Manuel Pégourié-Gonnard | 4956fd7 | 2014-09-24 11:13:44 +0200 | [diff] [blame] | 1 | /* BEGIN_HEADER */ |
Manuel Pégourié-Gonnard | 7f80997 | 2015-03-09 17:05:11 +0000 | [diff] [blame] | 2 | #include <mbedtls/ssl.h> |
Manuel Pégourié-Gonnard | 5e94dde | 2015-05-26 11:57:05 +0200 | [diff] [blame] | 3 | #include <mbedtls/ssl_internal.h> |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4 | #include <mbedtls/ctr_drbg.h> |
| 5 | #include <mbedtls/entropy.h> |
| 6 | #include <mbedtls/certs.h> |
Andrzej Kurek | 941962e | 2020-02-07 09:20:32 -0500 | [diff] [blame] | 7 | #include <mbedtls/timing.h> |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 8 | #include <mbedtls/debug.h> |
Hanno Becker | 73c825a | 2020-09-08 10:52:58 +0100 | [diff] [blame] | 9 | #include <ssl_tls13_keys.h> |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 10 | |
Manuel Pégourié-Gonnard | 045f094 | 2020-07-02 11:34:02 +0200 | [diff] [blame] | 11 | #include <ssl_invasive.h> |
| 12 | |
Manuel Pégourié-Gonnard | 9670a59 | 2020-07-10 10:21:46 +0200 | [diff] [blame] | 13 | #include <test/constant_flow.h> |
| 14 | |
Hanno Becker | 1413bd8 | 2020-09-09 12:46:09 +0100 | [diff] [blame] | 15 | enum |
| 16 | { |
| 17 | #define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ |
| 18 | tls1_3_label_ ## name, |
Hanno Becker | 70d7fb0 | 2020-09-09 10:11:21 +0100 | [diff] [blame] | 19 | MBEDTLS_SSL_TLS1_3_LABEL_LIST |
| 20 | #undef MBEDTLS_SSL_TLS1_3_LABEL |
Hanno Becker | 1413bd8 | 2020-09-09 12:46:09 +0100 | [diff] [blame] | 21 | }; |
Hanno Becker | 70d7fb0 | 2020-09-09 10:11:21 +0100 | [diff] [blame] | 22 | |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 23 | typedef struct log_pattern |
| 24 | { |
| 25 | const char *pattern; |
| 26 | size_t counter; |
| 27 | } log_pattern; |
| 28 | |
Piotr Nowicki | 438bf3b | 2020-03-10 12:59:10 +0100 | [diff] [blame] | 29 | /* |
| 30 | * This function can be passed to mbedtls to receive output logs from it. In |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 31 | * this case, it will count the instances of a log_pattern in the received |
| 32 | * logged messages. |
| 33 | */ |
| 34 | void log_analyzer( void *ctx, int level, |
| 35 | const char *file, int line, |
| 36 | const char *str ) |
| 37 | { |
| 38 | log_pattern *p = (log_pattern *) ctx; |
| 39 | |
| 40 | (void) level; |
| 41 | (void) line; |
| 42 | (void) file; |
| 43 | |
| 44 | if( NULL != p && |
| 45 | NULL != p->pattern && |
| 46 | NULL != strstr( str, p->pattern ) ) |
| 47 | { |
| 48 | p->counter++; |
| 49 | } |
| 50 | } |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 51 | |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 52 | /* Invalid minor version used when not specifying a min/max version or expecting a test to fail */ |
| 53 | #define TEST_SSL_MINOR_VERSION_NONE -1 |
| 54 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 55 | typedef struct handshake_test_options |
| 56 | { |
| 57 | const char *cipher; |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 58 | int client_min_version; |
| 59 | int client_max_version; |
| 60 | int server_min_version; |
| 61 | int server_max_version; |
| 62 | int expected_negotiated_version; |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 63 | int pk_alg; |
| 64 | data_t *psk_str; |
| 65 | int dtls; |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 66 | int srv_auth_mode; |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 67 | int serialize; |
| 68 | int mfl; |
| 69 | int cli_msg_len; |
| 70 | int srv_msg_len; |
| 71 | int expected_cli_fragments; |
| 72 | int expected_srv_fragments; |
| 73 | int renegotiate; |
| 74 | int legacy_renegotiation; |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 75 | void *srv_log_obj; |
| 76 | void *cli_log_obj; |
| 77 | void (*srv_log_fun)(void *, int, const char *, int, const char *); |
| 78 | void (*cli_log_fun)(void *, int, const char *, int, const char *); |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 79 | int resize_buffers; |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 80 | } handshake_test_options; |
| 81 | |
| 82 | void init_handshake_options( handshake_test_options *opts ) |
| 83 | { |
| 84 | opts->cipher = ""; |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 85 | opts->client_min_version = TEST_SSL_MINOR_VERSION_NONE; |
| 86 | opts->client_max_version = TEST_SSL_MINOR_VERSION_NONE; |
| 87 | opts->server_min_version = TEST_SSL_MINOR_VERSION_NONE; |
| 88 | opts->server_max_version = TEST_SSL_MINOR_VERSION_NONE; |
| 89 | opts->expected_negotiated_version = MBEDTLS_SSL_MINOR_VERSION_3; |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 90 | opts->pk_alg = MBEDTLS_PK_RSA; |
| 91 | opts->psk_str = NULL; |
| 92 | opts->dtls = 0; |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 93 | opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 94 | opts->serialize = 0; |
| 95 | opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE; |
| 96 | opts->cli_msg_len = 100; |
| 97 | opts->srv_msg_len = 100; |
| 98 | opts->expected_cli_fragments = 1; |
| 99 | opts->expected_srv_fragments = 1; |
| 100 | opts->renegotiate = 0; |
| 101 | opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 102 | opts->srv_log_obj = NULL; |
| 103 | opts->srv_log_obj = NULL; |
| 104 | opts->srv_log_fun = NULL; |
| 105 | opts->cli_log_fun = NULL; |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 106 | opts->resize_buffers = 1; |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 107 | } |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 108 | /* |
| 109 | * Buffer structure for custom I/O callbacks. |
| 110 | */ |
| 111 | |
| 112 | typedef struct mbedtls_test_buffer |
| 113 | { |
| 114 | size_t start; |
| 115 | size_t content_length; |
| 116 | size_t capacity; |
| 117 | unsigned char *buffer; |
| 118 | } mbedtls_test_buffer; |
| 119 | |
| 120 | /* |
| 121 | * Initialises \p buf. After calling this function it is safe to call |
| 122 | * `mbedtls_test_buffer_free()` on \p buf. |
| 123 | */ |
| 124 | void mbedtls_test_buffer_init( mbedtls_test_buffer *buf ) |
| 125 | { |
| 126 | memset( buf, 0, sizeof( *buf ) ); |
| 127 | } |
| 128 | |
| 129 | /* |
| 130 | * Sets up \p buf. After calling this function it is safe to call |
| 131 | * `mbedtls_test_buffer_put()` and `mbedtls_test_buffer_get()` on \p buf. |
| 132 | */ |
| 133 | int mbedtls_test_buffer_setup( mbedtls_test_buffer *buf, size_t capacity ) |
| 134 | { |
| 135 | buf->buffer = (unsigned char*) mbedtls_calloc( capacity, |
| 136 | sizeof(unsigned char) ); |
| 137 | if( NULL == buf->buffer ) |
| 138 | return MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 139 | buf->capacity = capacity; |
| 140 | |
| 141 | return 0; |
| 142 | } |
| 143 | |
| 144 | void mbedtls_test_buffer_free( mbedtls_test_buffer *buf ) |
| 145 | { |
| 146 | if( buf->buffer != NULL ) |
| 147 | mbedtls_free( buf->buffer ); |
| 148 | |
| 149 | memset( buf, 0, sizeof( *buf ) ); |
| 150 | } |
| 151 | |
| 152 | /* |
| 153 | * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf. |
| 154 | * |
| 155 | * \p buf must have been initialized and set up by calling |
| 156 | * `mbedtls_test_buffer_init()` and `mbedtls_test_buffer_setup()`. |
| 157 | * |
| 158 | * \retval \p input_len, if the data fits. |
| 159 | * \retval 0 <= value < \p input_len, if the data does not fit. |
| 160 | * \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not |
| 161 | * zero and \p input is NULL. |
| 162 | */ |
| 163 | int mbedtls_test_buffer_put( mbedtls_test_buffer *buf, |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 164 | const unsigned char *input, size_t input_len ) |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 165 | { |
| 166 | size_t overflow = 0; |
| 167 | |
| 168 | if( ( buf == NULL ) || ( buf->buffer == NULL ) ) |
| 169 | return -1; |
| 170 | |
| 171 | /* Reduce input_len to a number that fits in the buffer. */ |
| 172 | if ( ( buf->content_length + input_len ) > buf->capacity ) |
| 173 | { |
| 174 | input_len = buf->capacity - buf->content_length; |
| 175 | } |
| 176 | |
| 177 | if( input == NULL ) |
| 178 | { |
| 179 | return ( input_len == 0 ) ? 0 : -1; |
| 180 | } |
| 181 | |
Piotr Nowicki | fb437d7 | 2020-01-13 16:59:12 +0100 | [diff] [blame] | 182 | /* Check if the buffer has not come full circle and free space is not in |
| 183 | * the middle */ |
| 184 | if( buf->start + buf->content_length < buf->capacity ) |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 185 | { |
Piotr Nowicki | fb437d7 | 2020-01-13 16:59:12 +0100 | [diff] [blame] | 186 | |
| 187 | /* Calculate the number of bytes that need to be placed at lower memory |
| 188 | * address */ |
| 189 | if( buf->start + buf->content_length + input_len |
| 190 | > buf->capacity ) |
| 191 | { |
| 192 | overflow = ( buf->start + buf->content_length + input_len ) |
| 193 | % buf->capacity; |
| 194 | } |
| 195 | |
| 196 | memcpy( buf->buffer + buf->start + buf->content_length, input, |
| 197 | input_len - overflow ); |
| 198 | memcpy( buf->buffer, input + input_len - overflow, overflow ); |
| 199 | |
| 200 | } |
| 201 | else |
| 202 | { |
| 203 | /* The buffer has come full circle and free space is in the middle */ |
| 204 | memcpy( buf->buffer + buf->start + buf->content_length - buf->capacity, |
| 205 | input, input_len ); |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 206 | } |
| 207 | |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 208 | buf->content_length += input_len; |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 209 | return input_len; |
| 210 | } |
| 211 | |
| 212 | /* |
Andrzej Kurek | f777414 | 2020-01-22 06:34:59 -0500 | [diff] [blame] | 213 | * Gets \p output_len bytes from the ring buffer \p buf into the |
| 214 | * \p output buffer. The output buffer can be NULL, in this case a part of the |
| 215 | * ring buffer will be dropped, if the requested length is available. |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 216 | * |
| 217 | * \p buf must have been initialized and set up by calling |
| 218 | * `mbedtls_test_buffer_init()` and `mbedtls_test_buffer_setup()`. |
| 219 | * |
| 220 | * \retval \p output_len, if the data is available. |
| 221 | * \retval 0 <= value < \p output_len, if the data is not available. |
Andrzej Kurek | f777414 | 2020-01-22 06:34:59 -0500 | [diff] [blame] | 222 | * \retval -1, if \buf is NULL or it hasn't been set up. |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 223 | */ |
| 224 | int mbedtls_test_buffer_get( mbedtls_test_buffer *buf, |
| 225 | unsigned char* output, size_t output_len ) |
| 226 | { |
| 227 | size_t overflow = 0; |
| 228 | |
| 229 | if( ( buf == NULL ) || ( buf->buffer == NULL ) ) |
| 230 | return -1; |
| 231 | |
Andrzej Kurek | f777414 | 2020-01-22 06:34:59 -0500 | [diff] [blame] | 232 | if( output == NULL && output_len == 0 ) |
| 233 | return 0; |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 234 | |
| 235 | if( buf->content_length < output_len ) |
| 236 | output_len = buf->content_length; |
| 237 | |
| 238 | /* Calculate the number of bytes that need to be drawn from lower memory |
| 239 | * address */ |
| 240 | if( buf->start + output_len > buf->capacity ) |
| 241 | { |
| 242 | overflow = ( buf->start + output_len ) % buf->capacity; |
| 243 | } |
| 244 | |
Andrzej Kurek | f777414 | 2020-01-22 06:34:59 -0500 | [diff] [blame] | 245 | if( output != NULL ) |
| 246 | { |
| 247 | memcpy( output, buf->buffer + buf->start, output_len - overflow ); |
| 248 | memcpy( output + output_len - overflow, buf->buffer, overflow ); |
| 249 | } |
| 250 | |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 251 | buf->content_length -= output_len; |
| 252 | buf->start = ( buf->start + output_len ) % buf->capacity; |
| 253 | |
| 254 | return output_len; |
| 255 | } |
| 256 | |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 257 | /* |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 258 | * Errors used in the message transport mock tests |
| 259 | */ |
| 260 | #define MBEDTLS_TEST_ERROR_ARG_NULL -11 |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 261 | #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44 |
| 262 | |
| 263 | /* |
| 264 | * Context for a message metadata queue (fifo) that is on top of the ring buffer. |
| 265 | */ |
| 266 | typedef struct mbedtls_test_message_queue |
| 267 | { |
| 268 | size_t *messages; |
| 269 | int pos; |
| 270 | int num; |
| 271 | int capacity; |
| 272 | } mbedtls_test_message_queue; |
| 273 | |
| 274 | /* |
| 275 | * Setup and free functions for the message metadata queue. |
| 276 | * |
| 277 | * \p capacity describes the number of message metadata chunks that can be held |
| 278 | * within the queue. |
| 279 | * |
| 280 | * \retval 0, if a metadata queue of a given length can be allocated. |
| 281 | * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed. |
| 282 | */ |
| 283 | int mbedtls_test_message_queue_setup( mbedtls_test_message_queue *queue, |
| 284 | size_t capacity ) |
| 285 | { |
| 286 | queue->messages = (size_t*) mbedtls_calloc( capacity, sizeof(size_t) ); |
| 287 | if( NULL == queue->messages ) |
| 288 | return MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 289 | |
| 290 | queue->capacity = capacity; |
| 291 | queue->pos = 0; |
| 292 | queue->num = 0; |
| 293 | |
| 294 | return 0; |
| 295 | } |
| 296 | |
| 297 | void mbedtls_test_message_queue_free( mbedtls_test_message_queue *queue ) |
| 298 | { |
| 299 | if( queue == NULL ) |
| 300 | return; |
| 301 | |
| 302 | if( queue->messages != NULL ) |
| 303 | mbedtls_free( queue->messages ); |
| 304 | |
| 305 | memset( queue, 0, sizeof( *queue ) ); |
| 306 | } |
| 307 | |
| 308 | /* |
| 309 | * Push message length information onto the message metadata queue. |
| 310 | * This will become the last element to leave it (fifo). |
| 311 | * |
| 312 | * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 313 | * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full. |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 314 | * \retval \p len, if the push was successful. |
| 315 | */ |
| 316 | int mbedtls_test_message_queue_push_info( mbedtls_test_message_queue *queue, |
| 317 | size_t len ) |
| 318 | { |
| 319 | int place; |
| 320 | if( queue == NULL ) |
| 321 | return MBEDTLS_TEST_ERROR_ARG_NULL; |
| 322 | |
| 323 | if( queue->num >= queue->capacity ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 324 | return MBEDTLS_ERR_SSL_WANT_WRITE; |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 325 | |
| 326 | place = ( queue->pos + queue->num ) % queue->capacity; |
| 327 | queue->messages[place] = len; |
| 328 | queue->num++; |
| 329 | return len; |
| 330 | } |
| 331 | |
| 332 | /* |
| 333 | * Pop information about the next message length from the queue. This will be |
| 334 | * the oldest inserted message length(fifo). \p msg_len can be null, in which |
| 335 | * case the data will be popped from the queue but not copied anywhere. |
| 336 | * |
| 337 | * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 338 | * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 339 | * \retval message length, if the pop was successful, up to the given |
| 340 | \p buf_len. |
| 341 | */ |
| 342 | int mbedtls_test_message_queue_pop_info( mbedtls_test_message_queue *queue, |
| 343 | size_t buf_len ) |
| 344 | { |
| 345 | size_t message_length; |
| 346 | if( queue == NULL ) |
| 347 | return MBEDTLS_TEST_ERROR_ARG_NULL; |
| 348 | if( queue->num == 0 ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 349 | return MBEDTLS_ERR_SSL_WANT_READ; |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 350 | |
| 351 | message_length = queue->messages[queue->pos]; |
| 352 | queue->messages[queue->pos] = 0; |
| 353 | queue->num--; |
| 354 | queue->pos++; |
| 355 | queue->pos %= queue->capacity; |
| 356 | if( queue->pos < 0 ) |
| 357 | queue->pos += queue->capacity; |
| 358 | |
| 359 | return ( message_length > buf_len ) ? buf_len : message_length; |
| 360 | } |
| 361 | |
| 362 | /* |
| 363 | * Take a peek on the info about the next message length from the queue. |
| 364 | * This will be the oldest inserted message length(fifo). |
| 365 | * |
| 366 | * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 367 | * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 368 | * \retval 0, if the peek was successful. |
| 369 | * \retval MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is |
| 370 | * too small to fit the message. In this case the \p msg_len will be |
| 371 | * set to the full message length so that the |
| 372 | * caller knows what portion of the message can be dropped. |
| 373 | */ |
| 374 | int mbedtls_test_message_queue_peek_info( mbedtls_test_message_queue *queue, |
| 375 | size_t buf_len, size_t* msg_len ) |
| 376 | { |
| 377 | if( queue == NULL || msg_len == NULL ) |
| 378 | return MBEDTLS_TEST_ERROR_ARG_NULL; |
| 379 | if( queue->num == 0 ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 380 | return MBEDTLS_ERR_SSL_WANT_READ; |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 381 | |
| 382 | *msg_len = queue->messages[queue->pos]; |
| 383 | return ( *msg_len > buf_len ) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0; |
| 384 | } |
| 385 | /* |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 386 | * Context for the I/O callbacks simulating network connection. |
| 387 | */ |
| 388 | |
| 389 | #define MBEDTLS_MOCK_SOCKET_CONNECTED 1 |
| 390 | |
| 391 | typedef struct mbedtls_mock_socket |
| 392 | { |
| 393 | int status; |
| 394 | mbedtls_test_buffer *input; |
| 395 | mbedtls_test_buffer *output; |
| 396 | struct mbedtls_mock_socket *peer; |
| 397 | } mbedtls_mock_socket; |
| 398 | |
| 399 | /* |
| 400 | * Setup and teardown functions for mock sockets. |
| 401 | */ |
| 402 | void mbedtls_mock_socket_init( mbedtls_mock_socket *socket ) |
| 403 | { |
| 404 | memset( socket, 0, sizeof( *socket ) ); |
| 405 | } |
| 406 | |
| 407 | /* |
| 408 | * Closes the socket \p socket. |
| 409 | * |
| 410 | * \p socket must have been previously initialized by calling |
| 411 | * mbedtls_mock_socket_init(). |
| 412 | * |
| 413 | * This function frees all allocated resources and both sockets are aware of the |
| 414 | * new connection state. |
| 415 | * |
| 416 | * That is, this function does not simulate half-open TCP connections and the |
| 417 | * phenomenon that when closing a UDP connection the peer is not aware of the |
| 418 | * connection having been closed. |
| 419 | */ |
| 420 | void mbedtls_mock_socket_close( mbedtls_mock_socket* socket ) |
| 421 | { |
| 422 | if( socket == NULL ) |
| 423 | return; |
| 424 | |
| 425 | if( socket->input != NULL ) |
| 426 | { |
| 427 | mbedtls_test_buffer_free( socket->input ); |
| 428 | mbedtls_free( socket->input ); |
| 429 | } |
| 430 | |
| 431 | if( socket->output != NULL ) |
| 432 | { |
| 433 | mbedtls_test_buffer_free( socket->output ); |
| 434 | mbedtls_free( socket->output ); |
| 435 | } |
| 436 | |
| 437 | if( socket->peer != NULL ) |
| 438 | memset( socket->peer, 0, sizeof( *socket->peer ) ); |
| 439 | |
| 440 | memset( socket, 0, sizeof( *socket ) ); |
| 441 | } |
| 442 | |
| 443 | /* |
| 444 | * Establishes a connection between \p peer1 and \p peer2. |
| 445 | * |
| 446 | * \p peer1 and \p peer2 must have been previously initialized by calling |
| 447 | * mbedtls_mock_socket_init(). |
| 448 | * |
| 449 | * The capacites of the internal buffers are set to \p bufsize. Setting this to |
| 450 | * the correct value allows for simulation of MTU, sanity testing the mock |
| 451 | * implementation and mocking TCP connections with lower memory cost. |
| 452 | */ |
| 453 | int mbedtls_mock_socket_connect( mbedtls_mock_socket* peer1, |
| 454 | mbedtls_mock_socket* peer2, |
| 455 | size_t bufsize ) |
| 456 | { |
| 457 | int ret = -1; |
| 458 | |
Piotr Nowicki | d796e19 | 2020-01-28 12:09:47 +0100 | [diff] [blame] | 459 | peer1->output = |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 460 | (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof(mbedtls_test_buffer) ); |
| 461 | if( peer1->output == NULL ) |
| 462 | { |
| 463 | ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 464 | goto exit; |
| 465 | } |
| 466 | mbedtls_test_buffer_init( peer1->output ); |
| 467 | if( 0 != ( ret = mbedtls_test_buffer_setup( peer1->output, bufsize ) ) ) |
| 468 | { |
| 469 | goto exit; |
| 470 | } |
| 471 | |
Piotr Nowicki | d796e19 | 2020-01-28 12:09:47 +0100 | [diff] [blame] | 472 | peer2->output = |
| 473 | (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof(mbedtls_test_buffer) ); |
| 474 | if( peer2->output == NULL ) |
| 475 | { |
| 476 | ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 477 | goto exit; |
| 478 | } |
| 479 | mbedtls_test_buffer_init( peer2->output ); |
| 480 | if( 0 != ( ret = mbedtls_test_buffer_setup( peer2->output, bufsize ) ) ) |
| 481 | { |
| 482 | goto exit; |
| 483 | } |
| 484 | |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 485 | peer1->peer = peer2; |
| 486 | peer2->peer = peer1; |
Piotr Nowicki | d796e19 | 2020-01-28 12:09:47 +0100 | [diff] [blame] | 487 | peer1->input = peer2->output; |
| 488 | peer2->input = peer1->output; |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 489 | |
| 490 | peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED; |
| 491 | ret = 0; |
| 492 | |
| 493 | exit: |
| 494 | |
| 495 | if( ret != 0 ) |
| 496 | { |
| 497 | mbedtls_mock_socket_close( peer1 ); |
| 498 | mbedtls_mock_socket_close( peer2 ); |
| 499 | } |
| 500 | |
| 501 | return ret; |
| 502 | } |
| 503 | |
| 504 | /* |
| 505 | * Callbacks for simulating blocking I/O over connection-oriented transport. |
| 506 | */ |
| 507 | |
| 508 | int mbedtls_mock_tcp_send_b( void *ctx, const unsigned char *buf, size_t len ) |
| 509 | { |
| 510 | mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; |
| 511 | |
| 512 | if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) |
| 513 | return -1; |
| 514 | |
| 515 | return mbedtls_test_buffer_put( socket->output, buf, len ); |
| 516 | } |
| 517 | |
| 518 | int mbedtls_mock_tcp_recv_b( void *ctx, unsigned char *buf, size_t len ) |
| 519 | { |
| 520 | mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; |
| 521 | |
| 522 | if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) |
| 523 | return -1; |
| 524 | |
| 525 | return mbedtls_test_buffer_get( socket->input, buf, len ); |
| 526 | } |
| 527 | |
| 528 | /* |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 529 | * Callbacks for simulating non-blocking I/O over connection-oriented transport. |
| 530 | */ |
| 531 | |
| 532 | int mbedtls_mock_tcp_send_nb( void *ctx, const unsigned char *buf, size_t len ) |
| 533 | { |
| 534 | mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; |
| 535 | |
| 536 | if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) |
| 537 | return -1; |
| 538 | |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 539 | if( socket->output->capacity == socket->output->content_length ) |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 540 | { |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 541 | return MBEDTLS_ERR_SSL_WANT_WRITE; |
| 542 | } |
| 543 | |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 544 | return mbedtls_test_buffer_put( socket->output, buf, len ); |
| 545 | } |
| 546 | |
| 547 | int mbedtls_mock_tcp_recv_nb( void *ctx, unsigned char *buf, size_t len ) |
| 548 | { |
| 549 | mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; |
| 550 | |
| 551 | if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) |
| 552 | return -1; |
| 553 | |
Andrzej Kurek | f40daa3 | 2020-02-04 09:00:01 -0500 | [diff] [blame] | 554 | if( socket->input->content_length == 0 ) |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 555 | { |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 556 | return MBEDTLS_ERR_SSL_WANT_READ; |
| 557 | } |
| 558 | |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 559 | return mbedtls_test_buffer_get( socket->input, buf, len ); |
| 560 | } |
| 561 | |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 562 | /* Errors used in the message socket mocks */ |
| 563 | |
| 564 | #define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55 |
| 565 | #define MBEDTLS_TEST_ERROR_SEND_FAILED -66 |
| 566 | #define MBEDTLS_TEST_ERROR_RECV_FAILED -77 |
| 567 | |
| 568 | /* |
| 569 | * Structure used as an addon, or a wrapper, around the mocked sockets. |
| 570 | * Contains an input queue, to which the other socket pushes metadata, |
| 571 | * and an output queue, to which this one pushes metadata. This context is |
| 572 | * considered as an owner of the input queue only, which is initialized and |
| 573 | * freed in the respective setup and free calls. |
| 574 | */ |
| 575 | typedef struct mbedtls_test_message_socket_context |
| 576 | { |
| 577 | mbedtls_test_message_queue* queue_input; |
| 578 | mbedtls_test_message_queue* queue_output; |
| 579 | mbedtls_mock_socket* socket; |
| 580 | } mbedtls_test_message_socket_context; |
| 581 | |
Andrzej Kurek | 45916ba | 2020-03-05 14:46:22 -0500 | [diff] [blame] | 582 | void mbedtls_message_socket_init( mbedtls_test_message_socket_context *ctx ) |
| 583 | { |
| 584 | ctx->queue_input = NULL; |
| 585 | ctx->queue_output = NULL; |
| 586 | ctx->socket = NULL; |
| 587 | } |
| 588 | |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 589 | /* |
| 590 | * Setup a given mesasge socket context including initialization of |
| 591 | * input/output queues to a chosen capacity of messages. Also set the |
| 592 | * corresponding mock socket. |
| 593 | * |
| 594 | * \retval 0, if everything succeeds. |
| 595 | * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message |
| 596 | * queue failed. |
| 597 | */ |
| 598 | int mbedtls_message_socket_setup( mbedtls_test_message_queue* queue_input, |
| 599 | mbedtls_test_message_queue* queue_output, |
| 600 | size_t queue_capacity, |
| 601 | mbedtls_mock_socket* socket, |
| 602 | mbedtls_test_message_socket_context* ctx ) |
| 603 | { |
| 604 | int ret = mbedtls_test_message_queue_setup( queue_input, queue_capacity ); |
| 605 | if( ret != 0 ) |
| 606 | return ret; |
| 607 | ctx->queue_input = queue_input; |
| 608 | ctx->queue_output = queue_output; |
| 609 | ctx->socket = socket; |
| 610 | mbedtls_mock_socket_init( socket ); |
| 611 | |
| 612 | return 0; |
| 613 | } |
| 614 | |
| 615 | /* |
| 616 | * Close a given message socket context, along with the socket itself. Free the |
| 617 | * memory allocated by the input queue. |
| 618 | */ |
| 619 | void mbedtls_message_socket_close( mbedtls_test_message_socket_context* ctx ) |
| 620 | { |
| 621 | if( ctx == NULL ) |
| 622 | return; |
| 623 | |
| 624 | mbedtls_test_message_queue_free( ctx->queue_input ); |
| 625 | mbedtls_mock_socket_close( ctx->socket ); |
