Skip to content

Commit

Permalink
tests: early data status: Add HRR scenario
Browse files Browse the repository at this point in the history 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
  • Loading branch information
@ronald-cron-arm
ronald-cron-arm committed Jan 26, 2024
1 parent 56bb126 commit 80120b7
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 6 deletions.
3 changes: 3 additions & 0 deletions tests/suites/test_suite_ssl.data
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3285,3 +3285,6 @@ tls13_cli_early_data_status:"not sent"

TLS 1.3 cli, early data status, server rejects early data
tls13_cli_early_data_status:"server rejects"

TLS 1.3 cli, early data status, hello retry request
tls13_cli_early_data_status:"hrr"
60 changes: 54 additions & 6 deletions tests/suites/test_suite_ssl.function
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3740,6 +3740,11 @@ void tls13_cli_early_data_status(char *scenario_string)
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
uint16_t group_list[3] = {
MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1,
MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1,
MBEDTLS_SSL_IANA_TLS_GROUP_NONE
};

mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
Expand All @@ -3759,6 +3764,8 @@ void tls13_cli_early_data_status(char *scenario_string)
scenario = 1;
} else if (strcmp(scenario_string, "server rejects") == 0) {
scenario = 2;
} else if (strcmp(scenario_string, "hrr") == 0) {
scenario = 3;
} else {
TEST_FAIL("Unknown scenario.");
}
Expand All @@ -3770,6 +3777,10 @@ void tls13_cli_early_data_status(char *scenario_string)
client_options.early_data = MBEDTLS_SSL_EARLY_DATA_ENABLED;
server_options.pk_alg = MBEDTLS_PK_ECDSA;
server_options.early_data = MBEDTLS_SSL_EARLY_DATA_ENABLED;
if (scenario == 3) {
client_options.group_list = group_list;
server_options.group_list = group_list;
}

ret = mbedtls_test_get_tls13_ticket(&client_options, &server_options,
&saved_session);
Expand All @@ -3785,6 +3796,9 @@ void tls13_cli_early_data_status(char *scenario_string)
case 2:
server_options.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED;
break;
case 3:
server_options.group_list = group_list + 1;
break;
}

ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT,
Expand Down Expand Up @@ -3838,6 +3852,15 @@ void tls13_cli_early_data_status(char *scenario_string)
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN);
break;
case 3:
if (client_ep.ssl.handshake->hello_retry_request_count == 0) {
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN);
} else {
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
}
break;
}
break;

Expand All @@ -3853,6 +3876,15 @@ void tls13_cli_early_data_status(char *scenario_string)
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;
case 3:
if (client_ep.ssl.handshake->hello_retry_request_count == 0) {
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_CAN_WRITE);
} else {
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
}
break;
}
break;

Expand All @@ -3868,6 +3900,10 @@ void tls13_cli_early_data_status(char *scenario_string)
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;
case 3:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
break;
}
break;

Expand All @@ -3883,7 +3919,8 @@ void tls13_cli_early_data_status(char *scenario_string)
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;

case 2:
case 2: /* Intentional fallthrough */
case 3:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
break;
Expand All @@ -3908,7 +3945,8 @@ void tls13_cli_early_data_status(char *scenario_string)
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;

case 2:
case 2: /* Intentional fallthrough */
case 3:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
break;
Expand All @@ -3927,7 +3965,8 @@ void tls13_cli_early_data_status(char *scenario_string)
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;

case 2:
case 2: /* Intentional fallthrough */
case 3:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
break;
Expand All @@ -3939,13 +3978,20 @@ void tls13_cli_early_data_status(char *scenario_string)
TEST_ASSERT(scenario != 1);
switch (scenario) {
case 0: /* Intentional fallthrough */
case 2:
case 2: /* Intentional fallthrough */
case 3:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_SENT);
break;
}
break;

case MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO:
TEST_ASSERT(scenario == 3);
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
break;

case MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED:
TEST_ASSERT(scenario != 0);
switch (scenario) {
Expand All @@ -3954,7 +4000,8 @@ void tls13_cli_early_data_status(char *scenario_string)
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;

case 2:
case 2: /* Intentional fallthrough */
case 3:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
break;
Expand All @@ -3976,7 +4023,8 @@ void tls13_cli_early_data_status(char *scenario_string)
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT);
break;

case 2:
case 2: /* Intentional fallthrough */
case 3:
TEST_EQUAL(client_ep.ssl.early_data_status,
MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED);
break;
Expand Down

0 comments on commit 80120b7

Please sign in to comment.