tests/suites/test_suite_ssl.function - third_party/github.com/ARMmbed/mbedtls - Git at Google

 /* BEGIN_HEADER */
 #include <mbedtls/ssl.h>
 #include <mbedtls/ssl_internal.h>

 #if defined(MBEDTLS_X509_CRT_PARSE_C)
 static void pre_vrfy_fn( void *data, struct mbedtls_x509_crt *crt )
 {
     if( crt && crt->version == 3 )
         *(int*)data = 1;
 }
 static unsigned char pre_vrfy_buffer[2048];
 static int pre_vrfy_buffer_start = 0, pre_vrfy_buffer_end = 0;
 static int pre_vrfy_send( void *ctx, const unsigned char *buf, size_t len )
 {
     (void)ctx;
     if ( len > sizeof( pre_vrfy_buffer ) - pre_vrfy_buffer_end )
         len = sizeof( pre_vrfy_buffer ) - pre_vrfy_buffer_end;
     memcpy( pre_vrfy_buffer + pre_vrfy_buffer_end, buf, len );
     pre_vrfy_buffer_end += (int)len;
     return( len ? (int)len : MBEDTLS_ERR_SSL_WANT_WRITE );
 }
 static int pre_vrfy_recv( void *ctx, unsigned char *buf, size_t len )
 {
     (void)ctx;
     if ( len > (size_t)(pre_vrfy_buffer_end - pre_vrfy_buffer_start) )
         len = pre_vrfy_buffer_end - pre_vrfy_buffer_start;
     memcpy( buf, pre_vrfy_buffer + pre_vrfy_buffer_start, len );
     pre_vrfy_buffer_start += (int)len;
     return( len ? (int)len : MBEDTLS_ERR_SSL_WANT_READ );
 }
 #endif
 /* END_HEADER */

 /* BEGIN_DEPENDENCIES
  * depends_on:MBEDTLS_SSL_TLS_C
  * END_DEPENDENCIES
  */

 /* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */
 void ssl_dtls_replay( char *prevs, char *new, int ret )
 {
     mbedtls_ssl_context ssl;
     mbedtls_ssl_config conf;
     char *end_prevs = prevs + strlen( prevs ) + 1;

     mbedtls_ssl_init( &ssl );
     mbedtls_ssl_config_init( &conf );

     TEST_ASSERT( mbedtls_ssl_config_defaults( &conf,
                  MBEDTLS_SSL_IS_CLIENT,
                  MBEDTLS_SSL_TRANSPORT_DATAGRAM,
                  MBEDTLS_SSL_PRESET_DEFAULT ) == 0 );
     TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );

     /* Read previous record numbers */
     for( ; end_prevs - prevs >= 13; prevs += 13 )
     {
         prevs[12] = '\0';
         unhexify( ssl.in_ctr + 2, prevs );
         mbedtls_ssl_dtls_replay_update( &ssl );
     }

     /* Check new number */
     unhexify( ssl.in_ctr + 2, new );
     TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret );

     mbedtls_ssl_free( &ssl );
     mbedtls_ssl_config_free( &conf );
 }
 /* END_CASE */

 /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
 void ssl_set_hostname_twice( char *hostname0, char *hostname1 )
 {
     mbedtls_ssl_context ssl;
     mbedtls_ssl_init( &ssl );

     TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 );
     TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 );

     mbedtls_ssl_free( &ssl );
 }
 /* END_CASE */

 /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_CIPHER_MODE_CBC */
 void ssl_preverifycb( char *crt_file, int set_callback, int data_value )
 {
     mbedtls_ssl_context ssl;
     mbedtls_ssl_config conf;
     mbedtls_x509_crt crt;
     int pre_vrfy_data = 0;

     mbedtls_ssl_init( &ssl );
     mbedtls_ssl_config_init( &conf );
     mbedtls_x509_crt_init( &crt );

     TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );

     TEST_ASSERT( mbedtls_ssl_config_defaults( &conf,
                  MBEDTLS_SSL_IS_SERVER,
                  MBEDTLS_SSL_TRANSPORT_STREAM,
                  MBEDTLS_SSL_PRESET_DEFAULT ) == 0 );
     TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
     mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
     mbedtls_ssl_conf_ca_chain( &conf, &crt, NULL );

     /* Write out a certificate record to a buffer */
     ssl.transform_negotiate->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 );
     mbedtls_ssl_set_bio( &ssl, NULL, pre_vrfy_send, pre_vrfy_recv, NULL );
     TEST_ASSERT( mbedtls_ssl_conf_own_cert( &conf, &crt, NULL ) == 0 );
     TEST_ASSERT( mbedtls_ssl_write_certificate( &ssl ) == 0 );

     /* Read in the certificate record, and check it calls the pre-verify callback */
     conf.endpoint = MBEDTLS_SSL_IS_CLIENT;
     if( set_callback != 0 )
     {
     	mbedtls_ssl_conf_pre_verify( &conf, pre_vrfy_fn, (void*)&pre_vrfy_data );
     }
     TEST_ASSERT( mbedtls_ssl_parse_certificate( &ssl ) == 0 );