| 626 | memset( ctx, 0, sizeof( *ctx ) ); |
| 627 | } |
| 628 | |
| 629 | /* |
| 630 | * Send one message through a given message socket context. |
| 631 | * |
| 632 | * \retval \p len, if everything succeeds. |
| 633 | * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context |
| 634 | * elements or the context itself is null. |
| 635 | * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if mbedtls_mock_tcp_send_b failed. |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 636 | * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full. |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 637 | * |
| 638 | * This function will also return any error from |
| 639 | * mbedtls_test_message_queue_push_info. |
| 640 | */ |
| 641 | int mbedtls_mock_tcp_send_msg( void *ctx, const unsigned char *buf, size_t len ) |
| 642 | { |
| 643 | mbedtls_test_message_queue* queue; |
| 644 | mbedtls_mock_socket* socket; |
| 645 | mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context*) ctx; |
| 646 | |
| 647 | if( context == NULL || context->socket == NULL |
| 648 | || context->queue_output == NULL ) |
| 649 | { |
| 650 | return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; |
| 651 | } |
| 652 | |
| 653 | queue = context->queue_output; |
| 654 | socket = context->socket; |
| 655 | |
| 656 | if( queue->num >= queue->capacity ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 657 | return MBEDTLS_ERR_SSL_WANT_WRITE; |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 658 | |
| 659 | if( mbedtls_mock_tcp_send_b( socket, buf, len ) != (int) len ) |
| 660 | return MBEDTLS_TEST_ERROR_SEND_FAILED; |
| 661 | |
| 662 | return mbedtls_test_message_queue_push_info( queue, len ); |
| 663 | } |
| 664 | |
| 665 | /* |
| 666 | * Receive one message from a given message socket context and return message |
| 667 | * length or an error. |
| 668 | * |
| 669 | * \retval message length, if everything succeeds. |
| 670 | * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context |
| 671 | * elements or the context itself is null. |
| 672 | * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if mbedtls_mock_tcp_recv_b failed. |
| 673 | * |
| 674 | * This function will also return any error other than |
| 675 | * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from mbedtls_test_message_queue_peek_info. |
| 676 | */ |
| 677 | int mbedtls_mock_tcp_recv_msg( void *ctx, unsigned char *buf, size_t buf_len ) |
| 678 | { |
| 679 | mbedtls_test_message_queue* queue; |
| 680 | mbedtls_mock_socket* socket; |
| 681 | mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context*) ctx; |
Gilles Peskine | 19e841e | 2020-03-09 20:43:51 +0100 | [diff] [blame] | 682 | size_t drop_len = 0; |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 683 | size_t msg_len; |
| 684 | int ret; |
| 685 | |
| 686 | if( context == NULL || context->socket == NULL |
| 687 | || context->queue_input == NULL ) |
| 688 | { |
| 689 | return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; |
| 690 | } |
| 691 | |
| 692 | queue = context->queue_input; |
| 693 | socket = context->socket; |
| 694 | |
| 695 | /* Peek first, so that in case of a socket error the data remains in |
| 696 | * the queue. */ |
| 697 | ret = mbedtls_test_message_queue_peek_info( queue, buf_len, &msg_len ); |
| 698 | if( ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED ) |
| 699 | { |
| 700 | /* Calculate how much to drop */ |
| 701 | drop_len = msg_len - buf_len; |
| 702 | |
| 703 | /* Set the requested message len to be buffer length */ |
| 704 | msg_len = buf_len; |
| 705 | } else if( ret != 0 ) |
| 706 | { |
| 707 | return ret; |
| 708 | } |
| 709 | |
| 710 | if( mbedtls_mock_tcp_recv_b( socket, buf, msg_len ) != (int) msg_len ) |
| 711 | return MBEDTLS_TEST_ERROR_RECV_FAILED; |
| 712 | |
| 713 | if( ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED ) |
| 714 | { |
| 715 | /* Drop the remaining part of the message */ |
| 716 | if( mbedtls_mock_tcp_recv_b( socket, NULL, drop_len ) != (int) drop_len ) |
| 717 | { |
| 718 | /* Inconsistent state - part of the message was read, |
| 719 | * and a part couldn't. Not much we can do here, but it should not |
| 720 | * happen in test environment, unless forced manually. */ |
| 721 | } |
| 722 | } |
| 723 | mbedtls_test_message_queue_pop_info( queue, buf_len ); |
| 724 | |
| 725 | return msg_len; |
| 726 | } |
| 727 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 728 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ |
| 729 | defined(MBEDTLS_ENTROPY_C) && \ |
| 730 | defined(MBEDTLS_CTR_DRBG_C) |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 731 | |
| 732 | /* |
| 733 | * Structure with endpoint's certificates for SSL communication tests. |
| 734 | */ |
| 735 | typedef struct mbedtls_endpoint_certificate |
| 736 | { |
| 737 | mbedtls_x509_crt ca_cert; |
| 738 | mbedtls_x509_crt cert; |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 739 | mbedtls_pk_context pkey; |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 740 | } mbedtls_endpoint_certificate; |
| 741 | |
| 742 | /* |
| 743 | * Endpoint structure for SSL communication tests. |
| 744 | */ |
| 745 | typedef struct mbedtls_endpoint |
| 746 | { |
| 747 | const char *name; |
| 748 | mbedtls_ssl_context ssl; |
| 749 | mbedtls_ssl_config conf; |
| 750 | mbedtls_ctr_drbg_context ctr_drbg; |
| 751 | mbedtls_entropy_context entropy; |
| 752 | mbedtls_mock_socket socket; |
| 753 | mbedtls_endpoint_certificate cert; |
| 754 | } mbedtls_endpoint; |
| 755 | |
| 756 | /* |
| 757 | * Initializes \p ep_cert structure and assigns it to endpoint |
| 758 | * represented by \p ep. |
| 759 | * |
| 760 | * \retval 0 on success, otherwise error code. |
| 761 | */ |
Andrzej Kurek | b298074 | 2020-02-02 19:25:26 -0500 | [diff] [blame] | 762 | int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg ) |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 763 | { |
| 764 | int i = 0; |
| 765 | int ret = -1; |
| 766 | mbedtls_endpoint_certificate *cert; |
| 767 | |
| 768 | if( ep == NULL ) |
| 769 | { |
| 770 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
| 771 | } |
| 772 | |
| 773 | cert = &( ep->cert ); |
| 774 | mbedtls_x509_crt_init( &( cert->ca_cert ) ); |
| 775 | mbedtls_x509_crt_init( &( cert->cert ) ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 776 | mbedtls_pk_init( &( cert->pkey ) ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 777 | |
| 778 | /* Load the trusted CA */ |
| 779 | |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 780 | for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ ) |
| 781 | { |
| 782 | ret = mbedtls_x509_crt_parse_der( &( cert->ca_cert ), |
| 783 | (const unsigned char *) mbedtls_test_cas_der[i], |
| 784 | mbedtls_test_cas_der_len[i] ); |
| 785 | TEST_ASSERT( ret == 0 ); |
| 786 | } |
| 787 | |
| 788 | /* Load own certificate and private key */ |
| 789 | |
| 790 | if( ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER ) |
| 791 | { |
Andrzej Kurek | b298074 | 2020-02-02 19:25:26 -0500 | [diff] [blame] | 792 | if( pk_alg == MBEDTLS_PK_RSA ) |
| 793 | { |
| 794 | ret = mbedtls_x509_crt_parse( &( cert->cert ), |
| 795 | (const unsigned char*) mbedtls_test_srv_crt_rsa_sha256_der, |
| 796 | mbedtls_test_srv_crt_rsa_sha256_der_len ); |
| 797 | TEST_ASSERT( ret == 0 ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 798 | |
Andrzej Kurek | b298074 | 2020-02-02 19:25:26 -0500 | [diff] [blame] | 799 | ret = mbedtls_pk_parse_key( &( cert->pkey ), |
| 800 | (const unsigned char*) mbedtls_test_srv_key_rsa_der, |
| 801 | mbedtls_test_srv_key_rsa_der_len, NULL, 0 ); |
| 802 | TEST_ASSERT( ret == 0 ); |
| 803 | } |
| 804 | else |
| 805 | { |
| 806 | ret = mbedtls_x509_crt_parse( &( cert->cert ), |
| 807 | (const unsigned char*) mbedtls_test_srv_crt_ec_der, |
| 808 | mbedtls_test_srv_crt_ec_der_len ); |
| 809 | TEST_ASSERT( ret == 0 ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 810 | |
Andrzej Kurek | b298074 | 2020-02-02 19:25:26 -0500 | [diff] [blame] | 811 | ret = mbedtls_pk_parse_key( &( cert->pkey ), |
| 812 | (const unsigned char*) mbedtls_test_srv_key_ec_der, |
| 813 | mbedtls_test_srv_key_ec_der_len, NULL, 0 ); |
| 814 | TEST_ASSERT( ret == 0 ); |
| 815 | } |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 816 | } |
| 817 | else |
| 818 | { |
Andrzej Kurek | b298074 | 2020-02-02 19:25:26 -0500 | [diff] [blame] | 819 | if( pk_alg == MBEDTLS_PK_RSA ) |
| 820 | { |
| 821 | ret = mbedtls_x509_crt_parse( &( cert->cert ), |
| 822 | (const unsigned char *) mbedtls_test_cli_crt_rsa_der, |
| 823 | mbedtls_test_cli_crt_rsa_der_len ); |
| 824 | TEST_ASSERT( ret == 0 ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 825 | |
Andrzej Kurek | b298074 | 2020-02-02 19:25:26 -0500 | [diff] [blame] | 826 | ret = mbedtls_pk_parse_key( &( cert->pkey ), |
| 827 | (const unsigned char *) mbedtls_test_cli_key_rsa_der, |
| 828 | mbedtls_test_cli_key_rsa_der_len, NULL, 0 ); |
| 829 | TEST_ASSERT( ret == 0 ); |
| 830 | } |
| 831 | else |
| 832 | { |
| 833 | ret = mbedtls_x509_crt_parse( &( cert->cert ), |
| 834 | (const unsigned char *) mbedtls_test_cli_crt_ec_der, |
| 835 | mbedtls_test_cli_crt_ec_len ); |
| 836 | TEST_ASSERT( ret == 0 ); |
| 837 | |
| 838 | ret = mbedtls_pk_parse_key( &( cert->pkey ), |
| 839 | (const unsigned char *) mbedtls_test_cli_key_ec_der, |
| 840 | mbedtls_test_cli_key_ec_der_len, NULL, 0 ); |
| 841 | TEST_ASSERT( ret == 0 ); |
| 842 | } |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 843 | } |
| 844 | |
| 845 | mbedtls_ssl_conf_ca_chain( &( ep->conf ), &( cert->ca_cert ), NULL ); |
| 846 | |
Andrzej Kurek | b298074 | 2020-02-02 19:25:26 -0500 | [diff] [blame] | 847 | ret = mbedtls_ssl_conf_own_cert( &( ep->conf ), &( cert->cert ), |
| 848 | &( cert->pkey ) ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 849 | TEST_ASSERT( ret == 0 ); |
| 850 | |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 851 | exit: |
| 852 | if( ret != 0 ) |
| 853 | { |
| 854 | mbedtls_x509_crt_free( &( cert->ca_cert ) ); |
| 855 | mbedtls_x509_crt_free( &( cert->cert ) ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 856 | mbedtls_pk_free( &( cert->pkey ) ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 857 | } |
| 858 | |
| 859 | return ret; |
| 860 | } |
| 861 | |
| 862 | /* |
| 863 | * Initializes \p ep structure. It is important to call `mbedtls_endpoint_free()` |
| 864 | * after calling this function even if it fails. |
| 865 | * |
| 866 | * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or |
| 867 | * MBEDTLS_SSL_IS_CLIENT. |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 868 | * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and |
| 869 | * MBEDTLS_PK_ECDSA are supported. |
| 870 | * \p dtls_context - in case of DTLS - this is the context handling metadata. |
| 871 | * \p input_queue - used only in case of DTLS. |
| 872 | * \p output_queue - used only in case of DTLS. |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 873 | * |
| 874 | * \retval 0 on success, otherwise error code. |
| 875 | */ |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 876 | int mbedtls_endpoint_init( mbedtls_endpoint *ep, int endpoint_type, int pk_alg, |
| 877 | mbedtls_test_message_socket_context *dtls_context, |
| 878 | mbedtls_test_message_queue *input_queue, |
| 879 | mbedtls_test_message_queue *output_queue ) |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 880 | { |
| 881 | int ret = -1; |
| 882 | |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 883 | if( dtls_context != NULL && ( input_queue == NULL || output_queue == NULL ) ) |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 884 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 885 | |
| 886 | if( ep == NULL ) |
| 887 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 888 | |
| 889 | memset( ep, 0, sizeof( *ep ) ); |
| 890 | |
| 891 | ep->name = ( endpoint_type == MBEDTLS_SSL_IS_SERVER ) ? "Server" : "Client"; |
| 892 | |
| 893 | mbedtls_ssl_init( &( ep->ssl ) ); |
| 894 | mbedtls_ssl_config_init( &( ep->conf ) ); |
| 895 | mbedtls_ctr_drbg_init( &( ep->ctr_drbg ) ); |
| 896 | mbedtls_ssl_conf_rng( &( ep->conf ), |
| 897 | mbedtls_ctr_drbg_random, |
| 898 | &( ep->ctr_drbg ) ); |
| 899 | mbedtls_entropy_init( &( ep->entropy ) ); |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 900 | if( dtls_context != NULL ) |
| 901 | { |
| 902 | TEST_ASSERT( mbedtls_message_socket_setup( input_queue, output_queue, |
| 903 | 100, &( ep->socket ), |
| 904 | dtls_context ) == 0 ); |
| 905 | } |
| 906 | else |
| 907 | { |
| 908 | mbedtls_mock_socket_init( &( ep->socket ) ); |
| 909 | } |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 910 | |
| 911 | ret = mbedtls_ctr_drbg_seed( &( ep->ctr_drbg ), mbedtls_entropy_func, |
| 912 | &( ep->entropy ), (const unsigned char *) ( ep->name ), |
| 913 | strlen( ep->name ) ); |
| 914 | TEST_ASSERT( ret == 0 ); |
| 915 | |
| 916 | /* Non-blocking callbacks without timeout */ |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 917 | if( dtls_context != NULL ) |
| 918 | { |
| 919 | mbedtls_ssl_set_bio( &( ep->ssl ), dtls_context, |
| 920 | mbedtls_mock_tcp_send_msg, |
| 921 | mbedtls_mock_tcp_recv_msg, |
| 922 | NULL ); |
| 923 | } |
| 924 | else |
| 925 | { |
| 926 | mbedtls_ssl_set_bio( &( ep->ssl ), &( ep->socket ), |
| 927 | mbedtls_mock_tcp_send_nb, |
| 928 | mbedtls_mock_tcp_recv_nb, |
| 929 | NULL ); |
| 930 | } |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 931 | |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 932 | ret = mbedtls_ssl_config_defaults( &( ep->conf ), endpoint_type, |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 933 | ( dtls_context != NULL ) ? |
| 934 | MBEDTLS_SSL_TRANSPORT_DATAGRAM : |
| 935 | MBEDTLS_SSL_TRANSPORT_STREAM, |
| 936 | MBEDTLS_SSL_PRESET_DEFAULT ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 937 | TEST_ASSERT( ret == 0 ); |
| 938 | |
Andrzej Kurek | 1a44a15 | 2020-02-07 08:21:32 -0500 | [diff] [blame] | 939 | ret = mbedtls_ssl_setup( &( ep->ssl ), &( ep->conf ) ); |
| 940 | TEST_ASSERT( ret == 0 ); |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 941 | |
| 942 | #if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C) |
| 943 | if( endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL ) |
| 944 | mbedtls_ssl_conf_dtls_cookies( &( ep->conf ), NULL, NULL, NULL ); |
| 945 | #endif |
| 946 | |
Andrzej Kurek | b298074 | 2020-02-02 19:25:26 -0500 | [diff] [blame] | 947 | ret = mbedtls_endpoint_certificate_init( ep, pk_alg ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 948 | TEST_ASSERT( ret == 0 ); |
| 949 | |
| 950 | exit: |
| 951 | return ret; |
| 952 | } |
| 953 | |
| 954 | /* |
| 955 | * Deinitializes certificates from endpoint represented by \p ep. |
| 956 | */ |
| 957 | void mbedtls_endpoint_certificate_free( mbedtls_endpoint *ep ) |
| 958 | { |
| 959 | mbedtls_endpoint_certificate *cert = &( ep->cert ); |
| 960 | mbedtls_x509_crt_free( &( cert->ca_cert ) ); |
| 961 | mbedtls_x509_crt_free( &( cert->cert ) ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 962 | mbedtls_pk_free( &( cert->pkey ) ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 963 | } |
| 964 | |
| 965 | /* |
| 966 | * Deinitializes endpoint represented by \p ep. |
| 967 | */ |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 968 | void mbedtls_endpoint_free( mbedtls_endpoint *ep, |
| 969 | mbedtls_test_message_socket_context *context ) |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 970 | { |
| 971 | mbedtls_endpoint_certificate_free( ep ); |
| 972 | |
| 973 | mbedtls_ssl_free( &( ep->ssl ) ); |
| 974 | mbedtls_ssl_config_free( &( ep->conf ) ); |
| 975 | mbedtls_ctr_drbg_free( &( ep->ctr_drbg ) ); |
| 976 | mbedtls_entropy_free( &( ep->entropy ) ); |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 977 | |
| 978 | if( context != NULL ) |
| 979 | { |
| 980 | mbedtls_message_socket_close( context ); |
| 981 | } |
| 982 | else |
| 983 | { |
| 984 | mbedtls_mock_socket_close( &( ep->socket ) ); |
| 985 | } |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 986 | } |
| 987 | |
| 988 | /* |
| 989 | * This function moves ssl handshake from \p ssl to prescribed \p state. |
| 990 | * /p second_ssl is used as second endpoint and their sockets have to be |
| 991 | * connected before calling this function. |
| 992 | * |
| 993 | * \retval 0 on success, otherwise error code. |
| 994 | */ |
| 995 | int mbedtls_move_handshake_to_state( mbedtls_ssl_context *ssl, |
| 996 | mbedtls_ssl_context *second_ssl, |
| 997 | int state ) |
| 998 | { |
| 999 | enum { BUFFSIZE = 1024 }; |
| 1000 | int max_steps = 1000; |
| 1001 | int ret = 0; |
| 1002 | |
| 1003 | if( ssl == NULL || second_ssl == NULL ) |
| 1004 | { |
| 1005 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
| 1006 | } |
| 1007 | |
| 1008 | /* Perform communication via connected sockets */ |
| 1009 | while( ( ssl->state != state ) && ( --max_steps >= 0 ) ) |
| 1010 | { |
| 1011 | /* If /p second_ssl ends the handshake procedure before /p ssl then |
| 1012 | * there is no need to call the next step */ |
| 1013 | if( second_ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) |
| 1014 | { |
| 1015 | ret = mbedtls_ssl_handshake_step( second_ssl ); |
| 1016 | if( ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && |
| 1017 | ret != MBEDTLS_ERR_SSL_WANT_WRITE ) |
| 1018 | { |
| 1019 | return ret; |
| 1020 | } |
| 1021 | } |
| 1022 | |
| 1023 | /* We only care about the \p ssl state and returns, so we call it last, |
| 1024 | * to leave the iteration as soon as the state is as expected. */ |
| 1025 | ret = mbedtls_ssl_handshake_step( ssl ); |
| 1026 | if( ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && |
| 1027 | ret != MBEDTLS_ERR_SSL_WANT_WRITE ) |
| 1028 | { |
| 1029 | return ret; |
| 1030 | } |
| 1031 | } |
| 1032 | |
| 1033 | return ( max_steps >= 0 ) ? ret : -1; |
| 1034 | } |
| 1035 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 1036 | #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 1037 | |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 1038 | /* |
Piotr Nowicki | 438bf3b | 2020-03-10 12:59:10 +0100 | [diff] [blame] | 1039 | * Write application data. Increase write counter if necessary. |
Piotr Nowicki | c3fca5e | 2020-01-30 15:33:42 +0100 | [diff] [blame] | 1040 | */ |
| 1041 | int mbedtls_ssl_write_fragment( mbedtls_ssl_context *ssl, unsigned char *buf, |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1042 | int buf_len, int *written, |
Piotr Nowicki | 438bf3b | 2020-03-10 12:59:10 +0100 | [diff] [blame] | 1043 | const int expected_fragments ) |
Piotr Nowicki | c3fca5e | 2020-01-30 15:33:42 +0100 | [diff] [blame] | 1044 | { |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1045 | int ret = mbedtls_ssl_write( ssl, buf + *written, buf_len - *written ); |
| 1046 | if( ret > 0 ) |
Piotr Nowicki | c3fca5e | 2020-01-30 15:33:42 +0100 | [diff] [blame] | 1047 | { |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1048 | *written += ret; |
Piotr Nowicki | c3fca5e | 2020-01-30 15:33:42 +0100 | [diff] [blame] | 1049 | } |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1050 | |
| 1051 | if( expected_fragments == 0 ) |
| 1052 | { |
| 1053 | /* Used for DTLS and the message size larger than MFL. In that case |
| 1054 | * the message can not be fragmented and the library should return |
| 1055 | * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned |
| 1056 | * to prevent a dead loop inside mbedtls_exchange_data(). */ |
| 1057 | return ret; |
| 1058 | } |
| 1059 | else if( expected_fragments == 1 ) |
| 1060 | { |
| 1061 | /* Used for TLS/DTLS and the message size lower than MFL */ |
| 1062 | TEST_ASSERT( ret == buf_len || |
| 1063 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 1064 | ret == MBEDTLS_ERR_SSL_WANT_WRITE ); |
| 1065 | } |
| 1066 | else |
| 1067 | { |
| 1068 | /* Used for TLS and the message size larger than MFL */ |
| 1069 | TEST_ASSERT( expected_fragments > 1 ); |
| 1070 | TEST_ASSERT( ( ret >= 0 && ret <= buf_len ) || |
| 1071 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 1072 | ret == MBEDTLS_ERR_SSL_WANT_WRITE ); |
| 1073 | } |
| 1074 | |
| 1075 | return 0; |
| 1076 | |
| 1077 | exit: |
| 1078 | /* Some of the tests failed */ |
| 1079 | return -1; |
Piotr Nowicki | c3fca5e | 2020-01-30 15:33:42 +0100 | [diff] [blame] | 1080 | } |
| 1081 | |
| 1082 | /* |
Piotr Nowicki | 438bf3b | 2020-03-10 12:59:10 +0100 | [diff] [blame] | 1083 | * Read application data and increase read counter and fragments counter if necessary. |
Piotr Nowicki | c3fca5e | 2020-01-30 15:33:42 +0100 | [diff] [blame] | 1084 | */ |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1085 | int mbedtls_ssl_read_fragment( mbedtls_ssl_context *ssl, unsigned char *buf, |
| 1086 | int buf_len, int *read, |
Piotr Nowicki | 438bf3b | 2020-03-10 12:59:10 +0100 | [diff] [blame] | 1087 | int *fragments, const int expected_fragments ) |
Piotr Nowicki | c3fca5e | 2020-01-30 15:33:42 +0100 | [diff] [blame] | 1088 | { |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1089 | int ret = mbedtls_ssl_read( ssl, buf + *read, buf_len - *read ); |
| 1090 | if( ret > 0 ) |
Piotr Nowicki | c3fca5e | 2020-01-30 15:33:42 +0100 | [diff] [blame] | 1091 | { |
Piotr Nowicki | 438bf3b | 2020-03-10 12:59:10 +0100 | [diff] [blame] | 1092 | ( *fragments )++; |
Piotr Nowicki | c3fca5e | 2020-01-30 15:33:42 +0100 | [diff] [blame] | 1093 | *read += ret; |
| 1094 | } |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1095 | |
| 1096 | if( expected_fragments == 0 ) |
| 1097 | { |
| 1098 | TEST_ASSERT( ret == 0 ); |
| 1099 | } |
| 1100 | else if( expected_fragments == 1 ) |
| 1101 | { |
| 1102 | TEST_ASSERT( ret == buf_len || |
| 1103 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 1104 | ret == MBEDTLS_ERR_SSL_WANT_WRITE ); |
| 1105 | } |
| 1106 | else |
| 1107 | { |
| 1108 | TEST_ASSERT( expected_fragments > 1 ); |
| 1109 | TEST_ASSERT( ( ret >= 0 && ret <= buf_len ) || |
| 1110 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 1111 | ret == MBEDTLS_ERR_SSL_WANT_WRITE ); |
| 1112 | } |
| 1113 | |
| 1114 | return 0; |
| 1115 | |
| 1116 | exit: |
| 1117 | /* Some of the tests failed */ |
| 1118 | return -1; |
Piotr Nowicki | c3fca5e | 2020-01-30 15:33:42 +0100 | [diff] [blame] | 1119 | } |
| 1120 | |
| 1121 | /* |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1122 | * Helper function setting up inverse record transformations |
| 1123 | * using given cipher, hash, EtM mode, authentication tag length, |
| 1124 | * and version. |
| 1125 | */ |
| 1126 | |
| 1127 | #define CHK( x ) \ |
| 1128 | do \ |
| 1129 | { \ |
| 1130 | if( !( x ) ) \ |
Hanno Becker | 81e16a3 | 2019-03-01 11:21:44 +0000 | [diff] [blame] | 1131 | { \ |
Hanno Becker | a5780f1 | 2019-04-05 09:55:37 +0100 | [diff] [blame] | 1132 | ret = -1; \ |
Hanno Becker | 81e16a3 | 2019-03-01 11:21:44 +0000 | [diff] [blame] | 1133 | goto cleanup; \ |
| 1134 | } \ |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1135 | } while( 0 ) |
| 1136 | |
Andrzej Kurek | f40daa3 | 2020-02-04 09:00:01 -0500 | [diff] [blame] | 1137 | void set_ciphersuite( mbedtls_ssl_config *conf, const char *cipher, |
| 1138 | int* forced_ciphersuite ) |
| 1139 | { |
| 1140 | const mbedtls_ssl_ciphersuite_t *ciphersuite_info; |
| 1141 | forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( cipher ); |
| 1142 | forced_ciphersuite[1] = 0; |
| 1143 | |
| 1144 | ciphersuite_info = |
| 1145 | mbedtls_ssl_ciphersuite_from_id( forced_ciphersuite[0] ); |
| 1146 | |
| 1147 | TEST_ASSERT( ciphersuite_info != NULL ); |
| 1148 | TEST_ASSERT( ciphersuite_info->min_minor_ver <= conf->max_minor_ver ); |
| 1149 | TEST_ASSERT( ciphersuite_info->max_minor_ver >= conf->min_minor_ver ); |
| 1150 | |
| 1151 | if( conf->max_minor_ver > ciphersuite_info->max_minor_ver ) |
| 1152 | { |
| 1153 | conf->max_minor_ver = ciphersuite_info->max_minor_ver; |
| 1154 | } |
| 1155 | if( conf->min_minor_ver < ciphersuite_info->min_minor_ver ) |
| 1156 | { |
| 1157 | conf->min_minor_ver = ciphersuite_info->min_minor_ver; |
| 1158 | } |
| 1159 | |
| 1160 | mbedtls_ssl_conf_ciphersuites( conf, forced_ciphersuite ); |
| 1161 | |
| 1162 | exit: |
| 1163 | return; |
| 1164 | } |
| 1165 | |
Andrzej Kurek | cc5169c | 2020-02-04 09:04:56 -0500 | [diff] [blame] | 1166 | int psk_dummy_callback( void *p_info, mbedtls_ssl_context *ssl, |
| 1167 | const unsigned char *name, size_t name_len ) |
| 1168 | { |
| 1169 | (void) p_info; |
| 1170 | (void) ssl; |
| 1171 | (void) name; |
| 1172 | (void) name_len; |
| 1173 | |
| 1174 | return ( 0 ); |
| 1175 | } |
| 1176 | |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 1177 | #if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX |
| 1178 | #define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX |
| 1179 | #else |
| 1180 | #define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX |
| 1181 | #endif |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1182 | |
| 1183 | static int build_transforms( mbedtls_ssl_transform *t_in, |
| 1184 | mbedtls_ssl_transform *t_out, |
| 1185 | int cipher_type, int hash_id, |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 1186 | int etm, int tag_mode, int ver, |
| 1187 | size_t cid0_len, |
| 1188 | size_t cid1_len ) |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1189 | { |
| 1190 | mbedtls_cipher_info_t const *cipher_info; |
Hanno Becker | a5780f1 | 2019-04-05 09:55:37 +0100 | [diff] [blame] | 1191 | int ret = 0; |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1192 | |
| 1193 | size_t keylen, maclen, ivlen; |
Hanno Becker | 81e16a3 | 2019-03-01 11:21:44 +0000 | [diff] [blame] | 1194 | unsigned char *key0 = NULL, *key1 = NULL; |
Paul Elliott | 6f1eda7 | 2020-06-11 20:22:00 +0100 | [diff] [blame] | 1195 | unsigned char *md0 = NULL, *md1 = NULL; |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1196 | unsigned char iv_enc[16], iv_dec[16]; |
| 1197 | |
Hanno Becker | a0e20d0 | 2019-05-15 14:03:01 +0100 | [diff] [blame] | 1198 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 1199 | unsigned char cid0[ SSL_CID_LEN_MIN ]; |
| 1200 | unsigned char cid1[ SSL_CID_LEN_MIN ]; |
| 1201 | |
Ronald Cron | 351f0ee | 2020-06-10 12:12:18 +0200 | [diff] [blame] | 1202 | mbedtls_test_rnd_std_rand( NULL, cid0, sizeof( cid0 ) ); |
| 1203 | mbedtls_test_rnd_std_rand( NULL, cid1, sizeof( cid1 ) ); |
Hanno Becker | 43c24b8 | 2019-05-01 09:45:57 +0100 | [diff] [blame] | 1204 | #else |
| 1205 | ((void) cid0_len); |
| 1206 | ((void) cid1_len); |
Hanno Becker | a0e20d0 | 2019-05-15 14:03:01 +0100 | [diff] [blame] | 1207 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 1208 | |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1209 | maclen = 0; |
| 1210 | |
