| Yanray Wang | 47907a4 | 2022-10-24 14:42:01 +0800 | [diff] [blame] | 1 | /** \file ssl_helpers.c |
| 2 | * |
| 3 | * \brief Helper functions to set up a TLS connection. |
| 4 | */ |
| 5 | |
| 6 | /* |
| 7 | * Copyright The Mbed TLS Contributors |
| Dave Rodgman | 16799db | 2023-11-02 19:47:20 +0000 | [diff] [blame] | 8 | * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later |
| Yanray Wang | 47907a4 | 2022-10-24 14:42:01 +0800 | [diff] [blame] | 9 | */ |
| 10 | |
| 11 | #include <test/ssl_helpers.h> |
| Valerio Setti | 384fbde | 2024-01-02 13:26:40 +0100 | [diff] [blame] | 12 | #include "mbedtls/psa_util.h" |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 13 | |
| Yanray Wang | 4d07d1c | 2022-10-27 15:28:16 +0800 | [diff] [blame] | 14 | #if defined(MBEDTLS_SSL_TLS_C) |
| Ronald Cron | 10b040f | 2024-02-05 09:38:09 +0100 | [diff] [blame] | 15 | int mbedtls_test_random(void *p_rng, unsigned char *output, size_t output_len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 16 | { |
| 17 | (void) p_rng; |
| 18 | for (size_t i = 0; i < output_len; i++) { |
| 19 | output[i] = rand(); |
| 20 | } |
| 21 | |
| 22 | return 0; |
| 23 | } |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 24 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 25 | void mbedtls_test_ssl_log_analyzer(void *ctx, int level, |
| 26 | const char *file, int line, |
| 27 | const char *str) |
| 28 | { |
| 29 | mbedtls_test_ssl_log_pattern *p = (mbedtls_test_ssl_log_pattern *) ctx; |
| 30 | |
| Manuel Pégourié-Gonnard | 00ad6f6 | 2025-02-11 13:19:45 +0100 | [diff] [blame] | 31 | /* Change 0 to 1 for debugging of test cases that use this function. */ |
| 32 | #if 0 |
| 33 | const char *q, *basename; |
| 34 | /* Extract basename from file */ |
| 35 | for (q = basename = file; *q != '\0'; q++) { |
| 36 | if (*q == '/' || *q == '\\') { |
| 37 | basename = q + 1; |
| 38 | } |
| 39 | } |
| 40 | printf("%s:%04d: |%d| %s", |
| 41 | basename, line, level, str); |
| 42 | #else |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 43 | (void) level; |
| 44 | (void) line; |
| 45 | (void) file; |
| Manuel Pégourié-Gonnard | 00ad6f6 | 2025-02-11 13:19:45 +0100 | [diff] [blame] | 46 | #endif |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 47 | |
| 48 | if (NULL != p && |
| 49 | NULL != p->pattern && |
| 50 | NULL != strstr(str, p->pattern)) { |
| 51 | p->counter++; |
| 52 | } |
| 53 | } |
| 54 | |
| 55 | void mbedtls_test_init_handshake_options( |
| 56 | mbedtls_test_handshake_test_options *opts) |
| 57 | { |
| 58 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| Ronald Cron | 987cf89 | 2024-03-04 10:24:27 +0100 | [diff] [blame] | 59 | static int rng_seed = 0xBEEF; |
| Yanray Wang | a72bc9a | 2023-12-01 23:34:27 +0800 | [diff] [blame] | 60 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 61 | srand(rng_seed); |
| 62 | rng_seed += 0xD0; |
| 63 | #endif |
| Ronald Cron | b4ad3e7 | 2024-01-26 14:57:53 +0100 | [diff] [blame] | 64 | |
| 65 | memset(opts, 0, sizeof(*opts)); |
| 66 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 67 | opts->cipher = ""; |
| 68 | opts->client_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; |
| 69 | opts->client_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; |
| 70 | opts->server_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; |
| 71 | opts->server_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; |
| Ronald Cron | 097ba14 | 2023-03-08 16:18:00 +0100 | [diff] [blame] | 72 | opts->expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_3; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 73 | opts->pk_alg = MBEDTLS_PK_RSA; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 74 | opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 75 | opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE; |
| 76 | opts->cli_msg_len = 100; |
| 77 | opts->srv_msg_len = 100; |
| 78 | opts->expected_cli_fragments = 1; |
| 79 | opts->expected_srv_fragments = 1; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 80 | opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 81 | opts->resize_buffers = 1; |
| Ronald Cron | ced99be | 2024-01-26 15:49:12 +0100 | [diff] [blame] | 82 | opts->early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED; |
| Ronald Cron | 5d3036e | 2024-02-23 07:43:45 +0100 | [diff] [blame] | 83 | opts->max_early_data_size = -1; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 84 | #if defined(MBEDTLS_SSL_CACHE_C) |
| Tom Cosgrove | 05b2a87 | 2023-07-21 11:31:13 +0100 | [diff] [blame] | 85 | TEST_CALLOC(opts->cache, 1); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 86 | mbedtls_ssl_cache_init(opts->cache); |
| Pengyu Lv | 5cbb93e | 2023-07-10 11:09:40 +0800 | [diff] [blame] | 87 | #if defined(MBEDTLS_HAVE_TIME) |
| 88 | TEST_EQUAL(mbedtls_ssl_cache_get_timeout(opts->cache), |
| 89 | MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT); |
| 90 | #endif |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 91 | exit: |
| 92 | return; |
| 93 | #endif |
| 94 | } |
| 95 | |
| 96 | void mbedtls_test_free_handshake_options( |
| 97 | mbedtls_test_handshake_test_options *opts) |
| 98 | { |
| 99 | #if defined(MBEDTLS_SSL_CACHE_C) |
| 100 | mbedtls_ssl_cache_free(opts->cache); |
| 101 | mbedtls_free(opts->cache); |
| 102 | #else |
| 103 | (void) opts; |
| 104 | #endif |
| 105 | } |
| 106 | |
| 107 | #if defined(MBEDTLS_TEST_HOOKS) |
| 108 | static void set_chk_buf_ptr_args( |
| 109 | mbedtls_ssl_chk_buf_ptr_args *args, |
| 110 | unsigned char *cur, unsigned char *end, size_t need) |
| 111 | { |
| 112 | args->cur = cur; |
| 113 | args->end = end; |
| 114 | args->need = need; |
| 115 | } |
| 116 | |
| 117 | static void reset_chk_buf_ptr_args(mbedtls_ssl_chk_buf_ptr_args *args) |
| 118 | { |
| 119 | memset(args, 0, sizeof(*args)); |
| 120 | } |
| 121 | #endif /* MBEDTLS_TEST_HOOKS */ |
| 122 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 123 | void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf) |
| 124 | { |
| 125 | memset(buf, 0, sizeof(*buf)); |
| 126 | } |
| 127 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 128 | int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, |
| 129 | size_t capacity) |
| 130 | { |
| 131 | buf->buffer = (unsigned char *) mbedtls_calloc(capacity, |
| 132 | sizeof(unsigned char)); |
| 133 | if (NULL == buf->buffer) { |
| 134 | return MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 135 | } |
| 136 | buf->capacity = capacity; |
| 137 | |
| 138 | return 0; |
| 139 | } |
| 140 | |
| 141 | void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf) |
| 142 | { |
| 143 | if (buf->buffer != NULL) { |
| 144 | mbedtls_free(buf->buffer); |
| 145 | } |
| 146 | |
| 147 | memset(buf, 0, sizeof(*buf)); |
| 148 | } |
| 149 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 150 | int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf, |
| 151 | const unsigned char *input, size_t input_len) |
| 152 | { |
| 153 | size_t overflow = 0; |
| 154 | |
| 155 | if ((buf == NULL) || (buf->buffer == NULL)) { |
| 156 | return -1; |
| 157 | } |
| 158 | |
| 159 | /* Reduce input_len to a number that fits in the buffer. */ |
| 160 | if ((buf->content_length + input_len) > buf->capacity) { |
| 161 | input_len = buf->capacity - buf->content_length; |
| 162 | } |
| 163 | |
| 164 | if (input == NULL) { |
| 165 | return (input_len == 0) ? 0 : -1; |
| 166 | } |
| 167 | |
| 168 | /* Check if the buffer has not come full circle and free space is not in |
| 169 | * the middle */ |
| 170 | if (buf->start + buf->content_length < buf->capacity) { |
| 171 | |
| 172 | /* Calculate the number of bytes that need to be placed at lower memory |
| 173 | * address */ |
| 174 | if (buf->start + buf->content_length + input_len |
| 175 | > buf->capacity) { |
| 176 | overflow = (buf->start + buf->content_length + input_len) |
| 177 | % buf->capacity; |
| 178 | } |
| 179 | |
| 180 | memcpy(buf->buffer + buf->start + buf->content_length, input, |
| 181 | input_len - overflow); |
| 182 | memcpy(buf->buffer, input + input_len - overflow, overflow); |
| 183 | |
| 184 | } else { |
| 185 | /* The buffer has come full circle and free space is in the middle */ |
| 186 | memcpy(buf->buffer + buf->start + buf->content_length - buf->capacity, |
| 187 | input, input_len); |
| 188 | } |
| 189 | |
| 190 | buf->content_length += input_len; |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 191 | return (input_len > INT_MAX) ? INT_MAX : (int) input_len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 192 | } |
| 193 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 194 | int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf, |
| 195 | unsigned char *output, size_t output_len) |
| 196 | { |
| 197 | size_t overflow = 0; |
| 198 | |
| 199 | if ((buf == NULL) || (buf->buffer == NULL)) { |
| 200 | return -1; |
| 201 | } |
| 202 | |
| 203 | if (output == NULL && output_len == 0) { |
| 204 | return 0; |
| 205 | } |
| 206 | |
| 207 | if (buf->content_length < output_len) { |
| 208 | output_len = buf->content_length; |
| 209 | } |
| 210 | |
| 211 | /* Calculate the number of bytes that need to be drawn from lower memory |
| 212 | * address */ |
| 213 | if (buf->start + output_len > buf->capacity) { |
| 214 | overflow = (buf->start + output_len) % buf->capacity; |
| 215 | } |
| 216 | |
| 217 | if (output != NULL) { |
| 218 | memcpy(output, buf->buffer + buf->start, output_len - overflow); |
| 219 | memcpy(output + output_len - overflow, buf->buffer, overflow); |
| 220 | } |
| 221 | |
| 222 | buf->content_length -= output_len; |
| 223 | buf->start = (buf->start + output_len) % buf->capacity; |
| 224 | |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 225 | return (output_len > INT_MAX) ? INT_MAX : (int) output_len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 226 | } |
| 227 | |
| Yanray Wang | d19894f | 2023-03-16 11:47:39 +0800 | [diff] [blame] | 228 | int mbedtls_test_ssl_message_queue_setup( |
| 229 | mbedtls_test_ssl_message_queue *queue, size_t capacity) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 230 | { |
| 231 | queue->messages = (size_t *) mbedtls_calloc(capacity, sizeof(size_t)); |
| 232 | if (NULL == queue->messages) { |
| 233 | return MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 234 | } |
| 235 | |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 236 | queue->capacity = (capacity > INT_MAX) ? INT_MAX : (int) capacity; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 237 | queue->pos = 0; |
| 238 | queue->num = 0; |
| 239 | |
| 240 | return 0; |
| 241 | } |
| 242 | |
| Yanray Wang | d19894f | 2023-03-16 11:47:39 +0800 | [diff] [blame] | 243 | void mbedtls_test_ssl_message_queue_free( |
| 244 | mbedtls_test_ssl_message_queue *queue) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 245 | { |
| 246 | if (queue == NULL) { |
| 247 | return; |
| 248 | } |
| 249 | |
| 250 | if (queue->messages != NULL) { |
| 251 | mbedtls_free(queue->messages); |
| 252 | } |
| 253 | |
| 254 | memset(queue, 0, sizeof(*queue)); |
| 255 | } |
| 256 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 257 | int mbedtls_test_ssl_message_queue_push_info( |
| 258 | mbedtls_test_ssl_message_queue *queue, size_t len) |
| 259 | { |
| 260 | int place; |
| 261 | if (queue == NULL) { |
| 262 | return MBEDTLS_TEST_ERROR_ARG_NULL; |
| 263 | } |
| 264 | |
| 265 | if (queue->num >= queue->capacity) { |
| 266 | return MBEDTLS_ERR_SSL_WANT_WRITE; |
| 267 | } |
| 268 | |
| 269 | place = (queue->pos + queue->num) % queue->capacity; |
| 270 | queue->messages[place] = len; |
| 271 | queue->num++; |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 272 | return (len > INT_MAX) ? INT_MAX : (int) len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 273 | } |
| 274 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 275 | int mbedtls_test_ssl_message_queue_pop_info( |
| 276 | mbedtls_test_ssl_message_queue *queue, size_t buf_len) |
| 277 | { |
| 278 | size_t message_length; |
| 279 | if (queue == NULL) { |
| 280 | return MBEDTLS_TEST_ERROR_ARG_NULL; |
| 281 | } |
| 282 | if (queue->num == 0) { |
| 283 | return MBEDTLS_ERR_SSL_WANT_READ; |
| 284 | } |
| 285 | |
| 286 | message_length = queue->messages[queue->pos]; |
| 287 | queue->messages[queue->pos] = 0; |
| 288 | queue->num--; |
| 289 | queue->pos++; |
| 290 | queue->pos %= queue->capacity; |
| 291 | if (queue->pos < 0) { |
| 292 | queue->pos += queue->capacity; |
| 293 | } |
| 294 | |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 295 | return (message_length > INT_MAX && buf_len > INT_MAX) ? INT_MAX : |
| 296 | (message_length > buf_len) ? (int) buf_len : (int) message_length; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 297 | } |
| 298 | |
| 299 | /* |
| 300 | * Take a peek on the info about the next message length from the queue. |
| 301 | * This will be the oldest inserted message length(fifo). |
| 302 | * |
| 303 | * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. |
| 304 | * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. |
| 305 | * \retval 0, if the peek was successful. |
| 306 | * \retval MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is |
| 307 | * too small to fit the message. In this case the \p msg_len will be |
| 308 | * set to the full message length so that the |
| 309 | * caller knows what portion of the message can be dropped. |
| 310 | */ |
| Yanray Wang | 5e22a92 | 2023-03-16 14:57:54 +0800 | [diff] [blame] | 311 | static int test_ssl_message_queue_peek_info( |
| 312 | mbedtls_test_ssl_message_queue *queue, |
| 313 | size_t buf_len, size_t *msg_len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 314 | { |
| 315 | if (queue == NULL || msg_len == NULL) { |
| 316 | return MBEDTLS_TEST_ERROR_ARG_NULL; |
| 317 | } |
| 318 | if (queue->num == 0) { |
| 319 | return MBEDTLS_ERR_SSL_WANT_READ; |
| 320 | } |
| 321 | |
| 322 | *msg_len = queue->messages[queue->pos]; |
| 323 | return (*msg_len > buf_len) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0; |
| 324 | } |
| 325 | |
| Yanray Wang | 5f86a42 | 2023-03-15 16:02:29 +0800 | [diff] [blame] | 326 | void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 327 | { |
| 328 | memset(socket, 0, sizeof(*socket)); |
