| Yanray Wang | 47907a4 | 2022-10-24 14:42:01 +0800 | [diff] [blame] | 1 | /** \file ssl_helpers.c |
| 2 | * |
| 3 | * \brief Helper functions to set up a TLS connection. |
| 4 | */ |
| 5 | |
| 6 | /* |
| 7 | * Copyright The Mbed TLS Contributors |
| Dave Rodgman | 16799db | 2023-11-02 19:47:20 +0000 | [diff] [blame] | 8 | * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later |
| Yanray Wang | 47907a4 | 2022-10-24 14:42:01 +0800 | [diff] [blame] | 9 | */ |
| 10 | |
| 11 | #include <test/ssl_helpers.h> |
| Valerio Setti | 384fbde | 2024-01-02 13:26:40 +0100 | [diff] [blame] | 12 | #include "mbedtls/psa_util.h" |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 13 | |
| Yanray Wang | 4d07d1c | 2022-10-27 15:28:16 +0800 | [diff] [blame] | 14 | #if defined(MBEDTLS_SSL_TLS_C) |
| Ronald Cron | 10b040f | 2024-02-05 09:38:09 +0100 | [diff] [blame] | 15 | int mbedtls_test_random(void *p_rng, unsigned char *output, size_t output_len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 16 | { |
| 17 | (void) p_rng; |
| 18 | for (size_t i = 0; i < output_len; i++) { |
| 19 | output[i] = rand(); |
| 20 | } |
| 21 | |
| 22 | return 0; |
| 23 | } |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 24 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 25 | void mbedtls_test_ssl_log_analyzer(void *ctx, int level, |
| 26 | const char *file, int line, |
| 27 | const char *str) |
| 28 | { |
| 29 | mbedtls_test_ssl_log_pattern *p = (mbedtls_test_ssl_log_pattern *) ctx; |
| 30 | |
| Manuel Pégourié-Gonnard | 6637ef7 | 2025-02-11 13:19:45 +0100 | [diff] [blame] | 31 | /* Change 0 to 1 for debugging of test cases that use this function. */ |
| 32 | #if 0 |
| 33 | const char *q, *basename; |
| 34 | /* Extract basename from file */ |
| 35 | for (q = basename = file; *q != '\0'; q++) { |
| 36 | if (*q == '/' || *q == '\\') { |
| 37 | basename = q + 1; |
| 38 | } |
| 39 | } |
| 40 | printf("%s:%04d: |%d| %s", |
| 41 | basename, line, level, str); |
| 42 | #else |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 43 | (void) level; |
| 44 | (void) line; |
| 45 | (void) file; |
| Manuel Pégourié-Gonnard | 6637ef7 | 2025-02-11 13:19:45 +0100 | [diff] [blame] | 46 | #endif |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 47 | |
| 48 | if (NULL != p && |
| 49 | NULL != p->pattern && |
| 50 | NULL != strstr(str, p->pattern)) { |
| 51 | p->counter++; |
| 52 | } |
| 53 | } |
| 54 | |
| 55 | void mbedtls_test_init_handshake_options( |
| 56 | mbedtls_test_handshake_test_options *opts) |
| 57 | { |
| 58 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| Ronald Cron | 987cf89 | 2024-03-04 10:24:27 +0100 | [diff] [blame] | 59 | static int rng_seed = 0xBEEF; |
| Yanray Wang | a72bc9a | 2023-12-01 23:34:27 +0800 | [diff] [blame] | 60 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 61 | srand(rng_seed); |
| 62 | rng_seed += 0xD0; |
| 63 | #endif |
| Ronald Cron | b4ad3e7 | 2024-01-26 14:57:53 +0100 | [diff] [blame] | 64 | |
| 65 | memset(opts, 0, sizeof(*opts)); |
| 66 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 67 | opts->cipher = ""; |
| 68 | opts->client_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; |
| 69 | opts->client_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; |
| 70 | opts->server_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; |
| 71 | opts->server_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; |
| Ronald Cron | 097ba14 | 2023-03-08 16:18:00 +0100 | [diff] [blame] | 72 | opts->expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_3; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 73 | opts->pk_alg = MBEDTLS_PK_RSA; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 74 | opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 75 | opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE; |
| 76 | opts->cli_msg_len = 100; |
| 77 | opts->srv_msg_len = 100; |
| 78 | opts->expected_cli_fragments = 1; |
| 79 | opts->expected_srv_fragments = 1; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 80 | opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 81 | opts->resize_buffers = 1; |
| Ronald Cron | ced99be | 2024-01-26 15:49:12 +0100 | [diff] [blame] | 82 | opts->early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED; |
| Ronald Cron | 5d3036e | 2024-02-23 07:43:45 +0100 | [diff] [blame] | 83 | opts->max_early_data_size = -1; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 84 | #if defined(MBEDTLS_SSL_CACHE_C) |
| Tom Cosgrove | 05b2a87 | 2023-07-21 11:31:13 +0100 | [diff] [blame] | 85 | TEST_CALLOC(opts->cache, 1); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 86 | mbedtls_ssl_cache_init(opts->cache); |
| Pengyu Lv | 5cbb93e | 2023-07-10 11:09:40 +0800 | [diff] [blame] | 87 | #if defined(MBEDTLS_HAVE_TIME) |
| 88 | TEST_EQUAL(mbedtls_ssl_cache_get_timeout(opts->cache), |
| 89 | MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT); |
| 90 | #endif |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 91 | exit: |
| 92 | return; |
| 93 | #endif |
| 94 | } |
| 95 | |
| 96 | void mbedtls_test_free_handshake_options( |
| 97 | mbedtls_test_handshake_test_options *opts) |
| 98 | { |
| 99 | #if defined(MBEDTLS_SSL_CACHE_C) |
| 100 | mbedtls_ssl_cache_free(opts->cache); |
| 101 | mbedtls_free(opts->cache); |
| 102 | #else |
| 103 | (void) opts; |
| 104 | #endif |
| 105 | } |
| 106 | |
| 107 | #if defined(MBEDTLS_TEST_HOOKS) |
| 108 | static void set_chk_buf_ptr_args( |
| 109 | mbedtls_ssl_chk_buf_ptr_args *args, |
| 110 | unsigned char *cur, unsigned char *end, size_t need) |
| 111 | { |
| 112 | args->cur = cur; |
| 113 | args->end = end; |
| 114 | args->need = need; |
| 115 | } |
| 116 | |
| 117 | static void reset_chk_buf_ptr_args(mbedtls_ssl_chk_buf_ptr_args *args) |
| 118 | { |
| 119 | memset(args, 0, sizeof(*args)); |
| 120 | } |
| 121 | #endif /* MBEDTLS_TEST_HOOKS */ |
| 122 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 123 | void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf) |
| 124 | { |
| 125 | memset(buf, 0, sizeof(*buf)); |
| 126 | } |
| 127 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 128 | int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, |
| 129 | size_t capacity) |
| 130 | { |
| 131 | buf->buffer = (unsigned char *) mbedtls_calloc(capacity, |
| 132 | sizeof(unsigned char)); |
| 133 | if (NULL == buf->buffer) { |
| 134 | return MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 135 | } |
| 136 | buf->capacity = capacity; |
| 137 | |
| 138 | return 0; |
| 139 | } |
| 140 | |
| 141 | void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf) |
| 142 | { |
| 143 | if (buf->buffer != NULL) { |
| 144 | mbedtls_free(buf->buffer); |
| 145 | } |
| 146 | |
| 147 | memset(buf, 0, sizeof(*buf)); |
| 148 | } |
| 149 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 150 | int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf, |
| 151 | const unsigned char *input, size_t input_len) |
| 152 | { |
| 153 | size_t overflow = 0; |
| 154 | |
| 155 | if ((buf == NULL) || (buf->buffer == NULL)) { |
| 156 | return -1; |
| 157 | } |
| 158 | |
| 159 | /* Reduce input_len to a number that fits in the buffer. */ |
| 160 | if ((buf->content_length + input_len) > buf->capacity) { |
| 161 | input_len = buf->capacity - buf->content_length; |
| 162 | } |
| 163 | |
| 164 | if (input == NULL) { |
| 165 | return (input_len == 0) ? 0 : -1; |
| 166 | } |
| 167 | |
| 168 | /* Check if the buffer has not come full circle and free space is not in |
| 169 | * the middle */ |
| 170 | if (buf->start + buf->content_length < buf->capacity) { |
| 171 | |
| 172 | /* Calculate the number of bytes that need to be placed at lower memory |
| 173 | * address */ |
| 174 | if (buf->start + buf->content_length + input_len |
| 175 | > buf->capacity) { |
| 176 | overflow = (buf->start + buf->content_length + input_len) |
| 177 | % buf->capacity; |
| 178 | } |
| 179 | |
| 180 | memcpy(buf->buffer + buf->start + buf->content_length, input, |
| 181 | input_len - overflow); |
| 182 | memcpy(buf->buffer, input + input_len - overflow, overflow); |
| 183 | |
| 184 | } else { |
| 185 | /* The buffer has come full circle and free space is in the middle */ |
| 186 | memcpy(buf->buffer + buf->start + buf->content_length - buf->capacity, |
| 187 | input, input_len); |
| 188 | } |
| 189 | |
| 190 | buf->content_length += input_len; |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 191 | return (input_len > INT_MAX) ? INT_MAX : (int) input_len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 192 | } |
| 193 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 194 | int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf, |
| 195 | unsigned char *output, size_t output_len) |
| 196 | { |
| 197 | size_t overflow = 0; |
| 198 | |
| 199 | if ((buf == NULL) || (buf->buffer == NULL)) { |
| 200 | return -1; |
| 201 | } |
| 202 | |
| 203 | if (output == NULL && output_len == 0) { |
| 204 | return 0; |
| 205 | } |
| 206 | |
| 207 | if (buf->content_length < output_len) { |
| 208 | output_len = buf->content_length; |
| 209 | } |
| 210 | |
| 211 | /* Calculate the number of bytes that need to be drawn from lower memory |
| 212 | * address */ |
| 213 | if (buf->start + output_len > buf->capacity) { |
| 214 | overflow = (buf->start + output_len) % buf->capacity; |
| 215 | } |
| 216 | |
| 217 | if (output != NULL) { |
| 218 | memcpy(output, buf->buffer + buf->start, output_len - overflow); |
| 219 | memcpy(output + output_len - overflow, buf->buffer, overflow); |
| 220 | } |
| 221 | |
| 222 | buf->content_length -= output_len; |
| 223 | buf->start = (buf->start + output_len) % buf->capacity; |
| 224 | |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 225 | return (output_len > INT_MAX) ? INT_MAX : (int) output_len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 226 | } |
| 227 | |
| Yanray Wang | d19894f | 2023-03-16 11:47:39 +0800 | [diff] [blame] | 228 | int mbedtls_test_ssl_message_queue_setup( |
| 229 | mbedtls_test_ssl_message_queue *queue, size_t capacity) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 230 | { |
| 231 | queue->messages = (size_t *) mbedtls_calloc(capacity, sizeof(size_t)); |
| 232 | if (NULL == queue->messages) { |
| 233 | return MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 234 | } |
| 235 | |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 236 | queue->capacity = (capacity > INT_MAX) ? INT_MAX : (int) capacity; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 237 | queue->pos = 0; |
| 238 | queue->num = 0; |
| 239 | |
| 240 | return 0; |
| 241 | } |
| 242 | |
| Yanray Wang | d19894f | 2023-03-16 11:47:39 +0800 | [diff] [blame] | 243 | void mbedtls_test_ssl_message_queue_free( |
| 244 | mbedtls_test_ssl_message_queue *queue) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 245 | { |
| 246 | if (queue == NULL) { |
| 247 | return; |
| 248 | } |
| 249 | |
| 250 | if (queue->messages != NULL) { |
| 251 | mbedtls_free(queue->messages); |
| 252 | } |
| 253 | |
| 254 | memset(queue, 0, sizeof(*queue)); |
| 255 | } |
| 256 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 257 | int mbedtls_test_ssl_message_queue_push_info( |
| 258 | mbedtls_test_ssl_message_queue *queue, size_t len) |
| 259 | { |
| 260 | int place; |
| 261 | if (queue == NULL) { |
| 262 | return MBEDTLS_TEST_ERROR_ARG_NULL; |
| 263 | } |
| 264 | |
| 265 | if (queue->num >= queue->capacity) { |
| 266 | return MBEDTLS_ERR_SSL_WANT_WRITE; |
| 267 | } |
| 268 | |
| 269 | place = (queue->pos + queue->num) % queue->capacity; |
| 270 | queue->messages[place] = len; |
| 271 | queue->num++; |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 272 | return (len > INT_MAX) ? INT_MAX : (int) len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 273 | } |
| 274 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 275 | int mbedtls_test_ssl_message_queue_pop_info( |
| 276 | mbedtls_test_ssl_message_queue *queue, size_t buf_len) |
| 277 | { |
| 278 | size_t message_length; |
| 279 | if (queue == NULL) { |
| 280 | return MBEDTLS_TEST_ERROR_ARG_NULL; |
| 281 | } |
| 282 | if (queue->num == 0) { |
| 283 | return MBEDTLS_ERR_SSL_WANT_READ; |
| 284 | } |
| 285 | |
| 286 | message_length = queue->messages[queue->pos]; |
| 287 | queue->messages[queue->pos] = 0; |
| 288 | queue->num--; |
| 289 | queue->pos++; |
| 290 | queue->pos %= queue->capacity; |
| 291 | if (queue->pos < 0) { |
| 292 | queue->pos += queue->capacity; |
| 293 | } |
| 294 | |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 295 | return (message_length > INT_MAX && buf_len > INT_MAX) ? INT_MAX : |
| 296 | (message_length > buf_len) ? (int) buf_len : (int) message_length; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 297 | } |
| 298 | |
| 299 | /* |
| 300 | * Take a peek on the info about the next message length from the queue. |
| 301 | * This will be the oldest inserted message length(fifo). |
| 302 | * |
| 303 | * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. |
| 304 | * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. |
| 305 | * \retval 0, if the peek was successful. |
| 306 | * \retval MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is |
| 307 | * too small to fit the message. In this case the \p msg_len will be |
| 308 | * set to the full message length so that the |
| 309 | * caller knows what portion of the message can be dropped. |
| 310 | */ |
| Yanray Wang | 5e22a92 | 2023-03-16 14:57:54 +0800 | [diff] [blame] | 311 | static int test_ssl_message_queue_peek_info( |
| 312 | mbedtls_test_ssl_message_queue *queue, |
| 313 | size_t buf_len, size_t *msg_len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 314 | { |
| 315 | if (queue == NULL || msg_len == NULL) { |
| 316 | return MBEDTLS_TEST_ERROR_ARG_NULL; |
| 317 | } |
| 318 | if (queue->num == 0) { |
| 319 | return MBEDTLS_ERR_SSL_WANT_READ; |
| 320 | } |
| 321 | |
| 322 | *msg_len = queue->messages[queue->pos]; |
| 323 | return (*msg_len > buf_len) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0; |
| 324 | } |
| 325 | |
| Yanray Wang | 5f86a42 | 2023-03-15 16:02:29 +0800 | [diff] [blame] | 326 | void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 327 | { |
