tests: early data status: Add "server rejects" scenario
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index ca4a2dc..0b4f911 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -3277,8 +3277,8 @@
TLS 1.3 early data, early data accepted
tls13_early_data:TEST_EARLY_DATA_ACCEPTED
-TLS 1.3 early data, deprotect and discard
-tls13_early_data:TEST_EARLY_DATA_DEPROTECT_AND_DISCARD
+TLS 1.3 early data, server rejects early data
+tls13_early_data:TEST_EARLY_DATA_SERVER_REJECTS
TLS 1.3 early data, discard after HRR
tls13_early_data:TEST_EARLY_DATA_DISCARD_AFTER_HRR
@@ -3288,3 +3288,6 @@
TLS 1.3 cli, early data status, no early data indication
tls13_cli_early_data_status:TEST_EARLY_DATA_NO_INDICATION_SENT
+
+TLS 1.3 cli, early data status, server rejects early data
+tls13_cli_early_data_status:TEST_EARLY_DATA_SERVER_REJECTS
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 5bb9680..29ec9b3 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -15,7 +15,7 @@
/* Mnemonics for the early data test scenarios */
#define TEST_EARLY_DATA_ACCEPTED 0
#define TEST_EARLY_DATA_NO_INDICATION_SENT 1
-#define TEST_EARLY_DATA_DEPROTECT_AND_DISCARD 2
+#define TEST_EARLY_DATA_SERVER_REJECTS 2
#define TEST_EARLY_DATA_DISCARD_AFTER_HRR 3
#if (!defined(MBEDTLS_SSL_PROTO_TLS1_2)) && \
@@ -3699,7 +3699,7 @@
case TEST_EARLY_DATA_ACCEPTED:
break;
- case TEST_EARLY_DATA_DEPROTECT_AND_DISCARD:
+ case TEST_EARLY_DATA_SERVER_REJECTS:
mbedtls_debug_set_threshold(3);
server_pattern.pattern =
"EarlyData: deprotect and discard app data records.";
@@ -3766,7 +3766,7 @@
TEST_MEMORY_COMPARE(buf, early_data_len, early_data, early_data_len);
break;
- case TEST_EARLY_DATA_DEPROTECT_AND_DISCARD: /* Intentional fallthrough */
+ case TEST_EARLY_DATA_SERVER_REJECTS: /* Intentional fallthrough */
case TEST_EARLY_DATA_DISCARD_AFTER_HRR:
TEST_EQUAL(ret, 0);
TEST_EQUAL(server_ep.ssl.handshake->early_data_accepted, 0);
@@ -3829,6 +3829,10 @@
client_options.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED;
break;
+ case TEST_EARLY_DATA_SERVER_REJECTS:
+ server_options.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED;
+ break;
+
default:
TEST_FAIL("Unknown scenario.");
}
@@ -3879,7 +3883,8 @@
case MBEDTLS_SSL_CLIENT_HELLO:
switch (scenario) {
case TEST_EARLY_DATA_ACCEPTED: /* Intentional fallthrough */
- case TEST_EARLY_DATA_NO_INDICATION_SENT:
+ case TEST_EARLY_DATA_NO_INDICATION_SENT: /* Intentional fallthrough */
+ case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN);
break;
@@ -3888,7 +3893,8 @@
case MBEDTLS_SSL_SERVER_HELLO:
switch (scenario) {
- case TEST_EARLY_DATA_ACCEPTED:
+ case TEST_EARLY_DATA_ACCEPTED: /* Intentional fallthrough */
+ case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_CAN_WRITE);
break;
@@ -3902,7 +3908,8 @@
case MBEDTLS_SSL_ENCRYPTED_EXTENSIONS:
switch (scenario) {
- case TEST_EARLY_DATA_ACCEPTED:
+ case TEST_EARLY_DATA_ACCEPTED: /* Intentional fallthrough */
+ case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_CAN_WRITE);
break;
@@ -3925,6 +3932,11 @@
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;
+
+ case TEST_EARLY_DATA_SERVER_REJECTS:
+ TEST_EQUAL(client_ep.ssl.early_data_status,
+ MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
+ break;
}
break;
@@ -3945,6 +3957,11 @@
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;
+
+ case TEST_EARLY_DATA_SERVER_REJECTS:
+ TEST_EQUAL(client_ep.ssl.early_data_status,
+ MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
+ break;
}
break;
@@ -3959,6 +3976,11 @@
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;
+
+ case TEST_EARLY_DATA_SERVER_REJECTS:
+ TEST_EQUAL(client_ep.ssl.early_data_status,
+ MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
+ break;
}
break;
@@ -3966,7 +3988,8 @@
case MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO:
TEST_ASSERT(scenario != TEST_EARLY_DATA_NO_INDICATION_SENT);
switch (scenario) {
- case TEST_EARLY_DATA_ACCEPTED:
+ case TEST_EARLY_DATA_ACCEPTED: /* Intentional fallthrough */
+ case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_SENT);
break;
@@ -3974,9 +3997,18 @@
break;
case MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED:
- TEST_ASSERT(scenario == TEST_EARLY_DATA_NO_INDICATION_SENT);
- TEST_EQUAL(client_ep.ssl.early_data_status,
- MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
+ TEST_ASSERT(scenario != TEST_EARLY_DATA_ACCEPTED);
+ switch (scenario) {
+ case TEST_EARLY_DATA_NO_INDICATION_SENT:
+ TEST_EQUAL(client_ep.ssl.early_data_status,
+ MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
+ break;
+
+ case TEST_EARLY_DATA_SERVER_REJECTS:
+ TEST_EQUAL(client_ep.ssl.early_data_status,
+ MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
+ break;
+ }
break;
#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
@@ -3993,6 +4025,11 @@
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;
+
+ case TEST_EARLY_DATA_SERVER_REJECTS:
+ TEST_EQUAL(client_ep.ssl.early_data_status,
+ MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
+ break;
}
break;