| 1211 | /* Pick cipher */ |
| 1212 | cipher_info = mbedtls_cipher_info_from_type( cipher_type ); |
| 1213 | CHK( cipher_info != NULL ); |
| 1214 | CHK( cipher_info->iv_size <= 16 ); |
| 1215 | CHK( cipher_info->key_bitlen % 8 == 0 ); |
| 1216 | |
| 1217 | /* Pick keys */ |
| 1218 | keylen = cipher_info->key_bitlen / 8; |
Hanno Becker | 78d1f70 | 2019-04-05 09:56:10 +0100 | [diff] [blame] | 1219 | /* Allocate `keylen + 1` bytes to ensure that we get |
| 1220 | * a non-NULL pointers from `mbedtls_calloc` even if |
| 1221 | * `keylen == 0` in the case of the NULL cipher. */ |
| 1222 | CHK( ( key0 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL ); |
| 1223 | CHK( ( key1 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL ); |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1224 | memset( key0, 0x1, keylen ); |
| 1225 | memset( key1, 0x2, keylen ); |
| 1226 | |
| 1227 | /* Setup cipher contexts */ |
| 1228 | CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_enc, cipher_info ) == 0 ); |
| 1229 | CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_dec, cipher_info ) == 0 ); |
| 1230 | CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_enc, cipher_info ) == 0 ); |
| 1231 | CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_dec, cipher_info ) == 0 ); |
| 1232 | |
| 1233 | #if defined(MBEDTLS_CIPHER_MODE_CBC) |
| 1234 | if( cipher_info->mode == MBEDTLS_MODE_CBC ) |
| 1235 | { |
| 1236 | CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_enc, |
| 1237 | MBEDTLS_PADDING_NONE ) == 0 ); |
| 1238 | CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_dec, |
| 1239 | MBEDTLS_PADDING_NONE ) == 0 ); |
| 1240 | CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_enc, |
| 1241 | MBEDTLS_PADDING_NONE ) == 0 ); |
| 1242 | CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_dec, |
| 1243 | MBEDTLS_PADDING_NONE ) == 0 ); |
| 1244 | } |
| 1245 | #endif /* MBEDTLS_CIPHER_MODE_CBC */ |
| 1246 | |
| 1247 | CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_enc, key0, |
| 1248 | keylen << 3, MBEDTLS_ENCRYPT ) == 0 ); |
| 1249 | CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_dec, key1, |
| 1250 | keylen << 3, MBEDTLS_DECRYPT ) == 0 ); |
| 1251 | CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_enc, key1, |
| 1252 | keylen << 3, MBEDTLS_ENCRYPT ) == 0 ); |
| 1253 | CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_dec, key0, |
| 1254 | keylen << 3, MBEDTLS_DECRYPT ) == 0 ); |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1255 | |
| 1256 | /* Setup MAC contexts */ |
| 1257 | #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) |
| 1258 | if( cipher_info->mode == MBEDTLS_MODE_CBC || |
| 1259 | cipher_info->mode == MBEDTLS_MODE_STREAM ) |
| 1260 | { |
| 1261 | mbedtls_md_info_t const *md_info; |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1262 | |
| 1263 | /* Pick hash */ |
| 1264 | md_info = mbedtls_md_info_from_type( hash_id ); |
| 1265 | CHK( md_info != NULL ); |
| 1266 | |
| 1267 | /* Pick hash keys */ |
| 1268 | maclen = mbedtls_md_get_size( md_info ); |
Hanno Becker | 3ee5421 | 2019-04-04 16:31:26 +0100 | [diff] [blame] | 1269 | CHK( ( md0 = mbedtls_calloc( 1, maclen ) ) != NULL ); |
| 1270 | CHK( ( md1 = mbedtls_calloc( 1, maclen ) ) != NULL ); |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1271 | memset( md0, 0x5, maclen ); |
| 1272 | memset( md1, 0x6, maclen ); |
| 1273 | |
| 1274 | CHK( mbedtls_md_setup( &t_out->md_ctx_enc, md_info, 1 ) == 0 ); |
| 1275 | CHK( mbedtls_md_setup( &t_out->md_ctx_dec, md_info, 1 ) == 0 ); |
| 1276 | CHK( mbedtls_md_setup( &t_in->md_ctx_enc, md_info, 1 ) == 0 ); |
| 1277 | CHK( mbedtls_md_setup( &t_in->md_ctx_dec, md_info, 1 ) == 0 ); |
| 1278 | |
Mateusz Starzyk | 06b07fb | 2021-02-18 13:55:21 +0100 | [diff] [blame^] | 1279 | CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_enc, |
| 1280 | md0, maclen ) == 0 ); |
| 1281 | CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_dec, |
| 1282 | md1, maclen ) == 0 ); |
| 1283 | CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_enc, |
| 1284 | md1, maclen ) == 0 ); |
| 1285 | CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_dec, |
| 1286 | md0, maclen ) == 0 ); |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1287 | } |
| 1288 | #else |
| 1289 | ((void) hash_id); |
| 1290 | #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ |
| 1291 | |
| 1292 | |
| 1293 | /* Pick IV's (regardless of whether they |
| 1294 | * are being used by the transform). */ |
| 1295 | ivlen = cipher_info->iv_size; |
| 1296 | memset( iv_enc, 0x3, sizeof( iv_enc ) ); |
| 1297 | memset( iv_dec, 0x4, sizeof( iv_dec ) ); |
| 1298 | |
| 1299 | /* |
| 1300 | * Setup transforms |
| 1301 | */ |
| 1302 | |
Jaeden Amero | 2de07f1 | 2019-06-05 13:32:08 +0100 | [diff] [blame] | 1303 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ |
| 1304 | defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1305 | t_out->encrypt_then_mac = etm; |
| 1306 | t_in->encrypt_then_mac = etm; |
| 1307 | #else |
| 1308 | ((void) etm); |
| 1309 | #endif |
| 1310 | |
| 1311 | t_out->minor_ver = ver; |
| 1312 | t_in->minor_ver = ver; |
| 1313 | t_out->ivlen = ivlen; |
| 1314 | t_in->ivlen = ivlen; |
| 1315 | |
| 1316 | switch( cipher_info->mode ) |
| 1317 | { |
| 1318 | case MBEDTLS_MODE_GCM: |
| 1319 | case MBEDTLS_MODE_CCM: |
Hanno Becker | e683287 | 2020-05-28 08:29:58 +0100 | [diff] [blame] | 1320 | #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) |
| 1321 | if( ver == MBEDTLS_SSL_MINOR_VERSION_4 ) |
| 1322 | { |
| 1323 | t_out->fixed_ivlen = 12; |
| 1324 | t_in->fixed_ivlen = 12; |
| 1325 | } |
| 1326 | else |
| 1327 | #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ |
| 1328 | { |
| 1329 | t_out->fixed_ivlen = 4; |
| 1330 | t_in->fixed_ivlen = 4; |
| 1331 | } |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1332 | t_out->maclen = 0; |
| 1333 | t_in->maclen = 0; |
| 1334 | switch( tag_mode ) |
| 1335 | { |
| 1336 | case 0: /* Full tag */ |
| 1337 | t_out->taglen = 16; |
| 1338 | t_in->taglen = 16; |
| 1339 | break; |
| 1340 | case 1: /* Partial tag */ |
| 1341 | t_out->taglen = 8; |
| 1342 | t_in->taglen = 8; |
| 1343 | break; |
| 1344 | default: |
| 1345 | return( 1 ); |
| 1346 | } |
| 1347 | break; |
| 1348 | |
| 1349 | case MBEDTLS_MODE_CHACHAPOLY: |
| 1350 | t_out->fixed_ivlen = 12; |
| 1351 | t_in->fixed_ivlen = 12; |
| 1352 | t_out->maclen = 0; |
| 1353 | t_in->maclen = 0; |
| 1354 | switch( tag_mode ) |
| 1355 | { |
| 1356 | case 0: /* Full tag */ |
| 1357 | t_out->taglen = 16; |
| 1358 | t_in->taglen = 16; |
| 1359 | break; |
| 1360 | case 1: /* Partial tag */ |
| 1361 | t_out->taglen = 8; |
| 1362 | t_in->taglen = 8; |
| 1363 | break; |
| 1364 | default: |
| 1365 | return( 1 ); |
| 1366 | } |
| 1367 | break; |
| 1368 | |
| 1369 | case MBEDTLS_MODE_STREAM: |
| 1370 | case MBEDTLS_MODE_CBC: |
| 1371 | t_out->fixed_ivlen = 0; /* redundant, must be 0 */ |
| 1372 | t_in->fixed_ivlen = 0; /* redundant, must be 0 */ |
| 1373 | t_out->taglen = 0; |
| 1374 | t_in->taglen = 0; |
| 1375 | switch( tag_mode ) |
| 1376 | { |
| 1377 | case 0: /* Full tag */ |
| 1378 | t_out->maclen = maclen; |
| 1379 | t_in->maclen = maclen; |
| 1380 | break; |
| 1381 | case 1: /* Partial tag */ |
| 1382 | t_out->maclen = 10; |
| 1383 | t_in->maclen = 10; |
| 1384 | break; |
| 1385 | default: |
| 1386 | return( 1 ); |
| 1387 | } |
| 1388 | break; |
| 1389 | default: |
| 1390 | return( 1 ); |
| 1391 | break; |
| 1392 | } |
| 1393 | |
| 1394 | /* Setup IV's */ |
| 1395 | |
| 1396 | memcpy( &t_in->iv_dec, iv_dec, sizeof( iv_dec ) ); |
| 1397 | memcpy( &t_in->iv_enc, iv_enc, sizeof( iv_enc ) ); |
| 1398 | memcpy( &t_out->iv_dec, iv_enc, sizeof( iv_enc ) ); |
| 1399 | memcpy( &t_out->iv_enc, iv_dec, sizeof( iv_dec ) ); |
| 1400 | |
Hanno Becker | a0e20d0 | 2019-05-15 14:03:01 +0100 | [diff] [blame] | 1401 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 1402 | /* Add CID */ |
| 1403 | memcpy( &t_in->in_cid, cid0, cid0_len ); |
| 1404 | memcpy( &t_in->out_cid, cid1, cid1_len ); |
| 1405 | t_in->in_cid_len = cid0_len; |
| 1406 | t_in->out_cid_len = cid1_len; |
| 1407 | memcpy( &t_out->in_cid, cid1, cid1_len ); |
| 1408 | memcpy( &t_out->out_cid, cid0, cid0_len ); |
| 1409 | t_out->in_cid_len = cid1_len; |
| 1410 | t_out->out_cid_len = cid0_len; |
Hanno Becker | a0e20d0 | 2019-05-15 14:03:01 +0100 | [diff] [blame] | 1411 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 1412 | |
Hanno Becker | 81e16a3 | 2019-03-01 11:21:44 +0000 | [diff] [blame] | 1413 | cleanup: |
| 1414 | |
Hanno Becker | 3ee5421 | 2019-04-04 16:31:26 +0100 | [diff] [blame] | 1415 | mbedtls_free( key0 ); |
| 1416 | mbedtls_free( key1 ); |
Hanno Becker | 81e16a3 | 2019-03-01 11:21:44 +0000 | [diff] [blame] | 1417 | |
Paul Elliott | 6f1eda7 | 2020-06-11 20:22:00 +0100 | [diff] [blame] | 1418 | mbedtls_free( md0 ); |
| 1419 | mbedtls_free( md1 ); |
| 1420 | |
Hanno Becker | a5780f1 | 2019-04-05 09:55:37 +0100 | [diff] [blame] | 1421 | return( ret ); |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 1422 | } |
| 1423 | |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1424 | /* |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 1425 | * Populate a session structure for serialization tests. |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1426 | * Choose dummy values, mostly non-0 to distinguish from the init default. |
| 1427 | */ |
| 1428 | static int ssl_populate_session( mbedtls_ssl_session *session, |
Manuel Pégourié-Gonnard | 220403b | 2019-05-24 09:54:21 +0200 | [diff] [blame] | 1429 | int ticket_len, |
| 1430 | const char *crt_file ) |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1431 | { |
| 1432 | #if defined(MBEDTLS_HAVE_TIME) |
| 1433 | session->start = mbedtls_time( NULL ) - 42; |
| 1434 | #endif |
| 1435 | session->ciphersuite = 0xabcd; |
| 1436 | session->compression = 1; |
| 1437 | session->id_len = sizeof( session->id ); |
| 1438 | memset( session->id, 66, session->id_len ); |
Manuel Pégourié-Gonnard | 220403b | 2019-05-24 09:54:21 +0200 | [diff] [blame] | 1439 | memset( session->master, 17, sizeof( session->master ) ); |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1440 | |
Manuel Pégourié-Gonnard | 1f6033a | 2019-05-24 10:17:52 +0200 | [diff] [blame] | 1441 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_FS_IO) |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1442 | if( strlen( crt_file ) != 0 ) |
| 1443 | { |
Manuel Pégourié-Gonnard | ee13a73 | 2019-07-29 13:00:39 +0200 | [diff] [blame] | 1444 | mbedtls_x509_crt tmp_crt; |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1445 | int ret; |
Manuel Pégourié-Gonnard | 6b84070 | 2019-05-24 09:40:17 +0200 | [diff] [blame] | 1446 | |
Manuel Pégourié-Gonnard | ee13a73 | 2019-07-29 13:00:39 +0200 | [diff] [blame] | 1447 | mbedtls_x509_crt_init( &tmp_crt ); |
| 1448 | ret = mbedtls_x509_crt_parse_file( &tmp_crt, crt_file ); |
| 1449 | if( ret != 0 ) |
| 1450 | return( ret ); |
| 1451 | |
| 1452 | #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) |
| 1453 | /* Move temporary CRT. */ |
Manuel Pégourié-Gonnard | 6b84070 | 2019-05-24 09:40:17 +0200 | [diff] [blame] | 1454 | session->peer_cert = mbedtls_calloc( 1, sizeof( *session->peer_cert ) ); |
| 1455 | if( session->peer_cert == NULL ) |
| 1456 | return( -1 ); |
Manuel Pégourié-Gonnard | ee13a73 | 2019-07-29 13:00:39 +0200 | [diff] [blame] | 1457 | *session->peer_cert = tmp_crt; |
| 1458 | memset( &tmp_crt, 0, sizeof( tmp_crt ) ); |
| 1459 | #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ |
| 1460 | /* Calculate digest of temporary CRT. */ |
| 1461 | session->peer_cert_digest = |
| 1462 | mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ); |
| 1463 | if( session->peer_cert_digest == NULL ) |
| 1464 | return( -1 ); |
| 1465 | ret = mbedtls_md( mbedtls_md_info_from_type( |
| 1466 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ), |
| 1467 | tmp_crt.raw.p, tmp_crt.raw.len, |
| 1468 | session->peer_cert_digest ); |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1469 | if( ret != 0 ) |
| 1470 | return( ret ); |
Manuel Pégourié-Gonnard | ee13a73 | 2019-07-29 13:00:39 +0200 | [diff] [blame] | 1471 | session->peer_cert_digest_type = |
| 1472 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; |
| 1473 | session->peer_cert_digest_len = |
| 1474 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; |
| 1475 | #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ |
| 1476 | |
| 1477 | mbedtls_x509_crt_free( &tmp_crt ); |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1478 | } |
Manuel Pégourié-Gonnard | ee13a73 | 2019-07-29 13:00:39 +0200 | [diff] [blame] | 1479 | #else /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */ |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1480 | (void) crt_file; |
Manuel Pégourié-Gonnard | ee13a73 | 2019-07-29 13:00:39 +0200 | [diff] [blame] | 1481 | #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */ |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1482 | session->verify_result = 0xdeadbeef; |
| 1483 | |
| 1484 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) |
| 1485 | if( ticket_len != 0 ) |
| 1486 | { |
| 1487 | session->ticket = mbedtls_calloc( 1, ticket_len ); |
Manuel Pégourié-Gonnard | 220403b | 2019-05-24 09:54:21 +0200 | [diff] [blame] | 1488 | if( session->ticket == NULL ) |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 1489 | return( -1 ); |
| 1490 | memset( session->ticket, 33, ticket_len ); |
| 1491 | } |
| 1492 | session->ticket_len = ticket_len; |
| 1493 | session->ticket_lifetime = 86401; |
| 1494 | #else |
| 1495 | (void) ticket_len; |
| 1496 | #endif |
| 1497 | |
| 1498 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
| 1499 | session->mfl_code = 1; |
| 1500 | #endif |
| 1501 | #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) |
| 1502 | session->trunc_hmac = 1; |
| 1503 | #endif |
| 1504 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) |
| 1505 | session->encrypt_then_mac = 1; |
| 1506 | #endif |
| 1507 | |
| 1508 | return( 0 ); |
| 1509 | } |
| 1510 | |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1511 | /* |
| 1512 | * Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the |
| 1513 | * message was sent in the correct number of fragments. |
| 1514 | * |
| 1515 | * /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both |
| 1516 | * of them must be initialized and connected beforehand. |
| 1517 | * /p msg_len_1 and /p msg_len_2 specify the size of the message to send. |
| 1518 | * /p expected_fragments_1 and /p expected_fragments_2 determine in how many |
| 1519 | * fragments the message should be sent. |
| 1520 | * expected_fragments is 0: can be used for DTLS testing while the message |
| 1521 | * size is larger than MFL. In that case the message |
| 1522 | * cannot be fragmented and sent to the second endpoint. |
| 1523 | * This value can be used for negative tests. |
| 1524 | * expected_fragments is 1: can be used for TLS/DTLS testing while the |
| 1525 | * message size is below MFL |
| 1526 | * expected_fragments > 1: can be used for TLS testing while the message |
| 1527 | * size is larger than MFL |
| 1528 | * |
| 1529 | * \retval 0 on success, otherwise error code. |
| 1530 | */ |
| 1531 | int mbedtls_exchange_data( mbedtls_ssl_context *ssl_1, |
| 1532 | int msg_len_1, const int expected_fragments_1, |
| 1533 | mbedtls_ssl_context *ssl_2, |
| 1534 | int msg_len_2, const int expected_fragments_2 ) |
| 1535 | { |
| 1536 | unsigned char *msg_buf_1 = malloc( msg_len_1 ); |
| 1537 | unsigned char *msg_buf_2 = malloc( msg_len_2 ); |
| 1538 | unsigned char *in_buf_1 = malloc( msg_len_2 ); |
| 1539 | unsigned char *in_buf_2 = malloc( msg_len_1 ); |
| 1540 | int msg_type, ret = -1; |
| 1541 | |
| 1542 | /* Perform this test with two message types. At first use a message |
| 1543 | * consisting of only 0x00 for the client and only 0xFF for the server. |
| 1544 | * At the second time use message with generated data */ |
| 1545 | for( msg_type = 0; msg_type < 2; msg_type++ ) |
| 1546 | { |
| 1547 | int written_1 = 0; |
| 1548 | int written_2 = 0; |
| 1549 | int read_1 = 0; |
| 1550 | int read_2 = 0; |
| 1551 | int fragments_1 = 0; |
| 1552 | int fragments_2 = 0; |
| 1553 | |
| 1554 | if( msg_type == 0 ) |
| 1555 | { |
| 1556 | memset( msg_buf_1, 0x00, msg_len_1 ); |
| 1557 | memset( msg_buf_2, 0xff, msg_len_2 ); |
| 1558 | } |
| 1559 | else |
| 1560 | { |
| 1561 | int i, j = 0; |
| 1562 | for( i = 0; i < msg_len_1; i++ ) |
| 1563 | { |
| 1564 | msg_buf_1[i] = j++ & 0xFF; |
| 1565 | } |
| 1566 | for( i = 0; i < msg_len_2; i++ ) |
| 1567 | { |
| 1568 | msg_buf_2[i] = ( j -= 5 ) & 0xFF; |
| 1569 | } |
| 1570 | } |
| 1571 | |
| 1572 | while( read_1 < msg_len_2 || read_2 < msg_len_1 ) |
| 1573 | { |
| 1574 | /* ssl_1 sending */ |
| 1575 | if( msg_len_1 > written_1 ) |
| 1576 | { |
| 1577 | ret = mbedtls_ssl_write_fragment( ssl_1, msg_buf_1, |
| 1578 | msg_len_1, &written_1, |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1579 | expected_fragments_1 ); |
| 1580 | if( expected_fragments_1 == 0 ) |
| 1581 | { |
| 1582 | /* This error is expected when the message is too large and |
| 1583 | * cannot be fragmented */ |
| 1584 | TEST_ASSERT( ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); |
| 1585 | msg_len_1 = 0; |
| 1586 | } |
| 1587 | else |
| 1588 | { |
| 1589 | TEST_ASSERT( ret == 0 ); |
| 1590 | } |
| 1591 | } |
| 1592 | |
| 1593 | /* ssl_2 sending */ |
| 1594 | if( msg_len_2 > written_2 ) |
| 1595 | { |
| 1596 | ret = mbedtls_ssl_write_fragment( ssl_2, msg_buf_2, |
| 1597 | msg_len_2, &written_2, |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1598 | expected_fragments_2 ); |
| 1599 | if( expected_fragments_2 == 0 ) |
| 1600 | { |
| 1601 | /* This error is expected when the message is too large and |
| 1602 | * cannot be fragmented */ |
| 1603 | TEST_ASSERT( ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); |
| 1604 | msg_len_2 = 0; |
| 1605 | } |
| 1606 | else |
| 1607 | { |
| 1608 | TEST_ASSERT( ret == 0 ); |
| 1609 | } |
| 1610 | } |
| 1611 | |
| 1612 | /* ssl_1 reading */ |
| 1613 | if( read_1 < msg_len_2 ) |
| 1614 | { |
| 1615 | ret = mbedtls_ssl_read_fragment( ssl_1, in_buf_1, |
| 1616 | msg_len_2, &read_1, |
Piotr Nowicki | 438bf3b | 2020-03-10 12:59:10 +0100 | [diff] [blame] | 1617 | &fragments_2, |
| 1618 | expected_fragments_2 ); |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1619 | TEST_ASSERT( ret == 0 ); |
| 1620 | } |
| 1621 | |
| 1622 | /* ssl_2 reading */ |
| 1623 | if( read_2 < msg_len_1 ) |
| 1624 | { |
| 1625 | ret = mbedtls_ssl_read_fragment( ssl_2, in_buf_2, |
| 1626 | msg_len_1, &read_2, |
Piotr Nowicki | 438bf3b | 2020-03-10 12:59:10 +0100 | [diff] [blame] | 1627 | &fragments_1, |
| 1628 | expected_fragments_1 ); |
Piotr Nowicki | 6a7f01c | 2020-02-12 13:53:36 +0100 | [diff] [blame] | 1629 | TEST_ASSERT( ret == 0 ); |
| 1630 | } |
| 1631 | } |
| 1632 | |
| 1633 | ret = -1; |
| 1634 | TEST_ASSERT( 0 == memcmp( msg_buf_1, in_buf_2, msg_len_1 ) ); |
| 1635 | TEST_ASSERT( 0 == memcmp( msg_buf_2, in_buf_1, msg_len_2 ) ); |
| 1636 | TEST_ASSERT( fragments_1 == expected_fragments_1 ); |
| 1637 | TEST_ASSERT( fragments_2 == expected_fragments_2 ); |
| 1638 | } |
| 1639 | |
| 1640 | ret = 0; |
| 1641 | |
| 1642 | exit: |
| 1643 | free( msg_buf_1 ); |
| 1644 | free( in_buf_1 ); |
| 1645 | free( msg_buf_2 ); |
| 1646 | free( in_buf_2 ); |
| 1647 | |
| 1648 | return ret; |
| 1649 | } |
| 1650 | |
Piotr Nowicki | 95e9eb8 | 2020-02-14 11:33:34 +0100 | [diff] [blame] | 1651 | /* |
| 1652 | * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints |
| 1653 | * must be initialized and connected beforehand. |
| 1654 | * |
| 1655 | * \retval 0 on success, otherwise error code. |
| 1656 | */ |
| 1657 | int exchange_data( mbedtls_ssl_context *ssl_1, |
| 1658 | mbedtls_ssl_context *ssl_2 ) |
| 1659 | { |
| 1660 | return mbedtls_exchange_data( ssl_1, 256, 1, |
| 1661 | ssl_2, 256, 1 ); |
| 1662 | } |
| 1663 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 1664 | #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ |
| 1665 | defined(MBEDTLS_ENTROPY_C) && \ |
| 1666 | defined(MBEDTLS_CTR_DRBG_C) |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1667 | void perform_handshake( handshake_test_options* options ) |
| 1668 | { |
| 1669 | /* forced_ciphersuite needs to last until the end of the handshake */ |
| 1670 | int forced_ciphersuite[2]; |
| 1671 | enum { BUFFSIZE = 17000 }; |
| 1672 | mbedtls_endpoint client, server; |
Gilles Peskine | eccd888 | 2020-03-10 12:19:08 +0100 | [diff] [blame] | 1673 | #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1674 | const char *psk_identity = "foo"; |
| 1675 | #endif |
| 1676 | #if defined(MBEDTLS_TIMING_C) |
| 1677 | mbedtls_timing_delay_context timer_client, timer_server; |
| 1678 | #endif |
| 1679 | #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) |
| 1680 | unsigned char *context_buf = NULL; |
| 1681 | size_t context_buf_len; |
| 1682 | #endif |
| 1683 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 1684 | int ret = -1; |
| 1685 | #endif |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 1686 | int expected_handshake_result = 0; |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1687 | |
| 1688 | mbedtls_test_message_queue server_queue, client_queue; |
| 1689 | mbedtls_test_message_socket_context server_context, client_context; |
Andrzej Kurek | 45916ba | 2020-03-05 14:46:22 -0500 | [diff] [blame] | 1690 | mbedtls_message_socket_init( &server_context ); |
| 1691 | mbedtls_message_socket_init( &client_context ); |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1692 | |
| 1693 | /* Client side */ |
| 1694 | if( options->dtls != 0 ) |
| 1695 | { |
| 1696 | TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, |
| 1697 | options->pk_alg, &client_context, |
| 1698 | &client_queue, |
| 1699 | &server_queue ) == 0 ); |
| 1700 | #if defined(MBEDTLS_TIMING_C) |
| 1701 | mbedtls_ssl_set_timer_cb( &client.ssl, &timer_client, |
| 1702 | mbedtls_timing_set_delay, |
| 1703 | mbedtls_timing_get_delay ); |
| 1704 | #endif |
| 1705 | } |
| 1706 | else |
| 1707 | { |
| 1708 | TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, |
| 1709 | options->pk_alg, NULL, NULL, |
| 1710 | NULL ) == 0 ); |
| 1711 | } |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 1712 | |
| 1713 | if( options->client_min_version != TEST_SSL_MINOR_VERSION_NONE ) |
| 1714 | { |
| 1715 | mbedtls_ssl_conf_min_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, |
| 1716 | options->client_min_version ); |
| 1717 | } |
| 1718 | |
| 1719 | if( options->client_max_version != TEST_SSL_MINOR_VERSION_NONE ) |
| 1720 | { |
| 1721 | mbedtls_ssl_conf_max_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, |
| 1722 | options->client_max_version ); |
| 1723 | } |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1724 | |
| 1725 | if( strlen( options->cipher ) > 0 ) |
| 1726 | { |
| 1727 | set_ciphersuite( &client.conf, options->cipher, forced_ciphersuite ); |
| 1728 | } |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 1729 | |
| 1730 | #if defined (MBEDTLS_DEBUG_C) |
| 1731 | if( options->cli_log_fun ) |
| 1732 | { |
| 1733 | mbedtls_debug_set_threshold( 4 ); |
| 1734 | mbedtls_ssl_conf_dbg( &client.conf, options->cli_log_fun, |
| 1735 | options->cli_log_obj ); |
| 1736 | } |
| 1737 | #endif |
| 1738 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1739 | /* Server side */ |
| 1740 | if( options->dtls != 0 ) |
| 1741 | { |
| 1742 | TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, |
| 1743 | options->pk_alg, &server_context, |
| 1744 | &server_queue, |
| 1745 | &client_queue) == 0 ); |
| 1746 | #if defined(MBEDTLS_TIMING_C) |
| 1747 | mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server, |
| 1748 | mbedtls_timing_set_delay, |
| 1749 | mbedtls_timing_get_delay ); |
| 1750 | #endif |
| 1751 | } |
| 1752 | else |
| 1753 | { |
| 1754 | TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, |
| 1755 | options->pk_alg, NULL, NULL, NULL ) == 0 ); |
| 1756 | } |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 1757 | |
| 1758 | mbedtls_ssl_conf_authmode( &server.conf, options->srv_auth_mode ); |
| 1759 | |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 1760 | if( options->server_min_version != TEST_SSL_MINOR_VERSION_NONE ) |
| 1761 | { |
| 1762 | mbedtls_ssl_conf_min_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, |
| 1763 | options->server_min_version ); |
| 1764 | } |
| 1765 | |
| 1766 | if( options->server_max_version != TEST_SSL_MINOR_VERSION_NONE ) |
| 1767 | { |
| 1768 | mbedtls_ssl_conf_max_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, |
| 1769 | options->server_max_version ); |
| 1770 | } |
| 1771 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1772 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
| 1773 | TEST_ASSERT( mbedtls_ssl_conf_max_frag_len( &(server.conf), |
| 1774 | (unsigned char) options->mfl ) == 0 ); |
| 1775 | TEST_ASSERT( mbedtls_ssl_conf_max_frag_len( &(client.conf), |
| 1776 | (unsigned char) options->mfl ) == 0 ); |
| 1777 | #else |
| 1778 | TEST_ASSERT( MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl ); |
| 1779 | #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ |
| 1780 | |
Gilles Peskine | eccd888 | 2020-03-10 12:19:08 +0100 | [diff] [blame] | 1781 | #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1782 | if( options->psk_str != NULL && options->psk_str->len > 0 ) |
| 1783 | { |
| 1784 | TEST_ASSERT( mbedtls_ssl_conf_psk( &client.conf, options->psk_str->x, |
| 1785 | options->psk_str->len, |
| 1786 | (const unsigned char *) psk_identity, |
| 1787 | strlen( psk_identity ) ) == 0 ); |
| 1788 | |
| 1789 | TEST_ASSERT( mbedtls_ssl_conf_psk( &server.conf, options->psk_str->x, |
| 1790 | options->psk_str->len, |
| 1791 | (const unsigned char *) psk_identity, |
| 1792 | strlen( psk_identity ) ) == 0 ); |
| 1793 | |
| 1794 | mbedtls_ssl_conf_psk_cb( &server.conf, psk_dummy_callback, NULL ); |
| 1795 | } |
| 1796 | #endif |
| 1797 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 1798 | if( options->renegotiate ) |
| 1799 | { |
| 1800 | mbedtls_ssl_conf_renegotiation( &(server.conf), |
| 1801 | MBEDTLS_SSL_RENEGOTIATION_ENABLED ); |
| 1802 | mbedtls_ssl_conf_renegotiation( &(client.conf), |
| 1803 | MBEDTLS_SSL_RENEGOTIATION_ENABLED ); |
| 1804 | |
| 1805 | mbedtls_ssl_conf_legacy_renegotiation( &(server.conf), |
| 1806 | options->legacy_renegotiation ); |
| 1807 | mbedtls_ssl_conf_legacy_renegotiation( &(client.conf), |
| 1808 | options->legacy_renegotiation ); |
| 1809 | } |
| 1810 | #endif /* MBEDTLS_SSL_RENEGOTIATION */ |
| 1811 | |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 1812 | #if defined (MBEDTLS_DEBUG_C) |
