mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-18 05:42:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Rewrap the lines to fit code standard in test_suite_ssl.function

Browse Source 
As the typedef statements and functions are renamed in commit
de3caee and commit d51d285 respectively. This commit aims
to align code lines to fit code standard and improve code
readability.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This commit is contained in:
Yanray Wang 2022-10-26 18:28:11 +08:00
parent f7b62353cb
commit bd29683c90
1 changed files with 233 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

385
tests/suites/test_suite_ssl.function
View File

@ -47,8 +47,8 @@ static int rng_get(void *p_rng, unsigned char *output, size_t output_len)
/* /*
* This function can be passed to mbedtls to receive output logs from it. In * This function can be passed to mbedtls to receive output logs from it. In
* this case, it will count the instances of a mbedtls_test_ssl_log_pattern in the received * this case, it will count the instances of a mbedtls_test_ssl_log_pattern
* logged messages. * in the received logged messages.
*/ */
void mbedtls_test_ssl_log_analyzer(void *ctx, int level, void mbedtls_test_ssl_log_analyzer(void *ctx, int level,
const char *file, int line, const char *file, int line,
@ -67,7 +67,8 @@ void mbedtls_test_ssl_log_analyzer(void *ctx, int level,
} }
} }
void mbedtls_test_init_handshake_options(mbedtls_test_handshake_test_options *opts) void mbedtls_test_init_handshake_options(
mbedtls_test_handshake_test_options *opts)
{ {
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
srand(rng_seed); srand(rng_seed);
@ -110,7 +111,8 @@ exit:
#endif #endif
} }
void mbedtls_test_free_handshake_options(mbedtls_test_handshake_test_options *opts) void mbedtls_test_free_handshake_options(
mbedtls_test_handshake_test_options *opts)
{ {
#if defined(MBEDTLS_SSL_CACHE_C) #if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_free(opts->cache); mbedtls_ssl_cache_free(opts->cache);
@ -151,9 +153,11 @@ void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf)
/* /*
* Sets up \p buf. After calling this function it is safe to call * Sets up \p buf. After calling this function it is safe to call
* `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()` on \p buf. * `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()`
* on \p buf.
*/ */
int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, size_t capacity) int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf,
size_t capacity)
{ {
buf->buffer = (unsigned char *) mbedtls_calloc(capacity, buf->buffer = (unsigned char *) mbedtls_calloc(capacity,
sizeof(unsigned char)); sizeof(unsigned char));
@ -326,8 +330,8 @@ void mbedtls_test_ssl_message_queue_free(mbedtls_test_ssl_message_queue *queue)
* \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full. * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full.
* \retval \p len, if the push was successful. * \retval \p len, if the push was successful.
*/ */
int mbedtls_test_ssl_message_queue_push_info(mbedtls_test_ssl_message_queue *queue, int mbedtls_test_ssl_message_queue_push_info(
size_t len) mbedtls_test_ssl_message_queue *queue, size_t len)
{ {
int place; int place;
if (queue == NULL) { if (queue == NULL) {
@ -354,8 +358,8 @@ int mbedtls_test_ssl_message_queue_push_info(mbedtls_test_ssl_message_queue *que
* \retval message length, if the pop was successful, up to the given * \retval message length, if the pop was successful, up to the given
\p buf_len. \p buf_len.
*/ */
int mbedtls_test_ssl_message_queue_pop_info(mbedtls_test_ssl_message_queue *queue, int mbedtls_test_ssl_message_queue_pop_info(
size_t buf_len) mbedtls_test_ssl_message_queue *queue, size_t buf_len)
{ {
size_t message_length; size_t message_length;
if (queue == NULL) { if (queue == NULL) {
@ -464,7 +468,8 @@ int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1,
int ret = -1; int ret = -1;
peer1->output = peer1->output =
(mbedtls_test_ssl_buffer *) mbedtls_calloc(1, sizeof(mbedtls_test_ssl_buffer)); (mbedtls_test_ssl_buffer *) mbedtls_calloc(
1, sizeof(mbedtls_test_ssl_buffer));
if (peer1->output == NULL) { if (peer1->output == NULL) {
ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
goto exit; goto exit;
@ -475,7 +480,8 @@ int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1,
} }
peer2->output = peer2->output =
(mbedtls_test_ssl_buffer *) mbedtls_calloc(1, sizeof(mbedtls_test_ssl_buffer)); (mbedtls_test_ssl_buffer *) mbedtls_calloc(
1, sizeof(mbedtls_test_ssl_buffer));
if (peer2->output == NULL) { if (peer2->output == NULL) {
ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
goto exit; goto exit;
@ -507,7 +513,8 @@ exit:
* Callbacks for simulating blocking I/O over connection-oriented transport. * Callbacks for simulating blocking I/O over connection-oriented transport.
