mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 19:05:55 +01:00
1e94128f30
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
151 lines
5.0 KiB
Plaintext
151 lines
5.0 KiB
Plaintext
/* BEGIN_HEADER */
|
|
#include <mbedtls/ssl.h>
|
|
#include <mbedtls/ssl_internal.h>
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_SSL_TLS_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */
|
|
void ssl_dtls_replay( data_t * prevs, data_t * new, int ret )
|
|
{
|
|
uint32_t len = 0;
|
|
mbedtls_ssl_context ssl;
|
|
mbedtls_ssl_config conf;
|
|
|
|
mbedtls_ssl_init( &ssl );
|
|
mbedtls_ssl_config_init( &conf );
|
|
|
|
TEST_ASSERT( mbedtls_ssl_config_defaults( &conf,
|
|
MBEDTLS_SSL_IS_CLIENT,
|
|
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
|
|
MBEDTLS_SSL_PRESET_DEFAULT ) == 0 );
|
|
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
|
|
|
|
/* Read previous record numbers */
|
|
for( len = 0; len < prevs->len; len += 6 )
|
|
{
|
|
memcpy( ssl.in_ctr + 2, prevs->x + len, 6 );
|
|
mbedtls_ssl_dtls_replay_update( &ssl );
|
|
}
|
|
|
|
/* Check new number */
|
|
memcpy( ssl.in_ctr + 2, new->x, 6 );
|
|
TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret );
|
|
|
|
mbedtls_ssl_free( &ssl );
|
|
mbedtls_ssl_config_free( &conf );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
|
|
void ssl_set_hostname_twice( char *hostname0, char *hostname1 )
|
|
{
|
|
mbedtls_ssl_context ssl;
|
|
mbedtls_ssl_init( &ssl );
|
|
|
|
TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 );
|
|
TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 );
|
|
|
|
mbedtls_ssl_free( &ssl );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
|
|
void ssl_cf_hmac( int hash )
|
|
{
|
|
/*
|
|
* Test the function mbedtls_ssl_cf_hmac() against a reference
|
|
* implementation.
|
|
*
|
|
* Note: the dependency is actually on TLS 1.0-1.2 and (AES or ARIA or
|
|
* Camellia or DES), but since the test framework doesn't support
|
|
* alternation in dependencies, just depend on the most common.
|
|
*/
|
|
mbedtls_md_context_t ctx, ref_ctx;
|
|
const mbedtls_md_info_t *md_info;
|
|
size_t out_len, block_size;
|
|
size_t min_in_len, in_len, max_in_len, i;
|
|
/* TLS additional data is 13 bytes (hence the "lucky 13" name) */
|
|
unsigned char add_data[13];
|
|
unsigned char ref_out[MBEDTLS_MD_MAX_SIZE];
|
|
unsigned char *data = NULL;
|
|
unsigned char *out = NULL;
|
|
unsigned char rec_num = 0;
|
|
|
|
mbedtls_md_init( &ctx );
|
|
mbedtls_md_init( &ref_ctx );
|
|
|
|
md_info = mbedtls_md_info_from_type( hash );
|
|
TEST_ASSERT( md_info != NULL );
|
|
out_len = mbedtls_md_get_size( md_info );
|
|
TEST_ASSERT( out_len != 0 );
|
|
block_size = hash == MBEDTLS_MD_SHA384 ? 128 : 64;
|
|
|
|
/* Use allocated out buffer to catch overwrites */
|
|
out = mbedtls_calloc( 1, out_len );
|
|
TEST_ASSERT( out != NULL );
|
|
|
|
/* Set up contexts with the given hash and a dummy key */
|
|
TEST_ASSERT( 0 == mbedtls_md_setup( &ctx, md_info, 1 ) );
|
|
TEST_ASSERT( 0 == mbedtls_md_setup( &ref_ctx, md_info, 1 ) );
|
|
memset( ref_out, 42, sizeof( ref_out ) );
|
|
TEST_ASSERT( 0 == mbedtls_md_hmac_starts( &ctx, ref_out, out_len ) );
|
|
TEST_ASSERT( 0 == mbedtls_md_hmac_starts( &ref_ctx, ref_out, out_len ) );
|
|
memset( ref_out, 0, sizeof( ref_out ) );
|
|
|
|
/*
|
|
* Test all possible lengths up to a point. The difference between
|
|
* max_in_len and min_in_len is at most 255, and make sure they both vary
|
|
* by at least one block size.
|
|
*/
|
|
for( max_in_len = 0; max_in_len <= 255 + block_size; max_in_len++ )
|
|
{
|
|
/* Use allocated in buffer to catch overreads */
|
|
data = mbedtls_calloc( 1, max_in_len );
|
|
TEST_ASSERT( data != NULL || max_in_len == 0 );
|
|
|
|
min_in_len = max_in_len > 255 ? max_in_len - 255 : 0;
|
|
for( in_len = min_in_len; in_len <= max_in_len; in_len++ )
|
|
{
|
|
/* Set up dummy data and add_data */
|
|
rec_num++;
|
|
memset( add_data, rec_num, sizeof( add_data ) );
|
|
for( i = 0; i < in_len; i++ )
|
|
data[i] = ( i & 0xff ) ^ rec_num;
|
|
|
|
/* Get the function's result */
|
|
TEST_CF_SECRET( &in_len, sizeof( in_len ) );
|
|
TEST_ASSERT( 0 == mbedtls_ssl_cf_hmac( &ctx, add_data, sizeof( add_data ),
|
|
data, in_len,
|
|
min_in_len, max_in_len,
|
|
out ) );
|
|
TEST_CF_PUBLIC( &in_len, sizeof( in_len ) );
|
|
TEST_CF_PUBLIC( out, out_len );
|
|
|
|
/* Compute the reference result */
|
|
TEST_ASSERT( 0 == mbedtls_md_hmac_update( &ref_ctx, add_data,
|
|
sizeof( add_data ) ) );
|
|
TEST_ASSERT( 0 == mbedtls_md_hmac_update( &ref_ctx, data, in_len ) );
|
|
TEST_ASSERT( 0 == mbedtls_md_hmac_finish( &ref_ctx, ref_out ) );
|
|
TEST_ASSERT( 0 == mbedtls_md_hmac_reset( &ref_ctx ) );
|
|
|
|
/* Compare */
|
|
TEST_ASSERT( 0 == memcmp( out, ref_out, out_len ) );
|
|
}
|
|
|
|
mbedtls_free( data );
|
|
data = NULL;
|
|
}
|
|
|
|
exit:
|
|
mbedtls_md_free( &ref_ctx );
|
|
mbedtls_md_free( &ctx );
|
|
|
|
mbedtls_free( data );
|
|
mbedtls_free( out );
|
|
}
|
|
/* END_CASE */
|