cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-12 08:38:08 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add cookie parsing tests to test_suite_ssl

Browse Source 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
Andrzej Kurek 2022-06-06 13:08:23 -04:00
parent e5af9fabf7
commit 862acb8403
4 changed files with 57 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/mbedtls/ssl_internal.h
View File

@ -1306,4 +1306,12 @@ void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl );
void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ); void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight );
#endif /* MBEDTLS_SSL_PROTO_DTLS */ #endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_TEST_HOOKS)
int ssl_check_dtls_clihlo_cookie(
mbedtls_ssl_context *ssl,
const unsigned char *cli_id, size_t cli_id_len,
const unsigned char *in, size_t in_len,
unsigned char *obuf, size_t buf_len, size_t *olen );
#endif
#endif /* ssl_internal.h */ #endif /* ssl_internal.h */

5
library/ssl_msg.c
View File

@ -3239,7 +3239,10 @@ void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl )
* return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED * return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED
* - otherwise return a specific error code * - otherwise return a specific error code
*/ */
static int ssl_check_dtls_clihlo_cookie( #if !defined(MBEDTLS_TEST_HOOKS)
static
#endif
int ssl_check_dtls_clihlo_cookie(
mbedtls_ssl_context *ssl, mbedtls_ssl_context *ssl,
const unsigned char *cli_id, size_t cli_id_len, const unsigned char *cli_id, size_t cli_id_len,
const unsigned char *in, size_t in_len, const unsigned char *in, size_t in_len,

18
tests/suites/test_suite_ssl.data
View File

@ -10689,3 +10689,21 @@ raw_key_agreement_fail:0
Raw key agreement: bad server key Raw key agreement: bad server key
raw_key_agreement_fail:1 raw_key_agreement_fail:1
Cookie parsing: nominal run
cookie_parsing:"16fefd0000000000000000002F010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d00200000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_SSL_INTERNAL_ERROR
Cookie parsing: cookie_len overflow
cookie_parsing:"16fefd000000000000000000ea010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727db97b7373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737db963":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
Cookie parsing: non-zero fragment offset
cookie_parsing:"16fefd00000000000000000032010000de000072000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d01730143":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
Cookie parsing: sid_len overflow
cookie_parsing:"16fefd00000000000000000032010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727dFF730143":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
Cookie parsing: record too short
cookie_parsing:"16fefd0000000000000000002f010000de000072000000011efefd7b7272727272727272727272727272727272727272727272727272727272727dFF":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
Cookie parsing: one byte overread
cookie_parsing:"16fefd0000000000000000002F010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d0001":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO

27
tests/suites/test_suite_ssl.function
View File

@ -4624,3 +4624,30 @@ exit:
USE_PSA_DONE( ); USE_PSA_DONE( );
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
void cookie_parsing( data_t *cookie, int exp_ret )
{
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
size_t len;
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
TEST_EQUAL( mbedtls_ssl_config_defaults( &conf, MBEDTLS_SSL_IS_SERVER,
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
MBEDTLS_SSL_PRESET_DEFAULT ),
0 );
TEST_EQUAL( mbedtls_ssl_setup( &ssl, &conf ), 0 );
TEST_EQUAL( ssl_check_dtls_clihlo_cookie( &ssl, ssl.cli_id, ssl.cli_id_len,
cookie->x, cookie->len,
ssl.out_buf,
MBEDTLS_SSL_OUT_CONTENT_LEN,
&len ),
exp_ret );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
}
/* END_CASE */