| 329 | } |
| 330 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 331 | void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket) |
| 332 | { |
| 333 | if (socket == NULL) { |
| 334 | return; |
| 335 | } |
| 336 | |
| 337 | if (socket->input != NULL) { |
| 338 | mbedtls_test_ssl_buffer_free(socket->input); |
| 339 | mbedtls_free(socket->input); |
| 340 | } |
| 341 | |
| 342 | if (socket->output != NULL) { |
| 343 | mbedtls_test_ssl_buffer_free(socket->output); |
| 344 | mbedtls_free(socket->output); |
| 345 | } |
| 346 | |
| 347 | if (socket->peer != NULL) { |
| 348 | memset(socket->peer, 0, sizeof(*socket->peer)); |
| 349 | } |
| 350 | |
| 351 | memset(socket, 0, sizeof(*socket)); |
| 352 | } |
| 353 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 354 | int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1, |
| 355 | mbedtls_test_mock_socket *peer2, |
| 356 | size_t bufsize) |
| 357 | { |
| 358 | int ret = -1; |
| 359 | |
| 360 | peer1->output = |
| 361 | (mbedtls_test_ssl_buffer *) mbedtls_calloc( |
| 362 | 1, sizeof(mbedtls_test_ssl_buffer)); |
| 363 | if (peer1->output == NULL) { |
| 364 | ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 365 | goto exit; |
| 366 | } |
| 367 | mbedtls_test_ssl_buffer_init(peer1->output); |
| 368 | if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer1->output, bufsize))) { |
| 369 | goto exit; |
| 370 | } |
| 371 | |
| 372 | peer2->output = |
| 373 | (mbedtls_test_ssl_buffer *) mbedtls_calloc( |
| 374 | 1, sizeof(mbedtls_test_ssl_buffer)); |
| 375 | if (peer2->output == NULL) { |
| 376 | ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 377 | goto exit; |
| 378 | } |
| 379 | mbedtls_test_ssl_buffer_init(peer2->output); |
| 380 | if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer2->output, bufsize))) { |
| 381 | goto exit; |
| 382 | } |
| 383 | |
| 384 | peer1->peer = peer2; |
| 385 | peer2->peer = peer1; |
| 386 | peer1->input = peer2->output; |
| 387 | peer2->input = peer1->output; |
| 388 | |
| 389 | peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED; |
| 390 | ret = 0; |
| 391 | |
| 392 | exit: |
| 393 | |
| 394 | if (ret != 0) { |
| 395 | mbedtls_test_mock_socket_close(peer1); |
| 396 | mbedtls_test_mock_socket_close(peer2); |
| 397 | } |
| 398 | |
| 399 | return ret; |
| 400 | } |
| 401 | |
| Yanray Wang | af727a2 | 2023-03-13 19:22:36 +0800 | [diff] [blame] | 402 | int mbedtls_test_mock_tcp_send_b(void *ctx, |
| 403 | const unsigned char *buf, size_t len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 404 | { |
| 405 | mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; |
| 406 | |
| 407 | if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { |
| 408 | return -1; |
| 409 | } |
| 410 | |
| 411 | return mbedtls_test_ssl_buffer_put(socket->output, buf, len); |
| 412 | } |
| 413 | |
| 414 | int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len) |
| 415 | { |
| 416 | mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; |
| 417 | |
| 418 | if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { |
| 419 | return -1; |
| 420 | } |
| 421 | |
| 422 | return mbedtls_test_ssl_buffer_get(socket->input, buf, len); |
| 423 | } |
| 424 | |
| Yanray Wang | 3463435 | 2023-02-14 17:56:51 +0800 | [diff] [blame] | 425 | int mbedtls_test_mock_tcp_send_nb(void *ctx, |
| 426 | const unsigned char *buf, size_t len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 427 | { |
| 428 | mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; |
| 429 | |
| 430 | if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { |
| 431 | return -1; |
| 432 | } |
| 433 | |
| 434 | if (socket->output->capacity == socket->output->content_length) { |
| 435 | return MBEDTLS_ERR_SSL_WANT_WRITE; |
| 436 | } |
| 437 | |
| 438 | return mbedtls_test_ssl_buffer_put(socket->output, buf, len); |
| 439 | } |
| 440 | |
| 441 | int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len) |
| 442 | { |
| 443 | mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; |
| 444 | |
| 445 | if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { |
| 446 | return -1; |
| 447 | } |
| 448 | |
| 449 | if (socket->input->content_length == 0) { |
| 450 | return MBEDTLS_ERR_SSL_WANT_READ; |
| 451 | } |
| 452 | |
| 453 | return mbedtls_test_ssl_buffer_get(socket->input, buf, len); |
| 454 | } |
| 455 | |
| Yanray Wang | d19894f | 2023-03-16 11:47:39 +0800 | [diff] [blame] | 456 | void mbedtls_test_message_socket_init( |
| 457 | mbedtls_test_message_socket_context *ctx) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 458 | { |
| 459 | ctx->queue_input = NULL; |
| 460 | ctx->queue_output = NULL; |
| 461 | ctx->socket = NULL; |
| 462 | } |
| 463 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 464 | int mbedtls_test_message_socket_setup( |
| 465 | mbedtls_test_ssl_message_queue *queue_input, |
| 466 | mbedtls_test_ssl_message_queue *queue_output, |
| 467 | size_t queue_capacity, |
| 468 | mbedtls_test_mock_socket *socket, |
| 469 | mbedtls_test_message_socket_context *ctx) |
| 470 | { |
| 471 | int ret = mbedtls_test_ssl_message_queue_setup(queue_input, queue_capacity); |
| 472 | if (ret != 0) { |
| 473 | return ret; |
| 474 | } |
| 475 | ctx->queue_input = queue_input; |
| 476 | ctx->queue_output = queue_output; |
| 477 | ctx->socket = socket; |
| Yanray Wang | 5f86a42 | 2023-03-15 16:02:29 +0800 | [diff] [blame] | 478 | mbedtls_test_mock_socket_init(socket); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 479 | |
| 480 | return 0; |
| 481 | } |
| 482 | |
| Yanray Wang | d19894f | 2023-03-16 11:47:39 +0800 | [diff] [blame] | 483 | void mbedtls_test_message_socket_close( |
| 484 | mbedtls_test_message_socket_context *ctx) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 485 | { |
| 486 | if (ctx == NULL) { |
| 487 | return; |
| 488 | } |
| 489 | |
| 490 | mbedtls_test_ssl_message_queue_free(ctx->queue_input); |
| 491 | mbedtls_test_mock_socket_close(ctx->socket); |
| 492 | memset(ctx, 0, sizeof(*ctx)); |
| 493 | } |
| 494 | |
| Yanray Wang | 3463435 | 2023-02-14 17:56:51 +0800 | [diff] [blame] | 495 | int mbedtls_test_mock_tcp_send_msg(void *ctx, |
| 496 | const unsigned char *buf, size_t len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 497 | { |
| 498 | mbedtls_test_ssl_message_queue *queue; |
| 499 | mbedtls_test_mock_socket *socket; |
| 500 | mbedtls_test_message_socket_context *context = |
| 501 | (mbedtls_test_message_socket_context *) ctx; |
| 502 | |
| 503 | if (context == NULL || context->socket == NULL |
| 504 | || context->queue_output == NULL) { |
| 505 | return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; |
| 506 | } |
| 507 | |
| 508 | queue = context->queue_output; |
| 509 | socket = context->socket; |
| 510 | |
| 511 | if (queue->num >= queue->capacity) { |
| 512 | return MBEDTLS_ERR_SSL_WANT_WRITE; |
| 513 | } |
| 514 | |
| 515 | if (mbedtls_test_mock_tcp_send_b(socket, buf, len) != (int) len) { |
| 516 | return MBEDTLS_TEST_ERROR_SEND_FAILED; |
| 517 | } |
| 518 | |
| 519 | return mbedtls_test_ssl_message_queue_push_info(queue, len); |
| 520 | } |
| 521 | |
| Yanray Wang | 3463435 | 2023-02-14 17:56:51 +0800 | [diff] [blame] | 522 | int mbedtls_test_mock_tcp_recv_msg(void *ctx, |
| 523 | unsigned char *buf, size_t buf_len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 524 | { |
| 525 | mbedtls_test_ssl_message_queue *queue; |
| 526 | mbedtls_test_mock_socket *socket; |
| 527 | mbedtls_test_message_socket_context *context = |
| 528 | (mbedtls_test_message_socket_context *) ctx; |
| 529 | size_t drop_len = 0; |
| 530 | size_t msg_len; |
| 531 | int ret; |
| 532 | |
| 533 | if (context == NULL || context->socket == NULL |
| 534 | || context->queue_input == NULL) { |
| 535 | return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; |
| 536 | } |
| 537 | |
| 538 | queue = context->queue_input; |
| 539 | socket = context->socket; |
| 540 | |
| 541 | /* Peek first, so that in case of a socket error the data remains in |
| 542 | * the queue. */ |
| Yanray Wang | 5e22a92 | 2023-03-16 14:57:54 +0800 | [diff] [blame] | 543 | ret = test_ssl_message_queue_peek_info(queue, buf_len, &msg_len); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 544 | if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { |
| 545 | /* Calculate how much to drop */ |
| 546 | drop_len = msg_len - buf_len; |
| 547 | |
| 548 | /* Set the requested message len to be buffer length */ |
| 549 | msg_len = buf_len; |
| 550 | } else if (ret != 0) { |
| 551 | return ret; |
| 552 | } |
| 553 | |
| 554 | if (mbedtls_test_mock_tcp_recv_b(socket, buf, msg_len) != (int) msg_len) { |
| 555 | return MBEDTLS_TEST_ERROR_RECV_FAILED; |
| 556 | } |
| 557 | |
| 558 | if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { |
| 559 | /* Drop the remaining part of the message */ |
| Yanray Wang | af727a2 | 2023-03-13 19:22:36 +0800 | [diff] [blame] | 560 | if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len) != |
| 561 | (int) drop_len) { |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 562 | /* Inconsistent state - part of the message was read, |
| 563 | * and a part couldn't. Not much we can do here, but it should not |
| 564 | * happen in test environment, unless forced manually. */ |
| 565 | } |
| 566 | } |
| Tomás González | 1fb69a9 | 2024-02-01 11:12:20 +0000 | [diff] [blame] | 567 | ret = mbedtls_test_ssl_message_queue_pop_info(queue, buf_len); |
| 568 | if (ret < 0) { |
| 569 | return ret; |
| 570 | } |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 571 | |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 572 | return (msg_len > INT_MAX) ? INT_MAX : (int) msg_len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 573 | } |
| 574 | |
| 575 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| 576 | |
| 577 | /* |
| 578 | * Deinitializes certificates from endpoint represented by \p ep. |
| 579 | */ |
| Yanray Wang | f6f7190 | 2023-03-15 16:05:14 +0800 | [diff] [blame] | 580 | static void test_ssl_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 581 | { |
| 582 | mbedtls_test_ssl_endpoint_certificate *cert = &(ep->cert); |
| 583 | if (cert != NULL) { |
| 584 | if (cert->ca_cert != NULL) { |
| 585 | mbedtls_x509_crt_free(cert->ca_cert); |
| 586 | mbedtls_free(cert->ca_cert); |
| 587 | cert->ca_cert = NULL; |
| 588 | } |
| 589 | if (cert->cert != NULL) { |
| 590 | mbedtls_x509_crt_free(cert->cert); |
| 591 | mbedtls_free(cert->cert); |
| 592 | cert->cert = NULL; |
| 593 | } |
| 594 | if (cert->pkey != NULL) { |
| 595 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 596 | if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) { |
| Valerio Setti | 4f387ef | 2023-05-02 14:15:59 +0200 | [diff] [blame] | 597 | psa_destroy_key(cert->pkey->priv_id); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 598 | } |
| 599 | #endif |
| 600 | mbedtls_pk_free(cert->pkey); |
| 601 | mbedtls_free(cert->pkey); |
| 602 | cert->pkey = NULL; |
| 603 | } |
| 604 | } |
| 605 | } |
| 606 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 607 | int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, |
| 608 | int pk_alg, |
| 609 | int opaque_alg, int opaque_alg2, |
| 610 | int opaque_usage) |
| 611 | { |
| 612 | int i = 0; |
| 613 | int ret = -1; |
| 614 | mbedtls_test_ssl_endpoint_certificate *cert = NULL; |
| 615 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 616 | mbedtls_svc_key_id_t key_slot = MBEDTLS_SVC_KEY_ID_INIT; |
| 617 | #endif |
| 618 | |
| 619 | if (ep == NULL) { |
| 620 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
| 621 | } |
| 622 | |
| 623 | cert = &(ep->cert); |
| Tom Cosgrove | 05b2a87 | 2023-07-21 11:31:13 +0100 | [diff] [blame] | 624 | TEST_CALLOC(cert->ca_cert, 1); |
| 625 | TEST_CALLOC(cert->cert, 1); |
| 626 | TEST_CALLOC(cert->pkey, 1); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 627 | |
| 628 | mbedtls_x509_crt_init(cert->ca_cert); |
| 629 | mbedtls_x509_crt_init(cert->cert); |
| 630 | mbedtls_pk_init(cert->pkey); |
| 631 | |
| 632 | /* Load the trusted CA */ |
| 633 | |
| 634 | for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { |
| 635 | ret = mbedtls_x509_crt_parse_der( |
| 636 | cert->ca_cert, |
| 637 | (const unsigned char *) mbedtls_test_cas_der[i], |
| 638 | mbedtls_test_cas_der_len[i]); |
| 639 | TEST_ASSERT(ret == 0); |
| 640 | } |
| 641 | |
| 642 | /* Load own certificate and private key */ |
| 643 | |
| 644 | if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) { |
| 645 | if (pk_alg == MBEDTLS_PK_RSA) { |
| 646 | ret = mbedtls_x509_crt_parse( |
| 647 | cert->cert, |
| 648 | (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der, |
| 649 | mbedtls_test_srv_crt_rsa_sha256_der_len); |
| 650 | TEST_ASSERT(ret == 0); |
| 651 | |
| 652 | ret = mbedtls_pk_parse_key( |
| 653 | cert->pkey, |
| 654 | (const unsigned char *) mbedtls_test_srv_key_rsa_der, |
| 655 | mbedtls_test_srv_key_rsa_der_len, NULL, 0, |
| 656 | mbedtls_test_rnd_std_rand, NULL); |
| 657 | TEST_ASSERT(ret == 0); |
| 658 | } else { |
| 659 | ret = mbedtls_x509_crt_parse( |
| 660 | cert->cert, |
| 661 | (const unsigned char *) mbedtls_test_srv_crt_ec_der, |
| 662 | mbedtls_test_srv_crt_ec_der_len); |
| 663 | TEST_ASSERT(ret == 0); |
| 664 | |
| 665 | ret = mbedtls_pk_parse_key( |
| 666 | cert->pkey, |
| 667 | (const unsigned char *) mbedtls_test_srv_key_ec_der, |
| 668 | mbedtls_test_srv_key_ec_der_len, NULL, 0, |
| 669 | mbedtls_test_rnd_std_rand, NULL); |
| 670 | TEST_ASSERT(ret == 0); |
| 671 | } |
| 672 | } else { |
| 673 | if (pk_alg == MBEDTLS_PK_RSA) { |
| 674 | ret = mbedtls_x509_crt_parse( |
| 675 | cert->cert, |
| 676 | (const unsigned char *) mbedtls_test_cli_crt_rsa_der, |
| 677 | mbedtls_test_cli_crt_rsa_der_len); |
| 678 | TEST_ASSERT(ret == 0); |
| 679 | |
| 680 | ret = mbedtls_pk_parse_key( |
| 681 | cert->pkey, |
| 682 | (const unsigned char *) mbedtls_test_cli_key_rsa_der, |
| 683 | mbedtls_test_cli_key_rsa_der_len, NULL, 0, |
| 684 | mbedtls_test_rnd_std_rand, NULL); |
| 685 | TEST_ASSERT(ret == 0); |
| 686 | } else { |
| 687 | ret = mbedtls_x509_crt_parse( |
| 688 | cert->cert, |
| 689 | (const unsigned char *) mbedtls_test_cli_crt_ec_der, |
| 690 | mbedtls_test_cli_crt_ec_len); |
| 691 | TEST_ASSERT(ret == 0); |
