TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 363b646dd87f29e146ceb54c97f07ef78715e2e1 / . / tests / suites / test_suite_ssl.function
blob: a3d1c0056d248c41925c1c28d99f0da629aa1723 [file] [log] [blame]
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include <mbedtls/ssl.h>
Manuel Pégourié-Gonnard5e94dde2015-05-26 11:57:05 +0200[diff] [blame]3#include <mbedtls/ssl_internal.h>
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]4
5/*
6 * Helper function setting up inverse record transformations
7 * using given cipher, hash, EtM mode, authentication tag length,
8 * and version.
9 */
10
11#define CHK( x ) \
12 do \
13 { \
14 if( !( x ) ) \
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]15 { \
Hanno Beckera5780f12019-04-05 09:55:37 +0100[diff] [blame]16 ret = -1; \
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]17 goto cleanup; \
18 } \
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]19 } while( 0 )
20
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]21#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
22#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX
23#else
24#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX
25#endif
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]26
27static int build_transforms( mbedtls_ssl_transform *t_in,
28 mbedtls_ssl_transform *t_out,
29 int cipher_type, int hash_id,
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]30 int etm, int tag_mode, int ver,
31 size_t cid0_len,
32 size_t cid1_len )
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]33{
34 mbedtls_cipher_info_t const *cipher_info;
Hanno Beckera5780f12019-04-05 09:55:37 +0100[diff] [blame]35 int ret = 0;
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]36
37 size_t keylen, maclen, ivlen;
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]38 unsigned char *key0 = NULL, *key1 = NULL;
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]39 unsigned char iv_enc[16], iv_dec[16];
40
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]41#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]42 unsigned char cid0[ SSL_CID_LEN_MIN ];
43 unsigned char cid1[ SSL_CID_LEN_MIN ];
44
45 rnd_std_rand( NULL, cid0, sizeof( cid0 ) );
46 rnd_std_rand( NULL, cid1, sizeof( cid1 ) );
Hanno Becker43c24b82019-05-01 09:45:57 +0100[diff] [blame]47#else
48 ((void) cid0_len);
49 ((void) cid1_len);
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]50#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]51
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]52 maclen = 0;
53
54 /* Pick cipher */
55 cipher_info = mbedtls_cipher_info_from_type( cipher_type );
56 CHK( cipher_info != NULL );
57 CHK( cipher_info->iv_size <= 16 );
58 CHK( cipher_info->key_bitlen % 8 == 0 );
59
60 /* Pick keys */
61 keylen = cipher_info->key_bitlen / 8;
Hanno Becker78d1f702019-04-05 09:56:10 +0100[diff] [blame]62 /* Allocate `keylen + 1` bytes to ensure that we get
63 * a non-NULL pointers from `mbedtls_calloc` even if
64 * `keylen == 0` in the case of the NULL cipher. */
65 CHK( ( key0 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL );
66 CHK( ( key1 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]67 memset( key0, 0x1, keylen );
68 memset( key1, 0x2, keylen );
69
70 /* Setup cipher contexts */
71 CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_enc, cipher_info ) == 0 );
72 CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_dec, cipher_info ) == 0 );
73 CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_enc, cipher_info ) == 0 );
74 CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_dec, cipher_info ) == 0 );
75
76#if defined(MBEDTLS_CIPHER_MODE_CBC)
77 if( cipher_info->mode == MBEDTLS_MODE_CBC )
78 {
79 CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_enc,
80 MBEDTLS_PADDING_NONE ) == 0 );
81 CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_dec,
82 MBEDTLS_PADDING_NONE ) == 0 );
83 CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_enc,
84 MBEDTLS_PADDING_NONE ) == 0 );
85 CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_dec,
86 MBEDTLS_PADDING_NONE ) == 0 );
87 }
88#endif /* MBEDTLS_CIPHER_MODE_CBC */
89
90 CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_enc, key0,
91 keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
92 CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_dec, key1,
93 keylen << 3, MBEDTLS_DECRYPT ) == 0 );
94 CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_enc, key1,
95 keylen << 3, MBEDTLS_ENCRYPT ) == 0 );
96 CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_dec, key0,
97 keylen << 3, MBEDTLS_DECRYPT ) == 0 );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]98
99 /* Setup MAC contexts */
100#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
101 if( cipher_info->mode == MBEDTLS_MODE_CBC ||
102 cipher_info->mode == MBEDTLS_MODE_STREAM )
103 {
104 mbedtls_md_info_t const *md_info;
105 unsigned char *md0, *md1;
106
107 /* Pick hash */
108 md_info = mbedtls_md_info_from_type( hash_id );