| 1813 | if( options->srv_log_fun ) |
| 1814 | { |
| 1815 | mbedtls_debug_set_threshold( 4 ); |
| 1816 | mbedtls_ssl_conf_dbg( &server.conf, options->srv_log_fun, |
| 1817 | options->srv_log_obj ); |
| 1818 | } |
| 1819 | #endif |
| 1820 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1821 | TEST_ASSERT( mbedtls_mock_socket_connect( &(client.socket), |
| 1822 | &(server.socket), |
| 1823 | BUFFSIZE ) == 0 ); |
| 1824 | |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 1825 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 1826 | if( options->resize_buffers != 0 ) |
| 1827 | { |
| 1828 | /* Ensure that the buffer sizes are appropriate before resizes */ |
| 1829 | TEST_ASSERT( client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); |
| 1830 | TEST_ASSERT( client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); |
| 1831 | TEST_ASSERT( server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); |
| 1832 | TEST_ASSERT( server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); |
| 1833 | } |
| 1834 | #endif |
| 1835 | |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 1836 | if( options->expected_negotiated_version == TEST_SSL_MINOR_VERSION_NONE ) |
| 1837 | { |
| 1838 | expected_handshake_result = MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; |
| 1839 | } |
| 1840 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1841 | TEST_ASSERT( mbedtls_move_handshake_to_state( &(client.ssl), |
| 1842 | &(server.ssl), |
| 1843 | MBEDTLS_SSL_HANDSHAKE_OVER ) |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 1844 | == expected_handshake_result ); |
| 1845 | |
| 1846 | if( expected_handshake_result != 0 ) |
| 1847 | { |
| 1848 | /* Connection will have failed by this point, skip to cleanup */ |
| 1849 | goto exit; |
| 1850 | } |
| 1851 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1852 | TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER ); |
| 1853 | TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER ); |
| 1854 | |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 1855 | /* Check that we agree on the version... */ |
| 1856 | TEST_ASSERT( client.ssl.minor_ver == server.ssl.minor_ver ); |
| 1857 | |
| 1858 | /* And check that the version negotiated is the expected one. */ |
| 1859 | TEST_EQUAL( client.ssl.minor_ver, options->expected_negotiated_version ); |
| 1860 | |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 1861 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 1862 | if( options->resize_buffers != 0 ) |
| 1863 | { |
Mateusz Starzyk | 06b07fb | 2021-02-18 13:55:21 +0100 | [diff] [blame^] | 1864 | if( options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_1 ) |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 1865 | { |
| 1866 | /* A server, when using DTLS, might delay a buffer resize to happen |
| 1867 | * after it receives a message, so we force it. */ |
| 1868 | TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); |
| 1869 | |
| 1870 | TEST_ASSERT( client.ssl.out_buf_len == |
| 1871 | mbedtls_ssl_get_output_buflen( &client.ssl ) ); |
| 1872 | TEST_ASSERT( client.ssl.in_buf_len == |
| 1873 | mbedtls_ssl_get_input_buflen( &client.ssl ) ); |
| 1874 | TEST_ASSERT( server.ssl.out_buf_len == |
| 1875 | mbedtls_ssl_get_output_buflen( &server.ssl ) ); |
| 1876 | TEST_ASSERT( server.ssl.in_buf_len == |
| 1877 | mbedtls_ssl_get_input_buflen( &server.ssl ) ); |
| 1878 | } |
| 1879 | } |
| 1880 | #endif |
| 1881 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1882 | if( options->cli_msg_len != 0 || options->srv_msg_len != 0 ) |
| 1883 | { |
| 1884 | /* Start data exchanging test */ |
| 1885 | TEST_ASSERT( mbedtls_exchange_data( &(client.ssl), options->cli_msg_len, |
| 1886 | options->expected_cli_fragments, |
| 1887 | &(server.ssl), options->srv_msg_len, |
| 1888 | options->expected_srv_fragments ) |
| 1889 | == 0 ); |
| 1890 | } |
| 1891 | #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) |
| 1892 | if( options->serialize == 1 ) |
| 1893 | { |
| 1894 | TEST_ASSERT( options->dtls == 1 ); |
| 1895 | |
| 1896 | TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), NULL, |
| 1897 | 0, &context_buf_len ) |
| 1898 | == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); |
| 1899 | |
| 1900 | context_buf = mbedtls_calloc( 1, context_buf_len ); |
| 1901 | TEST_ASSERT( context_buf != NULL ); |
| 1902 | |
| 1903 | TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), context_buf, |
| 1904 | context_buf_len, |
| 1905 | &context_buf_len ) == 0 ); |
| 1906 | |
| 1907 | mbedtls_ssl_free( &(server.ssl) ); |
| 1908 | mbedtls_ssl_init( &(server.ssl) ); |
| 1909 | |
| 1910 | TEST_ASSERT( mbedtls_ssl_setup( &(server.ssl), &(server.conf) ) == 0 ); |
| 1911 | |
| 1912 | mbedtls_ssl_set_bio( &( server.ssl ), &server_context, |
| 1913 | mbedtls_mock_tcp_send_msg, |
| 1914 | mbedtls_mock_tcp_recv_msg, |
| 1915 | NULL ); |
| 1916 | |
| 1917 | #if defined(MBEDTLS_TIMING_C) |
| 1918 | mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server, |
| 1919 | mbedtls_timing_set_delay, |
| 1920 | mbedtls_timing_get_delay ); |
| 1921 | #endif |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 1922 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 1923 | if( options->resize_buffers != 0 ) |
| 1924 | { |
| 1925 | /* Ensure that the buffer sizes are appropriate before resizes */ |
| 1926 | TEST_ASSERT( server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); |
| 1927 | TEST_ASSERT( server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); |
| 1928 | } |
| 1929 | #endif |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1930 | TEST_ASSERT( mbedtls_ssl_context_load( &( server.ssl ), context_buf, |
| 1931 | context_buf_len ) == 0 ); |
| 1932 | |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 1933 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 1934 | /* Validate buffer sizes after context deserialization */ |
| 1935 | if( options->resize_buffers != 0 ) |
| 1936 | { |
| 1937 | TEST_ASSERT( server.ssl.out_buf_len == |
| 1938 | mbedtls_ssl_get_output_buflen( &server.ssl ) ); |
| 1939 | TEST_ASSERT( server.ssl.in_buf_len == |
| 1940 | mbedtls_ssl_get_input_buflen( &server.ssl ) ); |
| 1941 | } |
| 1942 | #endif |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1943 | /* Retest writing/reading */ |
| 1944 | if( options->cli_msg_len != 0 || options->srv_msg_len != 0 ) |
| 1945 | { |
| 1946 | TEST_ASSERT( mbedtls_exchange_data( &(client.ssl), |
| 1947 | options->cli_msg_len, |
| 1948 | options->expected_cli_fragments, |
| 1949 | &(server.ssl), |
| 1950 | options->srv_msg_len, |
| 1951 | options->expected_srv_fragments ) |
| 1952 | == 0 ); |
| 1953 | } |
| 1954 | } |
| 1955 | #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 1956 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1957 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 1958 | if( options->renegotiate ) |
| 1959 | { |
| 1960 | /* Start test with renegotiation */ |
| 1961 | TEST_ASSERT( server.ssl.renego_status == |
| 1962 | MBEDTLS_SSL_INITIAL_HANDSHAKE ); |
| 1963 | TEST_ASSERT( client.ssl.renego_status == |
| 1964 | MBEDTLS_SSL_INITIAL_HANDSHAKE ); |
| 1965 | |
| 1966 | /* After calling this function for the server, it only sends a handshake |
| 1967 | * request. All renegotiation should happen during data exchanging */ |
| 1968 | TEST_ASSERT( mbedtls_ssl_renegotiate( &(server.ssl) ) == 0 ); |
| 1969 | TEST_ASSERT( server.ssl.renego_status == |
| 1970 | MBEDTLS_SSL_RENEGOTIATION_PENDING ); |
| 1971 | TEST_ASSERT( client.ssl.renego_status == |
| 1972 | MBEDTLS_SSL_INITIAL_HANDSHAKE ); |
| 1973 | |
| 1974 | TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); |
| 1975 | TEST_ASSERT( server.ssl.renego_status == |
| 1976 | MBEDTLS_SSL_RENEGOTIATION_DONE ); |
| 1977 | TEST_ASSERT( client.ssl.renego_status == |
| 1978 | MBEDTLS_SSL_RENEGOTIATION_DONE ); |
| 1979 | |
| 1980 | /* After calling mbedtls_ssl_renegotiate for the client all renegotiation |
| 1981 | * should happen inside this function. However in this test, we cannot |
| 1982 | * perform simultaneous communication betwen client and server so this |
| 1983 | * function will return waiting error on the socket. All rest of |
| 1984 | * renegotiation should happen during data exchanging */ |
| 1985 | ret = mbedtls_ssl_renegotiate( &(client.ssl) ); |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 1986 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 1987 | if( options->resize_buffers != 0 ) |
| 1988 | { |
| 1989 | /* Ensure that the buffer sizes are appropriate before resizes */ |
| 1990 | TEST_ASSERT( client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); |
| 1991 | TEST_ASSERT( client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); |
| 1992 | } |
| 1993 | #endif |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 1994 | TEST_ASSERT( ret == 0 || |
| 1995 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 1996 | ret == MBEDTLS_ERR_SSL_WANT_WRITE ); |
| 1997 | TEST_ASSERT( server.ssl.renego_status == |
| 1998 | MBEDTLS_SSL_RENEGOTIATION_DONE ); |
| 1999 | TEST_ASSERT( client.ssl.renego_status == |
| 2000 | MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ); |
| 2001 | |
| 2002 | TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); |
| 2003 | TEST_ASSERT( server.ssl.renego_status == |
| 2004 | MBEDTLS_SSL_RENEGOTIATION_DONE ); |
| 2005 | TEST_ASSERT( client.ssl.renego_status == |
| 2006 | MBEDTLS_SSL_RENEGOTIATION_DONE ); |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 2007 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2008 | /* Validate buffer sizes after renegotiation */ |
| 2009 | if( options->resize_buffers != 0 ) |
| 2010 | { |
| 2011 | TEST_ASSERT( client.ssl.out_buf_len == |
| 2012 | mbedtls_ssl_get_output_buflen( &client.ssl ) ); |
| 2013 | TEST_ASSERT( client.ssl.in_buf_len == |
| 2014 | mbedtls_ssl_get_input_buflen( &client.ssl ) ); |
| 2015 | TEST_ASSERT( server.ssl.out_buf_len == |
| 2016 | mbedtls_ssl_get_output_buflen( &server.ssl ) ); |
| 2017 | TEST_ASSERT( server.ssl.in_buf_len == |
| 2018 | mbedtls_ssl_get_input_buflen( &server.ssl ) ); |
| 2019 | } |
| 2020 | #endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 2021 | } |
| 2022 | #endif /* MBEDTLS_SSL_RENEGOTIATION */ |
| 2023 | |
| 2024 | exit: |
| 2025 | mbedtls_endpoint_free( &client, options->dtls != 0 ? &client_context : NULL ); |
| 2026 | mbedtls_endpoint_free( &server, options->dtls != 0 ? &server_context : NULL ); |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 2027 | #if defined (MBEDTLS_DEBUG_C) |
| 2028 | if( options->cli_log_fun || options->srv_log_fun ) |
| 2029 | { |
| 2030 | mbedtls_debug_set_threshold( 0 ); |
| 2031 | } |
| 2032 | #endif |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 2033 | #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) |
| 2034 | if( context_buf != NULL ) |
| 2035 | mbedtls_free( context_buf ); |
| 2036 | #endif |
| 2037 | } |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 2038 | #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 2039 | |
Manuel Pégourié-Gonnard | 4956fd7 | 2014-09-24 11:13:44 +0200 | [diff] [blame] | 2040 | /* END_HEADER */ |
| 2041 | |
| 2042 | /* BEGIN_DEPENDENCIES |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 2043 | * depends_on:MBEDTLS_SSL_TLS_C |
Manuel Pégourié-Gonnard | 4956fd7 | 2014-09-24 11:13:44 +0200 | [diff] [blame] | 2044 | * END_DEPENDENCIES |
| 2045 | */ |
| 2046 | |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 2047 | /* BEGIN_CASE */ |
| 2048 | void test_callback_buffer_sanity() |
| 2049 | { |
| 2050 | enum { MSGLEN = 10 }; |
| 2051 | mbedtls_test_buffer buf; |
| 2052 | unsigned char input[MSGLEN]; |
| 2053 | unsigned char output[MSGLEN]; |
| 2054 | |
| 2055 | memset( input, 0, sizeof(input) ); |
| 2056 | |
| 2057 | /* Make sure calling put and get on NULL buffer results in error. */ |
| 2058 | TEST_ASSERT( mbedtls_test_buffer_put( NULL, input, sizeof( input ) ) |
| 2059 | == -1 ); |
| 2060 | TEST_ASSERT( mbedtls_test_buffer_get( NULL, output, sizeof( output ) ) |
| 2061 | == -1 ); |
| 2062 | TEST_ASSERT( mbedtls_test_buffer_put( NULL, NULL, sizeof( input ) ) == -1 ); |
Andrzej Kurek | f777414 | 2020-01-22 06:34:59 -0500 | [diff] [blame] | 2063 | |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 2064 | TEST_ASSERT( mbedtls_test_buffer_put( NULL, NULL, 0 ) == -1 ); |
| 2065 | TEST_ASSERT( mbedtls_test_buffer_get( NULL, NULL, 0 ) == -1 ); |
| 2066 | |
| 2067 | /* Make sure calling put and get on a buffer that hasn't been set up results |
| 2068 | * in eror. */ |
| 2069 | mbedtls_test_buffer_init( &buf ); |
| 2070 | |
| 2071 | TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, sizeof( input ) ) == -1 ); |
| 2072 | TEST_ASSERT( mbedtls_test_buffer_get( &buf, output, sizeof( output ) ) |
| 2073 | == -1 ); |
| 2074 | TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, sizeof( input ) ) == -1 ); |
Andrzej Kurek | f777414 | 2020-01-22 06:34:59 -0500 | [diff] [blame] | 2075 | |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 2076 | TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, 0 ) == -1 ); |
| 2077 | TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, 0 ) == -1 ); |
| 2078 | |
Andrzej Kurek | f777414 | 2020-01-22 06:34:59 -0500 | [diff] [blame] | 2079 | /* Make sure calling put and get on NULL input only results in |
| 2080 | * error if the length is not zero, and that a NULL output is valid for data |
| 2081 | * dropping. |
| 2082 | */ |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 2083 | |
| 2084 | TEST_ASSERT( mbedtls_test_buffer_setup( &buf, sizeof( input ) ) == 0 ); |
| 2085 | |
| 2086 | TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, sizeof( input ) ) == -1 ); |
| 2087 | TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, sizeof( output ) ) |
Andrzej Kurek | f777414 | 2020-01-22 06:34:59 -0500 | [diff] [blame] | 2088 | == 0 ); |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 2089 | TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, 0 ) == 0 ); |
| 2090 | TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, 0 ) == 0 ); |
| 2091 | |
Piotr Nowicki | fb437d7 | 2020-01-13 16:59:12 +0100 | [diff] [blame] | 2092 | /* Make sure calling put several times in the row is safe */ |
| 2093 | |
| 2094 | TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, sizeof( input ) ) |
| 2095 | == sizeof( input ) ); |
| 2096 | TEST_ASSERT( mbedtls_test_buffer_get( &buf, output, 2 ) == 2 ); |
| 2097 | TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 1 ) == 1 ); |
| 2098 | TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 2 ) == 1 ); |
| 2099 | TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 2 ) == 0 ); |
| 2100 | |
| 2101 | |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 2102 | exit: |
| 2103 | |
| 2104 | mbedtls_test_buffer_free( &buf ); |
| 2105 | } |
| 2106 | /* END_CASE */ |
| 2107 | |
| 2108 | /* |
| 2109 | * Test if the implementation of `mbedtls_test_buffer` related functions is |
| 2110 | * correct and works as expected. |
| 2111 | * |
| 2112 | * That is |
| 2113 | * - If we try to put in \p put1 bytes then we can put in \p put1_ret bytes. |
| 2114 | * - Afterwards if we try to get \p get1 bytes then we can get \get1_ret bytes. |
| 2115 | * - Next, if we try to put in \p put1 bytes then we can put in \p put1_ret |
| 2116 | * bytes. |
| 2117 | * - Afterwards if we try to get \p get1 bytes then we can get \get1_ret bytes. |
| 2118 | * - All of the bytes we got match the bytes we put in in a FIFO manner. |
| 2119 | */ |
| 2120 | |
| 2121 | /* BEGIN_CASE */ |
| 2122 | void test_callback_buffer( int size, int put1, int put1_ret, |
| 2123 | int get1, int get1_ret, int put2, int put2_ret, |
| 2124 | int get2, int get2_ret ) |
| 2125 | { |
| 2126 | enum { ROUNDS = 2 }; |
| 2127 | size_t put[ROUNDS]; |
| 2128 | int put_ret[ROUNDS]; |
| 2129 | size_t get[ROUNDS]; |
| 2130 | int get_ret[ROUNDS]; |
| 2131 | mbedtls_test_buffer buf; |
| 2132 | unsigned char* input = NULL; |
| 2133 | size_t input_len; |
| 2134 | unsigned char* output = NULL; |
| 2135 | size_t output_len; |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2136 | size_t i, j, written, read; |
Janos Follath | 6264e66 | 2019-11-26 11:11:15 +0000 | [diff] [blame] | 2137 | |
| 2138 | mbedtls_test_buffer_init( &buf ); |
| 2139 | TEST_ASSERT( mbedtls_test_buffer_setup( &buf, size ) == 0 ); |
| 2140 | |
| 2141 | /* Check the sanity of input parameters and initialise local variables. That |
| 2142 | * is, ensure that the amount of data is not negative and that we are not |
| 2143 | * expecting more to put or get than we actually asked for. */ |
| 2144 | TEST_ASSERT( put1 >= 0 ); |
| 2145 | put[0] = put1; |
| 2146 | put_ret[0] = put1_ret; |
| 2147 | TEST_ASSERT( put1_ret <= put1 ); |
| 2148 | TEST_ASSERT( put2 >= 0 ); |
| 2149 | put[1] = put2; |
| 2150 | put_ret[1] = put2_ret; |
| 2151 | TEST_ASSERT( put2_ret <= put2 ); |
| 2152 | |
| 2153 | TEST_ASSERT( get1 >= 0 ); |
| 2154 | get[0] = get1; |
| 2155 | get_ret[0] = get1_ret; |
| 2156 | TEST_ASSERT( get1_ret <= get1 ); |
| 2157 | TEST_ASSERT( get2 >= 0 ); |
| 2158 | get[1] = get2; |
| 2159 | get_ret[1] = get2_ret; |
| 2160 | TEST_ASSERT( get2_ret <= get2 ); |
| 2161 | |
| 2162 | input_len = 0; |
| 2163 | /* Calculate actual input and output lengths */ |
| 2164 | for( j = 0; j < ROUNDS; j++ ) |
| 2165 | { |
| 2166 | if( put_ret[j] > 0 ) |
| 2167 | { |
| 2168 | input_len += put_ret[j]; |
| 2169 | } |
| 2170 | } |
| 2171 | /* In order to always have a valid pointer we always allocate at least 1 |
| 2172 | * byte. */ |
| 2173 | if( input_len == 0 ) |
| 2174 | input_len = 1; |
| 2175 | ASSERT_ALLOC( input, input_len ); |
| 2176 | |
| 2177 | output_len = 0; |
| 2178 | for( j = 0; j < ROUNDS; j++ ) |
| 2179 | { |
| 2180 | if( get_ret[j] > 0 ) |
| 2181 | { |
| 2182 | output_len += get_ret[j]; |
| 2183 | } |
| 2184 | } |
| 2185 | TEST_ASSERT( output_len <= input_len ); |
| 2186 | /* In order to always have a valid pointer we always allocate at least 1 |
| 2187 | * byte. */ |
| 2188 | if( output_len == 0 ) |
| 2189 | output_len = 1; |
| 2190 | ASSERT_ALLOC( output, output_len ); |
| 2191 | |
| 2192 | /* Fill up the buffer with structured data so that unwanted changes |
| 2193 | * can be detected */ |
| 2194 | for( i = 0; i < input_len; i++ ) |
| 2195 | { |
| 2196 | input[i] = i & 0xFF; |
| 2197 | } |
| 2198 | |
| 2199 | written = read = 0; |
| 2200 | for( j = 0; j < ROUNDS; j++ ) |
| 2201 | { |
| 2202 | TEST_ASSERT( put_ret[j] == mbedtls_test_buffer_put( &buf, |
| 2203 | input + written, put[j] ) ); |
| 2204 | written += put_ret[j]; |
| 2205 | TEST_ASSERT( get_ret[j] == mbedtls_test_buffer_get( &buf, |
| 2206 | output + read, get[j] ) ); |
| 2207 | read += get_ret[j]; |
| 2208 | TEST_ASSERT( read <= written ); |
| 2209 | if( get_ret[j] > 0 ) |
| 2210 | { |
| 2211 | TEST_ASSERT( memcmp( output + read - get_ret[j], |
| 2212 | input + read - get_ret[j], get_ret[j] ) |
| 2213 | == 0 ); |
| 2214 | } |
| 2215 | } |
| 2216 | |
| 2217 | exit: |
| 2218 | |
| 2219 | mbedtls_free( input ); |
| 2220 | mbedtls_free( output ); |
| 2221 | mbedtls_test_buffer_free( &buf ); |
| 2222 | } |
| 2223 | /* END_CASE */ |
| 2224 | |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2225 | /* |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2226 | * Test if the implementation of `mbedtls_mock_socket` related I/O functions is |
| 2227 | * correct and works as expected on unconnected sockets. |
| 2228 | */ |
| 2229 | |
| 2230 | /* BEGIN_CASE */ |
| 2231 | void ssl_mock_sanity( ) |
| 2232 | { |
| 2233 | enum { MSGLEN = 105 }; |
| 2234 | unsigned char message[MSGLEN]; |
| 2235 | unsigned char received[MSGLEN]; |
| 2236 | mbedtls_mock_socket socket; |
| 2237 | |
| 2238 | mbedtls_mock_socket_init( &socket ); |
| 2239 | TEST_ASSERT( mbedtls_mock_tcp_send_b( &socket, message, MSGLEN ) < 0 ); |
| 2240 | mbedtls_mock_socket_close( &socket ); |
| 2241 | mbedtls_mock_socket_init( &socket ); |
| 2242 | TEST_ASSERT( mbedtls_mock_tcp_recv_b( &socket, received, MSGLEN ) < 0 ); |
| 2243 | mbedtls_mock_socket_close( &socket ); |
| 2244 | |
| 2245 | mbedtls_mock_socket_init( &socket ); |
| 2246 | TEST_ASSERT( mbedtls_mock_tcp_send_nb( &socket, message, MSGLEN ) < 0 ); |
| 2247 | mbedtls_mock_socket_close( &socket ); |
| 2248 | mbedtls_mock_socket_init( &socket ); |
| 2249 | TEST_ASSERT( mbedtls_mock_tcp_recv_nb( &socket, received, MSGLEN ) < 0 ); |
| 2250 | mbedtls_mock_socket_close( &socket ); |
| 2251 | |
| 2252 | exit: |
| 2253 | |
| 2254 | mbedtls_mock_socket_close( &socket ); |
| 2255 | } |
| 2256 | /* END_CASE */ |
| 2257 | |
| 2258 | /* |
| 2259 | * Test if the implementation of `mbedtls_mock_socket` related functions can |
| 2260 | * send a single message from the client to the server. |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2261 | */ |
| 2262 | |
| 2263 | /* BEGIN_CASE */ |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2264 | void ssl_mock_tcp( int blocking ) |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2265 | { |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2266 | enum { MSGLEN = 105 }; |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2267 | enum { BUFLEN = MSGLEN / 5 }; |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2268 | unsigned char message[MSGLEN]; |
| 2269 | unsigned char received[MSGLEN]; |
| 2270 | mbedtls_mock_socket client; |
| 2271 | mbedtls_mock_socket server; |
| 2272 | size_t written, read; |
| 2273 | int send_ret, recv_ret; |
| 2274 | mbedtls_ssl_send_t *send; |
| 2275 | mbedtls_ssl_recv_t *recv; |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2276 | unsigned i; |
| 2277 | |
| 2278 | if( blocking == 0 ) |
| 2279 | { |
| 2280 | send = mbedtls_mock_tcp_send_nb; |
| 2281 | recv = mbedtls_mock_tcp_recv_nb; |
| 2282 | } |
| 2283 | else |
| 2284 | { |
| 2285 | send = mbedtls_mock_tcp_send_b; |
| 2286 | recv = mbedtls_mock_tcp_recv_b; |
| 2287 | } |
| 2288 | |
| 2289 | mbedtls_mock_socket_init( &client ); |
| 2290 | mbedtls_mock_socket_init( &server ); |
| 2291 | |
| 2292 | /* Fill up the buffer with structured data so that unwanted changes |
| 2293 | * can be detected */ |
| 2294 | for( i = 0; i < MSGLEN; i++ ) |
| 2295 | { |
| 2296 | message[i] = i & 0xFF; |
| 2297 | } |
| 2298 | |
| 2299 | /* Make sure that sending a message takes a few iterations. */ |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2300 | TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, BUFLEN ) ); |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2301 | |
| 2302 | /* Send the message to the server */ |
| 2303 | send_ret = recv_ret = 1; |
| 2304 | written = read = 0; |
| 2305 | while( send_ret != 0 || recv_ret != 0 ) |
| 2306 | { |
| 2307 | send_ret = send( &client, message + written, MSGLEN - written ); |
| 2308 | |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2309 | TEST_ASSERT( send_ret >= 0 ); |
| 2310 | TEST_ASSERT( send_ret <= BUFLEN ); |
| 2311 | written += send_ret; |
| 2312 | |
| 2313 | /* If the buffer is full we can test blocking and non-blocking send */ |
| 2314 | if ( send_ret == BUFLEN ) |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2315 | { |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2316 | int blocking_ret = send( &client, message , 1 ); |
| 2317 | if ( blocking ) |
| 2318 | { |
| 2319 | TEST_ASSERT( blocking_ret == 0 ); |
| 2320 | } |
| 2321 | else |
| 2322 | { |
| 2323 | TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE ); |
| 2324 | } |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2325 | } |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2326 | |
| 2327 | recv_ret = recv( &server, received + read, MSGLEN - read ); |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2328 | |
| 2329 | /* The result depends on whether any data was sent */ |
| 2330 | if ( send_ret > 0 ) |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2331 | { |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2332 | TEST_ASSERT( recv_ret > 0 ); |
| 2333 | TEST_ASSERT( recv_ret <= BUFLEN ); |
| 2334 | read += recv_ret; |
| 2335 | } |
| 2336 | else if( blocking ) |
| 2337 | { |
| 2338 | TEST_ASSERT( recv_ret == 0 ); |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2339 | } |
| 2340 | else |
| 2341 | { |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2342 | TEST_ASSERT( recv_ret == MBEDTLS_ERR_SSL_WANT_READ ); |
| 2343 | recv_ret = 0; |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2344 | } |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2345 | |
| 2346 | /* If the buffer is empty we can test blocking and non-blocking read */ |
| 2347 | if ( recv_ret == BUFLEN ) |
| 2348 | { |
| 2349 | int blocking_ret = recv( &server, received, 1 ); |
| 2350 | if ( blocking ) |
| 2351 | { |
| 2352 | TEST_ASSERT( blocking_ret == 0 ); |
| 2353 | } |
| 2354 | else |
| 2355 | { |
| 2356 | TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_READ ); |
| 2357 | } |
| 2358 | } |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2359 | } |
| 2360 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 2361 | |
| 2362 | exit: |
| 2363 | |
| 2364 | mbedtls_mock_socket_close( &client ); |
| 2365 | mbedtls_mock_socket_close( &server ); |
| 2366 | } |
| 2367 | /* END_CASE */ |
| 2368 | |
| 2369 | /* |
| 2370 | * Test if the implementation of `mbedtls_mock_socket` related functions can |
| 2371 | * send messages in both direction at the same time (with the I/O calls |
| 2372 | * interleaving). |
| 2373 | */ |
| 2374 | |
| 2375 | /* BEGIN_CASE */ |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2376 | void ssl_mock_tcp_interleaving( int blocking ) |
Janos Follath | c673c2c | 2019-12-02 15:47:26 +0000 | [diff] [blame] | 2377 | { |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2378 | enum { ROUNDS = 2 }; |
| 2379 | enum { MSGLEN = 105 }; |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2380 | enum { BUFLEN = MSGLEN / 5 }; |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2381 | unsigned char message[ROUNDS][MSGLEN]; |
| 2382 | unsigned char received[ROUNDS][MSGLEN]; |
| 2383 | mbedtls_mock_socket client; |
| 2384 | mbedtls_mock_socket server; |
| 2385 | size_t written[ROUNDS]; |
| 2386 | size_t read[ROUNDS]; |
| 2387 | int send_ret[ROUNDS]; |
| 2388 | int recv_ret[ROUNDS]; |
| 2389 | unsigned i, j, progress; |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 2390 | mbedtls_ssl_send_t *send; |
| 2391 | mbedtls_ssl_recv_t *recv; |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 2392 | |
| 2393 | if( blocking == 0 ) |
| 2394 | { |
| 2395 | send = mbedtls_mock_tcp_send_nb; |
| 2396 | recv = mbedtls_mock_tcp_recv_nb; |
| 2397 | } |
| 2398 | else |
| 2399 | { |
| 2400 | send = mbedtls_mock_tcp_send_b; |
