mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-06 21:20:51 +02:00
Merge pull request #10007 from julek-wolfssl/zd/21376
DTLS 1.3: don't echo legacy_session_id in ServerHello
This commit is contained in:
+3
-3
@@ -857,9 +857,9 @@ static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch)
|
||||
nonConstSSL->options.tls1_1 = 1;
|
||||
nonConstSSL->options.tls1_3 = 1;
|
||||
|
||||
XMEMCPY(nonConstSSL->session->sessionID, ch->sessionId.elements,
|
||||
ch->sessionId.size);
|
||||
nonConstSSL->session->sessionIDSz = (byte)ch->sessionId.size;
|
||||
/* RFC 9147 Section 5.3: DTLS 1.3 ServerHello must have empty
|
||||
* legacy_session_id_echo. Don't copy the client's session ID. */
|
||||
nonConstSSL->session->sessionIDSz = 0;
|
||||
nonConstSSL->options.cipherSuite0 = cs.cipherSuite0;
|
||||
nonConstSSL->options.cipherSuite = cs.cipherSuite;
|
||||
nonConstSSL->extensions = parsedExts;
|
||||
|
||||
+5
-22
@@ -1142,10 +1142,8 @@ static int CheckSessionMatch(const WOLFSSL* ssl, const WOLFSSL_SESSION* sess)
|
||||
XMEMCMP(ssl->sessionCtx, sess->sessionCtx, sess->sessionCtxSz) != 0))
|
||||
return 0;
|
||||
#endif
|
||||
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
|
||||
if (IsAtLeastTLSv1_3(ssl->version) != IsAtLeastTLSv1_3(sess->version))
|
||||
return 0;
|
||||
#endif
|
||||
return 1;
|
||||
}
|
||||
|
||||
@@ -1553,12 +1551,11 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
|
||||
ssl->options.resuming = 1;
|
||||
ssl->options.haveEMS = (ssl->session->haveEMS) ? 1 : 0;
|
||||
|
||||
#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
|
||||
defined(HAVE_SESSION_TICKET))
|
||||
ssl->version = ssl->session->version;
|
||||
if (IsAtLeastTLSv1_3(ssl->version))
|
||||
ssl->options.tls1_3 = 1;
|
||||
#endif
|
||||
if (ssl->session->version.major != 0) {
|
||||
ssl->version = ssl->session->version;
|
||||
if (IsAtLeastTLSv1_3(ssl->version))
|
||||
ssl->options.tls1_3 = 1;
|
||||
}
|
||||
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
|
||||
(defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
|
||||
ssl->options.cipherSuite0 = ssl->session->cipherSuite0;
|
||||
@@ -2601,11 +2598,8 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
|
||||
for (i = 0; i < sess->chain.count; i++)
|
||||
size += OPAQUE16_LEN + sess->chain.certs[i].length;
|
||||
#endif
|
||||
#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
|
||||
defined(HAVE_SESSION_TICKET))
|
||||
/* Protocol version */
|
||||
size += OPAQUE16_LEN;
|
||||
#endif
|
||||
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
|
||||
(defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
|
||||
/* cipher suite */
|
||||
@@ -2681,11 +2675,8 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
|
||||
idx += sess->chain.certs[i].length;
|
||||
}
|
||||
#endif
|
||||
#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
|
||||
defined(HAVE_SESSION_TICKET))
|
||||
data[idx++] = sess->version.major;
|
||||
data[idx++] = sess->version.minor;
|
||||
#endif
|
||||
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
|
||||
(defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
|
||||
data[idx++] = sess->cipherSuite0;
|
||||
@@ -2854,8 +2845,6 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
|
||||
idx += length;
|
||||
}
|
||||
#endif
|
||||
#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
|
||||
defined(HAVE_SESSION_TICKET))
|
||||
/* Protocol Version */
|
||||
if (i - idx < OPAQUE16_LEN) {
|
||||
ret = BUFFER_ERROR;
|
||||
@@ -2863,7 +2852,6 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
|
||||
}
|
||||
s->version.major = data[idx++];
|
||||
s->version.minor = data[idx++];
|
||||
#endif
|
||||
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
|
||||
(defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
|
||||
/* Cipher suite */
|
||||
