mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-30 06:33:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tests: ssl: Improve test code for very small max_early_data_size

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2024-03-08 14:44:35 +01:00
parent db944a7863
commit 1a13e2f43e
1 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
tests/suites/test_suite_ssl.function
View File

@ -4675,12 +4675,27 @@ void tls13_srv_max_early_data_size(int scenario, int max_early_data_size_arg, in
case TEST_EARLY_DATA_HRR:
ret = mbedtls_ssl_handshake(&(server_ep.ssl));
/*
* Can be the case if max_early_data_size is smaller then the
* smallest inner content or protected record.
* In this write loop we try to always stay below the
* max_early_data_size limit but if max_early_data_size is very
* small we may exceed the max_early_data_size limit on the
* first write. In TEST_EARLY_DATA_SERVER_REJECTS/
* TEST_EARLY_DATA_HRR scenario, this is for sure the case if
* max_early_data_size is smaller than the smallest possible
* inner content/protected record. Take into account this
* possibility here but only for max_early_data_size values
* that are close to write_size. Below, chosen 1 for one byte
* of inner type and 16 bytes for AEAD expansion (IV, ...).
*/
if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE) {
/* Beyond 64 for max_early_data_size it is suspicious */
TEST_ASSERT(max_early_data_size < 64);
if (scenario == TEST_EARLY_DATA_SERVER_REJECTS) {
TEST_LE_U(max_early_data_size,
write_size + 1 +
MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY);
} else {
TEST_LE_U(max_early_data_size,
write_size + 1 + 16 +
MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY);
}
goto exit;
}