| 692 | |
| 693 | ret = mbedtls_pk_parse_key( |
| 694 | cert->pkey, |
| 695 | (const unsigned char *) mbedtls_test_cli_key_ec_der, |
| 696 | mbedtls_test_cli_key_ec_der_len, NULL, 0, |
| 697 | mbedtls_test_rnd_std_rand, NULL); |
| 698 | TEST_ASSERT(ret == 0); |
| 699 | } |
| 700 | } |
| 701 | |
| 702 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 703 | if (opaque_alg != 0) { |
| Valerio Setti | 1fa2f6e | 2024-02-27 08:11:25 +0100 | [diff] [blame] | 704 | psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; |
| 705 | /* Use a fake key usage to get a successful initial guess for the PSA attributes. */ |
| Valerio Setti | a9de944 | 2024-02-27 13:56:09 +0100 | [diff] [blame] | 706 | TEST_EQUAL(mbedtls_pk_get_psa_attributes(cert->pkey, PSA_KEY_USAGE_SIGN_HASH, |
| Valerio Setti | 1fa2f6e | 2024-02-27 08:11:25 +0100 | [diff] [blame] | 707 | &key_attr), 0); |
| Valerio Setti | a9de944 | 2024-02-27 13:56:09 +0100 | [diff] [blame] | 708 | /* Then manually usage, alg and alg2 as requested by the test. */ |
| Valerio Setti | 1fa2f6e | 2024-02-27 08:11:25 +0100 | [diff] [blame] | 709 | psa_set_key_usage_flags(&key_attr, opaque_usage); |
| 710 | psa_set_key_algorithm(&key_attr, opaque_alg); |
| 711 | if (opaque_alg2 != PSA_ALG_NONE) { |
| 712 | psa_set_key_enrollment_algorithm(&key_attr, opaque_alg2); |
| 713 | } |
| 714 | TEST_EQUAL(mbedtls_pk_import_into_psa(cert->pkey, &key_attr, &key_slot), 0); |
| 715 | mbedtls_pk_free(cert->pkey); |
| 716 | mbedtls_pk_init(cert->pkey); |
| 717 | TEST_EQUAL(mbedtls_pk_setup_opaque(cert->pkey, key_slot), 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 718 | } |
| 719 | #else |
| 720 | (void) opaque_alg; |
| 721 | (void) opaque_alg2; |
| 722 | (void) opaque_usage; |
| 723 | #endif |
| 724 | |
| 725 | mbedtls_ssl_conf_ca_chain(&(ep->conf), cert->ca_cert, NULL); |
| 726 | |
| 727 | ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, |
| 728 | cert->pkey); |
| 729 | TEST_ASSERT(ret == 0); |
| 730 | TEST_ASSERT(ep->conf.key_cert != NULL); |
| 731 | |
| 732 | ret = mbedtls_ssl_conf_own_cert(&(ep->conf), NULL, NULL); |
| 733 | TEST_ASSERT(ret == 0); |
| 734 | TEST_ASSERT(ep->conf.key_cert == NULL); |
| 735 | |
| 736 | ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, |
| 737 | cert->pkey); |
| 738 | TEST_ASSERT(ret == 0); |
| 739 | |
| 740 | exit: |
| 741 | if (ret != 0) { |
| Yanray Wang | f6f7190 | 2023-03-15 16:05:14 +0800 | [diff] [blame] | 742 | test_ssl_endpoint_certificate_free(ep); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 743 | } |
| 744 | |
| 745 | return ret; |
| 746 | } |
| 747 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 748 | int mbedtls_test_ssl_endpoint_init( |
| 749 | mbedtls_test_ssl_endpoint *ep, int endpoint_type, |
| 750 | mbedtls_test_handshake_test_options *options, |
| 751 | mbedtls_test_message_socket_context *dtls_context, |
| 752 | mbedtls_test_ssl_message_queue *input_queue, |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 753 | mbedtls_test_ssl_message_queue *output_queue) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 754 | { |
| 755 | int ret = -1; |
| 756 | uintptr_t user_data_n; |
| 757 | |
| 758 | if (dtls_context != NULL && |
| 759 | (input_queue == NULL || output_queue == NULL)) { |
| 760 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
| 761 | |
| 762 | } |
| 763 | |
| 764 | if (ep == NULL) { |
| 765 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
| 766 | } |
| 767 | |
| 768 | memset(ep, 0, sizeof(*ep)); |
| 769 | |
| 770 | ep->name = (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? "Server" : "Client"; |
| 771 | |
| 772 | mbedtls_ssl_init(&(ep->ssl)); |
| 773 | mbedtls_ssl_config_init(&(ep->conf)); |
| Ronald Cron | 10b040f | 2024-02-05 09:38:09 +0100 | [diff] [blame] | 774 | mbedtls_ssl_conf_rng(&(ep->conf), mbedtls_test_random, NULL); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 775 | |
| 776 | TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&ep->conf) == NULL); |
| 777 | TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), 0); |
| 778 | TEST_ASSERT(mbedtls_ssl_get_user_data_p(&ep->ssl) == NULL); |
| 779 | TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), 0); |
| 780 | |
| 781 | (void) mbedtls_test_rnd_std_rand(NULL, |
| 782 | (void *) &user_data_n, |
| 783 | sizeof(user_data_n)); |
| 784 | mbedtls_ssl_conf_set_user_data_n(&ep->conf, user_data_n); |
| 785 | mbedtls_ssl_set_user_data_n(&ep->ssl, user_data_n); |
| 786 | |
| 787 | if (dtls_context != NULL) { |
| 788 | TEST_ASSERT(mbedtls_test_message_socket_setup(input_queue, output_queue, |
| 789 | 100, &(ep->socket), |
| 790 | dtls_context) == 0); |
| 791 | } else { |
| Yanray Wang | 5f86a42 | 2023-03-15 16:02:29 +0800 | [diff] [blame] | 792 | mbedtls_test_mock_socket_init(&(ep->socket)); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 793 | } |
| 794 | |
| 795 | /* Non-blocking callbacks without timeout */ |
| 796 | if (dtls_context != NULL) { |
| 797 | mbedtls_ssl_set_bio(&(ep->ssl), dtls_context, |
| 798 | mbedtls_test_mock_tcp_send_msg, |
| 799 | mbedtls_test_mock_tcp_recv_msg, |
| 800 | NULL); |
| 801 | } else { |
| 802 | mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket), |
| 803 | mbedtls_test_mock_tcp_send_nb, |
| 804 | mbedtls_test_mock_tcp_recv_nb, |
| 805 | NULL); |
| 806 | } |
| 807 | |
| 808 | ret = mbedtls_ssl_config_defaults(&(ep->conf), endpoint_type, |
| 809 | (dtls_context != NULL) ? |
| 810 | MBEDTLS_SSL_TRANSPORT_DATAGRAM : |
| 811 | MBEDTLS_SSL_TRANSPORT_STREAM, |
| 812 | MBEDTLS_SSL_PRESET_DEFAULT); |
| 813 | TEST_ASSERT(ret == 0); |
| 814 | |
| Ronald Cron | a697a71 | 2023-03-09 17:47:42 +0100 | [diff] [blame] | 815 | if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) { |
| 816 | if (options->client_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) { |
| 817 | mbedtls_ssl_conf_min_tls_version(&(ep->conf), |
| 818 | options->client_min_version); |
| 819 | } |
| 820 | |
| 821 | if (options->client_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) { |
| 822 | mbedtls_ssl_conf_max_tls_version(&(ep->conf), |
| 823 | options->client_max_version); |
| 824 | } |
| 825 | } else { |
| 826 | if (options->server_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) { |
| 827 | mbedtls_ssl_conf_min_tls_version(&(ep->conf), |
| 828 | options->server_min_version); |
| 829 | } |
| 830 | |
| 831 | if (options->server_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) { |
| 832 | mbedtls_ssl_conf_max_tls_version(&(ep->conf), |
| 833 | options->server_max_version); |
| 834 | } |
| 835 | } |
| 836 | |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 837 | if (options->group_list != NULL) { |
| 838 | mbedtls_ssl_conf_groups(&(ep->conf), options->group_list); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 839 | } |
| 840 | |
| 841 | mbedtls_ssl_conf_authmode(&(ep->conf), MBEDTLS_SSL_VERIFY_REQUIRED); |
| 842 | |
| Ronald Cron | ced99be | 2024-01-26 15:49:12 +0100 | [diff] [blame] | 843 | #if defined(MBEDTLS_SSL_EARLY_DATA) |
| 844 | mbedtls_ssl_conf_early_data(&(ep->conf), options->early_data); |
| Ronald Cron | 5d3036e | 2024-02-23 07:43:45 +0100 | [diff] [blame] | 845 | #if defined(MBEDTLS_SSL_SRV_C) |
| 846 | if (endpoint_type == MBEDTLS_SSL_IS_SERVER && |
| 847 | (options->max_early_data_size >= 0)) { |
| 848 | mbedtls_ssl_conf_max_early_data_size(&(ep->conf), |
| 849 | options->max_early_data_size); |
| 850 | } |
| 851 | #endif |
| Waleed Elmelegy | 4dfb0e7 | 2024-03-14 01:48:40 +0000 | [diff] [blame] | 852 | #if defined(MBEDTLS_SSL_ALPN) |
| 853 | /* check that alpn_list contains at least one valid entry */ |
| 854 | if (options->alpn_list[0] != NULL) { |
| 855 | mbedtls_ssl_conf_alpn_protocols(&(ep->conf), options->alpn_list); |
| 856 | } |
| 857 | #endif |
| Ronald Cron | ced99be | 2024-01-26 15:49:12 +0100 | [diff] [blame] | 858 | #endif |
| 859 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 860 | #if defined(MBEDTLS_SSL_CACHE_C) && defined(MBEDTLS_SSL_SRV_C) |
| 861 | if (endpoint_type == MBEDTLS_SSL_IS_SERVER && options->cache != NULL) { |
| 862 | mbedtls_ssl_conf_session_cache(&(ep->conf), options->cache, |
| 863 | mbedtls_ssl_cache_get, |
| 864 | mbedtls_ssl_cache_set); |
| 865 | } |
| 866 | #endif |
| 867 | |
| 868 | ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf)); |
| 869 | TEST_ASSERT(ret == 0); |
| 870 | |
| Gilles Peskine | 1f6864b | 2025-02-13 17:28:49 +0100 | [diff] [blame] | 871 | if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) { |
| 872 | ret = mbedtls_ssl_set_hostname(&(ep->ssl), "localhost"); |
| Gilles Peskine | 1ff1281 | 2025-04-08 09:44:34 +0200 | [diff] [blame^] | 873 | TEST_EQUAL(ret, 0); |
| Gilles Peskine | 1f6864b | 2025-02-13 17:28:49 +0100 | [diff] [blame] | 874 | } |
| 875 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 876 | #if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C) |
| 877 | if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) { |
| 878 | mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL); |
| 879 | } |
| 880 | #endif |
| 881 | |
| Ronald Cron | ec3408d | 2024-01-16 17:50:40 +0100 | [diff] [blame] | 882 | #if defined(MBEDTLS_DEBUG_C) |
| 883 | #if defined(MBEDTLS_SSL_SRV_C) |
| 884 | if (endpoint_type == MBEDTLS_SSL_IS_SERVER && |
| 885 | options->srv_log_fun != NULL) { |
| 886 | mbedtls_ssl_conf_dbg(&(ep->conf), options->srv_log_fun, |
| 887 | options->srv_log_obj); |
| 888 | } |
| 889 | #endif |
| 890 | #if defined(MBEDTLS_SSL_CLI_C) |
| 891 | if (endpoint_type == MBEDTLS_SSL_IS_CLIENT && |
| 892 | options->cli_log_fun != NULL) { |
| 893 | mbedtls_ssl_conf_dbg(&(ep->conf), options->cli_log_fun, |
| 894 | options->cli_log_obj); |
| 895 | } |
| 896 | #endif |
| 897 | #endif /* MBEDTLS_DEBUG_C */ |
| 898 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 899 | ret = mbedtls_test_ssl_endpoint_certificate_init(ep, options->pk_alg, |
| 900 | options->opaque_alg, |
| 901 | options->opaque_alg2, |
| 902 | options->opaque_usage); |
| 903 | TEST_ASSERT(ret == 0); |
| 904 | |
| 905 | TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), user_data_n); |
| 906 | mbedtls_ssl_conf_set_user_data_p(&ep->conf, ep); |
| 907 | TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), user_data_n); |
| 908 | mbedtls_ssl_set_user_data_p(&ep->ssl, ep); |
| 909 | |
| 910 | exit: |
| 911 | return ret; |
| 912 | } |
| 913 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 914 | void mbedtls_test_ssl_endpoint_free( |
| 915 | mbedtls_test_ssl_endpoint *ep, |
| 916 | mbedtls_test_message_socket_context *context) |
| 917 | { |
| Yanray Wang | f6f7190 | 2023-03-15 16:05:14 +0800 | [diff] [blame] | 918 | test_ssl_endpoint_certificate_free(ep); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 919 | |
| 920 | mbedtls_ssl_free(&(ep->ssl)); |
| 921 | mbedtls_ssl_config_free(&(ep->conf)); |
| 922 | |
| 923 | if (context != NULL) { |
| 924 | mbedtls_test_message_socket_close(context); |
| 925 | } else { |
| 926 | mbedtls_test_mock_socket_close(&(ep->socket)); |
| 927 | } |
| 928 | } |
| 929 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 930 | int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl, |
| 931 | mbedtls_ssl_context *second_ssl, |
| 932 | int state) |
| 933 | { |
| 934 | enum { BUFFSIZE = 1024 }; |
| 935 | int max_steps = 1000; |
| 936 | int ret = 0; |
| 937 | |
| 938 | if (ssl == NULL || second_ssl == NULL) { |
| 939 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
| 940 | } |
| 941 | |
| 942 | /* Perform communication via connected sockets */ |
| 943 | while ((ssl->state != state) && (--max_steps >= 0)) { |
| 944 | /* If /p second_ssl ends the handshake procedure before /p ssl then |
| 945 | * there is no need to call the next step */ |
| 946 | if (!mbedtls_ssl_is_handshake_over(second_ssl)) { |
| 947 | ret = mbedtls_ssl_handshake_step(second_ssl); |
| 948 | if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && |
| 949 | ret != MBEDTLS_ERR_SSL_WANT_WRITE) { |
| 950 | return ret; |
| 951 | } |
| 952 | } |
| 953 | |
| 954 | /* We only care about the \p ssl state and returns, so we call it last, |
| 955 | * to leave the iteration as soon as the state is as expected. */ |
| 956 | ret = mbedtls_ssl_handshake_step(ssl); |
| 957 | if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && |
| 958 | ret != MBEDTLS_ERR_SSL_WANT_WRITE) { |
| 959 | return ret; |
| 960 | } |
| 961 | } |
| 962 | |
| 963 | return (max_steps >= 0) ? ret : -1; |
| 964 | } |
| 965 | |
| 966 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ |
| 967 | |
| 968 | /* |
| 969 | * Write application data. Increase write counter if necessary. |
| 970 | */ |
| Michael Schuster | b1e33fb | 2024-06-04 02:30:22 +0200 | [diff] [blame] | 971 | static int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl, |
| Michael Schuster | 31b1cb8 | 2024-06-04 02:41:10 +0200 | [diff] [blame] | 972 | unsigned char *buf, int buf_len, |
| 973 | int *written, |
| 974 | const int expected_fragments) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 975 | { |
| Agathiyan Bragadeesh | 9321265 | 2023-07-12 11:22:59 +0100 | [diff] [blame] | 976 | int ret; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 977 | /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is |
| 978 | * a valid no-op for TLS connections. */ |
| 979 | if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { |
| 980 | TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0); |
| 981 | } |
| 982 | |
| Agathiyan Bragadeesh | 9321265 | 2023-07-12 11:22:59 +0100 | [diff] [blame] | 983 | ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 984 | if (ret > 0) { |
| 985 | *written += ret; |
| 986 | } |
| 987 | |
| 988 | if (expected_fragments == 0) { |
| 989 | /* Used for DTLS and the message size larger than MFL. In that case |
| 990 | * the message can not be fragmented and the library should return |
| 991 | * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 992 | * to prevent a dead loop inside mbedtls_test_ssl_exchange_data(). */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 993 | return ret; |
| 994 | } else if (expected_fragments == 1) { |
| 995 | /* Used for TLS/DTLS and the message size lower than MFL */ |
| 996 | TEST_ASSERT(ret == buf_len || |