| 2401 | recv = mbedtls_mock_tcp_recv_b; |
| 2402 | } |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2403 | |
| 2404 | mbedtls_mock_socket_init( &client ); |
| 2405 | mbedtls_mock_socket_init( &server ); |
| 2406 | |
| 2407 | /* Fill up the buffers with structured data so that unwanted changes |
| 2408 | * can be detected */ |
| 2409 | for( i = 0; i < ROUNDS; i++ ) |
| 2410 | { |
| 2411 | for( j = 0; j < MSGLEN; j++ ) |
| 2412 | { |
| 2413 | message[i][j] = ( i * MSGLEN + j ) & 0xFF; |
| 2414 | } |
| 2415 | } |
| 2416 | |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2417 | /* Make sure that sending a message takes a few iterations. */ |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2418 | TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, BUFLEN ) ); |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2419 | |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2420 | /* Send the message from both sides, interleaving. */ |
| 2421 | progress = 1; |
| 2422 | for( i = 0; i < ROUNDS; i++ ) |
| 2423 | { |
| 2424 | written[i] = 0; |
| 2425 | read[i] = 0; |
| 2426 | } |
| 2427 | /* This loop does not stop as long as there was a successful write or read |
| 2428 | * of at least one byte on either side. */ |
| 2429 | while( progress != 0 ) |
| 2430 | { |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2431 | mbedtls_mock_socket *socket; |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2432 | |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2433 | for( i = 0; i < ROUNDS; i++ ) |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 2434 | { |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2435 | /* First sending is from the client */ |
| 2436 | socket = ( i % 2 == 0 ) ? ( &client ) : ( &server ); |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2437 | |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2438 | send_ret[i] = send( socket, message[i] + written[i], |
| 2439 | MSGLEN - written[i] ); |
| 2440 | TEST_ASSERT( send_ret[i] >= 0 ); |
| 2441 | TEST_ASSERT( send_ret[i] <= BUFLEN ); |
| 2442 | written[i] += send_ret[i]; |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2443 | |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2444 | /* If the buffer is full we can test blocking and non-blocking |
| 2445 | * send */ |
| 2446 | if ( send_ret[i] == BUFLEN ) |
| 2447 | { |
| 2448 | int blocking_ret = send( socket, message[i] , 1 ); |
| 2449 | if ( blocking ) |
| 2450 | { |
| 2451 | TEST_ASSERT( blocking_ret == 0 ); |
| 2452 | } |
| 2453 | else |
| 2454 | { |
| 2455 | TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE ); |
| 2456 | } |
| 2457 | } |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 2458 | } |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2459 | |
| 2460 | for( i = 0; i < ROUNDS; i++ ) |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 2461 | { |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2462 | /* First receiving is from the server */ |
| 2463 | socket = ( i % 2 == 0 ) ? ( &server ) : ( &client ); |
| 2464 | |
| 2465 | recv_ret[i] = recv( socket, received[i] + read[i], |
| 2466 | MSGLEN - read[i] ); |
| 2467 | |
| 2468 | /* The result depends on whether any data was sent */ |
| 2469 | if ( send_ret[i] > 0 ) |
| 2470 | { |
| 2471 | TEST_ASSERT( recv_ret[i] > 0 ); |
| 2472 | TEST_ASSERT( recv_ret[i] <= BUFLEN ); |
| 2473 | read[i] += recv_ret[i]; |
| 2474 | } |
| 2475 | else if( blocking ) |
| 2476 | { |
| 2477 | TEST_ASSERT( recv_ret[i] == 0 ); |
| 2478 | } |
| 2479 | else |
| 2480 | { |
| 2481 | TEST_ASSERT( recv_ret[i] == MBEDTLS_ERR_SSL_WANT_READ ); |
| 2482 | recv_ret[i] = 0; |
| 2483 | } |
| 2484 | |
| 2485 | /* If the buffer is empty we can test blocking and non-blocking |
| 2486 | * read */ |
| 2487 | if ( recv_ret[i] == BUFLEN ) |
| 2488 | { |
| 2489 | int blocking_ret = recv( socket, received[i], 1 ); |
| 2490 | if ( blocking ) |
| 2491 | { |
| 2492 | TEST_ASSERT( blocking_ret == 0 ); |
| 2493 | } |
| 2494 | else |
| 2495 | { |
| 2496 | TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_READ ); |
| 2497 | } |
| 2498 | } |
Janos Follath | 3766ba5 | 2019-11-27 13:31:42 +0000 | [diff] [blame] | 2499 | } |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2500 | |
| 2501 | progress = 0; |
| 2502 | for( i = 0; i < ROUNDS; i++ ) |
| 2503 | { |
Piotr Nowicki | 890b5ca | 2020-01-15 16:19:07 +0100 | [diff] [blame] | 2504 | progress += send_ret[i] + recv_ret[i]; |
Janos Follath | 031827f | 2019-11-27 11:12:14 +0000 | [diff] [blame] | 2505 | } |
| 2506 | } |
| 2507 | |
| 2508 | for( i = 0; i < ROUNDS; i++ ) |
| 2509 | TEST_ASSERT( memcmp( message[i], received[i], MSGLEN ) == 0 ); |
| 2510 | |
| 2511 | exit: |
| 2512 | |
| 2513 | mbedtls_mock_socket_close( &client ); |
| 2514 | mbedtls_mock_socket_close( &server ); |
| 2515 | } |
| 2516 | /* END_CASE */ |
| 2517 | |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 2518 | /* BEGIN_CASE */ |
| 2519 | void ssl_message_queue_sanity( ) |
| 2520 | { |
| 2521 | mbedtls_test_message_queue queue; |
| 2522 | |
| 2523 | /* Trying to push/pull to an empty queue */ |
| 2524 | TEST_ASSERT( mbedtls_test_message_queue_push_info( NULL, 1 ) |
| 2525 | == MBEDTLS_TEST_ERROR_ARG_NULL ); |
| 2526 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( NULL, 1 ) |
| 2527 | == MBEDTLS_TEST_ERROR_ARG_NULL ); |
| 2528 | |
Andrzej Kurek | 89bdc58 | 2020-03-09 06:29:43 -0400 | [diff] [blame] | 2529 | TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 2530 | TEST_ASSERT( queue.capacity == 3 ); |
| 2531 | TEST_ASSERT( queue.num == 0 ); |
| 2532 | |
| 2533 | exit: |
| 2534 | mbedtls_test_message_queue_free( &queue ); |
| 2535 | } |
| 2536 | /* END_CASE */ |
| 2537 | |
| 2538 | /* BEGIN_CASE */ |
| 2539 | void ssl_message_queue_basic( ) |
| 2540 | { |
| 2541 | mbedtls_test_message_queue queue; |
| 2542 | |
Andrzej Kurek | 89bdc58 | 2020-03-09 06:29:43 -0400 | [diff] [blame] | 2543 | TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 2544 | |
| 2545 | /* Sanity test - 3 pushes and 3 pops with sufficient space */ |
| 2546 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); |
| 2547 | TEST_ASSERT( queue.capacity == 3 ); |
| 2548 | TEST_ASSERT( queue.num == 1 ); |
| 2549 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); |
| 2550 | TEST_ASSERT( queue.capacity == 3 ); |
| 2551 | TEST_ASSERT( queue.num == 2 ); |
| 2552 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 ); |
| 2553 | TEST_ASSERT( queue.capacity == 3 ); |
| 2554 | TEST_ASSERT( queue.num == 3 ); |
| 2555 | |
| 2556 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); |
| 2557 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); |
| 2558 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 ); |
| 2559 | |
| 2560 | exit: |
| 2561 | mbedtls_test_message_queue_free( &queue ); |
| 2562 | } |
| 2563 | /* END_CASE */ |
| 2564 | |
| 2565 | /* BEGIN_CASE */ |
| 2566 | void ssl_message_queue_overflow_underflow( ) |
| 2567 | { |
| 2568 | mbedtls_test_message_queue queue; |
| 2569 | |
Andrzej Kurek | 89bdc58 | 2020-03-09 06:29:43 -0400 | [diff] [blame] | 2570 | TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 2571 | |
| 2572 | /* 4 pushes (last one with an error), 4 pops (last one with an error) */ |
| 2573 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); |
| 2574 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); |
| 2575 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 ); |
| 2576 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 3 ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 2577 | == MBEDTLS_ERR_SSL_WANT_WRITE ); |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 2578 | |
| 2579 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); |
| 2580 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); |
| 2581 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 ); |
| 2582 | |
| 2583 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 2584 | == MBEDTLS_ERR_SSL_WANT_READ ); |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 2585 | |
| 2586 | exit: |
| 2587 | mbedtls_test_message_queue_free( &queue ); |
| 2588 | } |
| 2589 | /* END_CASE */ |
| 2590 | |
| 2591 | /* BEGIN_CASE */ |
| 2592 | void ssl_message_queue_interleaved( ) |
| 2593 | { |
| 2594 | mbedtls_test_message_queue queue; |
| 2595 | |
Andrzej Kurek | 89bdc58 | 2020-03-09 06:29:43 -0400 | [diff] [blame] | 2596 | TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 2597 | |
| 2598 | /* Interleaved test - [2 pushes, 1 pop] twice, and then two pops |
| 2599 | * (to wrap around the buffer) */ |
| 2600 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); |
| 2601 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); |
| 2602 | |
| 2603 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); |
| 2604 | |
| 2605 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 ); |
| 2606 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 3 ) == 3 ); |
| 2607 | |
| 2608 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); |
| 2609 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 ); |
| 2610 | |
| 2611 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 5 ) == 5 ); |
| 2612 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 8 ) == 8 ); |
| 2613 | |
| 2614 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 3 ) == 3 ); |
| 2615 | |
| 2616 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 5 ) == 5 ); |
| 2617 | |
| 2618 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 8 ) == 8 ); |
| 2619 | |
| 2620 | exit: |
| 2621 | mbedtls_test_message_queue_free( &queue ); |
| 2622 | } |
| 2623 | /* END_CASE */ |
| 2624 | |
| 2625 | /* BEGIN_CASE */ |
| 2626 | void ssl_message_queue_insufficient_buffer( ) |
| 2627 | { |
| 2628 | mbedtls_test_message_queue queue; |
| 2629 | size_t message_len = 10; |
| 2630 | size_t buffer_len = 5; |
| 2631 | |
Andrzej Kurek | 89bdc58 | 2020-03-09 06:29:43 -0400 | [diff] [blame] | 2632 | TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 1 ) == 0 ); |
Andrzej Kurek | 13719cd | 2020-01-22 06:36:39 -0500 | [diff] [blame] | 2633 | |
| 2634 | /* Popping without a sufficient buffer */ |
| 2635 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, message_len ) |
| 2636 | == (int) message_len ); |
| 2637 | TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, buffer_len ) |
| 2638 | == (int) buffer_len ); |
| 2639 | exit: |
| 2640 | mbedtls_test_message_queue_free( &queue ); |
| 2641 | } |
| 2642 | /* END_CASE */ |
| 2643 | |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2644 | /* BEGIN_CASE */ |
| 2645 | void ssl_message_mock_uninitialized( ) |
| 2646 | { |
| 2647 | enum { MSGLEN = 10 }; |
| 2648 | unsigned char message[MSGLEN], received[MSGLEN]; |
| 2649 | mbedtls_mock_socket client, server; |
| 2650 | mbedtls_test_message_queue server_queue, client_queue; |
| 2651 | mbedtls_test_message_socket_context server_context, client_context; |
Andrzej Kurek | 45916ba | 2020-03-05 14:46:22 -0500 | [diff] [blame] | 2652 | mbedtls_message_socket_init( &server_context ); |
| 2653 | mbedtls_message_socket_init( &client_context ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2654 | |
| 2655 | /* Send with a NULL context */ |
| 2656 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( NULL, message, MSGLEN ) |
| 2657 | == MBEDTLS_TEST_ERROR_CONTEXT_ERROR ); |
| 2658 | |
| 2659 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( NULL, message, MSGLEN ) |
| 2660 | == MBEDTLS_TEST_ERROR_CONTEXT_ERROR ); |
| 2661 | |
| 2662 | TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1, |
| 2663 | &server, |
| 2664 | &server_context ) == 0 ); |
| 2665 | |
| 2666 | TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1, |
| 2667 | &client, |
| 2668 | &client_context ) == 0 ); |
| 2669 | |
| 2670 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, MSGLEN ) |
| 2671 | == MBEDTLS_TEST_ERROR_SEND_FAILED ); |
| 2672 | |
| 2673 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 2674 | == MBEDTLS_ERR_SSL_WANT_READ ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2675 | |
| 2676 | /* Push directly to a queue to later simulate a disconnected behavior */ |
| 2677 | TEST_ASSERT( mbedtls_test_message_queue_push_info( &server_queue, MSGLEN ) |
| 2678 | == MSGLEN ); |
| 2679 | |
| 2680 | /* Test if there's an error when trying to read from a disconnected |
| 2681 | * socket */ |
| 2682 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) |
| 2683 | == MBEDTLS_TEST_ERROR_RECV_FAILED ); |
| 2684 | exit: |
| 2685 | mbedtls_message_socket_close( &server_context ); |
| 2686 | mbedtls_message_socket_close( &client_context ); |
| 2687 | } |
| 2688 | /* END_CASE */ |
| 2689 | |
| 2690 | /* BEGIN_CASE */ |
| 2691 | void ssl_message_mock_basic( ) |
| 2692 | { |
| 2693 | enum { MSGLEN = 10 }; |
| 2694 | unsigned char message[MSGLEN], received[MSGLEN]; |
| 2695 | mbedtls_mock_socket client, server; |
| 2696 | unsigned i; |
| 2697 | mbedtls_test_message_queue server_queue, client_queue; |
| 2698 | mbedtls_test_message_socket_context server_context, client_context; |
Andrzej Kurek | 45916ba | 2020-03-05 14:46:22 -0500 | [diff] [blame] | 2699 | mbedtls_message_socket_init( &server_context ); |
| 2700 | mbedtls_message_socket_init( &client_context ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2701 | |
| 2702 | TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1, |
| 2703 | &server, |
| 2704 | &server_context ) == 0 ); |
| 2705 | |
| 2706 | TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1, |
| 2707 | &client, |
| 2708 | &client_context ) == 0 ); |
| 2709 | |
| 2710 | /* Fill up the buffer with structured data so that unwanted changes |
| 2711 | * can be detected */ |
| 2712 | for( i = 0; i < MSGLEN; i++ ) |
| 2713 | { |
| 2714 | message[i] = i & 0xFF; |
| 2715 | } |
| 2716 | TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, |
| 2717 | MSGLEN ) ); |
| 2718 | |
| 2719 | /* Send the message to the server */ |
| 2720 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 2721 | MSGLEN ) == MSGLEN ); |
| 2722 | |
| 2723 | /* Read from the server */ |
| 2724 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) |
| 2725 | == MSGLEN ); |
| 2726 | |
| 2727 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 2728 | memset( received, 0, MSGLEN ); |
| 2729 | |
| 2730 | /* Send the message to the client */ |
| 2731 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message, |
| 2732 | MSGLEN ) == MSGLEN ); |
| 2733 | |
| 2734 | /* Read from the client */ |
| 2735 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, MSGLEN ) |
| 2736 | == MSGLEN ); |
| 2737 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 2738 | |
| 2739 | exit: |
| 2740 | mbedtls_message_socket_close( &server_context ); |
| 2741 | mbedtls_message_socket_close( &client_context ); |
| 2742 | } |
| 2743 | /* END_CASE */ |
| 2744 | |
| 2745 | /* BEGIN_CASE */ |
| 2746 | void ssl_message_mock_queue_overflow_underflow( ) |
| 2747 | { |
| 2748 | enum { MSGLEN = 10 }; |
| 2749 | unsigned char message[MSGLEN], received[MSGLEN]; |
| 2750 | mbedtls_mock_socket client, server; |
| 2751 | unsigned i; |
| 2752 | mbedtls_test_message_queue server_queue, client_queue; |
| 2753 | mbedtls_test_message_socket_context server_context, client_context; |
Andrzej Kurek | 45916ba | 2020-03-05 14:46:22 -0500 | [diff] [blame] | 2754 | mbedtls_message_socket_init( &server_context ); |
| 2755 | mbedtls_message_socket_init( &client_context ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2756 | |
| 2757 | TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2, |
| 2758 | &server, |
| 2759 | &server_context ) == 0 ); |
| 2760 | |
| 2761 | TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2, |
| 2762 | &client, |
| 2763 | &client_context ) == 0 ); |
| 2764 | |
| 2765 | /* Fill up the buffer with structured data so that unwanted changes |
| 2766 | * can be detected */ |
| 2767 | for( i = 0; i < MSGLEN; i++ ) |
| 2768 | { |
| 2769 | message[i] = i & 0xFF; |
| 2770 | } |
| 2771 | TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, |
| 2772 | MSGLEN*2 ) ); |
| 2773 | |
| 2774 | /* Send three message to the server, last one with an error */ |
| 2775 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 2776 | MSGLEN - 1 ) == MSGLEN - 1 ); |
| 2777 | |
| 2778 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 2779 | MSGLEN ) == MSGLEN ); |
| 2780 | |
| 2781 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 2782 | MSGLEN ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 2783 | == MBEDTLS_ERR_SSL_WANT_WRITE ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2784 | |
| 2785 | /* Read three messages from the server, last one with an error */ |
| 2786 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, |
| 2787 | MSGLEN - 1 ) == MSGLEN - 1 ); |
| 2788 | |
| 2789 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) |
| 2790 | == MSGLEN ); |
| 2791 | |
| 2792 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 2793 | |
| 2794 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 2795 | == MBEDTLS_ERR_SSL_WANT_READ ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2796 | |
| 2797 | exit: |
| 2798 | mbedtls_message_socket_close( &server_context ); |
| 2799 | mbedtls_message_socket_close( &client_context ); |
| 2800 | } |
| 2801 | /* END_CASE */ |
| 2802 | |
| 2803 | /* BEGIN_CASE */ |
| 2804 | void ssl_message_mock_socket_overflow( ) |
| 2805 | { |
| 2806 | enum { MSGLEN = 10 }; |
| 2807 | unsigned char message[MSGLEN], received[MSGLEN]; |
| 2808 | mbedtls_mock_socket client, server; |
| 2809 | unsigned i; |
| 2810 | mbedtls_test_message_queue server_queue, client_queue; |
| 2811 | mbedtls_test_message_socket_context server_context, client_context; |
Andrzej Kurek | 45916ba | 2020-03-05 14:46:22 -0500 | [diff] [blame] | 2812 | mbedtls_message_socket_init( &server_context ); |
| 2813 | mbedtls_message_socket_init( &client_context ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2814 | |
| 2815 | TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2, |
| 2816 | &server, |
| 2817 | &server_context ) == 0 ); |
| 2818 | |
| 2819 | TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2, |
| 2820 | &client, |
| 2821 | &client_context ) == 0 ); |
| 2822 | |
| 2823 | /* Fill up the buffer with structured data so that unwanted changes |
| 2824 | * can be detected */ |
| 2825 | for( i = 0; i < MSGLEN; i++ ) |
| 2826 | { |
| 2827 | message[i] = i & 0xFF; |
| 2828 | } |
| 2829 | TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, |
| 2830 | MSGLEN ) ); |
| 2831 | |
| 2832 | /* Send two message to the server, second one with an error */ |
| 2833 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 2834 | MSGLEN ) == MSGLEN ); |
| 2835 | |
| 2836 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 2837 | MSGLEN ) |
| 2838 | == MBEDTLS_TEST_ERROR_SEND_FAILED ); |
| 2839 | |
| 2840 | /* Read the only message from the server */ |
| 2841 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) |
| 2842 | == MSGLEN ); |
| 2843 | |
| 2844 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 2845 | |
| 2846 | exit: |
| 2847 | mbedtls_message_socket_close( &server_context ); |
| 2848 | mbedtls_message_socket_close( &client_context ); |
| 2849 | } |
| 2850 | /* END_CASE */ |
| 2851 | |
| 2852 | /* BEGIN_CASE */ |
| 2853 | void ssl_message_mock_truncated( ) |
| 2854 | { |
| 2855 | enum { MSGLEN = 10 }; |
| 2856 | unsigned char message[MSGLEN], received[MSGLEN]; |
| 2857 | mbedtls_mock_socket client, server; |
| 2858 | unsigned i; |
| 2859 | mbedtls_test_message_queue server_queue, client_queue; |
| 2860 | mbedtls_test_message_socket_context server_context, client_context; |
Andrzej Kurek | 45916ba | 2020-03-05 14:46:22 -0500 | [diff] [blame] | 2861 | mbedtls_message_socket_init( &server_context ); |
| 2862 | mbedtls_message_socket_init( &client_context ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2863 | |
| 2864 | TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2, |
| 2865 | &server, |
| 2866 | &server_context ) == 0 ); |
| 2867 | |
| 2868 | TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2, |
| 2869 | &client, |
| 2870 | &client_context ) == 0 ); |
| 2871 | |
| 2872 | memset( received, 0, MSGLEN ); |
| 2873 | /* Fill up the buffer with structured data so that unwanted changes |
| 2874 | * can be detected */ |
| 2875 | for( i = 0; i < MSGLEN; i++ ) |
| 2876 | { |
| 2877 | message[i] = i & 0xFF; |
| 2878 | } |
| 2879 | TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, |
| 2880 | 2 * MSGLEN ) ); |
| 2881 | |
| 2882 | /* Send two messages to the server, the second one small enough to fit in the |
| 2883 | * receiver's buffer. */ |
| 2884 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 2885 | MSGLEN ) == MSGLEN ); |
| 2886 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 2887 | MSGLEN / 2 ) == MSGLEN / 2 ); |
| 2888 | /* Read a truncated message from the server */ |
| 2889 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN/2 ) |
| 2890 | == MSGLEN/2 ); |
| 2891 | |
| 2892 | /* Test that the first half of the message is valid, and second one isn't */ |
| 2893 | TEST_ASSERT( memcmp( message, received, MSGLEN/2 ) == 0 ); |
| 2894 | TEST_ASSERT( memcmp( message + MSGLEN/2, received + MSGLEN/2, MSGLEN/2 ) |
| 2895 | != 0 ); |
| 2896 | memset( received, 0, MSGLEN ); |
| 2897 | |
| 2898 | /* Read a full message from the server */ |
| 2899 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN/2 ) |
| 2900 | == MSGLEN / 2 ); |
| 2901 | |
| 2902 | /* Test that the first half of the message is valid */ |
| 2903 | TEST_ASSERT( memcmp( message, received, MSGLEN/2 ) == 0 ); |
| 2904 | |
| 2905 | exit: |
| 2906 | mbedtls_message_socket_close( &server_context ); |
| 2907 | mbedtls_message_socket_close( &client_context ); |
| 2908 | } |
| 2909 | /* END_CASE */ |
| 2910 | |
| 2911 | /* BEGIN_CASE */ |
| 2912 | void ssl_message_mock_socket_read_error( ) |
| 2913 | { |
| 2914 | enum { MSGLEN = 10 }; |
| 2915 | unsigned char message[MSGLEN], received[MSGLEN]; |
| 2916 | mbedtls_mock_socket client, server; |
| 2917 | unsigned i; |
| 2918 | mbedtls_test_message_queue server_queue, client_queue; |
| 2919 | mbedtls_test_message_socket_context server_context, client_context; |
Andrzej Kurek | 45916ba | 2020-03-05 14:46:22 -0500 | [diff] [blame] | 2920 | mbedtls_message_socket_init( &server_context ); |
| 2921 | mbedtls_message_socket_init( &client_context ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2922 | |
| 2923 | TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1, |
| 2924 | &server, |
| 2925 | &server_context ) == 0 ); |
| 2926 | |
| 2927 | TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1, |
| 2928 | &client, |
| 2929 | &client_context ) == 0 ); |
| 2930 | |
| 2931 | /* Fill up the buffer with structured data so that unwanted changes |
| 2932 | * can be detected */ |
| 2933 | for( i = 0; i < MSGLEN; i++ ) |
| 2934 | { |
| 2935 | message[i] = i & 0xFF; |
| 2936 | } |
| 2937 | TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, |
| 2938 | MSGLEN ) ); |
| 2939 | |
| 2940 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 2941 | MSGLEN ) == MSGLEN ); |
| 2942 | |
| 2943 | /* Force a read error by disconnecting the socket by hand */ |
| 2944 | server.status = 0; |
| 2945 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) |
| 2946 | == MBEDTLS_TEST_ERROR_RECV_FAILED ); |
| 2947 | /* Return to a valid state */ |
| 2948 | server.status = MBEDTLS_MOCK_SOCKET_CONNECTED; |
| 2949 | |
| 2950 | memset( received, 0, sizeof( received ) ); |
| 2951 | |
| 2952 | /* Test that even though the server tried to read once disconnected, the |
| 2953 | * continuity is preserved */ |
| 2954 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) |
| 2955 | == MSGLEN ); |
| 2956 | |
| 2957 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 2958 | |
| 2959 | exit: |
| 2960 | mbedtls_message_socket_close( &server_context ); |
| 2961 | mbedtls_message_socket_close( &client_context ); |
| 2962 | } |
| 2963 | /* END_CASE */ |
| 2964 | |
| 2965 | /* BEGIN_CASE */ |
| 2966 | void ssl_message_mock_interleaved_one_way( ) |
| 2967 | { |
| 2968 | enum { MSGLEN = 10 }; |
| 2969 | unsigned char message[MSGLEN], received[MSGLEN]; |
| 2970 | mbedtls_mock_socket client, server; |
| 2971 | unsigned i; |
| 2972 | mbedtls_test_message_queue server_queue, client_queue; |
| 2973 | mbedtls_test_message_socket_context server_context, client_context; |
Andrzej Kurek | 45916ba | 2020-03-05 14:46:22 -0500 | [diff] [blame] | 2974 | mbedtls_message_socket_init( &server_context ); |
| 2975 | mbedtls_message_socket_init( &client_context ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 2976 | |
| 2977 | TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 3, |
| 2978 | &server, |
| 2979 | &server_context ) == 0 ); |
| 2980 | |
| 2981 | TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 3, |
| 2982 | &client, |
| 2983 | &client_context ) == 0 ); |
| 2984 | |
| 2985 | /* Fill up the buffer with structured data so that unwanted changes |
| 2986 | * can be detected */ |
| 2987 | for( i = 0; i < MSGLEN; i++ ) |
| 2988 | { |
| 2989 | message[i] = i & 0xFF; |
| 2990 | } |
| 2991 | TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, |
| 2992 | MSGLEN*3 ) ); |
| 2993 | |
| 2994 | /* Interleaved test - [2 sends, 1 read] twice, and then two reads |
| 2995 | * (to wrap around the buffer) */ |
| 2996 | for( i = 0; i < 2; i++ ) |
| 2997 | { |
| 2998 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 2999 | MSGLEN ) == MSGLEN ); |
| 3000 | |
| 3001 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 3002 | MSGLEN ) == MSGLEN ); |
| 3003 | |
| 3004 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, |
| 3005 | MSGLEN ) == MSGLEN ); |
| 3006 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 3007 | memset( received, 0, sizeof( received ) ); |
| 3008 | } |
| 3009 | |
| 3010 | for( i = 0; i < 2; i++ ) |
| 3011 | { |
| 3012 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, |
| 3013 | MSGLEN ) == MSGLEN ); |
| 3014 | |
| 3015 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 3016 | } |
| 3017 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 3018 | == MBEDTLS_ERR_SSL_WANT_READ ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 3019 | exit: |
| 3020 | mbedtls_message_socket_close( &server_context ); |
| 3021 | mbedtls_message_socket_close( &client_context ); |
| 3022 | } |
| 3023 | /* END_CASE */ |
| 3024 | |
| 3025 | /* BEGIN_CASE */ |
| 3026 | void ssl_message_mock_interleaved_two_ways( ) |
| 3027 | { |
| 3028 | enum { MSGLEN = 10 }; |
| 3029 | unsigned char message[MSGLEN], received[MSGLEN]; |
| 3030 | mbedtls_mock_socket client, server; |
| 3031 | unsigned i; |
| 3032 | mbedtls_test_message_queue server_queue, client_queue; |
