diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index bdd40487e..9d425aed2 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -47,8 +47,8 @@ static int rng_get(void *p_rng, unsigned char *output, size_t output_len) /* * This function can be passed to mbedtls to receive output logs from it. In - * this case, it will count the instances of a mbedtls_test_ssl_log_pattern in the received - * logged messages. + * this case, it will count the instances of a mbedtls_test_ssl_log_pattern + * in the received logged messages. */ void mbedtls_test_ssl_log_analyzer(void *ctx, int level, const char *file, int line, @@ -67,7 +67,8 @@ void mbedtls_test_ssl_log_analyzer(void *ctx, int level, } } -void mbedtls_test_init_handshake_options(mbedtls_test_handshake_test_options *opts) +void mbedtls_test_init_handshake_options( + mbedtls_test_handshake_test_options *opts) { #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) srand(rng_seed); @@ -110,7 +111,8 @@ exit: #endif } -void mbedtls_test_free_handshake_options(mbedtls_test_handshake_test_options *opts) +void mbedtls_test_free_handshake_options( + mbedtls_test_handshake_test_options *opts) { #if defined(MBEDTLS_SSL_CACHE_C) mbedtls_ssl_cache_free(opts->cache); @@ -151,9 +153,11 @@ void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf) /* * Sets up \p buf. After calling this function it is safe to call - * `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()` on \p buf. + * `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()` + * on \p buf. */ -int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, size_t capacity) +int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, + size_t capacity) { buf->buffer = (unsigned char *) mbedtls_calloc(capacity, sizeof(unsigned char)); @@ -326,8 +330,8 @@ void mbedtls_test_ssl_message_queue_free(mbedtls_test_ssl_message_queue *queue) * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full. * \retval \p len, if the push was successful. */ -int mbedtls_test_ssl_message_queue_push_info(mbedtls_test_ssl_message_queue *queue, - size_t len) +int mbedtls_test_ssl_message_queue_push_info( + mbedtls_test_ssl_message_queue *queue, size_t len) { int place; if (queue == NULL) { @@ -354,8 +358,8 @@ int mbedtls_test_ssl_message_queue_push_info(mbedtls_test_ssl_message_queue *que * \retval message length, if the pop was successful, up to the given \p buf_len. */ -int mbedtls_test_ssl_message_queue_pop_info(mbedtls_test_ssl_message_queue *queue, - size_t buf_len) +int mbedtls_test_ssl_message_queue_pop_info( + mbedtls_test_ssl_message_queue *queue, size_t buf_len) { size_t message_length; if (queue == NULL) { @@ -464,7 +468,8 @@ int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1, int ret = -1; peer1->output = - (mbedtls_test_ssl_buffer *) mbedtls_calloc(1, sizeof(mbedtls_test_ssl_buffer)); + (mbedtls_test_ssl_buffer *) mbedtls_calloc( + 1, sizeof(mbedtls_test_ssl_buffer)); if (peer1->output == NULL) { ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; @@ -475,7 +480,8 @@ int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1, } peer2->output = - (mbedtls_test_ssl_buffer *) mbedtls_calloc(1, sizeof(mbedtls_test_ssl_buffer)); + (mbedtls_test_ssl_buffer *) mbedtls_calloc( + 1, sizeof(mbedtls_test_ssl_buffer)); if (peer2->output == NULL) { ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; @@ -507,7 +513,8 @@ exit: * Callbacks for simulating blocking I/O over connection-oriented transport. */ -int mbedtls_test_mock_tcp_send_b(void *ctx, const unsigned char *buf, size_t len) +int mbedtls_test_mock_tcp_send_b(void *ctx, const unsigned char *buf, + size_t len) { mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; @@ -533,7 +540,8 @@ int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len) * Callbacks for simulating non-blocking I/O over connection-oriented transport. */ -int mbedtls_test_mock_tcp_send_nb(void *ctx, const unsigned char *buf, size_t len) +int mbedtls_test_mock_tcp_send_nb(void *ctx, const unsigned char *buf, + size_t len) { mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; @@ -579,11 +587,12 @@ void mbedtls_test_message_socket_init(mbedtls_test_message_socket_context *ctx) * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message * queue failed. */ -int mbedtls_test_message_socket_setup(mbedtls_test_ssl_message_queue *queue_input, - mbedtls_test_ssl_message_queue *queue_output, - size_t queue_capacity, - mbedtls_test_mock_socket *socket, - mbedtls_test_message_socket_context *ctx) +int mbedtls_test_message_socket_setup( + mbedtls_test_ssl_message_queue *queue_input, + mbedtls_test_ssl_message_queue *queue_output, + size_t queue_capacity, + mbedtls_test_mock_socket *socket, + mbedtls_test_message_socket_context *ctx) { int ret = mbedtls_test_ssl_message_queue_setup(queue_input, queue_capacity); if (ret != 0) { @@ -618,17 +627,20 @@ void mbedtls_test_message_socket_close(mbedtls_test_message_socket_context *ctx) * \retval \p len, if everything succeeds. * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context * elements or the