| 328 | memset(socket, 0, sizeof(*socket)); |
| 329 | } |
| 330 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 331 | void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket) |
| 332 | { |
| 333 | if (socket == NULL) { |
| 334 | return; |
| 335 | } |
| 336 | |
| 337 | if (socket->input != NULL) { |
| 338 | mbedtls_test_ssl_buffer_free(socket->input); |
| 339 | mbedtls_free(socket->input); |
| 340 | } |
| 341 | |
| 342 | if (socket->output != NULL) { |
| 343 | mbedtls_test_ssl_buffer_free(socket->output); |
| 344 | mbedtls_free(socket->output); |
| 345 | } |
| 346 | |
| 347 | if (socket->peer != NULL) { |
| 348 | memset(socket->peer, 0, sizeof(*socket->peer)); |
| 349 | } |
| 350 | |
| 351 | memset(socket, 0, sizeof(*socket)); |
| 352 | } |
| 353 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 354 | int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1, |
| 355 | mbedtls_test_mock_socket *peer2, |
| 356 | size_t bufsize) |
| 357 | { |
| 358 | int ret = -1; |
| 359 | |
| 360 | peer1->output = |
| 361 | (mbedtls_test_ssl_buffer *) mbedtls_calloc( |
| 362 | 1, sizeof(mbedtls_test_ssl_buffer)); |
| 363 | if (peer1->output == NULL) { |
| 364 | ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 365 | goto exit; |
| 366 | } |
| 367 | mbedtls_test_ssl_buffer_init(peer1->output); |
| 368 | if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer1->output, bufsize))) { |
| 369 | goto exit; |
| 370 | } |
| 371 | |
| 372 | peer2->output = |
| 373 | (mbedtls_test_ssl_buffer *) mbedtls_calloc( |
| 374 | 1, sizeof(mbedtls_test_ssl_buffer)); |
| 375 | if (peer2->output == NULL) { |
| 376 | ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; |
| 377 | goto exit; |
| 378 | } |
| 379 | mbedtls_test_ssl_buffer_init(peer2->output); |
| 380 | if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer2->output, bufsize))) { |
| 381 | goto exit; |
| 382 | } |
| 383 | |
| 384 | peer1->peer = peer2; |
| 385 | peer2->peer = peer1; |
| 386 | peer1->input = peer2->output; |
| 387 | peer2->input = peer1->output; |
| 388 | |
| 389 | peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED; |
| 390 | ret = 0; |
| 391 | |
| 392 | exit: |
| 393 | |
| 394 | if (ret != 0) { |
| 395 | mbedtls_test_mock_socket_close(peer1); |
| 396 | mbedtls_test_mock_socket_close(peer2); |
| 397 | } |
| 398 | |
| 399 | return ret; |
| 400 | } |
| 401 | |
| Yanray Wang | af727a2 | 2023-03-13 19:22:36 +0800 | [diff] [blame] | 402 | int mbedtls_test_mock_tcp_send_b(void *ctx, |
| 403 | const unsigned char *buf, size_t len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 404 | { |
| 405 | mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; |
| 406 | |
| 407 | if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { |
| 408 | return -1; |
| 409 | } |
| 410 | |
| 411 | return mbedtls_test_ssl_buffer_put(socket->output, buf, len); |
| 412 | } |
| 413 | |
| 414 | int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len) |
| 415 | { |
| 416 | mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; |
| 417 | |
| 418 | if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { |
| 419 | return -1; |
| 420 | } |
| 421 | |
| 422 | return mbedtls_test_ssl_buffer_get(socket->input, buf, len); |
| 423 | } |
| 424 | |
| Yanray Wang | 3463435 | 2023-02-14 17:56:51 +0800 | [diff] [blame] | 425 | int mbedtls_test_mock_tcp_send_nb(void *ctx, |
| 426 | const unsigned char *buf, size_t len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 427 | { |
| 428 | mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; |
| 429 | |
| 430 | if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { |
| 431 | return -1; |
| 432 | } |
| 433 | |
| 434 | if (socket->output->capacity == socket->output->content_length) { |
| 435 | return MBEDTLS_ERR_SSL_WANT_WRITE; |
| 436 | } |
| 437 | |
| 438 | return mbedtls_test_ssl_buffer_put(socket->output, buf, len); |
| 439 | } |
| 440 | |
| 441 | int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len) |
| 442 | { |
| 443 | mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; |
| 444 | |
| 445 | if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { |
| 446 | return -1; |
| 447 | } |
| 448 | |
| 449 | if (socket->input->content_length == 0) { |
| 450 | return MBEDTLS_ERR_SSL_WANT_READ; |
| 451 | } |
| 452 | |
| 453 | return mbedtls_test_ssl_buffer_get(socket->input, buf, len); |
| 454 | } |
| 455 | |
| Yanray Wang | d19894f | 2023-03-16 11:47:39 +0800 | [diff] [blame] | 456 | void mbedtls_test_message_socket_init( |
| 457 | mbedtls_test_message_socket_context *ctx) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 458 | { |
| 459 | ctx->queue_input = NULL; |
| 460 | ctx->queue_output = NULL; |
| 461 | ctx->socket = NULL; |
| 462 | } |
| 463 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 464 | int mbedtls_test_message_socket_setup( |
| 465 | mbedtls_test_ssl_message_queue *queue_input, |
| 466 | mbedtls_test_ssl_message_queue *queue_output, |
| 467 | size_t queue_capacity, |
| 468 | mbedtls_test_mock_socket *socket, |
| 469 | mbedtls_test_message_socket_context *ctx) |
| 470 | { |
| 471 | int ret = mbedtls_test_ssl_message_queue_setup(queue_input, queue_capacity); |
| 472 | if (ret != 0) { |
| 473 | return ret; |
| 474 | } |
| 475 | ctx->queue_input = queue_input; |
| 476 | ctx->queue_output = queue_output; |
| 477 | ctx->socket = socket; |
| Yanray Wang | 5f86a42 | 2023-03-15 16:02:29 +0800 | [diff] [blame] | 478 | mbedtls_test_mock_socket_init(socket); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 479 | |
| 480 | return 0; |
| 481 | } |
| 482 | |
| Yanray Wang | d19894f | 2023-03-16 11:47:39 +0800 | [diff] [blame] | 483 | void mbedtls_test_message_socket_close( |
| 484 | mbedtls_test_message_socket_context *ctx) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 485 | { |
| 486 | if (ctx == NULL) { |
| 487 | return; |
| 488 | } |
| 489 | |
| 490 | mbedtls_test_ssl_message_queue_free(ctx->queue_input); |
| 491 | mbedtls_test_mock_socket_close(ctx->socket); |
| 492 | memset(ctx, 0, sizeof(*ctx)); |
| 493 | } |
| 494 | |
| Yanray Wang | 3463435 | 2023-02-14 17:56:51 +0800 | [diff] [blame] | 495 | int mbedtls_test_mock_tcp_send_msg(void *ctx, |
| 496 | const unsigned char *buf, size_t len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 497 | { |
| 498 | mbedtls_test_ssl_message_queue *queue; |
| 499 | mbedtls_test_mock_socket *socket; |
| 500 | mbedtls_test_message_socket_context *context = |
| 501 | (mbedtls_test_message_socket_context *) ctx; |
| 502 | |
| 503 | if (context == NULL || context->socket == NULL |
| 504 | || context->queue_output == NULL) { |
| 505 | return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; |
| 506 | } |
| 507 | |
| 508 | queue = context->queue_output; |
| 509 | socket = context->socket; |
| 510 | |
| 511 | if (queue->num >= queue->capacity) { |
| 512 | return MBEDTLS_ERR_SSL_WANT_WRITE; |
| 513 | } |
| 514 | |
| 515 | if (mbedtls_test_mock_tcp_send_b(socket, buf, len) != (int) len) { |
| 516 | return MBEDTLS_TEST_ERROR_SEND_FAILED; |
| 517 | } |
| 518 | |
| 519 | return mbedtls_test_ssl_message_queue_push_info(queue, len); |
| 520 | } |
| 521 | |
| Yanray Wang | 3463435 | 2023-02-14 17:56:51 +0800 | [diff] [blame] | 522 | int mbedtls_test_mock_tcp_recv_msg(void *ctx, |
| 523 | unsigned char *buf, size_t buf_len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 524 | { |
| 525 | mbedtls_test_ssl_message_queue *queue; |
| 526 | mbedtls_test_mock_socket *socket; |
| 527 | mbedtls_test_message_socket_context *context = |
| 528 | (mbedtls_test_message_socket_context *) ctx; |
| 529 | size_t drop_len = 0; |
| 530 | size_t msg_len; |
| 531 | int ret; |
| 532 | |
| 533 | if (context == NULL || context->socket == NULL |
| 534 | || context->queue_input == NULL) { |
| 535 | return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; |
| 536 | } |
| 537 | |
| 538 | queue = context->queue_input; |
| 539 | socket = context->socket; |
| 540 | |
| 541 | /* Peek first, so that in case of a socket error the data remains in |
| 542 | * the queue. */ |
| Yanray Wang | 5e22a92 | 2023-03-16 14:57:54 +0800 | [diff] [blame] | 543 | ret = test_ssl_message_queue_peek_info(queue, buf_len, &msg_len); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 544 | if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { |
| 545 | /* Calculate how much to drop */ |
| 546 | drop_len = msg_len - buf_len; |
| 547 | |
| 548 | /* Set the requested message len to be buffer length */ |
| 549 | msg_len = buf_len; |
| 550 | } else if (ret != 0) { |
| 551 | return ret; |
| 552 | } |
| 553 | |
| 554 | if (mbedtls_test_mock_tcp_recv_b(socket, buf, msg_len) != (int) msg_len) { |
| 555 | return MBEDTLS_TEST_ERROR_RECV_FAILED; |
| 556 | } |
| 557 | |
| 558 | if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { |
| 559 | /* Drop the remaining part of the message */ |
| Yanray Wang | af727a2 | 2023-03-13 19:22:36 +0800 | [diff] [blame] | 560 | if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len) != |
| 561 | (int) drop_len) { |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 562 | /* Inconsistent state - part of the message was read, |
| 563 | * and a part couldn't. Not much we can do here, but it should not |
| 564 | * happen in test environment, unless forced manually. */ |
| 565 | } |
| 566 | } |
| Tomás González | a9b90de | 2024-02-01 11:12:20 +0000 | [diff] [blame] | 567 | ret = mbedtls_test_ssl_message_queue_pop_info(queue, buf_len); |
| 568 | if (ret < 0) { |
| 569 | return ret; |
| 570 | } |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 571 | |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 572 | return (msg_len > INT_MAX) ? INT_MAX : (int) msg_len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 573 | } |
| 574 | |
| 575 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| 576 | |
| 577 | /* |
| 578 | * Deinitializes certificates from endpoint represented by \p ep. |
| 579 | */ |
| Yanray Wang | f6f7190 | 2023-03-15 16:05:14 +0800 | [diff] [blame] | 580 | static void test_ssl_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 581 | { |
| 582 | mbedtls_test_ssl_endpoint_certificate *cert = &(ep->cert); |
| 583 | if (cert != NULL) { |
| 584 | if (cert->ca_cert != NULL) { |
| 585 | mbedtls_x509_crt_free(cert->ca_cert); |
| 586 | mbedtls_free(cert->ca_cert); |
| 587 | cert->ca_cert = NULL; |
| 588 | } |
| 589 | if (cert->cert != NULL) { |
| 590 | mbedtls_x509_crt_free(cert->cert); |
| 591 | mbedtls_free(cert->cert); |
| 592 | cert->cert = NULL; |
| 593 | } |
| 594 | if (cert->pkey != NULL) { |
| 595 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 596 | if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) { |
| Valerio Setti | 4f387ef | 2023-05-02 14:15:59 +0200 | [diff] [blame] | 597 | psa_destroy_key(cert->pkey->priv_id); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 598 | } |
| 599 | #endif |
| 600 | mbedtls_pk_free(cert->pkey); |
| 601 | mbedtls_free(cert->pkey); |
| 602 | cert->pkey = NULL; |
| 603 | } |
| 604 | } |
| 605 | } |
| 606 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 607 | int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, |
| 608 | int pk_alg, |
| 609 | int opaque_alg, int opaque_alg2, |
| 610 | int opaque_usage) |
| 611 | { |
| 612 | int i = 0; |
| 613 | int ret = -1; |
| 614 | mbedtls_test_ssl_endpoint_certificate *cert = NULL; |
| 615 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 616 | mbedtls_svc_key_id_t key_slot = MBEDTLS_SVC_KEY_ID_INIT; |
| 617 | #endif |
| 618 | |
| 619 | if (ep == NULL) { |
| 620 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
| 621 | } |
| 622 | |
| 623 | cert = &(ep->cert); |
| Tom Cosgrove | 05b2a87 | 2023-07-21 11:31:13 +0100 | [diff] [blame] | 624 | TEST_CALLOC(cert->ca_cert, 1); |
| 625 | TEST_CALLOC(cert->cert, 1); |
| 626 | TEST_CALLOC(cert->pkey, 1); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 627 | |
| 628 | mbedtls_x509_crt_init(cert->ca_cert); |
| 629 | mbedtls_x509_crt_init(cert->cert); |
| 630 | mbedtls_pk_init(cert->pkey); |
| 631 | |
| 632 | /* Load the trusted CA */ |
| 633 | |
| 634 | for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { |
| 635 | ret = mbedtls_x509_crt_parse_der( |
| 636 | cert->ca_cert, |
| 637 | (const unsigned char *) mbedtls_test_cas_der[i], |
| 638 | mbedtls_test_cas_der_len[i]); |
| 639 | TEST_ASSERT(ret == 0); |
| 640 | } |
| 641 | |
| 642 | /* Load own certificate and private key */ |
| 643 | |
| 644 | if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) { |
| 645 | if (pk_alg == MBEDTLS_PK_RSA) { |
| 646 | ret = mbedtls_x509_crt_parse( |
| 647 | cert->cert, |
| 648 | (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der, |
| 649 | mbedtls_test_srv_crt_rsa_sha256_der_len); |
| 650 | TEST_ASSERT(ret == 0); |
| 651 | |
| 652 | ret = mbedtls_pk_parse_key( |
| 653 | cert->pkey, |
| 654 | (const unsigned char *) mbedtls_test_srv_key_rsa_der, |
| Ben Taylor | 440cb2a | 2025-03-05 09:40:08 +0000 | [diff] [blame^] | 655 | mbedtls_test_srv_key_rsa_der_len, NULL, 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 656 | TEST_ASSERT(ret == 0); |
| 657 | } else { |
| 658 | ret = mbedtls_x509_crt_parse( |
| 659 | cert->cert, |
| 660 | (const unsigned char *) mbedtls_test_srv_crt_ec_der, |
| 661 | mbedtls_test_srv_crt_ec_der_len); |
| 662 | TEST_ASSERT(ret == 0); |
| 663 | |
| 664 | ret = mbedtls_pk_parse_key( |
| 665 | cert->pkey, |
| 666 | (const unsigned char *) mbedtls_test_srv_key_ec_der, |
| Ben Taylor | 440cb2a | 2025-03-05 09:40:08 +0000 | [diff] [blame^] | 667 | mbedtls_test_srv_key_ec_der_len, NULL, 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 668 | TEST_ASSERT(ret == 0); |
| 669 | } |
| 670 | } else { |
| 671 | if (pk_alg == MBEDTLS_PK_RSA) { |
| 672 | ret = mbedtls_x509_crt_parse( |
| 673 | cert->cert, |
| 674 | (const unsigned char *) mbedtls_test_cli_crt_rsa_der, |
| 675 | mbedtls_test_cli_crt_rsa_der_len); |
| 676 | TEST_ASSERT(ret == 0); |
| 677 | |
| 678 | ret = mbedtls_pk_parse_key( |
| 679 | cert->pkey, |
| 680 | (const unsigned char *) mbedtls_test_cli_key_rsa_der, |
| Ben Taylor | 440cb2a | 2025-03-05 09:40:08 +0000 | [diff] [blame^] | 681 | mbedtls_test_cli_key_rsa_der_len, NULL, 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 682 | TEST_ASSERT(ret == 0); |