109 CHK( md_info != NULL );
110
111 /* Pick hash keys */
112 maclen = mbedtls_md_get_size( md_info );
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]113 CHK( ( md0 = mbedtls_calloc( 1, maclen ) ) != NULL );
114 CHK( ( md1 = mbedtls_calloc( 1, maclen ) ) != NULL );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]115 memset( md0, 0x5, maclen );
116 memset( md1, 0x6, maclen );
117
118 CHK( mbedtls_md_setup( &t_out->md_ctx_enc, md_info, 1 ) == 0 );
119 CHK( mbedtls_md_setup( &t_out->md_ctx_dec, md_info, 1 ) == 0 );
120 CHK( mbedtls_md_setup( &t_in->md_ctx_enc, md_info, 1 ) == 0 );
121 CHK( mbedtls_md_setup( &t_in->md_ctx_dec, md_info, 1 ) == 0 );
122
123 if( ver > MBEDTLS_SSL_MINOR_VERSION_0 )
124 {
125 CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_enc,
126 md0, maclen ) == 0 );
127 CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_dec,
128 md1, maclen ) == 0 );
129 CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_enc,
130 md1, maclen ) == 0 );
131 CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_dec,
132 md0, maclen ) == 0 );
133 }
134#if defined(MBEDTLS_SSL_PROTO_SSL3)
135 else
136 {
137 memcpy( &t_in->mac_enc, md0, maclen );
138 memcpy( &t_in->mac_dec, md1, maclen );
139 memcpy( &t_out->mac_enc, md1, maclen );
140 memcpy( &t_out->mac_dec, md0, maclen );
141 }
142#endif
143
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]144 mbedtls_free( md0 );
145 mbedtls_free( md1 );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]146 }
147#else
148 ((void) hash_id);
149#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
150
151
152 /* Pick IV's (regardless of whether they
153 * are being used by the transform). */
154 ivlen = cipher_info->iv_size;
155 memset( iv_enc, 0x3, sizeof( iv_enc ) );
156 memset( iv_dec, 0x4, sizeof( iv_dec ) );
157
158 /*
159 * Setup transforms
160 */
161
Jaeden Amero2de07f12019-06-05 13:32:08 +0100[diff] [blame]162#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
163 defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]164 t_out->encrypt_then_mac = etm;
165 t_in->encrypt_then_mac = etm;
166#else
167 ((void) etm);
168#endif
169
170 t_out->minor_ver = ver;
171 t_in->minor_ver = ver;
172 t_out->ivlen = ivlen;
173 t_in->ivlen = ivlen;
174
175 switch( cipher_info->mode )
176 {
177 case MBEDTLS_MODE_GCM:
178 case MBEDTLS_MODE_CCM:
179 t_out->fixed_ivlen = 4;
180 t_in->fixed_ivlen = 4;
181 t_out->maclen = 0;
182 t_in->maclen = 0;
183 switch( tag_mode )
184 {
185 case 0: /* Full tag */
186 t_out->taglen = 16;
187 t_in->taglen = 16;
188 break;
189 case 1: /* Partial tag */
190 t_out->taglen = 8;
191 t_in->taglen = 8;
192 break;
193 default:
194 return( 1 );
195 }
196 break;
197
198 case MBEDTLS_MODE_CHACHAPOLY:
199 t_out->fixed_ivlen = 12;
200 t_in->fixed_ivlen = 12;
201 t_out->maclen = 0;
202 t_in->maclen = 0;
203 switch( tag_mode )
204 {
205 case 0: /* Full tag */
206 t_out->taglen = 16;
207 t_in->taglen = 16;
208 break;
209 case 1: /* Partial tag */
210 t_out->taglen = 8;
211 t_in->taglen = 8;
212 break;
213 default:
214 return( 1 );
215 }
216 break;
217
218 case MBEDTLS_MODE_STREAM:
219 case MBEDTLS_MODE_CBC:
220 t_out->fixed_ivlen = 0; /* redundant, must be 0 */
221 t_in->fixed_ivlen = 0; /* redundant, must be 0 */
222 t_out->taglen = 0;
223 t_in->taglen = 0;
224 switch( tag_mode )
225 {
226 case 0: /* Full tag */
227 t_out->maclen = maclen;
228 t_in->maclen = maclen;
229 break;
230 case 1: /* Partial tag */
231 t_out->maclen = 10;
232 t_in->maclen = 10;
233 break;
234 default:
235 return( 1 );
236 }
237 break;
238 default:
239 return( 1 );
240 break;
241 }
242
243 /* Setup IV's */
244
245 memcpy( &t_in->iv_dec, iv_dec, sizeof( iv_dec ) );
246 memcpy( &t_in->iv_enc, iv_enc, sizeof( iv_enc ) );
247 memcpy( &t_out->iv_dec, iv_enc, sizeof( iv_enc ) );
248 memcpy( &t_out->iv_enc, iv_dec, sizeof( iv_dec ) );
249
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]250#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]251 /* Add CID */
252 memcpy( &t_in->in_cid, cid0, cid0_len );
253 memcpy( &t_in->out_cid, cid1, cid1_len );
254 t_in->in_cid_len = cid0_len;
255 t_in->out_cid_len = cid1_len;
256 memcpy( &t_out->in_cid, cid1, cid1_len );
257 memcpy( &t_out->out_cid, cid0, cid0_len );
258 t_out->in_cid_len = cid1_len;
259 t_out->out_cid_len = cid0_len;
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]260#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]261
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]262cleanup:
263
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]264 mbedtls_free( key0 );
265 mbedtls_free( key1 );
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]266
Hanno Beckera5780f12019-04-05 09:55:37 +0100[diff] [blame]267 return( ret );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]268}
269
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]270/*
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]271 * Populate a session structure for serialization tests.
