mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 16:14:20 +01:00
Add test with sending application data via DTLS
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
This commit is contained in:
parent
20b3a68e70
commit
6a7f01c237
@ -275,44 +275,82 @@ DTLS Handshake with serialization, tls1_2
|
|||||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
|
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
|
||||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:1
|
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:1
|
||||||
|
|
||||||
Test sending app data MFL=512 without fragmentation
|
Sending app data via TLS, MFL=512 without fragmentation
|
||||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_512:400:512:1:1
|
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_512:400:512:1:1
|
||||||
|
|
||||||
Test sending app data MFL=512 with fragmentation
|
Sending app data via TLS, MFL=512 with fragmentation
|
||||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_512:513:1536:2:3
|
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_512:513:1536:2:3
|
||||||
|
|
||||||
Test sending app data MFL=1024 without fragmentation
|
Sending app data via TLS, MFL=1024 without fragmentation
|
||||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1000:1024:1:1
|
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1000:1024:1:1
|
||||||
|
|
||||||
Test sending app data MFL=1024 with fragmentation
|
Sending app data via TLS, MFL=1024 with fragmentation
|
||||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1025:5120:2:5
|
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1025:5120:2:5
|
||||||
|
|
||||||
Test sending app data MFL=2048 without fragmentation
|
Sending app data via TLS, MFL=2048 without fragmentation
|
||||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2000:2048:1:1
|
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2000:2048:1:1
|
||||||
|
|
||||||
Test sending app data MFL=2048 with fragmentation
|
Sending app data via TLS, MFL=2048 with fragmentation
|
||||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2049:8192:2:4
|
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2049:8192:2:4
|
||||||
|
|
||||||
Test sending app data MFL=4096 without fragmentation
|
Sending app data via TLS, MFL=4096 without fragmentation
|
||||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4000:4096:1:1
|
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4000:4096:1:1
|
||||||
|
|
||||||
Test sending app data MFL=4096 with fragmentation
|
Sending app data via TLS, MFL=4096 with fragmentation
|
||||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4097:12288:2:3
|
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4097:12288:2:3
|
||||||
|
|
||||||
Test sending app data without MFL and without fragmentation
|
Sending app data via TLS without MFL and without fragmentation
|
||||||
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16001:16384:1:1
|
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16001:16384:1:1
|
||||||
|
|
||||||
Test sending app data without MFL and with fragmentation
|
Sending app data via TLS without MFL and with fragmentation
|
||||||
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16385:100000:2:7
|
send_application_data:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16385:100000:2:7
|
||||||
|
|
||||||
|
Sending app data via DTLS, MFL=512 without fragmentation
|
||||||
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
send_application_data_dtls:MBEDTLS_SSL_MAX_FRAG_LEN_512:400:512:1:1
|
||||||
|
|
||||||
|
Sending app data via DTLS, MFL=512 with fragmentation
|
||||||
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
send_application_data_dtls:MBEDTLS_SSL_MAX_FRAG_LEN_512:513:1536:0:0
|
||||||
|
|
||||||
|
Sending app data via DTLS, MFL=1024 without fragmentation
|
||||||
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
send_application_data_dtls:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1000:1024:1:1
|
||||||
|
|
||||||
|
Sending app data via DTLS, MFL=1024 with fragmentation
|
||||||
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
send_application_data_dtls:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1025:5120:0:0
|
||||||
|
|
||||||
|
Sending app data via DTLS, MFL=2048 without fragmentation
|
||||||
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
send_application_data_dtls:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2000:2048:1:1
|
||||||
|
|
||||||
|
Sending app data via DTLS, MFL=2048 with fragmentation
|
||||||
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
send_application_data_dtls:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2049:8192:0:0
|
||||||
|
|
||||||
|
Sending app data via DTLS, MFL=4096 without fragmentation
|
||||||
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
send_application_data_dtls:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4000:4096:1:1
|
||||||
|
|
||||||
|
Sending app data via DTLS, MFL=4096 with fragmentation
|
||||||
|
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
send_application_data_dtls:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4097:12288:0:0
|
||||||
|
|
||||||
|
Sending app data via DTLS, without MFL and without fragmentation
|
||||||
|
send_application_data_dtls:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16001:16384:1:1
|
||||||
|
|
||||||
|
Sending app data via DTLS, without MFL and with fragmentation
|
||||||
|
send_application_data_dtls:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16385:100000:0:0
|
||||||
|
|
||||||
SSL DTLS replay: initial state, seqnum 0
|
SSL DTLS replay: initial state, seqnum 0
|
||||||
ssl_dtls_replay:"":"000000000000":0
|
ssl_dtls_replay:"":"000000000000":0
|
||||||
|
|
||||||
|
@ -928,31 +928,87 @@ int mbedtls_move_handshake_to_state( mbedtls_ssl_context *ssl,
|
|||||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Write application data. Then increase write and fragments counter
|
* Write application data. Increase write counter and fragments counter if
|
||||||
|
* necessary.