*/ */
int mbedtls_test_mock_tcp_send_b(void *ctx, const unsigned char *buf, size_t len) int mbedtls_test_mock_tcp_send_b(void *ctx, const unsigned char *buf,
size_t len)
{ {
mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx;
@ -533,7 +540,8 @@ int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len)
* Callbacks for simulating non-blocking I/O over connection-oriented transport. * Callbacks for simulating non-blocking I/O over connection-oriented transport.
*/ */
int mbedtls_test_mock_tcp_send_nb(void *ctx, const unsigned char *buf, size_t len) int mbedtls_test_mock_tcp_send_nb(void *ctx, const unsigned char *buf,
size_t len)
{ {
mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx;
@ -579,11 +587,12 @@ void mbedtls_test_message_socket_init(mbedtls_test_message_socket_context *ctx)
* \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message
* queue failed. * queue failed.
*/ */
int mbedtls_test_message_socket_setup(mbedtls_test_ssl_message_queue *queue_input, int mbedtls_test_message_socket_setup(
mbedtls_test_ssl_message_queue *queue_output, mbedtls_test_ssl_message_queue *queue_input,
size_t queue_capacity, mbedtls_test_ssl_message_queue *queue_output,
mbedtls_test_mock_socket *socket, size_t queue_capacity,
mbedtls_test_message_socket_context *ctx) mbedtls_test_mock_socket *socket,
mbedtls_test_message_socket_context *ctx)
{ {
int ret = mbedtls_test_ssl_message_queue_setup(queue_input, queue_capacity); int ret = mbedtls_test_ssl_message_queue_setup(queue_input, queue_capacity);
if (ret != 0) { if (ret != 0) {
@ -618,17 +627,20 @@ void mbedtls_test_message_socket_close(mbedtls_test_message_socket_context *ctx)
* \retval \p len, if everything succeeds. * \retval \p len, if everything succeeds.
* \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
* elements or the context itself is null. * elements or the context itself is null.
* \retval MBEDTLS_TEST_ERROR_SEND_FAILED if mbedtls_test_mock_tcp_send_b failed. * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if
* mbedtls_test_mock_tcp_send_b failed.
* \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full. * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full.
* *
* This function will also return any error from * This function will also return any error from
* mbedtls_test_ssl_message_queue_push_info. * mbedtls_test_ssl_message_queue_push_info.
*/ */
int mbedtls_test_mock_tcp_send_msg(void *ctx, const unsigned char *buf, size_t len) int mbedtls_test_mock_tcp_send_msg(void *ctx, const unsigned char *buf,
size_t len)
{ {
mbedtls_test_ssl_message_queue *queue; mbedtls_test_ssl_message_queue *queue;
mbedtls_test_mock_socket *socket; mbedtls_test_mock_socket *socket;
mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context *) ctx; mbedtls_test_message_socket_context *context =
(mbedtls_test_message_socket_context *) ctx;
if (context == NULL || context->socket == NULL if (context == NULL || context->socket == NULL
|| context->queue_output == NULL) { || context->queue_output == NULL) {
@ -656,16 +668,20 @@ int mbedtls_test_mock_tcp_send_msg(void *ctx, const unsigned char *buf, size_t l
* \retval message length, if everything succeeds. * \retval message length, if everything succeeds.
* \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context
* elements or the context itself is null. * elements or the context itself is null.
* \retval MBEDTLS_TEST_ERROR_RECV_FAILED if mbedtls_test_mock_tcp_recv_b failed. * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if
* mbedtls_test_mock_tcp_recv_b failed.
* *
* This function will also return any error other than * This function will also return any error other than
* MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from mbedtls_test_message_queue_peek_info. * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from
* mbedtls_test_message_queue_peek_info.
*/ */
int mbedtls_test_mock_tcp_recv_msg(void *ctx, unsigned char *buf, size_t buf_len) int mbedtls_test_mock_tcp_recv_msg(void *ctx, unsigned char *buf,
size_t buf_len)
{ {
mbedtls_test_ssl_message_queue *queue; mbedtls_test_ssl_message_queue *queue;
mbedtls_test_mock_socket *socket; mbedtls_test_mock_socket *socket;
mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context *) ctx; mbedtls_test_message_socket_context *context =
(mbedtls_test_message_socket_context *) ctx;
size_t drop_len = 0; size_t drop_len = 0;
size_t msg_len; size_t msg_len;
int ret; int ret;
@ -697,7 +713,8 @@ int mbedtls_test_mock_tcp_recv_msg(void *ctx, unsigned char *buf, size_t buf_len
if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) {
/* Drop the remaining part of the message */ /* Drop the remaining part of the message */
if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len) != (int) drop_len) { if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len)
!= (int) drop_len) {
/* Inconsistent state - part of the message was read, /* Inconsistent state - part of the message was read,
* and a part couldn't. Not much we can do here, but it should not * and a part couldn't. Not much we can do here, but it should not
* happen in test environment, unless forced manually. */ * happen in test environment, unless forced manually. */
@ -747,7 +764,8 @@ void mbedtls_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep)
* *
* \retval 0 on success, otherwise error code. * \retval 0 on success, otherwise error code.
