TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 13719cdae493c3f65e8960be683cb10938d98a1f / . / tests / suites / test_suite_ssl.function
blob: 76f2edca4bb595c3738c9d2c7f77748ab3a40c2b [file] [log] [blame]
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include <mbedtls/ssl.h>
Manuel Pégourié-Gonnard5e94dde2015-05-26 11:57:05 +0200[diff] [blame]3#include <mbedtls/ssl_internal.h>
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]4
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]5
6/*
7 * Buffer structure for custom I/O callbacks.
8 */
9
10typedef struct mbedtls_test_buffer
11{
12 size_t start;
13 size_t content_length;
14 size_t capacity;
15 unsigned char *buffer;
16} mbedtls_test_buffer;
17
18/*
19 * Initialises \p buf. After calling this function it is safe to call
20 * `mbedtls_test_buffer_free()` on \p buf.
21 */
22void mbedtls_test_buffer_init( mbedtls_test_buffer *buf )
23{
24 memset( buf, 0, sizeof( *buf ) );
25}
26
27/*
28 * Sets up \p buf. After calling this function it is safe to call
29 * `mbedtls_test_buffer_put()` and `mbedtls_test_buffer_get()` on \p buf.
30 */
31int mbedtls_test_buffer_setup( mbedtls_test_buffer *buf, size_t capacity )
32{
33 buf->buffer = (unsigned char*) mbedtls_calloc( capacity,
34 sizeof(unsigned char) );
35 if( NULL == buf->buffer )
36 return MBEDTLS_ERR_SSL_ALLOC_FAILED;
37 buf->capacity = capacity;
38
39 return 0;
40}
41
42void mbedtls_test_buffer_free( mbedtls_test_buffer *buf )
43{
44 if( buf->buffer != NULL )
45 mbedtls_free( buf->buffer );
46
47 memset( buf, 0, sizeof( *buf ) );
48}
49
50/*
51 * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf.
52 *
53 * \p buf must have been initialized and set up by calling
54 * `mbedtls_test_buffer_init()` and `mbedtls_test_buffer_setup()`.
55 *
56 * \retval \p input_len, if the data fits.
57 * \retval 0 <= value < \p input_len, if the data does not fit.
58 * \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not
59 * zero and \p input is NULL.
60 */
61int mbedtls_test_buffer_put( mbedtls_test_buffer *buf,
62 const unsigned char* input, size_t input_len )
63{
64 size_t overflow = 0;
65
66 if( ( buf == NULL ) || ( buf->buffer == NULL ) )
67 return -1;
68
69 /* Reduce input_len to a number that fits in the buffer. */
70 if ( ( buf->content_length + input_len ) > buf->capacity )
71 {
72 input_len = buf->capacity - buf->content_length;
73 }
74
75 if( input == NULL )
76 {
77 return ( input_len == 0 ) ? 0 : -1;
78 }
79
80 /* Calculate the number of bytes that need to be placed at lower memory
81 * address */
82 if( buf->start + buf->content_length + input_len
83 > buf->capacity )
84 {
85 overflow = ( buf->start + buf->content_length + input_len )
86 % buf->capacity;
87 }
88
89 memcpy( buf->buffer + buf->start + buf->content_length, input,
90 input_len - overflow );
91 memcpy( buf->buffer, input + input_len - overflow, overflow );
92 buf->content_length += input_len;
93
94 return input_len;
95}
96
97/*
Andrzej Kurekf7774142020-01-22 06:34:59 -0500[diff] [blame]98 * Gets \p output_len bytes from the ring buffer \p buf into the
99 * \p output buffer. The output buffer can be NULL, in this case a part of the
100 * ring buffer will be dropped, if the requested length is available.
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]101 *
102 * \p buf must have been initialized and set up by calling
103 * `mbedtls_test_buffer_init()` and `mbedtls_test_buffer_setup()`.
104 *
105 * \retval \p output_len, if the data is available.
106 * \retval 0 <= value < \p output_len, if the data is not available.
Andrzej Kurekf7774142020-01-22 06:34:59 -0500[diff] [blame]107 * \retval -1, if \buf is NULL or it hasn't been set up.
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]108 */
109int mbedtls_test_buffer_get( mbedtls_test_buffer *buf,
110 unsigned char* output, size_t output_len )
111{
112 size_t overflow = 0;
113
114 if( ( buf == NULL ) || ( buf->buffer == NULL ) )
115 return -1;
116
Andrzej Kurekf7774142020-01-22 06:34:59 -0500[diff] [blame]117 if( output == NULL && output_len == 0 )
118 return 0;
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]119
120 if( buf->content_length < output_len )
121 output_len = buf->content_length;
122
123 /* Calculate the number of bytes that need to be drawn from lower memory
124 * address */
125 if( buf->start + output_len > buf->capacity )
126 {
127 overflow = ( buf->start + output_len ) % buf->capacity;
128 }
129
Andrzej Kurekf7774142020-01-22 06:34:59 -0500[diff] [blame]130 if( output != NULL )
131 {
132 memcpy( output, buf->buffer + buf->start, output_len - overflow );
133 memcpy( output + output_len - overflow, buf->buffer, overflow );
134 }
135
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]136 buf->content_length -= output_len;
137 buf->start = ( buf->start + output_len ) % buf->capacity;
138
139 return output_len;
140}
141
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]142/*
Andrzej Kurek13719cd2020-01-22 06:36:39 -0500[diff] [blame^]143 * Errors used in the message transport mock tests
144 */
145 #define MBEDTLS_TEST_ERROR_ARG_NULL -11
146 #define MBEDTLS_TEST_ERROR_QUEUE_FULL -22
147 #define MBEDTLS_TEST_ERROR_QUEUE_EMPTY -33
148 #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44
149
150/*
151 * Context for a message metadata queue (fifo) that is on top of the ring buffer.
152 */
153typedef struct mbedtls_test_message_queue
154{
155 size_t *messages;
156 int pos;
157 int num;
158 int capacity;
159} mbedtls_test_message_queue;
160
161/*
162 * Setup and free functions for the message metadata queue.
163 *
164 * \p capacity describes the number of message metadata chunks that can be held
165 * within the queue.
166 *
167 * \retval 0, if a metadata queue of a given length can be allocated.
168 * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed.
169 */
170int mbedtls_test_message_queue_setup( mbedtls_test_message_queue *queue,
171 size_t capacity )
172{
173 queue->messages = (size_t*) mbedtls_calloc( capacity, sizeof(size_t) );
174 if( NULL == queue->messages )
175 return MBEDTLS_ERR_SSL_ALLOC_FAILED;
176
177 queue->capacity = capacity;
178 queue->pos = 0;
179 queue->num = 0;
180
181 return 0;
182}
183
184void mbedtls_test_message_queue_free( mbedtls_test_message_queue *queue )
185{
186 if( queue == NULL )
187 return;
188
189 if( queue->messages != NULL )
190 mbedtls_free( queue->messages );
191
192 memset( queue, 0, sizeof( *queue ) );
193}
194
195/*
196 * Push message length information onto the message metadata queue.
197 * This will become the last element to leave it (fifo).
198 *
199 * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
200 * \retval MBEDTLS_TEST_ERROR_QUEUE_FULL, if the queue is full.
201 * \retval \p len, if the push was successful.
202 */
203int mbedtls_test_message_queue_push_info( mbedtls_test_message_queue *queue,
204 size_t len )
205{
206 int place;
207 if( queue == NULL )
208 return MBEDTLS_TEST_ERROR_ARG_NULL;
209
210 if( queue->num >= queue->capacity )
211 return MBEDTLS_TEST_ERROR_QUEUE_FULL;
212
213 place = ( queue->pos + queue->num ) % queue->capacity;
214 queue->messages[place] = len;
215 queue->num++;
216 return len;
217}
218
219/*
220 * Pop information about the next message length from the queue. This will be
221 * the oldest inserted message length(fifo). \p msg_len can be null, in which
222 * case the data will be popped from the queue but not copied anywhere.
223 *
224 * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
225 * \retval MBEDTLS_TEST_ERROR_QUEUE_EMPTY, if the queue is empty.
226 * \retval message length, if the pop was successful, up to the given
227 \p buf_len.
228 */
229int mbedtls_test_message_queue_pop_info( mbedtls_test_message_queue *queue,
230 size_t buf_len )
231{
232 size_t message_length;
233 if( queue == NULL )
234 return MBEDTLS_TEST_ERROR_ARG_NULL;
235 if( queue->num == 0 )
236 return MBEDTLS_TEST_ERROR_QUEUE_EMPTY;
237
238 message_length = queue->messages[queue->pos];
239 queue->messages[queue->pos] = 0;
240 queue->num--;
241 queue->pos++;
242 queue->pos %= queue->capacity;
243 if( queue->pos < 0 )
244 queue->pos += queue->capacity;
245
246 return ( message_length > buf_len ) ? buf_len : message_length;
247}
248
249/*
250 * Take a peek on the info about the next message length from the queue.
251 * This will be the oldest inserted message length(fifo).
252 *
253 * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null.
254 * \retval MBEDTLS_TEST_ERROR_QUEUE_EMPTY, if the queue is empty.
255 * \retval 0, if the peek was successful.
256 * \retval MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is
257 * too small to fit the message. In this case the \p msg_len will be
258 * set to the full message length so that the
259 * caller knows what portion of the message can be dropped.
