feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #6635 from julek-wolfssl/zd/16403

Browse Source 
Fix ClientHello parsing when no extensions are present
This commit is contained in:
JacobBarthelmeh
2023-07-24 09:49:28 -06:00
committed by GitHub
parent d3202600a4 d3aa11bf87
commit 1812d32258
4 changed files with 309 additions and 225 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/dtls.c
View File

@@ -285,10 +285,13 @@ static int ParseClientHello(const byte* input, word32 helloSz, WolfSSL_CH* ch)
if (idx > helloSz - OPAQUE8_LEN) if (idx > helloSz - OPAQUE8_LEN)
return BUFFER_ERROR; return BUFFER_ERROR;
idx += ReadVector8(input + idx, &ch->compression); idx += ReadVector8(input + idx, &ch->compression);
if (idx > helloSz - OPAQUE16_LEN) if (idx < helloSz - OPAQUE16_LEN) {
return BUFFER_ERROR; /* Extensions are optional */
idx += ReadVector16(input + idx, &ch->extension); idx += ReadVector16(input + idx, &ch->extension);
if (idx > helloSz) if (idx > helloSz)
return BUFFER_ERROR;
}
if (idx != helloSz)
return BUFFER_ERROR; return BUFFER_ERROR;
ch->length = idx; ch->length = idx;
return 0; return 0;

119
tests/api.c
View File

@@ -10717,7 +10717,8 @@ static int test_wolfSSL_SCR_Reconnect(void)
EXPECT_DECLS; EXPECT_DECLS;
#if defined(HAVE_SECURE_RENEGOTIATION) && \ #if defined(HAVE_SECURE_RENEGOTIATION) && \
defined(BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) && \ defined(BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) && \
defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) && \
defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
struct test_memio_ctx test_ctx; struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL; WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
@@ -61017,8 +61018,7 @@ static int test_wolfSSL_DTLS_fragment_buckets(void)
#if !defined(NO_FILESYSTEM) && \ #if !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
!defined(NO_RSA)
static int test_wolfSSL_dtls_stateless2(void) static int test_wolfSSL_dtls_stateless2(void)
{ {
@@ -61241,9 +61241,8 @@ static int test_wolfSSL_dtls_stateless_downgrade(void)
#endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ #endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)*/ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)*/
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ !defined(NO_OLD_TLS) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
!defined(NO_OLD_TLS) && !defined(NO_RSA)
static int test_WOLFSSL_dtls_version_alert(void) static int test_WOLFSSL_dtls_version_alert(void)
{ {
EXPECT_DECLS; EXPECT_DECLS;
@@ -61297,7 +61296,8 @@ static int test_WOLFSSL_dtls_version_alert(void)
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \ #if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \
&& defined(WOLFSSL_TLS13) && \ && defined(WOLFSSL_TLS13) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3))) (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))\
&& defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
static int send_new_session_ticket(WOLFSSL *ssl, byte nonceLength, byte filler) static int send_new_session_ticket(WOLFSSL *ssl, byte nonceLength, byte filler)
{ {
struct test_memio_ctx *test_ctx; struct test_memio_ctx *test_ctx;
@@ -61466,7 +61466,7 @@ static int test_ticket_nonce_malloc(void)
!defined(WOLFSSL_TICKET_DECRYPT_NO_CREATE) && \ !defined(WOLFSSL_TICKET_DECRYPT_NO_CREATE) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
!defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_RSA) && \ !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_RSA) && \
defined(HAVE_ECC) defined(HAVE_ECC) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