| 683 | } else { |
| 684 | ret = mbedtls_x509_crt_parse( |
| 685 | cert->cert, |
| 686 | (const unsigned char *) mbedtls_test_cli_crt_ec_der, |
| 687 | mbedtls_test_cli_crt_ec_len); |
| 688 | TEST_ASSERT(ret == 0); |
| 689 | |
| 690 | ret = mbedtls_pk_parse_key( |
| 691 | cert->pkey, |
| 692 | (const unsigned char *) mbedtls_test_cli_key_ec_der, |
| Ben Taylor | 440cb2a | 2025-03-05 09:40:08 +0000 | [diff] [blame^] | 693 | mbedtls_test_cli_key_ec_der_len, NULL, 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 694 | TEST_ASSERT(ret == 0); |
| 695 | } |
| 696 | } |
| 697 | |
| 698 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 699 | if (opaque_alg != 0) { |
| Valerio Setti | 1fa2f6e | 2024-02-27 08:11:25 +0100 | [diff] [blame] | 700 | psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; |
| 701 | /* Use a fake key usage to get a successful initial guess for the PSA attributes. */ |
| Valerio Setti | a9de944 | 2024-02-27 13:56:09 +0100 | [diff] [blame] | 702 | TEST_EQUAL(mbedtls_pk_get_psa_attributes(cert->pkey, PSA_KEY_USAGE_SIGN_HASH, |
| Valerio Setti | 1fa2f6e | 2024-02-27 08:11:25 +0100 | [diff] [blame] | 703 | &key_attr), 0); |
| Valerio Setti | a9de944 | 2024-02-27 13:56:09 +0100 | [diff] [blame] | 704 | /* Then manually usage, alg and alg2 as requested by the test. */ |
| Valerio Setti | 1fa2f6e | 2024-02-27 08:11:25 +0100 | [diff] [blame] | 705 | psa_set_key_usage_flags(&key_attr, opaque_usage); |
| 706 | psa_set_key_algorithm(&key_attr, opaque_alg); |
| 707 | if (opaque_alg2 != PSA_ALG_NONE) { |
| 708 | psa_set_key_enrollment_algorithm(&key_attr, opaque_alg2); |
| 709 | } |
| 710 | TEST_EQUAL(mbedtls_pk_import_into_psa(cert->pkey, &key_attr, &key_slot), 0); |
| 711 | mbedtls_pk_free(cert->pkey); |
| 712 | mbedtls_pk_init(cert->pkey); |
| 713 | TEST_EQUAL(mbedtls_pk_setup_opaque(cert->pkey, key_slot), 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 714 | } |
| 715 | #else |
| 716 | (void) opaque_alg; |
| 717 | (void) opaque_alg2; |
| 718 | (void) opaque_usage; |
| 719 | #endif |
| 720 | |
| 721 | mbedtls_ssl_conf_ca_chain(&(ep->conf), cert->ca_cert, NULL); |
| 722 | |
| 723 | ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, |
| 724 | cert->pkey); |
| 725 | TEST_ASSERT(ret == 0); |
| 726 | TEST_ASSERT(ep->conf.key_cert != NULL); |
| 727 | |
| 728 | ret = mbedtls_ssl_conf_own_cert(&(ep->conf), NULL, NULL); |
| 729 | TEST_ASSERT(ret == 0); |
| 730 | TEST_ASSERT(ep->conf.key_cert == NULL); |
| 731 | |
| 732 | ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, |
| 733 | cert->pkey); |
| 734 | TEST_ASSERT(ret == 0); |
| 735 | |
| 736 | exit: |
| 737 | if (ret != 0) { |
| Yanray Wang | f6f7190 | 2023-03-15 16:05:14 +0800 | [diff] [blame] | 738 | test_ssl_endpoint_certificate_free(ep); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 739 | } |
| 740 | |
| 741 | return ret; |
| 742 | } |
| 743 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 744 | int mbedtls_test_ssl_endpoint_init( |
| 745 | mbedtls_test_ssl_endpoint *ep, int endpoint_type, |
| 746 | mbedtls_test_handshake_test_options *options, |
| 747 | mbedtls_test_message_socket_context *dtls_context, |
| 748 | mbedtls_test_ssl_message_queue *input_queue, |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 749 | mbedtls_test_ssl_message_queue *output_queue) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 750 | { |
| 751 | int ret = -1; |
| 752 | uintptr_t user_data_n; |
| 753 | |
| 754 | if (dtls_context != NULL && |
| 755 | (input_queue == NULL || output_queue == NULL)) { |
| 756 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
| 757 | |
| 758 | } |
| 759 | |
| 760 | if (ep == NULL) { |
| 761 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
| 762 | } |
| 763 | |
| 764 | memset(ep, 0, sizeof(*ep)); |
| 765 | |
| 766 | ep->name = (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? "Server" : "Client"; |
| 767 | |
| 768 | mbedtls_ssl_init(&(ep->ssl)); |
| 769 | mbedtls_ssl_config_init(&(ep->conf)); |
| Ronald Cron | 10b040f | 2024-02-05 09:38:09 +0100 | [diff] [blame] | 770 | mbedtls_ssl_conf_rng(&(ep->conf), mbedtls_test_random, NULL); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 771 | |
| 772 | TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&ep->conf) == NULL); |
| 773 | TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), 0); |
| 774 | TEST_ASSERT(mbedtls_ssl_get_user_data_p(&ep->ssl) == NULL); |
| 775 | TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), 0); |
| 776 | |
| 777 | (void) mbedtls_test_rnd_std_rand(NULL, |
| 778 | (void *) &user_data_n, |
| 779 | sizeof(user_data_n)); |
| 780 | mbedtls_ssl_conf_set_user_data_n(&ep->conf, user_data_n); |
| 781 | mbedtls_ssl_set_user_data_n(&ep->ssl, user_data_n); |
| 782 | |
| 783 | if (dtls_context != NULL) { |
| 784 | TEST_ASSERT(mbedtls_test_message_socket_setup(input_queue, output_queue, |
| 785 | 100, &(ep->socket), |
| 786 | dtls_context) == 0); |
| 787 | } else { |
| Yanray Wang | 5f86a42 | 2023-03-15 16:02:29 +0800 | [diff] [blame] | 788 | mbedtls_test_mock_socket_init(&(ep->socket)); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 789 | } |
| 790 | |
| 791 | /* Non-blocking callbacks without timeout */ |
| 792 | if (dtls_context != NULL) { |
| 793 | mbedtls_ssl_set_bio(&(ep->ssl), dtls_context, |
| 794 | mbedtls_test_mock_tcp_send_msg, |
| 795 | mbedtls_test_mock_tcp_recv_msg, |
| 796 | NULL); |
| 797 | } else { |
| 798 | mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket), |
| 799 | mbedtls_test_mock_tcp_send_nb, |
| 800 | mbedtls_test_mock_tcp_recv_nb, |
| 801 | NULL); |
| 802 | } |
| 803 | |
| 804 | ret = mbedtls_ssl_config_defaults(&(ep->conf), endpoint_type, |
| 805 | (dtls_context != NULL) ? |
| 806 | MBEDTLS_SSL_TRANSPORT_DATAGRAM : |
| 807 | MBEDTLS_SSL_TRANSPORT_STREAM, |
| 808 | MBEDTLS_SSL_PRESET_DEFAULT); |
| 809 | TEST_ASSERT(ret == 0); |
| 810 | |
| Ronald Cron | a697a71 | 2023-03-09 17:47:42 +0100 | [diff] [blame] | 811 | if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) { |
| 812 | if (options->client_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) { |
| 813 | mbedtls_ssl_conf_min_tls_version(&(ep->conf), |
| 814 | options->client_min_version); |
| 815 | } |
| 816 | |
| 817 | if (options->client_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) { |
| 818 | mbedtls_ssl_conf_max_tls_version(&(ep->conf), |
| 819 | options->client_max_version); |
| 820 | } |
| 821 | } else { |
| 822 | if (options->server_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) { |
| 823 | mbedtls_ssl_conf_min_tls_version(&(ep->conf), |
| 824 | options->server_min_version); |
| 825 | } |
| 826 | |
| 827 | if (options->server_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) { |
| 828 | mbedtls_ssl_conf_max_tls_version(&(ep->conf), |
| 829 | options->server_max_version); |
| 830 | } |
| 831 | } |
| 832 | |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 833 | if (options->group_list != NULL) { |
| 834 | mbedtls_ssl_conf_groups(&(ep->conf), options->group_list); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 835 | } |
| 836 | |
| 837 | mbedtls_ssl_conf_authmode(&(ep->conf), MBEDTLS_SSL_VERIFY_REQUIRED); |
| 838 | |
| Ronald Cron | ced99be | 2024-01-26 15:49:12 +0100 | [diff] [blame] | 839 | #if defined(MBEDTLS_SSL_EARLY_DATA) |
| 840 | mbedtls_ssl_conf_early_data(&(ep->conf), options->early_data); |
| Ronald Cron | 5d3036e | 2024-02-23 07:43:45 +0100 | [diff] [blame] | 841 | #if defined(MBEDTLS_SSL_SRV_C) |
| 842 | if (endpoint_type == MBEDTLS_SSL_IS_SERVER && |
| 843 | (options->max_early_data_size >= 0)) { |
| 844 | mbedtls_ssl_conf_max_early_data_size(&(ep->conf), |
| 845 | options->max_early_data_size); |
| 846 | } |
| 847 | #endif |
| Waleed Elmelegy | 4dfb0e7 | 2024-03-14 01:48:40 +0000 | [diff] [blame] | 848 | #if defined(MBEDTLS_SSL_ALPN) |
| 849 | /* check that alpn_list contains at least one valid entry */ |
| 850 | if (options->alpn_list[0] != NULL) { |
| 851 | mbedtls_ssl_conf_alpn_protocols(&(ep->conf), options->alpn_list); |
| 852 | } |
| 853 | #endif |
| Ronald Cron | ced99be | 2024-01-26 15:49:12 +0100 | [diff] [blame] | 854 | #endif |
| 855 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 856 | #if defined(MBEDTLS_SSL_CACHE_C) && defined(MBEDTLS_SSL_SRV_C) |
| 857 | if (endpoint_type == MBEDTLS_SSL_IS_SERVER && options->cache != NULL) { |
| 858 | mbedtls_ssl_conf_session_cache(&(ep->conf), options->cache, |
| 859 | mbedtls_ssl_cache_get, |
| 860 | mbedtls_ssl_cache_set); |
| 861 | } |
| 862 | #endif |
| 863 | |
| 864 | ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf)); |
| 865 | TEST_ASSERT(ret == 0); |
| 866 | |
| 867 | #if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C) |
| 868 | if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) { |
| 869 | mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL); |
| 870 | } |
| 871 | #endif |
| 872 | |
| Ronald Cron | ec3408d | 2024-01-16 17:50:40 +0100 | [diff] [blame] | 873 | #if defined(MBEDTLS_DEBUG_C) |
| 874 | #if defined(MBEDTLS_SSL_SRV_C) |
| 875 | if (endpoint_type == MBEDTLS_SSL_IS_SERVER && |
| 876 | options->srv_log_fun != NULL) { |
| 877 | mbedtls_ssl_conf_dbg(&(ep->conf), options->srv_log_fun, |
| 878 | options->srv_log_obj); |
| 879 | } |
| 880 | #endif |
| 881 | #if defined(MBEDTLS_SSL_CLI_C) |
| 882 | if (endpoint_type == MBEDTLS_SSL_IS_CLIENT && |
| 883 | options->cli_log_fun != NULL) { |
| 884 | mbedtls_ssl_conf_dbg(&(ep->conf), options->cli_log_fun, |
| 885 | options->cli_log_obj); |
| 886 | } |
| 887 | #endif |
| 888 | #endif /* MBEDTLS_DEBUG_C */ |
| 889 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 890 | ret = mbedtls_test_ssl_endpoint_certificate_init(ep, options->pk_alg, |
| 891 | options->opaque_alg, |
| 892 | options->opaque_alg2, |
| 893 | options->opaque_usage); |
| 894 | TEST_ASSERT(ret == 0); |
| 895 | |
| 896 | TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), user_data_n); |
| 897 | mbedtls_ssl_conf_set_user_data_p(&ep->conf, ep); |
| 898 | TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), user_data_n); |
| 899 | mbedtls_ssl_set_user_data_p(&ep->ssl, ep); |
| 900 | |
| 901 | exit: |
| 902 | return ret; |
| 903 | } |
| 904 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 905 | void mbedtls_test_ssl_endpoint_free( |
| 906 | mbedtls_test_ssl_endpoint *ep, |
| 907 | mbedtls_test_message_socket_context *context) |
| 908 | { |
| Yanray Wang | f6f7190 | 2023-03-15 16:05:14 +0800 | [diff] [blame] | 909 | test_ssl_endpoint_certificate_free(ep); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 910 | |
| 911 | mbedtls_ssl_free(&(ep->ssl)); |
| 912 | mbedtls_ssl_config_free(&(ep->conf)); |
| 913 | |
| 914 | if (context != NULL) { |
| 915 | mbedtls_test_message_socket_close(context); |
| 916 | } else { |
| 917 | mbedtls_test_mock_socket_close(&(ep->socket)); |
| 918 | } |
| 919 | } |
| 920 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 921 | int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl, |
| 922 | mbedtls_ssl_context *second_ssl, |
| 923 | int state) |
| 924 | { |
| 925 | enum { BUFFSIZE = 1024 }; |
| 926 | int max_steps = 1000; |
| 927 | int ret = 0; |
| 928 | |
| 929 | if (ssl == NULL || second_ssl == NULL) { |
| 930 | return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; |
| 931 | } |
| 932 | |
| 933 | /* Perform communication via connected sockets */ |
| 934 | while ((ssl->state != state) && (--max_steps >= 0)) { |
| 935 | /* If /p second_ssl ends the handshake procedure before /p ssl then |
| 936 | * there is no need to call the next step */ |
| 937 | if (!mbedtls_ssl_is_handshake_over(second_ssl)) { |
| 938 | ret = mbedtls_ssl_handshake_step(second_ssl); |
| 939 | if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && |
| 940 | ret != MBEDTLS_ERR_SSL_WANT_WRITE) { |
| 941 | return ret; |
| 942 | } |
| 943 | } |
| 944 | |
| 945 | /* We only care about the \p ssl state and returns, so we call it last, |
| 946 | * to leave the iteration as soon as the state is as expected. */ |
| 947 | ret = mbedtls_ssl_handshake_step(ssl); |
| 948 | if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && |
| 949 | ret != MBEDTLS_ERR_SSL_WANT_WRITE) { |
| 950 | return ret; |
| 951 | } |
| 952 | } |
| 953 | |
| 954 | return (max_steps >= 0) ? ret : -1; |
| 955 | } |
| 956 | |
| 957 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ |
| 958 | |
| 959 | /* |
| 960 | * Write application data. Increase write counter if necessary. |
| 961 | */ |
| Michael Schuster | 54300d4 | 2024-06-04 02:30:22 +0200 | [diff] [blame] | 962 | static int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl, |
| Michael Schuster | bd89b79 | 2024-06-04 02:41:10 +0200 | [diff] [blame] | 963 | unsigned char *buf, int buf_len, |
| 964 | int *written, |
| 965 | const int expected_fragments) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 966 | { |
| Agathiyan Bragadeesh | 9321265 | 2023-07-12 11:22:59 +0100 | [diff] [blame] | 967 | int ret; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 968 | /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is |
| 969 | * a valid no-op for TLS connections. */ |
| 970 | if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { |
| 971 | TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0); |
| 972 | } |
| 973 | |
| Agathiyan Bragadeesh | 9321265 | 2023-07-12 11:22:59 +0100 | [diff] [blame] | 974 | ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 975 | if (ret > 0) { |
| 976 | *written += ret; |
| 977 | } |
| 978 | |
| 979 | if (expected_fragments == 0) { |
| 980 | /* Used for DTLS and the message size larger than MFL. In that case |
| 981 | * the message can not be fragmented and the library should return |
| 982 | * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 983 | * to prevent a dead loop inside mbedtls_test_ssl_exchange_data(). */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 984 | return ret; |
| 985 | } else if (expected_fragments == 1) { |
| 986 | /* Used for TLS/DTLS and the message size lower than MFL */ |
| 987 | TEST_ASSERT(ret == buf_len || |