@@ -3176,10 +3164,8 @@ static void SESSION_ex_data_cache_update(WOLFSSL_SESSION* session, int idx,
|
||||
if (cacheSession && cacheSession->sessionIDSz == ID_LEN &&
|
||||
XMEMCMP(id, cacheSession->sessionID, ID_LEN) == 0
|
||||
&& session->side == cacheSession->side
|
||||
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
|
||||
&& (IsAtLeastTLSv1_3(session->version) ==
|
||||
IsAtLeastTLSv1_3(cacheSession->version))
|
||||
#endif
|
||||
) {
|
||||
if (get) {
|
||||
if (getRet) {
|
||||
@@ -3604,10 +3590,7 @@ void SetupSession(WOLFSSL* ssl)
|
||||
#ifndef NO_ASN_TIME
|
||||
session->bornOn = LowResTimer();
|
||||
#endif
|
||||
#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
|
||||
defined(HAVE_SESSION_TICKET))
|
||||
session->version = ssl->version;
|
||||
#endif
|
||||
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
|
||||
(defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
|
||||
session->cipherSuite0 = ssl->options.cipherSuite0;
|
||||
|
||||
@@ -12198,7 +12198,6 @@ static int TLSX_PreSharedKey_Parse(WOLFSSL* ssl, const byte* input,
|
||||
}
|
||||
list->chosen = 1;
|
||||
|
||||
#ifdef HAVE_SESSION_TICKET
|
||||
if (list->resumption) {
|
||||
/* Check that the session's details are the same as the server's. */
|
||||
if (ssl->options.cipherSuite0 != ssl->session->cipherSuite0 ||
|
||||
@@ -12209,7 +12208,6 @@ static int TLSX_PreSharedKey_Parse(WOLFSSL* ssl, const byte* input,
|
||||
return PSK_KEY_ERROR;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
+61
-17
@@ -4574,8 +4574,8 @@ int SendTls13ClientHello(WOLFSSL* ssl)
|
||||
}
|
||||
#endif /* WOLFSSL_DTLS */
|
||||
|
||||
#ifdef HAVE_SESSION_TICKET
|
||||
if (ssl->options.resuming &&
|
||||
ssl->session->version.major != 0 &&
|
||||
(ssl->session->version.major != ssl->version.major ||
|
||||
ssl->session->version.minor != ssl->version.minor)) {
|
||||
#ifndef WOLFSSL_NO_TLS12
|
||||
@@ -4594,7 +4594,6 @@ int SendTls13ClientHello(WOLFSSL* ssl)
|
||||
return VERSION_ERROR;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
suites = WOLFSSL_SUITES(ssl);
|
||||
if (suites == NULL) {
|
||||
@@ -4648,6 +4647,13 @@ int SendTls13ClientHello(WOLFSSL* ssl)
|
||||
ssl->session->sessionIDSz = 0;
|
||||
ssl->options.tls13MiddleBoxCompat = 0;
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_DTLS13
|
||||
if (ssl->options.dtls) {
|
||||
/* RFC 9147 Section 5: DTLS implementations do not use the
|
||||
* TLS 1.3 "compatibility mode" */
|
||||
ssl->options.tls13MiddleBoxCompat = 0;
|
||||
}
|
||||
#endif
|
||||
GetTls13SessionId(ssl, NULL, &sessIdSz);
|
||||
args->length += (word16)sessIdSz;
|
||||
@@ -5591,8 +5597,17 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
}
|
||||
else
|
||||
#endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */
|
||||
#if defined(WOLFSSL_QUIC) || defined(WOLFSSL_DTLS13)
|
||||
if (0
|
||||
#ifdef WOLFSSL_QUIC
|
||||
if (WOLFSSL_IS_QUIC(ssl)) {
|
||||
|| WOLFSSL_IS_QUIC(ssl)
|
||||
#endif
|
||||
#ifdef WOLFSSL_DTLS13
|
||||
|| ssl->options.dtls
|
||||
#endif
|
||||
) {
|
||||
/* RFC 9147 Section 5.3 / RFC 9001 Section 8.4: DTLS 1.3 and QUIC
|
||||
* ServerHello must have empty legacy_session_id_echo. */
|
||||
if (args->sessIdSz != 0) {
|
||||
WOLFSSL_MSG("args->sessIdSz != 0");
|
||||
WOLFSSL_ERROR_VERBOSE(INVALID_PARAMETER);
|
||||
@@ -5600,7 +5615,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* WOLFSSL_QUIC */
|
||||
#endif /* WOLFSSL_QUIC || WOLFSSL_DTLS13 */
|
||||
if (args->sessIdSz != ssl->session->sessionIDSz || (args->sessIdSz > 0 &&
|
||||
XMEMCMP(ssl->session->sessionID, args->sessId, args->sessIdSz) != 0))
|
||||
{
|
||||
@@ -6563,6 +6578,7 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie)
|
||||
word16 length;
|
||||
int keyShareExt = 0;
|
||||
int ret;
|
||||
byte sessIdSz;
|
||||
|
||||
ret = TlsCheckCookie(ssl, cookie->data, (byte)cookie->len);
|
||||
