously initialized by calling
Yanray Wang5f86a422023-03-15 16:02:29 +0800[diff] [blame]351 * mbedtls_test_mock_socket_init().
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]352 *
353 * The capacities of the internal buffers are set to \p bufsize. Setting this to
354 * the correct value allows for simulation of MTU, sanity testing the mock
355 * implementation and mocking TCP connections with lower memory cost.
356 */
357int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1,
358 mbedtls_test_mock_socket *peer2,
359 size_t bufsize);
360
361
362/*
363 * Callbacks for simulating blocking I/O over connection-oriented transport.
364 */
Yanray Wangaf727a22023-03-13 19:22:36 +0800[diff] [blame]365int mbedtls_test_mock_tcp_send_b(void *ctx,
366 const unsigned char *buf, size_t len);
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]367
368int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len);
369
370/*
371 * Callbacks for simulating non-blocking I/O over connection-oriented transport.
372 */
Yanray Wangaf727a22023-03-13 19:22:36 +0800[diff] [blame]373int mbedtls_test_mock_tcp_send_nb(void *ctx,
374 const unsigned char *buf, size_t len);
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]375
376int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len);
377
378void mbedtls_test_message_socket_init(
379 mbedtls_test_message_socket_context *ctx);
380
381/*
382 * Setup a given message socket context including initialization of
383 * input/output queues to a chosen capacity of messages. Also set the
384 * corresponding mock socket.
385 *
386 * \retval 0, if everything succeeds.
387 * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message
388 * queue failed.
389 */
390int mbedtls_test_message_socket_setup(
391 mbedtls_test_ssl_message_queue *queue_input,
392 mbedtls_test_ssl_message_queue *queue_output,
Yanray Wangd19894f2023-03-16 11:47:39 +0800[diff] [blame]393 size_t queue_capacity,
394 mbedtls_test_mock_socket *socket,
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]395 mbedtls_test_message_socket_context *ctx);
396
397/*
398 * Close a given message socket context, along with the socket itself. Free the
399 * memory allocated by the input queue.
400 */
401void mbedtls_test_message_socket_close(
402 mbedtls_test_message_socket_context *ctx);
403
404/*
405 * Send one message through a given message socket context.
406 *
407 * \retval \p len, if everything succeeds.
408 * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
409 * elements or the context itself is null.
410 * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if
411 * mbedtls_test_mock_tcp_send_b failed.
412 * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full.
413 *
414 * This function will also return any error from
415 * mbedtls_test_ssl_message_queue_push_info.
416 */
Yanray Wangaf727a22023-03-13 19:22:36 +0800[diff] [blame]417int mbedtls_test_mock_tcp_send_msg(void *ctx,
418 const unsigned char *buf, size_t len);
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]419
420/*
421 * Receive one message from a given message socket context and return message
422 * length or an error.
423 *
424 * \retval message length, if everything succeeds.
425 * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
426 * elements or the context itself is null.
427 * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if
428 * mbedtls_test_mock_tcp_recv_b failed.
429 *
430 * This function will also return any error other than
Yanray Wang5e22a922023-03-16 14:57:54 +0800[diff] [blame]431 * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from test_ssl_message_queue_peek_info.
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]432 */
Yanray Wangaf727a22023-03-13 19:22:36 +0800[diff] [blame]433int mbedtls_test_mock_tcp_recv_msg(void *ctx,
434 unsigned char *buf, size_t buf_len);
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]435
436#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
437
438/*
Gilles Peskineb6bb3fb2025-05-26 21:57:52 +0200[diff] [blame]439 * Load default CA certificates and endpoint keys into \p ep.
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]440 *
441 * \retval 0 on success, otherwise error code.
442 */
443int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep,
444 int pk_alg,
445 int opaque_alg, int opaque_alg2,
446 int opaque_usage);
447
448/*
449 * Initializes \p ep structure. It is important to call
450 * `mbedtls_test_ssl_endpoint_free()` after calling this function
451 * even if it fails.
452 *
Gilles Peskineb092e782025-05-27 20:15:03 +0200[diff] [blame^]453 * \note For DTLS, after calling this function on both endpoints,
454 * call mbedtls_test_ssl_dtls_join_endpoints().
