commit 55bc2c53af7d3ec19b84399d2d0c1f7dfd331322
author Hanno Becker <hanno.becker@arm.com> Mon May 24 06:53:52 2021 +0100
committer Hanno Becker <hanno.becker@arm.com> Mon May 24 11:20:30 2021 +0100
tree cc082d07167cb3722ee3eead7cde72b3aa152e23
parent b7d9bad6bedd147f45f1972a35d27e837ab1e565

Test TLS 1.3 PSK binder calculation helper

Signed-off-by: Hanno Becker <hanno.becker@arm.com>

tests/suites/test_suite_ssl.data

diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index 6060340..abc33b1 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -9257,6 +9257,12 @@
 # Vector from RFC 8448
 ssl_tls1_3_derive_resumption_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406"
 
+SSL TLS 1.3 Key schedule: PSK binder
+# Vector from RFC 8448
+# For the resumption PSK, see Section 3, 'generate resumption secret "tls13 resumption"'
+# For all other data, see Section 4, 'construct a ClientHello handshake message:'
+ssl_tls1_3_create_psk_binder:MBEDTLS_MD_SHA256:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3":MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION:"63224b2e4573f2d3454ca84b9d009a04f6be9e05711a8396473aefa01e924a14":"3add4fb2d8fdf822a0ca3cf7678ef5e88dae990141c5924d57bb6fa31b9e5f9d"
+
 SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE
 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
 

tests/suites/test_suite_ssl.function

diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 59fae70..d23949c 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -3914,6 +3914,36 @@
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+void ssl_tls1_3_create_psk_binder( int hash_alg,
+                                   data_t *psk,
+                                   int psk_type,
+                                   data_t *transcript,
+                                   data_t *binder_expected )
+{
+    unsigned char binder[ MBEDTLS_MD_MAX_SIZE ];
+
+    /* Double-check that we've passed sane parameters. */
+    mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
+    mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
+    size_t const md_size = mbedtls_md_get_size( md_info );
+    TEST_ASSERT( md_info != 0                    &&
+                 transcript->len == md_size      &&
+                 binder_expected->len == md_size );
+
+    TEST_ASSERT( mbedtls_ssl_tls1_3_create_psk_binder(
+                     NULL, /* SSL context for debugging only */
+                     md_type,
+                     psk->x, psk->len,
+                     psk_type,
+                     transcript->x,
+                     binder ) == 0 );
+
+    ASSERT_COMPARE( binder, md_size,
+                    binder_expected->x, binder_expected->len );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
 void ssl_tls1_3_key_evolution( int hash_alg,
                                data_t *secret,
                                data_t *input,