260 */
261int mbedtls_test_message_queue_peek_info( mbedtls_test_message_queue *queue,
262 size_t buf_len, size_t* msg_len )
263{
264 if( queue == NULL || msg_len == NULL )
265 return MBEDTLS_TEST_ERROR_ARG_NULL;
266 if( queue->num == 0 )
267 return MBEDTLS_TEST_ERROR_QUEUE_EMPTY;
268
269 *msg_len = queue->messages[queue->pos];
270 return ( *msg_len > buf_len ) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0;
271}
272/*
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]273 * Context for the I/O callbacks simulating network connection.
274 */
275
276#define MBEDTLS_MOCK_SOCKET_CONNECTED 1
277
278typedef struct mbedtls_mock_socket
279{
280 int status;
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]281 uint32_t blocking_pattern;
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]282 mbedtls_test_buffer *input;
283 mbedtls_test_buffer *output;
284 struct mbedtls_mock_socket *peer;
285} mbedtls_mock_socket;
286
287/*
288 * Setup and teardown functions for mock sockets.
289 */
290void mbedtls_mock_socket_init( mbedtls_mock_socket *socket )
291{
292 memset( socket, 0, sizeof( *socket ) );
293}
294
295/*
296 * Closes the socket \p socket.
297 *
298 * \p socket must have been previously initialized by calling
299 * mbedtls_mock_socket_init().
300 *
301 * This function frees all allocated resources and both sockets are aware of the
302 * new connection state.
303 *
304 * That is, this function does not simulate half-open TCP connections and the
305 * phenomenon that when closing a UDP connection the peer is not aware of the
306 * connection having been closed.
307 */
308void mbedtls_mock_socket_close( mbedtls_mock_socket* socket )
309{
310 if( socket == NULL )
311 return;
312
313 if( socket->input != NULL )
314 {
315 mbedtls_test_buffer_free( socket->input );
316 mbedtls_free( socket->input );
317 }
318
319 if( socket->output != NULL )
320 {
321 mbedtls_test_buffer_free( socket->output );
322 mbedtls_free( socket->output );
323 }
324
325 if( socket->peer != NULL )
326 memset( socket->peer, 0, sizeof( *socket->peer ) );
327
328 memset( socket, 0, sizeof( *socket ) );
329}
330
331/*
332 * Establishes a connection between \p peer1 and \p peer2.
333 *
334 * \p peer1 and \p peer2 must have been previously initialized by calling
335 * mbedtls_mock_socket_init().
336 *
337 * The capacites of the internal buffers are set to \p bufsize. Setting this to
338 * the correct value allows for simulation of MTU, sanity testing the mock
339 * implementation and mocking TCP connections with lower memory cost.
340 */
341int mbedtls_mock_socket_connect( mbedtls_mock_socket* peer1,
342 mbedtls_mock_socket* peer2,
343 size_t bufsize )
344{
345 int ret = -1;
346
347 peer1->input = peer2->output =
348 (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof(mbedtls_test_buffer) );
349 if( peer1->input == NULL )
350 {
351 ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
352 goto exit;
353 }
354 mbedtls_test_buffer_init( peer1->input );
355 if( 0 != ( ret = mbedtls_test_buffer_setup( peer1->input, bufsize ) ) )
356 {
357 goto exit;
358 }
359
360 peer1->output = peer2->input =
361 (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof(mbedtls_test_buffer) );
362 if( peer1->output == NULL )
363 {
364 ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
365 goto exit;
366 }
367 mbedtls_test_buffer_init( peer1->output );
368 if( 0 != ( ret = mbedtls_test_buffer_setup( peer1->output, bufsize ) ) )
369 {
370 goto exit;
371 }
372
373 peer1->peer = peer2;
374 peer2->peer = peer1;
375
376 peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED;
377 ret = 0;
378
379exit:
380
381 if( ret != 0 )
382 {
383 mbedtls_mock_socket_close( peer1 );
384 mbedtls_mock_socket_close( peer2 );
385 }
386
387 return ret;
388}
389
390/*
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]391 * Set the blocking pattern for the socket.
392 *
393 * For every bit of \p blocking_pattern set to one the socket will simulate a
394 * "would block" event. The bits are processed starting with the least
395 * significant bit and every call to a non-blocking I/O function consumes one.
396 *
397 * The behaviour of blocking I/O functions remains unchanged.
398 */
399int mbedtls_mock_socket_set_block( mbedtls_mock_socket* socket,
400 uint32_t blocking_pattern )
401{
402 if( socket == NULL )
403 return -1;
404
405 socket->blocking_pattern = blocking_pattern;
406
407 return 0;
408}
409
410/*
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]411 * Callbacks for simulating blocking I/O over connection-oriented transport.
412 */
413
414int mbedtls_mock_tcp_send_b( void *ctx, const unsigned char *buf, size_t len )
415{
416 mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx;
417
418 if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED )
419 return -1;
420
421 return mbedtls_test_buffer_put( socket->output, buf, len );
422}
423
424int mbedtls_mock_tcp_recv_b( void *ctx, unsigned char *buf, size_t len )
425{
426 mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx;
427
428 if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED )
429 return -1;
430
431 return mbedtls_test_buffer_get( socket->input, buf, len );
432}
433
434/*
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]435 * Callbacks for simulating non-blocking I/O over connection-oriented transport.
436 */
437
438int mbedtls_mock_tcp_send_nb( void *ctx, const unsigned char *buf, size_t len )
439{
440 mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx;
441
442 if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED )
443 return -1;
444
445 if( socket->blocking_pattern & 1 )
446 {
447 socket->blocking_pattern >>= 1;
448 return MBEDTLS_ERR_SSL_WANT_WRITE;
449 }
450
451 socket->blocking_pattern >>= 1;
452
453 return mbedtls_test_buffer_put( socket->output, buf, len );
454}
455
456int mbedtls_mock_tcp_recv_nb( void *ctx, unsigned char *buf, size_t len )
457{
458 mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx;
459
460 if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED )
461 return -1;
462
463 if( socket->blocking_pattern & 1 )
464 {
465 socket->blocking_pattern >>= 1;
466 return MBEDTLS_ERR_SSL_WANT_READ;
467 }
468
469 socket->blocking_pattern >>= 1;
470
471 return mbedtls_test_buffer_get( socket->input, buf, len );
472}
473
474/*
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]475 * Helper function setting up inverse record transformations
476 * using given cipher, hash, EtM mode, authentication tag length,
477 * and version.
478 */
479
480#define CHK( x ) \
481 do \
482 { \
483 if( !( x ) ) \
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]484 { \
Hanno Beckera5780f12019-04-05 09:55:37 +0100[diff] [blame]485 ret = -1; \
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]486 goto cleanup; \
487 } \
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]488 } while( 0 )
489
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]490#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
491#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX
492#else
493#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX
494#endif
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]495
496static int build_transforms( mbedtls_ssl_transform *t_in,
497 mbedtls_ssl_transform *t_out,
498 int cipher_type, int hash_id,
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]499 int etm, int tag_mode, int ver,
500 size_t cid0_len,
501 size_t cid1_len )
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]502{
503 mbedtls_cipher_info_t const *cipher_info;
Hanno Beckera5780f12019-04-05 09:55:37 +0100[diff] [blame]504 int ret = 0;
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]505
506 size_t keylen, maclen, ivlen;
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]507 unsigned char *key0 = NULL, *key1 = NULL;
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]508 unsigned char iv_enc[16], iv_dec[16];
509
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]510#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]511 unsigned char cid0[ SSL_CID_LEN_MIN ];
512 unsigned char cid1[ SSL_CID_LEN_MIN ];
513
514 rnd_std_rand( NULL, cid0, sizeof( cid0 ) );
515 rnd_std_rand( NULL, cid1, sizeof( cid1 ) );
Hanno Becker43c24b82019-05-01 09:45:57 +0100[diff] [blame]516#else
517 ((void) cid0_len);
518 ((void) cid1_len);
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]519#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]520
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]521 maclen = 0;
522
523 /* Pick cipher */
524 cipher_info = mbedtls_cipher_info_from_type( cipher_type );
525 CHK( cipher_info != NULL );
526 CHK( cipher_info->iv_size <= 16 );
527 CHK( cipher_info->key_bitlen % 8 == 0 );
528
529 /* Pick keys */
530 keylen = cipher_info->key_bitlen / 8;
Hanno Becker78d1f702019-04-05 09:56:10 +0100[diff] [blame]531 /* Allocate `keylen + 1` bytes to ensure that we get
532 * a non-NULL pointers from `mbedtls_calloc` even if
533 * `keylen == 0` in the case of the NULL cipher. */
534 CHK( ( key0 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL );
535 CHK( ( key1 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]536 memset( key0, 0x1, keylen );
537 memset( key1, 0x2, keylen );
538
539 /* Setup cipher contexts */
540 CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_enc, cipher_info ) == 0 );
541 CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_dec, cipher_info ) == 0 );
542 CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_enc, cipher_info ) == 0 );
543 CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_dec, cipher_info ) == 0 );
544
545#if defined(MBEDTLS_CIPHER_MODE_CBC)
546 if( cipher_info->mode == MBEDTLS_MODE_CBC )
547 {
548 CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_enc,
549 MBEDTLS_PADDING_NONE ) == 0 );
550 CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_dec,
551 MBEDTLS_PADDING_NONE ) == 0 );
552 CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_enc,
553 MBEDTLS_PADDING_NONE ) == 0 );
554 CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_dec,
555 MBEDTLS_PADDING_NONE ) == 0 );
556 }
557#endif /* MBEDTLS_CIPHER_MODE_CBC */
558
559 CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_enc, key0,
560 keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
561 CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_dec, key1,
562 keylen << 3, MBEDTLS_DECRYPT ) == 0 );
563 CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_enc, key1,
564 keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
565 CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_dec, key0,
566 keylen << 3, MBEDTLS_DECRYPT ) == 0 );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]567
568 /* Setup MAC contexts */
569#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
570 if( cipher_info->mode == MBEDTLS_MODE_CBC ||
571 cipher_info->mode == MBEDTLS_MODE_STREAM )
572 {
573 mbedtls_md_info_t const *md_info;
574 unsigned char *md0, *md1;
575
576 /* Pick hash */
