ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-06-26 23:14:07 +08:00
Code Issues Releases Wiki Activity

Positive unit testing for SSL context version functions

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2022-01-13 01:08:48 +01:00
parent e1a0c25f71
commit 1255b0de98
1 changed files with 48 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
tests/suites/test_suite_ssl.function
View File

@ -1793,6 +1793,45 @@ int exchange_data( mbedtls_ssl_context *ssl_1,
ssl_2, 256, 1 ); ssl_2, 256, 1 );
} }
int check_ssl_version( int expected_negotiated_version,
const mbedtls_ssl_context *ssl )
{
const char *version_string = mbedtls_ssl_get_version( ssl );
mbedtls_ssl_protocol_version version_number =
mbedtls_ssl_get_version_number( ssl );
TEST_EQUAL( ssl->major_ver, MBEDTLS_SSL_MAJOR_VERSION_3 );
TEST_EQUAL( ssl->minor_ver, expected_negotiated_version );
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
TEST_EQUAL( version_string[0], 'D' );
++version_string;
}
switch( expected_negotiated_version )
{
case MBEDTLS_SSL_MINOR_VERSION_3:
TEST_EQUAL( version_number, MBEDTLS_SSL_VERSION_1_2 );
TEST_ASSERT( strcmp( version_string, "TLSv1.2" ) == 0 );
break;
case MBEDTLS_SSL_MINOR_VERSION_4:
TEST_EQUAL( version_number, MBEDTLS_SSL_VERSION_1_3 );
TEST_ASSERT( strcmp( version_string, "TLSv1.3" ) == 0 );
break;
default:
TEST_ASSERT( ! "Version check not implemented for this protocol version" );
}
return( 1 );
exit:
return( 0 );
}
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ #if defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_ENTROPY_C) && \
defined(MBEDTLS_CTR_DRBG_C) defined(MBEDTLS_CTR_DRBG_C)
@ -1984,11 +2023,16 @@ void perform_handshake( handshake_test_options* options )
TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER ); TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER ); TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
/* Check that we agree on the version... */ /* Check that both sides have negotiated the expected version. */
TEST_ASSERT( client.ssl.minor_ver == server.ssl.minor_ver ); mbedtls_test_set_step( 0 );
if( ! check_ssl_version( options->expected_negotiated_version,
&client.ssl ) )
goto exit;
/* And check that the version negotiated is the expected one. */ mbedtls_test_set_step( 1 );
TEST_EQUAL( client.ssl.minor_ver, options->expected_negotiated_version ); if( ! check_ssl_version( options->expected_negotiated_version,
&server.ssl ) )
goto exit;
#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
if( options->resize_buffers != 0 ) if( options->resize_buffers != 0 )