context itself is null. - * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if mbedtls_test_mock_tcp_send_b failed. + * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if + * mbedtls_test_mock_tcp_send_b failed. * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full. * * This function will also return any error from * mbedtls_test_ssl_message_queue_push_info. */ -int mbedtls_test_mock_tcp_send_msg(void *ctx, const unsigned char *buf, size_t len) +int mbedtls_test_mock_tcp_send_msg(void *ctx, const unsigned char *buf, + size_t len) { mbedtls_test_ssl_message_queue *queue; mbedtls_test_mock_socket *socket; - mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context *) ctx; + mbedtls_test_message_socket_context *context = + (mbedtls_test_message_socket_context *) ctx; if (context == NULL || context->socket == NULL || context->queue_output == NULL) { @@ -656,16 +668,20 @@ int mbedtls_test_mock_tcp_send_msg(void *ctx, const unsigned char *buf, size_t l * \retval message length, if everything succeeds. * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context * elements or the context itself is null. - * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if mbedtls_test_mock_tcp_recv_b failed. + * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if + * mbedtls_test_mock_tcp_recv_b failed. * * This function will also return any error other than - * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from mbedtls_test_message_queue_peek_info. + * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from + * mbedtls_test_message_queue_peek_info. */ -int mbedtls_test_mock_tcp_recv_msg(void *ctx, unsigned char *buf, size_t buf_len) +int mbedtls_test_mock_tcp_recv_msg(void *ctx, unsigned char *buf, + size_t buf_len) { mbedtls_test_ssl_message_queue *queue; mbedtls_test_mock_socket *socket; - mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context *) ctx; + mbedtls_test_message_socket_context *context = + (mbedtls_test_message_socket_context *) ctx; size_t drop_len = 0; size_t msg_len; int ret; @@ -697,7 +713,8 @@ int mbedtls_test_mock_tcp_recv_msg(void *ctx, unsigned char *buf, size_t buf_len if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { /* Drop the remaining part of the message */ - if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len) != (int) drop_len) { + if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len) + != (int) drop_len) { /* Inconsistent state - part of the message was read, * and a part couldn't. Not much we can do here, but it should not * happen in test environment, unless forced manually. */ @@ -747,7 +764,8 @@ void mbedtls_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep) * * \retval 0 on success, otherwise error code. */ -int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, int pk_alg, +int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, + int pk_alg, int opaque_alg, int opaque_alg2, int opaque_usage) { @@ -868,8 +886,9 @@ exit: } /* - * Initializes \p ep structure. It is important to call `mbedtls_test_ssl_endpoint_free()` - * after calling this function even if it fails. + * Initializes \p ep structure. It is important to call + * `mbedtls_test_ssl_endpoint_free()` after calling this function + * even if it fails. * * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or * MBEDTLS_SSL_IS_CLIENT. @@ -881,12 +900,13 @@ exit: * * \retval 0 on success, otherwise error code. */ -int mbedtls_test_ssl_endpoint_init(mbedtls_test_ssl_endpoint *ep, int endpoint_type, - mbedtls_test_handshake_test_options *options, - mbedtls_test_message_socket_context *dtls_context, - mbedtls_test_ssl_message_queue *input_queue, - mbedtls_test_ssl_message_queue *output_queue, - uint16_t *group_list) +int mbedtls_test_ssl_endpoint_init( + mbedtls_test_ssl_endpoint *ep, int endpoint_type, + mbedtls_test_handshake_test_options *options, + mbedtls_test_message_socket_context *dtls_context, + mbedtls_test_ssl_message_queue *input_queue, + mbedtls_test_ssl_message_queue *output_queue, + uint16_t *group_list) { int ret = -1; uintptr_t user_data_n; @@ -987,8 +1007,9 @@ exit: /* * Deinitializes endpoint represented by \p ep. */ -void mbedtls_test_ssl_endpoint_free(mbedtls_test_ssl_endpoint *ep, - mbedtls_test_message_socket_context *context) +void mbedtls_test_ssl_endpoint_free( + mbedtls_test_ssl_endpoint *ep, + mbedtls_test_message_socket_context *context) { mbedtls_endpoint_certificate_free(ep); @@ -1192,10 +1213,13 @@ int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_AES_C) -static int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, - const unsigned char *iv, size_t iv_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen) +int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, + const unsigned char *iv, + size_t iv_len, + const unsigned char *input, + size_t ilen, + unsigned char *output, + size_t *olen) { #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -1238,13 +1262,13 @@ static int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transfo } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC && MBEDTLS_AES_C */ -static int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, - mbedtls_ssl_transform *t_out, - int cipher_type, int hash_id, - int etm, int tag_mode, - mbedtls_ssl_protocol_version tls_version, - size_t cid0_len, - size_t cid1_len) +int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, + mbedtls_ssl_transform *t_out, + int cipher_type, int hash_id, + int etm, int tag_mode, + mbedtls_ssl_protocol_version tls_version, + size_t cid0_len, + size_t cid1_len) { mbedtls_cipher_info_t const *cipher_info; int ret = 0; @@ -1593,9 +1617,9 @@ cleanup: * Populate a session structure for serialization tests. * Choose dummy values, mostly non-0 to distinguish from the init default. */ -static int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, - int ticket_len, - const char *crt_file) +int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, + int ticket_len, + const char *crt_file) { #if defined(MBEDTLS_HAVE_TIME) session->start = mbedtls_time(NULL) - 42; @@ -1690,9 +1714,9 @@ static int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, } #if defined(MBEDTLS_SSL_PROTO_TLS1_3) -static int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, - int ticket_len, - int endpoint_type) +int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, + int ticket_len, + int endpoint_type) { ((void) ticket_len); session->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; @@ -1870,8 +1894,9 @@ int exchange_data(mbedtls_ssl_context *ssl_1, } #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) -static int check_ssl_version(mbedtls_ssl_protocol_version expected_negotiated_version, - const mbedtls_ssl_context *ssl) +static int check_ssl_version( + mbedtls_ssl_protocol_version expected_negotiated_version, + const mbedtls_ssl_context *ssl) { const char *version_string = mbedtls_ssl_get_version(ssl); mbedtls_ssl_protocol_version version_number = @@ -1908,7 +1933,8 @@ exit: #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) -void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *options) +void mbedtls_test_ssl_perform_handshake( + mbedtls_test_handshake_test_options *options) { /* forced_ciphersuite needs to last until the end of the handshake */ int forced_ciphersuite[2]; @@ -1939,7 +1965,8 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt /* Client side */ if (options->dtls != 0) { - TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, + MBEDTLS_SSL_IS_CLIENT, options, &client_context, &client_queue, &server_queue, NULL) == 0); @@ -1949,7 +1976,8 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt mbedtls_timing_get_delay); #endif } else { - TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, + MBEDTLS_SSL_IS_CLIENT, options, NULL, NULL, NULL, NULL) == 0); } @@ -1978,7 +2006,8 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt /* Server side */ if (options->dtls != 0) { - TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, + MBEDTLS_SSL_IS_SERVER, options, &server_context, &server_queue, &client_queue, NULL) == 0); @@ -1988,7 +2017,8 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt mbedtls_timing_get_delay); #endif } else { - TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, + MBEDTLS_SSL_IS_SERVER, options, NULL, NULL, NULL, NULL) == 0); } @@ -2085,7 +2115,8 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt /* Make sure server state is moved to HANDSHAKE_OVER also. */ TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(server.ssl), &(client.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER), 0); + MBEDTLS_SSL_HANDSHAKE_OVER), + 0); TEST_ASSERT(mbedtls_ssl_is_handshake_over(&server.ssl) == 1); /* Check that both sides have negotiated the expected version. */ @@ -2265,8 +2296,12 @@ void mbedtls_test_ssl_perform_handshake(mbedtls_test_handshake_test_options *opt TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server.ssl) == &server); exit: - mbedtls_test_ssl_endpoint_free(&client, options->dtls != 0 ? &client_context : NULL); - mbedtls_test_ssl_endpoint_free(&server, options->dtls != 0 ? &server_context : NULL); + mbedtls_test_ssl_endpoint_free(&client, + options->dtls != 0 ? + &client_context : NULL); + mbedtls_test_ssl_endpoint_free(&server, + options->dtls != 0 ? + &server_context : NULL); #if defined(MBEDTLS_DEBUG_C) if (options->cli_log_fun || options->srv_log_fun) { mbedtls_debug_set_threshold(0); @@ -2450,7 +2485,8 @@ void test_callback_buffer_sanity() == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, output, sizeof(output)) == -1); - TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, sizeof(input)) == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, sizeof(input)) + == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, 0) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, NULL, 0) == -1); @@ -2459,10 +2495,12 @@ void test_callback_buffer_sanity() * in error. */ mbedtls_test_ssl_buffer_init(&buf); - TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)) == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)) + == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output)) == -1); - TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)) == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)) + == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == -1); @@ -2474,7 +2512,8 @@ void test_callback_buffer_sanity() TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, sizeof(input)) == 0); - TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)) == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)) + == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, sizeof(output)) == 0); TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == 0); @@ -2609,8 +2648,8 @@ exit: /* END_CASE */ /* - * Test if the implementation of `mbedtls_test_mock_socket` related I/O functions is - * correct and works as expected on unconnected sockets. + * Test if the implementation of `mbedtls_test_mock_socket` related + * I/O functions is correct and works as expected on unconnected sockets. */ /* BEGIN_CASE */ @@ -2642,8 +2681,8 @@ exit: /* END_CASE */ /* - * Test if the implementation of `mbedtls_test_mock_socket` related functions can - * send a single message from the client to the server. + * Test if the implementation of `mbedtls_test_mock_socket` related functions + * can send a single message from the client to the server. */ /* BEGIN_CASE */ @@ -2679,7 +2718,8 @@ void ssl_mock_tcp(int blocking) } /* Make sure that sending a message takes a few iterations. */ - TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, BUFLEN)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + BUFLEN)); /* Send the message to the server */ send_ret = recv_ret = 1; @@ -2735,8 +2775,8 @@ exit: /* END_CASE */ /* - * Test if the implementation of `mbedtls_test_mock_socket` related functions can - * send messages in both direction at the same time (with the I/O calls + * Test if the implementation of `mbedtls_test_mock_socket` related functions + * can send messages in both direction at the same time (with the I/O calls * interleaving). */ @@ -2778,7 +2818,8 @@ void ssl_mock_tcp_interleaving(int blocking) } /* Make sure that sending a message takes a few iterations. */ - TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, BUFLEN)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + BUFLEN)); /* Send the message from both sides, interleaving. */ progress = 1; @@ -3005,27 +3046,33 @@ void ssl_message_mock_uninitialized() TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(NULL, message, MSGLEN) == MBEDTLS_TEST_ERROR_CONTEXT_ERROR); - TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 1, + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 1, &server, &server_context) == 0); - TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 1, + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 1, &client, &client_context) == 0); - TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MBEDTLS_TEST_ERROR_SEND_FAILED); - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_READ); /* Push directly to a queue to later simulate a disconnected behavior */ - TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&server_queue, MSGLEN) + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&server_queue, + MSGLEN) == MSGLEN); /* Test if there's an error when trying to read from a disconnected * socket */ - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_TEST_ERROR_RECV_FAILED); exit: mbedtls_test_message_socket_close(&server_context); @@ -3045,11 +3092,13 @@ void ssl_message_mock_basic() mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 1, + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 1, &server, &server_context) == 0); - TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 1, + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 1, &client, &client_context) == 0); @@ -3066,7 +3115,8 @@ void ssl_message_mock_basic() MSGLEN) == MSGLEN); /* Read from the server */ - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); @@ -3074,10 +3124,12 @@ void ssl_message_mock_basic() /* Send the message to the client */ TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message, - MSGLEN) == MSGLEN); + MSGLEN) + == MSGLEN); /* Read from the client */ - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); @@ -3099,11 +3151,13 @@ void ssl_message_mock_queue_overflow_underflow() mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 2, + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 2, &server, &server_context) == 0); - TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 2, + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 2, &client, &client_context) == 0); @@ -3117,10 +3171,12 @@ void ssl_message_mock_queue_overflow_underflow() /* Send three message to the server, last one with an error */ TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, - MSGLEN - 1) == MSGLEN - 1); + MSGLEN - 1) + == MSGLEN - 1); TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + MSGLEN) + == MSGLEN); TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, MSGLEN) @@ -3128,14 +3184,17 @@ void ssl_message_mock_queue_overflow_underflow() /* Read