455 *
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]456 * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or
457 * MBEDTLS_SSL_IS_CLIENT.
458 * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and
459 * MBEDTLS_PK_ECDSA are supported.
460 * \p dtls_context - in case of DTLS - this is the context handling metadata.
461 * \p input_queue - used only in case of DTLS.
462 * \p output_queue - used only in case of DTLS.
463 *
464 * \retval 0 on success, otherwise error code.
465 */
466int mbedtls_test_ssl_endpoint_init(
467 mbedtls_test_ssl_endpoint *ep, int endpoint_type,
Gilles Peskine9b993682025-05-27 18:44:12 +0200[diff] [blame]468 const mbedtls_test_handshake_test_options *options,
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]469 mbedtls_test_message_socket_context *dtls_context,
470 mbedtls_test_ssl_message_queue *input_queue,
Ronald Cronfb536472024-01-26 14:55:25 +0100[diff] [blame]471 mbedtls_test_ssl_message_queue *output_queue);
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]472
473/*
474 * Deinitializes endpoint represented by \p ep.
475 */
476void mbedtls_test_ssl_endpoint_free(
477 mbedtls_test_ssl_endpoint *ep,
478 mbedtls_test_message_socket_context *context);
479
Gilles Peskineb092e782025-05-27 20:15:03 +0200[diff] [blame^]480/* Join a DTLS client with a DTLS server.
481 *
482 * You must call this function after setting up the endpoint objects
483 * and before starting a DTLS handshake.
484 *
485 * \param client The client. It must have been set up with
486 * mbedtls_test_ssl_endpoint_init().
487 * \param server The server. It must have been set up with
488 * mbedtls_test_ssl_endpoint_init().
489 *
490 * \retval 0 on success, otherwise error code.
491 */
492int mbedtls_test_ssl_dtls_join_endpoints(mbedtls_test_ssl_endpoint *client,
493 mbedtls_test_ssl_endpoint *server);
494
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]495/*
496 * This function moves ssl handshake from \p ssl to prescribed \p state.
497 * /p second_ssl is used as second endpoint and their sockets have to be
498 * connected before calling this function.
499 *
Gilles Peskinea4bf0022025-03-07 20:37:49 +0100[diff] [blame]500 * For example, to perform a full handshake:
501 * ```
502 * mbedtls_test_move_handshake_to_state(
503 * &server.ssl, &client.ssl,
504 * MBEDTLS_SSL_HANDSHAKE_OVER);
505 * mbedtls_test_move_handshake_to_state(
Gilles Peskine161cadd2025-03-10 14:24:22 +0100[diff] [blame]506 * &client.ssl, &server.ssl,
Gilles Peskinea4bf0022025-03-07 20:37:49 +0100[diff] [blame]507 * MBEDTLS_SSL_HANDSHAKE_OVER);
508 * ```
509 * Note that you need both calls to reach the handshake-over state on
510 * both sides.
511 *
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]512 * \retval 0 on success, otherwise error code.
513 */
514int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl,
515 mbedtls_ssl_context *second_ssl,
516 int state);
517
518#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
519
Yanray Wang1fca4de2023-02-06 12:10:48 +0800[diff] [blame]520/*
521 * Helper function setting up inverse record transformations
522 * using given cipher, hash, EtM mode, authentication tag length,
523 * and version.
