diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 29a065b26..97eccbd24 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -106,6 +106,22 @@ void init_handshake_options( handshake_test_options *opts ) opts->resize_buffers = 1; } +#if defined(MBEDTLS_TEST_HOOKS) +static void set_chk_buf_ptr_args( + mbedtls_ssl_chk_buf_ptr_args *args, + unsigned char *cur, unsigned char *end, size_t need ) +{ + args->cur = cur; + args->end = end; + args->need = need; +} + +static void reset_chk_buf_ptr_args( mbedtls_ssl_chk_buf_ptr_args *args ) +{ + memset( args, 0, sizeof( *args ) ); +} +#endif /* MBEDTLS_TEST_HOOKS */ + /* * Buffer structure for custom I/O callbacks. */ @@ -2308,6 +2324,7 @@ exit: } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ +#if defined(MBEDTLS_TEST_HOOKS) /* * Tweak vector lengths in a TLS 1.3 Certificate message * @@ -2320,7 +2337,8 @@ exit: * MBEDTLS_SSL_CHK_BUF_READ_PTR failure is expected. */ int tweak_tls13_certificate_msg_vector_len( - unsigned char *buf, unsigned char **end, int tweak, int *expected_result ) + unsigned char *buf, unsigned char **end, int tweak, + int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args ) { /* * The definition of the tweaks assume that the certificate list contains only @@ -2362,6 +2380,7 @@ int tweak_tls13_certificate_msg_vector_len( * certificate list length can be read */ *end = buf + 3; + set_chk_buf_ptr_args( args, buf, *end, 4 ); break; case 2: @@ -2369,34 +2388,46 @@ int tweak_tls13_certificate_msg_vector_len( */ *p_certificate_request_context_len = certificate_request_context_len + 1; + reset_chk_buf_ptr_args( args ); break; case 3: /* Failure when checking if certificate_list data can be read. */ MBEDTLS_PUT_UINT24_BE( certificate_list_len + 1, p_certificate_list_len, 0 ); + set_chk_buf_ptr_args( args, certificate_list, *end, + certificate_list_len + 1 ); break; case 4: /* Failure when checking if the cert_data length can be read. */ MBEDTLS_PUT_UINT24_BE( 2, p_certificate_list_len, 0 ); + set_chk_buf_ptr_args( args, p_cert_data_len, certificate_list + 2, 3 ); break; case 5: /* Failure when checking if cert_data data can be read. */ MBEDTLS_PUT_UINT24_BE( certificate_list_len - 3 + 1, p_cert_data_len, 0 ); + set_chk_buf_ptr_args( args, cert_data, + certificate_list + certificate_list_len, + certificate_list_len - 3 + 1 ); break; case 6: /* Failure when checking if the extensions length can be read. */ MBEDTLS_PUT_UINT24_BE( certificate_list_len - extensions_len - 1, p_certificate_list_len, 0 ); + set_chk_buf_ptr_args( args, p_extensions_len, + certificate_list + certificate_list_len - extensions_len - 1, 2 ); break; case 7: /* Failure when checking if extensions data can be read. */ MBEDTLS_PUT_UINT16_BE( extensions_len + 1, p_extensions_len, 0 ); + + set_chk_buf_ptr_args( args, extensions, + certificate_list + certificate_list_len, extensions_len + 1 ); break; default: @@ -2405,6 +2436,7 @@ int tweak_tls13_certificate_msg_vector_len( return( 0 ); } +#endif /* MBEDTLS_TEST_HOOKS */ /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -5815,6 +5847,7 @@ void tls13_server_certificate_msg_invalid_vector_len( ) size_t buf_len; int step = 0; int expected_result; + mbedtls_ssl_chk_buf_ptr_args expected_chk_buf_ptr_args; /* * Test set-up @@ -5862,7 +5895,7 @@ void tls13_server_certificate_msg_invalid_vector_len( ) */ ret = tweak_tls13_certificate_msg_vector_len( - buf, &end, step, &expected_result ); + buf, &end, step, &expected_result, &expected_chk_buf_ptr_args ); if( ret != 0 ) break; @@ -5870,6 +5903,11 @@ void tls13_server_certificate_msg_invalid_vector_len( ) ret = mbedtls_ssl_tls13_parse_certificate( &(client_ep.ssl), buf, end ); TEST_EQUAL( ret, expected_result ); + TEST_ASSERT( mbedtls_ssl_cmp_chk_buf_ptr_fail_args( + &expected_chk_buf_ptr_args ) == 0 ); + + mbedtls_ssl_reset_chk_buf_ptr_fail_args( ); + ret = mbedtls_ssl_session_reset( &(client_ep.ssl) ); TEST_EQUAL( ret, 0 ); @@ -5878,6 +5916,7 @@ void tls13_server_certificate_msg_invalid_vector_len( ) } exit: + mbedtls_ssl_reset_chk_buf_ptr_fail_args( ); mbedtls_endpoint_free( &client_ep, NULL ); mbedtls_endpoint_free( &server_ep, NULL ); USE_PSA_DONE( );