     TEST_ASSERT( pre_vrfy_data == data_value );

     mbedtls_ssl_free( &ssl );
     mbedtls_ssl_config_free( &conf );
     mbedtls_x509_crt_free( &crt );
 }
 /* END_CASE */
	/* BEGIN_HEADER */
	#include <mbedtls/ssl.h>
	#include <mbedtls/ssl_internal.h>

	#if defined(MBEDTLS_X509_CRT_PARSE_C)
	static void pre_vrfy_fn( void data, struct mbedtls_x509_crt crt )
	{
	if( crt && crt->version == 3 )
	(int)data = 1;
	}
	static unsigned char pre_vrfy_buffer[2048];
	static int pre_vrfy_buffer_start = 0, pre_vrfy_buffer_end = 0;
	static int pre_vrfy_send( void ctx, const unsigned char buf, size_t len )
	{
	(void)ctx;
	if ( len > sizeof( pre_vrfy_buffer ) - pre_vrfy_buffer_end )
	len = sizeof( pre_vrfy_buffer ) - pre_vrfy_buffer_end;
	memcpy( pre_vrfy_buffer + pre_vrfy_buffer_end, buf, len );
	pre_vrfy_buffer_end += (int)len;
	return( len ? (int)len : MBEDTLS_ERR_SSL_WANT_WRITE );
	}
	static int pre_vrfy_recv( void ctx, unsigned char buf, size_t len )
	{
	(void)ctx;
	if ( len > (size_t)(pre_vrfy_buffer_end - pre_vrfy_buffer_start) )
	len = pre_vrfy_buffer_end - pre_vrfy_buffer_start;
	memcpy( buf, pre_vrfy_buffer + pre_vrfy_buffer_start, len );
	pre_vrfy_buffer_start += (int)len;
	return( len ? (int)len : MBEDTLS_ERR_SSL_WANT_READ );
	}
	#endif
	/* END_HEADER */

	/* BEGIN_DEPENDENCIES
	* depends_on:MBEDTLS_SSL_TLS_C
	* END_DEPENDENCIES
	*/

	/* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */
	void ssl_dtls_replay( char prevs, char new, int ret )
	{
	mbedtls_ssl_context ssl;
	mbedtls_ssl_config conf;
	char *end_prevs = prevs + strlen( prevs ) + 1;

	mbedtls_ssl_init( &ssl );
	mbedtls_ssl_config_init( &conf );

	TEST_ASSERT( mbedtls_ssl_config_defaults( &conf,
	MBEDTLS_SSL_IS_CLIENT,
	MBEDTLS_SSL_TRANSPORT_DATAGRAM,
	MBEDTLS_SSL_PRESET_DEFAULT ) == 0 );
	TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );

	/* Read previous record numbers */
	for( ; end_prevs - prevs >= 13; prevs += 13 )
	{
	prevs[12] = '\0';
	unhexify( ssl.in_ctr + 2, prevs );
	mbedtls_ssl_dtls_replay_update( &ssl );
	}

	/* Check new number */
	unhexify( ssl.in_ctr + 2, new );
	TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret );

	mbedtls_ssl_free( &ssl );
	mbedtls_ssl_config_free( &conf );
	}
	/* END_CASE */

	/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
	void ssl_set_hostname_twice( char hostname0, char hostname1 )
	{
	mbedtls_ssl_context ssl;
	mbedtls_ssl_init( &ssl );

	TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 );
	TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 );

	mbedtls_ssl_free( &ssl );
	}
	/* END_CASE */

	/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_CIPHER_MODE_CBC */
	void ssl_preverifycb( char *crt_file, int set_callback, int data_value )
	{
	mbedtls_ssl_context ssl;
	mbedtls_ssl_config conf;
	mbedtls_x509_crt crt;
	int pre_vrfy_data = 0;

	mbedtls_ssl_init( &ssl );
	mbedtls_ssl_config_init( &conf );
	mbedtls_x509_crt_init( &crt );

	TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );

	TEST_ASSERT( mbedtls_ssl_config_defaults( &conf,
	MBEDTLS_SSL_IS_SERVER,
	MBEDTLS_SSL_TRANSPORT_STREAM,
	MBEDTLS_SSL_PRESET_DEFAULT ) == 0 );
	TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
	mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
	mbedtls_ssl_conf_ca_chain( &conf, &crt, NULL );

	/* Write out a certificate record to a buffer */
	ssl.transform_negotiate->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 );
	mbedtls_ssl_set_bio( &ssl, NULL, pre_vrfy_send, pre_vrfy_recv, NULL );
	TEST_ASSERT( mbedtls_ssl_conf_own_cert( &conf, &crt, NULL ) == 0 );
	TEST_ASSERT( mbedtls_ssl_write_certificate( &ssl ) == 0 );

	/* Read in the certificate record, and check it calls the pre-verify callback */
	conf.endpoint = MBEDTLS_SSL_IS_CLIENT;
	if( set_callback != 0 )
	{
	mbedtls_ssl_conf_pre_verify( &conf, pre_vrfy_fn, (void*)&pre_vrfy_data );
	}
	TEST_ASSERT( mbedtls_ssl_parse_certificate( &ssl ) == 0 );

	TEST_ASSERT( pre_vrfy_data == data_value );

	mbedtls_ssl_free( &ssl );
	mbedtls_ssl_config_free( &conf );
	mbedtls_x509_crt_free( &crt );
	}
	/* END_CASE */