524 */
525#define CHK(x) \
526 do \
527 { \
528 if (!(x)) \
529 { \
530 ret = -1; \
531 goto cleanup; \
532 } \
533 } while (0)
534
Yanray Wang25b766f2023-03-15 16:39:05 +0800[diff] [blame]535#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
536#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX
537#else
538#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX
539#endif
540
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]541#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
Elena Uziunaite74342c72024-07-05 11:31:29 +0100[diff] [blame]542 defined(PSA_WANT_ALG_CBC_NO_PADDING) && defined(PSA_WANT_KEY_TYPE_AES)
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]543int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform,
544 const unsigned char *iv,
545 size_t iv_len,
546 const unsigned char *input,
547 size_t ilen,
548 unsigned char *output,
549 size_t *olen);
Elena Uziunaite74342c72024-07-05 11:31:29 +0100[diff] [blame]550#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && PSA_WANT_ALG_CBC_NO_PADDING &&
Elena Uziunaite6121a342024-07-05 11:16:53 +0100[diff] [blame]551 PSA_WANT_KEY_TYPE_AES */
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]552
553int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
554 mbedtls_ssl_transform *t_out,
555 int cipher_type, int hash_id,
556 int etm, int tag_mode,
557 mbedtls_ssl_protocol_version tls_version,
558 size_t cid0_len,
559 size_t cid1_len);
560
Gilles Peskine9099d3f2023-09-18 13:11:50 +0200[diff] [blame]561#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
562/**
563 * \param[in,out] record The record to prepare.
564 * It must contain the data to MAC at offset
565 * `record->data_offset`, of length
566 * `record->data_length`.
567 * On success, write the MAC immediately
568 * after the data and increment
569 * `record->data_length` accordingly.
570 * \param[in,out] transform_out The out transform, typically prepared by
571 * mbedtls_test_ssl_build_transforms().
572 * Its HMAC context may be used. Other than that
573 * it is treated as an input parameter.
574 *
575 * \return 0 on success, an `MBEDTLS_ERR_xxx` error code
576 * or -1 on error.
577 */
578int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record,
579 mbedtls_ssl_transform *transform_out);
580#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
581
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]582/*
583 * Populate a session structure for serialization tests.
584 * Choose dummy values, mostly non-0 to distinguish from the init default.
585 */
586int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session,
587 int ticket_len,
Ronald Cron7b1921a2023-11-23 12:31:56 +0100[diff] [blame]588 int endpoint_type,
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]589 const char *crt_file);
590
591#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
592int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session,
593 int ticket_len,
594 int endpoint_type);
595#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
596
597/*
598 * Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the
599 * message was sent in the correct number of fragments.
600 *
601 * /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both
602 * of them must be initialized and connected
603 * beforehand.
604 * /p msg_len_1 and /p msg_len_2 specify the size of the message to send.
605 * /p expected_fragments_1 and /p expected_fragments_2 determine in how many
606 * fragments the message should be sent.
607 * expected_fragments is 0: can be used for DTLS testing while the message
608 * size is larger than MFL. In that case the message
609 * cannot be fragmented and sent to the second
610 * endpoint.
611 * This value can be used for negative tests.
612 * expected_fragments is 1: can be used for TLS/DTLS testing while the
613 * message size is below MFL
614 * expected_fragments > 1: can be used for TLS testing while the message
615 * size is larger than MFL
616 *
617 * \retval 0 on success, otherwise error code.
618 */
Yanray Wangb088bfc2023-03-16 12:15:49 +0800[diff] [blame]619int mbedtls_test_ssl_exchange_data(
620 mbedtls_ssl_context *ssl_1,
621 int msg_len_1, const int expected_fragments_1,
622 mbedtls_ssl_context *ssl_2,
623 int msg_len_2, const int expected_fragments_2);
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]624
625#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
Max Fillingercf007ca2024-10-29 16:57:09 +0100[diff] [blame]626int mbedtls_test_ssl_do_handshake_with_endpoints(
627 mbedtls_test_ssl_endpoint *server_ep,
628 mbedtls_test_ssl_endpoint *client_ep,
Max Fillinger8f12e312024-10-30 00:29:37 +0100[diff] [blame]629 mbedtls_test_handshake_test_options *options,
Max Fillingercf007ca2024-10-29 16:57:09 +0100[diff] [blame]630 mbedtls_ssl_protocol_version proto);
631#endif /* defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) */
632
633#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]634void mbedtls_test_ssl_perform_handshake(
Gilles Peskine9b993682025-05-27 18:44:12 +0200[diff] [blame]635 const mbedtls_test_handshake_test_options *options);
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]636#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
637
638#if defined(MBEDTLS_TEST_HOOKS)
639/*
640 * Tweak vector lengths in a TLS 1.3 Certificate message
641 *
642 * \param[in] buf Buffer containing the Certificate message to tweak
643 * \param[in]]out] end End of the buffer to parse
644 * \param tweak Tweak identifier (from 1 to the number of tweaks).