| 3033 | mbedtls_test_message_socket_context server_context, client_context; |
Andrzej Kurek | 45916ba | 2020-03-05 14:46:22 -0500 | [diff] [blame] | 3034 | mbedtls_message_socket_init( &server_context ); |
| 3035 | mbedtls_message_socket_init( &client_context ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 3036 | |
| 3037 | TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 3, |
| 3038 | &server, |
| 3039 | &server_context ) == 0 ); |
| 3040 | |
| 3041 | TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 3, |
| 3042 | &client, |
| 3043 | &client_context ) == 0 ); |
| 3044 | |
| 3045 | /* Fill up the buffer with structured data so that unwanted changes |
| 3046 | * can be detected */ |
| 3047 | for( i = 0; i < MSGLEN; i++ ) |
| 3048 | { |
| 3049 | message[i] = i & 0xFF; |
| 3050 | } |
| 3051 | TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, |
| 3052 | MSGLEN*3 ) ); |
| 3053 | |
| 3054 | /* Interleaved test - [2 sends, 1 read] twice, both ways, and then two reads |
| 3055 | * (to wrap around the buffer) both ways. */ |
| 3056 | for( i = 0; i < 2; i++ ) |
| 3057 | { |
| 3058 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 3059 | MSGLEN ) == MSGLEN ); |
| 3060 | |
| 3061 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, |
| 3062 | MSGLEN ) == MSGLEN ); |
| 3063 | |
| 3064 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message, |
| 3065 | MSGLEN ) == MSGLEN ); |
| 3066 | |
| 3067 | TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message, |
| 3068 | MSGLEN ) == MSGLEN ); |
| 3069 | |
| 3070 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, |
| 3071 | MSGLEN ) == MSGLEN ); |
| 3072 | |
| 3073 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 3074 | |
| 3075 | memset( received, 0, sizeof( received ) ); |
| 3076 | |
| 3077 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, |
| 3078 | MSGLEN ) == MSGLEN ); |
| 3079 | |
| 3080 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 3081 | |
| 3082 | memset( received, 0, sizeof( received ) ); |
| 3083 | } |
| 3084 | |
| 3085 | for( i = 0; i < 2; i++ ) |
| 3086 | { |
| 3087 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, |
| 3088 | MSGLEN ) == MSGLEN ); |
| 3089 | |
| 3090 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 3091 | memset( received, 0, sizeof( received ) ); |
| 3092 | |
| 3093 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, |
| 3094 | MSGLEN ) == MSGLEN ); |
| 3095 | |
| 3096 | TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); |
| 3097 | memset( received, 0, sizeof( received ) ); |
| 3098 | } |
| 3099 | |
| 3100 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 3101 | == MBEDTLS_ERR_SSL_WANT_READ ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 3102 | |
| 3103 | TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, MSGLEN ) |
Andrzej Kurek | f46b912 | 2020-02-07 08:19:00 -0500 | [diff] [blame] | 3104 | == MBEDTLS_ERR_SSL_WANT_READ ); |
Andrzej Kurek | bc483de | 2020-01-22 03:40:00 -0500 | [diff] [blame] | 3105 | exit: |
| 3106 | mbedtls_message_socket_close( &server_context ); |
| 3107 | mbedtls_message_socket_close( &client_context ); |
| 3108 | } |
| 3109 | /* END_CASE */ |
| 3110 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 3111 | /* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */ |
Azim Khan | 5fcca46 | 2018-06-29 11:05:32 +0100 | [diff] [blame] | 3112 | void ssl_dtls_replay( data_t * prevs, data_t * new, int ret ) |
Manuel Pégourié-Gonnard | 4956fd7 | 2014-09-24 11:13:44 +0200 | [diff] [blame] | 3113 | { |
Azim Khan | d30ca13 | 2017-06-09 04:32:58 +0100 | [diff] [blame] | 3114 | uint32_t len = 0; |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 3115 | mbedtls_ssl_context ssl; |
Manuel Pégourié-Gonnard | def0bbe | 2015-05-04 14:56:36 +0200 | [diff] [blame] | 3116 | mbedtls_ssl_config conf; |
Manuel Pégourié-Gonnard | 4956fd7 | 2014-09-24 11:13:44 +0200 | [diff] [blame] | 3117 | |
Manuel Pégourié-Gonnard | 41d479e | 2015-04-29 00:48:22 +0200 | [diff] [blame] | 3118 | mbedtls_ssl_init( &ssl ); |
Manuel Pégourié-Gonnard | def0bbe | 2015-05-04 14:56:36 +0200 | [diff] [blame] | 3119 | mbedtls_ssl_config_init( &conf ); |
Manuel Pégourié-Gonnard | 41d479e | 2015-04-29 00:48:22 +0200 | [diff] [blame] | 3120 | |
Manuel Pégourié-Gonnard | 419d5ae | 2015-05-04 19:32:36 +0200 | [diff] [blame] | 3121 | TEST_ASSERT( mbedtls_ssl_config_defaults( &conf, |
| 3122 | MBEDTLS_SSL_IS_CLIENT, |
Manuel Pégourié-Gonnard | b31c5f6 | 2015-06-17 13:53:47 +0200 | [diff] [blame] | 3123 | MBEDTLS_SSL_TRANSPORT_DATAGRAM, |
| 3124 | MBEDTLS_SSL_PRESET_DEFAULT ) == 0 ); |
Manuel Pégourié-Gonnard | def0bbe | 2015-05-04 14:56:36 +0200 | [diff] [blame] | 3125 | TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); |
Manuel Pégourié-Gonnard | 4956fd7 | 2014-09-24 11:13:44 +0200 | [diff] [blame] | 3126 | |
| 3127 | /* Read previous record numbers */ |
Azim Khan | d30ca13 | 2017-06-09 04:32:58 +0100 | [diff] [blame] | 3128 | for( len = 0; len < prevs->len; len += 6 ) |
Manuel Pégourié-Gonnard | 4956fd7 | 2014-09-24 11:13:44 +0200 | [diff] [blame] | 3129 | { |
Azim Khan | d30ca13 | 2017-06-09 04:32:58 +0100 | [diff] [blame] | 3130 | memcpy( ssl.in_ctr + 2, prevs->x + len, 6 ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 3131 | mbedtls_ssl_dtls_replay_update( &ssl ); |
Manuel Pégourié-Gonnard | 4956fd7 | 2014-09-24 11:13:44 +0200 | [diff] [blame] | 3132 | } |
| 3133 | |
| 3134 | /* Check new number */ |
Azim Khan | d30ca13 | 2017-06-09 04:32:58 +0100 | [diff] [blame] | 3135 | memcpy( ssl.in_ctr + 2, new->x, 6 ); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 3136 | TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret ); |
Manuel Pégourié-Gonnard | 4956fd7 | 2014-09-24 11:13:44 +0200 | [diff] [blame] | 3137 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 3138 | mbedtls_ssl_free( &ssl ); |
Manuel Pégourié-Gonnard | def0bbe | 2015-05-04 14:56:36 +0200 | [diff] [blame] | 3139 | mbedtls_ssl_config_free( &conf ); |
Manuel Pégourié-Gonnard | 4956fd7 | 2014-09-24 11:13:44 +0200 | [diff] [blame] | 3140 | } |
| 3141 | /* END_CASE */ |
Hanno Becker | b25c0c7 | 2017-05-05 11:24:30 +0100 | [diff] [blame] | 3142 | |
| 3143 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ |
| 3144 | void ssl_set_hostname_twice( char *hostname0, char *hostname1 ) |
| 3145 | { |
| 3146 | mbedtls_ssl_context ssl; |
| 3147 | mbedtls_ssl_init( &ssl ); |
| 3148 | |
| 3149 | TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 ); |
| 3150 | TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 ); |
| 3151 | |
| 3152 | mbedtls_ssl_free( &ssl ); |
| 3153 | } |
Darryl Green | 11999bb | 2018-03-13 15:22:58 +0000 | [diff] [blame] | 3154 | /* END_CASE */ |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3155 | |
| 3156 | /* BEGIN_CASE */ |
| 3157 | void ssl_crypt_record( int cipher_type, int hash_id, |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 3158 | int etm, int tag_mode, int ver, |
| 3159 | int cid0_len, int cid1_len ) |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3160 | { |
| 3161 | /* |
| 3162 | * Test several record encryptions and decryptions |
| 3163 | * with plenty of space before and after the data |
| 3164 | * within the record buffer. |
| 3165 | */ |
| 3166 | |
| 3167 | int ret; |
| 3168 | int num_records = 16; |
| 3169 | mbedtls_ssl_context ssl; /* ONLY for debugging */ |
| 3170 | |
| 3171 | mbedtls_ssl_transform t0, t1; |
Hanno Becker | 81e16a3 | 2019-03-01 11:21:44 +0000 | [diff] [blame] | 3172 | unsigned char *buf = NULL; |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3173 | size_t const buflen = 512; |
| 3174 | mbedtls_record rec, rec_backup; |
| 3175 | |
| 3176 | mbedtls_ssl_init( &ssl ); |
| 3177 | mbedtls_ssl_transform_init( &t0 ); |
| 3178 | mbedtls_ssl_transform_init( &t1 ); |
| 3179 | TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id, |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 3180 | etm, tag_mode, ver, |
| 3181 | (size_t) cid0_len, |
| 3182 | (size_t) cid1_len ) == 0 ); |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3183 | |
Hanno Becker | 3ee5421 | 2019-04-04 16:31:26 +0100 | [diff] [blame] | 3184 | TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL ); |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3185 | |
| 3186 | while( num_records-- > 0 ) |
| 3187 | { |
| 3188 | mbedtls_ssl_transform *t_dec, *t_enc; |
| 3189 | /* Take turns in who's sending and who's receiving. */ |
| 3190 | if( num_records % 3 == 0 ) |
| 3191 | { |
| 3192 | t_dec = &t0; |
| 3193 | t_enc = &t1; |
| 3194 | } |
| 3195 | else |
| 3196 | { |
| 3197 | t_dec = &t1; |
| 3198 | t_enc = &t0; |
| 3199 | } |
| 3200 | |
| 3201 | /* |
| 3202 | * The record header affects the transformation in two ways: |
| 3203 | * 1) It determines the AEAD additional data |
| 3204 | * 2) The record counter sometimes determines the IV. |
| 3205 | * |
| 3206 | * Apart from that, the fields don't have influence. |
| 3207 | * In particular, it is currently not the responsibility |
| 3208 | * of ssl_encrypt/decrypt_buf to check if the transform |
| 3209 | * version matches the record version, or that the |
| 3210 | * type is sensible. |
| 3211 | */ |
| 3212 | |
| 3213 | memset( rec.ctr, num_records, sizeof( rec.ctr ) ); |
| 3214 | rec.type = 42; |
| 3215 | rec.ver[0] = num_records; |
| 3216 | rec.ver[1] = num_records; |
Hanno Becker | a0e20d0 | 2019-05-15 14:03:01 +0100 | [diff] [blame] | 3217 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 3218 | rec.cid_len = 0; |
Hanno Becker | a0e20d0 | 2019-05-15 14:03:01 +0100 | [diff] [blame] | 3219 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3220 | |
| 3221 | rec.buf = buf; |
| 3222 | rec.buf_len = buflen; |
| 3223 | rec.data_offset = 16; |
| 3224 | /* Make sure to vary the length to exercise different |
| 3225 | * paddings. */ |
| 3226 | rec.data_len = 1 + num_records; |
| 3227 | |
| 3228 | memset( rec.buf + rec.data_offset, 42, rec.data_len ); |
| 3229 | |
| 3230 | /* Make a copy for later comparison */ |
| 3231 | rec_backup = rec; |
| 3232 | |
| 3233 | /* Encrypt record */ |
| 3234 | ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec, |
Ronald Cron | 351f0ee | 2020-06-10 12:12:18 +0200 | [diff] [blame] | 3235 | mbedtls_test_rnd_std_rand, NULL ); |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3236 | TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); |
| 3237 | if( ret != 0 ) |
| 3238 | { |
| 3239 | continue; |
| 3240 | } |
| 3241 | |
Hanno Becker | b2713ab | 2020-05-07 14:54:22 +0100 | [diff] [blame] | 3242 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
| 3243 | if( rec.cid_len != 0 ) |
| 3244 | { |
| 3245 | /* DTLS 1.2 + CID hides the real content type and |
| 3246 | * uses a special CID content type in the protected |
| 3247 | * record. Double-check this. */ |
| 3248 | TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_CID ); |
| 3249 | } |
| 3250 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
| 3251 | |
| 3252 | #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) |
| 3253 | if( t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) |
| 3254 | { |
| 3255 | /* TLS 1.3 hides the real content type and |
| 3256 | * always uses Application Data as the content type |
| 3257 | * for protected records. Double-check this. */ |
| 3258 | TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA ); |
| 3259 | } |
| 3260 | #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ |
| 3261 | |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3262 | /* Decrypt record with t_dec */ |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 3263 | ret = mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec ); |
| 3264 | TEST_ASSERT( ret == 0 ); |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3265 | |
| 3266 | /* Compare results */ |
| 3267 | TEST_ASSERT( rec.type == rec_backup.type ); |
| 3268 | TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 ); |
| 3269 | TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] ); |
| 3270 | TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] ); |
| 3271 | TEST_ASSERT( rec.data_len == rec_backup.data_len ); |
| 3272 | TEST_ASSERT( rec.data_offset == rec_backup.data_offset ); |
| 3273 | TEST_ASSERT( memcmp( rec.buf + rec.data_offset, |
| 3274 | rec_backup.buf + rec_backup.data_offset, |
| 3275 | rec.data_len ) == 0 ); |
| 3276 | } |
| 3277 | |
Hanno Becker | 81e16a3 | 2019-03-01 11:21:44 +0000 | [diff] [blame] | 3278 | exit: |
| 3279 | |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3280 | /* Cleanup */ |
| 3281 | mbedtls_ssl_free( &ssl ); |
| 3282 | mbedtls_ssl_transform_free( &t0 ); |
| 3283 | mbedtls_ssl_transform_free( &t1 ); |
| 3284 | |
Hanno Becker | 3ee5421 | 2019-04-04 16:31:26 +0100 | [diff] [blame] | 3285 | mbedtls_free( buf ); |
Hanno Becker | a18d132 | 2018-01-03 14:27:32 +0000 | [diff] [blame] | 3286 | } |
| 3287 | /* END_CASE */ |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3288 | |
| 3289 | /* BEGIN_CASE */ |
| 3290 | void ssl_crypt_record_small( int cipher_type, int hash_id, |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 3291 | int etm, int tag_mode, int ver, |
| 3292 | int cid0_len, int cid1_len ) |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3293 | { |
| 3294 | /* |
| 3295 | * Test pairs of encryption and decryption with an increasing |
| 3296 | * amount of space in the record buffer - in more detail: |
| 3297 | * 1) Try to encrypt with 0, 1, 2, ... bytes available |
| 3298 | * in front of the plaintext, and expect the encryption |
| 3299 | * to succeed starting from some offset. Always keep |
| 3300 | * enough space in the end of the buffer. |
| 3301 | * 2) Try to encrypt with 0, 1, 2, ... bytes available |
| 3302 | * at the end of the plaintext, and expect the encryption |
| 3303 | * to succeed starting from some offset. Always keep |
| 3304 | * enough space at the beginning of the buffer. |
| 3305 | * 3) Try to encrypt with 0, 1, 2, ... bytes available |
| 3306 | * both at the front and end of the plaintext, |
| 3307 | * and expect the encryption to succeed starting from |
| 3308 | * some offset. |
| 3309 | * |
| 3310 | * If encryption succeeds, check that decryption succeeds |
| 3311 | * and yields the original record. |
| 3312 | */ |
| 3313 | |
| 3314 | mbedtls_ssl_context ssl; /* ONLY for debugging */ |
| 3315 | |
| 3316 | mbedtls_ssl_transform t0, t1; |
Hanno Becker | 81e16a3 | 2019-03-01 11:21:44 +0000 | [diff] [blame] | 3317 | unsigned char *buf = NULL; |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 3318 | size_t const buflen = 256; |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3319 | mbedtls_record rec, rec_backup; |
| 3320 | |
| 3321 | int ret; |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 3322 | int mode; /* Mode 1, 2 or 3 as explained above */ |
| 3323 | size_t offset; /* Available space at beginning/end/both */ |
| 3324 | size_t threshold = 96; /* Maximum offset to test against */ |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3325 | |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 3326 | size_t default_pre_padding = 64; /* Pre-padding to use in mode 2 */ |
| 3327 | size_t default_post_padding = 128; /* Post-padding to use in mode 1 */ |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3328 | |
| 3329 | int seen_success; /* Indicates if in the current mode we've |
| 3330 | * already seen a successful test. */ |
| 3331 | |
| 3332 | mbedtls_ssl_init( &ssl ); |
| 3333 | mbedtls_ssl_transform_init( &t0 ); |
| 3334 | mbedtls_ssl_transform_init( &t1 ); |
| 3335 | TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id, |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 3336 | etm, tag_mode, ver, |
| 3337 | (size_t) cid0_len, |
| 3338 | (size_t) cid1_len ) == 0 ); |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3339 | |
Hanno Becker | 3ee5421 | 2019-04-04 16:31:26 +0100 | [diff] [blame] | 3340 | TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL ); |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3341 | |
| 3342 | for( mode=1; mode <= 3; mode++ ) |
| 3343 | { |
| 3344 | seen_success = 0; |
| 3345 | for( offset=0; offset <= threshold; offset++ ) |
| 3346 | { |
| 3347 | mbedtls_ssl_transform *t_dec, *t_enc; |
Hanno Becker | 6c87b3f | 2019-04-29 17:24:44 +0100 | [diff] [blame] | 3348 | t_dec = &t0; |
| 3349 | t_enc = &t1; |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3350 | |
| 3351 | memset( rec.ctr, offset, sizeof( rec.ctr ) ); |
| 3352 | rec.type = 42; |
| 3353 | rec.ver[0] = offset; |
| 3354 | rec.ver[1] = offset; |
| 3355 | rec.buf = buf; |
| 3356 | rec.buf_len = buflen; |
Hanno Becker | a0e20d0 | 2019-05-15 14:03:01 +0100 | [diff] [blame] | 3357 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
Hanno Becker | d856c82 | 2019-04-29 17:30:59 +0100 | [diff] [blame] | 3358 | rec.cid_len = 0; |
Hanno Becker | a0e20d0 | 2019-05-15 14:03:01 +0100 | [diff] [blame] | 3359 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3360 | |
| 3361 | switch( mode ) |
| 3362 | { |
| 3363 | case 1: /* Space in the beginning */ |
| 3364 | rec.data_offset = offset; |
| 3365 | rec.data_len = buflen - offset - default_post_padding; |
| 3366 | break; |
| 3367 | |
| 3368 | case 2: /* Space in the end */ |
| 3369 | rec.data_offset = default_pre_padding; |
| 3370 | rec.data_len = buflen - default_pre_padding - offset; |
| 3371 | break; |
| 3372 | |
| 3373 | case 3: /* Space in the beginning and end */ |
| 3374 | rec.data_offset = offset; |
| 3375 | rec.data_len = buflen - 2 * offset; |
| 3376 | break; |
| 3377 | |
| 3378 | default: |
| 3379 | TEST_ASSERT( 0 ); |
| 3380 | break; |
| 3381 | } |
| 3382 | |
| 3383 | memset( rec.buf + rec.data_offset, 42, rec.data_len ); |
| 3384 | |
| 3385 | /* Make a copy for later comparison */ |
| 3386 | rec_backup = rec; |
| 3387 | |
| 3388 | /* Encrypt record */ |
Ronald Cron | 6c5bd7f | 2020-06-10 14:08:26 +0200 | [diff] [blame] | 3389 | ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec, |
| 3390 | mbedtls_test_rnd_std_rand, NULL ); |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3391 | |
| 3392 | if( ( mode == 1 || mode == 2 ) && seen_success ) |
| 3393 | { |
| 3394 | TEST_ASSERT( ret == 0 ); |
| 3395 | } |
| 3396 | else |
| 3397 | { |
| 3398 | TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); |
| 3399 | if( ret == 0 ) |
| 3400 | seen_success = 1; |
| 3401 | } |
| 3402 | |
| 3403 | if( ret != 0 ) |
| 3404 | continue; |
| 3405 | |
Hanno Becker | b2713ab | 2020-05-07 14:54:22 +0100 | [diff] [blame] | 3406 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
| 3407 | if( rec.cid_len != 0 ) |
| 3408 | { |
| 3409 | /* DTLS 1.2 + CID hides the real content type and |
| 3410 | * uses a special CID content type in the protected |
| 3411 | * record. Double-check this. */ |
| 3412 | TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_CID ); |
| 3413 | } |
| 3414 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
| 3415 | |
| 3416 | #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) |
| 3417 | if( t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) |
| 3418 | { |
| 3419 | /* TLS 1.3 hides the real content type and |
| 3420 | * always uses Application Data as the content type |
| 3421 | * for protected records. Double-check this. */ |
| 3422 | TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA ); |
| 3423 | } |
| 3424 | #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ |
| 3425 | |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3426 | /* Decrypt record with t_dec */ |
| 3427 | TEST_ASSERT( mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec ) == 0 ); |
| 3428 | |
| 3429 | /* Compare results */ |
| 3430 | TEST_ASSERT( rec.type == rec_backup.type ); |
| 3431 | TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 ); |
| 3432 | TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] ); |
| 3433 | TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] ); |
| 3434 | TEST_ASSERT( rec.data_len == rec_backup.data_len ); |
| 3435 | TEST_ASSERT( rec.data_offset == rec_backup.data_offset ); |
| 3436 | TEST_ASSERT( memcmp( rec.buf + rec.data_offset, |
| 3437 | rec_backup.buf + rec_backup.data_offset, |
| 3438 | rec.data_len ) == 0 ); |
| 3439 | } |
| 3440 | |
| 3441 | TEST_ASSERT( seen_success == 1 ); |
| 3442 | } |
| 3443 | |
Hanno Becker | 81e16a3 | 2019-03-01 11:21:44 +0000 | [diff] [blame] | 3444 | exit: |
| 3445 | |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3446 | /* Cleanup */ |
| 3447 | mbedtls_ssl_free( &ssl ); |
| 3448 | mbedtls_ssl_transform_free( &t0 ); |
| 3449 | mbedtls_ssl_transform_free( &t1 ); |
| 3450 | |
Hanno Becker | 3ee5421 | 2019-04-04 16:31:26 +0100 | [diff] [blame] | 3451 | mbedtls_free( buf ); |
Hanno Becker | b3268da | 2018-01-05 15:20:24 +0000 | [diff] [blame] | 3452 | } |
| 3453 | /* END_CASE */ |
Ron Eldor | 824ad7b | 2019-05-13 14:09:00 +0300 | [diff] [blame] | 3454 | |
Manuel Pégourié-Gonnard | 913a204 | 2020-07-09 10:02:41 +0200 | [diff] [blame] | 3455 | /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */ |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3456 | void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, |
Manuel Pégourié-Gonnard | 864abbf | 2020-07-21 10:37:14 +0200 | [diff] [blame] | 3457 | int length_selector ) |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3458 | { |
| 3459 | /* |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3460 | * Test record decryption for CBC without EtM, focused on the verification |
| 3461 | * of padding and MAC. |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3462 | * |
Mateusz Starzyk | 06b07fb | 2021-02-18 13:55:21 +0100 | [diff] [blame^] | 3463 | * Actually depends on TLS >= 1.0 and either AES, ARIA, Camellia or DES, |
| 3464 | * but since the test framework doesn't support alternation in |
| 3465 | * dependency statements, just depend on TLS 1.2 and AES. |
Manuel Pégourié-Gonnard | 864abbf | 2020-07-21 10:37:14 +0200 | [diff] [blame] | 3466 | * |
| 3467 | * The length_selector argument is interpreted as follows: |
| 3468 | * - if it's -1, the plaintext length is 0 and minimal padding is applied |
| 3469 | * - if it's -2, the plaintext length is 0 and maximal padding is applied |
| 3470 | * - otherwise it must be in [0, 255] and is padding_length from RFC 5246: |
| 3471 | * it's the length of the rest of the padding, that is, excluding the |
| 3472 | * byte that encodes the length. The minimal non-zero plaintext length |
| 3473 | * that gives this padding_length is automatically selected. |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3474 | */ |
| 3475 | mbedtls_ssl_context ssl; /* ONLY for debugging */ |
| 3476 | mbedtls_ssl_transform t0, t1; |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3477 | mbedtls_record rec, rec_save; |
| 3478 | unsigned char *buf = NULL, *buf_save = NULL; |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3479 | size_t buflen, olen = 0; |
Manuel Pégourié-Gonnard | 864abbf | 2020-07-21 10:37:14 +0200 | [diff] [blame] | 3480 | size_t plaintext_len, block_size, i; |
Manuel Pégourié-Gonnard | e55653f | 2020-07-22 11:42:57 +0200 | [diff] [blame] | 3481 | unsigned char padlen; /* excluding the padding_length byte */ |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3482 | unsigned char add_data[13]; |
| 3483 | unsigned char mac[MBEDTLS_MD_MAX_SIZE]; |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3484 | int exp_ret; |
Manuel Pégourié-Gonnard | 4adc04a | 2020-07-16 10:00:48 +0200 | [diff] [blame] | 3485 | const unsigned char pad_max_len = 255; /* Per the standard */ |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3486 | |
| 3487 | mbedtls_ssl_init( &ssl ); |
| 3488 | mbedtls_ssl_transform_init( &t0 ); |
| 3489 | mbedtls_ssl_transform_init( &t1 ); |
| 3490 | |
| 3491 | /* Set up transforms with dummy keys */ |
| 3492 | TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id, |
| 3493 | 0, trunc_hmac, |
| 3494 | MBEDTLS_SSL_MINOR_VERSION_3, |
| 3495 | 0 , 0 ) == 0 ); |
| 3496 | |
Manuel Pégourié-Gonnard | 864abbf | 2020-07-21 10:37:14 +0200 | [diff] [blame] | 3497 | /* Determine padding/plaintext length */ |
| 3498 | TEST_ASSERT( length_selector >= -2 && length_selector <= 255 ); |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3499 | block_size = t0.ivlen; |
Manuel Pégourié-Gonnard | 864abbf | 2020-07-21 10:37:14 +0200 | [diff] [blame] | 3500 | if( length_selector < 0 ) |
| 3501 | { |
| 3502 | plaintext_len = 0; |
| 3503 | |
Manuel Pégourié-Gonnard | e55653f | 2020-07-22 11:42:57 +0200 | [diff] [blame] | 3504 | /* Minimal padding |
| 3505 | * The +1 is for the padding_length byte, not counted in padlen. */ |
Manuel Pégourié-Gonnard | 864abbf | 2020-07-21 10:37:14 +0200 | [diff] [blame] | 3506 | padlen = block_size - ( t0.maclen + 1 ) % block_size; |
| 3507 | |
| 3508 | /* Maximal padding? */ |
| 3509 | if( length_selector == -2 ) |
| 3510 | padlen += block_size * ( ( pad_max_len - padlen ) / block_size ); |
| 3511 | } |
| 3512 | else |
| 3513 | { |
| 3514 | padlen = length_selector; |
| 3515 | |
Manuel Pégourié-Gonnard | e55653f | 2020-07-22 11:42:57 +0200 | [diff] [blame] | 3516 | /* Minimal non-zero plaintext_length giving desired padding. |
| 3517 | * The +1 is for the padding_length byte, not counted in padlen. */ |
Manuel Pégourié-Gonnard | 864abbf | 2020-07-21 10:37:14 +0200 | [diff] [blame] | 3518 | plaintext_len = block_size - ( padlen + t0.maclen + 1 ) % block_size; |
| 3519 | } |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3520 | |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3521 | /* Prepare a buffer for record data */ |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3522 | buflen = block_size |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3523 | + plaintext_len |
| 3524 | + t0.maclen |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3525 | + padlen + 1; |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3526 | ASSERT_ALLOC( buf, buflen ); |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3527 | ASSERT_ALLOC( buf_save, buflen ); |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3528 | |
| 3529 | /* Prepare a dummy record header */ |
| 3530 | memset( rec.ctr, 0, sizeof( rec.ctr ) ); |
| 3531 | rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; |
| 3532 | rec.ver[0] = MBEDTLS_SSL_MAJOR_VERSION_3; |
| 3533 | rec.ver[1] = MBEDTLS_SSL_MINOR_VERSION_3; |
| 3534 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
| 3535 | rec.cid_len = 0; |
| 3536 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
| 3537 | |
| 3538 | /* Prepare dummy record content */ |
| 3539 | rec.buf = buf; |
| 3540 | rec.buf_len = buflen; |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3541 | rec.data_offset = block_size; |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3542 | rec.data_len = plaintext_len; |