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_write_fragment( mbedtls_ssl_context *ssl, unsigned char *buf,
|
int mbedtls_ssl_write_fragment( mbedtls_ssl_context *ssl, unsigned char *buf,
|
||||||
int ln, int *writen, int *fragments )
|
int buf_len, int *written,
|
||||||
|
int *fragments, const int expected_fragments )
|
||||||
{
|
{
|
||||||
int ret = mbedtls_ssl_write( ssl, buf + *writen, ln - *writen );
|
int ret = mbedtls_ssl_write( ssl, buf + *written, buf_len - *written );
|
||||||
if( ret >= 0 )
|
if( ret > 0 )
|
||||||
{
|
{
|
||||||
(*fragments)++;
|
(*fragments)++;
|
||||||
*writen += ret;
|
*written += ret;
|
||||||
}
|
}
|
||||||
return ret;
|
|
||||||
|
if( expected_fragments == 0 )
|
||||||
|
{
|
||||||
|
/* Used for DTLS and the message size larger than MFL. In that case
|
||||||
|
* the message can not be fragmented and the library should return
|
||||||
|
* MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned
|
||||||
|
* to prevent a dead loop inside mbedtls_exchange_data(). */
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
else if( expected_fragments == 1 )
|
||||||
|
{
|
||||||
|
/* Used for TLS/DTLS and the message size lower than MFL */
|
||||||
|
TEST_ASSERT( ret == buf_len ||
|
||||||
|
ret == MBEDTLS_ERR_SSL_WANT_READ ||
|
||||||
|
ret == MBEDTLS_ERR_SSL_WANT_WRITE );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* Used for TLS and the message size larger than MFL */
|
||||||
|
TEST_ASSERT( expected_fragments > 1 );
|
||||||
|
TEST_ASSERT( ( ret >= 0 && ret <= buf_len ) ||
|
||||||
|
ret == MBEDTLS_ERR_SSL_WANT_READ ||
|
||||||
|
ret == MBEDTLS_ERR_SSL_WANT_WRITE );
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
exit:
|
||||||
|
/* Some of the tests failed */
|
||||||
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Read application data and increase read counter
|
* Read application data and increase read counter if necessary.