*/ */
int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, int pk_alg, int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep,
int pk_alg,
int opaque_alg, int opaque_alg2, int opaque_alg, int opaque_alg2,
int opaque_usage) int opaque_usage)
{ {
@ -868,8 +886,9 @@ exit:
} }
/* /*
* Initializes \p ep structure. It is important to call `mbedtls_test_ssl_endpoint_free()` * Initializes \p ep structure. It is important to call
* after calling this function even if it fails. * `mbedtls_test_ssl_endpoint_free()` after calling this function
* even if it fails.
* *
* \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or
* MBEDTLS_SSL_IS_CLIENT. * MBEDTLS_SSL_IS_CLIENT.
@ -881,12 +900,13 @@ exit:
* *
* \retval 0 on success, otherwise error code. * \retval 0 on success, otherwise error code.
*/ */
int mbedtls_test_ssl_endpoint_init(mbedtls_test_ssl_endpoint *ep, int endpoint_type, int mbedtls_test_ssl_endpoint_init(
mbedtls_test_handshake_test_options *options, mbedtls_test_ssl_endpoint *ep, int endpoint_type,
mbedtls_test_message_socket_context *dtls_context, mbedtls_test_handshake_test_options *options,
mbedtls_test_ssl_message_queue *input_queue, mbedtls_test_message_socket_context *dtls_context,
mbedtls_test_ssl_message_queue *output_queue, mbedtls_test_ssl_message_queue *input_queue,
uint16_t *group_list) mbedtls_test_ssl_message_queue *output_queue,
uint16_t *group_list)
{ {
int ret = -1; int ret = -1;
uintptr_t user_data_n; uintptr_t user_data_n;
@ -987,8 +1007,9 @@ exit:
/* /*
* Deinitializes endpoint represented by \p ep. * Deinitializes endpoint represented by \p ep.
*/ */
void mbedtls_test_ssl_endpoint_free(mbedtls_test_ssl_endpoint *ep, void mbedtls_test_ssl_endpoint_free(
mbedtls_test_message_socket_context *context) mbedtls_test_ssl_endpoint *ep,
mbedtls_test_message_socket_context *context)
{ {
mbedtls_endpoint_certificate_free(ep); mbedtls_endpoint_certificate_free(ep);
@ -1192,10 +1213,13 @@ int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl,
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_AES_C) defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_AES_C)
static int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform,
const unsigned char *iv, size_t iv_len, const unsigned char *iv,
const unsigned char *input, size_t ilen, size_t iv_len,
unsigned char *output, size_t *olen) const unsigned char *input,
size_t ilen,
unsigned char *output,
size_t *olen)
{ {
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
@ -1238,13 +1262,13 @@ static int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transfo
} }
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC && MBEDTLS_AES_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC && MBEDTLS_AES_C */
static int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in,
mbedtls_ssl_transform *t_out, mbedtls_ssl_transform *t_out,
int cipher_type, int hash_id, int cipher_type, int hash_id,
int etm, int tag_mode, int etm, int tag_mode,
mbedtls_ssl_protocol_version tls_version, mbedtls_ssl_protocol_version tls_version,
size_t cid0_len, size_t cid0_len,
size_t cid1_len) size_t cid1_len)
{ {
mbedtls_cipher_info_t const *cipher_info; mbedtls_cipher_info_t const *cipher_info;
int ret = 0; int ret = 0;
@ -1593,9 +1617,9 @@ cleanup:
* Populate a session structure for serialization tests. * Populate a session structure for serialization tests.
* Choose dummy values, mostly non-0 to distinguish from the init default. * Choose dummy values, mostly non-0 to distinguish from the init default.
