From 6667ffdd867c180939aeae698f35b401cf7c7ac4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Apr 2021 21:59:22 +0100 Subject: [PATCH] Test new semantics for static PSK configuration Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 12 +++ tests/suites/test_suite_ssl.function | 108 +++++++++++++++++++++++++++ 2 files changed, 120 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index e59c9055f..0cfcd497a 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -1,3 +1,15 @@ +Attempt to register multiple PSKs +test_multiple_psks: + +Attempt to register multiple PSKS, incl. opaque PSK, #0 +test_multiple_psks_opaque:0 + +Attempt to register multiple PSKs, incl. opaque PSK, #1 +test_multiple_psks_opaque:1 + +Attempt to register multiple PSKs, incl. opaque PSK, #2 +test_multiple_psks_opaque:2 + Test calback buffer sanity test_callback_buffer_sanity: diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 2f59afea4..e07de88a7 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -8,6 +8,8 @@ #include #include "test/certs.h" +#include + #include #include @@ -4535,3 +4537,109 @@ exit: mbedtls_free( src ); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ +void test_multiple_psks() +{ + unsigned char psk0[10] = { 0 }; + unsigned char psk0_identity[] = { 'f', 'o', 'o' }; + + unsigned char psk1[10] = { 0 }; + unsigned char psk1_identity[] = { 'b', 'a', 'r' }; + + mbedtls_ssl_config conf; + + mbedtls_ssl_config_init( &conf ); + + TEST_ASSERT( mbedtls_ssl_conf_psk( &conf, + psk0, sizeof( psk0 ), + psk0_identity, sizeof( psk0_identity ) ) == 0 ); + TEST_ASSERT( mbedtls_ssl_conf_psk( &conf, + psk1, sizeof( psk1 ), + psk1_identity, sizeof( psk1_identity ) ) == + MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + +exit: + + mbedtls_ssl_config_free( &conf ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO */ +void test_multiple_psks_opaque( int mode ) +{ + /* + * Mode 0: Raw PSK, then opaque PSK + * Mode 1: Opaque PSK, then raw PSK + * Mode 2: 2x opaque PSK + */ + + unsigned char psk0_raw[10] = { 0 }; + unsigned char psk0_raw_identity[] = { 'f', 'o', 'o' }; + + psa_key_id_t psk0_opaque = (psa_key_id_t) 1; + unsigned char psk0_opaque_identity[] = { 'f', 'o', 'o' }; + + unsigned char psk1_raw[10] = { 0 }; + unsigned char psk1_raw_identity[] = { 'b', 'a', 'r' }; + + psa_key_id_t psk1_opaque = (psa_key_id_t) 2; + unsigned char psk1_opaque_identity[] = { 'b', 'a', 'r' }; + + mbedtls_ssl_config conf; + + USE_PSA_INIT( ); + mbedtls_ssl_config_init( &conf ); + + switch( mode ) + { + case 0: + + TEST_ASSERT( mbedtls_ssl_conf_psk( &conf, + psk0_raw, sizeof( psk0_raw ), + psk0_raw_identity, sizeof( psk0_raw_identity ) ) + == 0 ); + TEST_ASSERT( mbedtls_ssl_conf_psk_opaque( &conf, + psk1_opaque, + psk1_opaque_identity, sizeof( psk1_opaque_identity ) ) + == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + break; + + case 1: + + TEST_ASSERT( mbedtls_ssl_conf_psk_opaque( &conf, + psk0_opaque, + psk0_opaque_identity, sizeof( psk0_opaque_identity ) ) + == 0 ); + TEST_ASSERT( mbedtls_ssl_conf_psk( &conf, + psk1_raw, sizeof( psk1_raw ), + psk1_raw_identity, sizeof( psk1_raw_identity ) ) + == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + + break; + + case 2: + + TEST_ASSERT( mbedtls_ssl_conf_psk_opaque( &conf, + psk0_opaque, + psk0_opaque_identity, sizeof( psk0_opaque_identity ) ) + == 0 ); + TEST_ASSERT( mbedtls_ssl_conf_psk_opaque( &conf, + psk1_opaque, + psk1_opaque_identity, sizeof( psk1_opaque_identity ) ) + == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + + break; + + default: + TEST_ASSERT( 0 ); + break; + } + +exit: + + mbedtls_ssl_config_free( &conf ); + USE_PSA_DONE( ); + +} +/* END_CASE */