| 988 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 989 | ret == MBEDTLS_ERR_SSL_WANT_WRITE); |
| 990 | } else { |
| 991 | /* Used for TLS and the message size larger than MFL */ |
| 992 | TEST_ASSERT(expected_fragments > 1); |
| 993 | TEST_ASSERT((ret >= 0 && ret <= buf_len) || |
| 994 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 995 | ret == MBEDTLS_ERR_SSL_WANT_WRITE); |
| 996 | } |
| 997 | |
| 998 | return 0; |
| 999 | |
| 1000 | exit: |
| 1001 | /* Some of the tests failed */ |
| 1002 | return -1; |
| 1003 | } |
| 1004 | |
| 1005 | /* |
| 1006 | * Read application data and increase read counter and fragments counter |
| 1007 | * if necessary. |
| 1008 | */ |
| Michael Schuster | 54300d4 | 2024-06-04 02:30:22 +0200 | [diff] [blame] | 1009 | static int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl, |
| Michael Schuster | bd89b79 | 2024-06-04 02:41:10 +0200 | [diff] [blame] | 1010 | unsigned char *buf, int buf_len, |
| 1011 | int *read, int *fragments, |
| 1012 | const int expected_fragments) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1013 | { |
| Agathiyan Bragadeesh | 9321265 | 2023-07-12 11:22:59 +0100 | [diff] [blame] | 1014 | int ret; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1015 | /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is |
| 1016 | * a valid no-op for TLS connections. */ |
| 1017 | if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { |
| 1018 | TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0); |
| 1019 | } |
| 1020 | |
| Agathiyan Bragadeesh | 9321265 | 2023-07-12 11:22:59 +0100 | [diff] [blame] | 1021 | ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1022 | if (ret > 0) { |
| 1023 | (*fragments)++; |
| 1024 | *read += ret; |
| 1025 | } |
| 1026 | |
| 1027 | if (expected_fragments == 0) { |
| 1028 | TEST_ASSERT(ret == 0); |
| 1029 | } else if (expected_fragments == 1) { |
| 1030 | TEST_ASSERT(ret == buf_len || |
| 1031 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 1032 | ret == MBEDTLS_ERR_SSL_WANT_WRITE); |
| 1033 | } else { |
| 1034 | TEST_ASSERT(expected_fragments > 1); |
| 1035 | TEST_ASSERT((ret >= 0 && ret <= buf_len) || |
| 1036 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 1037 | ret == MBEDTLS_ERR_SSL_WANT_WRITE); |
| 1038 | } |
| 1039 | |
| 1040 | return 0; |
| 1041 | |
| 1042 | exit: |
| 1043 | /* Some of the tests failed */ |
| 1044 | return -1; |
| 1045 | } |
| 1046 | |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1047 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| 1048 | static void set_ciphersuite(mbedtls_ssl_config *conf, const char *cipher, |
| 1049 | int *forced_ciphersuite) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1050 | { |
| 1051 | const mbedtls_ssl_ciphersuite_t *ciphersuite_info; |
| 1052 | forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(cipher); |
| 1053 | forced_ciphersuite[1] = 0; |
| 1054 | |
| 1055 | ciphersuite_info = |
| 1056 | mbedtls_ssl_ciphersuite_from_id(forced_ciphersuite[0]); |
| 1057 | |
| 1058 | TEST_ASSERT(ciphersuite_info != NULL); |
| 1059 | TEST_ASSERT(ciphersuite_info->min_tls_version <= conf->max_tls_version); |
| 1060 | TEST_ASSERT(ciphersuite_info->max_tls_version >= conf->min_tls_version); |
| 1061 | |
| 1062 | if (conf->max_tls_version > ciphersuite_info->max_tls_version) { |
| Agathiyan Bragadeesh | 2f017a8 | 2023-07-12 11:21:54 +0100 | [diff] [blame] | 1063 | conf->max_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->max_tls_version; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1064 | } |
| 1065 | if (conf->min_tls_version < ciphersuite_info->min_tls_version) { |
| Agathiyan Bragadeesh | 2f017a8 | 2023-07-12 11:21:54 +0100 | [diff] [blame] | 1066 | conf->min_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->min_tls_version; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1067 | } |
| 1068 | |
| 1069 | mbedtls_ssl_conf_ciphersuites(conf, forced_ciphersuite); |
| 1070 | |
| 1071 | exit: |
| 1072 | return; |
| 1073 | } |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1074 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1075 | |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1076 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \ |
| 1077 | defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \ |
| 1078 | defined(MBEDTLS_SSL_SRV_C) |
| 1079 | static int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl, |
| 1080 | const unsigned char *name, size_t name_len) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1081 | { |
| 1082 | (void) p_info; |
| 1083 | (void) ssl; |
| 1084 | (void) name; |
| 1085 | (void) name_len; |
| 1086 | |
| 1087 | return 0; |
| 1088 | } |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1089 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && |
| 1090 | MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED && |
| 1091 | MBEDTLS_SSL_SRV_C */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1092 | |
| 1093 | #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ |
| Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1094 | defined(PSA_WANT_ALG_CBC_NO_PADDING) && defined(PSA_WANT_KEY_TYPE_AES) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1095 | int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, |
| 1096 | const unsigned char *iv, |
| 1097 | size_t iv_len, |
| 1098 | const unsigned char *input, |
| 1099 | size_t ilen, |
| 1100 | unsigned char *output, |
| 1101 | size_t *olen) |
| 1102 | { |
| 1103 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1104 | psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; |
| 1105 | psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT; |
| 1106 | size_t part_len; |
| 1107 | |
| 1108 | status = psa_cipher_encrypt_setup(&cipher_op, |
| 1109 | transform->psa_key_enc, |
| 1110 | transform->psa_alg); |
| 1111 | |
| 1112 | if (status != PSA_SUCCESS) { |
| 1113 | return PSA_TO_MBEDTLS_ERR(status); |
| 1114 | } |
| 1115 | |
| 1116 | status = psa_cipher_set_iv(&cipher_op, iv, iv_len); |
| 1117 | |
| 1118 | if (status != PSA_SUCCESS) { |
| 1119 | return PSA_TO_MBEDTLS_ERR(status); |
| 1120 | } |
| 1121 | |
| 1122 | status = psa_cipher_update(&cipher_op, input, ilen, output, ilen, olen); |
| 1123 | |
| 1124 | if (status != PSA_SUCCESS) { |
| 1125 | return PSA_TO_MBEDTLS_ERR(status); |
| 1126 | } |
| 1127 | |
| 1128 | status = psa_cipher_finish(&cipher_op, output + *olen, ilen - *olen, |
| 1129 | &part_len); |
| 1130 | |
| 1131 | if (status != PSA_SUCCESS) { |
| 1132 | return PSA_TO_MBEDTLS_ERR(status); |
| 1133 | } |
| 1134 | |
| 1135 | *olen += part_len; |
| 1136 | return 0; |
| 1137 | #else |
| 1138 | return mbedtls_cipher_crypt(&transform->cipher_ctx_enc, |
| 1139 | iv, iv_len, input, ilen, output, olen); |
| 1140 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
| 1141 | } |
| Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1142 | #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && PSA_WANT_ALG_CBC_NO_PADDING && |
| Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 1143 | PSA_WANT_KEY_TYPE_AES */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1144 | |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1145 | static void mbedtls_test_ssl_cipher_info_from_type(mbedtls_cipher_type_t cipher_type, |
| 1146 | mbedtls_cipher_mode_t *cipher_mode, |
| 1147 | size_t *key_bits, size_t *iv_len) |
| 1148 | { |
| 1149 | switch (cipher_type) { |
| 1150 | case MBEDTLS_CIPHER_AES_128_CBC: |
| 1151 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1152 | *key_bits = 128; |
| 1153 | *iv_len = 16; |
| 1154 | break; |
| 1155 | case MBEDTLS_CIPHER_AES_256_CBC: |
| 1156 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1157 | *key_bits = 256; |
| 1158 | *iv_len = 16; |
| 1159 | break; |
| 1160 | case MBEDTLS_CIPHER_ARIA_128_CBC: |
| 1161 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1162 | *key_bits = 128; |
| 1163 | *iv_len = 16; |
| 1164 | break; |
| 1165 | case MBEDTLS_CIPHER_ARIA_256_CBC: |
| 1166 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1167 | *key_bits = 256; |
| 1168 | *iv_len = 16; |
| 1169 | break; |
| 1170 | case MBEDTLS_CIPHER_CAMELLIA_128_CBC: |
| 1171 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1172 | *key_bits = 128; |
| 1173 | *iv_len = 16; |
| 1174 | break; |
| 1175 | case MBEDTLS_CIPHER_CAMELLIA_256_CBC: |
| 1176 | *cipher_mode = MBEDTLS_MODE_CBC; |
| 1177 | *key_bits = 256; |
| 1178 | *iv_len = 16; |
| 1179 | break; |
| 1180 | |
| 1181 | case MBEDTLS_CIPHER_AES_128_CCM: |
| 1182 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1183 | *key_bits = 128; |
| 1184 | *iv_len = 12; |
| 1185 | break; |
| 1186 | case MBEDTLS_CIPHER_AES_192_CCM: |
| 1187 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1188 | *key_bits = 192; |
| 1189 | *iv_len = 12; |
| 1190 | break; |
| 1191 | case MBEDTLS_CIPHER_AES_256_CCM: |
| 1192 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1193 | *key_bits = 256; |
| 1194 | *iv_len = 12; |
| 1195 | break; |
| 1196 | case MBEDTLS_CIPHER_CAMELLIA_128_CCM: |
| 1197 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1198 | *key_bits = 128; |
| 1199 | *iv_len = 12; |
| 1200 | break; |
| 1201 | case MBEDTLS_CIPHER_CAMELLIA_192_CCM: |
| 1202 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1203 | *key_bits = 192; |
| 1204 | *iv_len = 12; |
| 1205 | break; |
| 1206 | case MBEDTLS_CIPHER_CAMELLIA_256_CCM: |
| 1207 | *cipher_mode = MBEDTLS_MODE_CCM; |
| 1208 | *key_bits = 256; |
| 1209 | *iv_len = 12; |
| 1210 | break; |
| 1211 | |
| 1212 | case MBEDTLS_CIPHER_AES_128_GCM: |
| 1213 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1214 | *key_bits = 128; |
| 1215 | *iv_len = 12; |
| 1216 | break; |
| 1217 | case MBEDTLS_CIPHER_AES_192_GCM: |
| 1218 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1219 | *key_bits = 192; |
| 1220 | *iv_len = 12; |
| 1221 | break; |
| 1222 | case MBEDTLS_CIPHER_AES_256_GCM: |
| 1223 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1224 | *key_bits = 256; |
| 1225 | *iv_len = 12; |
| 1226 | break; |
| 1227 | case MBEDTLS_CIPHER_CAMELLIA_128_GCM: |
| 1228 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1229 | *key_bits = 128; |
| 1230 | *iv_len = 12; |
| 1231 | break; |
| 1232 | case MBEDTLS_CIPHER_CAMELLIA_192_GCM: |
| 1233 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1234 | *key_bits = 192; |
| 1235 | *iv_len = 12; |
| 1236 | break; |
| 1237 | case MBEDTLS_CIPHER_CAMELLIA_256_GCM: |
| 1238 | *cipher_mode = MBEDTLS_MODE_GCM; |
| 1239 | *key_bits = 256; |
| 1240 | *iv_len = 12; |
| 1241 | break; |
| 1242 | |
| 1243 | case MBEDTLS_CIPHER_CHACHA20_POLY1305: |
| 1244 | *cipher_mode = MBEDTLS_MODE_CHACHAPOLY; |
| 1245 | *key_bits = 256; |
| 1246 | *iv_len = 12; |
| 1247 | break; |
| 1248 | |
| 1249 | case MBEDTLS_CIPHER_NULL: |
| 1250 | *cipher_mode = MBEDTLS_MODE_STREAM; |
| 1251 | *key_bits = 0; |
| 1252 | *iv_len = 0; |
| 1253 | break; |
| 1254 | |
| 1255 | default: |
| 1256 | *cipher_mode = MBEDTLS_MODE_NONE; |
| 1257 | *key_bits = 0; |
| 1258 | *iv_len = 0; |
| 1259 | } |
| 1260 | } |
| 1261 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1262 | int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, |
| 1263 | mbedtls_ssl_transform *t_out, |
| 1264 | int cipher_type, int hash_id, |
| 1265 | int etm, int tag_mode, |
| 1266 | mbedtls_ssl_protocol_version tls_version, |
| 1267 | size_t cid0_len, |
| 1268 | size_t cid1_len) |
| 1269 | { |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1270 | mbedtls_cipher_mode_t cipher_mode = MBEDTLS_MODE_NONE; |
| 1271 | size_t key_bits = 0; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1272 | int ret = 0; |
| 1273 | |
| 1274 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1275 | psa_key_type_t key_type; |
| 1276 | psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; |
| 1277 | psa_algorithm_t alg; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1278 | psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; |
| Valerio Setti | 3d59ebe | 2023-10-30 11:56:56 +0100 | [diff] [blame] | 1279 | #else |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1280 | mbedtls_cipher_info_t const *cipher_info; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1281 | #endif |
| 1282 | |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1283 | size_t keylen, maclen, ivlen = 0; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1284 | unsigned char *key0 = NULL, *key1 = NULL; |
| 1285 | unsigned char *md0 = NULL, *md1 = NULL; |
| 1286 | unsigned char iv_enc[16], iv_dec[16]; |
| 1287 | |
| 1288 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
| 1289 | unsigned char cid0[SSL_CID_LEN_MIN]; |
| 1290 | unsigned char cid1[SSL_CID_LEN_MIN]; |
| 1291 | |
| 1292 | mbedtls_test_rnd_std_rand(NULL, cid0, sizeof(cid0)); |
| 1293 | mbedtls_test_rnd_std_rand(NULL, cid1, sizeof(cid1)); |
| 1294 | #else |
| 1295 | ((void) cid0_len); |
| 1296 | ((void) cid1_len); |
| 1297 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
| 1298 | |
| 1299 | maclen = 0; |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1300 | mbedtls_test_ssl_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type, |
| 1301 | &cipher_mode, &key_bits, &ivlen); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1302 | |
| 1303 | /* Pick keys */ |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1304 | keylen = key_bits / 8; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1305 | /* Allocate `keylen + 1` bytes to ensure that we get |
| 1306 | * a non-NULL pointers from `mbedtls_calloc` even if |
| 1307 | * `keylen == 0` in the case of the NULL cipher. */ |
| 1308 | CHK((key0 = mbedtls_calloc(1, keylen + 1)) != NULL); |
| 1309 | CHK((key1 = mbedtls_calloc(1, keylen + 1)) != NULL); |
| 1310 | memset(key0, 0x1, keylen); |
| 1311 | memset(key1, 0x2, keylen); |
| 1312 | |
| 1313 | #if !defined(MBEDTLS_USE_PSA_CRYPTO) |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1314 | /* Pick cipher */ |
| 1315 | cipher_info = mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type); |
| 1316 | CHK(cipher_info != NULL); |
| 1317 | CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16); |
| 1318 | CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0); |