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]272 * Choose dummy values, mostly non-0 to distinguish from the init default.
273 */
274static int ssl_populate_session( mbedtls_ssl_session *session,
Manuel Pégourié-Gonnard220403b2019-05-24 09:54:21 +0200[diff] [blame]275 int ticket_len,
276 const char *crt_file )
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]277{
278#if defined(MBEDTLS_HAVE_TIME)
279 session->start = mbedtls_time( NULL ) - 42;
280#endif
281 session->ciphersuite = 0xabcd;
282 session->compression = 1;
283 session->id_len = sizeof( session->id );
284 memset( session->id, 66, session->id_len );
Manuel Pégourié-Gonnard220403b2019-05-24 09:54:21 +0200[diff] [blame]285 memset( session->master, 17, sizeof( session->master ) );
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]286
Manuel Pégourié-Gonnard1f6033a2019-05-24 10:17:52 +0200[diff] [blame]287#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_FS_IO)
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]288 if( strlen( crt_file ) != 0 )
289 {
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]290 mbedtls_x509_crt tmp_crt;
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]291 int ret;
Manuel Pégourié-Gonnard6b840702019-05-24 09:40:17 +0200[diff] [blame]292
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]293 mbedtls_x509_crt_init( &tmp_crt );
294 ret = mbedtls_x509_crt_parse_file( &tmp_crt, crt_file );
295 if( ret != 0 )
296 return( ret );
297
298#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
299 /* Move temporary CRT. */
Manuel Pégourié-Gonnard6b840702019-05-24 09:40:17 +0200[diff] [blame]300 session->peer_cert = mbedtls_calloc( 1, sizeof( *session->peer_cert ) );
301 if( session->peer_cert == NULL )
302 return( -1 );
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]303 *session->peer_cert = tmp_crt;
304 memset( &tmp_crt, 0, sizeof( tmp_crt ) );
305#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
306 /* Calculate digest of temporary CRT. */
307 session->peer_cert_digest =
308 mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN );
309 if( session->peer_cert_digest == NULL )
310 return( -1 );
311 ret = mbedtls_md( mbedtls_md_info_from_type(
312 MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ),
313 tmp_crt.raw.p, tmp_crt.raw.len,
314 session->peer_cert_digest );
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]315 if( ret != 0 )
316 return( ret );
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]317 session->peer_cert_digest_type =
318 MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE;
319 session->peer_cert_digest_len =
320 MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN;
321#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
322
323 mbedtls_x509_crt_free( &tmp_crt );
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]324 }
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]325#else /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]326 (void) crt_file;
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]327#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]328 session->verify_result = 0xdeadbeef;
329
330#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
331 if( ticket_len != 0 )
332 {
333 session->ticket = mbedtls_calloc( 1, ticket_len );
Manuel Pégourié-Gonnard220403b2019-05-24 09:54:21 +0200[diff] [blame]334 if( session->ticket == NULL )
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]335 return( -1 );
336 memset( session->ticket, 33, ticket_len );
337 }
338 session->ticket_len = ticket_len;
339 session->ticket_lifetime = 86401;
340#else
341 (void) ticket_len;
342#endif
343
344#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
345 session->mfl_code = 1;
346#endif
347#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
348 session->trunc_hmac = 1;
349#endif
350#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
351 session->encrypt_then_mac = 1;
352#endif
353
354 return( 0 );
355}
356
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]357/* END_HEADER */
358
359/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]360 * depends_on:MBEDTLS_SSL_TLS_C
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]361 * END_DEPENDENCIES
362 */
363
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]364/* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]365void ssl_dtls_replay( data_t * prevs, data_t * new, int ret )
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]366{
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]367 uint32_t len = 0;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]368 mbedtls_ssl_context ssl;
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200[diff] [blame]369 mbedtls_ssl_config conf;
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]370
Manuel Pégourié-Gonnard41d479e2015-04-29 00:48:22 +0200[diff] [blame]371 mbedtls_ssl_init( &ssl );
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200[diff] [blame]372 mbedtls_ssl_config_init( &conf );
Manuel Pégourié-Gonnard41d479e2015-04-29 00:48:22 +0200[diff] [blame]373
Manuel Pégourié-Gonnard419d5ae2015-05-04 19:32:36 +0200[diff] [blame]374 TEST_ASSERT( mbedtls_ssl_config_defaults( &conf,
375 MBEDTLS_SSL_IS_CLIENT,
Manuel Pégourié-Gonnardb31c5f62015-06-17 13:53:47 +0200[diff] [blame]376 MBEDTLS_SSL_TRANSPORT_DATAGRAM,
377 MBEDTLS_SSL_PRESET_DEFAULT ) == 0 );
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200[diff] [blame]378 TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]379
380 /* Read previous record numbers */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]381 for( len = 0; len < prevs->len; len += 6 )
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]382 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]383 memcpy( ssl.in_ctr + 2, prevs->x + len, 6 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]384 mbedtls_ssl_dtls_replay_update( &ssl );