577 md_info = mbedtls_md_info_from_type( hash_id );
578 CHK( md_info != NULL );
579
580 /* Pick hash keys */
581 maclen = mbedtls_md_get_size( md_info );
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]582 CHK( ( md0 = mbedtls_calloc( 1, maclen ) ) != NULL );
583 CHK( ( md1 = mbedtls_calloc( 1, maclen ) ) != NULL );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]584 memset( md0, 0x5, maclen );
585 memset( md1, 0x6, maclen );
586
587 CHK( mbedtls_md_setup( &t_out->md_ctx_enc, md_info, 1 ) == 0 );
588 CHK( mbedtls_md_setup( &t_out->md_ctx_dec, md_info, 1 ) == 0 );
589 CHK( mbedtls_md_setup( &t_in->md_ctx_enc, md_info, 1 ) == 0 );
590 CHK( mbedtls_md_setup( &t_in->md_ctx_dec, md_info, 1 ) == 0 );
591
592 if( ver > MBEDTLS_SSL_MINOR_VERSION_0 )
593 {
594 CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_enc,
595 md0, maclen ) == 0 );
596 CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_dec,
597 md1, maclen ) == 0 );
598 CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_enc,
599 md1, maclen ) == 0 );
600 CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_dec,
601 md0, maclen ) == 0 );
602 }
603#if defined(MBEDTLS_SSL_PROTO_SSL3)
604 else
605 {
606 memcpy( &t_in->mac_enc, md0, maclen );
607 memcpy( &t_in->mac_dec, md1, maclen );
608 memcpy( &t_out->mac_enc, md1, maclen );
609 memcpy( &t_out->mac_dec, md0, maclen );
610 }
611#endif
612
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]613 mbedtls_free( md0 );
614 mbedtls_free( md1 );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]615 }
616#else
617 ((void) hash_id);
618#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
619
620
621 /* Pick IV's (regardless of whether they
622 * are being used by the transform). */
623 ivlen = cipher_info->iv_size;
624 memset( iv_enc, 0x3, sizeof( iv_enc ) );
625 memset( iv_dec, 0x4, sizeof( iv_dec ) );
626
627 /*
628 * Setup transforms
629 */
630
Jaeden Amero2de07f12019-06-05 13:32:08 +0100[diff] [blame]631#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
632 defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]633 t_out->encrypt_then_mac = etm;
634 t_in->encrypt_then_mac = etm;
635#else
636 ((void) etm);
637#endif
638
639 t_out->minor_ver = ver;
640 t_in->minor_ver = ver;
641 t_out->ivlen = ivlen;
642 t_in->ivlen = ivlen;
643
644 switch( cipher_info->mode )
645 {
646 case MBEDTLS_MODE_GCM:
647 case MBEDTLS_MODE_CCM:
648 t_out->fixed_ivlen = 4;
649 t_in->fixed_ivlen = 4;
650 t_out->maclen = 0;
651 t_in->maclen = 0;
652 switch( tag_mode )
653 {
654 case 0: /* Full tag */
655 t_out->taglen = 16;
656 t_in->taglen = 16;
657 break;
658 case 1: /* Partial tag */
659 t_out->taglen = 8;
660 t_in->taglen = 8;
661 break;
662 default:
663 return( 1 );
664 }
665 break;
666
667 case MBEDTLS_MODE_CHACHAPOLY:
668 t_out->fixed_ivlen = 12;
669 t_in->fixed_ivlen = 12;
670 t_out->maclen = 0;
671 t_in->maclen = 0;
672 switch( tag_mode )
673 {
674 case 0: /* Full tag */
675 t_out->taglen = 16;
676 t_in->taglen = 16;
677 break;
678 case 1: /* Partial tag */
679 t_out->taglen = 8;
680 t_in->taglen = 8;
681 break;
682 default:
683 return( 1 );
684 }
685 break;
686
687 case MBEDTLS_MODE_STREAM:
688 case MBEDTLS_MODE_CBC:
689 t_out->fixed_ivlen = 0; /* redundant, must be 0 */
690 t_in->fixed_ivlen = 0; /* redundant, must be 0 */
691 t_out->taglen = 0;
692 t_in->taglen = 0;
693 switch( tag_mode )
694 {
695 case 0: /* Full tag */
696 t_out->maclen = maclen;
697 t_in->maclen = maclen;
698 break;
699 case 1: /* Partial tag */
700 t_out->maclen = 10;
701 t_in->maclen = 10;
702 break;
703 default:
704 return( 1 );
705 }
706 break;
707 default:
708 return( 1 );
709 break;
710 }
711
712 /* Setup IV's */
713
714 memcpy( &t_in->iv_dec, iv_dec, sizeof( iv_dec ) );
715 memcpy( &t_in->iv_enc, iv_enc, sizeof( iv_enc ) );
716 memcpy( &t_out->iv_dec, iv_enc, sizeof( iv_enc ) );
717 memcpy( &t_out->iv_enc, iv_dec, sizeof( iv_dec ) );
718
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]719#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]720 /* Add CID */
721 memcpy( &t_in->in_cid, cid0, cid0_len );
722 memcpy( &t_in->out_cid, cid1, cid1_len );
723 t_in->in_cid_len = cid0_len;
724 t_in->out_cid_len = cid1_len;
725 memcpy( &t_out->in_cid, cid1, cid1_len );
726 memcpy( &t_out->out_cid, cid0, cid0_len );
727 t_out->in_cid_len = cid1_len;
728 t_out->out_cid_len = cid0_len;
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]729#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]730
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]731cleanup:
732
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]733 mbedtls_free( key0 );
734 mbedtls_free( key1 );
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]735
Hanno Beckera5780f12019-04-05 09:55:37 +0100[diff] [blame]736 return( ret );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]737}
738
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]739/*
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]740 * Populate a session structure for serialization tests.
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]741 * Choose dummy values, mostly non-0 to distinguish from the init default.
742 */
743static int ssl_populate_session( mbedtls_ssl_session *session,
Manuel Pégourié-Gonnard220403b2019-05-24 09:54:21 +0200[diff] [blame]744 int ticket_len,
745 const char *crt_file )
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]746{
747#if defined(MBEDTLS_HAVE_TIME)
748 session->start = mbedtls_time( NULL ) - 42;
749#endif
750 session->ciphersuite = 0xabcd;
751 session->compression = 1;
752 session->id_len = sizeof( session->id );
753 memset( session->id, 66, session->id_len );
Manuel Pégourié-Gonnard220403b2019-05-24 09:54:21 +0200[diff] [blame]754 memset( session->master, 17, sizeof( session->master ) );
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]755
Manuel Pégourié-Gonnard1f6033a2019-05-24 10:17:52 +0200[diff] [blame]756#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_FS_IO)
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]757 if( strlen( crt_file ) != 0 )
758 {
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]759 mbedtls_x509_crt tmp_crt;
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]760 int ret;
Manuel Pégourié-Gonnard6b840702019-05-24 09:40:17 +0200[diff] [blame]761
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]762 mbedtls_x509_crt_init( &tmp_crt );
763 ret = mbedtls_x509_crt_parse_file( &tmp_crt, crt_file );
764 if( ret != 0 )
765 return( ret );
766
767#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
768 /* Move temporary CRT. */
Manuel Pégourié-Gonnard6b840702019-05-24 09:40:17 +0200[diff] [blame]769 session->peer_cert = mbedtls_calloc( 1, sizeof( *session->peer_cert ) );
770 if( session->peer_cert == NULL )
771 return( -1 );
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]772 *session->peer_cert = tmp_crt;
773 memset( &tmp_crt, 0, sizeof( tmp_crt ) );
774#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
775 /* Calculate digest of temporary CRT. */
776 session->peer_cert_digest =
777 mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN );
778 if( session->peer_cert_digest == NULL )
779 return( -1 );
780 ret = mbedtls_md( mbedtls_md_info_from_type(
781 MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ),
782 tmp_crt.raw.p, tmp_crt.raw.len,
783 session->peer_cert_digest );
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]784 if( ret != 0 )
785 return( ret );
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]786 session->peer_cert_digest_type =
787 MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE;
788 session->peer_cert_digest_len =
789 MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN;
790#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
791
792 mbedtls_x509_crt_free( &tmp_crt );
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]793 }
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]794#else /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]795 (void) crt_file;
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]796#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]797 session->verify_result = 0xdeadbeef;
798
799#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
800 if( ticket_len != 0 )
801 {
802 session->ticket = mbedtls_calloc( 1, ticket_len );
Manuel Pégourié-Gonnard220403b2019-05-24 09:54:21 +0200[diff] [blame]803 if( session->ticket == NULL )
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]804 return( -1 );
805 memset( session->ticket, 33, ticket_len );
806 }
807 session->ticket_len = ticket_len;
808 session->ticket_lifetime = 86401;
809#else
810 (void) ticket_len;
811#endif
812
813#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
814 session->mfl_code = 1;
815#endif
816#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
817 session->trunc_hmac = 1;
818#endif
819#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
820 session->encrypt_then_mac = 1;
821#endif
822
823 return( 0 );
824}
825
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]826/* END_HEADER */
827
828/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]829 * depends_on:MBEDTLS_SSL_TLS_C
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]830 * END_DEPENDENCIES
831 */
832
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]833/* BEGIN_CASE */
834void test_callback_buffer_sanity()
835{
836 enum { MSGLEN = 10 };
837 mbedtls_test_buffer buf;
838 unsigned char input[MSGLEN];
839 unsigned char output[MSGLEN];
840
841 memset( input, 0, sizeof(input) );
842
843 /* Make sure calling put and get on NULL buffer results in error. */
844 TEST_ASSERT( mbedtls_test_buffer_put( NULL, input, sizeof( input ) )
845 == -1 );
846 TEST_ASSERT( mbedtls_test_buffer_get( NULL, output, sizeof( output ) )
847 == -1 );
848 TEST_ASSERT( mbedtls_test_buffer_put( NULL, NULL, sizeof( input ) ) == -1 );
Andrzej Kurekf7774142020-01-22 06:34:59 -0500[diff] [blame]849
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]850 TEST_ASSERT( mbedtls_test_buffer_put( NULL, NULL, 0 ) == -1 );
851 TEST_ASSERT( mbedtls_test_buffer_get( NULL, NULL, 0 ) == -1 );
852
853 /* Make sure calling put and get on a buffer that hasn't been set up results
854 * in eror. */
855 mbedtls_test_buffer_init( &buf );
856
857 TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, sizeof( input ) ) == -1 );
858 TEST_ASSERT( mbedtls_test_buffer_get( &buf, output, sizeof( output ) )
859 == -1 );
860 TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, sizeof( input ) ) == -1 );
Andrzej Kurekf7774142020-01-22 06:34:59 -0500[diff] [blame]861
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]862 TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, 0 ) == -1 );
863 TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, 0 ) == -1 );
864
Andrzej Kurekf7774142020-01-22 06:34:59 -0500[diff] [blame]865 /* Make sure calling put and get on NULL input only results in
866 * error if the length is not zero, and that a NULL output is valid for data
867 * dropping.