| Valerio Setti | 3d59ebe | 2023-10-30 11:56:56 +0100 | [diff] [blame] | 1319 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1320 | /* Setup cipher contexts */ |
| 1321 | CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc, cipher_info) == 0); |
| 1322 | CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_dec, cipher_info) == 0); |
| 1323 | CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_enc, cipher_info) == 0); |
| 1324 | CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_dec, cipher_info) == 0); |
| 1325 | |
| 1326 | #if defined(MBEDTLS_CIPHER_MODE_CBC) |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1327 | if (cipher_mode == MBEDTLS_MODE_CBC) { |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1328 | CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_enc, |
| 1329 | MBEDTLS_PADDING_NONE) == 0); |
| 1330 | CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_dec, |
| 1331 | MBEDTLS_PADDING_NONE) == 0); |
| 1332 | CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_enc, |
| 1333 | MBEDTLS_PADDING_NONE) == 0); |
| 1334 | CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_dec, |
| 1335 | MBEDTLS_PADDING_NONE) == 0); |
| 1336 | } |
| 1337 | #endif /* MBEDTLS_CIPHER_MODE_CBC */ |
| 1338 | |
| 1339 | CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_enc, key0, |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1340 | (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, |
| 1341 | MBEDTLS_ENCRYPT) |
| 1342 | == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1343 | CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_dec, key1, |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1344 | (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, |
| 1345 | MBEDTLS_DECRYPT) |
| 1346 | == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1347 | CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_enc, key1, |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1348 | (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, |
| 1349 | MBEDTLS_ENCRYPT) |
| 1350 | == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1351 | CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_dec, key0, |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1352 | (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, |
| 1353 | MBEDTLS_DECRYPT) |
| 1354 | == 0); |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1355 | #endif /* !MBEDTLS_USE_PSA_CRYPTO */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1356 | |
| 1357 | /* Setup MAC contexts */ |
| 1358 | #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1359 | if (cipher_mode == MBEDTLS_MODE_CBC || |
| 1360 | cipher_mode == MBEDTLS_MODE_STREAM) { |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1361 | #if !defined(MBEDTLS_USE_PSA_CRYPTO) |
| Agathiyan Bragadeesh | 2f017a8 | 2023-07-12 11:21:54 +0100 | [diff] [blame] | 1362 | mbedtls_md_info_t const *md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) hash_id); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1363 | CHK(md_info != NULL); |
| 1364 | #endif |
| Agathiyan Bragadeesh | 2f017a8 | 2023-07-12 11:21:54 +0100 | [diff] [blame] | 1365 | maclen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) hash_id); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1366 | CHK(maclen != 0); |
| 1367 | /* Pick hash keys */ |
| 1368 | CHK((md0 = mbedtls_calloc(1, maclen)) != NULL); |
| 1369 | CHK((md1 = mbedtls_calloc(1, maclen)) != NULL); |
| 1370 | memset(md0, 0x5, maclen); |
| 1371 | memset(md1, 0x6, maclen); |
| 1372 | |
| 1373 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| Manuel Pégourié-Gonnard | 2d6d993 | 2023-03-28 11:38:08 +0200 | [diff] [blame] | 1374 | alg = mbedtls_md_psa_alg_from_type(hash_id); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1375 | |
| 1376 | CHK(alg != 0); |
| 1377 | |
| 1378 | t_out->psa_mac_alg = PSA_ALG_HMAC(alg); |
| 1379 | t_in->psa_mac_alg = PSA_ALG_HMAC(alg); |
| 1380 | t_in->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; |
| 1381 | t_out->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; |
| 1382 | t_in->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; |
| 1383 | t_out->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; |
| 1384 | |
| 1385 | psa_reset_key_attributes(&attributes); |
| 1386 | psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); |
| 1387 | psa_set_key_algorithm(&attributes, PSA_ALG_HMAC(alg)); |
| 1388 | psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC); |
| 1389 | |
| 1390 | CHK(psa_import_key(&attributes, |
| 1391 | md0, maclen, |
| 1392 | &t_in->psa_mac_enc) == PSA_SUCCESS); |
| 1393 | |
| 1394 | CHK(psa_import_key(&attributes, |
| 1395 | md1, maclen, |
| 1396 | &t_out->psa_mac_enc) == PSA_SUCCESS); |
| 1397 | |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1398 | if (cipher_mode == MBEDTLS_MODE_STREAM || |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1399 | etm == MBEDTLS_SSL_ETM_DISABLED) { |
| 1400 | /* mbedtls_ct_hmac() requires the key to be exportable */ |
| 1401 | psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | |
| 1402 | PSA_KEY_USAGE_VERIFY_HASH); |
| 1403 | } else { |
| 1404 | psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); |
| 1405 | } |
| 1406 | |
| 1407 | CHK(psa_import_key(&attributes, |
| 1408 | md1, maclen, |
| 1409 | &t_in->psa_mac_dec) == PSA_SUCCESS); |
| 1410 | |
| 1411 | CHK(psa_import_key(&attributes, |
| 1412 | md0, maclen, |
| 1413 | &t_out->psa_mac_dec) == PSA_SUCCESS); |
| 1414 | #else |
| 1415 | CHK(mbedtls_md_setup(&t_out->md_ctx_enc, md_info, 1) == 0); |
| 1416 | CHK(mbedtls_md_setup(&t_out->md_ctx_dec, md_info, 1) == 0); |
| 1417 | CHK(mbedtls_md_setup(&t_in->md_ctx_enc, md_info, 1) == 0); |
| 1418 | CHK(mbedtls_md_setup(&t_in->md_ctx_dec, md_info, 1) == 0); |
| 1419 | |
| 1420 | CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_enc, |
| 1421 | md0, maclen) == 0); |
| 1422 | CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_dec, |
| 1423 | md1, maclen) == 0); |
| 1424 | CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_enc, |
| 1425 | md1, maclen) == 0); |
| 1426 | CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_dec, |
| 1427 | md0, maclen) == 0); |
| 1428 | #endif |
| 1429 | } |
| 1430 | #else |
| 1431 | ((void) hash_id); |
| 1432 | #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ |
| 1433 | |
| 1434 | |
| 1435 | /* Pick IV's (regardless of whether they |
| 1436 | * are being used by the transform). */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1437 | memset(iv_enc, 0x3, sizeof(iv_enc)); |
| 1438 | memset(iv_dec, 0x4, sizeof(iv_dec)); |
| 1439 | |
| 1440 | /* |
| 1441 | * Setup transforms |
| 1442 | */ |
| 1443 | |
| 1444 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ |
| 1445 | defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) |
| 1446 | t_out->encrypt_then_mac = etm; |
| 1447 | t_in->encrypt_then_mac = etm; |
| 1448 | #else |
| 1449 | ((void) etm); |
| 1450 | #endif |
| 1451 | |
| 1452 | t_out->tls_version = tls_version; |
| 1453 | t_in->tls_version = tls_version; |
| 1454 | t_out->ivlen = ivlen; |
| 1455 | t_in->ivlen = ivlen; |
| 1456 | |
| Valerio Setti | 31ad3a1 | 2023-10-27 11:55:02 +0200 | [diff] [blame] | 1457 | switch (cipher_mode) { |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1458 | case MBEDTLS_MODE_GCM: |
| 1459 | case MBEDTLS_MODE_CCM: |
| 1460 | #if defined(MBEDTLS_SSL_PROTO_TLS1_3) |
| 1461 | if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { |
| 1462 | t_out->fixed_ivlen = 12; |
| 1463 | t_in->fixed_ivlen = 12; |
| 1464 | } else |
| 1465 | #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ |
| 1466 | { |
| 1467 | t_out->fixed_ivlen = 4; |
| 1468 | t_in->fixed_ivlen = 4; |
| 1469 | } |
| 1470 | t_out->maclen = 0; |
| 1471 | t_in->maclen = 0; |
| 1472 | switch (tag_mode) { |
| 1473 | case 0: /* Full tag */ |
| 1474 | t_out->taglen = 16; |
| 1475 | t_in->taglen = 16; |
| 1476 | break; |
| 1477 | case 1: /* Partial tag */ |
| 1478 | t_out->taglen = 8; |
| 1479 | t_in->taglen = 8; |
| 1480 | break; |
| 1481 | default: |
| 1482 | ret = 1; |
| 1483 | goto cleanup; |
| 1484 | } |
| 1485 | break; |
| 1486 | |
| 1487 | case MBEDTLS_MODE_CHACHAPOLY: |
| 1488 | t_out->fixed_ivlen = 12; |
| 1489 | t_in->fixed_ivlen = 12; |
| 1490 | t_out->maclen = 0; |
| 1491 | t_in->maclen = 0; |
| 1492 | switch (tag_mode) { |
| 1493 | case 0: /* Full tag */ |
| 1494 | t_out->taglen = 16; |
| 1495 | t_in->taglen = 16; |
| 1496 | break; |
| 1497 | case 1: /* Partial tag */ |
| 1498 | t_out->taglen = 8; |
| 1499 | t_in->taglen = 8; |
| 1500 | break; |
| 1501 | default: |
| 1502 | ret = 1; |
| 1503 | goto cleanup; |
| 1504 | } |
| 1505 | break; |
| 1506 | |
| 1507 | case MBEDTLS_MODE_STREAM: |
| 1508 | case MBEDTLS_MODE_CBC: |
| 1509 | t_out->fixed_ivlen = 0; /* redundant, must be 0 */ |
| 1510 | t_in->fixed_ivlen = 0; /* redundant, must be 0 */ |
| 1511 | t_out->taglen = 0; |
| 1512 | t_in->taglen = 0; |
| 1513 | switch (tag_mode) { |
| 1514 | case 0: /* Full tag */ |
| 1515 | t_out->maclen = maclen; |
| 1516 | t_in->maclen = maclen; |
| 1517 | break; |
| 1518 | default: |
| 1519 | ret = 1; |
| 1520 | goto cleanup; |
| 1521 | } |
| 1522 | break; |
| 1523 | default: |
| 1524 | ret = 1; |
| 1525 | goto cleanup; |
| 1526 | break; |
| 1527 | } |
| 1528 | |
| 1529 | /* Setup IV's */ |
| 1530 | |
| 1531 | memcpy(&t_in->iv_dec, iv_dec, sizeof(iv_dec)); |
| 1532 | memcpy(&t_in->iv_enc, iv_enc, sizeof(iv_enc)); |
| 1533 | memcpy(&t_out->iv_dec, iv_enc, sizeof(iv_enc)); |
| 1534 | memcpy(&t_out->iv_enc, iv_dec, sizeof(iv_dec)); |
| 1535 | |
| 1536 | #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) |
| 1537 | /* Add CID */ |
| 1538 | memcpy(&t_in->in_cid, cid0, cid0_len); |
| 1539 | memcpy(&t_in->out_cid, cid1, cid1_len); |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1540 | t_in->in_cid_len = (uint8_t) cid0_len; |
| 1541 | t_in->out_cid_len = (uint8_t) cid1_len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1542 | memcpy(&t_out->in_cid, cid1, cid1_len); |
| 1543 | memcpy(&t_out->out_cid, cid0, cid0_len); |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 1544 | t_out->in_cid_len = (uint8_t) cid1_len; |
| 1545 | t_out->out_cid_len = (uint8_t) cid0_len; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1546 | #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ |
| 1547 | |
| 1548 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1549 | status = mbedtls_ssl_cipher_to_psa(cipher_type, |
| 1550 | t_in->taglen, |
| 1551 | &alg, |
| 1552 | &key_type, |
| 1553 | &key_bits); |
| 1554 | |
| 1555 | if (status != PSA_SUCCESS) { |
| 1556 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1557 | goto cleanup; |
| 1558 | } |
| 1559 | |
| 1560 | t_in->psa_alg = alg; |
| 1561 | t_out->psa_alg = alg; |
| 1562 | |
| 1563 | if (alg != MBEDTLS_SSL_NULL_CIPHER) { |
| 1564 | psa_reset_key_attributes(&attributes); |
| 1565 | psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); |
| 1566 | psa_set_key_algorithm(&attributes, alg); |
| 1567 | psa_set_key_type(&attributes, key_type); |
| 1568 | |
| 1569 | status = psa_import_key(&attributes, |
| 1570 | key0, |
| 1571 | PSA_BITS_TO_BYTES(key_bits), |
| 1572 | &t_in->psa_key_enc); |
| 1573 | |
| 1574 | if (status != PSA_SUCCESS) { |
| 1575 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1576 | goto cleanup; |
| 1577 | } |
| 1578 | |
| 1579 | status = psa_import_key(&attributes, |
| 1580 | key1, |
| 1581 | PSA_BITS_TO_BYTES(key_bits), |
| 1582 | &t_out->psa_key_enc); |
| 1583 | |
| 1584 | if (status != PSA_SUCCESS) { |
| 1585 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1586 | goto cleanup; |
| 1587 | } |
| 1588 | |
| 1589 | psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); |
| 1590 | |
| 1591 | status = psa_import_key(&attributes, |
| 1592 | key1, |
| 1593 | PSA_BITS_TO_BYTES(key_bits), |
| 1594 | &t_in->psa_key_dec); |
| 1595 | |
| 1596 | if (status != PSA_SUCCESS) { |
| 1597 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1598 | goto cleanup; |
| 1599 | } |
| 1600 | |
| 1601 | status = psa_import_key(&attributes, |
| 1602 | key0, |
| 1603 | PSA_BITS_TO_BYTES(key_bits), |
| 1604 | &t_out->psa_key_dec); |
| 1605 | |
| 1606 | if (status != PSA_SUCCESS) { |
| 1607 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1608 | goto cleanup; |
| 1609 | } |
| 1610 | } |
| 1611 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
| 1612 | |
| 1613 | cleanup: |
| 1614 | |
| 1615 | mbedtls_free(key0); |
| 1616 | mbedtls_free(key1); |
| 1617 | |
| 1618 | mbedtls_free(md0); |
| 1619 | mbedtls_free(md1); |
| 1620 | |
| 1621 | return ret; |
| 1622 | } |
| 1623 | |
| Gilles Peskine | 9099d3f | 2023-09-18 13:11:50 +0200 | [diff] [blame] | 1624 | #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) |
| 1625 | int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record, |
| 1626 | mbedtls_ssl_transform *transform_out) |
| 1627 | { |
| 1628 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1629 | psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; |
| 1630 | #endif |
| 1631 | |
| 1632 | /* Serialized version of record header for MAC purposes */ |
| 1633 | unsigned char add_data[13]; |
| 1634 | memcpy(add_data, record->ctr, 8); |
| 1635 | add_data[8] = record->type; |
| 1636 | add_data[9] = record->ver[0]; |
| 1637 | add_data[10] = record->ver[1]; |
| 1638 | add_data[11] = (record->data_len >> 8) & 0xff; |
| 1639 | add_data[12] = (record->data_len >> 0) & 0xff; |
| 1640 | |
| 1641 | /* MAC with additional data */ |
| 1642 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1643 | size_t sign_mac_length = 0; |
| 1644 | TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_setup(&operation, |
| 1645 | transform_out->psa_mac_enc, |
| 1646 | transform_out->psa_mac_alg)); |
| 1647 | TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, add_data, 13)); |
| 1648 | TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, |
| 1649 | record->buf + record->data_offset, |
| 1650 | record->data_len)); |
| 1651 | /* Use a temporary buffer for the MAC, because with the truncated HMAC |
| 1652 | * extension, there might not be enough room in the record for the |