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]385 }
386
387 /* Check new number */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]388 memcpy( ssl.in_ctr + 2, new->x, 6 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]389 TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret );
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]390
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]391 mbedtls_ssl_free( &ssl );
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200[diff] [blame]392 mbedtls_ssl_config_free( &conf );
Manuel Pégourié-Gonnard4956fd72014-09-24 11:13:44 +0200[diff] [blame]393}
394/* END_CASE */
Hanno Beckerb25c0c72017-05-05 11:24:30 +0100[diff] [blame]395
396/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
397void ssl_set_hostname_twice( char *hostname0, char *hostname1 )
398{
399 mbedtls_ssl_context ssl;
400 mbedtls_ssl_init( &ssl );
401
402 TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 );
403 TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 );
404
405 mbedtls_ssl_free( &ssl );
406}
Darryl Green11999bb2018-03-13 15:22:58 +0000[diff] [blame]407/* END_CASE */
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]408
409/* BEGIN_CASE */
410void ssl_crypt_record( int cipher_type, int hash_id,
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]411 int etm, int tag_mode, int ver,
412 int cid0_len, int cid1_len )
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]413{
414 /*
415 * Test several record encryptions and decryptions
416 * with plenty of space before and after the data
417 * within the record buffer.
418 */
419
420 int ret;
421 int num_records = 16;
422 mbedtls_ssl_context ssl; /* ONLY for debugging */
423
424 mbedtls_ssl_transform t0, t1;
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]425 unsigned char *buf = NULL;
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]426 size_t const buflen = 512;
427 mbedtls_record rec, rec_backup;
428
429 mbedtls_ssl_init( &ssl );
430 mbedtls_ssl_transform_init( &t0 );
431 mbedtls_ssl_transform_init( &t1 );
432 TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id,
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]433 etm, tag_mode, ver,
434 (size_t) cid0_len,
435 (size_t) cid1_len ) == 0 );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]436
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]437 TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]438
439 while( num_records-- > 0 )
440 {
441 mbedtls_ssl_transform *t_dec, *t_enc;
442 /* Take turns in who's sending and who's receiving. */
443 if( num_records % 3 == 0 )
444 {
445 t_dec = &t0;
446 t_enc = &t1;
447 }
448 else
449 {
450 t_dec = &t1;
451 t_enc = &t0;
452 }
453
454 /*
455 * The record header affects the transformation in two ways:
456 * 1) It determines the AEAD additional data
457 * 2) The record counter sometimes determines the IV.
458 *
459 * Apart from that, the fields don't have influence.
460 * In particular, it is currently not the responsibility
461 * of ssl_encrypt/decrypt_buf to check if the transform
462 * version matches the record version, or that the
463 * type is sensible.
464 */
465
466 memset( rec.ctr, num_records, sizeof( rec.ctr ) );
467 rec.type = 42;
468 rec.ver[0] = num_records;
469 rec.ver[1] = num_records;
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]470#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]471 rec.cid_len = 0;
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]472#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]473
474 rec.buf = buf;
475 rec.buf_len = buflen;
476 rec.data_offset = 16;
477 /* Make sure to vary the length to exercise different
478 * paddings. */
479 rec.data_len = 1 + num_records;
480
481 memset( rec.buf + rec.data_offset, 42, rec.data_len );
482
483 /* Make a copy for later comparison */
484 rec_backup = rec;
485
486 /* Encrypt record */
487 ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec,
488 rnd_std_rand, NULL );
489 TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
490 if( ret != 0 )
491 {
492 continue;
493 }
494
495 /* Decrypt record with t_dec */
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]496 ret = mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec );
497 TEST_ASSERT( ret == 0 );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]498
499 /* Compare results */
500 TEST_ASSERT( rec.type == rec_backup.type );
501 TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 );
502 TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] );
503 TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] );
504 TEST_ASSERT( rec.data_len == rec_backup.data_len );
505 TEST_ASSERT( rec.data_offset == rec_backup.data_offset );
506 TEST_ASSERT( memcmp( rec.buf + rec.data_offset,
507 rec_backup.buf + rec_backup.data_offset,
508 rec.data_len ) == 0 );
509 }
510
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]511exit:
512
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]513 /* Cleanup */
514 mbedtls_ssl_free( &ssl );
515 mbedtls_ssl_transform_free( &t0 );
516 mbedtls_ssl_transform_free( &t1 );
517
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]518 mbedtls_free( buf );
Hanno Beckera18d1322018-01-03 14:27:32 +0000[diff] [blame]519}
520/* END_CASE */
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]521
522/* BEGIN_CASE */
523void ssl_crypt_record_small( int cipher_type, int hash_id,
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]524 int etm, int tag_mode, int ver,
525 int cid0_len, int cid1_len )
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]526{
527 /*
528 * Test pairs of encryption and decryption with an increasing
529 * amount of space in the record buffer - in more detail:
530 * 1) Try to encrypt with 0, 1, 2, ... bytes available
531 * in front of the plaintext, and expect the encryption
532 * to succeed starting from some offset. Always keep
533 * enough space in the end of the buffer.