868 */
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]869
870 TEST_ASSERT( mbedtls_test_buffer_setup( &buf, sizeof( input ) ) == 0 );
871
872 TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, sizeof( input ) ) == -1 );
873 TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, sizeof( output ) )
Andrzej Kurekf7774142020-01-22 06:34:59 -0500[diff] [blame]874 == 0 );
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]875 TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, 0 ) == 0 );
876 TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, 0 ) == 0 );
877
878exit:
879
880 mbedtls_test_buffer_free( &buf );
881}
882/* END_CASE */
883
884/*
885 * Test if the implementation of `mbedtls_test_buffer` related functions is
886 * correct and works as expected.
887 *
888 * That is
889 * - If we try to put in \p put1 bytes then we can put in \p put1_ret bytes.
890 * - Afterwards if we try to get \p get1 bytes then we can get \get1_ret bytes.
891 * - Next, if we try to put in \p put1 bytes then we can put in \p put1_ret
892 * bytes.
893 * - Afterwards if we try to get \p get1 bytes then we can get \get1_ret bytes.
894 * - All of the bytes we got match the bytes we put in in a FIFO manner.
895 */
896
897/* BEGIN_CASE */
898void test_callback_buffer( int size, int put1, int put1_ret,
899 int get1, int get1_ret, int put2, int put2_ret,
900 int get2, int get2_ret )
901{
902 enum { ROUNDS = 2 };
903 size_t put[ROUNDS];
904 int put_ret[ROUNDS];
905 size_t get[ROUNDS];
906 int get_ret[ROUNDS];
907 mbedtls_test_buffer buf;
908 unsigned char* input = NULL;
909 size_t input_len;
910 unsigned char* output = NULL;
911 size_t output_len;
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]912 size_t i, j, written, read;
Janos Follath6264e662019-11-26 11:11:15 +0000[diff] [blame]913
914 mbedtls_test_buffer_init( &buf );
915 TEST_ASSERT( mbedtls_test_buffer_setup( &buf, size ) == 0 );
916
917 /* Check the sanity of input parameters and initialise local variables. That
918 * is, ensure that the amount of data is not negative and that we are not
919 * expecting more to put or get than we actually asked for. */
920 TEST_ASSERT( put1 >= 0 );
921 put[0] = put1;
922 put_ret[0] = put1_ret;
923 TEST_ASSERT( put1_ret <= put1 );
924 TEST_ASSERT( put2 >= 0 );
925 put[1] = put2;
926 put_ret[1] = put2_ret;
927 TEST_ASSERT( put2_ret <= put2 );
928
929 TEST_ASSERT( get1 >= 0 );
930 get[0] = get1;
931 get_ret[0] = get1_ret;
932 TEST_ASSERT( get1_ret <= get1 );
933 TEST_ASSERT( get2 >= 0 );
934 get[1] = get2;
935 get_ret[1] = get2_ret;
936 TEST_ASSERT( get2_ret <= get2 );
937
938 input_len = 0;
939 /* Calculate actual input and output lengths */
940 for( j = 0; j < ROUNDS; j++ )
941 {
942 if( put_ret[j] > 0 )
943 {
944 input_len += put_ret[j];
945 }
946 }
947 /* In order to always have a valid pointer we always allocate at least 1
948 * byte. */
949 if( input_len == 0 )
950 input_len = 1;
951 ASSERT_ALLOC( input, input_len );
952
953 output_len = 0;
954 for( j = 0; j < ROUNDS; j++ )
955 {
956 if( get_ret[j] > 0 )
957 {
958 output_len += get_ret[j];
959 }
960 }
961 TEST_ASSERT( output_len <= input_len );
962 /* In order to always have a valid pointer we always allocate at least 1
963 * byte. */
964 if( output_len == 0 )
965 output_len = 1;
966 ASSERT_ALLOC( output, output_len );
967
968 /* Fill up the buffer with structured data so that unwanted changes
969 * can be detected */
970 for( i = 0; i < input_len; i++ )
971 {
972 input[i] = i & 0xFF;
973 }
974
975 written = read = 0;
976 for( j = 0; j < ROUNDS; j++ )
977 {
978 TEST_ASSERT( put_ret[j] == mbedtls_test_buffer_put( &buf,
979 input + written, put[j] ) );
980 written += put_ret[j];
981 TEST_ASSERT( get_ret[j] == mbedtls_test_buffer_get( &buf,
982 output + read, get[j] ) );
983 read += get_ret[j];
984 TEST_ASSERT( read <= written );
985 if( get_ret[j] > 0 )
986 {
987 TEST_ASSERT( memcmp( output + read - get_ret[j],
988 input + read - get_ret[j], get_ret[j] )
989 == 0 );
990 }
991 }
992
993exit:
994
995 mbedtls_free( input );
996 mbedtls_free( output );
997 mbedtls_test_buffer_free( &buf );
998}
999/* END_CASE */
1000
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1001/*
Janos Follathc673c2c2019-12-02 15:47:26 +0000[diff] [blame]1002 * Test if the implementation of `mbedtls_mock_socket` related I/O functions is
1003 * correct and works as expected on unconnected sockets.
1004 */
1005
1006/* BEGIN_CASE */
1007void ssl_mock_sanity( )
1008{
1009 enum { MSGLEN = 105 };
1010 unsigned char message[MSGLEN];
1011 unsigned char received[MSGLEN];
1012 mbedtls_mock_socket socket;
1013
1014 mbedtls_mock_socket_init( &socket );
1015 TEST_ASSERT( mbedtls_mock_tcp_send_b( &socket, message, MSGLEN ) < 0 );
1016 mbedtls_mock_socket_close( &socket );
1017 mbedtls_mock_socket_init( &socket );
1018 TEST_ASSERT( mbedtls_mock_tcp_recv_b( &socket, received, MSGLEN ) < 0 );
1019 mbedtls_mock_socket_close( &socket );
1020
1021 mbedtls_mock_socket_init( &socket );
1022 TEST_ASSERT( mbedtls_mock_tcp_send_nb( &socket, message, MSGLEN ) < 0 );
1023 mbedtls_mock_socket_close( &socket );
1024 mbedtls_mock_socket_init( &socket );
1025 TEST_ASSERT( mbedtls_mock_tcp_recv_nb( &socket, received, MSGLEN ) < 0 );
1026 mbedtls_mock_socket_close( &socket );
1027
1028exit:
1029
1030 mbedtls_mock_socket_close( &socket );
1031}
1032/* END_CASE */
1033
1034/*
1035 * Test if the implementation of `mbedtls_mock_socket` related functions can
1036 * send a single message from the client to the server.