| 3543 | memset( rec.buf + rec.data_offset, 42, rec.data_len ); |
| 3544 | |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3545 | /* Serialized version of record header for MAC purposes */ |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3546 | memcpy( add_data, rec.ctr, 8 ); |
| 3547 | add_data[8] = rec.type; |
| 3548 | add_data[9] = rec.ver[0]; |
| 3549 | add_data[10] = rec.ver[1]; |
| 3550 | add_data[11] = ( rec.data_len >> 8 ) & 0xff; |
| 3551 | add_data[12] = ( rec.data_len >> 0 ) & 0xff; |
| 3552 | |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3553 | /* Set dummy IV */ |
| 3554 | memset( t0.iv_enc, 0x55, t0.ivlen ); |
| 3555 | memcpy( rec.buf, t0.iv_enc, t0.ivlen ); |
| 3556 | |
| 3557 | /* |
| 3558 | * Prepare a pre-encryption record (with MAC and padding), and save it. |
| 3559 | */ |
| 3560 | |
| 3561 | /* MAC with additional data */ |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3562 | TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc, add_data, 13 ) ); |
| 3563 | TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc, |
| 3564 | rec.buf + rec.data_offset, |
| 3565 | rec.data_len ) ); |
| 3566 | TEST_EQUAL( 0, mbedtls_md_hmac_finish( &t0.md_ctx_enc, mac ) ); |
| 3567 | |
| 3568 | memcpy( rec.buf + rec.data_offset + rec.data_len, mac, t0.maclen ); |
| 3569 | rec.data_len += t0.maclen; |
| 3570 | |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3571 | /* Pad */ |
| 3572 | memset( rec.buf + rec.data_offset + rec.data_len, padlen, padlen + 1 ); |
| 3573 | rec.data_len += padlen + 1; |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3574 | |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3575 | /* Save correct pre-encryption record */ |
| 3576 | rec_save = rec; |
| 3577 | rec_save.buf = buf_save; |
| 3578 | memcpy( buf_save, buf, buflen ); |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3579 | |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3580 | /* |
| 3581 | * Encrypt and decrypt the correct record, expecting success |
| 3582 | */ |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3583 | TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, |
| 3584 | t0.iv_enc, t0.ivlen, |
| 3585 | rec.buf + rec.data_offset, rec.data_len, |
| 3586 | rec.buf + rec.data_offset, &olen ) ); |
| 3587 | rec.data_offset -= t0.ivlen; |
| 3588 | rec.data_len += t0.ivlen; |
| 3589 | |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3590 | TEST_EQUAL( 0, mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) ); |
| 3591 | |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3592 | /* |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3593 | * Modify each byte of the pre-encryption record before encrypting and |
| 3594 | * decrypting it, expecting failure every time. |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3595 | */ |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3596 | for( i = block_size; i < buflen; i++ ) |
| 3597 | { |
| 3598 | test_set_step( i ); |
| 3599 | |
| 3600 | /* Restore correct pre-encryption record */ |
| 3601 | rec = rec_save; |
| 3602 | rec.buf = buf; |
| 3603 | memcpy( buf, buf_save, buflen ); |
| 3604 | |
Manuel Pégourié-Gonnard | b51f044 | 2020-07-21 10:40:25 +0200 | [diff] [blame] | 3605 | /* Corrupt one byte of the data (could be plaintext, MAC or padding) */ |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3606 | rec.buf[i] ^= 0x01; |
| 3607 | |
| 3608 | /* Encrypt */ |
| 3609 | TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, |
| 3610 | t0.iv_enc, t0.ivlen, |
| 3611 | rec.buf + rec.data_offset, rec.data_len, |
| 3612 | rec.buf + rec.data_offset, &olen ) ); |
| 3613 | rec.data_offset -= t0.ivlen; |
| 3614 | rec.data_len += t0.ivlen; |
| 3615 | |
| 3616 | /* Decrypt and expect failure */ |
| 3617 | TEST_EQUAL( MBEDTLS_ERR_SSL_INVALID_MAC, |
| 3618 | mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) ); |
| 3619 | } |
| 3620 | |
| 3621 | /* |
| 3622 | * Use larger values of the padding bytes - with small buffers, this tests |
| 3623 | * the case where the announced padlen would be larger than the buffer |
| 3624 | * (and before that, than the buffer minus the size of the MAC), to make |
| 3625 | * sure our padding checking code does not perform any out-of-bounds reads |
| 3626 | * in this case. (With larger buffers, ie when the plaintext is long or |
| 3627 | * maximal length padding is used, this is less relevant but still doesn't |
| 3628 | * hurt to test.) |
| 3629 | * |
| 3630 | * (Start the loop with correct padding, just to double-check that record |
| 3631 | * saving did work, and that we're overwriting the correct bytes.) |
| 3632 | */ |
Manuel Pégourié-Gonnard | 4adc04a | 2020-07-16 10:00:48 +0200 | [diff] [blame] | 3633 | for( i = padlen; i <= pad_max_len; i++ ) |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3634 | { |
| 3635 | test_set_step( i ); |
| 3636 | |
| 3637 | /* Restore correct pre-encryption record */ |
| 3638 | rec = rec_save; |
| 3639 | rec.buf = buf; |
| 3640 | memcpy( buf, buf_save, buflen ); |
| 3641 | |
| 3642 | /* Set padding bytes to new value */ |
| 3643 | memset( buf + buflen - padlen - 1, i, padlen + 1 ); |
| 3644 | |
| 3645 | /* Encrypt */ |
| 3646 | TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, |
| 3647 | t0.iv_enc, t0.ivlen, |
| 3648 | rec.buf + rec.data_offset, rec.data_len, |
| 3649 | rec.buf + rec.data_offset, &olen ) ); |
| 3650 | rec.data_offset -= t0.ivlen; |
| 3651 | rec.data_len += t0.ivlen; |
| 3652 | |
| 3653 | /* Decrypt and expect failure except the first time */ |
| 3654 | exp_ret = ( i == padlen ) ? 0 : MBEDTLS_ERR_SSL_INVALID_MAC; |
| 3655 | TEST_EQUAL( exp_ret, mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) ); |
| 3656 | } |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3657 | |
| 3658 | exit: |
| 3659 | mbedtls_ssl_free( &ssl ); |
| 3660 | mbedtls_ssl_transform_free( &t0 ); |
| 3661 | mbedtls_ssl_transform_free( &t1 ); |
| 3662 | mbedtls_free( buf ); |
Manuel Pégourié-Gonnard | 527c1ff | 2020-07-07 10:43:37 +0200 | [diff] [blame] | 3663 | mbedtls_free( buf_save ); |
Manuel Pégourié-Gonnard | 0ac01a1 | 2020-07-03 12:49:10 +0200 | [diff] [blame] | 3664 | } |
| 3665 | /* END_CASE */ |
| 3666 | |
Hanno Becker | 39ff492 | 2020-08-21 13:36:56 +0100 | [diff] [blame] | 3667 | /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ |
| 3668 | void ssl_tls1_3_hkdf_expand_label( int hash_alg, |
| 3669 | data_t *secret, |
Hanno Becker | 70d7fb0 | 2020-09-09 10:11:21 +0100 | [diff] [blame] | 3670 | int label_idx, |
Hanno Becker | 39ff492 | 2020-08-21 13:36:56 +0100 | [diff] [blame] | 3671 | data_t *ctx, |
| 3672 | int desired_length, |
| 3673 | data_t *expected ) |
| 3674 | { |
| 3675 | unsigned char dst[ 100 ]; |
| 3676 | |
Hanno Becker | 70d7fb0 | 2020-09-09 10:11:21 +0100 | [diff] [blame] | 3677 | unsigned char const *lbl = NULL; |
| 3678 | size_t lbl_len; |
Hanno Becker | 1413bd8 | 2020-09-09 12:46:09 +0100 | [diff] [blame] | 3679 | #define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ |
| 3680 | if( label_idx == (int) tls1_3_label_ ## name ) \ |
Hanno Becker | 70d7fb0 | 2020-09-09 10:11:21 +0100 | [diff] [blame] | 3681 | { \ |
| 3682 | lbl = mbedtls_ssl_tls1_3_labels.name; \ |
| 3683 | lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name ); \ |
| 3684 | } |
| 3685 | MBEDTLS_SSL_TLS1_3_LABEL_LIST |
| 3686 | #undef MBEDTLS_SSL_TLS1_3_LABEL |
| 3687 | TEST_ASSERT( lbl != NULL ); |
Hanno Becker | 39ff492 | 2020-08-21 13:36:56 +0100 | [diff] [blame] | 3688 | |
| 3689 | /* Check sanity of test parameters. */ |
| 3690 | TEST_ASSERT( (size_t) desired_length <= sizeof(dst) ); |
| 3691 | TEST_ASSERT( (size_t) desired_length == expected->len ); |
| 3692 | |
| 3693 | TEST_ASSERT( mbedtls_ssl_tls1_3_hkdf_expand_label( |
| 3694 | (mbedtls_md_type_t) hash_alg, |
| 3695 | secret->x, secret->len, |
Hanno Becker | 70d7fb0 | 2020-09-09 10:11:21 +0100 | [diff] [blame] | 3696 | lbl, lbl_len, |
Hanno Becker | 39ff492 | 2020-08-21 13:36:56 +0100 | [diff] [blame] | 3697 | ctx->x, ctx->len, |
| 3698 | dst, desired_length ) == 0 ); |
| 3699 | |
Hanno Becker | fb08096 | 2020-09-08 10:58:42 +0100 | [diff] [blame] | 3700 | ASSERT_COMPARE( dst, (size_t) desired_length, |
| 3701 | expected->x, (size_t) expected->len ); |
Hanno Becker | 39ff492 | 2020-08-21 13:36:56 +0100 | [diff] [blame] | 3702 | } |
| 3703 | /* END_CASE */ |
| 3704 | |
Hanno Becker | 19498f8 | 2020-08-21 13:37:08 +0100 | [diff] [blame] | 3705 | /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ |
| 3706 | void ssl_tls1_3_traffic_key_generation( int hash_alg, |
| 3707 | data_t *server_secret, |
| 3708 | data_t *client_secret, |
| 3709 | int desired_iv_len, |
| 3710 | int desired_key_len, |
| 3711 | data_t *expected_server_write_key, |
| 3712 | data_t *expected_server_write_iv, |
| 3713 | data_t *expected_client_write_key, |
| 3714 | data_t *expected_client_write_iv ) |
| 3715 | { |
| 3716 | mbedtls_ssl_key_set keys; |
| 3717 | |
| 3718 | /* Check sanity of test parameters. */ |
| 3719 | TEST_ASSERT( client_secret->len == server_secret->len ); |
| 3720 | TEST_ASSERT( expected_client_write_iv->len == expected_server_write_iv->len && |
| 3721 | expected_client_write_iv->len == (size_t) desired_iv_len ); |
| 3722 | TEST_ASSERT( expected_client_write_key->len == expected_server_write_key->len && |
| 3723 | expected_client_write_key->len == (size_t) desired_key_len ); |
| 3724 | |
| 3725 | TEST_ASSERT( mbedtls_ssl_tls1_3_make_traffic_keys( |
| 3726 | (mbedtls_md_type_t) hash_alg, |
| 3727 | client_secret->x, |
| 3728 | server_secret->x, |
| 3729 | client_secret->len /* == server_secret->len */, |
| 3730 | desired_key_len, desired_iv_len, |
| 3731 | &keys ) == 0 ); |
| 3732 | |
Hanno Becker | fb08096 | 2020-09-08 10:58:42 +0100 | [diff] [blame] | 3733 | ASSERT_COMPARE( keys.client_write_key, |
Hanno Becker | 493ea7f | 2020-09-08 11:01:00 +0100 | [diff] [blame] | 3734 | keys.key_len, |
Hanno Becker | fb08096 | 2020-09-08 10:58:42 +0100 | [diff] [blame] | 3735 | expected_client_write_key->x, |
| 3736 | (size_t) desired_key_len ); |
| 3737 | ASSERT_COMPARE( keys.server_write_key, |
Hanno Becker | 493ea7f | 2020-09-08 11:01:00 +0100 | [diff] [blame] | 3738 | keys.key_len, |
Hanno Becker | fb08096 | 2020-09-08 10:58:42 +0100 | [diff] [blame] | 3739 | expected_server_write_key->x, |
| 3740 | (size_t) desired_key_len ); |
| 3741 | ASSERT_COMPARE( keys.client_write_iv, |
Hanno Becker | 493ea7f | 2020-09-08 11:01:00 +0100 | [diff] [blame] | 3742 | keys.iv_len, |
Hanno Becker | fb08096 | 2020-09-08 10:58:42 +0100 | [diff] [blame] | 3743 | expected_client_write_iv->x, |
| 3744 | (size_t) desired_iv_len ); |
| 3745 | ASSERT_COMPARE( keys.server_write_iv, |
Hanno Becker | 493ea7f | 2020-09-08 11:01:00 +0100 | [diff] [blame] | 3746 | keys.iv_len, |
Hanno Becker | fb08096 | 2020-09-08 10:58:42 +0100 | [diff] [blame] | 3747 | expected_server_write_iv->x, |
| 3748 | (size_t) desired_iv_len ); |
Hanno Becker | 19498f8 | 2020-08-21 13:37:08 +0100 | [diff] [blame] | 3749 | } |
| 3750 | /* END_CASE */ |
| 3751 | |
Hanno Becker | e4849d1 | 2020-08-21 14:14:14 +0100 | [diff] [blame] | 3752 | /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ |
| 3753 | void ssl_tls1_3_derive_secret( int hash_alg, |
| 3754 | data_t *secret, |
Hanno Becker | 70d7fb0 | 2020-09-09 10:11:21 +0100 | [diff] [blame] | 3755 | int label_idx, |
Hanno Becker | e4849d1 | 2020-08-21 14:14:14 +0100 | [diff] [blame] | 3756 | data_t *ctx, |
| 3757 | int desired_length, |
| 3758 | int already_hashed, |
| 3759 | data_t *expected ) |
| 3760 | { |
| 3761 | unsigned char dst[ 100 ]; |
| 3762 | |
Hanno Becker | 70d7fb0 | 2020-09-09 10:11:21 +0100 | [diff] [blame] | 3763 | unsigned char const *lbl = NULL; |
| 3764 | size_t lbl_len; |
Hanno Becker | 1413bd8 | 2020-09-09 12:46:09 +0100 | [diff] [blame] | 3765 | #define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ |
| 3766 | if( label_idx == (int) tls1_3_label_ ## name ) \ |
Hanno Becker | 70d7fb0 | 2020-09-09 10:11:21 +0100 | [diff] [blame] | 3767 | { \ |
| 3768 | lbl = mbedtls_ssl_tls1_3_labels.name; \ |
| 3769 | lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name ); \ |
| 3770 | } |
| 3771 | MBEDTLS_SSL_TLS1_3_LABEL_LIST |
| 3772 | #undef MBEDTLS_SSL_TLS1_3_LABEL |
| 3773 | TEST_ASSERT( lbl != NULL ); |
| 3774 | |
Hanno Becker | e4849d1 | 2020-08-21 14:14:14 +0100 | [diff] [blame] | 3775 | /* Check sanity of test parameters. */ |
| 3776 | TEST_ASSERT( (size_t) desired_length <= sizeof(dst) ); |
| 3777 | TEST_ASSERT( (size_t) desired_length == expected->len ); |
| 3778 | |
| 3779 | TEST_ASSERT( mbedtls_ssl_tls1_3_derive_secret( |
| 3780 | (mbedtls_md_type_t) hash_alg, |
| 3781 | secret->x, secret->len, |
Hanno Becker | 70d7fb0 | 2020-09-09 10:11:21 +0100 | [diff] [blame] | 3782 | lbl, lbl_len, |
Hanno Becker | e4849d1 | 2020-08-21 14:14:14 +0100 | [diff] [blame] | 3783 | ctx->x, ctx->len, |
| 3784 | already_hashed, |
| 3785 | dst, desired_length ) == 0 ); |
| 3786 | |
Hanno Becker | fb08096 | 2020-09-08 10:58:42 +0100 | [diff] [blame] | 3787 | ASSERT_COMPARE( dst, desired_length, |
| 3788 | expected->x, desired_length ); |
Hanno Becker | e4849d1 | 2020-08-21 14:14:14 +0100 | [diff] [blame] | 3789 | } |
| 3790 | /* END_CASE */ |
| 3791 | |
Hanno Becker | 2d2c3eb | 2020-08-20 14:54:24 +0100 | [diff] [blame] | 3792 | /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ |
| 3793 | void ssl_tls1_3_key_evolution( int hash_alg, |
| 3794 | data_t *secret, |
| 3795 | data_t *input, |
| 3796 | data_t *expected ) |
| 3797 | { |
| 3798 | unsigned char secret_new[ MBEDTLS_MD_MAX_SIZE ]; |
| 3799 | |
| 3800 | TEST_ASSERT( mbedtls_ssl_tls1_3_evolve_secret( |
| 3801 | (mbedtls_md_type_t) hash_alg, |
| 3802 | secret->len ? secret->x : NULL, |
| 3803 | input->len ? input->x : NULL, input->len, |
| 3804 | secret_new ) == 0 ); |
| 3805 | |
Hanno Becker | fb08096 | 2020-09-08 10:58:42 +0100 | [diff] [blame] | 3806 | ASSERT_COMPARE( secret_new, (size_t) expected->len, |
| 3807 | expected->x, (size_t) expected->len ); |
Hanno Becker | 2d2c3eb | 2020-08-20 14:54:24 +0100 | [diff] [blame] | 3808 | } |
| 3809 | /* END_CASE */ |
| 3810 | |
Ron Eldor | 824ad7b | 2019-05-13 14:09:00 +0300 | [diff] [blame] | 3811 | /* BEGIN_CASE */ |
| 3812 | void ssl_tls_prf( int type, data_t * secret, data_t * random, |
Ronald Cron | ac6ae35 | 2020-06-26 14:33:03 +0200 | [diff] [blame] | 3813 | char *label, data_t *result_str, int exp_ret ) |
Ron Eldor | 824ad7b | 2019-05-13 14:09:00 +0300 | [diff] [blame] | 3814 | { |
| 3815 | unsigned char *output; |
| 3816 | |
Ronald Cron | ac6ae35 | 2020-06-26 14:33:03 +0200 | [diff] [blame] | 3817 | output = mbedtls_calloc( 1, result_str->len ); |
Ron Eldor | 824ad7b | 2019-05-13 14:09:00 +0300 | [diff] [blame] | 3818 | if( output == NULL ) |
| 3819 | goto exit; |
| 3820 | |
Ron Eldor | 6b9b1b8 | 2019-05-15 17:04:33 +0300 | [diff] [blame] | 3821 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 3822 | TEST_ASSERT( psa_crypto_init() == 0 ); |
| 3823 | #endif |
| 3824 | |
Ron Eldor | 824ad7b | 2019-05-13 14:09:00 +0300 | [diff] [blame] | 3825 | TEST_ASSERT( mbedtls_ssl_tls_prf( type, secret->x, secret->len, |
| 3826 | label, random->x, random->len, |
Ronald Cron | ac6ae35 | 2020-06-26 14:33:03 +0200 | [diff] [blame] | 3827 | output, result_str->len ) == exp_ret ); |
Ron Eldor | 824ad7b | 2019-05-13 14:09:00 +0300 | [diff] [blame] | 3828 | |
| 3829 | if( exp_ret == 0 ) |
| 3830 | { |
Ronald Cron | ac6ae35 | 2020-06-26 14:33:03 +0200 | [diff] [blame] | 3831 | TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, |
| 3832 | result_str->len, result_str->len ) == 0 ); |
Ron Eldor | 824ad7b | 2019-05-13 14:09:00 +0300 | [diff] [blame] | 3833 | } |
| 3834 | exit: |
| 3835 | |
| 3836 | mbedtls_free( output ); |
| 3837 | } |
| 3838 | /* END_CASE */ |
Manuel Pégourié-Gonnard | 6eac11b | 2019-05-23 09:30:55 +0200 | [diff] [blame] | 3839 | |
Manuel Pégourié-Gonnard | f9deaec | 2019-05-24 09:41:39 +0200 | [diff] [blame] | 3840 | /* BEGIN_CASE */ |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 3841 | void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) |
Manuel Pégourié-Gonnard | f9deaec | 2019-05-24 09:41:39 +0200 | [diff] [blame] | 3842 | { |
| 3843 | mbedtls_ssl_session original, restored; |
| 3844 | unsigned char *buf = NULL; |
| 3845 | size_t len; |
| 3846 | |
| 3847 | /* |
| 3848 | * Test that a save-load pair is the identity |
| 3849 | */ |
| 3850 | |
| 3851 | mbedtls_ssl_session_init( &original ); |
| 3852 | mbedtls_ssl_session_init( &restored ); |
| 3853 | |
| 3854 | /* Prepare a dummy session to work on */ |
| 3855 | TEST_ASSERT( ssl_populate_session( &original, ticket_len, crt_file ) == 0 ); |
| 3856 | |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 3857 | /* Serialize it */ |
Manuel Pégourié-Gonnard | f9deaec | 2019-05-24 09:41:39 +0200 | [diff] [blame] | 3858 | TEST_ASSERT( mbedtls_ssl_session_save( &original, NULL, 0, &len ) |
| 3859 | == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); |
| 3860 | TEST_ASSERT( ( buf = mbedtls_calloc( 1, len ) ) != NULL ); |
| 3861 | TEST_ASSERT( mbedtls_ssl_session_save( &original, buf, len, &len ) |
| 3862 | == 0 ); |
| 3863 | |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 3864 | /* Restore session from serialized data */ |
Manuel Pégourié-Gonnard | f9deaec | 2019-05-24 09:41:39 +0200 | [diff] [blame] | 3865 | TEST_ASSERT( mbedtls_ssl_session_load( &restored, buf, len) == 0 ); |
| 3866 | |
| 3867 | /* |
| 3868 | * Make sure both session structures are identical |
| 3869 | */ |
| 3870 | #if defined(MBEDTLS_HAVE_TIME) |
| 3871 | TEST_ASSERT( original.start == restored.start ); |
| 3872 | #endif |
| 3873 | TEST_ASSERT( original.ciphersuite == restored.ciphersuite ); |
| 3874 | TEST_ASSERT( original.compression == restored.compression ); |
| 3875 | TEST_ASSERT( original.id_len == restored.id_len ); |
| 3876 | TEST_ASSERT( memcmp( original.id, |
| 3877 | restored.id, sizeof( original.id ) ) == 0 ); |
| 3878 | TEST_ASSERT( memcmp( original.master, |
| 3879 | restored.master, sizeof( original.master ) ) == 0 ); |
| 3880 | |
| 3881 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Manuel Pégourié-Gonnard | ee13a73 | 2019-07-29 13:00:39 +0200 | [diff] [blame] | 3882 | #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) |
Manuel Pégourié-Gonnard | f9deaec | 2019-05-24 09:41:39 +0200 | [diff] [blame] | 3883 | TEST_ASSERT( ( original.peer_cert == NULL ) == |
| 3884 | ( restored.peer_cert == NULL ) ); |
| 3885 | if( original.peer_cert != NULL ) |
| 3886 | { |
| 3887 | TEST_ASSERT( original.peer_cert->raw.len == |
| 3888 | restored.peer_cert->raw.len ); |
| 3889 | TEST_ASSERT( memcmp( original.peer_cert->raw.p, |
| 3890 | restored.peer_cert->raw.p, |
| 3891 | original.peer_cert->raw.len ) == 0 ); |
| 3892 | } |
Manuel Pégourié-Gonnard | ee13a73 | 2019-07-29 13:00:39 +0200 | [diff] [blame] | 3893 | #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ |
| 3894 | TEST_ASSERT( original.peer_cert_digest_type == |
| 3895 | restored.peer_cert_digest_type ); |
| 3896 | TEST_ASSERT( original.peer_cert_digest_len == |
| 3897 | restored.peer_cert_digest_len ); |
| 3898 | TEST_ASSERT( ( original.peer_cert_digest == NULL ) == |
| 3899 | ( restored.peer_cert_digest == NULL ) ); |
| 3900 | if( original.peer_cert_digest != NULL ) |
| 3901 | { |
| 3902 | TEST_ASSERT( memcmp( original.peer_cert_digest, |
| 3903 | restored.peer_cert_digest, |
| 3904 | original.peer_cert_digest_len ) == 0 ); |
| 3905 | } |
| 3906 | #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ |
| 3907 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
Manuel Pégourié-Gonnard | f9deaec | 2019-05-24 09:41:39 +0200 | [diff] [blame] | 3908 | TEST_ASSERT( original.verify_result == restored.verify_result ); |
| 3909 | |
| 3910 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) |
| 3911 | TEST_ASSERT( original.ticket_len == restored.ticket_len ); |
| 3912 | if( original.ticket_len != 0 ) |
| 3913 | { |
| 3914 | TEST_ASSERT( original.ticket != NULL ); |
| 3915 | TEST_ASSERT( restored.ticket != NULL ); |
| 3916 | TEST_ASSERT( memcmp( original.ticket, |
| 3917 | restored.ticket, original.ticket_len ) == 0 ); |
| 3918 | } |
| 3919 | TEST_ASSERT( original.ticket_lifetime == restored.ticket_lifetime ); |
| 3920 | #endif |
| 3921 | |
| 3922 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
| 3923 | TEST_ASSERT( original.mfl_code == restored.mfl_code ); |
| 3924 | #endif |
| 3925 | |
| 3926 | #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) |
| 3927 | TEST_ASSERT( original.trunc_hmac == restored.trunc_hmac ); |
| 3928 | #endif |
| 3929 | |
| 3930 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) |
| 3931 | TEST_ASSERT( original.encrypt_then_mac == restored.encrypt_then_mac ); |
| 3932 | #endif |
| 3933 | |
| 3934 | exit: |
| 3935 | mbedtls_ssl_session_free( &original ); |
| 3936 | mbedtls_ssl_session_free( &restored ); |
| 3937 | mbedtls_free( buf ); |
| 3938 | } |
| 3939 | /* END_CASE */ |
| 3940 | |
Manuel Pégourié-Gonnard | aa75583 | 2019-06-03 10:53:47 +0200 | [diff] [blame] | 3941 | /* BEGIN_CASE */ |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 3942 | void ssl_serialize_session_load_save( int ticket_len, char *crt_file ) |
Manuel Pégourié-Gonnard | 6eac11b | 2019-05-23 09:30:55 +0200 | [diff] [blame] | 3943 | { |
| 3944 | mbedtls_ssl_session session; |
| 3945 | unsigned char *buf1 = NULL, *buf2 = NULL; |
| 3946 | size_t len0, len1, len2; |
| 3947 | |
| 3948 | /* |
| 3949 | * Test that a load-save pair is the identity |
| 3950 | */ |
| 3951 | |
| 3952 | mbedtls_ssl_session_init( &session ); |
| 3953 | |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 3954 | /* Prepare a dummy session to work on */ |
Manuel Pégourié-Gonnard | 6b84070 | 2019-05-24 09:40:17 +0200 | [diff] [blame] | 3955 | TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); |
Manuel Pégourié-Gonnard | 3caa6ca | 2019-05-23 10:06:14 +0200 | [diff] [blame] | 3956 | |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 3957 | /* Get desired buffer size for serializing */ |
Manuel Pégourié-Gonnard | 6eac11b | 2019-05-23 09:30:55 +0200 | [diff] [blame] | 3958 | TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &len0 ) |
| 3959 | == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); |
| 3960 | |
| 3961 | /* Allocate first buffer */ |
| 3962 | buf1 = mbedtls_calloc( 1, len0 ); |
| 3963 | TEST_ASSERT( buf1 != NULL ); |
| 3964 | |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 3965 | /* Serialize to buffer and free live session */ |
Manuel Pégourié-Gonnard | 6eac11b | 2019-05-23 09:30:55 +0200 | [diff] [blame] | 3966 | TEST_ASSERT( mbedtls_ssl_session_save( &session, buf1, len0, &len1 ) |
| 3967 | == 0 ); |
| 3968 | TEST_ASSERT( len0 == len1 ); |
| 3969 | mbedtls_ssl_session_free( &session ); |
| 3970 | |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 3971 | /* Restore session from serialized data */ |
Manuel Pégourié-Gonnard | 220403b | 2019-05-24 09:54:21 +0200 | [diff] [blame] | 3972 | TEST_ASSERT( mbedtls_ssl_session_load( &session, buf1, len1 ) == 0 ); |
Manuel Pégourié-Gonnard | 6eac11b | 2019-05-23 09:30:55 +0200 | [diff] [blame] | 3973 | |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 3974 | /* Allocate second buffer and serialize to it */ |
Manuel Pégourié-Gonnard | 6eac11b | 2019-05-23 09:30:55 +0200 | [diff] [blame] | 3975 | buf2 = mbedtls_calloc( 1, len0 ); |
Manuel Pégourié-Gonnard | b407990 | 2019-05-24 09:52:10 +0200 | [diff] [blame] | 3976 | TEST_ASSERT( buf2 != NULL ); |
Manuel Pégourié-Gonnard | 6eac11b | 2019-05-23 09:30:55 +0200 | [diff] [blame] | 3977 | TEST_ASSERT( mbedtls_ssl_session_save( &session, buf2, len0, &len2 ) |
| 3978 | == 0 ); |
| 3979 | |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 3980 | /* Make sure both serialized versions are identical */ |
Manuel Pégourié-Gonnard | 6eac11b | 2019-05-23 09:30:55 +0200 | [diff] [blame] | 3981 | TEST_ASSERT( len1 == len2 ); |
| 3982 | TEST_ASSERT( memcmp( buf1, buf2, len1 ) == 0 ); |
| 3983 | |
| 3984 | exit: |
| 3985 | mbedtls_ssl_session_free( &session ); |
| 3986 | mbedtls_free( buf1 ); |
| 3987 | mbedtls_free( buf2 ); |
| 3988 | } |
| 3989 | /* END_CASE */ |
Manuel Pégourié-Gonnard | f5fa0aa | 2019-05-23 10:38:11 +0200 | [diff] [blame] | 3990 | |
| 3991 | /* BEGIN_CASE */ |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 3992 | void ssl_serialize_session_save_buf_size( int ticket_len, char *crt_file ) |
Manuel Pégourié-Gonnard | f5fa0aa | 2019-05-23 10:38:11 +0200 | [diff] [blame] | 3993 | { |
| 3994 | mbedtls_ssl_session session; |
| 3995 | unsigned char *buf = NULL; |
| 3996 | size_t good_len, bad_len, test_len; |
| 3997 | |
| 3998 | /* |
| 3999 | * Test that session_save() fails cleanly on small buffers |
| 4000 | */ |
| 4001 | |
| 4002 | mbedtls_ssl_session_init( &session ); |
| 4003 | |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 4004 | /* Prepare dummy session and get serialized size */ |
Manuel Pégourié-Gonnard | 6b84070 | 2019-05-24 09:40:17 +0200 | [diff] [blame] | 4005 | TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); |
Manuel Pégourié-Gonnard | f5fa0aa | 2019-05-23 10:38:11 +0200 | [diff] [blame] | 4006 | TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len ) |
| 4007 | == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); |
| 4008 | |
| 4009 | /* Try all possible bad lengths */ |
| 4010 | for( bad_len = 1; bad_len < good_len; bad_len++ ) |
| 4011 | { |
| 4012 | /* Allocate exact size so that asan/valgrind can detect any overwrite */ |
| 4013 | mbedtls_free( buf ); |
| 4014 | TEST_ASSERT( ( buf = mbedtls_calloc( 1, bad_len ) ) != NULL ); |
| 4015 | TEST_ASSERT( mbedtls_ssl_session_save( &session, buf, bad_len, |
| 4016 | &test_len ) |
| 4017 | == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); |
| 4018 | TEST_ASSERT( test_len == good_len ); |
| 4019 | } |
| 4020 | |
| 4021 | exit: |
| 4022 | mbedtls_ssl_session_free( &session ); |
| 4023 | mbedtls_free( buf ); |
| 4024 | } |
| 4025 | /* END_CASE */ |
Manuel Pégourié-Gonnard | a3d831b | 2019-05-23 12:28:45 +0200 | [diff] [blame] | 4026 | |
| 4027 | /* BEGIN_CASE */ |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 4028 | void ssl_serialize_session_load_buf_size( int ticket_len, char *crt_file ) |
Manuel Pégourié-Gonnard | a3d831b | 2019-05-23 12:28:45 +0200 | [diff] [blame] | 4029 | { |
| 4030 | mbedtls_ssl_session session; |
| 4031 | unsigned char *good_buf = NULL, *bad_buf = NULL; |
| 4032 | size_t good_len, bad_len; |
| 4033 | |
| 4034 | /* |
| 4035 | * Test that session_load() fails cleanly on small buffers |
| 4036 | */ |
| 4037 | |
| 4038 | mbedtls_ssl_session_init( &session ); |
| 4039 | |
