yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

tests: write early data: Add "server rejects" scenario

Browse source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2024-01-26 10:23:31 +01:00
parent 8fe2b01b52
commit 05600e26f4
2 changed files with 31 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
tests/suites/test_suite_ssl.data
View file

@ -3300,3 +3300,6 @@ tls13_write_early_data:TEST_EARLY_DATA_ACCEPTED
TLS 1.3 write early data, no early data indication TLS 1.3 write early data, no early data indication
tls13_write_early_data:TEST_EARLY_DATA_NO_INDICATION_SENT tls13_write_early_data:TEST_EARLY_DATA_NO_INDICATION_SENT
TLS 1.3 write early data, server rejects early data
tls13_write_early_data:TEST_EARLY_DATA_SERVER_REJECTS

34
tests/suites/test_suite_ssl.function
View file

@ -4110,7 +4110,6 @@ void tls13_write_early_data(int scenario)
mbedtls_test_handshake_test_options client_options; mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options; mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session; mbedtls_ssl_session saved_session;
int client_state, previous_client_state; int client_state, previous_client_state;
const char *early_data_string = "This is early data."; const char *early_data_string = "This is early data.";
const unsigned char *early_data = (const unsigned char *) early_data_string; const unsigned char *early_data = (const unsigned char *) early_data_string;
@ -4149,6 +4148,10 @@ void tls13_write_early_data(int scenario)
client_options.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED; client_options.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED;
break; break;
case TEST_EARLY_DATA_SERVER_REJECTS:
server_options.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED;
break;
default: default:
TEST_FAIL("Unknown scenario."); TEST_FAIL("Unknown scenario.");
} }
@ -4213,7 +4216,8 @@ void tls13_write_early_data(int scenario)
switch (client_state) { switch (client_state) {
case MBEDTLS_SSL_CLIENT_HELLO: case MBEDTLS_SSL_CLIENT_HELLO:
switch (scenario) { switch (scenario) {
case TEST_EARLY_DATA_ACCEPTED: case TEST_EARLY_DATA_ACCEPTED: /* Intentional fallthrough */
case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(write_early_data_ret, early_data_len); TEST_EQUAL(write_early_data_ret, early_data_len);
TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_SERVER_HELLO); TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_SERVER_HELLO);
break; break;
@ -4222,7 +4226,8 @@ void tls13_write_early_data(int scenario)
case MBEDTLS_SSL_SERVER_HELLO: case MBEDTLS_SSL_SERVER_HELLO:
switch (scenario) { switch (scenario) {
case TEST_EARLY_DATA_ACCEPTED: case TEST_EARLY_DATA_ACCEPTED: /* Intentional fallthrough */
case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(write_early_data_ret, early_data_len); TEST_EQUAL(write_early_data_ret, early_data_len);
TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_SERVER_HELLO); TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_SERVER_HELLO);
break; break;
@ -4231,7 +4236,8 @@ void tls13_write_early_data(int scenario)
case MBEDTLS_SSL_ENCRYPTED_EXTENSIONS: case MBEDTLS_SSL_ENCRYPTED_EXTENSIONS:
switch (scenario) { switch (scenario) {
case TEST_EARLY_DATA_ACCEPTED: case TEST_EARLY_DATA_ACCEPTED: /* Intentional fallthrough */
case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(write_early_data_ret, early_data_len); TEST_EQUAL(write_early_data_ret, early_data_len);
TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS); TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS);
break; break;
@ -4244,6 +4250,11 @@ void tls13_write_early_data(int scenario)
TEST_EQUAL(write_early_data_ret, early_data_len); TEST_EQUAL(write_early_data_ret, early_data_len);
TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_SERVER_FINISHED); TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_SERVER_FINISHED);
break; break;
case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(write_early_data_ret, MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA);
TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_SERVER_FINISHED);
break;
} }
break; break;
@ -4256,13 +4267,23 @@ void tls13_write_early_data(int scenario)
#if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE) #if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE)
case MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO: case MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO:
switch (scenario) { switch (scenario) {
case TEST_EARLY_DATA_ACCEPTED: case TEST_EARLY_DATA_ACCEPTED: /* Intentional fallthrough */
case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(write_early_data_ret, early_data_len); TEST_EQUAL(write_early_data_ret, early_data_len);
TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_SERVER_HELLO); TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_SERVER_HELLO);
break; break;
} }
break; break;
case MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED:
TEST_ASSERT(scenario != TEST_EARLY_DATA_ACCEPTED);
switch (scenario) {
case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(write_early_data_ret, MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA);
TEST_EQUAL(client_ep.ssl.state, MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED);
break;
}
break;
#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */ #endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
case MBEDTLS_SSL_CLIENT_CERTIFICATE: /* Intentional fallthrough */ case MBEDTLS_SSL_CLIENT_CERTIFICATE: /* Intentional fallthrough */
@ -4271,7 +4292,8 @@ void tls13_write_early_data(int scenario)
case MBEDTLS_SSL_HANDSHAKE_WRAPUP: /* Intentional fallthrough */ case MBEDTLS_SSL_HANDSHAKE_WRAPUP: /* Intentional fallthrough */
case MBEDTLS_SSL_HANDSHAKE_OVER: case MBEDTLS_SSL_HANDSHAKE_OVER:
switch (scenario) { switch (scenario) {
case TEST_EARLY_DATA_ACCEPTED: case TEST_EARLY_DATA_ACCEPTED: /* Intentional fallthrough */
case TEST_EARLY_DATA_SERVER_REJECTS:
TEST_EQUAL(write_early_data_ret, MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA); TEST_EQUAL(write_early_data_ret, MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA);
TEST_EQUAL(client_ep.ssl.state, client_state); TEST_EQUAL(client_ep.ssl.state, client_state);
break; break;