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_read_fragment( mbedtls_ssl_context *ssl, unsigned char *buf, int ln, int *read )
|
int mbedtls_ssl_read_fragment( mbedtls_ssl_context *ssl, unsigned char *buf,
|
||||||
|
int buf_len, int *read,
|
||||||
|
const int expected_fragments )
|
||||||
{
|
{
|
||||||
int ret = mbedtls_ssl_read( ssl, buf + *read, ln - *read );
|
int ret = mbedtls_ssl_read( ssl, buf + *read, buf_len - *read );
|
||||||
if( ret >= 0 )
|
if( ret > 0 )
|
||||||
{
|
{
|
||||||
*read += ret;
|
*read += ret;
|
||||||
}
|
}
|
||||||
return ret;
|
|
||||||
|
if( expected_fragments == 0 )
|
||||||
|
{
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
}
|
||||||
|
else if( expected_fragments == 1 )
|
||||||
|
{
|
||||||
|
TEST_ASSERT( ret == buf_len ||
|
||||||
|
ret == MBEDTLS_ERR_SSL_WANT_READ ||
|
||||||
|
ret == MBEDTLS_ERR_SSL_WANT_WRITE );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
TEST_ASSERT( expected_fragments > 1 );
|
||||||
|
TEST_ASSERT( ( ret >= 0 && ret <= buf_len ) ||
|
||||||
|
ret == MBEDTLS_ERR_SSL_WANT_READ ||
|
||||||
|
ret == MBEDTLS_ERR_SSL_WANT_WRITE );
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
exit:
|
||||||
|
/* Some of the tests failed */
|
||||||
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -1347,6 +1403,146 @@ static int ssl_populate_session( mbedtls_ssl_session *session,
|
|||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the
|
||||||
|
* message was sent in the correct number of fragments.
|
||||||
|
*
|
||||||
|
* /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both
|
||||||
|
* of them must be initialized and connected beforehand.
|
||||||
|
* /p msg_len_1 and /p msg_len_2 specify the size of the message to send.
|
||||||
|
* /p expected_fragments_1 and /p expected_fragments_2 determine in how many
|
||||||
|
* fragments the message should be sent.
|
||||||
|
* expected_fragments is 0: can be used for DTLS testing while the message
|
||||||
|
* size is larger than MFL. In that case the message
|
||||||
|
* cannot be fragmented and sent to the second endpoint.
|
||||||
|
* This value can be used for negative tests.
|
||||||
|
* expected_fragments is 1: can be used for TLS/DTLS testing while the
|
||||||
|
* message size is below MFL
|
||||||
|
* expected_fragments > 1: can be used for TLS testing while the message
|
||||||
|
* size is larger than MFL
|
||||||
|
*
|
||||||
|
* \retval 0 on success, otherwise error code.
|
||||||
|
*/
|
||||||
|
int mbedtls_exchange_data( mbedtls_ssl_context *ssl_1,
|
||||||
|
int msg_len_1, const int expected_fragments_1,
|
||||||
|
mbedtls_ssl_context *ssl_2,
|
||||||
|
int msg_len_2, const int expected_fragments_2 )
|
||||||
|
{
|
||||||
|
unsigned char *msg_buf_1 = malloc( msg_len_1 );
|
||||||
|
unsigned char *msg_buf_2 = malloc( msg_len_2 );
|
||||||
|
unsigned char *in_buf_1 = malloc( msg_len_2 );
|
||||||
|
unsigned char *in_buf_2 = malloc( msg_len_1 );
|
||||||
|
int msg_type, ret = -1;
|
||||||
|
|
||||||
|
/* Perform this test with two message types. At first use a message
|
||||||
|
* consisting of only 0x00 for the client and only 0xFF for the server.