| 1653 | * full-length MAC. */ |
| 1654 | unsigned char mac[PSA_HASH_MAX_SIZE]; |
| 1655 | TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_finish(&operation, |
| 1656 | mac, sizeof(mac), |
| 1657 | &sign_mac_length)); |
| 1658 | #else |
| 1659 | TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, add_data, 13)); |
| 1660 | TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, |
| 1661 | record->buf + record->data_offset, |
| 1662 | record->data_len)); |
| 1663 | /* Use a temporary buffer for the MAC, because with the truncated HMAC |
| 1664 | * extension, there might not be enough room in the record for the |
| 1665 | * full-length MAC. */ |
| 1666 | unsigned char mac[MBEDTLS_MD_MAX_SIZE]; |
| 1667 | TEST_EQUAL(0, mbedtls_md_hmac_finish(&transform_out->md_ctx_enc, mac)); |
| 1668 | #endif |
| 1669 | memcpy(record->buf + record->data_offset + record->data_len, mac, transform_out->maclen); |
| 1670 | record->data_len += transform_out->maclen; |
| 1671 | |
| 1672 | return 0; |
| 1673 | |
| 1674 | exit: |
| 1675 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1676 | psa_mac_abort(&operation); |
| 1677 | #endif |
| 1678 | return -1; |
| 1679 | } |
| 1680 | #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ |
| 1681 | |
| Jerry Yu | 28547c4 | 2023-10-31 14:42:50 +0800 | [diff] [blame] | 1682 | #if defined(MBEDTLS_SSL_PROTO_TLS1_2) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1683 | int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, |
| 1684 | int ticket_len, |
| Ronald Cron | 7b1921a | 2023-11-23 12:31:56 +0100 | [diff] [blame] | 1685 | int endpoint_type, |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1686 | const char *crt_file) |
| 1687 | { |
| Ronald Cron | c57f86e | 2023-11-22 09:50:01 +0100 | [diff] [blame] | 1688 | (void) ticket_len; |
| 1689 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1690 | #if defined(MBEDTLS_HAVE_TIME) |
| 1691 | session->start = mbedtls_time(NULL) - 42; |
| 1692 | #endif |
| 1693 | session->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; |
| Ronald Cron | c7fa82e | 2024-02-09 09:33:09 +0100 | [diff] [blame] | 1694 | |
| 1695 | TEST_ASSERT(endpoint_type == MBEDTLS_SSL_IS_CLIENT || |
| 1696 | endpoint_type == MBEDTLS_SSL_IS_SERVER); |
| 1697 | |
| 1698 | session->endpoint = endpoint_type; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1699 | session->ciphersuite = 0xabcd; |
| 1700 | session->id_len = sizeof(session->id); |
| 1701 | memset(session->id, 66, session->id_len); |
| 1702 | memset(session->master, 17, sizeof(session->master)); |
| 1703 | |
| 1704 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && defined(MBEDTLS_FS_IO) |
| 1705 | if (crt_file != NULL && strlen(crt_file) != 0) { |
| 1706 | mbedtls_x509_crt tmp_crt; |
| 1707 | int ret; |
| 1708 | |
| 1709 | mbedtls_x509_crt_init(&tmp_crt); |
| 1710 | ret = mbedtls_x509_crt_parse_file(&tmp_crt, crt_file); |
| 1711 | if (ret != 0) { |
| 1712 | return ret; |
| 1713 | } |
| 1714 | |
| 1715 | #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) |
| 1716 | /* Move temporary CRT. */ |
| 1717 | session->peer_cert = mbedtls_calloc(1, sizeof(*session->peer_cert)); |
| 1718 | if (session->peer_cert == NULL) { |
| 1719 | return -1; |
| 1720 | } |
| 1721 | *session->peer_cert = tmp_crt; |
| 1722 | memset(&tmp_crt, 0, sizeof(tmp_crt)); |
| 1723 | #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ |
| 1724 | /* Calculate digest of temporary CRT. */ |
| 1725 | session->peer_cert_digest = |
| 1726 | mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN); |
| 1727 | if (session->peer_cert_digest == NULL) { |
| 1728 | return -1; |
| 1729 | } |
| 1730 | |
| 1731 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| Manuel Pégourié-Gonnard | 2d6d993 | 2023-03-28 11:38:08 +0200 | [diff] [blame] | 1732 | psa_algorithm_t psa_alg = mbedtls_md_psa_alg_from_type( |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1733 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE); |
| 1734 | size_t hash_size = 0; |
| 1735 | psa_status_t status = psa_hash_compute( |
| 1736 | psa_alg, tmp_crt.raw.p, |
| 1737 | tmp_crt.raw.len, |
| 1738 | session->peer_cert_digest, |
| 1739 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN, |
| 1740 | &hash_size); |
| 1741 | ret = PSA_TO_MBEDTLS_ERR(status); |
| 1742 | #else |
| 1743 | ret = mbedtls_md(mbedtls_md_info_from_type( |
| 1744 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE), |
| 1745 | tmp_crt.raw.p, tmp_crt.raw.len, |
| 1746 | session->peer_cert_digest); |
| 1747 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
| 1748 | if (ret != 0) { |
| 1749 | return ret; |
| 1750 | } |
| 1751 | session->peer_cert_digest_type = |
| 1752 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; |
| 1753 | session->peer_cert_digest_len = |
| 1754 | MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; |
| 1755 | #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ |
| 1756 | |
| 1757 | mbedtls_x509_crt_free(&tmp_crt); |
| 1758 | } |
| 1759 | #else /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ |
| 1760 | (void) crt_file; |
| 1761 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ |
| 1762 | session->verify_result = 0xdeadbeef; |
| 1763 | |
| Ronald Cron | c57f86e | 2023-11-22 09:50:01 +0100 | [diff] [blame] | 1764 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| 1765 | #if defined(MBEDTLS_SSL_CLI_C) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1766 | if (ticket_len != 0) { |
| 1767 | session->ticket = mbedtls_calloc(1, ticket_len); |
| 1768 | if (session->ticket == NULL) { |
| 1769 | return -1; |
| 1770 | } |
| 1771 | memset(session->ticket, 33, ticket_len); |
| 1772 | } |
| 1773 | session->ticket_len = ticket_len; |
| 1774 | session->ticket_lifetime = 86401; |
| Ronald Cron | c57f86e | 2023-11-22 09:50:01 +0100 | [diff] [blame] | 1775 | #endif /* MBEDTLS_SSL_CLI_C */ |
| 1776 | |
| 1777 | #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_HAVE_TIME) |
| 1778 | if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { |
| 1779 | session->ticket_creation_time = mbedtls_ms_time() - 42; |
| 1780 | } |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1781 | #endif |
| Ronald Cron | c57f86e | 2023-11-22 09:50:01 +0100 | [diff] [blame] | 1782 | #endif /* MBEDTLS_SSL_SESSION_TICKETS */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1783 | |
| 1784 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
| 1785 | session->mfl_code = 1; |
| 1786 | #endif |
| 1787 | #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) |
| 1788 | session->encrypt_then_mac = 1; |
| 1789 | #endif |
| 1790 | |
| Ronald Cron | c7fa82e | 2024-02-09 09:33:09 +0100 | [diff] [blame] | 1791 | exit: |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1792 | return 0; |
| 1793 | } |
| Jerry Yu | 28547c4 | 2023-10-31 14:42:50 +0800 | [diff] [blame] | 1794 | #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1795 | |
| 1796 | #if defined(MBEDTLS_SSL_PROTO_TLS1_3) |
| 1797 | int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, |
| 1798 | int ticket_len, |
| 1799 | int endpoint_type) |
| 1800 | { |
| 1801 | ((void) ticket_len); |
| 1802 | session->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; |
| 1803 | session->endpoint = endpoint_type == MBEDTLS_SSL_IS_CLIENT ? |
| 1804 | MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER; |
| 1805 | session->ciphersuite = 0xabcd; |
| Ronald Cron | 18b92a1 | 2024-03-26 10:15:08 +0100 | [diff] [blame] | 1806 | |
| 1807 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1808 | session->ticket_age_add = 0x87654321; |
| 1809 | session->ticket_flags = 0x7; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1810 | session->resumption_key_len = 32; |
| 1811 | memset(session->resumption_key, 0x99, sizeof(session->resumption_key)); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1812 | #endif |
| 1813 | |
| Ronald Cron | 18b92a1 | 2024-03-26 10:15:08 +0100 | [diff] [blame] | 1814 | #if defined(MBEDTLS_SSL_SRV_C) |
| 1815 | if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { |
| 1816 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| 1817 | #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_ALPN) |
| 1818 | int ret = mbedtls_ssl_session_set_ticket_alpn(session, "ALPNExample"); |
| 1819 | if (ret != 0) { |
| 1820 | return -1; |
| 1821 | } |
| 1822 | #endif |
| 1823 | #if defined(MBEDTLS_HAVE_TIME) |
| 1824 | session->ticket_creation_time = mbedtls_ms_time() - 42; |
| 1825 | #endif |
| 1826 | #endif /* MBEDTLS_SSL_SESSION_TICKETS */ |
| 1827 | } |
| 1828 | #endif /* MBEDTLS_SSL_SRV_C */ |
| 1829 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1830 | #if defined(MBEDTLS_SSL_CLI_C) |
| 1831 | if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { |
| Ronald Cron | 18b92a1 | 2024-03-26 10:15:08 +0100 | [diff] [blame] | 1832 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1833 | #if defined(MBEDTLS_HAVE_TIME) |
| Jerry Yu | 342a555 | 2023-11-10 14:23:39 +0800 | [diff] [blame] | 1834 | session->ticket_reception_time = mbedtls_ms_time() - 40; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1835 | #endif |
| 1836 | session->ticket_lifetime = 0xfedcba98; |
| 1837 | |
| 1838 | session->ticket_len = ticket_len; |
| 1839 | if (ticket_len != 0) { |
| 1840 | session->ticket = mbedtls_calloc(1, ticket_len); |
| 1841 | if (session->ticket == NULL) { |
| 1842 | return -1; |
| 1843 | } |
| 1844 | memset(session->ticket, 33, ticket_len); |
| 1845 | } |
| Ronald Cron | 8d15e01 | 2024-03-27 09:30:13 +0100 | [diff] [blame] | 1846 | #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) |
| 1847 | char hostname[] = "hostname example"; |
| 1848 | session->hostname = mbedtls_calloc(1, sizeof(hostname)); |
| 1849 | if (session->hostname == NULL) { |
| 1850 | return -1; |
| 1851 | } |
| 1852 | memcpy(session->hostname, hostname, sizeof(hostname)); |
| 1853 | #endif |
| Ronald Cron | 18b92a1 | 2024-03-26 10:15:08 +0100 | [diff] [blame] | 1854 | #endif /* MBEDTLS_SSL_SESSION_TICKETS */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1855 | } |
| 1856 | #endif /* MBEDTLS_SSL_CLI_C */ |
| 1857 | |
| Ronald Cron | 18b92a1 | 2024-03-26 10:15:08 +0100 | [diff] [blame] | 1858 | #if defined(MBEDTLS_SSL_EARLY_DATA) |
| 1859 | session->max_early_data_size = 0x87654321; |
| 1860 | #endif /* MBEDTLS_SSL_EARLY_DATA */ |
| 1861 | |
| Waleed Elmelegy | 049cd30 | 2023-12-20 17:28:31 +0000 | [diff] [blame] | 1862 | #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) |
| 1863 | session->record_size_limit = 2048; |
| 1864 | #endif |
| 1865 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1866 | return 0; |
| 1867 | } |
| 1868 | #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ |
| 1869 | |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 1870 | int mbedtls_test_ssl_exchange_data( |
| 1871 | mbedtls_ssl_context *ssl_1, |
| 1872 | int msg_len_1, const int expected_fragments_1, |
| 1873 | mbedtls_ssl_context *ssl_2, |
| 1874 | int msg_len_2, const int expected_fragments_2) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1875 | { |
| 1876 | unsigned char *msg_buf_1 = malloc(msg_len_1); |
| 1877 | unsigned char *msg_buf_2 = malloc(msg_len_2); |
| 1878 | unsigned char *in_buf_1 = malloc(msg_len_2); |
| 1879 | unsigned char *in_buf_2 = malloc(msg_len_1); |
| 1880 | int msg_type, ret = -1; |
| 1881 | |
| 1882 | /* Perform this test with two message types. At first use a message |
| 1883 | * consisting of only 0x00 for the client and only 0xFF for the server. |
| 1884 | * At the second time use message with generated data */ |
| 1885 | for (msg_type = 0; msg_type < 2; msg_type++) { |
| 1886 | int written_1 = 0; |
| 1887 | int written_2 = 0; |
| 1888 | int read_1 = 0; |
| 1889 | int read_2 = 0; |
| 1890 | int fragments_1 = 0; |
| 1891 | int fragments_2 = 0; |
| 1892 | |
| 1893 | if (msg_type == 0) { |
| 1894 | memset(msg_buf_1, 0x00, msg_len_1); |
| 1895 | memset(msg_buf_2, 0xff, msg_len_2); |
| 1896 | } else { |
| 1897 | int i, j = 0; |
| 1898 | for (i = 0; i < msg_len_1; i++) { |
| 1899 | msg_buf_1[i] = j++ & 0xFF; |
| 1900 | } |
| 1901 | for (i = 0; i < msg_len_2; i++) { |
| 1902 | msg_buf_2[i] = (j -= 5) & 0xFF; |
| 1903 | } |
| 1904 | } |
| 1905 | |
| 1906 | while (read_1 < msg_len_2 || read_2 < msg_len_1) { |
| 1907 | /* ssl_1 sending */ |
| 1908 | if (msg_len_1 > written_1) { |
| 1909 | ret = mbedtls_ssl_write_fragment(ssl_1, msg_buf_1, |
| 1910 | msg_len_1, &written_1, |
| 1911 | expected_fragments_1); |
| 1912 | if (expected_fragments_1 == 0) { |
| 1913 | /* This error is expected when the message is too large and |
| 1914 | * cannot be fragmented */ |
| 1915 | TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); |
| 1916 | msg_len_1 = 0; |
| 1917 | } else { |
| 1918 | TEST_ASSERT(ret == 0); |
| 1919 | } |
| 1920 | } |
| 1921 | |
| 1922 | /* ssl_2 sending */ |
| 1923 | if (msg_len_2 > written_2) { |
| 1924 | ret = mbedtls_ssl_write_fragment(ssl_2, msg_buf_2, |
| 1925 | msg_len_2, &written_2, |
| 1926 | expected_fragments_2); |
| 1927 | if (expected_fragments_2 == 0) { |
| 1928 | /* This error is expected when the message is too large and |
| 1929 | * cannot be fragmented */ |
| 1930 | TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); |
| 1931 | msg_len_2 = 0; |
| 1932 | } else { |
| 1933 | TEST_ASSERT(ret == 0); |
| 1934 | } |
| 1935 | } |
| 1936 | |
| 1937 | /* ssl_1 reading */ |
| 1938 | if (read_1 < msg_len_2) { |
| 1939 | ret = mbedtls_ssl_read_fragment(ssl_1, in_buf_1, |
| 1940 | msg_len_2, &read_1, |
| 1941 | &fragments_2, |
| 1942 | expected_fragments_2); |
| 1943 | TEST_ASSERT(ret == 0); |
| 1944 | } |
| 1945 | |
| 1946 | /* ssl_2 reading */ |
| 1947 | if (read_2 < msg_len_1) { |
| 1948 | ret = mbedtls_ssl_read_fragment(ssl_2, in_buf_2, |
| 1949 | msg_len_1, &read_2, |
| 1950 | &fragments_1, |
| 1951 | expected_fragments_1); |
| 1952 | TEST_ASSERT(ret == 0); |
| 1953 | } |
| 1954 | } |
| 1955 | |
| 1956 | ret = -1; |
| 1957 | TEST_ASSERT(0 == memcmp(msg_buf_1, in_buf_2, msg_len_1)); |
| 1958 | TEST_ASSERT(0 == memcmp(msg_buf_2, in_buf_1, msg_len_2)); |
| 1959 | TEST_ASSERT(fragments_1 == expected_fragments_1); |