three messages from the server, last one with an error */ TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, - MSGLEN - 1) == MSGLEN - 1); + MSGLEN - 1) + == MSGLEN - 1); - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_READ); exit: @@ -3156,11 +3215,13 @@ void ssl_message_mock_socket_overflow() mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 2, + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 2, &server, &server_context) == 0); - TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 2, + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 2, &client, &client_context) == 0); @@ -3174,14 +3235,16 @@ void ssl_message_mock_socket_overflow() /* Send two message to the server, second one with an error */ TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + MSGLEN) + == MSGLEN); TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, MSGLEN) == MBEDTLS_TEST_ERROR_SEND_FAILED); /* Read the only message from the server */ - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); @@ -3204,11 +3267,13 @@ void ssl_message_mock_truncated() mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 2, + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 2, &server, &server_context) == 0); - TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 2, + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 2, &client, &client_context) == 0); @@ -3224,11 +3289,14 @@ void ssl_message_mock_truncated() /* Send two messages to the server, the second one small enough to fit in the * receiver's buffer. */ TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + MSGLEN) + == MSGLEN); TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, - MSGLEN / 2) == MSGLEN / 2); + MSGLEN / 2) + == MSGLEN / 2); /* Read a truncated message from the server */ - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN/2) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN/2) == MSGLEN/2); /* Test that the first half of the message is valid, and second one isn't */ @@ -3238,7 +3306,8 @@ void ssl_message_mock_truncated() memset(received, 0, MSGLEN); /* Read a full message from the server */ - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN/2) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN/2) == MSGLEN / 2); /* Test that the first half of the message is valid */ @@ -3262,11 +3331,13 @@ void ssl_message_mock_socket_read_error() mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 1, + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 1, &server, &server_context) == 0); - TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 1, + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 1, &client, &client_context) == 0); @@ -3279,11 +3350,13 @@ void ssl_message_mock_socket_read_error() MSGLEN)); TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + MSGLEN) + == MSGLEN); /* Force a read error by disconnecting the socket by hand */ server.status = 0; - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_TEST_ERROR_RECV_FAILED); /* Return to a valid state */ server.status = MBEDTLS_MOCK_SOCKET_CONNECTED; @@ -3292,7 +3365,8 @@ void ssl_message_mock_socket_read_error() /* Test that even though the server tried to read once disconnected, the * continuity is preserved */ - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); @@ -3315,11 +3389,13 @@ void ssl_message_mock_interleaved_one_way() mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 3, + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 3, &server, &server_context) == 0); - TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 3, + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 3, &client, &client_context) == 0); @@ -3352,7 +3428,8 @@ void ssl_message_mock_interleaved_one_way() TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); } - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_READ); exit: mbedtls_test_message_socket_close(&server_context); @@ -3372,11 +3449,13 @@ void ssl_message_mock_interleaved_two_ways() mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, &client_queue, 3, + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 3, &server, &server_context) == 0); - TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, &server_queue, 3, + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 3, &client, &client_context) == 0); @@ -3432,10 +3511,12 @@ void ssl_message_mock_interleaved_two_ways() memset(received, 0, sizeof(received)); } - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_READ); - TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_READ); exit: mbedtls_test_message_socket_close(&server_context); @@ -3933,9 +4014,9 @@ void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac, /* * Encrypt and decrypt the correct record, expecting success */ - TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, rec.data_len, - rec.buf + rec.data_offset, &olen)); + TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper( + &t0, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset, + rec.data_len, rec.buf + rec.data_offset, &olen)); rec.data_offset -= t0.ivlen; rec.data_len += t0.ivlen; @@ -3957,10 +4038,9 @@ void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac, rec.buf[i] ^= 0x01; /* Encrypt */ - TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, - rec.data_len, - rec.buf + rec.data_offset, &olen)); + TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper( + &t0, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset, + rec.data_len, rec.buf + rec.data_offset, &olen)); rec.data_offset -= t0.ivlen; rec.data_len += t0.ivlen; @@ -3993,10 +4073,9 @@ void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac, memset(buf + buflen - padlen - 1, i, padlen + 1); /* Encrypt */ - TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, - rec.data_len, - rec.buf + rec.data_offset, &olen)); + TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper( + &t0, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset, + rec.data_len, rec.buf + rec.data_offset, &olen)); rec.data_offset -= t0.ivlen; rec.data_len += t0.ivlen; @@ -4806,7 +4885,8 @@ void ssl_session_serialize_version_check(int corrupt_major, &session, 0, endpoint_type) == 0); } else #endif - TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session(&session, 0, NULL) == 0); + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( + &session, 0, NULL) == 0); /* Infer length of serialized session. */ @@ -4867,7 +4947,8 @@ void mbedtls_endpoint_sanity(int endpoint_type) NULL, NULL, NULL, NULL); TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret); - ret = mbedtls_test_ssl_endpoint_certificate_init(NULL, options.pk_alg, 0, 0, 0); + ret = mbedtls_test_ssl_endpoint_certificate_init(NULL, options.pk_alg, + 0, 0, 0); TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret); ret = mbedtls_test_ssl_endpoint_init(&ep, endpoint_type, &options, @@ -4898,10 +4979,11 @@ void move_handshake_to_state(int endpoint_type, int state, int need_pass) NULL, NULL, NULL, NULL); TEST_ASSERT(ret == 0); - ret = mbedtls_test_ssl_endpoint_init(&second_ep, - (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? - MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, - &options, NULL, NULL, NULL, NULL); + ret = mbedtls_test_ssl_endpoint_init( + &second_ep, + (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? + MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, + &options, NULL, NULL, NULL, NULL); TEST_ASSERT(ret == 0); @@ -5441,9 +5523,8 @@ void force_bad_session_id_len() &(server.socket), BUFFSIZE) == 0); - TEST_ASSERT(mbedtls_test_move_handshake_to_state(&(client.ssl), - &(server.ssl), - MBEDTLS_SSL_HANDSHAKE_WRAPUP) + TEST_ASSERT(mbedtls_test_move_handshake_to_state( + &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_WRAPUP) == 0); /* Force a bad session_id_len that will be read by the server in * mbedtls_ssl_cache_set. */ @@ -5622,10 +5703,9 @@ void raw_key_agreement_fail(int bad_server_ecdhe_key) &(server.socket), BUFFSIZE), 0); - TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(client.ssl), - &(server.ssl), - MBEDTLS_SSL_CLIENT_KEY_EXCHANGE) - , 0); + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(client.ssl), &(server.ssl), + MBEDTLS_SSL_CLIENT_KEY_EXCHANGE), 0); mbedtls_psa_get_stats(&stats); /* Save the number of slots in use up to this point. @@ -5638,9 +5718,8 @@ void raw_key_agreement_fail(int bad_server_ecdhe_key) (client.ssl).handshake->ecdh_psa_peerkey[0] ^= 0x02; } - TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(client.ssl), - &(server.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER), + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_OVER), bad_server_ecdhe_key ? MBEDTLS_ERR_SSL_HW_ACCEL_FAILED : 0); mbedtls_psa_get_stats(&stats); @@ -5682,13 +5761,15 @@ void tls13_server_certificate_msg_invalid_vector_len() mbedtls_test_init_handshake_options(&client_options); client_options.pk_alg = MBEDTLS_PK_ECDSA; ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, - &client_options, NULL, NULL, NULL, NULL); + &client_options, NULL, NULL, NULL, + NULL); TEST_EQUAL(ret, 0); mbedtls_test_init_handshake_options(&server_options); server_options.pk_alg = MBEDTLS_PK_ECDSA; ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, - &server_options, NULL, NULL, NULL, NULL); + &server_options, NULL, NULL, NULL, + NULL); TEST_EQUAL(ret, 0); ret = mbedtls_test_mock_socket_connect(&(client_ep.socket), @@ -5698,17 +5779,17 @@ void tls13_server_certificate_msg_invalid_vector_len() while (1) { mbedtls_test_set_step(++step); - ret = mbedtls_test_move_handshake_to_state(&(server_ep.ssl), - &(client_ep.ssl), - MBEDTLS_SSL_CERTIFICATE_VERIFY); + ret = mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_CERTIFICATE_VERIFY); TEST_EQUAL(ret, 0); ret = mbedtls_ssl_flush_output(&(server_ep.ssl)); TEST_EQUAL(ret, 0); - ret = mbedtls_test_move_handshake_to_state(&(client_ep.ssl), - &(server_ep.ssl), - MBEDTLS_SSL_SERVER_CERTIFICATE); + ret = mbedtls_test_move_handshake_to_state( + &(client_ep.ssl), &(server_ep.ssl), + MBEDTLS_SSL_SERVER_CERTIFICATE); TEST_EQUAL(ret, 0); ret = mbedtls_ssl_tls13_fetch_handshake_msg(&(client_ep.ssl),