534 * 2) Try to encrypt with 0, 1, 2, ... bytes available
535 * at the end of the plaintext, and expect the encryption
536 * to succeed starting from some offset. Always keep
537 * enough space at the beginning of the buffer.
538 * 3) Try to encrypt with 0, 1, 2, ... bytes available
539 * both at the front and end of the plaintext,
540 * and expect the encryption to succeed starting from
541 * some offset.
542 *
543 * If encryption succeeds, check that decryption succeeds
544 * and yields the original record.
545 */
546
547 mbedtls_ssl_context ssl; /* ONLY for debugging */
548
549 mbedtls_ssl_transform t0, t1;
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]550 unsigned char *buf = NULL;
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]551 size_t const buflen = 256;
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]552 mbedtls_record rec, rec_backup;
553
554 int ret;
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]555 int mode; /* Mode 1, 2 or 3 as explained above */
556 size_t offset; /* Available space at beginning/end/both */
557 size_t threshold = 96; /* Maximum offset to test against */
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]558
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]559 size_t default_pre_padding = 64; /* Pre-padding to use in mode 2 */
560 size_t default_post_padding = 128; /* Post-padding to use in mode 1 */
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]561
562 int seen_success; /* Indicates if in the current mode we've
563 * already seen a successful test. */
564
565 mbedtls_ssl_init( &ssl );
566 mbedtls_ssl_transform_init( &t0 );
567 mbedtls_ssl_transform_init( &t1 );
568 TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id,
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]569 etm, tag_mode, ver,
570 (size_t) cid0_len,
571 (size_t) cid1_len ) == 0 );
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]572
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]573 TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL );
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]574
575 for( mode=1; mode <= 3; mode++ )
576 {
577 seen_success = 0;
578 for( offset=0; offset <= threshold; offset++ )
579 {
580 mbedtls_ssl_transform *t_dec, *t_enc;
Hanno Becker6c87b3f2019-04-29 17:24:44 +0100[diff] [blame]581 t_dec = &t0;
582 t_enc = &t1;
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]583
584 memset( rec.ctr, offset, sizeof( rec.ctr ) );
585 rec.type = 42;
586 rec.ver[0] = offset;
587 rec.ver[1] = offset;
588 rec.buf = buf;
589 rec.buf_len = buflen;
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]590#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
Hanno Beckerd856c822019-04-29 17:30:59 +0100[diff] [blame]591 rec.cid_len = 0;
Hanno Beckera0e20d02019-05-15 14:03:01 +0100[diff] [blame]592#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]593
594 switch( mode )
595 {
596 case 1: /* Space in the beginning */
597 rec.data_offset = offset;
598 rec.data_len = buflen - offset - default_post_padding;
599 break;
600
601 case 2: /* Space in the end */
602 rec.data_offset = default_pre_padding;
603 rec.data_len = buflen - default_pre_padding - offset;
604 break;
605
606 case 3: /* Space in the beginning and end */
607 rec.data_offset = offset;
608 rec.data_len = buflen - 2 * offset;
609 break;
610
611 default:
612 TEST_ASSERT( 0 );
613 break;
614 }
615
616 memset( rec.buf + rec.data_offset, 42, rec.data_len );
617
618 /* Make a copy for later comparison */
619 rec_backup = rec;
620
621 /* Encrypt record */
622 ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec, rnd_std_rand, NULL );
623
624 if( ( mode == 1 || mode == 2 ) && seen_success )
625 {
626 TEST_ASSERT( ret == 0 );
627 }
628 else
629 {
630 TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
631 if( ret == 0 )
632 seen_success = 1;
633 }
634
635 if( ret != 0 )
636 continue;
637
638 /* Decrypt record with t_dec */
639 TEST_ASSERT( mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec ) == 0 );
640
641 /* Compare results */
642 TEST_ASSERT( rec.type == rec_backup.type );
643 TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 );
644 TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] );
645 TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] );
646 TEST_ASSERT( rec.data_len == rec_backup.data_len );
647 TEST_ASSERT( rec.data_offset == rec_backup.data_offset );
648 TEST_ASSERT( memcmp( rec.buf + rec.data_offset,
649 rec_backup.buf + rec_backup.data_offset,
650 rec.data_len ) == 0 );
651 }
652
653 TEST_ASSERT( seen_success == 1 );
654 }
655
Hanno Becker81e16a32019-03-01 11:21:44 +0000[diff] [blame]656exit:
657
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]658 /* Cleanup */
659 mbedtls_ssl_free( &ssl );