| 1960 | TEST_ASSERT(fragments_2 == expected_fragments_2); |
| 1961 | } |
| 1962 | |
| 1963 | ret = 0; |
| 1964 | |
| 1965 | exit: |
| 1966 | free(msg_buf_1); |
| 1967 | free(in_buf_1); |
| 1968 | free(msg_buf_2); |
| 1969 | free(in_buf_2); |
| 1970 | |
| 1971 | return ret; |
| 1972 | } |
| 1973 | |
| 1974 | /* |
| 1975 | * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints |
| 1976 | * must be initialized and connected beforehand. |
| 1977 | * |
| 1978 | * \retval 0 on success, otherwise error code. |
| 1979 | */ |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1980 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \ |
| 1981 | (defined(MBEDTLS_SSL_RENEGOTIATION) || \ |
| 1982 | defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)) |
| 1983 | static int exchange_data(mbedtls_ssl_context *ssl_1, |
| 1984 | mbedtls_ssl_context *ssl_2) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1985 | { |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 1986 | return mbedtls_test_ssl_exchange_data(ssl_1, 256, 1, |
| 1987 | ssl_2, 256, 1); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1988 | } |
| Yanray Wang | ead70c8 | 2023-03-16 12:04:49 +0800 | [diff] [blame] | 1989 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && |
| 1990 | (MBEDTLS_SSL_RENEGOTIATION || |
| 1991 | MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) */ |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 1992 | |
| 1993 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| 1994 | static int check_ssl_version( |
| 1995 | mbedtls_ssl_protocol_version expected_negotiated_version, |
| 1996 | const mbedtls_ssl_context *ssl) |
| 1997 | { |
| 1998 | const char *version_string = mbedtls_ssl_get_version(ssl); |
| 1999 | mbedtls_ssl_protocol_version version_number = |
| 2000 | mbedtls_ssl_get_version_number(ssl); |
| 2001 | |
| 2002 | TEST_EQUAL(ssl->tls_version, expected_negotiated_version); |
| 2003 | |
| 2004 | if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { |
| 2005 | TEST_EQUAL(version_string[0], 'D'); |
| 2006 | ++version_string; |
| 2007 | } |
| 2008 | |
| 2009 | switch (expected_negotiated_version) { |
| 2010 | case MBEDTLS_SSL_VERSION_TLS1_2: |
| 2011 | TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_2); |
| 2012 | TEST_ASSERT(strcmp(version_string, "TLSv1.2") == 0); |
| 2013 | break; |
| 2014 | |
| 2015 | case MBEDTLS_SSL_VERSION_TLS1_3: |
| 2016 | TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_3); |
| 2017 | TEST_ASSERT(strcmp(version_string, "TLSv1.3") == 0); |
| 2018 | break; |
| 2019 | |
| 2020 | default: |
| Agathiyan Bragadeesh | dc28a5a | 2023-07-18 11:45:28 +0100 | [diff] [blame] | 2021 | TEST_FAIL( |
| Agathiyan Bragadeesh | ebb40bc | 2023-07-14 17:28:27 +0100 | [diff] [blame] | 2022 | "Version check not implemented for this protocol version"); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2023 | } |
| 2024 | |
| 2025 | return 1; |
| 2026 | |
| 2027 | exit: |
| 2028 | return 0; |
| 2029 | } |
| 2030 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ |
| 2031 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2032 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| 2033 | void mbedtls_test_ssl_perform_handshake( |
| 2034 | mbedtls_test_handshake_test_options *options) |
| 2035 | { |
| 2036 | /* forced_ciphersuite needs to last until the end of the handshake */ |
| 2037 | int forced_ciphersuite[2]; |
| 2038 | enum { BUFFSIZE = 17000 }; |
| 2039 | mbedtls_test_ssl_endpoint client, server; |
| 2040 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) |
| 2041 | const char *psk_identity = "foo"; |
| 2042 | #endif |
| 2043 | #if defined(MBEDTLS_TIMING_C) |
| 2044 | mbedtls_timing_delay_context timer_client, timer_server; |
| 2045 | #endif |
| 2046 | #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) |
| 2047 | unsigned char *context_buf = NULL; |
| 2048 | size_t context_buf_len; |
| 2049 | #endif |
| 2050 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 2051 | int ret = -1; |
| 2052 | #endif |
| 2053 | int expected_handshake_result = options->expected_handshake_result; |
| 2054 | |
| Manuel Pégourié-Gonnard | 23fc437 | 2023-03-17 13:34:11 +0100 | [diff] [blame] | 2055 | MD_OR_USE_PSA_INIT(); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2056 | mbedtls_platform_zeroize(&client, sizeof(client)); |
| 2057 | mbedtls_platform_zeroize(&server, sizeof(server)); |
| 2058 | mbedtls_test_ssl_message_queue server_queue, client_queue; |
| 2059 | mbedtls_test_message_socket_context server_context, client_context; |
| 2060 | mbedtls_test_message_socket_init(&server_context); |
| 2061 | mbedtls_test_message_socket_init(&client_context); |
| 2062 | |
| Ronald Cron | ec3408d | 2024-01-16 17:50:40 +0100 | [diff] [blame] | 2063 | #if defined(MBEDTLS_DEBUG_C) |
| 2064 | if (options->cli_log_fun || options->srv_log_fun) { |
| 2065 | mbedtls_debug_set_threshold(4); |
| 2066 | } |
| 2067 | #endif |
| 2068 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2069 | /* Client side */ |
| 2070 | if (options->dtls != 0) { |
| 2071 | TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, |
| 2072 | MBEDTLS_SSL_IS_CLIENT, |
| 2073 | options, &client_context, |
| 2074 | &client_queue, |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 2075 | &server_queue) == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2076 | #if defined(MBEDTLS_TIMING_C) |
| 2077 | mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client, |
| 2078 | mbedtls_timing_set_delay, |
| 2079 | mbedtls_timing_get_delay); |
| 2080 | #endif |
| 2081 | } else { |
| 2082 | TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, |
| 2083 | MBEDTLS_SSL_IS_CLIENT, |
| 2084 | options, NULL, NULL, |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 2085 | NULL) == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2086 | } |
| 2087 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2088 | if (strlen(options->cipher) > 0) { |
| 2089 | set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite); |
| 2090 | } |
| 2091 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2092 | /* Server side */ |
| 2093 | if (options->dtls != 0) { |
| 2094 | TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, |
| 2095 | MBEDTLS_SSL_IS_SERVER, |
| 2096 | options, &server_context, |
| 2097 | &server_queue, |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 2098 | &client_queue) == 0); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2099 | #if defined(MBEDTLS_TIMING_C) |
| 2100 | mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, |
| 2101 | mbedtls_timing_set_delay, |
| 2102 | mbedtls_timing_get_delay); |
| 2103 | #endif |
| 2104 | } else { |
| 2105 | TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, |
| 2106 | MBEDTLS_SSL_IS_SERVER, |
| Ronald Cron | fb53647 | 2024-01-26 14:55:25 +0100 | [diff] [blame] | 2107 | options, NULL, NULL, |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2108 | NULL) == 0); |
| 2109 | } |
| 2110 | |
| 2111 | mbedtls_ssl_conf_authmode(&server.conf, options->srv_auth_mode); |
| 2112 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2113 | #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) |
| 2114 | TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(server.conf), |
| 2115 | (unsigned char) options->mfl) |
| 2116 | == 0); |
| 2117 | TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(client.conf), |
| 2118 | (unsigned char) options->mfl) |
| 2119 | == 0); |
| 2120 | #else |
| 2121 | TEST_ASSERT(MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl); |
| 2122 | #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ |
| 2123 | |
| 2124 | #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) |
| 2125 | if (options->psk_str != NULL && options->psk_str->len > 0) { |
| 2126 | TEST_ASSERT(mbedtls_ssl_conf_psk( |
| 2127 | &client.conf, options->psk_str->x, |
| 2128 | options->psk_str->len, |
| 2129 | (const unsigned char *) psk_identity, |
| 2130 | strlen(psk_identity)) == 0); |
| 2131 | |
| 2132 | TEST_ASSERT(mbedtls_ssl_conf_psk( |
| 2133 | &server.conf, options->psk_str->x, |
| 2134 | options->psk_str->len, |
| 2135 | (const unsigned char *) psk_identity, |
| 2136 | strlen(psk_identity)) == 0); |
| 2137 | #if defined(MBEDTLS_SSL_SRV_C) |
| 2138 | mbedtls_ssl_conf_psk_cb(&server.conf, psk_dummy_callback, NULL); |
| 2139 | #endif |
| 2140 | } |
| 2141 | #endif |
| 2142 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 2143 | if (options->renegotiate) { |
| 2144 | mbedtls_ssl_conf_renegotiation(&(server.conf), |
| 2145 | MBEDTLS_SSL_RENEGOTIATION_ENABLED); |
| 2146 | mbedtls_ssl_conf_renegotiation(&(client.conf), |
| 2147 | MBEDTLS_SSL_RENEGOTIATION_ENABLED); |
| 2148 | |
| 2149 | mbedtls_ssl_conf_legacy_renegotiation(&(server.conf), |
| 2150 | options->legacy_renegotiation); |
| 2151 | mbedtls_ssl_conf_legacy_renegotiation(&(client.conf), |
| 2152 | options->legacy_renegotiation); |
| 2153 | } |
| 2154 | #endif /* MBEDTLS_SSL_RENEGOTIATION */ |
| 2155 | |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2156 | TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket), |
| 2157 | &(server.socket), |
| 2158 | BUFFSIZE) == 0); |
| 2159 | |
| 2160 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2161 | if (options->resize_buffers != 0) { |
| 2162 | /* Ensure that the buffer sizes are appropriate before resizes */ |
| 2163 | TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); |
| 2164 | TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); |
| 2165 | TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); |
| 2166 | TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); |
| 2167 | } |
| 2168 | #endif |
| 2169 | |
| 2170 | if (options->expected_negotiated_version == MBEDTLS_SSL_VERSION_UNKNOWN) { |
| 2171 | expected_handshake_result = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; |
| 2172 | } |
| 2173 | |
| 2174 | TEST_ASSERT(mbedtls_test_move_handshake_to_state(&(client.ssl), |
| 2175 | &(server.ssl), |
| 2176 | MBEDTLS_SSL_HANDSHAKE_OVER) |
| 2177 | == expected_handshake_result); |
| 2178 | |
| 2179 | if (expected_handshake_result != 0) { |
| 2180 | /* Connection will have failed by this point, skip to cleanup */ |
| 2181 | goto exit; |
| 2182 | } |
| 2183 | |
| 2184 | TEST_ASSERT(mbedtls_ssl_is_handshake_over(&client.ssl) == 1); |
| 2185 | |
| 2186 | /* Make sure server state is moved to HANDSHAKE_OVER also. */ |
| 2187 | TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(server.ssl), |
| 2188 | &(client.ssl), |
| 2189 | MBEDTLS_SSL_HANDSHAKE_OVER), |
| 2190 | 0); |
| 2191 | |
| 2192 | TEST_ASSERT(mbedtls_ssl_is_handshake_over(&server.ssl) == 1); |
| 2193 | /* Check that both sides have negotiated the expected version. */ |
| 2194 | mbedtls_test_set_step(0); |
| 2195 | if (!check_ssl_version(options->expected_negotiated_version, |
| 2196 | &client.ssl)) { |
| 2197 | goto exit; |
| 2198 | } |
| 2199 | |
| 2200 | mbedtls_test_set_step(1); |
| 2201 | if (!check_ssl_version(options->expected_negotiated_version, |
| 2202 | &server.ssl)) { |
| 2203 | goto exit; |
| 2204 | } |
| 2205 | |
| 2206 | if (options->expected_ciphersuite != 0) { |
| 2207 | TEST_EQUAL(server.ssl.session->ciphersuite, |
| 2208 | options->expected_ciphersuite); |
| 2209 | } |
| 2210 | |
| 2211 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2212 | if (options->resize_buffers != 0) { |
| 2213 | /* A server, when using DTLS, might delay a buffer resize to happen |
| 2214 | * after it receives a message, so we force it. */ |
| 2215 | TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); |
| 2216 | |
| 2217 | TEST_ASSERT(client.ssl.out_buf_len == |
| 2218 | mbedtls_ssl_get_output_buflen(&client.ssl)); |
| 2219 | TEST_ASSERT(client.ssl.in_buf_len == |
| 2220 | mbedtls_ssl_get_input_buflen(&client.ssl)); |
| 2221 | TEST_ASSERT(server.ssl.out_buf_len == |
| 2222 | mbedtls_ssl_get_output_buflen(&server.ssl)); |
| 2223 | TEST_ASSERT(server.ssl.in_buf_len == |
| 2224 | mbedtls_ssl_get_input_buflen(&server.ssl)); |
| 2225 | } |
| 2226 | #endif |
| 2227 | |
| 2228 | if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { |
| 2229 | /* Start data exchanging test */ |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 2230 | TEST_ASSERT(mbedtls_test_ssl_exchange_data( |
| 2231 | &(client.ssl), options->cli_msg_len, |
| 2232 | options->expected_cli_fragments, |
| 2233 | &(server.ssl), options->srv_msg_len, |
| 2234 | options->expected_srv_fragments) |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2235 | == 0); |
| 2236 | } |
| 2237 | #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) |
| 2238 | if (options->serialize == 1) { |
| 2239 | TEST_ASSERT(options->dtls == 1); |
| 2240 | |
| 2241 | TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), NULL, |
| 2242 | 0, &context_buf_len) |
| 2243 | == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); |
| 2244 | |
| 2245 | context_buf = mbedtls_calloc(1, context_buf_len); |
| 2246 | TEST_ASSERT(context_buf != NULL); |
| 2247 | |
| 2248 | TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), context_buf, |
| 2249 | context_buf_len, |
| 2250 | &context_buf_len) |
| 2251 | == 0); |
| 2252 | |
| 2253 | mbedtls_ssl_free(&(server.ssl)); |
| 2254 | mbedtls_ssl_init(&(server.ssl)); |
| 2255 | |
| 2256 | TEST_ASSERT(mbedtls_ssl_setup(&(server.ssl), &(server.conf)) == 0); |
| 2257 | |
| 2258 | mbedtls_ssl_set_bio(&(server.ssl), &server_context, |
| 2259 | mbedtls_test_mock_tcp_send_msg, |
| 2260 | mbedtls_test_mock_tcp_recv_msg, |
| 2261 | NULL); |
| 2262 | |
| 2263 | mbedtls_ssl_set_user_data_p(&server.ssl, &server); |
| 2264 | |
| 2265 | #if defined(MBEDTLS_TIMING_C) |
| 2266 | mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, |
| 2267 | mbedtls_timing_set_delay, |
| 2268 | mbedtls_timing_get_delay); |
| 2269 | #endif |
| 2270 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2271 | if (options->resize_buffers != 0) { |
| 2272 | /* Ensure that the buffer sizes are appropriate before resizes */ |
| 2273 | TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); |
| 2274 | TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); |
| 2275 | } |
| 2276 | #endif |
| 2277 | TEST_ASSERT(mbedtls_ssl_context_load(&(server.ssl), context_buf, |