*/ */
static int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session,
int ticket_len, int ticket_len,
const char *crt_file) const char *crt_file)
{ {
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
session->start = mbedtls_time(NULL) - 42; session->start = mbedtls_time(NULL) - 42;
@ -1690,9 +1714,9 @@ static int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session,
} }
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
static int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session,
int ticket_len, int ticket_len,
int endpoint_type) int endpoint_type)
{ {
((void) ticket_len); ((void) ticket_len);
session->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; session->tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
@ -1870,8 +1894,9 @@ int exchange_data(mbedtls_ssl_context *ssl_1,
} }
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
static int check_ssl_version(mbedtls_ssl_protocol_version expected_negotiated_version, static int check_ssl_version(
const mbedtls_ssl_context *ssl) mbedtls_ssl_protocol_version expected_negotiated_version,
const mbedtls_ssl_context *ssl)
{ {
const char *version_string = mbedtls_ssl_get_version(ssl); const char *version_string = mbedtls_ssl_get_version(ssl);
mbedtls_ssl_protocol_version version_number = mbedtls_ssl_protocol_version version_number =
@ -1908,7 +1933,8 @@ exit:
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *options) void mbedtls_test_ssl_perform_handshake(
mbedtls_test_handshake_test_options *options)
{ {
/* forced_ciphersuite needs to last until the end of the handshake */ /* forced_ciphersuite needs to last until the end of the handshake */
int forced_ciphersuite[2]; int forced_ciphersuite[2];
@ -1939,7 +1965,8 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt
/* Client side */ /* Client side */
if (options->dtls != 0) { if (options->dtls != 0) {
TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client,
MBEDTLS_SSL_IS_CLIENT,
options, &client_context, options, &client_context,
&client_queue, &client_queue,
&server_queue, NULL) == 0); &server_queue, NULL) == 0);
@ -1949,7 +1976,8 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt
mbedtls_timing_get_delay); mbedtls_timing_get_delay);
#endif #endif
} else { } else {
TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client,
MBEDTLS_SSL_IS_CLIENT,
options, NULL, NULL, options, NULL, NULL,
NULL, NULL) == 0); NULL, NULL) == 0);
} }
@ -1978,7 +2006,8 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt
/* Server side */ /* Server side */
if (options->dtls != 0) { if (options->dtls != 0) {
TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server,
MBEDTLS_SSL_IS_SERVER,
options, &server_context, options, &server_context,
&server_queue, &server_queue,
&client_queue, NULL) == 0); &client_queue, NULL) == 0);
@ -1988,7 +2017,8 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt
mbedtls_timing_get_delay); mbedtls_timing_get_delay);
#endif #endif
} else { } else {
TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server,
MBEDTLS_SSL_IS_SERVER,
options, NULL, NULL, NULL, options, NULL, NULL, NULL,
NULL) == 0); NULL) == 0);
} }
@ -2085,7 +2115,8 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt
/* Make sure server state is moved to HANDSHAKE_OVER also. */ /* Make sure server state is moved to HANDSHAKE_OVER also. */
TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(server.ssl), TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(server.ssl),
&(client.ssl), &(client.ssl),
MBEDTLS_SSL_HANDSHAKE_OVER), 0); MBEDTLS_SSL_HANDSHAKE_OVER),
0);
TEST_ASSERT(mbedtls_ssl_is_handshake_over(&server.ssl) == 1); TEST_ASSERT(mbedtls_ssl_is_handshake_over(&server.ssl) == 1);
/* Check that both sides have negotiated the expected version. */ /* Check that both sides have negotiated the expected version. */
@ -2265,8 +2296,12 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt
TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server.ssl) == &server); TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server.ssl) == &server);
exit: exit:
mbedtls_test_ssl_endpoint_free(&client, options->dtls != 0 ? &client_context : NULL); mbedtls_test_ssl_endpoint_free(&client,
mbedtls_test_ssl_endpoint_free(&server, options->dtls != 0 ? &server_context : NULL); options->dtls != 0 ?
&client_context : NULL);
mbedtls_test_ssl_endpoint_free(&server,
options->dtls != 0 ?
&server_context : NULL);
#if defined(MBEDTLS_DEBUG_C) #if defined(MBEDTLS_DEBUG_C)
if (options->cli_log_fun || options->srv_log_fun) { if (options->cli_log_fun || options->srv_log_fun) {
mbedtls_debug_set_threshold(0); mbedtls_debug_set_threshold(0);
@ -2450,7 +2485,8 @@ void test_callback_buffer_sanity()
== -1); == -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, output, sizeof(output)) TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, output, sizeof(output))
== -1); == -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, sizeof(input)) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, sizeof(input))
== -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, 0) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, 0) == -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, NULL, 0) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, NULL, 0) == -1);
@ -2459,10 +2495,12 @@ void test_callback_buffer_sanity()
* in error. */ * in error. */
mbedtls_test_ssl_buffer_init(&buf); mbedtls_test_ssl_buffer_init(&buf);
TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input))
== -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output)) TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output))
== -1); == -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input))
== -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == -1);
@ -2474,7 +2512,8 @@ void test_callback_buffer_sanity()
TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, sizeof(input)) == 0); TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, sizeof(input)) == 0);
TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input))
== -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, sizeof(output)) TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, sizeof(output))
== 0); == 0);
TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == 0); TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == 0);
@ -2609,8 +2648,8 @@ exit:
/* END_CASE */ /* END_CASE */
/* /*
* Test if the implementation of `mbedtls_test_mock_socket` related I/O functions is * Test if the implementation of `mbedtls_test_mock_socket` related
* correct and works as expected on unconnected sockets. * I/O functions is correct and works as expected on unconnected sockets.
*/ */
/* BEGIN_CASE */ /* BEGIN_CASE */
@ -2642,8 +2681,8 @@ exit:
/* END_CASE */ /* END_CASE */
/* /*
* Test if the implementation of `mbedtls_test_mock_socket` related functions can * Test if the implementation of `mbedtls_test_mock_socket` related functions
* send a single message from the client to the server. * can send a single message from the client to the server.