| 997 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 998 | ret == MBEDTLS_ERR_SSL_WANT_WRITE); |
| 999 | } else { |
| 1000 | /* Used for TLS and the message size larger than MFL */ |
| 1001 | TEST_ASSERT(expected_fragments > 1); |
| 1002 | TEST_ASSERT((ret >= 0 && ret <= buf_len) || |
| 1003 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 1004 | ret == MBEDTLS_ERR_SSL_WANT_WRITE); |
| 1005 | } |
| 1006 | |
| 1007 | return 0; |
| 1008 | |
| 1009 | exit: |
| 1010 | /* Some of the tests failed */ |
| 1011 | return -1; |
| 1012 | } |
| 1013 | |
| 1014 | /* |
| 1015 | * Read application data and increase read counter and fragments counter |
| 1016 | * if necessary. |
| 1017 | */ |
| Michael Schuster | b1e33fb | 2024-06-04 02:30:22 +0200 | [diff] [blame] | 1018 | static int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl, |
| Michael Schuster | 31b1cb8 | 2024-06-04 02:41:10 +0200 | [diff] [blame] | 1019 | unsigned char *buf, int buf_len, |
| 1020 | int *read, int *fragments, |
| 1021 | const int expected_fragments) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1022 | { |
| Agathiyan Bragadeesh | 9321265 | 2023-07-12 11:22:59 +0100 | [diff] [blame] | 1023 | int ret; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1024 | /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is |
| 1025 | * a valid no-op for TLS connections. */ |
| 1026 | if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { |
| 1027 | TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0); |
| 1028 | } |
| 1029 | |
| Agathiyan Bragadeesh | 9321265 | 2023-07-12 11:22:59 +0100 | [diff] [blame] | 1030 | ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1031 | if (ret > 0) { |
| 1032 | (*fragments)++; |
| 1033 | *read += ret; |
| 1034 | } |
| 1035 | |
| 1036 | if (expected_fragments == 0) { |
| 1037 | TEST_ASSERT(ret == 0); |
| 1038 | } else if (expected_fragments == 1) { |
| 1039 | TEST_ASSERT(ret == buf_len || |
| 1040 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 1041 | ret == MBEDTLS_ERR_SSL_WANT_WRITE); |
| 1042 | } else { |
| 1043 | TEST_ASSERT(expected_fragments > 1); |
| 1044 | TEST_ASSERT((ret >= 0 && ret <= buf_len) || |
| 1045 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 1046 | ret == MBEDTLS_ERR_SSL_WANT_WRITE); |
| 1047 | } |
| 1048 | |
| 1049 | return 0; |
| 1050 | |
| 1051 | exit: |
| 1052 | /* Some of the tests failed */ |
| 1053 | return -1; |
| 1054 | } |
| 1055 | |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1056 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| 1057 | static void set_ciphersuite(mbedtls_ssl_config *conf, const char *cipher, |
| 1058 | int *forced_ciphersuite) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1059 | { |
| 1060 | const mbedtls_ssl_ciphersuite_t *ciphersuite_info; |
| 1061 | forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(cipher); |
| 1062 | forced_ciphersuite[1] = 0; |
| 1063 | |
| 1064 | ciphersuite_info = |
| 1065 | mbedtls_ssl_ciphersuite_from_id(forced_ciphersuite[0]); |
| 1066 | |
| 1067 | TEST_ASSERT(ciphersuite_info != NULL); |
| 1068 | TEST_ASSERT(ciphersuite_info->min_tls_version <= conf->max_tls_version); |
| 1069 | TEST_ASSERT(ciphersuite_info->max_tls_version >= conf->min_tls_version); |
| 1070 | |
| 1071 | if (conf->max_tls_version > ciphersuite_info->max_tls_version) { |
| Agathiyan Bragadeesh | 2f017a8 | 2023-07-12 11:21:54 +0100 | [diff] [blame] | 1072 | conf->max_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->max_tls_version; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1073 | } |
| 1074 | if (conf->min_tls_version < ciphersuite_info->min_tls_version) { |
| Agathiyan Bragadeesh | 2f017a8 | 2023-07-12 11:21:54 +0100 | [diff] [blame] | 1075 | conf->min_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->min_tls_version; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1076 | } |
| 1077 | |
| 1078 | mbedtls_ssl_conf_ciphersuites(conf, forced_ciphersuite); |
| 1079 | |
| 1080 | exit: |
| 1081 | return; |
| 1082 | } |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1083 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1084 | |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1085 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \ |
| 1086 | defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \ |
| 1087 | defined(MBEDTLS_SSL_SRV_C) |
| 1088 | static int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl, |
| 1089 | const unsigned char *name, size_t name_len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1090 | { |
| 1091 | (void) p_info; |
| 1092 | (void) ssl; |
| 1093 | (void) name; |
| 1094 | (void) name_len; |
| 1095 | |
| 1096 | return 0; |
| 1097 | } |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1098 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && |
| 1099 | MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED && |
| 1100 | MBEDTLS_SSL_SRV_C */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1101 | |
| 1102 | #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ |
| Pengyu Lv | ba6825e | 2023-11-08 12:16:29 +0800 | [diff] [blame] | 1103 | defined(MBEDTLS_SSL_HAVE_CBC) && defined(MBEDTLS_SSL_HAVE_AES) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1104 | int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, |
| 1105 | const unsigned char *iv, |
| 1106 | size_t iv_len, |
| 1107 | const unsigned char *input, |
| 1108 | size_t ilen, |
| 1109 | unsigned char *output, |
| 1110 | size_t *olen) |
| 1111 | { |
| 1112 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1113 | psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; |
| 1114 | psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT; |
| 1115 | size_t part_len; |
| 1116 | |
| 1117 | status = psa_cipher_encrypt_setup(&cipher_op, |
| 1118 | transform->psa_key_enc, |
| 1119 | transform->psa_alg); |
| 1120 | |
| 1121 | if (status != PSA_SUCCESS) { |
| 1122 | return PSA_TO_MBEDTLS_ERR(status); |
| 1123 | } |
| 1124 | |
| 1125 | status = psa_cipher_set_iv(&cipher_op, iv, iv_len); |
| 1126 | |
| 1127 | if (status != PSA_SUCCESS) { |
| 1128 | return PSA_TO_MBEDTLS_ERR(status); |
| 1129 | } |
| 1130 | |
| 1131 | status = psa_cipher_update(&cipher_op, input, ilen, output, ilen, olen); |
| 1132 | |
| 1133 | if (status != PSA_SUCCESS) { |
| 1134 | return PSA_TO_MBEDTLS_ERR(status); |
| 1135 | } |
| 1136 | |
| 1137 | status = psa_cipher_finish(&cipher_op, output + *olen, ilen - *olen, |
| 1138 | &part_len); |
| 1139 | |
| 1140 | if (status != PSA_SUCCESS) { |
| 1141 | return PSA_TO_MBEDTLS_ERR(status); |
| 1142 | } |
| 1143 | |
| 1144 | *olen += part_len; |
| 1145 | return 0; |
| 1146 | #else |
| 1147 | return mbedtls_cipher_crypt(&transform->cipher_ctx_enc, |
| 1148 | iv, iv_len, input, ilen, output, olen); |
| 1149 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
| 1150 | } |
| Pengyu Lv | ba6825e | 2023-11-08 12:16:29 +0800 | [diff] [blame] | 1151 | #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_HAVE_CBC && |
| 1152 | MBEDTLS_SSL_HAVE_AES */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1153 | |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1154 | static void mbedtls_test_ssl_cipher_info_from_type(mbedtls_cipher_type_t cipher_type, |
| 1155 | mbedtls_cipher_mode_t *cipher_mode, |
| 1156 | size_t *key_bits, size_t *iv_len) |
| 1157 | { |
| 1158 | switch (cipher_type) { |
| 1159 | case MBEDTLS_CIPHER_AES_128_CBC: |
| 1160 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1161 | *key_bits = 128; |
| 1162 | *iv_len = 16; |
| 1163 | break; |
| 1164 | case MBEDTLS_CIPHER_AES_256_CBC: |
| 1165 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1166 | *key_bits = 256; |
| 1167 | *iv_len = 16; |
| 1168 | break; |
| 1169 | case MBEDTLS_CIPHER_ARIA_128_CBC: |
| 1170 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1171 | *key_bits = 128; |
| 1172 | *iv_len = 16; |
| 1173 | break; |
| 1174 | case MBEDTLS_CIPHER_ARIA_256_CBC: |
| 1175 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1176 | *key_bits = 256; |
| 1177 | *iv_len = 16; |
| 1178 | break; |
| 1179 | case MBEDTLS_CIPHER_CAMELLIA_128_CBC: |
| 1180 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1181 | *key_bits = 128; |
| 1182 | *iv_len = 16; |
| 1183 | break; |
| 1184 | case MBEDTLS_CIPHER_CAMELLIA_256_CBC: |
| 1185 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1186 | *key_bits = 256; |
| 1187 | *iv_len = 16; |
| 1188 | break; |
| 1189 | |
| 1190 | case MBEDTLS_CIPHER_AES_128_CCM: |
| 1191 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1192 | *key_bits = 128; |
| 1193 | *iv_len = 12; |
| 1194 | break; |
| 1195 | case MBEDTLS_CIPHER_AES_192_CCM: |
| 1196 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1197 | *key_bits = 192; |
| 1198 | *iv_len = 12; |
| 1199 | break; |
| 1200 | case MBEDTLS_CIPHER_AES_256_CCM: |
| 1201 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1202 | *key_bits = 256; |
| 1203 | *iv_len = 12; |
| 1204 | break; |
| 1205 | case MBEDTLS_CIPHER_CAMELLIA_128_CCM: |
| 1206 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1207 | *key_bits = 128; |
| 1208 | *iv_len = 12; |
| 1209 | break; |
| 1210 | case MBEDTLS_CIPHER_CAMELLIA_192_CCM: |
| 1211 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1212 | *key_bits = 192; |
| 1213 | *iv_len = 12; |
| 1214 | break; |
| 1215 | case MBEDTLS_CIPHER_CAMELLIA_256_CCM: |
| 1216 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1217 | *key_bits = 256; |
| 1218 | *iv_len = 12; |
| 1219 | break; |
| 1220 | |
| 1221 | case MBEDTLS_CIPHER_AES_128_GCM: |
| 1222 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1223 | *key_bits = 128; |
| 1224 | *iv_len = 12; |
| 1225 | break; |
| 1226 | case MBEDTLS_CIPHER_AES_192_GCM: |
| 1227 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1228 | *key_bits = 192; |
| 1229 | *iv_len = 12; |
| 1230 | break; |
| 1231 | case MBEDTLS_CIPHER_AES_256_GCM: |
| 1232 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1233 | *key_bits = 256; |
| 1234 | *iv_len = 12; |
| 1235 | break; |
| 1236 | case MBEDTLS_CIPHER_CAMELLIA_128_GCM: |
| 1237 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1238 | *key_bits = 128; |
| 1239 | *iv_len = 12; |
| 1240 | break; |
| 1241 | case MBEDTLS_CIPHER_CAMELLIA_192_GCM: |
| 1242 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1243 | *key_bits = 192; |
| 1244 | *iv_len = 12; |
| 1245 | break; |
| 1246 | case MBEDTLS_CIPHER_CAMELLIA_256_GCM: |
| 1247 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1248 | *key_bits = 256; |
| 1249 | *iv_len = 12; |
| 1250 | break; |
| 1251 | |
| 1252 | case MBEDTLS_CIPHER_CHACHA20_POLY1305: |
| 1253 | *cipher_mode = MBEDTLS_MODE_CHACHAPOLY; |
| 1254 | *key_bits = 256; |
| 1255 | *iv_len = 12; |
| 1256 | break; |
| 1257 | |
| 1258 | case MBEDTLS_CIPHER_NULL: |
| 1259 | *cipher_mode = MBEDTLS_MODE_STREAM; |
| 1260 | *key_bits = 0; |
| 1261 | *iv_len = 0; |
| 1262 | break; |
| 1263 | |
| 1264 | default: |
| 1265 | *cipher_mode = MBEDTLS_MODE_NONE; |
| 1266 | *key_bits = 0; |
| 1267 | *iv_len = 0; |
| 1268 | } |
| 1269 | } |
| 1270 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1271 | int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, |
| 1272 | mbedtls_ssl_transform *t_out, |
| 1273 | int cipher_type, int hash_id, |
| 1274 | int etm, int tag_mode, |
| 1275 | mbedtls_ssl_protocol_version tls_version, |
| 1276 | size_t cid0_len, |
| 1277 | size_t cid1_len) |
| 1278 | { |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1279 | mbedtls_cipher_mode_t cipher_mode = MBEDTLS_MODE_NONE; |
| 1280 | size_t key_bits = 0; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1281 | int ret = 0; |
| 1282 | |
| 1283 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1284 | psa_key_type_t key_type; |
| 1285 | psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; |
| 1286 | psa_algorithm_t alg; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1287 | psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; |
| Valerio Setti | 3d59ebe | 2023-10-30 11:56:56 +0100 | [diff] [blame] | 1288 | #else |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1289 | mbedtls_cipher_info_t const *cipher_info; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1290 | #endif |
| 1291 | |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1292 | size_t keylen, maclen, ivlen = 0; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1293 | unsigned char *key0 = NULL, *key1 = NULL; |
| 1294 | unsigned char *md0 = NULL, *md1 = NULL; |
| 1295 | unsigned char iv_enc[16], iv_dec[16]; |
| 1296 | |
| 1297 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
| 1298 | unsigned char cid0[SSL_CID_LEN_MIN]; |
| 1299 | unsigned char cid1[SSL_CID_LEN_MIN]; |
| 1300 | |
| 1301 | mbedtls_test_rnd_std_rand(NULL, cid0, sizeof(cid0)); |
| 1302 | mbedtls_test_rnd_std_rand(NULL, cid1, sizeof(cid1)); |
| 1303 | #else |
| 1304 | ((void) cid0_len); |
| 1305 | ((void) cid1_len); |
| 1306 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
| 1307 | |
| 1308 | maclen = 0; |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1309 | mbedtls_test_ssl_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type, |
| 1310 | &cipher_mode, &key_bits, &ivlen); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1311 | |
| 1312 | /* Pick keys */ |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1313 | keylen = key_bits / 8; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1314 | /* Allocate `keylen + 1` bytes to ensure that we get |
| 1315 | * a non-NULL pointers from `mbedtls_calloc` even if |
| 1316 | * `keylen == 0` in the case of the NULL cipher. */ |
| 1317 | CHK((key0 = mbedtls_calloc(1, keylen + 1)) != NULL); |
| 1318 | CHK((key1 = mbedtls_calloc(1, keylen + 1)) != NULL); |
| 1319 | memset(key0, 0x1, keylen); |
| 1320 | memset(key1, 0x2, keylen); |
| 1321 | |
| 1322 | #if !defined(MBEDTLS_USE_PSA_CRYPTO) |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1323 | /* Pick cipher */ |
| 1324 | cipher_info = mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type); |
| 1325 | CHK(cipher_info != NULL); |
| 1326 | CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16); |
| 1327 | CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0); |