660 mbedtls_ssl_transform_free( &t0 );
661 mbedtls_ssl_transform_free( &t1 );
662
Hanno Becker3ee54212019-04-04 16:31:26 +0100[diff] [blame]663 mbedtls_free( buf );
Hanno Beckerb3268da2018-01-05 15:20:24 +0000[diff] [blame]664}
665/* END_CASE */
Ron Eldor824ad7b2019-05-13 14:09:00 +0300[diff] [blame]666
667/* BEGIN_CASE */
668void ssl_tls_prf( int type, data_t * secret, data_t * random,
669 char *label, data_t *result_hex_str, int exp_ret )
670{
671 unsigned char *output;
672
673 output = mbedtls_calloc( 1, result_hex_str->len );
674 if( output == NULL )
675 goto exit;
676
Ron Eldor6b9b1b82019-05-15 17:04:33 +0300[diff] [blame]677#if defined(MBEDTLS_USE_PSA_CRYPTO)
678 TEST_ASSERT( psa_crypto_init() == 0 );
679#endif
680
Ron Eldor824ad7b2019-05-13 14:09:00 +0300[diff] [blame]681 TEST_ASSERT( mbedtls_ssl_tls_prf( type, secret->x, secret->len,
682 label, random->x, random->len,
683 output, result_hex_str->len ) == exp_ret );
684
685 if( exp_ret == 0 )
686 {
687 TEST_ASSERT( hexcmp( output, result_hex_str->x,
688 result_hex_str->len, result_hex_str->len ) == 0 );
689 }
690exit:
691
692 mbedtls_free( output );
693}
694/* END_CASE */
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]695
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]696/* BEGIN_CASE */
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]697void ssl_serialize_session_save_load( int ticket_len, char *crt_file )
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]698{
699 mbedtls_ssl_session original, restored;
700 unsigned char *buf = NULL;
701 size_t len;
702
703 /*
704 * Test that a save-load pair is the identity
705 */
706
707 mbedtls_ssl_session_init( &original );
708 mbedtls_ssl_session_init( &restored );
709
710 /* Prepare a dummy session to work on */
711 TEST_ASSERT( ssl_populate_session( &original, ticket_len, crt_file ) == 0 );
712
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]713 /* Serialize it */
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]714 TEST_ASSERT( mbedtls_ssl_session_save( &original, NULL, 0, &len )
715 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
716 TEST_ASSERT( ( buf = mbedtls_calloc( 1, len ) ) != NULL );
717 TEST_ASSERT( mbedtls_ssl_session_save( &original, buf, len, &len )
718 == 0 );
719
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]720 /* Restore session from serialized data */
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]721 TEST_ASSERT( mbedtls_ssl_session_load( &restored, buf, len) == 0 );
722
723 /*
724 * Make sure both session structures are identical
725 */
726#if defined(MBEDTLS_HAVE_TIME)
727 TEST_ASSERT( original.start == restored.start );
728#endif
729 TEST_ASSERT( original.ciphersuite == restored.ciphersuite );
730 TEST_ASSERT( original.compression == restored.compression );
731 TEST_ASSERT( original.id_len == restored.id_len );
732 TEST_ASSERT( memcmp( original.id,
733 restored.id, sizeof( original.id ) ) == 0 );
734 TEST_ASSERT( memcmp( original.master,
735 restored.master, sizeof( original.master ) ) == 0 );
736
737#if defined(MBEDTLS_X509_CRT_PARSE_C)
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]738#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]739 TEST_ASSERT( ( original.peer_cert == NULL ) ==
740 ( restored.peer_cert == NULL ) );
741 if( original.peer_cert != NULL )
742 {
743 TEST_ASSERT( original.peer_cert->raw.len ==
744 restored.peer_cert->raw.len );
745 TEST_ASSERT( memcmp( original.peer_cert->raw.p,
746 restored.peer_cert->raw.p,
747 original.peer_cert->raw.len ) == 0 );
748 }
Manuel Pégourié-Gonnardee13a732019-07-29 13:00:39 +0200[diff] [blame]749#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
750 TEST_ASSERT( original.peer_cert_digest_type ==
751 restored.peer_cert_digest_type );
752 TEST_ASSERT( original.peer_cert_digest_len ==
753 restored.peer_cert_digest_len );
754 TEST_ASSERT( ( original.peer_cert_digest == NULL ) ==
755 ( restored.peer_cert_digest == NULL ) );
756 if( original.peer_cert_digest != NULL )
757 {
758 TEST_ASSERT( memcmp( original.peer_cert_digest,
759 restored.peer_cert_digest,
760 original.peer_cert_digest_len ) == 0 );
761 }
762#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
763#endif /* MBEDTLS_X509_CRT_PARSE_C */
Manuel Pégourié-Gonnardf9deaec2019-05-24 09:41:39 +0200[diff] [blame]764 TEST_ASSERT( original.verify_result == restored.verify_result );
765
766#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
767 TEST_ASSERT( original.ticket_len == restored.ticket_len );
768 if( original.ticket_len != 0 )
769 {
770 TEST_ASSERT( original.ticket != NULL );
771 TEST_ASSERT( restored.ticket != NULL );
772 TEST_ASSERT( memcmp( original.ticket,
773 restored.ticket, original.ticket_len ) == 0 );
774 }
775 TEST_ASSERT( original.ticket_lifetime == restored.ticket_lifetime );
