mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 14:54:15 +01:00
Test failing raw_key_agreement in ssl mock tests
Force a bitflip in server key to make the raw key agreement fail, and then verify that no key slots are left open at the end. Use a Weierstrass curve to have a high chance of failure upon encountering such bitflip. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
parent
535cd1790b
commit
b4eedf7a23
@ -10683,3 +10683,6 @@ ssl_cf_memcpy_offset:0:255:32
|
||||
# we could get this with 255-bytes plaintext and untruncated SHA-384
|
||||
Constant-flow memcpy from offset: large
|
||||
ssl_cf_memcpy_offset:100:339:48
|
||||
|
||||
Raw key agreement fail
|
||||
raw_key_agreement_fail:
|
||||
|
@ -4555,3 +4555,79 @@ exit:
|
||||
mbedtls_free( src );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */
|
||||
void raw_key_agreement_fail( )
|
||||
{
|
||||
enum { BUFFSIZE = 17000 };
|
||||
mbedtls_endpoint client, server;
|
||||
mbedtls_psa_stats_t stats;
|
||||
|
||||
#if defined(MBEDTLS_TIMING_C)
|
||||
mbedtls_timing_delay_context timer_client, timer_server;
|
||||
#endif
|
||||
mbedtls_ecp_group_id curve_list[] = { MBEDTLS_ECP_DP_SECP256R1,
|
||||
MBEDTLS_ECP_DP_NONE };
|
||||
|
||||
mbedtls_test_message_queue server_queue, client_queue;
|
||||
mbedtls_test_message_socket_context server_context, client_context;
|
||||
|
||||
mbedtls_message_socket_init( &server_context );
|
||||
mbedtls_message_socket_init( &client_context );
|
||||
|
||||
USE_PSA_INIT( );
|
||||
|
||||
/* Client side, force SECP256R1 to make one key bitflip fail
|
||||
* the raw key agreement. Flipping one bit with a Weierstrass
|
||||
* curve (as opposed to a Montgomery curve) has a high chance of
|
||||
* making it invalid. */
|
||||
TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT,
|
||||
MBEDTLS_PK_RSA, &client_context,
|
||||
&client_queue,
|
||||
&server_queue, curve_list ) == 0 );
|
||||
#if defined(MBEDTLS_TIMING_C)
|
||||
mbedtls_ssl_set_timer_cb( &client.ssl, &timer_client,
|
||||
mbedtls_timing_set_delay,
|
||||
mbedtls_timing_get_delay );
|
||||
#endif
|
||||
|
||||
/* Server side */
|
||||
TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER,
|
||||
MBEDTLS_PK_RSA, &server_context,
|
||||
&server_queue,
|
||||
&client_queue, NULL ) == 0 );
|
||||
#if defined(MBEDTLS_TIMING_C)
|
||||
mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server,
|
||||
mbedtls_timing_set_delay,
|
||||
mbedtls_timing_get_delay );
|
||||
#endif
|
||||
|
||||
TEST_ASSERT( mbedtls_mock_socket_connect( &(client.socket),
|
||||
&(server.socket),
|
||||
BUFFSIZE ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_move_handshake_to_state( &(client.ssl),
|
||||
&(server.ssl),
|
||||
MBEDTLS_SSL_CLIENT_KEY_EXCHANGE )
|
||||
== 0 );
|
||||
|
||||
/* Force a simulated bitflip in the server key. to make the
|
||||
* raw key agreement in ssl_write_client_key_exchange fail. */
|
||||
(client.ssl).handshake->ecdh_psa_peerkey[5] ^= 0x02;
|
||||
|
||||
TEST_ASSERT( mbedtls_move_handshake_to_state( &(client.ssl),
|
||||
&(server.ssl),
|
||||
MBEDTLS_SSL_HANDSHAKE_OVER )
|
||||
!= 0 );
|
||||
|
||||
mbedtls_psa_get_stats( &stats );
|
||||
|
||||
/* Make sure that the key slot is destroyed properly in case of failure. */
|
||||
TEST_ASSERT( stats.empty_slots == MBEDTLS_PSA_KEY_SLOT_COUNT );
|
||||
|
||||
exit:
|
||||
mbedtls_endpoint_free( &client, &client_context );
|
||||
mbedtls_endpoint_free( &server, &server_context );
|
||||
USE_PSA_DONE( );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
Loading…
Reference in New Issue
Block a user