645 * \param[out] expected_result Error code expected from the parsing function
646 * \param[out] args Arguments of the MBEDTLS_SSL_CHK_BUF_READ_PTR call that
647 * is expected to fail. All zeroes if no
648 * MBEDTLS_SSL_CHK_BUF_READ_PTR failure is expected.
649 */
Yanray Wangf56181a2023-03-16 12:21:33 +0800[diff] [blame]650int mbedtls_test_tweak_tls13_certificate_msg_vector_len(
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]651 unsigned char *buf, unsigned char **end, int tweak,
652 int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args);
653#endif /* MBEDTLS_TEST_HOOKS */
Yanray Wang1db628f2023-02-03 11:01:29 +0800[diff] [blame]654
Ronald Cron77abfe62024-01-15 11:17:31 +0100[diff] [blame]655#if defined(MBEDTLS_SSL_SESSION_TICKETS)
656int mbedtls_test_ticket_write(
657 void *p_ticket, const mbedtls_ssl_session *session,
658 unsigned char *start, const unsigned char *end,
659 size_t *tlen, uint32_t *ticket_lifetime);
660
661int mbedtls_test_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
662 unsigned char *buf, size_t len);
663#endif /* MBEDTLS_SSL_SESSION_TICKETS */
664
Ronald Cron1f6e4e42024-01-26 16:31:33 +0100[diff] [blame]665#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SRV_C) && \
666 defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) && \
667 defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
668int mbedtls_test_get_tls13_ticket(
669 mbedtls_test_handshake_test_options *client_options,
670 mbedtls_test_handshake_test_options *server_options,
671 mbedtls_ssl_session *session);
Ronald Cronb9a9b1f2024-02-14 11:28:05 +0100[diff] [blame]672#endif
Ronald Cron1f6e4e42024-01-26 16:31:33 +0100[diff] [blame]673
Yanray Wang1db628f2023-02-03 11:01:29 +0800[diff] [blame]674#define ECJPAKE_TEST_PWD "bla"
675
676#if defined(MBEDTLS_USE_PSA_CRYPTO)
677#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \
678 ret = (use_opaque_arg) ? \
679 mbedtls_ssl_set_hs_ecjpake_password_opaque(&ssl, pwd_slot) : \
680 mbedtls_ssl_set_hs_ecjpake_password(&ssl, pwd_string, pwd_len); \
681 TEST_EQUAL(ret, exp_ret_val)
682#else
683#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \
684 ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, \
685 pwd_string, pwd_len); \
686 TEST_EQUAL(ret, exp_ret_val)
687#endif /* MBEDTLS_USE_PSA_CRYPTO */
688
Yanray Wang09a6f7e2023-02-03 11:04:38 +0800[diff] [blame]689#define TEST_AVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \
690 TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \
691 group_id_); \
692 TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \
693 tls_id_); \
694 TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \
Przemek Stekielda4fba62023-06-02 14:52:28 +0200[diff] [blame]695 &psa_type, &psa_bits), PSA_SUCCESS); \
696 TEST_EQUAL(psa_family_, PSA_KEY_TYPE_ECC_GET_FAMILY(psa_type)); \
Yanray Wang09a6f7e2023-02-03 11:04:38 +0800[diff] [blame]697 TEST_EQUAL(psa_bits_, psa_bits);
698
699#define TEST_UNAVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \
700 TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \
701 MBEDTLS_ECP_DP_NONE); \
702 TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \
703 0); \
704 TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \
Przemek Stekielda4fba62023-06-02 14:52:28 +0200[diff] [blame]705 &psa_type, &psa_bits), \
Yanray Wang09a6f7e2023-02-03 11:04:38 +0800[diff] [blame]706 PSA_ERROR_NOT_SUPPORTED);
707
Yanray Wang4d07d1c2022-10-27 15:28:16 +0800[diff] [blame]708#endif /* MBEDTLS_SSL_TLS_C */
709
Yanray Wang47907a42022-10-24 14:42:01 +0800[diff] [blame]710#endif /* SSL_HELPERS_H */