776#endif
777
778#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
779 TEST_ASSERT( original.mfl_code == restored.mfl_code );
780#endif
781
782#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
783 TEST_ASSERT( original.trunc_hmac == restored.trunc_hmac );
784#endif
785
786#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
787 TEST_ASSERT( original.encrypt_then_mac == restored.encrypt_then_mac );
788#endif
789
790exit:
791 mbedtls_ssl_session_free( &original );
792 mbedtls_ssl_session_free( &restored );
793 mbedtls_free( buf );
794}
795/* END_CASE */
796
Manuel Pégourié-Gonnardaa755832019-06-03 10:53:47 +0200[diff] [blame]797/* BEGIN_CASE */
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]798void ssl_serialize_session_load_save( int ticket_len, char *crt_file )
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]799{
800 mbedtls_ssl_session session;
801 unsigned char *buf1 = NULL, *buf2 = NULL;
802 size_t len0, len1, len2;
803
804 /*
805 * Test that a load-save pair is the identity
806 */
807
808 mbedtls_ssl_session_init( &session );
809
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]810 /* Prepare a dummy session to work on */
Manuel Pégourié-Gonnard6b840702019-05-24 09:40:17 +0200[diff] [blame]811 TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
Manuel Pégourié-Gonnard3caa6ca2019-05-23 10:06:14 +0200[diff] [blame]812
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]813 /* Get desired buffer size for serializing */
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]814 TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &len0 )
815 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
816
817 /* Allocate first buffer */
818 buf1 = mbedtls_calloc( 1, len0 );
819 TEST_ASSERT( buf1 != NULL );
820
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]821 /* Serialize to buffer and free live session */
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]822 TEST_ASSERT( mbedtls_ssl_session_save( &session, buf1, len0, &len1 )
823 == 0 );
824 TEST_ASSERT( len0 == len1 );
825 mbedtls_ssl_session_free( &session );
826
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]827 /* Restore session from serialized data */
Manuel Pégourié-Gonnard220403b2019-05-24 09:54:21 +0200[diff] [blame]828 TEST_ASSERT( mbedtls_ssl_session_load( &session, buf1, len1 ) == 0 );
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]829
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]830 /* Allocate second buffer and serialize to it */
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]831 buf2 = mbedtls_calloc( 1, len0 );
Manuel Pégourié-Gonnardb4079902019-05-24 09:52:10 +0200[diff] [blame]832 TEST_ASSERT( buf2 != NULL );
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]833 TEST_ASSERT( mbedtls_ssl_session_save( &session, buf2, len0, &len2 )
834 == 0 );
835
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]836 /* Make sure both serialized versions are identical */
Manuel Pégourié-Gonnard6eac11b2019-05-23 09:30:55 +0200[diff] [blame]837 TEST_ASSERT( len1 == len2 );
838 TEST_ASSERT( memcmp( buf1, buf2, len1 ) == 0 );
839
840exit:
841 mbedtls_ssl_session_free( &session );
842 mbedtls_free( buf1 );
843 mbedtls_free( buf2 );
844}
845/* END_CASE */
Manuel Pégourié-Gonnardf5fa0aa2019-05-23 10:38:11 +0200[diff] [blame]846
847/* BEGIN_CASE */
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]848void ssl_serialize_session_save_buf_size( int ticket_len, char *crt_file )
Manuel Pégourié-Gonnardf5fa0aa2019-05-23 10:38:11 +0200[diff] [blame]849{
850 mbedtls_ssl_session session;
851 unsigned char *buf = NULL;
852 size_t good_len, bad_len, test_len;
853
854 /*
855 * Test that session_save() fails cleanly on small buffers
856 */
857
858 mbedtls_ssl_session_init( &session );
859
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]860 /* Prepare dummy session and get serialized size */
Manuel Pégourié-Gonnard6b840702019-05-24 09:40:17 +0200[diff] [blame]861 TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
Manuel Pégourié-Gonnardf5fa0aa2019-05-23 10:38:11 +0200[diff] [blame]862 TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len )
863 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
864
865 /* Try all possible bad lengths */
866 for( bad_len = 1; bad_len < good_len; bad_len++ )
867 {
868 /* Allocate exact size so that asan/valgrind can detect any overwrite */
869 mbedtls_free( buf );
870 TEST_ASSERT( ( buf = mbedtls_calloc( 1, bad_len ) ) != NULL );
871 TEST_ASSERT( mbedtls_ssl_session_save( &session, buf, bad_len,
872 &test_len )
873 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
874 TEST_ASSERT( test_len == good_len );
875 }
876
877exit:
878 mbedtls_ssl_session_free( &session );