| Valerio Setti | 3d59ebe | 2023-10-30 11:56:56 +0100 | [diff] [blame] | 1328 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1329 | /* Setup cipher contexts */ |
| 1330 | CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc, cipher_info) == 0); |
| 1331 | CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_dec, cipher_info) == 0); |
| 1332 | CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_enc, cipher_info) == 0); |
| 1333 | CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_dec, cipher_info) == 0); |
| 1334 | |
| 1335 | #if defined(MBEDTLS_CIPHER_MODE_CBC) |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1336 | if (cipher_mode == MBEDTLS_MODE_CBC) { |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1337 | CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_enc, |
| 1338 | MBEDTLS_PADDING_NONE) == 0); |
| 1339 | CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_dec, |
| 1340 | MBEDTLS_PADDING_NONE) == 0); |
| 1341 | CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_enc, |
| 1342 | MBEDTLS_PADDING_NONE) == 0); |
| 1343 | CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_dec, |
| 1344 | MBEDTLS_PADDING_NONE) == 0); |
| 1345 | } |
| 1346 | #endif /* MBEDTLS_CIPHER_MODE_CBC */ |
| 1347 | |
| 1348 | CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_enc, key0, |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1349 | (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, |
| 1350 | MBEDTLS_ENCRYPT) |
| 1351 | == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1352 | CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_dec, key1, |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1353 | (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, |
| 1354 | MBEDTLS_DECRYPT) |
| 1355 | == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1356 | CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_enc, key1, |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1357 | (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, |
| 1358 | MBEDTLS_ENCRYPT) |
| 1359 | == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1360 | CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_dec, key0, |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1361 | (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, |
| 1362 | MBEDTLS_DECRYPT) |
| 1363 | == 0); |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1364 | #endif /* !MBEDTLS_USE_PSA_CRYPTO */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1365 | |
| 1366 | /* Setup MAC contexts */ |
| 1367 | #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1368 | if (cipher_mode == MBEDTLS_MODE_CBC || |
| 1369 | cipher_mode == MBEDTLS_MODE_STREAM) { |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1370 | #if !defined(MBEDTLS_USE_PSA_CRYPTO) |
| Agathiyan Bragadeesh | 2f017a8 | 2023-07-12 11:21:54 +0100 | [diff] [blame] | 1371 | mbedtls_md_info_t const *md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) hash_id); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1372 | CHK(md_info != NULL); |
| 1373 | #endif |
| Agathiyan Bragadeesh | 2f017a8 | 2023-07-12 11:21:54 +0100 | [diff] [blame] | 1374 | maclen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) hash_id); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1375 | CHK(maclen != 0); |
| 1376 | /* Pick hash keys */ |
| 1377 | CHK((md0 = mbedtls_calloc(1, maclen)) != NULL); |
| 1378 | CHK((md1 = mbedtls_calloc(1, maclen)) != NULL); |
| 1379 | memset(md0, 0x5, maclen); |
| 1380 | memset(md1, 0x6, maclen); |
| 1381 | |
| 1382 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| Manuel Pégourié-Gonnard | 2d6d993 | 2023-03-28 11:38:08 +0200 | [diff] [blame] | 1383 | alg = mbedtls_md_psa_alg_from_type(hash_id); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1384 | |
| 1385 | CHK(alg != 0); |
| 1386 | |
| 1387 | t_out->psa_mac_alg = PSA_ALG_HMAC(alg); |
| 1388 | t_in->psa_mac_alg = PSA_ALG_HMAC(alg); |
| 1389 | t_in->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; |
| 1390 | t_out->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; |
| 1391 | t_in->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; |
| 1392 | t_out->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; |
| 1393 | |
| 1394 | psa_reset_key_attributes(&attributes); |
| 1395 | psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); |
| 1396 | psa_set_key_algorithm(&attributes, PSA_ALG_HMAC(alg)); |
| 1397 | psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC); |
| 1398 | |
| 1399 | CHK(psa_import_key(&attributes, |
| 1400 | md0, maclen, |
| 1401 | &t_in->psa_mac_enc) == PSA_SUCCESS); |
| 1402 | |
| 1403 | CHK(psa_import_key(&attributes, |
| 1404 | md1, maclen, |
| 1405 | &t_out->psa_mac_enc) == PSA_SUCCESS); |
| 1406 | |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1407 | if (cipher_mode == MBEDTLS_MODE_STREAM || |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1408 | etm == MBEDTLS_SSL_ETM_DISABLED) { |
| 1409 | /* mbedtls_ct_hmac() requires the key to be exportable */ |
| 1410 | psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | |
| 1411 | PSA_KEY_USAGE_VERIFY_HASH); |
| 1412 | } else { |
| 1413 | psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); |
| 1414 | } |
| 1415 | |
| 1416 | CHK(psa_import_key(&attributes, |
| 1417 | md1, maclen, |
| 1418 | &t_in->psa_mac_dec) == PSA_SUCCESS); |
| 1419 | |
| 1420 | CHK(psa_import_key(&attributes, |
| 1421 | md0, maclen, |
| 1422 | &t_out->psa_mac_dec) == PSA_SUCCESS); |
| 1423 | #else |
| 1424 | CHK(mbedtls_md_setup(&t_out->md_ctx_enc, md_info, 1) == 0); |
| 1425 | CHK(mbedtls_md_setup(&t_out->md_ctx_dec, md_info, 1) == 0); |
| 1426 | CHK(mbedtls_md_setup(&t_in->md_ctx_enc, md_info, 1) == 0); |
| 1427 | CHK(mbedtls_md_setup(&t_in->md_ctx_dec, md_info, 1) == 0); |
| 1428 | |
| 1429 | CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_enc, |
| 1430 | md0, maclen) == 0); |
| 1431 | CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_dec, |
| 1432 | md1, maclen) == 0); |
| 1433 | CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_enc, |
| 1434 | md1, maclen) == 0); |
| 1435 | CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_dec, |
| 1436 | md0, maclen) == 0); |
| 1437 | #endif |
| 1438 | } |
| 1439 | #else |
| 1440 | ((void) hash_id); |
| 1441 | #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ |
| 1442 | |
| 1443 | |
| 1444 | /* Pick IV's (regardless of whether they |
| 1445 | * are being used by the transform). */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1446 | memset(iv_enc, 0x3, sizeof(iv_enc)); |
| 1447 | memset(iv_dec, 0x4, sizeof(iv_dec)); |
| 1448 | |
| 1449 | /* |
| 1450 | * Setup transforms |
| 1451 | */ |
| 1452 | |
| 1453 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ |
| 1454 | defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) |
| 1455 | t_out->encrypt_then_mac = etm; |
| 1456 | t_in->encrypt_then_mac = etm; |
| 1457 | #else |
| 1458 | ((void) etm); |
| 1459 | #endif |
| 1460 | |
| 1461 | t_out->tls_version = tls_version; |
| 1462 | t_in->tls_version = tls_version; |
| 1463 | t_out->ivlen = ivlen; |
| 1464 | t_in->ivlen = ivlen; |
| 1465 | |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1466 | switch (cipher_mode) { |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1467 | case MBEDTLS_MODE_GCM: |
| 1468 | case MBEDTLS_MODE_CCM: |
| 1469 | #if defined(MBEDTLS_SSL_PROTO_TLS1_3) |
| 1470 | if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { |
| 1471 | t_out->fixed_ivlen = 12; |
| 1472 | t_in->fixed_ivlen = 12; |
| 1473 | } else |
| 1474 | #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ |
| 1475 | { |
| 1476 | t_out->fixed_ivlen = 4; |
| 1477 | t_in->fixed_ivlen = 4; |
| 1478 | } |
| 1479 | t_out->maclen = 0; |
| 1480 | t_in->maclen = 0; |
| 1481 | switch (tag_mode) { |
| 1482 | case 0: /* Full tag */ |
| 1483 | t_out->taglen = 16; |
| 1484 | t_in->taglen = 16; |
| 1485 | break; |
| 1486 | case 1: /* Partial tag */ |
| 1487 | t_out->taglen = 8; |
| 1488 | t_in->taglen = 8; |
| 1489 | break; |
| 1490 | default: |
| 1491 | ret = 1; |
| 1492 | goto cleanup; |
| 1493 | } |
| 1494 | break; |
| 1495 | |
| 1496 | case MBEDTLS_MODE_CHACHAPOLY: |
| 1497 | t_out->fixed_ivlen = 12; |
| 1498 | t_in->fixed_ivlen = 12; |
| 1499 | t_out->maclen = 0; |
| 1500 | t_in->maclen = 0; |
| 1501 | switch (tag_mode) { |
| 1502 | case 0: /* Full tag */ |
| 1503 | t_out->taglen = 16; |
| 1504 | t_in->taglen = 16; |
| 1505 | break; |
| 1506 | case 1: /* Partial tag */ |
| 1507 | t_out->taglen = 8; |
| 1508 | t_in->taglen = 8; |
| 1509 | break; |
| 1510 | default: |
| 1511 | ret = 1; |
| 1512 | goto cleanup; |
| 1513 | } |
| 1514 | break; |
| 1515 | |
| 1516 | case MBEDTLS_MODE_STREAM: |
| 1517 | case MBEDTLS_MODE_CBC: |
| 1518 | t_out->fixed_ivlen = 0; /* redundant, must be 0 */ |
| 1519 | t_in->fixed_ivlen = 0; /* redundant, must be 0 */ |
| 1520 | t_out->taglen = 0; |
| 1521 | t_in->taglen = 0; |
| 1522 | switch (tag_mode) { |
| 1523 | case 0: /* Full tag */ |
| 1524 | t_out->maclen = maclen; |
| 1525 | t_in->maclen = maclen; |
| 1526 | break; |
| 1527 | default: |
| 1528 | ret = 1; |
| 1529 | goto cleanup; |
| 1530 | } |
| 1531 | break; |
| 1532 | default: |
| 1533 | ret = 1; |
| 1534 | goto cleanup; |
| 1535 | break; |
| 1536 | } |
| 1537 | |
| 1538 | /* Setup IV's */ |
| 1539 | |
| 1540 | memcpy(&t_in->iv_dec, iv_dec, sizeof(iv_dec)); |
| 1541 | memcpy(&t_in->iv_enc, iv_enc, sizeof(iv_enc)); |
| 1542 | memcpy(&t_out->iv_dec, iv_enc, sizeof(iv_enc)); |
| 1543 | memcpy(&t_out->iv_enc, iv_dec, sizeof(iv_dec)); |
| 1544 | |
| 1545 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
| 1546 | /* Add CID */ |
| 1547 | memcpy(&t_in->in_cid, cid0, cid0_len); |
| 1548 | memcpy(&t_in->out_cid, cid1, cid1_len); |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1549 | t_in->in_cid_len = (uint8_t) cid0_len; |
| 1550 | t_in->out_cid_len = (uint8_t) cid1_len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1551 | memcpy(&t_out->in_cid, cid1, cid1_len); |
| 1552 | memcpy(&t_out->out_cid, cid0, cid0_len); |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1553 | t_out->in_cid_len = (uint8_t) cid1_len; |
| 1554 | t_out->out_cid_len = (uint8_t) cid0_len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1555 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
| 1556 | |
| 1557 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1558 | status = mbedtls_ssl_cipher_to_psa(cipher_type, |
| 1559 | t_in->taglen, |
| 1560 | &alg, |
| 1561 | &key_type, |
| 1562 | &key_bits); |
| 1563 | |
| 1564 | if (status != PSA_SUCCESS) { |
| 1565 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1566 | goto cleanup; |
| 1567 | } |
| 1568 | |
| 1569 | t_in->psa_alg = alg; |
| 1570 | t_out->psa_alg = alg; |
| 1571 | |
| 1572 | if (alg != MBEDTLS_SSL_NULL_CIPHER) { |
| 1573 | psa_reset_key_attributes(&attributes); |
| 1574 | psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); |
| 1575 | psa_set_key_algorithm(&attributes, alg); |
| 1576 | psa_set_key_type(&attributes, key_type); |
| 1577 | |
| 1578 | status = psa_import_key(&attributes, |
| 1579 | key0, |
| 1580 | PSA_BITS_TO_BYTES(key_bits), |
| 1581 | &t_in->psa_key_enc); |
| 1582 | |
| 1583 | if (status != PSA_SUCCESS) { |
| 1584 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1585 | goto cleanup; |
| 1586 | } |
| 1587 | |
| 1588 | status = psa_import_key(&attributes, |
| 1589 | key1, |
| 1590 | PSA_BITS_TO_BYTES(key_bits), |
| 1591 | &t_out->psa_key_enc); |
| 1592 | |
| 1593 | if (status != PSA_SUCCESS) { |
| 1594 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1595 | goto cleanup; |
| 1596 | } |
| 1597 | |
| 1598 | psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); |
| 1599 | |
| 1600 | status = psa_import_key(&attributes, |
| 1601 | key1, |
| 1602 | PSA_BITS_TO_BYTES(key_bits), |
| 1603 | &t_in->psa_key_dec); |
| 1604 | |
| 1605 | if (status != PSA_SUCCESS) { |
| 1606 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1607 | goto cleanup; |
| 1608 | } |
| 1609 | |
| 1610 | status = psa_import_key(&attributes, |
| 1611 | key0, |
| 1612 | PSA_BITS_TO_BYTES(key_bits), |
| 1613 | &t_out->psa_key_dec); |
| 1614 | |
| 1615 | if (status != PSA_SUCCESS) { |
| 1616 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1617 | goto cleanup; |
| 1618 | } |
| 1619 | } |
| 1620 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
| 1621 | |
| 1622 | cleanup: |
| 1623 | |
| 1624 | mbedtls_free(key0); |
| 1625 | mbedtls_free(key1); |
| 1626 | |
| 1627 | mbedtls_free(md0); |
| 1628 | mbedtls_free(md1); |
| 1629 | |
| 1630 | return ret; |
| 1631 | } |
| 1632 | |
| Gilles Peskine | 9099d3f | 2023-09-18 13:11:50 +0200 | [diff] [blame] | 1633 | #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) |
| 1634 | int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record, |
| 1635 | mbedtls_ssl_transform *transform_out) |
| 1636 | { |
| 1637 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1638 | psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; |
| 1639 | #endif |
| 1640 | |
| 1641 | /* Serialized version of record header for MAC purposes */ |
| 1642 | unsigned char add_data[13]; |
| 1643 | memcpy(add_data, record->ctr, 8); |
| 1644 | add_data[8] = record->type; |
| 1645 | add_data[9] = record->ver[0]; |
| 1646 | add_data[10] = record->ver[1]; |
| 1647 | add_data[11] = (record->data_len >> 8) & 0xff; |
| 1648 | add_data[12] = (record->data_len >> 0) & 0xff; |
| 1649 | |
| 1650 | /* MAC with additional data */ |
| 1651 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1652 | size_t sign_mac_length = 0; |
| 1653 | TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_setup(&operation, |
| 1654 | transform_out->psa_mac_enc, |
| 1655 | transform_out->psa_mac_alg)); |
| 1656 | TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, add_data, 13)); |
| 1657 | TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, |
| 1658 | record->buf + record->data_offset, |
| 1659 | record->data_len)); |
| 1660 | /* Use a temporary buffer for the MAC, because with the truncated HMAC |
| 1661 | * extension, there might not be enough room in the record for the |
| 1662 | * full-length MAC. */ |
| 1663 | unsigned char mac[PSA_HASH_MAX_SIZE]; |