*/ */
/* BEGIN_CASE */ /* BEGIN_CASE */
@ -2679,7 +2718,8 @@ void ssl_mock_tcp(int blocking)
} }
/* Make sure that sending a message takes a few iterations. */ /* Make sure that sending a message takes a few iterations. */
TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, BUFLEN)); TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
BUFLEN));
/* Send the message to the server */ /* Send the message to the server */
send_ret = recv_ret = 1; send_ret = recv_ret = 1;
@ -2735,8 +2775,8 @@ exit:
/* END_CASE */ /* END_CASE */
/* /*
* Test if the implementation of `mbedtls_test_mock_socket` related functions can * Test if the implementation of `mbedtls_test_mock_socket` related functions
* send messages in both direction at the same time (with the I/O calls * can send messages in both direction at the same time (with the I/O calls
* interleaving). * interleaving).
*/ */
@ -2778,7 +2818,8 @@ void ssl_mock_tcp_interleaving(int blocking)
} }
/* Make sure that sending a message takes a few iterations. */ /* Make sure that sending a message takes a few iterations. */
TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, BUFLEN)); TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server,
BUFLEN));
/* Send the message from both sides, interleaving. */ /* Send the message from both sides, interleaving. */
progress = 1; progress = 1;
@ -3005,27 +3046,33 @@ void ssl_message_mock_uninitialized()
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(NULL, message, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(NULL, message, MSGLEN)
== MBEDTLS_TEST_ERROR_CONTEXT_ERROR); == MBEDTLS_TEST_ERROR_CONTEXT_ERROR);
TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 1, TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
&client_queue, 1,
&server, &server,
&server_context) == 0); &server_context) == 0);
TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 1, TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
&server_queue, 1,
&client, &client,
&client_context) == 0); &client_context) == 0);
TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
MSGLEN)
== MBEDTLS_TEST_ERROR_SEND_FAILED); == MBEDTLS_TEST_ERROR_SEND_FAILED);
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN)
== MBEDTLS_ERR_SSL_WANT_READ); == MBEDTLS_ERR_SSL_WANT_READ);
/* Push directly to a queue to later simulate a disconnected behavior */ /* Push directly to a queue to later simulate a disconnected behavior */
TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&server_queue, MSGLEN) TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&server_queue,
MSGLEN)
== MSGLEN); == MSGLEN);
/* Test if there's an error when trying to read from a disconnected /* Test if there's an error when trying to read from a disconnected
* socket */ * socket */
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN)
== MBEDTLS_TEST_ERROR_RECV_FAILED); == MBEDTLS_TEST_ERROR_RECV_FAILED);
exit: exit:
mbedtls_test_message_socket_close(&server_context); mbedtls_test_message_socket_close(&server_context);
@ -3045,11 +3092,13 @@ void ssl_message_mock_basic()
mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&server_context);
mbedtls_test_message_socket_init(&client_context); mbedtls_test_message_socket_init(&client_context);
TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 1, TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
&client_queue, 1,
&server, &server,
&server_context) == 0); &server_context) == 0);
TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 1, TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
&server_queue, 1,
&client, &client,
&client_context) == 0); &client_context) == 0);
@ -3066,7 +3115,8 @@ void ssl_message_mock_basic()
MSGLEN) == MSGLEN); MSGLEN) == MSGLEN);
/* Read from the server */ /* Read from the server */
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN)
== MSGLEN); == MSGLEN);
TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
@ -3074,10 +3124,12 @@ void ssl_message_mock_basic()
/* Send the message to the client */ /* Send the message to the client */
TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message, TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message,
MSGLEN) == MSGLEN); MSGLEN)
== MSGLEN);
/* Read from the client */ /* Read from the client */
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
MSGLEN)
== MSGLEN); == MSGLEN);
TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
@ -3099,11 +3151,13 @@ void ssl_message_mock_queue_overflow_underflow()
mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&server_context);
mbedtls_test_message_socket_init(&client_context); mbedtls_test_message_socket_init(&client_context);
TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 2, TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
&client_queue, 2,
&server, &server,
&server_context) == 0); &server_context) == 0);
TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 2, TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
&server_queue, 2,
&client, &client,
&client_context) == 0); &client_context) == 0);
@ -3117,10 +3171,12 @@ void ssl_message_mock_queue_overflow_underflow()
/* Send three message to the server, last one with an error */ /* Send three message to the server, last one with an error */
TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
MSGLEN - 1) == MSGLEN - 1); MSGLEN - 1)
== MSGLEN - 1);
TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
MSGLEN) == MSGLEN); MSGLEN)
== MSGLEN);
TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
MSGLEN) MSGLEN)
@ -3128,14 +3184,17 @@ void ssl_message_mock_queue_overflow_underflow()
/* Read three messages from the server, last one with an error */ /* Read three messages from the server, last one with an error */
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN - 1) == MSGLEN - 1); MSGLEN - 1)
== MSGLEN - 1);
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN)
== MSGLEN); == MSGLEN);
TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN)
== MBEDTLS_ERR_SSL_WANT_READ); == MBEDTLS_ERR_SSL_WANT_READ);
exit: exit:
@ -3156,11 +3215,13 @@ void ssl_message_mock_socket_overflow()
mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&server_context);
mbedtls_test_message_socket_init(&client_context); mbedtls_test_message_socket_init(&client_context);
TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 2, TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
&client_queue, 2,
&server, &server,
&server_context) == 0); &server_context) == 0);
TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 2, TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
&server_queue, 2,
&client, &client,
&client_context) == 0); &client_context) == 0);
@ -3174,14 +3235,16 @@ void ssl_message_mock_socket_overflow()
/* Send two message to the server, second one with an error */ /* Send two message to the server, second one with an error */
TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
MSGLEN) == MSGLEN); MSGLEN)
== MSGLEN);
TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
MSGLEN) MSGLEN)
== MBEDTLS_TEST_ERROR_SEND_FAILED); == MBEDTLS_TEST_ERROR_SEND_FAILED);
/* Read the only message from the server */ /* Read the only message from the server */
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN)
== MSGLEN); == MSGLEN);
TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
@ -3204,11 +3267,13 @@ void ssl_message_mock_truncated()
mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&server_context);
mbedtls_test_message_socket_init(&client_context); mbedtls_test_message_socket_init(&client_context);
TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 2, TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
&client_queue, 2,
&server, &server,
&server_context) == 0); &server_context) == 0);
TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 2, TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
&server_queue, 2,
&client, &client,
&client_context) == 0); &client_context) == 0);
@ -3224,11 +3289,14 @@ void ssl_message_mock_truncated()
/* Send two messages to the server, the second one small enough to fit in the /* Send two messages to the server, the second one small enough to fit in the
* receiver's buffer. */ * receiver's buffer. */
TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
MSGLEN) == MSGLEN); MSGLEN)
== MSGLEN);
TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
MSGLEN / 2) == MSGLEN / 2); MSGLEN / 2)
== MSGLEN / 2);
/* Read a truncated message from the server */ /* Read a truncated message from the server */
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN/2) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN/2)
== MSGLEN/2); == MSGLEN/2);
/* Test that the first half of the message is valid, and second one isn't */ /* Test that the first half of the message is valid, and second one isn't */
@ -3238,7 +3306,8 @@ void ssl_message_mock_truncated()
memset(received, 0, MSGLEN); memset(received, 0, MSGLEN);
/* Read a full message from the server */ /* Read a full message from the server */
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN/2) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN/2)
== MSGLEN / 2); == MSGLEN / 2);
/* Test that the first half of the message is valid */ /* Test that the first half of the message is valid */
@ -3262,11 +3331,13 @@ void ssl_message_mock_socket_read_error()
mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&server_context);
mbedtls_test_message_socket_init(&client_context); mbedtls_test_message_socket_init(&client_context);
TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 1, TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
&client_queue, 1,
&server, &server,
&server_context) == 0); &server_context) == 0);
TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 1, TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
&server_queue, 1,
&client, &client,
&client_context) == 0); &client_context) == 0);
@ -3279,11 +3350,13 @@ void ssl_message_mock_socket_read_error()
MSGLEN)); MSGLEN));
TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message,
MSGLEN) == MSGLEN); MSGLEN)
== MSGLEN);
/* Force a read error by disconnecting the socket by hand */ /* Force a read error by disconnecting the socket by hand */
server.status = 0; server.status = 0;
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN)
== MBEDTLS_TEST_ERROR_RECV_FAILED); == MBEDTLS_TEST_ERROR_RECV_FAILED);
/* Return to a valid state */ /* Return to a valid state */
server.status = MBEDTLS_MOCK_SOCKET_CONNECTED; server.status = MBEDTLS_MOCK_SOCKET_CONNECTED;
@ -3292,7 +3365,8 @@ void ssl_message_mock_socket_read_error()
/* Test that even though the server tried to read once disconnected, the /* Test that even though the server tried to read once disconnected, the
* continuity is preserved */ * continuity is preserved */
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN)
== MSGLEN); == MSGLEN);
TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
@ -3315,11 +3389,13 @@ void ssl_message_mock_interleaved_one_way()
mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&server_context);
mbedtls_test_message_socket_init(&client_context); mbedtls_test_message_socket_init(&client_context);
TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 3, TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
&client_queue, 3,
&server, &server,
&server_context) == 0); &server_context) == 0);
TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 3, TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
&server_queue, 3,
&client, &client,
&client_context) == 0); &client_context) == 0);
@ -3352,7 +3428,8 @@ void ssl_message_mock_interleaved_one_way()
TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0);
} }
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN)
== MBEDTLS_ERR_SSL_WANT_READ); == MBEDTLS_ERR_SSL_WANT_READ);
exit: exit:
mbedtls_test_message_socket_close(&server_context); mbedtls_test_message_socket_close(&server_context);
@ -3372,11 +3449,13 @@ void ssl_message_mock_interleaved_two_ways()
mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&server_context);
mbedtls_test_message_socket_init(&client_context); mbedtls_test_message_socket_init(&client_context);
TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 3, TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue,
&client_queue, 3,
&server, &server,
&server_context) == 0); &server_context) == 0);
TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 3, TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue,
&server_queue, 3,
&client, &client,
&client_context) == 0); &client_context) == 0);
@ -3432,10 +3511,12 @@ void ssl_message_mock_interleaved_two_ways()
memset(received, 0, sizeof(received)); memset(received, 0, sizeof(received));
} }
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received,
MSGLEN)
== MBEDTLS_ERR_SSL_WANT_READ); == MBEDTLS_ERR_SSL_WANT_READ);
TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, MSGLEN) TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received,
MSGLEN)
== MBEDTLS_ERR_SSL_WANT_READ); == MBEDTLS_ERR_SSL_WANT_READ);
exit: exit:
mbedtls_test_message_socket_close(&server_context); mbedtls_test_message_socket_close(&server_context);
@ -3933,9 +4014,9 @@ void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac,
/* /*
* Encrypt and decrypt the correct record, expecting success * Encrypt and decrypt the correct record, expecting success
*/ */
TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper(
rec.buf + rec.data_offset, rec.data_len, &t0, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset,
rec.buf + rec.data_offset, &olen)); rec.data_len, rec.buf + rec.data_offset, &olen));
rec.data_offset -= t0.ivlen; rec.data_offset -= t0.ivlen;
rec.data_len += t0.ivlen; rec.data_len += t0.ivlen;
@ -3957,10 +4038,9 @@ void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac,
rec.buf[i] ^= 0x01; rec.buf[i] ^= 0x01;
/* Encrypt */ /* Encrypt */
TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper(
rec.buf + rec.data_offset, &t0, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset,
rec.data_len, rec.data_len, rec.buf + rec.data_offset, &olen));
rec.buf + rec.data_offset, &olen));
rec.data_offset -= t0.ivlen; rec.data_offset -= t0.ivlen;
rec.data_len += t0.ivlen; rec.data_len += t0.ivlen;
@ -3993,10 +4073,9 @@ void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac,
memset(buf + buflen - padlen - 1, i, padlen + 1); memset(buf + buflen - padlen - 1, i, padlen + 1);
/* Encrypt */ /* Encrypt */
TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper(
rec.buf + rec.data_offset, &t0, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset,
rec.data_len, rec.data_len, rec.buf + rec.data_offset, &olen));
rec.buf + rec.data_offset, &olen));
rec.data_offset -= t0.ivlen; rec.data_offset -= t0.ivlen;
rec.data_len += t0.ivlen; rec.data_len += t0.ivlen;
@ -4806,7 +4885,8 @@ void ssl_session_serialize_version_check(int corrupt_major,
&session, 0, endpoint_type) == 0); &session, 0, endpoint_type) == 0);
} else } else
#endif #endif
TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session(&session, 0, NULL) == 0); TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session(
&session, 0, NULL) == 0);
/* Infer length of serialized session. */ /* Infer length of serialized session. */
@ -4867,7 +4947,8 @@ void mbedtls_endpoint_sanity(int endpoint_type)
NULL, NULL, NULL, NULL); NULL, NULL, NULL, NULL);
TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret); TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret);
ret = mbedtls_test_ssl_endpoint_certificate_init(NULL, options.pk_alg, 0, 0, 0); ret = mbedtls_test_ssl_endpoint_certificate_init(NULL, options.pk_alg,
0, 0, 0);
TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret); TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret);
ret = mbedtls_test_ssl_endpoint_init(&ep, endpoint_type, &options, ret = mbedtls_test_ssl_endpoint_init(&ep, endpoint_type, &options,
@ -4898,10 +4979,11 @@ void move_handshake_to_state(int endpoint_type, int state, int need_pass)
NULL, NULL, NULL, NULL); NULL, NULL, NULL, NULL);
TEST_ASSERT(ret == 0); TEST_ASSERT(ret == 0);
ret = mbedtls_test_ssl_endpoint_init(&second_ep, ret = mbedtls_test_ssl_endpoint_init(
(endpoint_type == MBEDTLS_SSL_IS_SERVER) ? &second_ep,
MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, (endpoint_type == MBEDTLS_SSL_IS_SERVER) ?