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1037 */
1038
1039/* BEGIN_CASE */
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1040void ssl_mock_tcp( int blocking, int client_pattern, int server_pattern )
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1041{
Janos Follathc673c2c2019-12-02 15:47:26 +0000[diff] [blame]1042 enum { MSGLEN = 105 };
1043 unsigned char message[MSGLEN];
1044 unsigned char received[MSGLEN];
1045 mbedtls_mock_socket client;
1046 mbedtls_mock_socket server;
1047 size_t written, read;
1048 int send_ret, recv_ret;
1049 mbedtls_ssl_send_t *send;
1050 mbedtls_ssl_recv_t *recv;
1051 uint32_t client_block = client_pattern;
1052 uint32_t server_block = server_pattern;
1053 unsigned i;
1054
1055 if( blocking == 0 )
1056 {
1057 send = mbedtls_mock_tcp_send_nb;
1058 recv = mbedtls_mock_tcp_recv_nb;
1059 }
1060 else
1061 {
1062 send = mbedtls_mock_tcp_send_b;
1063 recv = mbedtls_mock_tcp_recv_b;
1064 }
1065
1066 mbedtls_mock_socket_init( &client );
1067 mbedtls_mock_socket_init( &server );
1068
1069 /* Fill up the buffer with structured data so that unwanted changes
1070 * can be detected */
1071 for( i = 0; i < MSGLEN; i++ )
1072 {
1073 message[i] = i & 0xFF;
1074 }
1075
1076 /* Make sure that sending a message takes a few iterations. */
1077 TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server,
1078 MSGLEN / 5 ) );
1079 TEST_ASSERT( 0 == mbedtls_mock_socket_set_block( &client, client_block ) );
1080 TEST_ASSERT( 0 == mbedtls_mock_socket_set_block( &server, server_block ) );
1081
1082 /* Send the message to the server */
1083 send_ret = recv_ret = 1;
1084 written = read = 0;
1085 while( send_ret != 0 || recv_ret != 0 )
1086 {
1087 send_ret = send( &client, message + written, MSGLEN - written );
1088
1089 if( ( blocking == 0 ) && ( client_block & 1 ) )
1090 {
1091 TEST_ASSERT( send_ret == MBEDTLS_ERR_SSL_WANT_WRITE );
1092 }
1093 else
1094 {
1095 TEST_ASSERT( send_ret >= 0 );
1096 written += send_ret;
1097 }
1098 client_block >>= 1;
1099
1100 recv_ret = recv( &server, received + read, MSGLEN - read );
1101 if( ( blocking == 0 ) && ( server_block & 1 ) )
1102 {
1103 TEST_ASSERT( recv_ret == MBEDTLS_ERR_SSL_WANT_READ );
1104 }
1105 else
1106 {
1107 TEST_ASSERT( recv_ret >= 0 );
1108 read += recv_ret;
1109 }
1110 server_block >>= 1;
1111 }
1112 TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 );
1113
1114exit:
1115
1116 mbedtls_mock_socket_close( &client );
1117 mbedtls_mock_socket_close( &server );
1118}
1119/* END_CASE */
1120
1121/*
1122 * Test if the implementation of `mbedtls_mock_socket` related functions can
1123 * send messages in both direction at the same time (with the I/O calls
1124 * interleaving).
1125 */
1126
1127/* BEGIN_CASE */
1128void ssl_mock_tcp_interleaving( int blocking,
1129 int client_pattern, int server_pattern )
1130{
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1131 enum { ROUNDS = 2 };
1132 enum { MSGLEN = 105 };
1133 unsigned char message[ROUNDS][MSGLEN];
1134 unsigned char received[ROUNDS][MSGLEN];
1135 mbedtls_mock_socket client;
1136 mbedtls_mock_socket server;
1137 size_t written[ROUNDS];
1138 size_t read[ROUNDS];
1139 int send_ret[ROUNDS];
1140 int recv_ret[ROUNDS];
1141 unsigned i, j, progress;
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1142 mbedtls_ssl_send_t *send;
1143 mbedtls_ssl_recv_t *recv;
1144 uint32_t client_block = client_pattern;
1145 uint32_t server_block = server_pattern;
1146
1147 if( blocking == 0 )
1148 {
1149 send = mbedtls_mock_tcp_send_nb;
1150 recv = mbedtls_mock_tcp_recv_nb;
1151 }
1152 else
1153 {
1154 send = mbedtls_mock_tcp_send_b;
1155 recv = mbedtls_mock_tcp_recv_b;
1156 }
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1157
1158 mbedtls_mock_socket_init( &client );
1159 mbedtls_mock_socket_init( &server );
1160
1161 /* Fill up the buffers with structured data so that unwanted changes
1162 * can be detected */
1163 for( i = 0; i < ROUNDS; i++ )
1164 {
1165 for( j = 0; j < MSGLEN; j++ )
1166 {
1167 message[i][j] = ( i * MSGLEN + j ) & 0xFF;
1168 }
1169 }
1170
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1171 /* Make sure that sending a message takes a few iterations. */
1172 TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server,
1173 MSGLEN / 5 ) );
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1174 TEST_ASSERT( 0 == mbedtls_mock_socket_set_block( &client, client_block ) );
1175 TEST_ASSERT( 0 == mbedtls_mock_socket_set_block( &server, server_block ) );
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1176
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1177 /* Send the message from both sides, interleaving. */
1178 progress = 1;
1179 for( i = 0; i < ROUNDS; i++ )
1180 {
1181 written[i] = 0;
1182 read[i] = 0;
1183 }
1184 /* This loop does not stop as long as there was a successful write or read
1185 * of at least one byte on either side. */
1186 while( progress != 0 )
1187 {
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1188 send_ret[0] = send( &client, message[0] + written[0],
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1189 MSGLEN - written[0] );
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1190 if( ( blocking == 0 ) && ( client_block & 1 ) )
1191 {
1192 TEST_ASSERT( send_ret[0] == MBEDTLS_ERR_SSL_WANT_WRITE );
1193 }
1194 else
1195 {
1196 TEST_ASSERT( send_ret[0] >= 0 );
1197 written[0] += send_ret[0];
1198 }
1199 client_block >>= 1;
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1200
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1201 send_ret[1] = send( &server, message[1] + written[1],
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1202 MSGLEN - written[1] );
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1203 if( ( blocking == 0 ) && ( server_block & 1 ) )
1204 {
1205 TEST_ASSERT( send_ret[1] == MBEDTLS_ERR_SSL_WANT_WRITE );
1206 }
1207 else
1208 {
1209 TEST_ASSERT( send_ret[1] >= 0 );
1210 written[1] += send_ret[1];
1211 }
1212 server_block >>= 1;
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1213
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1214 recv_ret[0] = recv( &server, received[0] + read[0],
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1215 MSGLEN - read[0] );
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1216 if( ( blocking == 0 ) && ( server_block & 1 ) )
1217 {
1218 TEST_ASSERT( recv_ret[0] == MBEDTLS_ERR_SSL_WANT_READ );
1219 }
1220 else
1221 {
1222 TEST_ASSERT( recv_ret[0] >= 0 );
1223 read[0] += recv_ret[0];
1224 }
1225 server_block >>= 1;
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1226
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1227 recv_ret[1] = recv( &client, received[1] + read[1],
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1228 MSGLEN - read[1] );
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1229 if( ( blocking == 0 ) && ( client_block & 1 ) )
1230 {
1231 TEST_ASSERT( recv_ret[1] == MBEDTLS_ERR_SSL_WANT_READ );
1232 }
1233 else
1234 {
1235 TEST_ASSERT( recv_ret[1] >= 0 );
1236 read[1] += recv_ret[1];
1237 }
1238 client_block >>= 1;
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1239
1240 progress = 0;
1241 for( i = 0; i < ROUNDS; i++ )
1242 {
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1243 if( ( send_ret[i] > 0 ) ||
1244 ( send_ret[i] == MBEDTLS_ERR_SSL_WANT_WRITE ) )
1245 {
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1246 progress++;
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1247 }
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1248
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1249 if( ( recv_ret[i] > 0 ) ||
1250 ( recv_ret[i] == MBEDTLS_ERR_SSL_WANT_READ ) )
1251 {
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1252 progress++;
Janos Follath3766ba52019-11-27 13:31:42 +0000[diff] [blame]1253 }
Janos Follath031827f2019-11-27 11:12:14 +0000[diff] [blame]1254 }
1255 }
1256
1257 for( i = 0; i < ROUNDS; i++ )
1258 TEST_ASSERT( memcmp( message[i], received[i], MSGLEN ) == 0 );
1259
1260exit:
1261
1262 mbedtls_mock_socket_close( &client );
1263 mbedtls_mock_socket_close( &server );
1264}
1265/* END_CASE */
1266
Andrzej Kurek13719cd2020-01-22 06:36:39 -0500[diff] [blame^]1267/* BEGIN_CASE */
1268void ssl_message_queue_sanity( )
1269{
1270 mbedtls_test_message_queue queue;
1271
1272 /* Trying to push/pull to an empty queue */
1273 TEST_ASSERT( mbedtls_test_message_queue_push_info( NULL, 1 )
1274 == MBEDTLS_TEST_ERROR_ARG_NULL );
1275 TEST_ASSERT( mbedtls_test_message_queue_pop_info( NULL, 1 )
1276 == MBEDTLS_TEST_ERROR_ARG_NULL );
1277
1278 mbedtls_test_message_queue_setup( &queue, 3 );
1279 TEST_ASSERT( queue.capacity == 3 );
1280 TEST_ASSERT( queue.num == 0 );
1281
1282exit:
1283 mbedtls_test_message_queue_free( &queue );
1284}
1285/* END_CASE */
1286
1287/* BEGIN_CASE */
1288void ssl_message_queue_basic( )
1289{
1290 mbedtls_test_message_queue queue;
1291
1292 mbedtls_test_message_queue_setup( &queue, 3 );
1293
1294 /* Sanity test - 3 pushes and 3 pops with sufficient space */
1295 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
1296 TEST_ASSERT( queue.capacity == 3 );
1297 TEST_ASSERT( queue.num == 1 );
1298 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
1299 TEST_ASSERT( queue.capacity == 3 );
1300 TEST_ASSERT( queue.num == 2 );
1301 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 );
1302 TEST_ASSERT( queue.capacity == 3 );
1303 TEST_ASSERT( queue.num == 3 );
1304
1305 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
1306 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
1307 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 );
1308
1309exit:
1310 mbedtls_test_message_queue_free( &queue );
1311}
1312/* END_CASE */
1313
1314/* BEGIN_CASE */
1315void ssl_message_queue_overflow_underflow( )
1316{
1317 mbedtls_test_message_queue queue;
1318
1319 mbedtls_test_message_queue_setup( &queue, 3 );
1320
1321 /* 4 pushes (last one with an error), 4 pops (last one with an error) */
1322 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
1323 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
1324 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 );
1325 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 3 )
1326 == MBEDTLS_TEST_ERROR_QUEUE_FULL );
1327
1328 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