|
||||||
|
* At the second time use message with generated data */
|
||||||
|
for( msg_type = 0; msg_type < 2; msg_type++ )
|
||||||
|
{
|
||||||
|
int written_1 = 0;
|
||||||
|
int written_2 = 0;
|
||||||
|
int read_1 = 0;
|
||||||
|
int read_2 = 0;
|
||||||
|
int fragments_1 = 0;
|
||||||
|
int fragments_2 = 0;
|
||||||
|
|
||||||
|
if( msg_type == 0 )
|
||||||
|
{
|
||||||
|
memset( msg_buf_1, 0x00, msg_len_1 );
|
||||||
|
memset( msg_buf_2, 0xff, msg_len_2 );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
int i, j = 0;
|
||||||
|
for( i = 0; i < msg_len_1; i++ )
|
||||||
|
{
|
||||||
|
msg_buf_1[i] = j++ & 0xFF;
|
||||||
|
}
|
||||||
|
for( i = 0; i < msg_len_2; i++ )
|
||||||
|
{
|
||||||
|
msg_buf_2[i] = ( j -= 5 ) & 0xFF;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
while( read_1 < msg_len_2 || read_2 < msg_len_1 )
|
||||||
|
{
|
||||||
|
/* ssl_1 sending */
|
||||||
|
if( msg_len_1 > written_1 )
|
||||||
|
{
|
||||||
|
ret = mbedtls_ssl_write_fragment( ssl_1, msg_buf_1,
|
||||||
|
msg_len_1, &written_1,
|
||||||
|
&fragments_1,
|
||||||
|
expected_fragments_1 );
|
||||||
|
if( expected_fragments_1 == 0 )
|
||||||
|
{
|
||||||
|
/* This error is expected when the message is too large and
|
||||||
|
* cannot be fragmented */
|
||||||
|
TEST_ASSERT( ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||||
|
msg_len_1 = 0;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ssl_2 sending */
|
||||||
|
if( msg_len_2 > written_2 )
|
||||||
|
{
|
||||||
|
ret = mbedtls_ssl_write_fragment( ssl_2, msg_buf_2,
|
||||||
|
msg_len_2, &written_2,
|
||||||
|
&fragments_2,
|
||||||
|
expected_fragments_2 );
|
||||||
|
if( expected_fragments_2 == 0 )
|
||||||
|
{
|
||||||
|
/* This error is expected when the message is too large and
|
||||||
|
* cannot be fragmented */
|
||||||
|
TEST_ASSERT( ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||||
|
msg_len_2 = 0;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ssl_1 reading */
|
||||||
|
if( read_1 < msg_len_2 )
|
||||||
|
{
|
||||||
|
ret = mbedtls_ssl_read_fragment( ssl_1, in_buf_1,
|
||||||
|
msg_len_2, &read_1,
|
||||||
|
expected_fragments_1 );
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ssl_2 reading */
|
||||||
|
if( read_2 < msg_len_1 )
|
||||||
|
{
|
||||||
|
ret = mbedtls_ssl_read_fragment( ssl_2, in_buf_2,
|
||||||
|
msg_len_1, &read_2,
|
||||||
|
expected_fragments_2 );
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = -1;
|
||||||
|
TEST_ASSERT( 0 == memcmp( msg_buf_1, in_buf_2, msg_len_1 ) );
|
||||||
|
TEST_ASSERT( 0 == memcmp( msg_buf_2, in_buf_1, msg_len_2 ) );
|
||||||
|
TEST_ASSERT( fragments_1 == expected_fragments_1 );
|
||||||
|
TEST_ASSERT( fragments_2 == expected_fragments_2 );
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
|
exit:
|
||||||
|
free( msg_buf_1 );
|
||||||
|
free( in_buf_1 );
|
||||||
|
free( msg_buf_2 );
|
||||||
|
free( in_buf_2 );
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
/* END_HEADER */
|
/* END_HEADER */
|
||||||
|
|
||||||
/* BEGIN_DEPENDENCIES
|
/* BEGIN_DEPENDENCIES
|
||||||
@ -3262,15 +3458,11 @@ exit:
|
|||||||
|
|
||||||
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15 */
|
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15 */
|
||||||
void send_application_data( int mfl, int cli_msg_len, int srv_msg_len,
|
void send_application_data( int mfl, int cli_msg_len, int srv_msg_len,
|
||||||
const int expected_cli_frames,
|
const int expected_cli_fragments,
|
||||||
const int expected_srv_frames )
|
const int expected_srv_fragments )
|
||||||
{
|
{
|
||||||
enum { BUFFSIZE = 2048 };
|
enum { BUFFSIZE = 2048 };
|
||||||
mbedtls_endpoint server, client;
|
mbedtls_endpoint server, client;
|
||||||
unsigned char *cli_msg_buf = malloc( cli_msg_len );
|
|
||||||
unsigned char *cli_in_buf = malloc( srv_msg_len );
|
|
||||||
unsigned char *srv_msg_buf = malloc( srv_msg_len );
|
|
||||||
unsigned char *srv_in_buf = malloc( cli_msg_len );
|
|
||||||
int ret = -1;
|
int ret = -1;
|
||||||
|
|
||||||
ret = mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, MBEDTLS_PK_RSA,
|
ret = mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, MBEDTLS_PK_RSA,
|
||||||
@ -3302,83 +3494,79 @@ void send_application_data( int mfl, int cli_msg_len, int srv_msg_len,
|
|||||||
TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
|
TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
|
||||||
TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
|
TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
|
||||||
|
|
||||||
/* Perform this test with two message types. At first use a message
|
/* Start data exchanging test */
|
||||||
* consisting of only 0x00 for the client and only 0xFF for the server.