| 1664 | TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_finish(&operation, |
| 1665 | mac, sizeof(mac), |
| 1666 | &sign_mac_length)); |
| 1667 | #else |
| 1668 | TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, add_data, 13)); |
| 1669 | TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, |
| 1670 | record->buf + record->data_offset, |
| 1671 | record->data_len)); |
| 1672 | /* Use a temporary buffer for the MAC, because with the truncated HMAC |
| 1673 | * extension, there might not be enough room in the record for the |
| 1674 | * full-length MAC. */ |
| 1675 | unsigned char mac[MBEDTLS_MD_MAX_SIZE]; |
| 1676 | TEST_EQUAL(0, mbedtls_md_hmac_finish(&transform_out->md_ctx_enc, mac)); |
| 1677 | #endif |
| 1678 | memcpy(record->buf + record->data_offset + record->data_len, mac, transform_out->maclen); |
| 1679 | record->data_len += transform_out->maclen; |
| 1680 | |
| 1681 | return 0; |
| 1682 | |
| 1683 | exit: |
| 1684 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1685 | psa_mac_abort(&operation); |
| 1686 | #endif |
| 1687 | return -1; |
| 1688 | } |
| 1689 | #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ |
| 1690 | |
| Jerry Yu | 28547c4 | 2023-10-31 14:42:50 +0800 | [diff] [blame] | 1691 | #if defined(MBEDTLS_SSL_PROTO_TLS1_2) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1692 | int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, |
| 1693 | int ticket_len, |
| Ronald Cron | 7b1921a | 2023-11-23 12:31:56 +0100 | [diff] [blame] | 1694 | int endpoint_type, |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1695 | const char *crt_file) |
| 1696 | { |
| Ronald Cron | c57f86e | 2023-11-22 09:50:01 +0100 | [diff] [blame] | 1697 | (void) ticket_len; |
| 1698 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1699 | #if defined(MBEDTLS_HAVE_TIME) |
| 1700 | session->start = mbedtls_time(NULL) - 42; |
| 1701 | #endif |
| 1702 | session->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; |
| Ronald Cron | c7fa82e | 2024-02-09 09:33:09 +0100 | [diff] [blame] | 1703 | |
| 1704 | TEST_ASSERT(endpoint_type == MBEDTLS_SSL_IS_CLIENT || |
| 1705 | endpoint_type == MBEDTLS_SSL_IS_SERVER); |
| 1706 | |
| 1707 | session->endpoint = endpoint_type; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1708 | session->ciphersuite = 0xabcd; |
| 1709 | session->id_len = sizeof(session->id); |
| 1710 | memset(session->id, 66, session->id_len); |
| 1711 | memset(session->master, 17, sizeof(session->master)); |
| 1712 | |
| 1713 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && defined(MBEDTLS_FS_IO) |
| 1714 | if (crt_file != NULL && strlen(crt_file) != 0) { |
| 1715 | mbedtls_x509_crt tmp_crt; |
| 1716 | int ret; |
| 1717 | |
| 1718 | mbedtls_x509_crt_init(&tmp_crt); |
| 1719 | ret = mbedtls_x509_crt_parse_file(&tmp_crt, crt_file); |
| 1720 | if (ret != 0) { |
| 1721 | return ret; |
| 1722 | } |
| 1723 | |
| 1724 | #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) |
| 1725 | /* Move temporary CRT. */ |
| 1726 | session->peer_cert = mbedtls_calloc(1, sizeof(*session->peer_cert)); |
| 1727 | if (session->peer_cert == NULL) { |
| 1728 | return -1; |
| 1729 | } |
| 1730 | *session->peer_cert = tmp_crt; |
| 1731 | memset(&tmp_crt, 0, sizeof(tmp_crt)); |
| 1732 | #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ |
| 1733 | /* Calculate digest of temporary CRT. */ |
| 1734 | session->peer_cert_digest = |
| 1735 | mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN); |
| 1736 | if (session->peer_cert_digest == NULL) { |
| 1737 | return -1; |
| 1738 | } |
| 1739 | |
| 1740 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| Manuel Pégourié-Gonnard | 2d6d993 | 2023-03-28 11:38:08 +0200 | [diff] [blame] | 1741 | psa_algorithm_t psa_alg = mbedtls_md_psa_alg_from_type( |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1742 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE); |
| 1743 | size_t hash_size = 0; |
| 1744 | psa_status_t status = psa_hash_compute( |
| 1745 | psa_alg, tmp_crt.raw.p, |
| 1746 | tmp_crt.raw.len, |
| 1747 | session->peer_cert_digest, |
| 1748 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN, |
| 1749 | &hash_size); |
| 1750 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1751 | #else |
| 1752 | ret = mbedtls_md(mbedtls_md_info_from_type( |
| 1753 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE), |
| 1754 | tmp_crt.raw.p, tmp_crt.raw.len, |
| 1755 | session->peer_cert_digest); |
| 1756 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
| 1757 | if (ret != 0) { |
| 1758 | return ret; |
| 1759 | } |
| 1760 | session->peer_cert_digest_type = |
| 1761 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; |
| 1762 | session->peer_cert_digest_len = |
| 1763 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; |
| 1764 | #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ |
| 1765 | |
| 1766 | mbedtls_x509_crt_free(&tmp_crt); |
| 1767 | } |
| 1768 | #else /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ |
| 1769 | (void) crt_file; |
| 1770 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ |
| 1771 | session->verify_result = 0xdeadbeef; |
| 1772 | |
| Ronald Cron | c57f86e | 2023-11-22 09:50:01 +0100 | [diff] [blame] | 1773 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| 1774 | #if defined(MBEDTLS_SSL_CLI_C) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1775 | if (ticket_len != 0) { |
| 1776 | session->ticket = mbedtls_calloc(1, ticket_len); |
| 1777 | if (session->ticket == NULL) { |
| 1778 | return -1; |
| 1779 | } |
| 1780 | memset(session->ticket, 33, ticket_len); |
| 1781 | } |
| 1782 | session->ticket_len = ticket_len; |
| 1783 | session->ticket_lifetime = 86401; |
| Ronald Cron | c57f86e | 2023-11-22 09:50:01 +0100 | [diff] [blame] | 1784 | #endif /* MBEDTLS_SSL_CLI_C */ |
| 1785 | |
| 1786 | #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_HAVE_TIME) |
| 1787 | if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { |
| 1788 | session->ticket_creation_time = mbedtls_ms_time() - 42; |
| 1789 | } |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1790 | #endif |
| Ronald Cron | c57f86e | 2023-11-22 09:50:01 +0100 | [diff] [blame] | 1791 | #endif /* MBEDTLS_SSL_SESSION_TICKETS */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1792 | |
| 1793 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
| 1794 | session->mfl_code = 1; |
| 1795 | #endif |
| 1796 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) |
| 1797 | session->encrypt_then_mac = 1; |
| 1798 | #endif |
| 1799 | |
| Ronald Cron | c7fa82e | 2024-02-09 09:33:09 +0100 | [diff] [blame] | 1800 | exit: |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1801 | return 0; |
| 1802 | } |
| Jerry Yu | 28547c4 | 2023-10-31 14:42:50 +0800 | [diff] [blame] | 1803 | #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1804 | |
| 1805 | #if defined(MBEDTLS_SSL_PROTO_TLS1_3) |
| 1806 | int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, |
| 1807 | int ticket_len, |
| 1808 | int endpoint_type) |
| 1809 | { |
| 1810 | ((void) ticket_len); |
| 1811 | session->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; |
| 1812 | session->endpoint = endpoint_type == MBEDTLS_SSL_IS_CLIENT ? |
| 1813 | MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER; |
| 1814 | session->ciphersuite = 0xabcd; |
| Ronald Cron | 8196369 | 2024-03-26 10:15:08 +0100 | [diff] [blame] | 1815 | |
| 1816 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1817 | session->ticket_age_add = 0x87654321; |
| 1818 | session->ticket_flags = 0x7; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1819 | session->resumption_key_len = 32; |
| 1820 | memset(session->resumption_key, 0x99, sizeof(session->resumption_key)); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1821 | #endif |
| 1822 | |
| Ronald Cron | 8196369 | 2024-03-26 10:15:08 +0100 | [diff] [blame] | 1823 | #if defined(MBEDTLS_SSL_SRV_C) |
| 1824 | if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { |
| 1825 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| 1826 | #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_ALPN) |
| 1827 | int ret = mbedtls_ssl_session_set_ticket_alpn(session, "ALPNExample"); |
| 1828 | if (ret != 0) { |
| 1829 | return -1; |
| 1830 | } |
| 1831 | #endif |
| 1832 | #if defined(MBEDTLS_HAVE_TIME) |
| 1833 | session->ticket_creation_time = mbedtls_ms_time() - 42; |
| 1834 | #endif |
| 1835 | #endif /* MBEDTLS_SSL_SESSION_TICKETS */ |
| 1836 | } |
| 1837 | #endif /* MBEDTLS_SSL_SRV_C */ |
| 1838 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1839 | #if defined(MBEDTLS_SSL_CLI_C) |
| 1840 | if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { |
| Ronald Cron | 8196369 | 2024-03-26 10:15:08 +0100 | [diff] [blame] | 1841 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1842 | #if defined(MBEDTLS_HAVE_TIME) |
| Jerry Yu | 342a555 | 2023-11-10 14:23:39 +0800 | [diff] [blame] | 1843 | session->ticket_reception_time = mbedtls_ms_time() - 40; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1844 | #endif |
| 1845 | session->ticket_lifetime = 0xfedcba98; |
| 1846 | |
| 1847 | session->ticket_len = ticket_len; |
| 1848 | if (ticket_len != 0) { |
| 1849 | session->ticket = mbedtls_calloc(1, ticket_len); |
| 1850 | if (session->ticket == NULL) { |
| 1851 | return -1; |
| 1852 | } |
| 1853 | memset(session->ticket, 33, ticket_len); |
| 1854 | } |
| Ronald Cron | 346b818 | 2024-03-27 09:30:13 +0100 | [diff] [blame] | 1855 | #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) |
| 1856 | char hostname[] = "hostname example"; |
| 1857 | session->hostname = mbedtls_calloc(1, sizeof(hostname)); |
| 1858 | if (session->hostname == NULL) { |
| 1859 | return -1; |
| 1860 | } |
| 1861 | memcpy(session->hostname, hostname, sizeof(hostname)); |
| 1862 | #endif |
| Ronald Cron | 8196369 | 2024-03-26 10:15:08 +0100 | [diff] [blame] | 1863 | #endif /* MBEDTLS_SSL_SESSION_TICKETS */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1864 | } |
| 1865 | #endif /* MBEDTLS_SSL_CLI_C */ |
| 1866 | |
| Ronald Cron | 8196369 | 2024-03-26 10:15:08 +0100 | [diff] [blame] | 1867 | #if defined(MBEDTLS_SSL_EARLY_DATA) |
| 1868 | session->max_early_data_size = 0x87654321; |
| 1869 | #endif /* MBEDTLS_SSL_EARLY_DATA */ |
| 1870 | |
| Waleed Elmelegy | 049cd30 | 2023-12-20 17:28:31 +0000 | [diff] [blame] | 1871 | #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) |
| 1872 | session->record_size_limit = 2048; |
| 1873 | #endif |
| 1874 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1875 | return 0; |
| 1876 | } |
| 1877 | #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ |
| 1878 | |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 1879 | int mbedtls_test_ssl_exchange_data( |
| 1880 | mbedtls_ssl_context *ssl_1, |
| 1881 | int msg_len_1, const int expected_fragments_1, |
| 1882 | mbedtls_ssl_context *ssl_2, |
| 1883 | int msg_len_2, const int expected_fragments_2) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1884 | { |
| 1885 | unsigned char *msg_buf_1 = malloc(msg_len_1); |
| 1886 | unsigned char *msg_buf_2 = malloc(msg_len_2); |
| 1887 | unsigned char *in_buf_1 = malloc(msg_len_2); |
| 1888 | unsigned char *in_buf_2 = malloc(msg_len_1); |
| 1889 | int msg_type, ret = -1; |
| 1890 | |
| 1891 | /* Perform this test with two message types. At first use a message |
| 1892 | * consisting of only 0x00 for the client and only 0xFF for the server. |
| 1893 | * At the second time use message with generated data */ |
| 1894 | for (msg_type = 0; msg_type < 2; msg_type++) { |
| 1895 | int written_1 = 0; |
| 1896 | int written_2 = 0; |
| 1897 | int read_1 = 0; |
| 1898 | int read_2 = 0; |
| 1899 | int fragments_1 = 0; |
| 1900 | int fragments_2 = 0; |
| 1901 | |
| 1902 | if (msg_type == 0) { |
| 1903 | memset(msg_buf_1, 0x00, msg_len_1); |
| 1904 | memset(msg_buf_2, 0xff, msg_len_2); |
| 1905 | } else { |
| 1906 | int i, j = 0; |
| 1907 | for (i = 0; i < msg_len_1; i++) { |
| 1908 | msg_buf_1[i] = j++ & 0xFF; |
| 1909 | } |
| 1910 | for (i = 0; i < msg_len_2; i++) { |
| 1911 | msg_buf_2[i] = (j -= 5) & 0xFF; |
| 1912 | } |
| 1913 | } |
| 1914 | |
| 1915 | while (read_1 < msg_len_2 || read_2 < msg_len_1) { |
| 1916 | /* ssl_1 sending */ |
| 1917 | if (msg_len_1 > written_1) { |
| 1918 | ret = mbedtls_ssl_write_fragment(ssl_1, msg_buf_1, |
| 1919 | msg_len_1, &written_1, |
| 1920 | expected_fragments_1); |
| 1921 | if (expected_fragments_1 == 0) { |
| 1922 | /* This error is expected when the message is too large and |
| 1923 | * cannot be fragmented */ |
| 1924 | TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); |
| 1925 | msg_len_1 = 0; |
| 1926 | } else { |
| 1927 | TEST_ASSERT(ret == 0); |
| 1928 | } |
| 1929 | } |
| 1930 | |
| 1931 | /* ssl_2 sending */ |
| 1932 | if (msg_len_2 > written_2) { |
| 1933 | ret = mbedtls_ssl_write_fragment(ssl_2, msg_buf_2, |
| 1934 | msg_len_2, &written_2, |
| 1935 | expected_fragments_2); |
| 1936 | if (expected_fragments_2 == 0) { |
| 1937 | /* This error is expected when the message is too large and |
| 1938 | * cannot be fragmented */ |
| 1939 | TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); |
| 1940 | msg_len_2 = 0; |
| 1941 | } else { |
| 1942 | TEST_ASSERT(ret == 0); |
| 1943 | } |
| 1944 | } |
| 1945 | |
| 1946 | /* ssl_1 reading */ |
| 1947 | if (read_1 < msg_len_2) { |
| 1948 | ret = mbedtls_ssl_read_fragment(ssl_1, in_buf_1, |
| 1949 | msg_len_2, &read_1, |
| 1950 | &fragments_2, |
| 1951 | expected_fragments_2); |
| 1952 | TEST_ASSERT(ret == 0); |
| 1953 | } |
| 1954 | |
| 1955 | /* ssl_2 reading */ |
| 1956 | if (read_2 < msg_len_1) { |
| 1957 | ret = mbedtls_ssl_read_fragment(ssl_2, in_buf_2, |
| 1958 | msg_len_1, &read_2, |
| 1959 | &fragments_1, |
| 1960 | expected_fragments_1); |
| 1961 | TEST_ASSERT(ret == 0); |
| 1962 | } |
| 1963 | } |
| 1964 | |
| 1965 | ret = -1; |
| 1966 | TEST_ASSERT(0 == memcmp(msg_buf_1, in_buf_2, msg_len_1)); |
| 1967 | TEST_ASSERT(0 == memcmp(msg_buf_2, in_buf_1, msg_len_2)); |
| 1968 | TEST_ASSERT(fragments_1 == expected_fragments_1); |
| 1969 | TEST_ASSERT(fragments_2 == expected_fragments_2); |
| 1970 | } |
| 1971 | |
| 1972 | ret = 0; |
| 1973 | |
| 1974 | exit: |
| 1975 | free(msg_buf_1); |