1329 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
1330 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 );
1331
1332 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 )
1333 == MBEDTLS_TEST_ERROR_QUEUE_EMPTY );
1334
1335exit:
1336 mbedtls_test_message_queue_free( &queue );
1337}
1338/* END_CASE */
1339
1340/* BEGIN_CASE */
1341void ssl_message_queue_interleaved( )
1342{
1343 mbedtls_test_message_queue queue;
1344
1345 mbedtls_test_message_queue_setup( &queue, 3 );
1346
1347 /* Interleaved test - [2 pushes, 1 pop] twice, and then two pops
1348 * (to wrap around the buffer) */
1349 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
1350 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 );
1351
1352 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
1353
1354 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 );
1355 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 3 ) == 3 );
1356
1357 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 );
1358 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 );
1359
1360 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 5 ) == 5 );
1361 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 8 ) == 8 );
1362
1363 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 3 ) == 3 );
1364
1365 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 5 ) == 5 );
1366
1367 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 8 ) == 8 );
1368
1369exit:
1370 mbedtls_test_message_queue_free( &queue );
1371}
1372/* END_CASE */
1373
1374/* BEGIN_CASE */
1375void ssl_message_queue_insufficient_buffer( )
1376{
1377 mbedtls_test_message_queue queue;
1378 size_t message_len = 10;
1379 size_t buffer_len = 5;
1380
1381 mbedtls_test_message_queue_setup( &queue, 1 );
1382
1383 /* Popping without a sufficient buffer */
1384 TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, message_len )
1385 == (int) message_len );
1386 TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, buffer_len )
1387 == (int) buffer_len );
1388exit:
1389 mbedtls_test_message_queue_free( &queue );
1390}
1391/* END_CASE */
1392
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1393/* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1394void ssl_dtls_replay( data_t * prevs, data_t * new, int ret )
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]1395{
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1396 uint32_t len = 0;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1397 mbedtls_ssl_context ssl;
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200[diff] [blame]1398 mbedtls_ssl_config conf;
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]1399
Manuel Pégourié-Gonnard41d479e2015-04-29 00:48:22 +0200[diff] [blame]1400 mbedtls_ssl_init( &ssl );
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200[diff] [blame]1401 mbedtls_ssl_config_init( &conf );
Manuel Pégourié-Gonnard41d479e2015-04-29 00:48:22 +0200[diff] [blame]1402
Manuel Pégourié-Gonnard419d5ae2015-05-04 19:32:36 +0200[diff] [blame]1403 TEST_ASSERT( mbedtls_ssl_config_defaults( &conf,
1404 MBEDTLS_SSL_IS_CLIENT,
Manuel Pégourié-Gonnardb31c5f62015-06-17 13:53:47 +0200[diff] [blame]1405 MBEDTLS_SSL_TRANSPORT_DATAGRAM,
1406 MBEDTLS_SSL_PRESET_DEFAULT ) == 0 );
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200[diff] [blame]1407 TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]1408
1409 /* Read previous record numbers */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1410 for( len = 0; len < prevs->len; len += 6 )
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]1411 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1412 memcpy( ssl.in_ctr + 2, prevs->x + len, 6 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1413 mbedtls_ssl_dtls_replay_update( &ssl );
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]1414 }
1415
1416 /* Check new number */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1417 memcpy( ssl.in_ctr + 2, new->x, 6 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1418 TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret );
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]1419
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1420 mbedtls_ssl_free( &ssl );
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200[diff] [blame]1421 mbedtls_ssl_config_free( &conf );
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]1422}
1423/* END_CASE */
Hanno Beckerb25c0c72017-05-05 11:24:30 +0100[diff] [blame]1424
1425/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
1426void ssl_set_hostname_twice( char *hostname0, char *hostname1 )
1427{
1428 mbedtls_ssl_context ssl;
1429 mbedtls_ssl_init( &ssl );
1430
1431 TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 );
1432 TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 );
1433
1434 mbedtls_ssl_free( &ssl );
1435}
Darryl Green11999bb2018-03-13 15:22:58 +0000[diff] [blame]1436/* END_CASE */
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]1437
1438/* BEGIN_CASE */
1439void ssl_crypt_record( int cipher_type, int hash_id,
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]1440 int etm, int tag_mode, int ver,
1441 int cid0_len, int cid1_len )
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]1442{
1443 /*
1444 * Test several record encryptions and decryptions
1445 * with plenty of space before and after the data
1446 * within the record buffer.
1447 */
1448
1449 int ret;
1450 int num_records = 16;
1451 mbedtls_ssl_context ssl; /* ONLY for debugging */
1452
1453 mbedtls_ssl_transform t0, t1;
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]1454 unsigned char *buf = NULL;
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]1455 size_t const buflen = 512;
1456 mbedtls_record rec, rec_backup;
1457
1458 mbedtls_ssl_init( &ssl );
1459 mbedtls_ssl_transform_init( &t0 );
1460 mbedtls_ssl_transform_init( &t1 );
1461 TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id,
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]1462 etm, tag_mode, ver,
1463 (size_t) cid0_len,
1464 (size_t) cid1_len ) == 0 );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]1465
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]1466 TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]1467
1468 while( num_records-- > 0 )
1469 {
1470 mbedtls_ssl_transform *t_dec, *t_enc;
1471 /* Take turns in who's sending and who's receiving. */
1472 if( num_records % 3 == 0 )
1473 {
1474 t_dec = &t0;
1475 t_enc = &t1;
1476 }
1477 else
1478 {
1479 t_dec = &t1;
1480 t_enc = &t0;
1481 }
1482
1483 /*
1484 * The record header affects the transformation in two ways:
1485 * 1) It determines the AEAD additional data
1486 * 2) The record counter sometimes determines the IV.
1487 *
1488 * Apart from that, the fields don't have influence.
1489 * In particular, it is currently not the responsibility
1490 * of ssl_encrypt/decrypt_buf to check if the transform
1491 * version matches the record version, or that the
1492 * type is sensible.
1493 */
1494
1495 memset( rec.ctr, num_records, sizeof( rec.ctr ) );
1496 rec.type = 42;
1497 rec.ver[0] = num_records;
1498 rec.ver[1] = num_records;
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]1499#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]1500 rec.cid_len = 0;
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]1501#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]1502
1503 rec.buf = buf;
1504 rec.buf_len = buflen;
1505 rec.data_offset = 16;
1506 /* Make sure to vary the length to exercise different
1507 * paddings. */
1508 rec.data_len = 1 + num_records;
1509
1510 memset( rec.buf + rec.data_offset, 42, rec.data_len );
1511
1512 /* Make a copy for later comparison */
1513 rec_backup = rec;
1514
1515 /* Encrypt record */
1516 ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec,
1517 rnd_std_rand, NULL );
1518 TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
1519 if( ret != 0 )
1520 {
1521 continue;
1522 }
1523
1524 /* Decrypt record with t_dec */
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]1525 ret = mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec );
1526 TEST_ASSERT( ret == 0 );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]1527
1528 /* Compare results */
1529 TEST_ASSERT( rec.type == rec_backup.type );
1530 TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 );
1531 TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] );
1532 TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] );
1533 TEST_ASSERT( rec.data_len == rec_backup.data_len );
1534 TEST_ASSERT( rec.data_offset == rec_backup.data_offset );
1535 TEST_ASSERT( memcmp( rec.buf + rec.data_offset,
1536 rec_backup.buf + rec_backup.data_offset,
1537 rec.data_len ) == 0 );
1538 }
1539
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]1540exit:
1541
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]1542 /* Cleanup */
1543 mbedtls_ssl_free( &ssl );
1544 mbedtls_ssl_transform_free( &t0 );
1545 mbedtls_ssl_transform_free( &t1 );
1546
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]1547 mbedtls_free( buf );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]1548}
1549/* END_CASE */
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1550
1551/* BEGIN_CASE */
1552void ssl_crypt_record_small( int cipher_type, int hash_id,
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]1553 int etm, int tag_mode, int ver,
1554 int cid0_len, int cid1_len )
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1555{
1556 /*
1557 * Test pairs of encryption and decryption with an increasing
1558 * amount of space in the record buffer - in more detail:
1559 * 1) Try to encrypt with 0, 1, 2, ... bytes available
1560 * in front of the plaintext, and expect the encryption
1561 * to succeed starting from some offset. Always keep
1562 * enough space in the end of the buffer.
1563 * 2) Try to encrypt with 0, 1, 2, ... bytes available
1564 * at the end of the plaintext, and expect the encryption
1565 * to succeed starting from some offset. Always keep
1566 * enough space at the beginning of the buffer.
1567 * 3) Try to encrypt with 0, 1, 2, ... bytes available
1568 * both at the front and end of the plaintext,
1569 * and expect the encryption to succeed starting from
1570 * some offset.
1571 *
1572 * If encryption succeeds, check that decryption succeeds
1573 * and yields the original record.