if (ret < 0)
|
||||
@@ -6587,7 +6603,13 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie)
|
||||
return ret;
|
||||
|
||||
/* Reconstruct the HelloRetryMessage for handshake hash. */
|
||||
length = HRR_BODY_SZ - ID_LEN + ssl->session->sessionIDSz +
|
||||
sessIdSz = ssl->session->sessionIDSz;
|
||||
#ifdef WOLFSSL_DTLS13
|
||||
/* RFC 9147 Section 5.3: DTLS 1.3 must use empty legacy_session_id. */
|
||||
if (ssl->options.dtls)
|
||||
sessIdSz = 0;
|
||||
#endif
|
||||
length = HRR_BODY_SZ - ID_LEN + sessIdSz +
|
||||
HRR_COOKIE_HDR_SZ + cookie->len;
|
||||
length += HRR_VERSIONS_SZ;
|
||||
/* HashSz (1 byte) + Hash (HashSz bytes) + CipherSuite (2 bytes) */
|
||||
@@ -6614,10 +6636,10 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie)
|
||||
XMEMCPY(hrr + hrrIdx, helloRetryRequestRandom, RAN_LEN);
|
||||
hrrIdx += RAN_LEN;
|
||||
|
||||
hrr[hrrIdx++] = ssl->session->sessionIDSz;
|
||||
if (ssl->session->sessionIDSz > 0) {
|
||||
XMEMCPY(hrr + hrrIdx, ssl->session->sessionID, ssl->session->sessionIDSz);
|
||||
hrrIdx += ssl->session->sessionIDSz;
|
||||
hrr[hrrIdx++] = sessIdSz;
|
||||
if (sessIdSz > 0) {
|
||||
XMEMCPY(hrr + hrrIdx, ssl->session->sessionID, sessIdSz);
|
||||
hrrIdx += sessIdSz;
|
||||
}
|
||||
|
||||
/* Restore the cipher suite from the cookie. */
|
||||
@@ -6630,7 +6652,7 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie)
|
||||
hrr[hrrIdx++] = 0;
|
||||
|
||||
/* Extensions' length */
|
||||
length -= HRR_BODY_SZ - ID_LEN + ssl->session->sessionIDSz;
|
||||
length -= HRR_BODY_SZ - ID_LEN + sessIdSz;
|
||||
c16toa(length, hrr + hrrIdx);
|
||||
hrrIdx += 2;
|
||||
|
||||
@@ -7055,9 +7077,20 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
if (sessIdSz + args->idx > helloSz)
|
||||
ERROR_OUT(BUFFER_ERROR, exit_dch);
|
||||
|
||||
ssl->session->sessionIDSz = sessIdSz;
|
||||
if (sessIdSz > 0)
|
||||
XMEMCPY(ssl->session->sessionID, input + args->idx, sessIdSz);
|
||||
#ifdef WOLFSSL_DTLS13
|
||||
/* RFC 9147 Section 5.3: DTLS 1.3 ServerHello must have empty
|
||||
* legacy_session_id_echo. Don't store the client's value so it
|
||||
* won't be echoed in SendTls13ServerHello. */
|
||||
if (ssl->options.dtls) {
|
||||
ssl->session->sessionIDSz = 0;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
ssl->session->sessionIDSz = sessIdSz;
|
||||
if (sessIdSz > 0)
|
||||
XMEMCPY(ssl->session->sessionID, input + args->idx, sessIdSz);
|
||||
}
|
||||
args->idx += sessIdSz;
|
||||
|
||||
#ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
|
||||
@@ -7630,10 +7663,21 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType)
|
||||
WOLFSSL_BUFFER(ssl->arrays->serverRandom, RAN_LEN);
|
||||
#endif
|
||||
|
||||
output[idx++] = ssl->session->sessionIDSz;
|
||||
if (ssl->session->sessionIDSz > 0) {
|
||||
XMEMCPY(output + idx, ssl->session->sessionID, ssl->session->sessionIDSz);
|
||||
idx += ssl->session->sessionIDSz;
|
||||
#ifdef WOLFSSL_DTLS13
|
||||
if (ssl->options.dtls) {
|
||||
/* RFC 9147 Section 5.3: DTLS 1.3 ServerHello must have empty
|
||||
* legacy_session_id_echo. */
|
||||
output[idx++] = 0;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
output[idx++] = ssl->session->sessionIDSz;
|
||||
if (ssl->session->sessionIDSz > 0) {
|
||||
XMEMCPY(output + idx, ssl->session->sessionID,
|
||||
ssl->session->sessionIDSz);
|
||||
idx += ssl->session->sessionIDSz;
|
||||
}
|
||||
}
|
||||
|
||||
/* Chosen cipher suite */
|
||||
|
||||
+5
-8
@@ -4559,12 +4559,12 @@ static WC_INLINE int test_ssl_memio_write_cb(WOLFSSL *ssl, char *data, int sz,
|
||||
* "Import from Hex Dump..." option ion and selecting the TCP
|
||||
* encapsulation option. */
|
||||
char dump_file_name[64];
|
||||
WOLFSSL_BIO *dump_file;
|
||||
XFILE dump_file;
|
||||
sprintf(dump_file_name, "%s/%s.dump", tmpDirName, currentTestName);
|
||||
dump_file = wolfSSL_BIO_new_file(dump_file_name, "a");