| 1976 | free(in_buf_1); |
| 1977 | free(msg_buf_2); |
| 1978 | free(in_buf_2); |
| 1979 | |
| 1980 | return ret; |
| 1981 | } |
| 1982 | |
| 1983 | /* |
| 1984 | * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints |
| 1985 | * must be initialized and connected beforehand. |
| 1986 | * |
| 1987 | * \retval 0 on success, otherwise error code. |
| 1988 | */ |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1989 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \ |
| 1990 | (defined(MBEDTLS_SSL_RENEGOTIATION) || \ |
| 1991 | defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)) |
| 1992 | static int exchange_data(mbedtls_ssl_context *ssl_1, |
| 1993 | mbedtls_ssl_context *ssl_2) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1994 | { |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 1995 | return mbedtls_test_ssl_exchange_data(ssl_1, 256, 1, |
| 1996 | ssl_2, 256, 1); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1997 | } |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1998 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && |
| 1999 | (MBEDTLS_SSL_RENEGOTIATION || |
| 2000 | MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2001 | |
| 2002 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| 2003 | static int check_ssl_version( |
| 2004 | mbedtls_ssl_protocol_version expected_negotiated_version, |
| 2005 | const mbedtls_ssl_context *ssl) |
| 2006 | { |
| 2007 | const char *version_string = mbedtls_ssl_get_version(ssl); |
| 2008 | mbedtls_ssl_protocol_version version_number = |
| 2009 | mbedtls_ssl_get_version_number(ssl); |
| 2010 | |
| 2011 | TEST_EQUAL(ssl->tls_version, expected_negotiated_version); |
| 2012 | |
| 2013 | if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { |
| 2014 | TEST_EQUAL(version_string[0], 'D'); |
| 2015 | ++version_string; |
| 2016 | } |
| 2017 | |
| 2018 | switch (expected_negotiated_version) { |
| 2019 | case MBEDTLS_SSL_VERSION_TLS1_2: |
| 2020 | TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_2); |
| 2021 | TEST_ASSERT(strcmp(version_string, "TLSv1.2") == 0); |
| 2022 | break; |
| 2023 | |
| 2024 | case MBEDTLS_SSL_VERSION_TLS1_3: |
| 2025 | TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_3); |
| 2026 | TEST_ASSERT(strcmp(version_string, "TLSv1.3") == 0); |
| 2027 | break; |
| 2028 | |
| 2029 | default: |
| Agathiyan Bragadeesh | dc28a5a | 2023-07-18 11:45:28 +0100 | [diff] [blame] | 2030 | TEST_FAIL( |
| Agathiyan Bragadeesh | ebb40bc | 2023-07-14 17:28:27 +0100 | [diff] [blame] | 2031 | "Version check not implemented for this protocol version"); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2032 | } |
| 2033 | |
| 2034 | return 1; |
| 2035 | |
| 2036 | exit: |
| 2037 | return 0; |
| 2038 | } |
| 2039 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ |
| 2040 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2041 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| 2042 | void mbedtls_test_ssl_perform_handshake( |
| 2043 | mbedtls_test_handshake_test_options *options) |
| 2044 | { |
| 2045 | /* forced_ciphersuite needs to last until the end of the handshake */ |
| 2046 | int forced_ciphersuite[2]; |
| 2047 | enum { BUFFSIZE = 17000 }; |
| 2048 | mbedtls_test_ssl_endpoint client, server; |
| 2049 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) |
| 2050 | const char *psk_identity = "foo"; |
| 2051 | #endif |
| 2052 | #if defined(MBEDTLS_TIMING_C) |
| 2053 | mbedtls_timing_delay_context timer_client, timer_server; |
| 2054 | #endif |
| 2055 | #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) |
| 2056 | unsigned char *context_buf = NULL; |
| 2057 | size_t context_buf_len; |
| 2058 | #endif |
| 2059 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 2060 | int ret = -1; |
| 2061 | #endif |
| 2062 | int expected_handshake_result = options->expected_handshake_result; |
| 2063 | |
| Manuel Pégourié-Gonnard | 23fc437 | 2023-03-17 13:34:11 +0100 | [diff] [blame] | 2064 | MD_OR_USE_PSA_INIT(); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2065 | mbedtls_platform_zeroize(&client, sizeof(client)); |
| 2066 | mbedtls_platform_zeroize(&server, sizeof(server)); |
| 2067 | mbedtls_test_ssl_message_queue server_queue, client_queue; |
| 2068 | mbedtls_test_message_socket_context server_context, client_context; |
| 2069 | mbedtls_test_message_socket_init(&server_context); |
| 2070 | mbedtls_test_message_socket_init(&client_context); |
| 2071 | |
| Ronald Cron | ec3408d | 2024-01-16 17:50:40 +0100 | [diff] [blame] | 2072 | #if defined(MBEDTLS_DEBUG_C) |
| 2073 | if (options->cli_log_fun || options->srv_log_fun) { |
| 2074 | mbedtls_debug_set_threshold(4); |
| 2075 | } |
| 2076 | #endif |
| 2077 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2078 | /* Client side */ |
| 2079 | if (options->dtls != 0) { |
| 2080 | TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, |
| 2081 | MBEDTLS_SSL_IS_CLIENT, |
| 2082 | options, &client_context, |
| 2083 | &client_queue, |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 2084 | &server_queue) == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2085 | #if defined(MBEDTLS_TIMING_C) |
| 2086 | mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client, |
| 2087 | mbedtls_timing_set_delay, |
| 2088 | mbedtls_timing_get_delay); |
| 2089 | #endif |
| 2090 | } else { |
| 2091 | TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, |
| 2092 | MBEDTLS_SSL_IS_CLIENT, |
| 2093 | options, NULL, NULL, |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 2094 | NULL) == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2095 | } |
| 2096 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2097 | if (strlen(options->cipher) > 0) { |
| 2098 | set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite); |
| 2099 | } |
| 2100 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2101 | /* Server side */ |
| 2102 | if (options->dtls != 0) { |
| 2103 | TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, |
| 2104 | MBEDTLS_SSL_IS_SERVER, |
| 2105 | options, &server_context, |
| 2106 | &server_queue, |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 2107 | &client_queue) == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2108 | #if defined(MBEDTLS_TIMING_C) |
| 2109 | mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, |
| 2110 | mbedtls_timing_set_delay, |
| 2111 | mbedtls_timing_get_delay); |
| 2112 | #endif |
| 2113 | } else { |
| 2114 | TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, |
| 2115 | MBEDTLS_SSL_IS_SERVER, |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 2116 | options, NULL, NULL, |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2117 | NULL) == 0); |
| 2118 | } |
| 2119 | |
| 2120 | mbedtls_ssl_conf_authmode(&server.conf, options->srv_auth_mode); |
| 2121 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2122 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
| 2123 | TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(server.conf), |
| 2124 | (unsigned char) options->mfl) |
| 2125 | == 0); |
| 2126 | TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(client.conf), |
| 2127 | (unsigned char) options->mfl) |
| 2128 | == 0); |
| 2129 | #else |
| 2130 | TEST_ASSERT(MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl); |
| 2131 | #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ |
| 2132 | |
| 2133 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) |
| 2134 | if (options->psk_str != NULL && options->psk_str->len > 0) { |
| 2135 | TEST_ASSERT(mbedtls_ssl_conf_psk( |
| 2136 | &client.conf, options->psk_str->x, |
| 2137 | options->psk_str->len, |
| 2138 | (const unsigned char *) psk_identity, |
| 2139 | strlen(psk_identity)) == 0); |
| 2140 | |
| 2141 | TEST_ASSERT(mbedtls_ssl_conf_psk( |
| 2142 | &server.conf, options->psk_str->x, |
| 2143 | options->psk_str->len, |
| 2144 | (const unsigned char *) psk_identity, |
| 2145 | strlen(psk_identity)) == 0); |
| 2146 | #if defined(MBEDTLS_SSL_SRV_C) |
| 2147 | mbedtls_ssl_conf_psk_cb(&server.conf, psk_dummy_callback, NULL); |
| 2148 | #endif |
| 2149 | } |
| 2150 | #endif |
| 2151 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 2152 | if (options->renegotiate) { |
| 2153 | mbedtls_ssl_conf_renegotiation(&(server.conf), |
| 2154 | MBEDTLS_SSL_RENEGOTIATION_ENABLED); |
| 2155 | mbedtls_ssl_conf_renegotiation(&(client.conf), |
| 2156 | MBEDTLS_SSL_RENEGOTIATION_ENABLED); |
| 2157 | |
| 2158 | mbedtls_ssl_conf_legacy_renegotiation(&(server.conf), |
| 2159 | options->legacy_renegotiation); |
| 2160 | mbedtls_ssl_conf_legacy_renegotiation(&(client.conf), |
| 2161 | options->legacy_renegotiation); |
| 2162 | } |
| 2163 | #endif /* MBEDTLS_SSL_RENEGOTIATION */ |
| 2164 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2165 | TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket), |
| 2166 | &(server.socket), |
| 2167 | BUFFSIZE) == 0); |
| 2168 | |
| 2169 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2170 | if (options->resize_buffers != 0) { |
| 2171 | /* Ensure that the buffer sizes are appropriate before resizes */ |
| 2172 | TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); |
| 2173 | TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); |
| 2174 | TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); |
| 2175 | TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); |
| 2176 | } |
| 2177 | #endif |
| 2178 | |
| 2179 | if (options->expected_negotiated_version == MBEDTLS_SSL_VERSION_UNKNOWN) { |
| 2180 | expected_handshake_result = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; |
| 2181 | } |
| 2182 | |
| 2183 | TEST_ASSERT(mbedtls_test_move_handshake_to_state(&(client.ssl), |
| 2184 | &(server.ssl), |
| 2185 | MBEDTLS_SSL_HANDSHAKE_OVER) |
| 2186 | == expected_handshake_result); |
| 2187 | |
| 2188 | if (expected_handshake_result != 0) { |
| 2189 | /* Connection will have failed by this point, skip to cleanup */ |
| 2190 | goto exit; |
| 2191 | } |
| 2192 | |
| 2193 | TEST_ASSERT(mbedtls_ssl_is_handshake_over(&client.ssl) == 1); |
| 2194 | |
| 2195 | /* Make sure server state is moved to HANDSHAKE_OVER also. */ |
| 2196 | TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(server.ssl), |
| 2197 | &(client.ssl), |
| 2198 | MBEDTLS_SSL_HANDSHAKE_OVER), |
| 2199 | 0); |
| 2200 | |
| 2201 | TEST_ASSERT(mbedtls_ssl_is_handshake_over(&server.ssl) == 1); |
| 2202 | /* Check that both sides have negotiated the expected version. */ |
| 2203 | mbedtls_test_set_step(0); |
| 2204 | if (!check_ssl_version(options->expected_negotiated_version, |
| 2205 | &client.ssl)) { |
| 2206 | goto exit; |
| 2207 | } |
| 2208 | |
| 2209 | mbedtls_test_set_step(1); |
| 2210 | if (!check_ssl_version(options->expected_negotiated_version, |
| 2211 | &server.ssl)) { |
| 2212 | goto exit; |
| 2213 | } |
| 2214 | |
| 2215 | if (options->expected_ciphersuite != 0) { |
| 2216 | TEST_EQUAL(server.ssl.session->ciphersuite, |
| 2217 | options->expected_ciphersuite); |
| 2218 | } |
| 2219 | |
| 2220 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2221 | if (options->resize_buffers != 0) { |
| 2222 | /* A server, when using DTLS, might delay a buffer resize to happen |
| 2223 | * after it receives a message, so we force it. */ |
| 2224 | TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); |
| 2225 | |
| 2226 | TEST_ASSERT(client.ssl.out_buf_len == |
| 2227 | mbedtls_ssl_get_output_buflen(&client.ssl)); |
| 2228 | TEST_ASSERT(client.ssl.in_buf_len == |
| 2229 | mbedtls_ssl_get_input_buflen(&client.ssl)); |
| 2230 | TEST_ASSERT(server.ssl.out_buf_len == |
| 2231 | mbedtls_ssl_get_output_buflen(&server.ssl)); |
| 2232 | TEST_ASSERT(server.ssl.in_buf_len == |
| 2233 | mbedtls_ssl_get_input_buflen(&server.ssl)); |
| 2234 | } |
| 2235 | #endif |
| 2236 | |
| 2237 | if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { |
| 2238 | /* Start data exchanging test */ |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 2239 | TEST_ASSERT(mbedtls_test_ssl_exchange_data( |
| 2240 | &(client.ssl), options->cli_msg_len, |
| 2241 | options->expected_cli_fragments, |
| 2242 | &(server.ssl), options->srv_msg_len, |
| 2243 | options->expected_srv_fragments) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2244 | == 0); |
| 2245 | } |
| 2246 | #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) |
| 2247 | if (options->serialize == 1) { |
| 2248 | TEST_ASSERT(options->dtls == 1); |
| 2249 | |
| 2250 | TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), NULL, |
| 2251 | 0, &context_buf_len) |
| 2252 | == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); |
| 2253 | |
| 2254 | context_buf = mbedtls_calloc(1, context_buf_len); |
| 2255 | TEST_ASSERT(context_buf != NULL); |
| 2256 | |
| 2257 | TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), context_buf, |
| 2258 | context_buf_len, |
| 2259 | &context_buf_len) |
| 2260 | == 0); |
| 2261 | |
| 2262 | mbedtls_ssl_free(&(server.ssl)); |
| 2263 | mbedtls_ssl_init(&(server.ssl)); |
| 2264 | |
| 2265 | TEST_ASSERT(mbedtls_ssl_setup(&(server.ssl), &(server.conf)) == 0); |
| 2266 | |
| 2267 | mbedtls_ssl_set_bio(&(server.ssl), &server_context, |
| 2268 | mbedtls_test_mock_tcp_send_msg, |
| 2269 | mbedtls_test_mock_tcp_recv_msg, |
| 2270 | NULL); |
| 2271 | |
| 2272 | mbedtls_ssl_set_user_data_p(&server.ssl, &server); |
| 2273 | |
| 2274 | #if defined(MBEDTLS_TIMING_C) |
| 2275 | mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, |
| 2276 | mbedtls_timing_set_delay, |
| 2277 | mbedtls_timing_get_delay); |
| 2278 | #endif |
| 2279 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2280 | if (options->resize_buffers != 0) { |
| 2281 | /* Ensure that the buffer sizes are appropriate before resizes */ |
| 2282 | TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); |
| 2283 | TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); |
| 2284 | } |
| 2285 | #endif |
| 2286 | TEST_ASSERT(mbedtls_ssl_context_load(&(server.ssl), context_buf, |
| 2287 | context_buf_len) == 0); |
| 2288 | |
| 2289 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2290 | /* Validate buffer sizes after context deserialization */ |
| 2291 | if (options->resize_buffers != 0) { |
| 2292 | TEST_ASSERT(server.ssl.out_buf_len == |