static int test_ticket_ret_create(void) static int test_ticket_ret_create(void)
{ {
@@ -61924,7 +61924,7 @@ static int test_TLS_13_ticket_different_ciphers(void)
} }
#endif #endif
#if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_TLS12) && \ #if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
#define TEST_WRONG_CS_CLIENT "DHE-RSA-AES128-SHA" #define TEST_WRONG_CS_CLIENT "DHE-RSA-AES128-SHA"
/* AKA TLS_DHE_RSA_WITH_AES_128_CBC_SHA */ /* AKA TLS_DHE_RSA_WITH_AES_128_CBC_SHA */
@@ -61990,7 +61990,7 @@ static int test_extra_alerts_wrong_cs(void)
#endif #endif
#if !defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_EXTRA_ALERTS) && \ #if !defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_EXTRA_ALERTS) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_SP_MATH) defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_SP_MATH)
static void test_remove_msg(byte *msg, int tail_len, int *len, int msg_length) static void test_remove_msg(byte *msg, int tail_len, int *len, int msg_length)
{ {
@@ -62149,8 +62149,8 @@ static int test_extra_alerts_skip_hs(void)
} }
#endif #endif
#if !defined(WOLFSSL_NO_TLS12) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \ #if !defined(WOLFSSL_NO_TLS12) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)\
defined(WOLFSSL_EXTRA_ALERTS) && !defined(NO_PSK) && !defined(NO_DH) && defined(WOLFSSL_EXTRA_ALERTS) && !defined(NO_PSK) && !defined(NO_DH)
static unsigned int test_server_psk_cb(WOLFSSL* ssl, const char* id, static unsigned int test_server_psk_cb(WOLFSSL* ssl, const char* id,
unsigned char* key, unsigned int key_max_len) unsigned char* key, unsigned int key_max_len)
@@ -62401,7 +62401,7 @@ static int test_override_alt_cert_chain(void)
} }
#endif #endif
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
static int test_dtls13_bad_epoch_ch(void) static int test_dtls13_bad_epoch_ch(void)
@@ -62544,8 +62544,8 @@ static int test_short_session_id(void)
} }
#endif #endif
#if defined(HAVE_NULL_CIPHER) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \ #if defined(HAVE_NULL_CIPHER) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) \
defined(WOLFSSL_DTLS13) && defined(WOLFSSL_DTLS13)
static byte* test_find_string(const char *string, static byte* test_find_string(const char *string,
byte *buf, int buf_size) byte *buf, int buf_size)
{ {
@@ -62854,6 +62854,94 @@ static int test_wolfSSL_configure_args(void)
#endif #endif
return EXPECT_RESULT(); return EXPECT_RESULT();
} }
static int test_dtls_no_extensions(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_DTLS) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
WOLFSSL *ssl_s = NULL;
WOLFSSL_CTX *ctx_s = NULL;
struct test_memio_ctx test_ctx;
const byte chNoExtensions[] = {
/* Handshake type */
0x16,
/* Version */
0xfe, 0xff,
/* Epoch */
0x00, 0x00,
/* Seq number */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
/* Length */
0x00, 0x40,
/* CH type */
0x01,
/* Length */
0x00, 0x00, 0x34,
/* Msg Seq */
0x00, 0x00,
/* Frag offset */
0x00, 0x00, 0x00,
/* Frag length */
0x00, 0x00, 0x34,
/* Version */
0xfe, 0xff,
/* Random */
0x62, 0xfe, 0xbc, 0xfe, 0x2b, 0xfe, 0x3f, 0xeb, 0x03, 0xc4, 0xea, 0x37,
0xe7, 0x47, 0x7e, 0x8a, 0xd9, 0xbf, 0x77, 0x0f, 0x6c, 0xb6, 0x77, 0x0b,
0x03, 0x3f, 0x82, 0x2b, 0x21, 0x64, 0x57, 0x1d,
/* Session Length */
0x00,
/* Cookie Length */
0x00,
/* CS Length */
0x00, 0x0c,
/* CS */
0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x39, 0x00, 0x33,
/* Comp Meths Length */
0x01,
/* Comp Meths */
0x00
/* And finally... no extensions */
};
int i;
#ifdef OPENSSL_EXTRA
int repeats = 2;
#else
int repeats = 1;
