Yanray Wang | 5fce145 | 2022-10-24 14:42:01 +0800 | [diff] [blame] | 1 | /** \file ssl_helpers.h |
| 2 | * |
| 3 | * \brief This file contains helper functions to set up a TLS connection. |
| 4 | */ |
| 5 | |
| 6 | /* |
| 7 | * Copyright The Mbed TLS Contributors |
| 8 | * SPDX-License-Identifier: Apache-2.0 |
| 9 | * |
| 10 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| 11 | * not use this file except in compliance with the License. |
| 12 | * You may obtain a copy of the License at |
| 13 | * |
| 14 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 15 | * |
| 16 | * Unless required by applicable law or agreed to in writing, software |
| 17 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| 18 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 19 | * See the License for the specific language governing permissions and |
| 20 | * limitations under the License. |
| 21 | */ |
| 22 | |
| 23 | #ifndef SSL_HELPERS_H |
| 24 | #define SSL_HELPERS_H |
| 25 | |
| 26 | #include <test/helpers.h> |
| 27 | |
Yanray Wang | 59ab276 | 2022-10-26 09:57:53 +0800 | [diff] [blame^] | 28 | #include <mbedtls/ssl.h> |
| 29 | #include <mbedtls/ctr_drbg.h> |
| 30 | #include <mbedtls/entropy.h> |
| 31 | |
| 32 | typedef struct mbedtls_test_ssl_log_pattern { |
| 33 | const char *pattern; |
| 34 | size_t counter; |
| 35 | } mbedtls_test_ssl_log_pattern; |
| 36 | |
| 37 | /* Invalid minor version used when not specifying a min/max version or expecting a test to fail */ |
| 38 | #define TEST_SSL_MINOR_VERSION_NONE -1 |
| 39 | |
| 40 | typedef struct mbedtls_test_handshake_test_options { |
| 41 | const char *cipher; |
| 42 | int client_min_version; |
| 43 | int client_max_version; |
| 44 | int server_min_version; |
| 45 | int server_max_version; |
| 46 | int expected_negotiated_version; |
| 47 | int pk_alg; |
| 48 | data_t *psk_str; |
| 49 | int dtls; |
| 50 | int srv_auth_mode; |
| 51 | int serialize; |
| 52 | int mfl; |
| 53 | int cli_msg_len; |
| 54 | int srv_msg_len; |
| 55 | int expected_cli_fragments; |
| 56 | int expected_srv_fragments; |
| 57 | int renegotiate; |
| 58 | int legacy_renegotiation; |
| 59 | void *srv_log_obj; |
| 60 | void *cli_log_obj; |
| 61 | void (*srv_log_fun)(void *, int, const char *, int, const char *); |
| 62 | void (*cli_log_fun)(void *, int, const char *, int, const char *); |
| 63 | int resize_buffers; |
| 64 | } mbedtls_test_handshake_test_options; |
| 65 | |
| 66 | /* |
| 67 | * Buffer structure for custom I/O callbacks. |
| 68 | */ |
| 69 | typedef struct mbedtls_test_ssl_buffer { |
| 70 | size_t start; |
| 71 | size_t content_length; |
| 72 | size_t capacity; |
| 73 | unsigned char *buffer; |
| 74 | } mbedtls_test_ssl_buffer; |
| 75 | |
| 76 | /* |
| 77 | * Context for a message metadata queue (fifo) that is on top of the ring buffer. |
| 78 | */ |
| 79 | typedef struct mbedtls_test_ssl_message_queue { |
| 80 | size_t *messages; |
| 81 | int pos; |
| 82 | int num; |
| 83 | int capacity; |
| 84 | } mbedtls_test_ssl_message_queue; |
| 85 | |
| 86 | /* |
| 87 | * Context for the I/O callbacks simulating network connection. |
| 88 | */ |
| 89 | |
| 90 | #define MBEDTLS_MOCK_SOCKET_CONNECTED 1 |
| 91 | |
| 92 | typedef struct mbedtls_test_mock_socket { |
| 93 | int status; |
| 94 | mbedtls_test_ssl_buffer *input; |
| 95 | mbedtls_test_ssl_buffer *output; |
| 96 | struct mbedtls_test_mock_socket *peer; |
| 97 | } mbedtls_test_mock_socket; |
| 98 | |
| 99 | /* Errors used in the message socket mocks */ |
| 100 | |
| 101 | #define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55 |
| 102 | #define MBEDTLS_TEST_ERROR_SEND_FAILED -66 |
| 103 | #define MBEDTLS_TEST_ERROR_RECV_FAILED -77 |
| 104 | |
| 105 | /* |
| 106 | * Structure used as an addon, or a wrapper, around the mocked sockets. |
| 107 | * Contains an input queue, to which the other socket pushes metadata, |
| 108 | * and an output queue, to which this one pushes metadata. This context is |
| 109 | * considered as an owner of the input queue only, which is initialized and |
| 110 | * freed in the respective setup and free calls. |
| 111 | */ |
| 112 | typedef struct mbedtls_test_message_socket_context { |
| 113 | mbedtls_test_ssl_message_queue *queue_input; |
| 114 | mbedtls_test_ssl_message_queue *queue_output; |
| 115 | mbedtls_test_mock_socket *socket; |
| 116 | } mbedtls_test_message_socket_context; |
| 117 | |
| 118 | #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ |
| 119 | defined(MBEDTLS_CERTS_C) && \ |
| 120 | defined(MBEDTLS_ENTROPY_C) && \ |
| 121 | defined(MBEDTLS_CTR_DRBG_C) |
| 122 | |
| 123 | /* |
| 124 | * Structure with endpoint's certificates for SSL communication tests. |
| 125 | */ |
| 126 | typedef struct mbedtls_test_ssl_endpoint_certificate { |
| 127 | mbedtls_x509_crt *ca_cert; |
| 128 | mbedtls_x509_crt *cert; |
| 129 | mbedtls_pk_context *pkey; |
| 130 | } mbedtls_test_ssl_endpoint_certificate; |
| 131 | |
| 132 | /* |
| 133 | * Endpoint structure for SSL communication tests. |
| 134 | */ |
| 135 | typedef struct mbedtls_test_ssl_endpoint { |
| 136 | const char *name; |
| 137 | mbedtls_ssl_context ssl; |
| 138 | mbedtls_ssl_config conf; |
| 139 | mbedtls_ctr_drbg_context ctr_drbg; |
| 140 | mbedtls_entropy_context entropy; |
| 141 | mbedtls_test_mock_socket socket; |
| 142 | mbedtls_test_ssl_endpoint_certificate cert; |
| 143 | } mbedtls_test_ssl_endpoint; |
| 144 | |
| 145 | #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && |
| 146 | MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ |
| 147 | |
Yanray Wang | 5fce145 | 2022-10-24 14:42:01 +0800 | [diff] [blame] | 148 | #endif /* SSL_HELPERS_H */ |