| 2293 | mbedtls_ssl_get_output_buflen(&server.ssl)); |
| 2294 | TEST_ASSERT(server.ssl.in_buf_len == |
| 2295 | mbedtls_ssl_get_input_buflen(&server.ssl)); |
| 2296 | } |
| 2297 | #endif |
| 2298 | /* Retest writing/reading */ |
| 2299 | if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 2300 | TEST_ASSERT(mbedtls_test_ssl_exchange_data( |
| 2301 | &(client.ssl), options->cli_msg_len, |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2302 | options->expected_cli_fragments, |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 2303 | &(server.ssl), options->srv_msg_len, |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2304 | options->expected_srv_fragments) |
| 2305 | == 0); |
| 2306 | } |
| 2307 | } |
| 2308 | #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ |
| 2309 | |
| 2310 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 2311 | if (options->renegotiate) { |
| 2312 | /* Start test with renegotiation */ |
| 2313 | TEST_ASSERT(server.ssl.renego_status == |
| 2314 | MBEDTLS_SSL_INITIAL_HANDSHAKE); |
| 2315 | TEST_ASSERT(client.ssl.renego_status == |
| 2316 | MBEDTLS_SSL_INITIAL_HANDSHAKE); |
| 2317 | |
| 2318 | /* After calling this function for the server, it only sends a handshake |
| 2319 | * request. All renegotiation should happen during data exchanging */ |
| 2320 | TEST_ASSERT(mbedtls_ssl_renegotiate(&(server.ssl)) == 0); |
| 2321 | TEST_ASSERT(server.ssl.renego_status == |
| 2322 | MBEDTLS_SSL_RENEGOTIATION_PENDING); |
| 2323 | TEST_ASSERT(client.ssl.renego_status == |
| 2324 | MBEDTLS_SSL_INITIAL_HANDSHAKE); |
| 2325 | |
| 2326 | TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); |
| 2327 | TEST_ASSERT(server.ssl.renego_status == |
| 2328 | MBEDTLS_SSL_RENEGOTIATION_DONE); |
| 2329 | TEST_ASSERT(client.ssl.renego_status == |
| 2330 | MBEDTLS_SSL_RENEGOTIATION_DONE); |
| 2331 | |
| 2332 | /* After calling mbedtls_ssl_renegotiate for the client, |
| 2333 | * all renegotiation should happen inside this function. |
| 2334 | * However in this test, we cannot perform simultaneous communication |
| 2335 | * between client and server so this function will return waiting error |
| 2336 | * on the socket. All rest of renegotiation should happen |
| 2337 | * during data exchanging */ |
| 2338 | ret = mbedtls_ssl_renegotiate(&(client.ssl)); |
| 2339 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2340 | if (options->resize_buffers != 0) { |
| 2341 | /* Ensure that the buffer sizes are appropriate before resizes */ |
| 2342 | TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); |
| 2343 | TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); |
| 2344 | } |
| 2345 | #endif |
| 2346 | TEST_ASSERT(ret == 0 || |
| 2347 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 2348 | ret == MBEDTLS_ERR_SSL_WANT_WRITE); |
| 2349 | TEST_ASSERT(server.ssl.renego_status == |
| 2350 | MBEDTLS_SSL_RENEGOTIATION_DONE); |
| 2351 | TEST_ASSERT(client.ssl.renego_status == |
| 2352 | MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS); |
| 2353 | |
| 2354 | TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); |
| 2355 | TEST_ASSERT(server.ssl.renego_status == |
| 2356 | MBEDTLS_SSL_RENEGOTIATION_DONE); |
| 2357 | TEST_ASSERT(client.ssl.renego_status == |
| 2358 | MBEDTLS_SSL_RENEGOTIATION_DONE); |
| 2359 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2360 | /* Validate buffer sizes after renegotiation */ |
| 2361 | if (options->resize_buffers != 0) { |
| 2362 | TEST_ASSERT(client.ssl.out_buf_len == |
| 2363 | mbedtls_ssl_get_output_buflen(&client.ssl)); |
| 2364 | TEST_ASSERT(client.ssl.in_buf_len == |
| 2365 | mbedtls_ssl_get_input_buflen(&client.ssl)); |
| 2366 | TEST_ASSERT(server.ssl.out_buf_len == |
| 2367 | mbedtls_ssl_get_output_buflen(&server.ssl)); |
| 2368 | TEST_ASSERT(server.ssl.in_buf_len == |
| 2369 | mbedtls_ssl_get_input_buflen(&server.ssl)); |
| 2370 | } |
| 2371 | #endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ |
| 2372 | } |
| 2373 | #endif /* MBEDTLS_SSL_RENEGOTIATION */ |
| 2374 | |
| 2375 | TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&client.conf) == &client); |
| 2376 | TEST_ASSERT(mbedtls_ssl_get_user_data_p(&client.ssl) == &client); |
| 2377 | TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&server.conf) == &server); |
| 2378 | TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server.ssl) == &server); |
| 2379 | |
| 2380 | exit: |
| 2381 | mbedtls_test_ssl_endpoint_free(&client, |
| Yanray Wang | af727a2 | 2023-03-13 19:22:36 +0800 | [diff] [blame] | 2382 | options->dtls != 0 ? &client_context : NULL); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2383 | mbedtls_test_ssl_endpoint_free(&server, |
| Yanray Wang | af727a2 | 2023-03-13 19:22:36 +0800 | [diff] [blame] | 2384 | options->dtls != 0 ? &server_context : NULL); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2385 | #if defined(MBEDTLS_DEBUG_C) |
| 2386 | if (options->cli_log_fun || options->srv_log_fun) { |
| 2387 | mbedtls_debug_set_threshold(0); |
| 2388 | } |
| 2389 | #endif |
| 2390 | #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) |
| 2391 | if (context_buf != NULL) { |
| 2392 | mbedtls_free(context_buf); |
| 2393 | } |
| 2394 | #endif |
| Manuel Pégourié-Gonnard | 23fc437 | 2023-03-17 13:34:11 +0100 | [diff] [blame] | 2395 | MD_OR_USE_PSA_DONE(); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2396 | } |
| 2397 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ |
| 2398 | |
| 2399 | #if defined(MBEDTLS_TEST_HOOKS) |
| Yanray Wang | f56181a | 2023-03-16 12:21:33 +0800 | [diff] [blame] | 2400 | int mbedtls_test_tweak_tls13_certificate_msg_vector_len( |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2401 | unsigned char *buf, unsigned char **end, int tweak, |
| 2402 | int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args) |
| 2403 | { |
| 2404 | /* |
| 2405 | * The definition of the tweaks assume that the certificate list contains only |
| 2406 | * one certificate. |
| 2407 | */ |
| 2408 | |
| 2409 | /* |
| 2410 | * struct { |
| 2411 | * opaque cert_data<1..2^24-1>; |
| 2412 | * Extension extensions<0..2^16-1>; |
| 2413 | * } CertificateEntry; |
| 2414 | * |
| 2415 | * struct { |
| 2416 | * opaque certificate_request_context<0..2^8-1>; |
| 2417 | * CertificateEntry certificate_list<0..2^24-1>; |
| 2418 | * } Certificate; |
| 2419 | */ |
| 2420 | unsigned char *p_certificate_request_context_len = buf; |
| 2421 | size_t certificate_request_context_len = buf[0]; |
| 2422 | |
| 2423 | unsigned char *p_certificate_list_len = |
| 2424 | buf + 1 + certificate_request_context_len; |
| 2425 | unsigned char *certificate_list = p_certificate_list_len + 3; |
| 2426 | size_t certificate_list_len = |
| 2427 | MBEDTLS_GET_UINT24_BE(p_certificate_list_len, 0); |
| 2428 | |
| 2429 | unsigned char *p_cert_data_len = certificate_list; |
| 2430 | unsigned char *cert_data = p_cert_data_len + 3; |
| 2431 | size_t cert_data_len = MBEDTLS_GET_UINT24_BE(p_cert_data_len, 0); |
| 2432 | |
| 2433 | unsigned char *p_extensions_len = cert_data + cert_data_len; |
| 2434 | unsigned char *extensions = p_extensions_len + 2; |
| 2435 | size_t extensions_len = MBEDTLS_GET_UINT16_BE(p_extensions_len, 0); |
| 2436 | |
| 2437 | *expected_result = MBEDTLS_ERR_SSL_DECODE_ERROR; |
| 2438 | |
| 2439 | switch (tweak) { |
| 2440 | case 1: |
| 2441 | /* Failure when checking if the certificate request context length |
| 2442 | * and certificate list length can be read |
| 2443 | */ |
| 2444 | *end = buf + 3; |
| 2445 | set_chk_buf_ptr_args(args, buf, *end, 4); |
| 2446 | break; |
| 2447 | |
| 2448 | case 2: |
| 2449 | /* Invalid certificate request context length. |
| 2450 | */ |
| 2451 | *p_certificate_request_context_len = |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 2452 | (unsigned char) certificate_request_context_len + 1; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2453 | reset_chk_buf_ptr_args(args); |
| 2454 | break; |
| 2455 | |
| 2456 | case 3: |
| 2457 | /* Failure when checking if certificate_list data can be read. */ |
| 2458 | MBEDTLS_PUT_UINT24_BE(certificate_list_len + 1, |
| 2459 | p_certificate_list_len, 0); |
| 2460 | set_chk_buf_ptr_args(args, certificate_list, *end, |
| 2461 | certificate_list_len + 1); |
| 2462 | break; |
| 2463 | |
| 2464 | case 4: |
| 2465 | /* Failure when checking if the cert_data length can be read. */ |
| 2466 | MBEDTLS_PUT_UINT24_BE(2, p_certificate_list_len, 0); |
| 2467 | set_chk_buf_ptr_args(args, p_cert_data_len, certificate_list + 2, 3); |
| 2468 | break; |
| 2469 | |
| 2470 | case 5: |
| 2471 | /* Failure when checking if cert_data data can be read. */ |
| 2472 | MBEDTLS_PUT_UINT24_BE(certificate_list_len - 3 + 1, |
| 2473 | p_cert_data_len, 0); |
| 2474 | set_chk_buf_ptr_args(args, cert_data, |
| 2475 | certificate_list + certificate_list_len, |
| 2476 | certificate_list_len - 3 + 1); |
| 2477 | break; |
| 2478 | |
| 2479 | case 6: |
| 2480 | /* Failure when checking if the extensions length can be read. */ |
| 2481 | MBEDTLS_PUT_UINT24_BE(certificate_list_len - extensions_len - 1, |
| 2482 | p_certificate_list_len, 0); |
| 2483 | set_chk_buf_ptr_args( |
| 2484 | args, p_extensions_len, |
| 2485 | certificate_list + certificate_list_len - extensions_len - 1, 2); |
| 2486 | break; |
| 2487 | |
| 2488 | case 7: |
| 2489 | /* Failure when checking if extensions data can be read. */ |
| 2490 | MBEDTLS_PUT_UINT16_BE(extensions_len + 1, p_extensions_len, 0); |
| 2491 | |
| 2492 | set_chk_buf_ptr_args( |
| 2493 | args, extensions, |
| 2494 | certificate_list + certificate_list_len, extensions_len + 1); |
| 2495 | break; |
| 2496 | |
| 2497 | default: |
| 2498 | return -1; |
| 2499 | } |
| 2500 | |
| 2501 | return 0; |
| 2502 | } |
| 2503 | #endif /* MBEDTLS_TEST_HOOKS */ |
| Ronald Cron | 77abfe6 | 2024-01-15 11:17:31 +0100 | [diff] [blame] | 2504 | |
| Ronald Cron | faf026c | 2024-01-31 14:32:06 +0100 | [diff] [blame] | 2505 | /* |
| 2506 | * Functions for tests based on tickets. Implementations of the |
| 2507 | * write/parse ticket interfaces as defined by mbedtls_ssl_ticket_write/parse_t. |
| 2508 | * Basically same implementations as in ticket.c without the encryption. That |
| 2509 | * way we can tweak easily tickets characteristics to simulate misbehaving |
| 2510 | * peers. |
| 2511 | */ |
| Ronald Cron | 77abfe6 | 2024-01-15 11:17:31 +0100 | [diff] [blame] | 2512 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| 2513 | int mbedtls_test_ticket_write( |
| 2514 | void *p_ticket, const mbedtls_ssl_session *session, |
| 2515 | unsigned char *start, const unsigned char *end, |
| 2516 | size_t *tlen, uint32_t *lifetime) |
| 2517 | { |
| 2518 | int ret; |
| 2519 | ((void) p_ticket); |
| 2520 | |
| 2521 | if ((ret = mbedtls_ssl_session_save(session, start, end - start, |
| 2522 | tlen)) != 0) { |
| 2523 | return ret; |
| 2524 | } |
| 2525 | |
| 2526 | /* Maximum ticket lifetime as defined in RFC 8446 */ |
| 2527 | *lifetime = 7 * 24 * 3600; |
| 2528 | |
| 2529 | return 0; |
| 2530 | } |
| 2531 | |
| 2532 | int mbedtls_test_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, |
| 2533 | unsigned char *buf, size_t len) |
| 2534 | { |
| 2535 | ((void) p_ticket); |
| 2536 | |
| 2537 | return mbedtls_ssl_session_load(session, buf, len); |
| 2538 | } |
| 2539 | #endif /* MBEDTLS_SSL_SESSION_TICKETS */ |
| Ronald Cron | 1f6e4e4 | 2024-01-26 16:31:33 +0100 | [diff] [blame] | 2540 | |
| 2541 | #if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SRV_C) && \ |
| 2542 | defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) && \ |
| 2543 | defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| 2544 | int mbedtls_test_get_tls13_ticket( |
| 2545 | mbedtls_test_handshake_test_options *client_options, |
| 2546 | mbedtls_test_handshake_test_options *server_options, |
| 2547 | mbedtls_ssl_session *session) |
| 2548 | { |
| 2549 | int ret = -1; |
| 2550 | unsigned char buf[64]; |
| 2551 | mbedtls_test_ssl_endpoint client_ep, server_ep; |
| 2552 | |
| 2553 | mbedtls_platform_zeroize(&client_ep, sizeof(client_ep)); |
| 2554 | mbedtls_platform_zeroize(&server_ep, sizeof(server_ep)); |
| 2555 | |
| 2556 | ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, |
| 2557 | client_options, NULL, NULL, NULL); |
| 2558 | TEST_EQUAL(ret, 0); |
| 2559 | |
| 2560 | ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, |
| 2561 | server_options, NULL, NULL, NULL); |
| 2562 | TEST_EQUAL(ret, 0); |
| 2563 | |
| Ronald Cron | 9f44c88 | 2024-08-28 16:44:10 +0200 | [diff] [blame] | 2564 | mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets( |
| 2565 | &client_ep.conf, MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED); |
| Ronald Cron | 23303a4 | 2024-08-27 09:27:28 +0200 | [diff] [blame] | 2566 | |
| Ronald Cron | 1f6e4e4 | 2024-01-26 16:31:33 +0100 | [diff] [blame] | 2567 | mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf, |
| 2568 | mbedtls_test_ticket_write, |
| 2569 | mbedtls_test_ticket_parse, |
| 2570 | NULL); |
| 2571 | |
| 2572 | ret = mbedtls_test_mock_socket_connect(&(client_ep.socket), |
| 2573 | &(server_ep.socket), 1024); |
| 2574 | TEST_EQUAL(ret, 0); |
| 2575 | |
| 2576 | TEST_EQUAL(mbedtls_test_move_handshake_to_state( |
| 2577 | &(server_ep.ssl), &(client_ep.ssl), |
| 2578 | MBEDTLS_SSL_HANDSHAKE_OVER), 0); |
| 2579 | |
| 2580 | TEST_EQUAL(server_ep.ssl.handshake->new_session_tickets_count, 0); |
| 2581 | |
| 2582 | do { |
| 2583 | ret = mbedtls_ssl_read(&(client_ep.ssl), buf, sizeof(buf)); |
| 2584 | } while (ret != MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET); |
| 2585 | |
| 2586 | ret = mbedtls_ssl_get_session(&(client_ep.ssl), session); |
| 2587 | TEST_EQUAL(ret, 0); |
| 2588 | |
| 2589 | exit: |
| 2590 | mbedtls_test_ssl_endpoint_free(&client_ep, NULL); |
| 2591 | mbedtls_test_ssl_endpoint_free(&server_ep, NULL); |
| 2592 | |
| 2593 | return ret; |
| 2594 | } |
| 2595 | #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_SRV_C && |
| 2596 | MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS && |
| 2597 | MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ |
| 2598 | |
| Yanray Wang | 4d07d1c | 2022-10-27 15:28:16 +0800 | [diff] [blame] | 2599 | #endif /* MBEDTLS_SSL_TLS_C */ |