#endif
for (i = 0; i < repeats; i++) {
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ssl_s = NULL;
ctx_s = NULL;
ExpectIntEQ(test_memio_setup(&test_ctx, NULL, &ctx_s, NULL, &ssl_s,
NULL, wolfDTLS_server_method), 0);
XMEMCPY(test_ctx.s_buff, chNoExtensions, sizeof(chNoExtensions));
test_ctx.s_len = sizeof(chNoExtensions);
#ifdef OPENSSL_EXTRA
if (i > 0) {
ExpectIntEQ(wolfSSL_set_max_proto_version(ssl_s, DTLS1_2_VERSION),
WOLFSSL_SUCCESS);
}
#endif
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
/* Expecting a handshake msg. Either HVR or SH. */
ExpectIntGT(test_ctx.c_len, 0);
ExpectIntEQ(test_ctx.c_buff[0], 0x16);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
}
#endif
return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------* /*----------------------------------------------------------------------------*
| Main | Main
*----------------------------------------------------------------------------*/ *----------------------------------------------------------------------------*/
@@ -64103,6 +64191,7 @@ TEST_CASE testCases[] = {
TEST_DECL(test_dtls_msg_from_other_peer), TEST_DECL(test_dtls_msg_from_other_peer),
TEST_DECL(test_dtls_ipv6_check), TEST_DECL(test_dtls_ipv6_check),
TEST_DECL(test_wolfSSL_SCR_after_resumption), TEST_DECL(test_wolfSSL_SCR_after_resumption),
TEST_DECL(test_dtls_no_extensions),
/* This test needs to stay at the end to clean up any caches allocated. */ /* This test needs to stay at the end to clean up any caches allocated. */
TEST_DECL(test_wolfSSL_Cleanup) TEST_DECL(test_wolfSSL_Cleanup)
}; };

198
tests/utils.c
View File

@@ -119,4 +119,202 @@ cleanup:
} }
#endif /* !NO_FILESYSTEM */ #endif /* !NO_FILESYSTEM */
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
/* This set of memio functions allows for more fine tuned control of the TLS
* connection operations. For new tests, try to use ssl_memio first. */
#define HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES
#define TEST_MEMIO_BUF_SZ (64 * 1024)
struct test_memio_ctx
{
byte c_buff[TEST_MEMIO_BUF_SZ];
int c_len;
const char* c_ciphers;
byte s_buff[TEST_MEMIO_BUF_SZ];
int s_len;
const char* s_ciphers;
};
int test_memio_do_handshake(WOLFSSL *ssl_c, WOLFSSL *ssl_s,
int max_rounds, int *rounds);
int test_memio_setup(struct test_memio_ctx *ctx,
WOLFSSL_CTX **ctx_c, WOLFSSL_CTX **ctx_s, WOLFSSL **ssl_c, WOLFSSL **ssl_s,
method_provider method_c, method_provider method_s);
static WC_INLINE int test_memio_write_cb(WOLFSSL *ssl, char *data, int sz,
void *ctx)
{
struct test_memio_ctx *test_ctx;
byte *buf;
int *len;
test_ctx = (struct test_memio_ctx*)ctx;
if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
buf = test_ctx->c_buff;
len = &test_ctx->c_len;
}
else {
buf = test_ctx->s_buff;
len = &test_ctx->s_len;
}
if ((unsigned)(*len + sz) > TEST_MEMIO_BUF_SZ)
return WOLFSSL_CBIO_ERR_WANT_READ;
XMEMCPY(buf + *len, data, sz);
*len += sz;
return sz;
}
static WC_INLINE int test_memio_read_cb(WOLFSSL *ssl, char *data, int sz,
void *ctx)
{
struct test_memio_ctx *test_ctx;
int read_sz;
byte *buf;
int *len;
test_ctx = (struct test_memio_ctx*)ctx;
if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
buf = test_ctx->s_buff;
len = &test_ctx->s_len;
}
else {
buf = test_ctx->c_buff;
len = &test_ctx->c_len;
}
if (*len == 0)
return WOLFSSL_CBIO_ERR_WANT_READ;
read_sz = sz < *len ? sz : *len;
XMEMCPY(data, buf, read_sz);
XMEMMOVE(buf, buf + read_sz, *len - read_sz);
*len -= read_sz;
return read_sz;
}
int test_memio_do_handshake(WOLFSSL *ssl_c, WOLFSSL *ssl_s,
int max_rounds, int *rounds)
{
byte handshake_complete = 0, hs_c = 0, hs_s = 0;
int ret, err;
if (rounds != NULL)