Manuel Pégourié-Gonnard | 686adb4 | 2019-06-03 09:55:16 +0200 | [diff] [blame] | 4040 | /* Prepare serialized session data */ |
Manuel Pégourié-Gonnard | 6b84070 | 2019-05-24 09:40:17 +0200 | [diff] [blame] | 4041 | TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); |
Manuel Pégourié-Gonnard | a3d831b | 2019-05-23 12:28:45 +0200 | [diff] [blame] | 4042 | TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len ) |
| 4043 | == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); |
| 4044 | TEST_ASSERT( ( good_buf = mbedtls_calloc( 1, good_len ) ) != NULL ); |
| 4045 | TEST_ASSERT( mbedtls_ssl_session_save( &session, good_buf, good_len, |
| 4046 | &good_len ) == 0 ); |
| 4047 | mbedtls_ssl_session_free( &session ); |
| 4048 | |
| 4049 | /* Try all possible bad lengths */ |
| 4050 | for( bad_len = 0; bad_len < good_len; bad_len++ ) |
| 4051 | { |
| 4052 | /* Allocate exact size so that asan/valgrind can detect any overread */ |
| 4053 | mbedtls_free( bad_buf ); |
| 4054 | bad_buf = mbedtls_calloc( 1, bad_len ? bad_len : 1 ); |
| 4055 | TEST_ASSERT( bad_buf != NULL ); |
| 4056 | memcpy( bad_buf, good_buf, bad_len ); |
| 4057 | |
| 4058 | TEST_ASSERT( mbedtls_ssl_session_load( &session, bad_buf, bad_len ) |
| 4059 | == MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); |
| 4060 | } |
| 4061 | |
| 4062 | exit: |
| 4063 | mbedtls_ssl_session_free( &session ); |
| 4064 | mbedtls_free( good_buf ); |
| 4065 | mbedtls_free( bad_buf ); |
| 4066 | } |
| 4067 | /* END_CASE */ |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4068 | |
Hanno Becker | 363b646 | 2019-05-29 12:44:28 +0100 | [diff] [blame] | 4069 | /* BEGIN_CASE */ |
| 4070 | void ssl_session_serialize_version_check( int corrupt_major, |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4071 | int corrupt_minor, |
| 4072 | int corrupt_patch, |
| 4073 | int corrupt_config ) |
| 4074 | { |
Hanno Becker | 363b646 | 2019-05-29 12:44:28 +0100 | [diff] [blame] | 4075 | unsigned char serialized_session[ 2048 ]; |
| 4076 | size_t serialized_session_len; |
Hanno Becker | fe1275e | 2019-05-29 12:45:21 +0100 | [diff] [blame] | 4077 | unsigned cur_byte; |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4078 | mbedtls_ssl_session session; |
Hanno Becker | fe1275e | 2019-05-29 12:45:21 +0100 | [diff] [blame] | 4079 | uint8_t should_corrupt_byte[] = { corrupt_major == 1, |
| 4080 | corrupt_minor == 1, |
| 4081 | corrupt_patch == 1, |
| 4082 | corrupt_config == 1, |
| 4083 | corrupt_config == 1 }; |
| 4084 | |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4085 | mbedtls_ssl_session_init( &session ); |
| 4086 | |
Hanno Becker | fe1275e | 2019-05-29 12:45:21 +0100 | [diff] [blame] | 4087 | /* Infer length of serialized session. */ |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4088 | TEST_ASSERT( mbedtls_ssl_session_save( &session, |
Hanno Becker | 363b646 | 2019-05-29 12:44:28 +0100 | [diff] [blame] | 4089 | serialized_session, |
| 4090 | sizeof( serialized_session ), |
| 4091 | &serialized_session_len ) == 0 ); |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4092 | |
Hanno Becker | fe1275e | 2019-05-29 12:45:21 +0100 | [diff] [blame] | 4093 | mbedtls_ssl_session_free( &session ); |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4094 | |
Hanno Becker | fe1275e | 2019-05-29 12:45:21 +0100 | [diff] [blame] | 4095 | /* Without any modification, we should be able to successfully |
Hanno Becker | 363b646 | 2019-05-29 12:44:28 +0100 | [diff] [blame] | 4096 | * de-serialize the session - double-check that. */ |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4097 | TEST_ASSERT( mbedtls_ssl_session_load( &session, |
Hanno Becker | 363b646 | 2019-05-29 12:44:28 +0100 | [diff] [blame] | 4098 | serialized_session, |
| 4099 | serialized_session_len ) == 0 ); |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4100 | mbedtls_ssl_session_free( &session ); |
| 4101 | |
Hanno Becker | fe1275e | 2019-05-29 12:45:21 +0100 | [diff] [blame] | 4102 | /* Go through the bytes in the serialized session header and |
| 4103 | * corrupt them bit-by-bit. */ |
| 4104 | for( cur_byte = 0; cur_byte < sizeof( should_corrupt_byte ); cur_byte++ ) |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4105 | { |
Hanno Becker | fe1275e | 2019-05-29 12:45:21 +0100 | [diff] [blame] | 4106 | int cur_bit; |
| 4107 | unsigned char * const byte = &serialized_session[ cur_byte ]; |
| 4108 | |
| 4109 | if( should_corrupt_byte[ cur_byte ] == 0 ) |
| 4110 | continue; |
| 4111 | |
| 4112 | for( cur_bit = 0; cur_bit < CHAR_BIT; cur_bit++ ) |
| 4113 | { |
| 4114 | unsigned char const corrupted_bit = 0x1u << cur_bit; |
| 4115 | /* Modify a single bit in the serialized session. */ |
| 4116 | *byte ^= corrupted_bit; |
| 4117 | |
| 4118 | /* Attempt to deserialize */ |
| 4119 | TEST_ASSERT( mbedtls_ssl_session_load( &session, |
| 4120 | serialized_session, |
| 4121 | serialized_session_len ) == |
Hanno Becker | f9b3303 | 2019-06-03 12:58:39 +0100 | [diff] [blame] | 4122 | MBEDTLS_ERR_SSL_VERSION_MISMATCH ); |
Hanno Becker | fe1275e | 2019-05-29 12:45:21 +0100 | [diff] [blame] | 4123 | |
| 4124 | /* Undo the change */ |
| 4125 | *byte ^= corrupted_bit; |
| 4126 | } |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4127 | } |
| 4128 | |
Hanno Becker | 861d0bb | 2019-05-21 16:39:30 +0100 | [diff] [blame] | 4129 | } |
| 4130 | /* END_CASE */ |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4131 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4132 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4133 | void mbedtls_endpoint_sanity( int endpoint_type ) |
| 4134 | { |
| 4135 | enum { BUFFSIZE = 1024 }; |
| 4136 | mbedtls_endpoint ep; |
| 4137 | int ret = -1; |
| 4138 | |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 4139 | ret = mbedtls_endpoint_init( NULL, endpoint_type, MBEDTLS_PK_RSA, |
| 4140 | NULL, NULL, NULL ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4141 | TEST_ASSERT( MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret ); |
| 4142 | |
Andrzej Kurek | b298074 | 2020-02-02 19:25:26 -0500 | [diff] [blame] | 4143 | ret = mbedtls_endpoint_certificate_init( NULL, MBEDTLS_PK_RSA ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4144 | TEST_ASSERT( MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret ); |
| 4145 | |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 4146 | ret = mbedtls_endpoint_init( &ep, endpoint_type, MBEDTLS_PK_RSA, |
| 4147 | NULL, NULL, NULL ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4148 | TEST_ASSERT( ret == 0 ); |
| 4149 | |
| 4150 | exit: |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 4151 | mbedtls_endpoint_free( &ep, NULL ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4152 | } |
| 4153 | /* END_CASE */ |
| 4154 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4155 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4156 | void move_handshake_to_state(int endpoint_type, int state, int need_pass) |
| 4157 | { |
| 4158 | enum { BUFFSIZE = 1024 }; |
| 4159 | mbedtls_endpoint base_ep, second_ep; |
| 4160 | int ret = -1; |
| 4161 | |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 4162 | ret = mbedtls_endpoint_init( &base_ep, endpoint_type, MBEDTLS_PK_RSA, |
| 4163 | NULL, NULL, NULL ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4164 | TEST_ASSERT( ret == 0 ); |
| 4165 | |
| 4166 | ret = mbedtls_endpoint_init( &second_ep, |
| 4167 | ( endpoint_type == MBEDTLS_SSL_IS_SERVER ) ? |
Andrzej Kurek | b298074 | 2020-02-02 19:25:26 -0500 | [diff] [blame] | 4168 | MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 4169 | MBEDTLS_PK_RSA, NULL, NULL, NULL ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4170 | TEST_ASSERT( ret == 0 ); |
| 4171 | |
| 4172 | ret = mbedtls_mock_socket_connect( &(base_ep.socket), |
| 4173 | &(second_ep.socket), |
| 4174 | BUFFSIZE ); |
| 4175 | TEST_ASSERT( ret == 0 ); |
| 4176 | |
| 4177 | ret = mbedtls_move_handshake_to_state( &(base_ep.ssl), |
| 4178 | &(second_ep.ssl), |
| 4179 | state ); |
| 4180 | if( need_pass ) |
| 4181 | { |
| 4182 | TEST_ASSERT( ret == 0 ); |
| 4183 | TEST_ASSERT( base_ep.ssl.state == state ); |
| 4184 | } |
| 4185 | else |
| 4186 | { |
| 4187 | TEST_ASSERT( ret != 0 ); |
| 4188 | TEST_ASSERT( base_ep.ssl.state != state ); |
| 4189 | } |
| 4190 | |
| 4191 | exit: |
Andrzej Kurek | 15daf50 | 2020-02-12 09:17:52 -0500 | [diff] [blame] | 4192 | mbedtls_endpoint_free( &base_ep, NULL ); |
| 4193 | mbedtls_endpoint_free( &second_ep, NULL ); |
Piotr Nowicki | 2a1f178 | 2020-01-13 09:42:10 +0100 | [diff] [blame] | 4194 | } |
| 4195 | /* END_CASE */ |
Andrzej Kurek | f40daa3 | 2020-02-04 09:00:01 -0500 | [diff] [blame] | 4196 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4197 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 4198 | void handshake_version( int dtls, int client_min_version, int client_max_version, |
| 4199 | int server_min_version, int server_max_version, |
| 4200 | int expected_negotiated_version ) |
Andrzej Kurek | f40daa3 | 2020-02-04 09:00:01 -0500 | [diff] [blame] | 4201 | { |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4202 | handshake_test_options options; |
| 4203 | init_handshake_options( &options ); |
Andrzej Kurek | da2b678 | 2020-02-12 07:56:36 -0500 | [diff] [blame] | 4204 | |
Paul Elliott | c857044 | 2020-04-15 17:00:50 +0100 | [diff] [blame] | 4205 | options.client_min_version = client_min_version; |
| 4206 | options.client_max_version = client_max_version; |
| 4207 | options.server_min_version = server_min_version; |
| 4208 | options.server_max_version = server_max_version; |
| 4209 | |
| 4210 | options.expected_negotiated_version = expected_negotiated_version; |
| 4211 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4212 | options.dtls = dtls; |
Mateusz Starzyk | 06b07fb | 2021-02-18 13:55:21 +0100 | [diff] [blame^] | 4213 | /* By default, TLSv1.0 use 1/n-1 splitting when sending data, so |
Piotr Nowicki | 438bf3b | 2020-03-10 12:59:10 +0100 | [diff] [blame] | 4214 | * the number of fragments will be twice as big. */ |
Mateusz Starzyk | 06b07fb | 2021-02-18 13:55:21 +0100 | [diff] [blame^] | 4215 | if( expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_1 ) |
Andrzej Kurek | 941962e | 2020-02-07 09:20:32 -0500 | [diff] [blame] | 4216 | { |
Piotr Nowicki | 438bf3b | 2020-03-10 12:59:10 +0100 | [diff] [blame] | 4217 | options.expected_cli_fragments = 2; |
| 4218 | options.expected_srv_fragments = 2; |
Andrzej Kurek | 941962e | 2020-02-07 09:20:32 -0500 | [diff] [blame] | 4219 | } |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4220 | perform_handshake( &options ); |
Andrzej Kurek | f40daa3 | 2020-02-04 09:00:01 -0500 | [diff] [blame] | 4221 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4222 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4223 | goto exit; |
| 4224 | } |
| 4225 | /* END_CASE */ |
Andrzej Kurek | 9e9efdc | 2020-02-26 05:25:23 -0500 | [diff] [blame] | 4226 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4227 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4228 | void handshake_psk_cipher( char* cipher, int pk_alg, data_t *psk_str, int dtls ) |
| 4229 | { |
| 4230 | handshake_test_options options; |
| 4231 | init_handshake_options( &options ); |
Andrzej Kurek | f40daa3 | 2020-02-04 09:00:01 -0500 | [diff] [blame] | 4232 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4233 | options.cipher = cipher; |
| 4234 | options.dtls = dtls; |
| 4235 | options.psk_str = psk_str; |
| 4236 | options.pk_alg = pk_alg; |
Andrzej Kurek | cc5169c | 2020-02-04 09:04:56 -0500 | [diff] [blame] | 4237 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4238 | perform_handshake( &options ); |
Andrzej Kurek | 316da1f | 2020-02-26 09:03:47 -0500 | [diff] [blame] | 4239 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4240 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4241 | goto exit; |
| 4242 | } |
| 4243 | /* END_CASE */ |
Andrzej Kurek | 316da1f | 2020-02-26 09:03:47 -0500 | [diff] [blame] | 4244 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4245 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4246 | void handshake_cipher( char* cipher, int pk_alg, int dtls ) |
| 4247 | { |
| 4248 | test_handshake_psk_cipher( cipher, pk_alg, NULL, dtls ); |
Andrzej Kurek | f40daa3 | 2020-02-04 09:00:01 -0500 | [diff] [blame] | 4249 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4250 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4251 | goto exit; |
| 4252 | } |
| 4253 | /* END_CASE */ |
Andrzej Kurek | f40daa3 | 2020-02-04 09:00:01 -0500 | [diff] [blame] | 4254 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4255 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4256 | void app_data( int mfl, int cli_msg_len, int srv_msg_len, |
| 4257 | int expected_cli_fragments, |
| 4258 | int expected_srv_fragments, int dtls ) |
| 4259 | { |
| 4260 | handshake_test_options options; |
| 4261 | init_handshake_options( &options ); |
Andrzej Kurek | da2b678 | 2020-02-12 07:56:36 -0500 | [diff] [blame] | 4262 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4263 | options.mfl = mfl; |
| 4264 | options.cli_msg_len = cli_msg_len; |
| 4265 | options.srv_msg_len = srv_msg_len; |
| 4266 | options.expected_cli_fragments = expected_cli_fragments; |
| 4267 | options.expected_srv_fragments = expected_srv_fragments; |
| 4268 | options.dtls = dtls; |
Andrzej Kurek | da2b678 | 2020-02-12 07:56:36 -0500 | [diff] [blame] | 4269 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4270 | perform_handshake( &options ); |
| 4271 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4272 | goto exit; |
| 4273 | } |
| 4274 | /* END_CASE */ |
Andrzej Kurek | da2b678 | 2020-02-12 07:56:36 -0500 | [diff] [blame] | 4275 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4276 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4277 | void app_data_tls( int mfl, int cli_msg_len, int srv_msg_len, |
| 4278 | int expected_cli_fragments, |
| 4279 | int expected_srv_fragments ) |
| 4280 | { |
| 4281 | test_app_data( mfl, cli_msg_len, srv_msg_len, expected_cli_fragments, |
| 4282 | expected_srv_fragments, 0 ); |
| 4283 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4284 | goto exit; |
| 4285 | } |
| 4286 | /* END_CASE */ |
Andrzej Kurek | da2b678 | 2020-02-12 07:56:36 -0500 | [diff] [blame] | 4287 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4288 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4289 | void app_data_dtls( int mfl, int cli_msg_len, int srv_msg_len, |
| 4290 | int expected_cli_fragments, |
| 4291 | int expected_srv_fragments ) |
| 4292 | { |
| 4293 | test_app_data( mfl, cli_msg_len, srv_msg_len, expected_cli_fragments, |
| 4294 | expected_srv_fragments, 1 ); |
| 4295 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4296 | goto exit; |
| 4297 | } |
| 4298 | /* END_CASE */ |
Andrzej Kurek | da2b678 | 2020-02-12 07:56:36 -0500 | [diff] [blame] | 4299 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4300 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4301 | void handshake_serialization( ) |
| 4302 | { |
| 4303 | handshake_test_options options; |
| 4304 | init_handshake_options( &options ); |
Andrzej Kurek | da2b678 | 2020-02-12 07:56:36 -0500 | [diff] [blame] | 4305 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4306 | options.serialize = 1; |
| 4307 | options.dtls = 1; |
| 4308 | perform_handshake( &options ); |
| 4309 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4310 | goto exit; |
| 4311 | } |
| 4312 | /* END_CASE */ |
Andrzej Kurek | da2b678 | 2020-02-12 07:56:36 -0500 | [diff] [blame] | 4313 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4314 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 4315 | void handshake_fragmentation( int mfl, int expected_srv_hs_fragmentation, int expected_cli_hs_fragmentation) |
| 4316 | { |
| 4317 | handshake_test_options options; |
| 4318 | log_pattern srv_pattern, cli_pattern; |
| 4319 | |
| 4320 | srv_pattern.pattern = cli_pattern.pattern = "found fragmented DTLS handshake"; |
| 4321 | srv_pattern.counter = 0; |
| 4322 | cli_pattern.counter = 0; |
| 4323 | |
| 4324 | init_handshake_options( &options ); |
| 4325 | options.dtls = 1; |
| 4326 | options.mfl = mfl; |
Darryl Green | aad82f9 | 2019-12-02 10:53:11 +0000 | [diff] [blame] | 4327 | /* Set cipher to one using CBC so that record splitting can be tested */ |
| 4328 | options.cipher = "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"; |
Piotr Nowicki | bde7ee8 | 2020-02-21 10:59:50 +0100 | [diff] [blame] | 4329 | options.srv_auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; |
| 4330 | options.srv_log_obj = &srv_pattern; |
| 4331 | options.cli_log_obj = &cli_pattern; |
| 4332 | options.srv_log_fun = log_analyzer; |
| 4333 | options.cli_log_fun = log_analyzer; |
| 4334 | |
| 4335 | perform_handshake( &options ); |
| 4336 | |
| 4337 | /* Test if the server received a fragmented handshake */ |
| 4338 | if( expected_srv_hs_fragmentation ) |
| 4339 | { |
| 4340 | TEST_ASSERT( srv_pattern.counter >= 1 ); |
| 4341 | } |
| 4342 | /* Test if the client received a fragmented handshake */ |
| 4343 | if( expected_cli_hs_fragmentation ) |
| 4344 | { |
| 4345 | TEST_ASSERT( cli_pattern.counter >= 1 ); |
| 4346 | } |
| 4347 | } |
| 4348 | /* END_CASE */ |
| 4349 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4350 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4351 | void renegotiation( int legacy_renegotiation ) |
| 4352 | { |
| 4353 | handshake_test_options options; |
| 4354 | init_handshake_options( &options ); |
Andrzej Kurek | da2b678 | 2020-02-12 07:56:36 -0500 | [diff] [blame] | 4355 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4356 | options.renegotiate = 1; |
| 4357 | options.legacy_renegotiation = legacy_renegotiation; |
| 4358 | options.dtls = 1; |
Andrzej Kurek | 316da1f | 2020-02-26 09:03:47 -0500 | [diff] [blame] | 4359 | |
Andrzej Kurek | 8a6ff15 | 2020-02-26 09:10:14 -0500 | [diff] [blame] | 4360 | perform_handshake( &options ); |
| 4361 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4362 | goto exit; |
Andrzej Kurek | f40daa3 | 2020-02-04 09:00:01 -0500 | [diff] [blame] | 4363 | } |
| 4364 | /* END_CASE */ |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 4365 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4366 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 4367 | void resize_buffers( int mfl, int renegotiation, int legacy_renegotiation, |
Andrzej Kurek | 8ea6872 | 2020-04-03 06:40:47 -0400 | [diff] [blame] | 4368 | int serialize, int dtls, char *cipher ) |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 4369 | { |
| 4370 | handshake_test_options options; |
| 4371 | init_handshake_options( &options ); |
| 4372 | |
| 4373 | options.mfl = mfl; |
Andrzej Kurek | 8ea6872 | 2020-04-03 06:40:47 -0400 | [diff] [blame] | 4374 | options.cipher = cipher; |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 4375 | options.renegotiate = renegotiation; |
| 4376 | options.legacy_renegotiation = legacy_renegotiation; |
| 4377 | options.serialize = serialize; |
| 4378 | options.dtls = dtls; |
| 4379 | options.resize_buffers = 1; |
| 4380 | |
| 4381 | perform_handshake( &options ); |
| 4382 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4383 | goto exit; |
| 4384 | } |
| 4385 | /* END_CASE */ |
| 4386 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4387 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 4388 | void resize_buffers_serialize_mfl( int mfl ) |
| 4389 | { |
Andrzej Kurek | 8ea6872 | 2020-04-03 06:40:47 -0400 | [diff] [blame] | 4390 | test_resize_buffers( mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1, |
| 4391 | (char *) "" ); |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 4392 | |
| 4393 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4394 | goto exit; |
| 4395 | } |
| 4396 | /* END_CASE */ |
| 4397 | |
Manuel Pégourié-Gonnard | d12402f | 2020-05-20 10:34:25 +0200 | [diff] [blame] | 4398 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ |
Andrzej Kurek | 8ea6872 | 2020-04-03 06:40:47 -0400 | [diff] [blame] | 4399 | void resize_buffers_renegotiate_mfl( int mfl, int legacy_renegotiation, |
| 4400 | char *cipher ) |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 4401 | { |
Andrzej Kurek | 8ea6872 | 2020-04-03 06:40:47 -0400 | [diff] [blame] | 4402 | test_resize_buffers( mfl, 1, legacy_renegotiation, 0, 1, cipher ); |
Andrzej Kurek | 0afa2a1 | 2020-03-03 10:39:58 -0500 | [diff] [blame] | 4403 | |
| 4404 | /* The goto below is used to avoid an "unused label" warning.*/ |
| 4405 | goto exit; |
| 4406 | } |
| 4407 | /* END_CASE */ |
Manuel Pégourié-Gonnard | 045f094 | 2020-07-02 11:34:02 +0200 | [diff] [blame] | 4408 | |
Manuel Pégourié-Gonnard | ed0e864 | 2020-07-21 11:20:30 +0200 | [diff] [blame] | 4409 | /* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ |
Manuel Pégourié-Gonnard | 045f094 | 2020-07-02 11:34:02 +0200 | [diff] [blame] | 4410 | void ssl_cf_hmac( int hash ) |
| 4411 | { |
| 4412 | /* |
| 4413 | * Test the function mbedtls_ssl_cf_hmac() against a reference |
| 4414 | * implementation. |
Manuel Pégourié-Gonnard | 045f094 | 2020-07-02 11:34:02 +0200 | [diff] [blame] | 4415 | */ |
| 4416 | mbedtls_md_context_t ctx, ref_ctx; |
| 4417 | const mbedtls_md_info_t *md_info; |
| 4418 | size_t out_len, block_size; |
| 4419 | size_t min_in_len, in_len, max_in_len, i; |
| 4420 | /* TLS additional data is 13 bytes (hence the "lucky 13" name) */ |
| 4421 | unsigned char add_data[13]; |
| 4422 | unsigned char ref_out[MBEDTLS_MD_MAX_SIZE]; |
| 4423 | unsigned char *data = NULL; |
| 4424 | unsigned char *out = NULL; |
| 4425 | unsigned char rec_num = 0; |
| 4426 | |
| 4427 | mbedtls_md_init( &ctx ); |
| 4428 | mbedtls_md_init( &ref_ctx ); |
| 4429 | |
| 4430 | md_info = mbedtls_md_info_from_type( hash ); |
| 4431 | TEST_ASSERT( md_info != NULL ); |
| 4432 | out_len = mbedtls_md_get_size( md_info ); |
| 4433 | TEST_ASSERT( out_len != 0 ); |
| 4434 | block_size = hash == MBEDTLS_MD_SHA384 ? 128 : 64; |
| 4435 | |
| 4436 | /* Use allocated out buffer to catch overwrites */ |
| 4437 | ASSERT_ALLOC( out, out_len ); |
| 4438 | |
| 4439 | /* Set up contexts with the given hash and a dummy key */ |
| 4440 | TEST_EQUAL( 0, mbedtls_md_setup( &ctx, md_info, 1 ) ); |
| 4441 | TEST_EQUAL( 0, mbedtls_md_setup( &ref_ctx, md_info, 1 ) ); |
| 4442 | memset( ref_out, 42, sizeof( ref_out ) ); |
| 4443 | TEST_EQUAL( 0, mbedtls_md_hmac_starts( &ctx, ref_out, out_len ) ); |
| 4444 | TEST_EQUAL( 0, mbedtls_md_hmac_starts( &ref_ctx, ref_out, out_len ) ); |
| 4445 | memset( ref_out, 0, sizeof( ref_out ) ); |
| 4446 | |
| 4447 | /* |
| 4448 | * Test all possible lengths up to a point. The difference between |
| 4449 | * max_in_len and min_in_len is at most 255, and make sure they both vary |
| 4450 | * by at least one block size. |
| 4451 | */ |
| 4452 | for( max_in_len = 0; max_in_len <= 255 + block_size; max_in_len++ ) |
| 4453 | { |
Manuel Pégourié-Gonnard | ca8287c | 2020-07-22 10:29:39 +0200 | [diff] [blame] | 4454 | test_set_step( max_in_len * 10000 ); |
| 4455 | |
Manuel Pégourié-Gonnard | 045f094 | 2020-07-02 11:34:02 +0200 | [diff] [blame] | 4456 | /* Use allocated in buffer to catch overreads */ |
Manuel Pégourié-Gonnard | c321900 | 2020-07-22 10:32:52 +0200 | [diff] [blame] | 4457 | ASSERT_ALLOC( data, max_in_len ); |
Manuel Pégourié-Gonnard | 045f094 | 2020-07-02 11:34:02 +0200 | [diff] [blame] | 4458 | |
| 4459 | min_in_len = max_in_len > 255 ? max_in_len - 255 : 0; |
| 4460 | for( in_len = min_in_len; in_len <= max_in_len; in_len++ ) |
| 4461 | { |
Manuel Pégourié-Gonnard | ca8287c | 2020-07-22 10:29:39 +0200 | [diff] [blame] | 4462 | test_set_step( max_in_len * 10000 + in_len ); |
| 4463 | |
Manuel Pégourié-Gonnard | 045f094 | 2020-07-02 11:34:02 +0200 | [diff] [blame] | 4464 | /* Set up dummy data and add_data */ |
| 4465 | rec_num++; |
| 4466 | memset( add_data, rec_num, sizeof( add_data ) ); |
| 4467 | for( i = 0; i < in_len; i++ ) |
| 4468 | data[i] = ( i & 0xff ) ^ rec_num; |
| 4469 | |
| 4470 | /* Get the function's result */ |
Manuel Pégourié-Gonnard | 9670a59 | 2020-07-10 10:21:46 +0200 | [diff] [blame] | 4471 | TEST_CF_SECRET( &in_len, sizeof( in_len ) ); |
Manuel Pégourié-Gonnard | 045f094 | 2020-07-02 11:34:02 +0200 | [diff] [blame] | 4472 | TEST_EQUAL( 0, mbedtls_ssl_cf_hmac( &ctx, add_data, sizeof( add_data ), |
| 4473 | data, in_len, |
| 4474 | min_in_len, max_in_len, |
| 4475 | out ) ); |
Manuel Pégourié-Gonnard | 9670a59 | 2020-07-10 10:21:46 +0200 | [diff] [blame] | 4476 | TEST_CF_PUBLIC( &in_len, sizeof( in_len ) ); |
| 4477 | TEST_CF_PUBLIC( out, out_len ); |
Manuel Pégourié-Gonnard | 045f094 | 2020-07-02 11:34:02 +0200 | [diff] [blame] | 4478 | |
| 4479 | /* Compute the reference result */ |
| 4480 | TEST_EQUAL( 0, mbedtls_md_hmac_update( &ref_ctx, add_data, |
| 4481 | sizeof( add_data ) ) ); |
| 4482 | TEST_EQUAL( 0, mbedtls_md_hmac_update( &ref_ctx, data, in_len ) ); |
| 4483 | TEST_EQUAL( 0, mbedtls_md_hmac_finish( &ref_ctx, ref_out ) ); |
| 4484 | TEST_EQUAL( 0, mbedtls_md_hmac_reset( &ref_ctx ) ); |
| 4485 | |
| 4486 | /* Compare */ |
| 4487 | ASSERT_COMPARE( out, out_len, ref_out, out_len ); |
| 4488 | } |
| 4489 | |
| 4490 | mbedtls_free( data ); |
| 4491 | data = NULL; |
| 4492 | } |
| 4493 | |
| 4494 | exit: |
| 4495 | mbedtls_md_free( &ref_ctx ); |
| 4496 | mbedtls_md_free( &ctx ); |
| 4497 | |
| 4498 | mbedtls_free( data ); |
| 4499 | mbedtls_free( out ); |
| 4500 | } |
| 4501 | /* END_CASE */ |
Manuel Pégourié-Gonnard | 7fe2c5f | 2020-08-18 12:02:54 +0200 | [diff] [blame] | 4502 | |
| 4503 | /* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ |
| 4504 | void ssl_cf_memcpy_offset( int offset_min, int offset_max, int len ) |
| 4505 | { |
| 4506 | unsigned char *dst = NULL; |
| 4507 | unsigned char *src = NULL; |
| 4508 | size_t src_len = offset_max + len; |
| 4509 | size_t secret; |
| 4510 | |
| 4511 | ASSERT_ALLOC( dst, len ); |
| 4512 | ASSERT_ALLOC( src, src_len ); |
| 4513 | |
| 4514 | /* Fill src in a way that we can detect if we copied the right bytes */ |
| 4515 | mbedtls_test_rnd_std_rand( NULL, src, src_len ); |
| 4516 | |
| 4517 | for( secret = offset_min; secret <= (size_t) offset_max; secret++ ) |
| 4518 | { |
| 4519 | test_set_step( (int) secret ); |
| 4520 | |
| 4521 | TEST_CF_SECRET( &secret, sizeof( secret ) ); |
| 4522 | mbedtls_ssl_cf_memcpy_offset( dst, src, secret, |
| 4523 | offset_min, offset_max, len ); |
| 4524 | TEST_CF_PUBLIC( &secret, sizeof( secret ) ); |
| 4525 | TEST_CF_PUBLIC( dst, len ); |
| 4526 | |
| 4527 | ASSERT_COMPARE( dst, len, src + secret, len ); |
| 4528 | } |
| 4529 | |
| 4530 | exit: |
| 4531 | mbedtls_free( dst ); |
| 4532 | mbedtls_free( src ); |
| 4533 | } |
| 4534 | /* END_CASE */ |