|
ret = mbedtls_exchange_data( &(client.ssl), cli_msg_len, expected_cli_fragments,
|
||||||
* At the second time use message with generated data */
|
&(server.ssl), srv_msg_len, expected_srv_fragments );
|
||||||
for( int msg_type = 0; msg_type < 2; msg_type++ )
|
TEST_ASSERT( ret == 0 );
|
||||||
{
|
|
||||||
int cli_writen = 0;
|
|
||||||
int srv_writen = 0;
|
|
||||||
int cli_read = 0;
|
|
||||||
int srv_read = 0;
|
|
||||||
int cli_fragments = 0;
|
|
||||||
int srv_fragments = 0;
|
|
||||||
|
|
||||||
if( msg_type == 0 )
|
|
||||||
{
|
|
||||||
memset( cli_msg_buf, 0x00, cli_msg_len );
|
|
||||||
memset( srv_msg_buf, 0xff, srv_msg_len );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
int j = 0;
|
|
||||||
for( int i = 0; i < cli_msg_len; i++ )
|
|
||||||
cli_msg_buf[i] = j++ & 0xFF;
|
|
||||||
for( int i = 0; i < srv_msg_len; i++ )
|
|
||||||
srv_msg_buf[i] = ( j -= 5 ) & 0xFF;
|
|
||||||
}
|
|
||||||
|
|
||||||
while( cli_read < srv_msg_len || srv_read < cli_msg_len )
|
|
||||||
{
|
|
||||||
/* Client sending */
|
|
||||||
if( cli_msg_len > cli_writen )
|
|
||||||
{
|
|
||||||
ret = mbedtls_ssl_write_fragment( &(client.ssl), cli_msg_buf,
|
|
||||||
cli_msg_len, &cli_writen, &cli_fragments );
|
|
||||||
TEST_ASSERT( ( ret >= 0 && ret <= cli_msg_len ) ||
|
|
||||||
ret == MBEDTLS_ERR_SSL_WANT_WRITE );
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Server sending */
|
|
||||||
if( srv_msg_len > srv_writen )
|
|
||||||
{
|
|
||||||
ret = mbedtls_ssl_write_fragment( &(server.ssl), srv_msg_buf,
|
|
||||||
srv_msg_len, &srv_writen, &srv_fragments );
|
|
||||||
TEST_ASSERT( ( ret >= 0 && ret <= srv_msg_len ) ||
|
|
||||||
ret == MBEDTLS_ERR_SSL_WANT_WRITE );
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Client reading */
|
|
||||||
if( cli_read < srv_msg_len )
|
|
||||||
{
|
|
||||||
ret = mbedtls_ssl_read_fragment( &(client.ssl), cli_in_buf,
|
|
||||||
srv_msg_len, &cli_read );
|
|
||||||
TEST_ASSERT( ( ret >= 0 && ret <= srv_msg_len ) ||
|
|
||||||
ret == MBEDTLS_ERR_SSL_WANT_READ );
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Server reading */
|
|
||||||
if( srv_read < cli_msg_len )
|
|
||||||
{
|
|
||||||
ret = mbedtls_ssl_read_fragment( &(server.ssl), srv_in_buf,
|
|
||||||
cli_msg_len, &srv_read );
|
|
||||||
TEST_ASSERT( ( ret >= 0 && ret <= cli_msg_len ) ||
|
|
||||||
ret == MBEDTLS_ERR_SSL_WANT_READ );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
TEST_ASSERT( 0 == memcmp( cli_msg_buf, srv_in_buf, cli_msg_len ) );
|
|
||||||
TEST_ASSERT( 0 == memcmp( srv_msg_buf, cli_in_buf, srv_msg_len ) );
|
|
||||||
TEST_ASSERT( cli_fragments == expected_cli_frames );
|
|
||||||
TEST_ASSERT( srv_fragments == expected_srv_frames );
|
|
||||||
}
|
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
mbedtls_endpoint_free( &client, NULL );
|
mbedtls_endpoint_free( &client, NULL );
|
||||||
mbedtls_endpoint_free( &server, NULL );
|
mbedtls_endpoint_free( &server, NULL );
|
||||||