*rounds = 0;
while (!handshake_complete && max_rounds > 0) {
if (!hs_c) {
ret = wolfSSL_connect(ssl_c);
if (ret == WOLFSSL_SUCCESS) {
hs_c = 1;
}
else {
err = wolfSSL_get_error(ssl_c, ret);
if (err != WOLFSSL_ERROR_WANT_READ &&
err != WOLFSSL_ERROR_WANT_WRITE)
return -1;
}
}
if (!hs_s) {
ret = wolfSSL_accept(ssl_s);
if (ret == WOLFSSL_SUCCESS) {
hs_s = 1;
}
else {
err = wolfSSL_get_error(ssl_s, ret);
if (err != WOLFSSL_ERROR_WANT_READ &&
err != WOLFSSL_ERROR_WANT_WRITE)
return -1;
}
}
handshake_complete = hs_c && hs_s;
max_rounds--;
if (rounds != NULL)
*rounds = *rounds + 1;
}
if (!handshake_complete)
return -1;
return 0;
}
int test_memio_setup(struct test_memio_ctx *ctx,
WOLFSSL_CTX **ctx_c, WOLFSSL_CTX **ctx_s, WOLFSSL **ssl_c, WOLFSSL **ssl_s,
method_provider method_c, method_provider method_s)
{
int ret;
if (ctx_c != NULL && *ctx_c == NULL) {
*ctx_c = wolfSSL_CTX_new(method_c());
if (*ctx_c == NULL)
return -1;
#ifndef NO_CERTS
ret = wolfSSL_CTX_load_verify_locations(*ctx_c, caCertFile, 0);
if (ret != WOLFSSL_SUCCESS)
return -1;
#endif /* NO_CERTS */
wolfSSL_SetIORecv(*ctx_c, test_memio_read_cb);
wolfSSL_SetIOSend(*ctx_c, test_memio_write_cb);
if (ctx->c_ciphers != NULL) {
ret = wolfSSL_CTX_set_cipher_list(*ctx_c, ctx->c_ciphers);
if (ret != WOLFSSL_SUCCESS)
return -1;
}
}
if (ctx_s != NULL && *ctx_s == NULL) {
*ctx_s = wolfSSL_CTX_new(method_s());
if (*ctx_s == NULL)
return -1;
#ifndef NO_CERTS
ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, svrKeyFile,
WOLFSSL_FILETYPE_PEM);
if (ret != WOLFSSL_SUCCESS)
return- -1;
ret = wolfSSL_CTX_use_certificate_file(*ctx_s, svrCertFile,
WOLFSSL_FILETYPE_PEM);
if (ret != WOLFSSL_SUCCESS)
return -1;
#endif
wolfSSL_SetIORecv(*ctx_s, test_memio_read_cb);
wolfSSL_SetIOSend(*ctx_s, test_memio_write_cb);
if (ctx->s_ciphers != NULL) {
ret = wolfSSL_CTX_set_cipher_list(*ctx_s, ctx->s_ciphers);
if (ret != WOLFSSL_SUCCESS)
return -1;
}
}
if (ctx_c != NULL && ssl_c != NULL) {
*ssl_c = wolfSSL_new(*ctx_c);
if (*ssl_c == NULL)
return -1;
wolfSSL_SetIOWriteCtx(*ssl_c, ctx);
wolfSSL_SetIOReadCtx(*ssl_c, ctx);
}
if (ctx_s != NULL && ssl_s != NULL) {
*ssl_s = wolfSSL_new(*ctx_s);
if (*ssl_s == NULL)
return -1;
wolfSSL_SetIOWriteCtx(*ssl_s, ctx);
wolfSSL_SetIOReadCtx(*ssl_s, ctx);
#if !defined(NO_DH)
SetDH(*ssl_s);
#endif
}
return 0;
}
#endif
#endif /* WOLFSSL_TEST_UTILS_INCLUDED */ #endif /* WOLFSSL_TEST_UTILS_INCLUDED */

206
wolfssl/test.h
View File

@@ -5296,210 +5296,4 @@ void DEBUG_WRITE_DER(const byte* der, int derSz, const char* fileName);
#define DTLS_CID_BUFFER_SIZE 256 #define DTLS_CID_BUFFER_SIZE 256
#if !defined(NO_FILESYSTEM) && ( \
defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \
&& defined(WOLFSSL_TLS13) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))\
|| \
(defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)) \
|| \
(defined(HAVE_SECURE_RENEGOTIATION) && \
!defined(NO_RSA) && \
defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \
defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \
defined(HAVE_AESGCM)) \
) || \
(defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_TLS12) && \
!defined(WOLFSSL_TICKET_DECRYPT_NO_CREATE) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
!defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)) || \
(defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA) && !defined(SINGLE_THREADED) && \
!defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT))
#define TEST_MEMIO_BUF_SZ (64 * 1024)
struct test_memio_ctx
{
byte c_buff[TEST_MEMIO_BUF_SZ];
int c_len;
const char* c_ciphers;
byte s_buff[TEST_MEMIO_BUF_SZ];
int s_len;
const char* s_ciphers;