| 2278 | context_buf_len) == 0); |
| 2279 | |
| 2280 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2281 | /* Validate buffer sizes after context deserialization */ |
| 2282 | if (options->resize_buffers != 0) { |
| 2283 | TEST_ASSERT(server.ssl.out_buf_len == |
| 2284 | mbedtls_ssl_get_output_buflen(&server.ssl)); |
| 2285 | TEST_ASSERT(server.ssl.in_buf_len == |
| 2286 | mbedtls_ssl_get_input_buflen(&server.ssl)); |
| 2287 | } |
| 2288 | #endif |
| 2289 | /* Retest writing/reading */ |
| 2290 | if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 2291 | TEST_ASSERT(mbedtls_test_ssl_exchange_data( |
| 2292 | &(client.ssl), options->cli_msg_len, |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2293 | options->expected_cli_fragments, |
| Yanray Wang | b088bfc | 2023-03-16 12:15:49 +0800 | [diff] [blame] | 2294 | &(server.ssl), options->srv_msg_len, |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2295 | options->expected_srv_fragments) |
| 2296 | == 0); |
| 2297 | } |
| 2298 | } |
| 2299 | #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ |
| 2300 | |
| 2301 | #if defined(MBEDTLS_SSL_RENEGOTIATION) |
| 2302 | if (options->renegotiate) { |
| 2303 | /* Start test with renegotiation */ |
| 2304 | TEST_ASSERT(server.ssl.renego_status == |
| 2305 | MBEDTLS_SSL_INITIAL_HANDSHAKE); |
| 2306 | TEST_ASSERT(client.ssl.renego_status == |
| 2307 | MBEDTLS_SSL_INITIAL_HANDSHAKE); |
| 2308 | |
| 2309 | /* After calling this function for the server, it only sends a handshake |
| 2310 | * request. All renegotiation should happen during data exchanging */ |
| 2311 | TEST_ASSERT(mbedtls_ssl_renegotiate(&(server.ssl)) == 0); |
| 2312 | TEST_ASSERT(server.ssl.renego_status == |
| 2313 | MBEDTLS_SSL_RENEGOTIATION_PENDING); |
| 2314 | TEST_ASSERT(client.ssl.renego_status == |
| 2315 | MBEDTLS_SSL_INITIAL_HANDSHAKE); |
| 2316 | |
| 2317 | TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); |
| 2318 | TEST_ASSERT(server.ssl.renego_status == |
| 2319 | MBEDTLS_SSL_RENEGOTIATION_DONE); |
| 2320 | TEST_ASSERT(client.ssl.renego_status == |
| 2321 | MBEDTLS_SSL_RENEGOTIATION_DONE); |
| 2322 | |
| 2323 | /* After calling mbedtls_ssl_renegotiate for the client, |
| 2324 | * all renegotiation should happen inside this function. |
| 2325 | * However in this test, we cannot perform simultaneous communication |
| 2326 | * between client and server so this function will return waiting error |
| 2327 | * on the socket. All rest of renegotiation should happen |
| 2328 | * during data exchanging */ |
| 2329 | ret = mbedtls_ssl_renegotiate(&(client.ssl)); |
| 2330 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2331 | if (options->resize_buffers != 0) { |
| 2332 | /* Ensure that the buffer sizes are appropriate before resizes */ |
| 2333 | TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); |
| 2334 | TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); |
| 2335 | } |
| 2336 | #endif |
| 2337 | TEST_ASSERT(ret == 0 || |
| 2338 | ret == MBEDTLS_ERR_SSL_WANT_READ || |
| 2339 | ret == MBEDTLS_ERR_SSL_WANT_WRITE); |
| 2340 | TEST_ASSERT(server.ssl.renego_status == |
| 2341 | MBEDTLS_SSL_RENEGOTIATION_DONE); |
| 2342 | TEST_ASSERT(client.ssl.renego_status == |
| 2343 | MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS); |
| 2344 | |
| 2345 | TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); |
| 2346 | TEST_ASSERT(server.ssl.renego_status == |
| 2347 | MBEDTLS_SSL_RENEGOTIATION_DONE); |
| 2348 | TEST_ASSERT(client.ssl.renego_status == |
| 2349 | MBEDTLS_SSL_RENEGOTIATION_DONE); |
| 2350 | #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) |
| 2351 | /* Validate buffer sizes after renegotiation */ |
| 2352 | if (options->resize_buffers != 0) { |
| 2353 | TEST_ASSERT(client.ssl.out_buf_len == |
| 2354 | mbedtls_ssl_get_output_buflen(&client.ssl)); |
| 2355 | TEST_ASSERT(client.ssl.in_buf_len == |
| 2356 | mbedtls_ssl_get_input_buflen(&client.ssl)); |
| 2357 | TEST_ASSERT(server.ssl.out_buf_len == |
| 2358 | mbedtls_ssl_get_output_buflen(&server.ssl)); |
| 2359 | TEST_ASSERT(server.ssl.in_buf_len == |
| 2360 | mbedtls_ssl_get_input_buflen(&server.ssl)); |
| 2361 | } |
| 2362 | #endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ |
| 2363 | } |
| 2364 | #endif /* MBEDTLS_SSL_RENEGOTIATION */ |
| 2365 | |
| 2366 | TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&client.conf) == &client); |
| 2367 | TEST_ASSERT(mbedtls_ssl_get_user_data_p(&client.ssl) == &client); |
| 2368 | TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&server.conf) == &server); |
| 2369 | TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server.ssl) == &server); |
| 2370 | |
| 2371 | exit: |
| 2372 | mbedtls_test_ssl_endpoint_free(&client, |
| Yanray Wang | af727a2 | 2023-03-13 19:22:36 +0800 | [diff] [blame] | 2373 | options->dtls != 0 ? &client_context : NULL); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2374 | mbedtls_test_ssl_endpoint_free(&server, |
| Yanray Wang | af727a2 | 2023-03-13 19:22:36 +0800 | [diff] [blame] | 2375 | options->dtls != 0 ? &server_context : NULL); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2376 | #if defined(MBEDTLS_DEBUG_C) |
| 2377 | if (options->cli_log_fun || options->srv_log_fun) { |
| 2378 | mbedtls_debug_set_threshold(0); |
| 2379 | } |
| 2380 | #endif |
| 2381 | #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) |
| 2382 | if (context_buf != NULL) { |
| 2383 | mbedtls_free(context_buf); |
| 2384 | } |
| 2385 | #endif |
| Manuel Pégourié-Gonnard | 23fc437 | 2023-03-17 13:34:11 +0100 | [diff] [blame] | 2386 | MD_OR_USE_PSA_DONE(); |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2387 | } |
| 2388 | #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ |
| 2389 | |
| 2390 | #if defined(MBEDTLS_TEST_HOOKS) |
| Yanray Wang | f56181a | 2023-03-16 12:21:33 +0800 | [diff] [blame] | 2391 | int mbedtls_test_tweak_tls13_certificate_msg_vector_len( |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2392 | unsigned char *buf, unsigned char **end, int tweak, |
| 2393 | int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args) |
| 2394 | { |
| 2395 | /* |
| 2396 | * The definition of the tweaks assume that the certificate list contains only |
| 2397 | * one certificate. |
| 2398 | */ |
| 2399 | |
| 2400 | /* |
| 2401 | * struct { |
| 2402 | * opaque cert_data<1..2^24-1>; |
| 2403 | * Extension extensions<0..2^16-1>; |
| 2404 | * } CertificateEntry; |
| 2405 | * |
| 2406 | * struct { |
| 2407 | * opaque certificate_request_context<0..2^8-1>; |
| 2408 | * CertificateEntry certificate_list<0..2^24-1>; |
| 2409 | * } Certificate; |
| 2410 | */ |
| 2411 | unsigned char *p_certificate_request_context_len = buf; |
| 2412 | size_t certificate_request_context_len = buf[0]; |
| 2413 | |
| 2414 | unsigned char *p_certificate_list_len = |
| 2415 | buf + 1 + certificate_request_context_len; |
| 2416 | unsigned char *certificate_list = p_certificate_list_len + 3; |
| 2417 | size_t certificate_list_len = |
| 2418 | MBEDTLS_GET_UINT24_BE(p_certificate_list_len, 0); |
| 2419 | |
| 2420 | unsigned char *p_cert_data_len = certificate_list; |
| 2421 | unsigned char *cert_data = p_cert_data_len + 3; |
| 2422 | size_t cert_data_len = MBEDTLS_GET_UINT24_BE(p_cert_data_len, 0); |
| 2423 | |
| 2424 | unsigned char *p_extensions_len = cert_data + cert_data_len; |
| 2425 | unsigned char *extensions = p_extensions_len + 2; |
| 2426 | size_t extensions_len = MBEDTLS_GET_UINT16_BE(p_extensions_len, 0); |
| 2427 | |
| 2428 | *expected_result = MBEDTLS_ERR_SSL_DECODE_ERROR; |
| 2429 | |
| 2430 | switch (tweak) { |
| 2431 | case 1: |
| 2432 | /* Failure when checking if the certificate request context length |
| 2433 | * and certificate list length can be read |
| 2434 | */ |
| 2435 | *end = buf + 3; |
| 2436 | set_chk_buf_ptr_args(args, buf, *end, 4); |
| 2437 | break; |
| 2438 | |
| 2439 | case 2: |
| 2440 | /* Invalid certificate request context length. |
| 2441 | */ |
| 2442 | *p_certificate_request_context_len = |
| Yanray Wang | a8f445e | 2022-11-03 11:51:59 +0800 | [diff] [blame] | 2443 | (unsigned char) certificate_request_context_len + 1; |
| Yanray Wang | e6afd91 | 2022-10-27 12:11:18 +0800 | [diff] [blame] | 2444 | reset_chk_buf_ptr_args(args); |
| 2445 | break; |
| 2446 | |
| 2447 | case 3: |
| 2448 | /* Failure when checking if certificate_list data can be read. */ |
| 2449 | MBEDTLS_PUT_UINT24_BE(certificate_list_len + 1, |
| 2450 | p_certificate_list_len, 0); |
| 2451 | set_chk_buf_ptr_args(args, certificate_list, *end, |
| 2452 | certificate_list_len + 1); |
| 2453 | break; |
| 2454 | |
| 2455 | case 4: |
| 2456 | /* Failure when checking if the cert_data length can be read. */ |
| 2457 | MBEDTLS_PUT_UINT24_BE(2, p_certificate_list_len, 0); |
| 2458 | set_chk_buf_ptr_args(args, p_cert_data_len, certificate_list + 2, 3); |
| 2459 | break; |
| 2460 | |
| 2461 | case 5: |
| 2462 | /* Failure when checking if cert_data data can be read. */ |
| 2463 | MBEDTLS_PUT_UINT24_BE(certificate_list_len - 3 + 1, |
| 2464 | p_cert_data_len, 0); |
| 2465 | set_chk_buf_ptr_args(args, cert_data, |
| 2466 | certificate_list + certificate_list_len, |
| 2467 | certificate_list_len - 3 + 1); |
| 2468 | break; |
| 2469 | |
| 2470 | case 6: |
| 2471 | /* Failure when checking if the extensions length can be read. */ |
| 2472 | MBEDTLS_PUT_UINT24_BE(certificate_list_len - extensions_len - 1, |
| 2473 | p_certificate_list_len, 0); |
| 2474 | set_chk_buf_ptr_args( |
| 2475 | args, p_extensions_len, |
| 2476 | certificate_list + certificate_list_len - extensions_len - 1, 2); |
| 2477 | break; |
| 2478 | |
| 2479 | case 7: |
| 2480 | /* Failure when checking if extensions data can be read. */ |
| 2481 | MBEDTLS_PUT_UINT16_BE(extensions_len + 1, p_extensions_len, 0); |
| 2482 | |
| 2483 | set_chk_buf_ptr_args( |
| 2484 | args, extensions, |
| 2485 | certificate_list + certificate_list_len, extensions_len + 1); |
| 2486 | break; |
| 2487 | |
| 2488 | default: |
| 2489 | return -1; |
| 2490 | } |
| 2491 | |
| 2492 | return 0; |
| 2493 | } |
| 2494 | #endif /* MBEDTLS_TEST_HOOKS */ |
| Ronald Cron | 77abfe6 | 2024-01-15 11:17:31 +0100 | [diff] [blame] | 2495 | |
| Ronald Cron | faf026c | 2024-01-31 14:32:06 +0100 | [diff] [blame] | 2496 | /* |
| 2497 | * Functions for tests based on tickets. Implementations of the |
| 2498 | * write/parse ticket interfaces as defined by mbedtls_ssl_ticket_write/parse_t. |
| 2499 | * Basically same implementations as in ticket.c without the encryption. That |
| 2500 | * way we can tweak easily tickets characteristics to simulate misbehaving |
| 2501 | * peers. |
| 2502 | */ |
| Ronald Cron | 77abfe6 | 2024-01-15 11:17:31 +0100 | [diff] [blame] | 2503 | #if defined(MBEDTLS_SSL_SESSION_TICKETS) |
| 2504 | int mbedtls_test_ticket_write( |
| 2505 | void *p_ticket, const mbedtls_ssl_session *session, |
| 2506 | unsigned char *start, const unsigned char *end, |
| 2507 | size_t *tlen, uint32_t *lifetime) |
| 2508 | { |
| 2509 | int ret; |
| 2510 | ((void) p_ticket); |
| 2511 | |
| 2512 | if ((ret = mbedtls_ssl_session_save(session, start, end - start, |
| 2513 | tlen)) != 0) { |
| 2514 | return ret; |
| 2515 | } |
| 2516 | |
| 2517 | /* Maximum ticket lifetime as defined in RFC 8446 */ |
| 2518 | *lifetime = 7 * 24 * 3600; |
| 2519 | |
| 2520 | return 0; |
| 2521 | } |
| 2522 | |
| 2523 | int mbedtls_test_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, |
| 2524 | unsigned char *buf, size_t len) |
| 2525 | { |
| 2526 | ((void) p_ticket); |
| 2527 | |
| 2528 | return mbedtls_ssl_session_load(session, buf, len); |
| 2529 | } |
| 2530 | #endif /* MBEDTLS_SSL_SESSION_TICKETS */ |
| Ronald Cron | 1f6e4e4 | 2024-01-26 16:31:33 +0100 | [diff] [blame] | 2531 | |
| 2532 | #if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_SRV_C) && \ |
| 2533 | defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) && \ |
| 2534 | defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) |
| 2535 | int mbedtls_test_get_tls13_ticket( |
| 2536 | mbedtls_test_handshake_test_options *client_options, |
| 2537 | mbedtls_test_handshake_test_options *server_options, |
| 2538 | mbedtls_ssl_session *session) |
| 2539 | { |
| 2540 | int ret = -1; |
| 2541 | unsigned char buf[64]; |
| 2542 | mbedtls_test_ssl_endpoint client_ep, server_ep; |
| 2543 | |
| 2544 | mbedtls_platform_zeroize(&client_ep, sizeof(client_ep)); |
| 2545 | mbedtls_platform_zeroize(&server_ep, sizeof(server_ep)); |
| 2546 | |
| 2547 | ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, |
| 2548 | client_options, NULL, NULL, NULL); |
| 2549 | TEST_EQUAL(ret, 0); |
| 2550 | |
| 2551 | ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, |
| 2552 | server_options, NULL, NULL, NULL); |
| 2553 | TEST_EQUAL(ret, 0); |
| 2554 | |
| 2555 | mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf, |
| 2556 | mbedtls_test_ticket_write, |
| 2557 | mbedtls_test_ticket_parse, |
| 2558 | NULL); |
| 2559 | |
| 2560 | ret = mbedtls_test_mock_socket_connect(&(client_ep.socket), |
| 2561 | &(server_ep.socket), 1024); |
| 2562 | TEST_EQUAL(ret, 0); |
| 2563 | |
| 2564 | TEST_EQUAL(mbedtls_test_move_handshake_to_state( |
| 2565 | &(server_ep.ssl), &(client_ep.ssl), |
| 2566 | MBEDTLS_SSL_HANDSHAKE_OVER), 0); |
| 2567 | |
| 2568 | TEST_EQUAL(server_ep.ssl.handshake->new_session_tickets_count, 0); |
| 2569 | |
| 2570 | do { |
| 2571 | ret = mbedtls_ssl_read(&(client_ep.ssl), buf, sizeof(buf)); |
| 2572 | } while (ret != MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET); |
| 2573 | |
| 2574 | ret = mbedtls_ssl_get_session(&(client_ep.ssl), session); |
| 2575 | TEST_EQUAL(ret, 0); |
| 2576 | |
| 2577 | exit: |
| 2578 | mbedtls_test_ssl_endpoint_free(&client_ep, NULL); |
| 2579 | mbedtls_test_ssl_endpoint_free(&server_ep, NULL); |
| 2580 | |
| 2581 | return ret; |
| 2582 | } |
| 2583 | #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_SRV_C && |
| 2584 | MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS && |
| 2585 | MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ |
| 2586 | |
| Yanray Wang | 4d07d1c | 2022-10-27 15:28:16 +0800 | [diff] [blame] | 2587 | #endif /* MBEDTLS_SSL_TLS_C */ |