free( cli_msg_buf );
|
}
|
||||||
free( cli_in_buf );
|
/* END_CASE */
|
||||||
free( srv_msg_buf );
|
|
||||||
free( srv_in_buf );
|
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15 */
|
||||||
|
void send_application_data_dtls( int mfl, int cli_msg_len, int srv_msg_len,
|
||||||
|
const int expected_cli_fragments,
|
||||||
|
const int expected_srv_fragments )
|
||||||
|
{
|
||||||
|
enum { BUFFSIZE = 17000 };
|
||||||
|
#if defined(MBEDTLS_TIMING_C)
|
||||||
|
mbedtls_timing_delay_context timer_client, timer_server;
|
||||||
|
#endif
|
||||||
|
mbedtls_endpoint server, client;
|
||||||
|
mbedtls_test_message_queue server_queue, client_queue;
|
||||||
|
mbedtls_test_message_socket_context server_context, client_context;
|
||||||
|
int ret = -1;
|
||||||
|
|
||||||
|
/* Initializing endpoints and communication */
|
||||||
|
ret = mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, MBEDTLS_PK_RSA,
|
||||||
|
&server_context, &server_queue, &client_queue );
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
|
||||||
|
ret = mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_PK_RSA,
|
||||||
|
&client_context, &client_queue, &server_queue );
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_TIMING_C)
|
||||||
|
mbedtls_ssl_set_timer_cb( &client.ssl, &timer_client,
|
||||||
|
mbedtls_timing_set_delay,
|
||||||
|
mbedtls_timing_get_delay );
|
||||||
|
|
||||||
|
mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server,
|
||||||
|
mbedtls_timing_set_delay,
|
||||||
|
mbedtls_timing_get_delay );
|
||||||
|
#endif /* MBEDTLS_TIMING_C */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||||
|
ret = mbedtls_ssl_conf_max_frag_len( &(server.conf), (unsigned char) mfl );
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
|
||||||
|
ret = mbedtls_ssl_conf_max_frag_len( &(client.conf), (unsigned char) mfl );
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
#else
|
||||||
|
TEST_ASSERT( MBEDTLS_SSL_MAX_FRAG_LEN_NONE == mfl );
|
||||||
|
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
|
||||||
|
|
||||||
|
ret = mbedtls_mock_socket_connect( &(server.socket), &(client.socket),
|
||||||
|
BUFFSIZE );
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
|
||||||
|
ret = mbedtls_move_handshake_to_state( &(client.ssl),
|
||||||
|
&(server.ssl),
|
||||||
|
MBEDTLS_SSL_HANDSHAKE_OVER );
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
|
||||||
|
TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
|
||||||
|
|
||||||
|
/* Start data exchanging test */
|
||||||
|
ret = mbedtls_exchange_data( &(client.ssl), cli_msg_len, expected_cli_fragments,
|
||||||
|
&(server.ssl), srv_msg_len, expected_srv_fragments );
|
||||||
|
TEST_ASSERT( ret == 0 );
|
||||||
|
|
||||||
|
|
||||||
|
exit:
|
||||||
|
mbedtls_endpoint_free( &client, &client_context );
|
||||||
|
mbedtls_endpoint_free( &server, &server_context );
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
Loading…
Reference in New Issue
Block a user