};
static WC_INLINE int test_memio_write_cb(WOLFSSL *ssl, char *data, int sz,
void *ctx)
{
struct test_memio_ctx *test_ctx;
byte *buf;
int *len;
test_ctx = (struct test_memio_ctx*)ctx;
if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
buf = test_ctx->c_buff;
len = &test_ctx->c_len;
}
else {
buf = test_ctx->s_buff;
len = &test_ctx->s_len;
}
if ((unsigned)(*len + sz) > TEST_MEMIO_BUF_SZ)
return WOLFSSL_CBIO_ERR_WANT_READ;
XMEMCPY(buf + *len, data, sz);
*len += sz;
return sz;
}
static WC_INLINE int test_memio_read_cb(WOLFSSL *ssl, char *data, int sz,
void *ctx)
{
struct test_memio_ctx *test_ctx;
int read_sz;
byte *buf;
int *len;
test_ctx = (struct test_memio_ctx*)ctx;
if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
buf = test_ctx->s_buff;
len = &test_ctx->s_len;
}
else {
buf = test_ctx->c_buff;
len = &test_ctx->c_len;
}
if (*len == 0)
return WOLFSSL_CBIO_ERR_WANT_READ;
read_sz = sz < *len ? sz : *len;
XMEMCPY(data, buf, read_sz);
XMEMMOVE(buf, buf + read_sz, *len - read_sz);
*len -= read_sz;
return read_sz;
}
static WC_INLINE int test_memio_do_handshake(WOLFSSL *ssl_c, WOLFSSL *ssl_s,
int max_rounds, int *rounds)
{
byte handshake_complete = 0, hs_c = 0, hs_s = 0;
int ret, err;
if (rounds != NULL)
*rounds = 0;
while (!handshake_complete && max_rounds > 0) {
if (!hs_c) {
ret = wolfSSL_connect(ssl_c);
if (ret == WOLFSSL_SUCCESS) {
hs_c = 1;
}
else {
err = wolfSSL_get_error(ssl_c, ret);
if (err != WOLFSSL_ERROR_WANT_READ &&
err != WOLFSSL_ERROR_WANT_WRITE)
return -1;
}
}
if (!hs_s) {
ret = wolfSSL_accept(ssl_s);
if (ret == WOLFSSL_SUCCESS) {
hs_s = 1;
}
else {
err = wolfSSL_get_error(ssl_s, ret);
if (err != WOLFSSL_ERROR_WANT_READ &&
err != WOLFSSL_ERROR_WANT_WRITE)
return -1;
}
}
handshake_complete = hs_c && hs_s;
max_rounds--;
if (rounds != NULL)
*rounds = *rounds + 1;
}
if (!handshake_complete)
return -1;
return 0;
}
static WC_INLINE int test_memio_setup(struct test_memio_ctx *ctx,
WOLFSSL_CTX **ctx_c, WOLFSSL_CTX **ctx_s, WOLFSSL **ssl_c, WOLFSSL **ssl_s,
method_provider method_c, method_provider method_s)
{
int ret;
if (ctx_c != NULL && *ctx_c == NULL) {
*ctx_c = wolfSSL_CTX_new(method_c());
if (*ctx_c == NULL)
return -1;
#ifndef NO_CERTS
ret = wolfSSL_CTX_load_verify_locations(*ctx_c, caCertFile, 0);
if (ret != WOLFSSL_SUCCESS)
return -1;
#endif /* NO_CERTS */
wolfSSL_SetIORecv(*ctx_c, test_memio_read_cb);
wolfSSL_SetIOSend(*ctx_c, test_memio_write_cb);
if (ctx->c_ciphers != NULL) {
ret = wolfSSL_CTX_set_cipher_list(*ctx_c, ctx->c_ciphers);
if (ret != WOLFSSL_SUCCESS)
return -1;
}
}
if (ctx_s != NULL && *ctx_s == NULL) {
*ctx_s = wolfSSL_CTX_new(method_s());
if (*ctx_s == NULL)
return -1;
#ifndef NO_CERTS
ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, svrKeyFile,
WOLFSSL_FILETYPE_PEM);
if (ret != WOLFSSL_SUCCESS)
return- -1;
ret = wolfSSL_CTX_use_certificate_file(*ctx_s, svrCertFile,
WOLFSSL_FILETYPE_PEM);
if (ret != WOLFSSL_SUCCESS)
return -1;
#endif
wolfSSL_SetIORecv(*ctx_s, test_memio_read_cb);
wolfSSL_SetIOSend(*ctx_s, test_memio_write_cb);
if (ctx->s_ciphers != NULL) {
ret = wolfSSL_CTX_set_cipher_list(*ctx_s, ctx->s_ciphers);
if (ret != WOLFSSL_SUCCESS)
return -1;
}
}
if (ctx_c != NULL && ssl_c != NULL) {
*ssl_c = wolfSSL_new(*ctx_c);
if (*ssl_c == NULL)
return -1;
wolfSSL_SetIOWriteCtx(*ssl_c, ctx);
wolfSSL_SetIOReadCtx(*ssl_c, ctx);
}
if (ctx_s != NULL && ssl_s != NULL) {
*ssl_s = wolfSSL_new(*ctx_s);
if (*ssl_s == NULL)
return -1;
wolfSSL_SetIOWriteCtx(*ssl_s, ctx);
wolfSSL_SetIOReadCtx(*ssl_s, ctx);
#if !defined(NO_DH)
SetDH(*ssl_s);
#endif
}
return 0;
}
#endif
#endif /* wolfSSL_TEST_H */ #endif /* wolfSSL_TEST_H */