1574 */
1575
1576 mbedtls_ssl_context ssl; /* ONLY for debugging */
1577
1578 mbedtls_ssl_transform t0, t1;
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]1579 unsigned char *buf = NULL;
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]1580 size_t const buflen = 256;
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1581 mbedtls_record rec, rec_backup;
1582
1583 int ret;
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]1584 int mode; /* Mode 1, 2 or 3 as explained above */
1585 size_t offset; /* Available space at beginning/end/both */
1586 size_t threshold = 96; /* Maximum offset to test against */
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1587
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]1588 size_t default_pre_padding = 64; /* Pre-padding to use in mode 2 */
1589 size_t default_post_padding = 128; /* Post-padding to use in mode 1 */
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1590
1591 int seen_success; /* Indicates if in the current mode we've
1592 * already seen a successful test. */
1593
1594 mbedtls_ssl_init( &ssl );
1595 mbedtls_ssl_transform_init( &t0 );
1596 mbedtls_ssl_transform_init( &t1 );
1597 TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id,
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]1598 etm, tag_mode, ver,
1599 (size_t) cid0_len,
1600 (size_t) cid1_len ) == 0 );
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1601
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]1602 TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL );
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1603
1604 for( mode=1; mode <= 3; mode++ )
1605 {
1606 seen_success = 0;
1607 for( offset=0; offset <= threshold; offset++ )
1608 {
1609 mbedtls_ssl_transform *t_dec, *t_enc;
Hanno Becker6c87b3f2019-04-29 17:24:44 +0100[diff] [blame]1610 t_dec = &t0;
1611 t_enc = &t1;
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1612
1613 memset( rec.ctr, offset, sizeof( rec.ctr ) );
1614 rec.type = 42;
1615 rec.ver[0] = offset;
1616 rec.ver[1] = offset;
1617 rec.buf = buf;
1618 rec.buf_len = buflen;
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]1619#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]1620 rec.cid_len = 0;
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]1621#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1622
1623 switch( mode )
1624 {
1625 case 1: /* Space in the beginning */
1626 rec.data_offset = offset;
1627 rec.data_len = buflen - offset - default_post_padding;
1628 break;
1629
1630 case 2: /* Space in the end */
1631 rec.data_offset = default_pre_padding;
1632 rec.data_len = buflen - default_pre_padding - offset;
1633 break;
1634
1635 case 3: /* Space in the beginning and end */
1636 rec.data_offset = offset;
1637 rec.data_len = buflen - 2 * offset;
1638 break;
1639
1640 default:
1641 TEST_ASSERT( 0 );
1642 break;
1643 }
1644
1645 memset( rec.buf + rec.data_offset, 42, rec.data_len );
1646
1647 /* Make a copy for later comparison */
1648 rec_backup = rec;
1649
1650 /* Encrypt record */
1651 ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec, rnd_std_rand, NULL );
1652
1653 if( ( mode == 1 || mode == 2 ) && seen_success )
1654 {
1655 TEST_ASSERT( ret == 0 );
1656 }
1657 else
1658 {
1659 TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
1660 if( ret == 0 )
1661 seen_success = 1;
1662 }
1663
1664 if( ret != 0 )
1665 continue;
1666
1667 /* Decrypt record with t_dec */
1668 TEST_ASSERT( mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec ) == 0 );
1669
1670 /* Compare results */
1671 TEST_ASSERT( rec.type == rec_backup.type );
1672 TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 );
1673 TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] );
1674 TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] );
1675 TEST_ASSERT( rec.data_len == rec_backup.data_len );
1676 TEST_ASSERT( rec.data_offset == rec_backup.data_offset );
1677 TEST_ASSERT( memcmp( rec.buf + rec.data_offset,
1678 rec_backup.buf + rec_backup.data_offset,
1679 rec.data_len ) == 0 );
1680 }
1681
1682 TEST_ASSERT( seen_success == 1 );
1683 }
1684
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]1685exit:
1686
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1687 /* Cleanup */
1688 mbedtls_ssl_free( &ssl );
1689 mbedtls_ssl_transform_free( &t0 );
1690 mbedtls_ssl_transform_free( &t1 );
1691
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]1692 mbedtls_free( buf );
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]1693}
1694/* END_CASE */
Ron Eldor824ad7b2019-05-13 14:09:00 +0300[diff] [blame]1695
1696/* BEGIN_CASE */
1697void ssl_tls_prf( int type, data_t * secret, data_t * random,
1698 char *label, data_t *result_hex_str, int exp_ret )
1699{
1700 unsigned char *output;
1701
1702 output = mbedtls_calloc( 1, result_hex_str->len );
1703 if( output == NULL )
1704 goto exit;
1705
Ron Eldor6b9b1b82019-05-15 17:04:33 +0300[diff] [blame]1706#if defined(MBEDTLS_USE_PSA_CRYPTO)
1707 TEST_ASSERT( psa_crypto_init() == 0 );
1708#endif
1709
Ron Eldor824ad7b2019-05-13 14:09:00 +0300[diff] [blame]1710 TEST_ASSERT( mbedtls_ssl_tls_prf( type, secret->x, secret->len,
1711 label, random->x, random->len,
1712 output, result_hex_str->len ) == exp_ret );
1713
1714 if( exp_ret == 0 )
1715 {
1716 TEST_ASSERT( hexcmp( output, result_hex_str->x,
1717 result_hex_str->len, result_hex_str->len ) == 0 );
1718 }
1719exit:
1720
1721 mbedtls_free( output );
1722}
1723/* END_CASE */
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]1724
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]1725/* BEGIN_CASE */
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1726void ssl_serialize_session_save_load( int ticket_len, char *crt_file )
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]1727{
1728 mbedtls_ssl_session original, restored;
1729 unsigned char *buf = NULL;
1730 size_t len;
1731
1732 /*
1733 * Test that a save-load pair is the identity
1734 */
1735
1736 mbedtls_ssl_session_init( &original );
1737 mbedtls_ssl_session_init( &restored );
1738
1739 /* Prepare a dummy session to work on */
1740 TEST_ASSERT( ssl_populate_session( &original, ticket_len, crt_file ) == 0 );
1741
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1742 /* Serialize it */
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]1743 TEST_ASSERT( mbedtls_ssl_session_save( &original, NULL, 0, &len )
1744 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
1745 TEST_ASSERT( ( buf = mbedtls_calloc( 1, len ) ) != NULL );
1746 TEST_ASSERT( mbedtls_ssl_session_save( &original, buf, len, &len )
1747 == 0 );
1748
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1749 /* Restore session from serialized data */
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]1750 TEST_ASSERT( mbedtls_ssl_session_load( &restored, buf, len) == 0 );
1751
1752 /*
1753 * Make sure both session structures are identical
1754 */
1755#if defined(MBEDTLS_HAVE_TIME)
1756 TEST_ASSERT( original.start == restored.start );
1757#endif
1758 TEST_ASSERT( original.ciphersuite == restored.ciphersuite );
1759 TEST_ASSERT( original.compression == restored.compression );
1760 TEST_ASSERT( original.id_len == restored.id_len );
1761 TEST_ASSERT( memcmp( original.id,
1762 restored.id, sizeof( original.id ) ) == 0 );
1763 TEST_ASSERT( memcmp( original.master,
1764 restored.master, sizeof( original.master ) ) == 0 );
1765
1766#if defined(MBEDTLS_X509_CRT_PARSE_C)
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]1767#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]1768 TEST_ASSERT( ( original.peer_cert == NULL ) ==
1769 ( restored.peer_cert == NULL ) );
1770 if( original.peer_cert != NULL )
1771 {
1772 TEST_ASSERT( original.peer_cert->raw.len ==
1773 restored.peer_cert->raw.len );
1774 TEST_ASSERT( memcmp( original.peer_cert->raw.p,
1775 restored.peer_cert->raw.p,
1776 original.peer_cert->raw.len ) == 0 );
1777 }
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]1778#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
1779 TEST_ASSERT( original.peer_cert_digest_type ==
1780 restored.peer_cert_digest_type );
1781 TEST_ASSERT( original.peer_cert_digest_len ==
1782 restored.peer_cert_digest_len );
1783 TEST_ASSERT( ( original.peer_cert_digest == NULL ) ==
1784 ( restored.peer_cert_digest == NULL ) );
1785 if( original.peer_cert_digest != NULL )
1786 {
1787 TEST_ASSERT( memcmp( original.peer_cert_digest,
1788 restored.peer_cert_digest,
1789 original.peer_cert_digest_len ) == 0 );
1790 }
1791#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
1792#endif /* MBEDTLS_X509_CRT_PARSE_C */
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]1793 TEST_ASSERT( original.verify_result == restored.verify_result );
1794
1795#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
1796 TEST_ASSERT( original.ticket_len == restored.ticket_len );
1797 if( original.ticket_len != 0 )
1798 {
1799 TEST_ASSERT( original.ticket != NULL );
1800 TEST_ASSERT( restored.ticket != NULL );
1801 TEST_ASSERT( memcmp( original.ticket,
1802 restored.ticket, original.ticket_len ) == 0 );
1803 }
1804 TEST_ASSERT( original.ticket_lifetime == restored.ticket_lifetime );
1805#endif
1806
1807#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
1808 TEST_ASSERT( original.mfl_code == restored.mfl_code );
1809#endif
1810
1811#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
1812 TEST_ASSERT( original.trunc_hmac == restored.trunc_hmac );
1813#endif
1814
1815#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
1816 TEST_ASSERT( original.encrypt_then_mac == restored.encrypt_then_mac );
