mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-30 06:24:20 +01:00
Add negative tests for unexpected ver/cfg in session deserialization
This commit is contained in:
parent
94ef3b35f4
commit
861d0bbbf2
@ -58,6 +58,18 @@ ssl_dtls_replay:"abcd12340000abcd12340100":"abcd123400ff":0
|
|||||||
SSL SET_HOSTNAME memory leak: call ssl_set_hostname twice
|
SSL SET_HOSTNAME memory leak: call ssl_set_hostname twice
|
||||||
ssl_set_hostname_twice:"server0":"server1"
|
ssl_set_hostname_twice:"server0":"server1"
|
||||||
|
|
||||||
|
SSL session serialization: Wrong major version
|
||||||
|
ssl_session_serialize_version_check:1:0:0:0
|
||||||
|
|
||||||
|
SSL session serialization: Wrong minor version
|
||||||
|
ssl_session_serialize_version_check:1:0:0:0
|
||||||
|
|
||||||
|
SSL session serialization: Wrong patch version
|
||||||
|
ssl_session_serialize_version_check:1:0:0:0
|
||||||
|
|
||||||
|
SSL session serialization: Wrong config
|
||||||
|
ssl_session_serialize_version_check:1:0:0:0
|
||||||
|
|
||||||
Record crypt, AES-128-CBC, 1.2, SHA-384
|
Record crypt, AES-128-CBC, 1.2, SHA-384
|
||||||
depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C
|
depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C
|
||||||
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
|
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
|
||||||
|
@ -921,3 +921,53 @@ exit:
|
|||||||
mbedtls_free( bad_buf );
|
mbedtls_free( bad_buf );
|
||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
|
/* BEGIN_CASE depends_on:!MBEDTLS_SSL_SERIALIZED_STRUCTURES_LOCAL_ONLY */
|
||||||
|
void ssl_session_serialize_version_check( int corrupt_major,
|
||||||
|
int corrupt_minor,
|
||||||
|
int corrupt_patch,
|
||||||
|
int corrupt_config )
|
||||||
|
{
|
||||||
|
unsigned char serialized_session[ 2048 ];
|
||||||
|
size_t serialized_session_len;
|
||||||
|
|
||||||
|
mbedtls_ssl_session session;
|
||||||
|
mbedtls_ssl_session_init( &session );
|
||||||
|
|
||||||
|
/* Infer length of serialized session. */
|
||||||
|
TEST_ASSERT( mbedtls_ssl_session_save( &session,
|
||||||
|
serialized_session,
|
||||||
|
sizeof( serialized_session ),
|
||||||
|
&serialized_session_len ) == 0 );
|
||||||
|
|
||||||
|
mbedtls_ssl_session_free( &session );
|
||||||
|
|
||||||
|
/* Without any modification, we should be able to successfully
|
||||||
|
* de-serialize the session - double-check that. */
|
||||||
|
TEST_ASSERT( mbedtls_ssl_session_load( &session,
|
||||||
|
serialized_session,
|
||||||
|
serialized_session_len ) == 0 );
|
||||||
|
mbedtls_ssl_session_free( &session );
|
||||||
|
|
||||||
|
if( corrupt_major )
|
||||||
|
serialized_session[0] ^= (uint8_t) 0x1;
|
||||||
|
|
||||||
|
if( corrupt_minor )
|
||||||
|
serialized_session[1] ^= (uint8_t) 0x1;
|
||||||
|
|
||||||
|
if( corrupt_patch )
|
||||||
|
serialized_session[2] ^= (uint8_t) 0x1;
|
||||||
|
|
||||||
|
if( corrupt_config )
|
||||||
|
{
|
||||||
|
serialized_session[3] ^= (uint8_t) 0x1;
|
||||||
|
serialized_session[4] ^= (uint8_t) 0x1;
|
||||||
|
serialized_session[5] ^= (uint8_t) 0x1;
|
||||||
|
}
|
||||||
|
|
||||||
|
TEST_ASSERT( mbedtls_ssl_session_load( &session,
|
||||||
|
serialized_session,
|
||||||
|
serialized_session_len ) ==
|
||||||
|
MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||||
|
}
|
||||||
|
/* END_CASE */
|
||||||
|
Loading…
Reference in New Issue
Block a user