&options, NULL, NULL, NULL, NULL); MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER,
&options, NULL, NULL, NULL, NULL);
TEST_ASSERT(ret == 0); TEST_ASSERT(ret == 0);
@ -5441,9 +5523,8 @@ void force_bad_session_id_len()
&(server.socket), &(server.socket),
BUFFSIZE) == 0); BUFFSIZE) == 0);
TEST_ASSERT(mbedtls_test_move_handshake_to_state(&(client.ssl), TEST_ASSERT(mbedtls_test_move_handshake_to_state(
&(server.ssl), &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_WRAPUP)
MBEDTLS_SSL_HANDSHAKE_WRAPUP)
== 0); == 0);
/* Force a bad session_id_len that will be read by the server in /* Force a bad session_id_len that will be read by the server in
* mbedtls_ssl_cache_set. */ * mbedtls_ssl_cache_set. */
@ -5622,10 +5703,9 @@ void raw_key_agreement_fail(int bad_server_ecdhe_key)
&(server.socket), &(server.socket),
BUFFSIZE), 0); BUFFSIZE), 0);
TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(client.ssl), TEST_EQUAL(mbedtls_test_move_handshake_to_state(
&(server.ssl), &(client.ssl), &(server.ssl),
MBEDTLS_SSL_CLIENT_KEY_EXCHANGE) MBEDTLS_SSL_CLIENT_KEY_EXCHANGE), 0);
, 0);
mbedtls_psa_get_stats(&stats); mbedtls_psa_get_stats(&stats);
/* Save the number of slots in use up to this point. /* Save the number of slots in use up to this point.
@ -5638,9 +5718,8 @@ void raw_key_agreement_fail(int bad_server_ecdhe_key)
(client.ssl).handshake->ecdh_psa_peerkey[0] ^= 0x02; (client.ssl).handshake->ecdh_psa_peerkey[0] ^= 0x02;
} }
TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(client.ssl), TEST_EQUAL(mbedtls_test_move_handshake_to_state(
&(server.ssl), &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_OVER),
MBEDTLS_SSL_HANDSHAKE_OVER),
bad_server_ecdhe_key ? MBEDTLS_ERR_SSL_HW_ACCEL_FAILED : 0); bad_server_ecdhe_key ? MBEDTLS_ERR_SSL_HW_ACCEL_FAILED : 0);
mbedtls_psa_get_stats(&stats); mbedtls_psa_get_stats(&stats);
@ -5682,13 +5761,15 @@ void tls13_server_certificate_msg_invalid_vector_len()
mbedtls_test_init_handshake_options(&client_options); mbedtls_test_init_handshake_options(&client_options);
client_options.pk_alg = MBEDTLS_PK_ECDSA; client_options.pk_alg = MBEDTLS_PK_ECDSA;
ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
&client_options, NULL, NULL, NULL, NULL); &client_options, NULL, NULL, NULL,
NULL);
TEST_EQUAL(ret, 0); TEST_EQUAL(ret, 0);
mbedtls_test_init_handshake_options(&server_options); mbedtls_test_init_handshake_options(&server_options);
server_options.pk_alg = MBEDTLS_PK_ECDSA; server_options.pk_alg = MBEDTLS_PK_ECDSA;
ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER,
&server_options, NULL, NULL, NULL, NULL); &server_options, NULL, NULL, NULL,
NULL);
TEST_EQUAL(ret, 0); TEST_EQUAL(ret, 0);
ret = mbedtls_test_mock_socket_connect(&(client_ep.socket), ret = mbedtls_test_mock_socket_connect(&(client_ep.socket),
@ -5698,17 +5779,17 @@ void tls13_server_certificate_msg_invalid_vector_len()
while (1) { while (1) {
mbedtls_test_set_step(++step); mbedtls_test_set_step(++step);
ret = mbedtls_test_move_handshake_to_state(&(server_ep.ssl), ret = mbedtls_test_move_handshake_to_state(
&(client_ep.ssl), &(server_ep.ssl), &(client_ep.ssl),
MBEDTLS_SSL_CERTIFICATE_VERIFY); MBEDTLS_SSL_CERTIFICATE_VERIFY);
TEST_EQUAL(ret, 0); TEST_EQUAL(ret, 0);
ret = mbedtls_ssl_flush_output(&(server_ep.ssl)); ret = mbedtls_ssl_flush_output(&(server_ep.ssl));
TEST_EQUAL(ret, 0); TEST_EQUAL(ret, 0);
ret = mbedtls_test_move_handshake_to_state(&(client_ep.ssl), ret = mbedtls_test_move_handshake_to_state(
&(server_ep.ssl), &(client_ep.ssl), &(server_ep.ssl),
MBEDTLS_SSL_SERVER_CERTIFICATE); MBEDTLS_SSL_SERVER_CERTIFICATE);
TEST_EQUAL(ret, 0); TEST_EQUAL(ret, 0);
ret = mbedtls_ssl_tls13_fetch_handshake_msg(&(client_ep.ssl), ret = mbedtls_ssl_tls13_fetch_handshake_msg(&(client_ep.ssl),