1817#endif
1818
1819exit:
1820 mbedtls_ssl_session_free( &original );
1821 mbedtls_ssl_session_free( &restored );
1822 mbedtls_free( buf );
1823}
1824/* END_CASE */
1825
Manuel Pégourié-Gonnardaa755832019-06-03 10:53:47 +0200[diff] [blame]1826/* BEGIN_CASE */
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1827void ssl_serialize_session_load_save( int ticket_len, char *crt_file )
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]1828{
1829 mbedtls_ssl_session session;
1830 unsigned char *buf1 = NULL, *buf2 = NULL;
1831 size_t len0, len1, len2;
1832
1833 /*
1834 * Test that a load-save pair is the identity
1835 */
1836
1837 mbedtls_ssl_session_init( &session );
1838
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]1839 /* Prepare a dummy session to work on */
Manuel Pégourié-Gonnard6b840702019-05-24 09:40:17 +0200[diff] [blame]1840 TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]1841
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1842 /* Get desired buffer size for serializing */
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]1843 TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &len0 )
1844 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
1845
1846 /* Allocate first buffer */
1847 buf1 = mbedtls_calloc( 1, len0 );
1848 TEST_ASSERT( buf1 != NULL );
1849
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1850 /* Serialize to buffer and free live session */
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]1851 TEST_ASSERT( mbedtls_ssl_session_save( &session, buf1, len0, &len1 )
1852 == 0 );
1853 TEST_ASSERT( len0 == len1 );
1854 mbedtls_ssl_session_free( &session );
1855
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1856 /* Restore session from serialized data */
Manuel Pégourié-Gonnard220403b2019-05-24 09:54:21 +0200[diff] [blame]1857 TEST_ASSERT( mbedtls_ssl_session_load( &session, buf1, len1 ) == 0 );
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]1858
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1859 /* Allocate second buffer and serialize to it */
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]1860 buf2 = mbedtls_calloc( 1, len0 );
Manuel Pégourié-Gonnardb4079902019-05-24 09:52:10 +0200[diff] [blame]1861 TEST_ASSERT( buf2 != NULL );
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]1862 TEST_ASSERT( mbedtls_ssl_session_save( &session, buf2, len0, &len2 )
1863 == 0 );
1864
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1865 /* Make sure both serialized versions are identical */
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]1866 TEST_ASSERT( len1 == len2 );
1867 TEST_ASSERT( memcmp( buf1, buf2, len1 ) == 0 );
1868
1869exit:
1870 mbedtls_ssl_session_free( &session );
1871 mbedtls_free( buf1 );
1872 mbedtls_free( buf2 );
1873}
1874/* END_CASE */
Manuel Pégourié-Gonnardf5fa0aa2019-05-23 10:38:11 +0200[diff] [blame]1875
1876/* BEGIN_CASE */
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1877void ssl_serialize_session_save_buf_size( int ticket_len, char *crt_file )
Manuel Pégourié-Gonnardf5fa0aa2019-05-23 10:38:11 +0200[diff] [blame]1878{
1879 mbedtls_ssl_session session;
1880 unsigned char *buf = NULL;
1881 size_t good_len, bad_len, test_len;
1882
1883 /*
1884 * Test that session_save() fails cleanly on small buffers
1885 */
1886
1887 mbedtls_ssl_session_init( &session );
1888
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1889 /* Prepare dummy session and get serialized size */
Manuel Pégourié-Gonnard6b840702019-05-24 09:40:17 +0200[diff] [blame]1890 TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
Manuel Pégourié-Gonnardf5fa0aa2019-05-23 10:38:11 +0200[diff] [blame]1891 TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len )
1892 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
1893
1894 /* Try all possible bad lengths */
1895 for( bad_len = 1; bad_len < good_len; bad_len++ )
1896 {
1897 /* Allocate exact size so that asan/valgrind can detect any overwrite */
1898 mbedtls_free( buf );
1899 TEST_ASSERT( ( buf = mbedtls_calloc( 1, bad_len ) ) != NULL );
1900 TEST_ASSERT( mbedtls_ssl_session_save( &session, buf, bad_len,
1901 &test_len )
1902 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
1903 TEST_ASSERT( test_len == good_len );
1904 }
1905
1906exit:
1907 mbedtls_ssl_session_free( &session );
1908 mbedtls_free( buf );
1909}
1910/* END_CASE */
Manuel Pégourié-Gonnarda3d831b2019-05-23 12:28:45 +0200[diff] [blame]1911
1912/* BEGIN_CASE */
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1913void ssl_serialize_session_load_buf_size( int ticket_len, char *crt_file )
Manuel Pégourié-Gonnarda3d831b2019-05-23 12:28:45 +0200[diff] [blame]1914{
1915 mbedtls_ssl_session session;
1916 unsigned char *good_buf = NULL, *bad_buf = NULL;
1917 size_t good_len, bad_len;
1918
1919 /*
1920 * Test that session_load() fails cleanly on small buffers
1921 */
1922
1923 mbedtls_ssl_session_init( &session );
1924
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]1925 /* Prepare serialized session data */
Manuel Pégourié-Gonnard6b840702019-05-24 09:40:17 +0200[diff] [blame]1926 TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
Manuel Pégourié-Gonnarda3d831b2019-05-23 12:28:45 +0200[diff] [blame]1927 TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len )
1928 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
1929 TEST_ASSERT( ( good_buf = mbedtls_calloc( 1, good_len ) ) != NULL );
1930 TEST_ASSERT( mbedtls_ssl_session_save( &session, good_buf, good_len,
1931 &good_len ) == 0 );
1932 mbedtls_ssl_session_free( &session );
1933
1934 /* Try all possible bad lengths */
1935 for( bad_len = 0; bad_len < good_len; bad_len++ )
1936 {
1937 /* Allocate exact size so that asan/valgrind can detect any overread */
1938 mbedtls_free( bad_buf );
1939 bad_buf = mbedtls_calloc( 1, bad_len ? bad_len : 1 );
1940 TEST_ASSERT( bad_buf != NULL );
1941 memcpy( bad_buf, good_buf, bad_len );
1942
1943 TEST_ASSERT( mbedtls_ssl_session_load( &session, bad_buf, bad_len )
1944 == MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
1945 }
1946
1947exit:
1948 mbedtls_ssl_session_free( &session );
1949 mbedtls_free( good_buf );
1950 mbedtls_free( bad_buf );
1951}
1952/* END_CASE */
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]1953
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame]1954/* BEGIN_CASE */
1955void ssl_session_serialize_version_check( int corrupt_major,
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]1956 int corrupt_minor,
1957 int corrupt_patch,
1958 int corrupt_config )
1959{
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame]1960 unsigned char serialized_session[ 2048 ];
1961 size_t serialized_session_len;
Hanno Beckerfe1275e2019-05-29 12:45:21 +0100[diff] [blame]1962 unsigned cur_byte;
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]1963 mbedtls_ssl_session session;
Hanno Beckerfe1275e2019-05-29 12:45:21 +0100[diff] [blame]1964 uint8_t should_corrupt_byte[] = { corrupt_major == 1,
1965 corrupt_minor == 1,
1966 corrupt_patch == 1,
1967 corrupt_config == 1,
1968 corrupt_config == 1 };
1969
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]1970 mbedtls_ssl_session_init( &session );
1971
Hanno Beckerfe1275e2019-05-29 12:45:21 +0100[diff] [blame]1972 /* Infer length of serialized session. */
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]1973 TEST_ASSERT( mbedtls_ssl_session_save( &session,
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame]1974 serialized_session,
1975 sizeof( serialized_session ),
1976 &serialized_session_len ) == 0 );
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]1977
Hanno Beckerfe1275e2019-05-29 12:45:21 +0100[diff] [blame]1978 mbedtls_ssl_session_free( &session );
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]1979
Hanno Beckerfe1275e2019-05-29 12:45:21 +0100[diff] [blame]1980 /* Without any modification, we should be able to successfully
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame]1981 * de-serialize the session - double-check that. */
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]1982 TEST_ASSERT( mbedtls_ssl_session_load( &session,
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame]1983 serialized_session,
1984 serialized_session_len ) == 0 );
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]1985 mbedtls_ssl_session_free( &session );
1986
Hanno Beckerfe1275e2019-05-29 12:45:21 +0100[diff] [blame]1987 /* Go through the bytes in the serialized session header and
1988 * corrupt them bit-by-bit. */
1989 for( cur_byte = 0; cur_byte < sizeof( should_corrupt_byte ); cur_byte++ )
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]1990 {
Hanno Beckerfe1275e2019-05-29 12:45:21 +0100[diff] [blame]1991 int cur_bit;
1992 unsigned char * const byte = &serialized_session[ cur_byte ];
1993
1994 if( should_corrupt_byte[ cur_byte ] == 0 )
1995 continue;
1996
1997 for( cur_bit = 0; cur_bit < CHAR_BIT; cur_bit++ )
1998 {
1999 unsigned char const corrupted_bit = 0x1u << cur_bit;
2000 /* Modify a single bit in the serialized session. */
2001 *byte ^= corrupted_bit;
2002
2003 /* Attempt to deserialize */
2004 TEST_ASSERT( mbedtls_ssl_session_load( &session,
2005 serialized_session,
2006 serialized_session_len ) ==
Hanno Beckerf9b33032019-06-03 12:58:39 +0100[diff] [blame]2007 MBEDTLS_ERR_SSL_VERSION_MISMATCH );
Hanno Beckerfe1275e2019-05-29 12:45:21 +0100[diff] [blame]2008
2009 /* Undo the change */
2010 *byte ^= corrupted_bit;
2011 }
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]2012 }
2013
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]2014}
2015/* END_CASE */