879 mbedtls_free( buf );
880}
881/* END_CASE */
Manuel Pégourié-Gonnarda3d831b2019-05-23 12:28:45 +0200[diff] [blame]882
883/* BEGIN_CASE */
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]884void ssl_serialize_session_load_buf_size( int ticket_len, char *crt_file )
Manuel Pégourié-Gonnarda3d831b2019-05-23 12:28:45 +0200[diff] [blame]885{
886 mbedtls_ssl_session session;
887 unsigned char *good_buf = NULL, *bad_buf = NULL;
888 size_t good_len, bad_len;
889
890 /*
891 * Test that session_load() fails cleanly on small buffers
892 */
893
894 mbedtls_ssl_session_init( &session );
895
Manuel Pégourié-Gonnard686adb42019-06-03 09:55:16 +0200[diff] [blame]896 /* Prepare serialized session data */
Manuel Pégourié-Gonnard6b840702019-05-24 09:40:17 +0200[diff] [blame]897 TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
Manuel Pégourié-Gonnarda3d831b2019-05-23 12:28:45 +0200[diff] [blame]898 TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len )
899 == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
900 TEST_ASSERT( ( good_buf = mbedtls_calloc( 1, good_len ) ) != NULL );
901 TEST_ASSERT( mbedtls_ssl_session_save( &session, good_buf, good_len,
902 &good_len ) == 0 );
903 mbedtls_ssl_session_free( &session );
904
905 /* Try all possible bad lengths */
906 for( bad_len = 0; bad_len < good_len; bad_len++ )
907 {
908 /* Allocate exact size so that asan/valgrind can detect any overread */
909 mbedtls_free( bad_buf );
910 bad_buf = mbedtls_calloc( 1, bad_len ? bad_len : 1 );
911 TEST_ASSERT( bad_buf != NULL );
912 memcpy( bad_buf, good_buf, bad_len );
913
914 TEST_ASSERT( mbedtls_ssl_session_load( &session, bad_buf, bad_len )
915 == MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
916 }
917
918exit:
919 mbedtls_ssl_session_free( &session );
920 mbedtls_free( good_buf );
921 mbedtls_free( bad_buf );
922}
923/* END_CASE */
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]924
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]925/* BEGIN_CASE */
926void ssl_session_serialize_version_check( int corrupt_major,
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]927 int corrupt_minor,
928 int corrupt_patch,
929 int corrupt_config )
930{
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]931 unsigned char serialized_session[ 2048 ];
932 size_t serialized_session_len;
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]933
934 mbedtls_ssl_session session;
935 mbedtls_ssl_session_init( &session );
936
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]937 /* Infer length of serialized session. */
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]938 TEST_ASSERT( mbedtls_ssl_session_save( &session,
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]939 serialized_session,
940 sizeof( serialized_session ),
941 &serialized_session_len ) == 0 );
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]942
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]943 mbedtls_ssl_session_free( &session );
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]944
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]945 /* Without any modification, we should be able to successfully
946 * de-serialize the session - double-check that. */
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]947 TEST_ASSERT( mbedtls_ssl_session_load( &session,
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]948 serialized_session,
949 serialized_session_len ) == 0 );
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]950 mbedtls_ssl_session_free( &session );
951
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]952 if( corrupt_major )
953 serialized_session[0] ^= (uint8_t) 0x1;
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]954
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]955 if( corrupt_minor )
956 serialized_session[1] ^= (uint8_t) 0x1;
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]957
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]958 if( corrupt_patch )
959 serialized_session[2] ^= (uint8_t) 0x1;
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]960
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]961 if( corrupt_config )
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]962 {
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]963 serialized_session[3] ^= (uint8_t) 0x1;
964 serialized_session[4] ^= (uint8_t) 0x1;
965 serialized_session[5] ^= (uint8_t) 0x1;
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]966 }
967
Hanno Becker363b6462019-05-29 12:44:28 +0100[diff] [blame^]968 TEST_ASSERT( mbedtls_ssl_session_load( &session,
969 serialized_session,
970 serialized_session_len ) ==
Hanno Becker861d0bb2019-05-21 16:39:30 +0100[diff] [blame]971 MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
972}
973/* END_CASE */