tests: ssl: Move group list to options
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h
index 1f41966..44c2fcf 100644
--- a/tests/include/test/ssl_helpers.h
+++ b/tests/include/test/ssl_helpers.h
@@ -85,6 +85,7 @@
typedef struct mbedtls_test_handshake_test_options {
const char *cipher;
+ uint16_t *group_list;
mbedtls_ssl_protocol_version client_min_version;
mbedtls_ssl_protocol_version client_max_version;
mbedtls_ssl_protocol_version server_min_version;
@@ -440,8 +441,7 @@
mbedtls_test_handshake_test_options *options,
mbedtls_test_message_socket_context *dtls_context,
mbedtls_test_ssl_message_queue *input_queue,
- mbedtls_test_ssl_message_queue *output_queue,
- uint16_t *group_list);
+ mbedtls_test_ssl_message_queue *output_queue);
/*
* Deinitializes endpoint represented by \p ep.
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index 980c192..cc96cfe 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -50,6 +50,7 @@
rng_seed += 0xD0;
#endif
opts->cipher = "";
+ opts->group_list = NULL;
opts->client_min_version = MBEDTLS_SSL_VERSION_UNKNOWN;
opts->client_max_version = MBEDTLS_SSL_VERSION_UNKNOWN;
opts->server_min_version = MBEDTLS_SSL_VERSION_UNKNOWN;
@@ -733,8 +734,7 @@
mbedtls_test_handshake_test_options *options,
mbedtls_test_message_socket_context *dtls_context,
mbedtls_test_ssl_message_queue *input_queue,
- mbedtls_test_ssl_message_queue *output_queue,
- uint16_t *group_list)
+ mbedtls_test_ssl_message_queue *output_queue)
{
int ret = -1;
uintptr_t user_data_n;
@@ -818,8 +818,8 @@
}
}
- if (group_list != NULL) {
- mbedtls_ssl_conf_groups(&(ep->conf), group_list);
+ if (options->group_list != NULL) {
+ mbedtls_ssl_conf_groups(&(ep->conf), options->group_list);
}
mbedtls_ssl_conf_authmode(&(ep->conf), MBEDTLS_SSL_VERIFY_REQUIRED);
@@ -2006,7 +2006,7 @@
MBEDTLS_SSL_IS_CLIENT,
options, &client_context,
&client_queue,
- &server_queue, NULL) == 0);
+ &server_queue) == 0);
#if defined(MBEDTLS_TIMING_C)
mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client,
mbedtls_timing_set_delay,
@@ -2016,7 +2016,7 @@
TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client,
MBEDTLS_SSL_IS_CLIENT,
options, NULL, NULL,
- NULL, NULL) == 0);
+ NULL) == 0);
}
if (strlen(options->cipher) > 0) {
@@ -2029,7 +2029,7 @@
MBEDTLS_SSL_IS_SERVER,
options, &server_context,
&server_queue,
- &client_queue, NULL) == 0);
+ &client_queue) == 0);
#if defined(MBEDTLS_TIMING_C)
mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server,
mbedtls_timing_set_delay,
@@ -2038,7 +2038,7 @@
} else {
TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server,
MBEDTLS_SSL_IS_SERVER,
- options, NULL, NULL, NULL,
+ options, NULL, NULL,
NULL) == 0);
}
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 8687a4d..02b9500 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -2457,7 +2457,7 @@
MD_OR_USE_PSA_INIT();
ret = mbedtls_test_ssl_endpoint_init(NULL, endpoint_type, &options,
- NULL, NULL, NULL, NULL);
+ NULL, NULL, NULL);
TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret);
ret = mbedtls_test_ssl_endpoint_certificate_init(NULL, options.pk_alg,
@@ -2465,7 +2465,7 @@
TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret);
ret = mbedtls_test_ssl_endpoint_init(&ep, endpoint_type, &options,
- NULL, NULL, NULL, NULL);
+ NULL, NULL, NULL);
TEST_ASSERT(ret == 0);
exit:
@@ -2509,14 +2509,14 @@
mbedtls_platform_zeroize(&second_ep, sizeof(second_ep));
ret = mbedtls_test_ssl_endpoint_init(&base_ep, endpoint_type, &options,
- NULL, NULL, NULL, NULL);
+ NULL, NULL, NULL);
TEST_ASSERT(ret == 0);
ret = mbedtls_test_ssl_endpoint_init(
&second_ep,
(endpoint_type == MBEDTLS_SSL_IS_SERVER) ?
MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER,
- &options, NULL, NULL, NULL, NULL);
+ &options, NULL, NULL, NULL);
TEST_ASSERT(ret == 0);
@@ -3069,11 +3069,10 @@
TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
&options, NULL, NULL,
- NULL, NULL) == 0);
+ NULL) == 0);
TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
- &options, NULL, NULL, NULL,
- NULL) == 0);
+ &options, NULL, NULL, NULL) == 0);
mbedtls_debug_set_threshold(1);
mbedtls_ssl_conf_dbg(&server.conf, options.srv_log_fun,
@@ -3248,8 +3247,9 @@
mbedtls_test_ssl_endpoint client, server;
mbedtls_psa_stats_t stats;
size_t free_slots_before = -1;
- mbedtls_test_handshake_test_options options;
- mbedtls_test_init_handshake_options(&options);
+ mbedtls_test_handshake_test_options client_options, server_options;
+ mbedtls_test_init_handshake_options(&client_options);
+ mbedtls_test_init_handshake_options(&server_options);
uint16_t iana_tls_group_list[] = { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1,
MBEDTLS_SSL_IANA_TLS_GROUP_NONE };
@@ -3257,21 +3257,22 @@
mbedtls_platform_zeroize(&client, sizeof(client));
mbedtls_platform_zeroize(&server, sizeof(server));
- options.pk_alg = MBEDTLS_PK_ECDSA;
- options.server_min_version = MBEDTLS_SSL_VERSION_TLS1_2;
- options.server_max_version = MBEDTLS_SSL_VERSION_TLS1_2;
-
/* Client side, force SECP256R1 to make one key bitflip fail
* the raw key agreement. Flipping the first byte makes the
* required 0x04 identifier invalid. */
+ client_options.pk_alg = MBEDTLS_PK_ECDSA;
+ client_options.group_list = iana_tls_group_list;
TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT,
- &options, NULL, NULL,
- NULL, iana_tls_group_list), 0);
+ &client_options, NULL, NULL,
+ NULL), 0);
/* Server side */
+ server_options.pk_alg = MBEDTLS_PK_ECDSA;
+ server_options.server_min_version = MBEDTLS_SSL_VERSION_TLS1_2;
+ server_options.server_max_version = MBEDTLS_SSL_VERSION_TLS1_2;
TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER,
- &options, NULL, NULL,
- NULL, NULL), 0);
+ &server_options, NULL, NULL,
+ NULL), 0);
TEST_EQUAL(mbedtls_test_mock_socket_connect(&(client.socket),
&(server.socket),
@@ -3307,7 +3308,8 @@
exit:
mbedtls_test_ssl_endpoint_free(&client, NULL);
mbedtls_test_ssl_endpoint_free(&server, NULL);
- mbedtls_test_free_handshake_options(&options);
+ mbedtls_test_free_handshake_options(&client_options);
+ mbedtls_test_free_handshake_options(&server_options);
MD_OR_USE_PSA_DONE();
}
@@ -3336,15 +3338,13 @@
client_options.pk_alg = MBEDTLS_PK_ECDSA;
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL, NULL,
- NULL);
+ &client_options, NULL, NULL, NULL);
TEST_EQUAL(ret, 0);
mbedtls_test_init_handshake_options(&server_options);
server_options.pk_alg = MBEDTLS_PK_ECDSA;
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL, NULL,
- NULL);
+ &server_options, NULL, NULL, NULL);
TEST_EQUAL(ret, 0);
ret = mbedtls_test_mock_socket_connect(&(client_ep.socket),
@@ -3591,14 +3591,12 @@
client_options.pk_alg = MBEDTLS_PK_ECDSA;
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL, NULL,
- NULL);
+ &client_options, NULL, NULL, NULL);
TEST_EQUAL(ret, 0);
server_options.pk_alg = MBEDTLS_PK_ECDSA;
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL, NULL,
- NULL);
+ &server_options, NULL, NULL, NULL);
mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
mbedtls_test_ticket_write,
mbedtls_test_ticket_parse,
@@ -3702,19 +3700,20 @@
PSA_INIT();
client_options.pk_alg = MBEDTLS_PK_ECDSA;
+ client_options.group_list = group_list;
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
- &client_options, NULL, NULL, NULL,
- group_list);
+ &client_options, NULL, NULL, NULL);
TEST_EQUAL(ret, 0);
mbedtls_ssl_conf_early_data(&client_ep.conf, MBEDTLS_SSL_EARLY_DATA_ENABLED);
server_options.pk_alg = MBEDTLS_PK_ECDSA;
+ server_options.group_list = group_list;
server_options.srv_log_fun = mbedtls_test_ssl_log_analyzer;
server_options.srv_log_obj = &server_pattern;
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
- &server_options, NULL, NULL, NULL,
- group_list);
+ &server_options, NULL, NULL, NULL);
TEST_EQUAL(ret, 0);
+
mbedtls_ssl_conf_early_data(&server_ep.conf, MBEDTLS_SSL_EARLY_DATA_ENABLED);
mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
mbedtls_test_ticket_write,