|
||||
if (dump_file != NULL) {
|
||||
(void)wolfSSL_BIO_write(dump_file, data, sz);
|
||||
wolfSSL_BIO_free(dump_file);
|
||||
dump_file = XFOPEN(dump_file_name, "ab");
|
||||
if (dump_file != XBADFILE) {
|
||||
(void)XFWRITE(data, 1, (size_t)sz, dump_file);
|
||||
XFCLOSE(dump_file);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
@@ -30950,10 +30950,7 @@ static int test_short_session_id_ssl_ready(WOLFSSL* ssl)
|
||||
/* Setup the session to avoid errors */
|
||||
ssl->session->timeout = (word32)-1;
|
||||
ssl->session->side = WOLFSSL_CLIENT_END;
|
||||
#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
|
||||
defined(HAVE_SESSION_TICKET))
|
||||
ssl->session->version = ssl->version;
|
||||
#endif
|
||||
/* Force a short session ID to be sent */
|
||||
ssl->session->sessionIDSz = 4;
|
||||
#ifndef NO_SESSION_CACHE_REF
|
||||
|
||||
@@ -2727,3 +2727,90 @@ int test_dtls13_min_rtx_interval(void)
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
/* RFC 9147 Section 5.3: DTLS 1.3 ServerHello must have empty
|
||||
* legacy_session_id_echo, even if the ClientHello had a non-empty
|
||||
* legacy_session_id. */
|
||||
int test_dtls13_no_session_id_echo(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) && \
|
||||
defined(HAVE_SESSION_TICKET)
|
||||
struct test_memio_ctx test_ctx;
|
||||
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
|
||||
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
|
||||
WOLFSSL_SESSION *sess = NULL;
|
||||
char readBuf[1];
|
||||
/* Use traditional groups to avoid HRR from PQ key share mismatch */
|
||||
int groups[] = {
|
||||
WOLFSSL_ECC_SECP256R1,
|
||||
WOLFSSL_ECC_SECP384R1,
|
||||
};
|
||||
|
||||
/* First connection: complete a DTLS 1.3 handshake to get a session */
|
||||
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
|
||||
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
|
||||
wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
|
||||
ExpectIntEQ(wolfSSL_set_groups(ssl_c, groups, 2), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
|
||||
|
||||
/* Read to process any NewSessionTicket */
|
||||
ExpectIntEQ(wolfSSL_read(ssl_c, readBuf, sizeof(readBuf)), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
|
||||
|
||||
/* Ensure the session has a non-empty session ID so the ClientHello
|
||||
* will have a populated legacy_session_id field (which is legal per
|
||||
* RFC 9147). */
|
||||
if (sess != NULL && sess->sessionIDSz == 0) {
|
||||
sess->sessionIDSz = ID_LEN;
|
||||
XMEMSET(sess->sessionID, 0x42, ID_LEN);
|
||||
}
|
||||
|
||||
wolfSSL_free(ssl_c); ssl_c = NULL;
|
||||
wolfSSL_free(ssl_s); ssl_s = NULL;
|
||||
wolfSSL_CTX_free(ctx_c); ctx_c = NULL;
|
||||
wolfSSL_CTX_free(ctx_s); ctx_s = NULL;
|
||||
|
||||
/* Second connection: set the session on the client so the ClientHello
|
||||
* contains a non-empty legacy_session_id. Verify the server does NOT
|
||||
* echo it in the ServerHello. */
|
||||
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
|
||||
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
|
||||
wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
|
||||
ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
|
||||
/* Use traditional groups to avoid HRR from key share mismatch */
|
||||
ExpectIntEQ(wolfSSL_set_groups(ssl_c, groups, 2), WOLFSSL_SUCCESS);
|
||||
/* Disable HRR cookie so the server directly sends a ServerHello */
|
||||
ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS);
|
||||
|
||||
/* Client sends ClientHello (with non-empty legacy_session_id) */
|
||||
ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* Server processes ClientHello and sends ServerHello + flight */
|
||||
ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* Verify the ServerHello on the wire.
|
||||
* Layout: DTLS Record Header (13) + DTLS Handshake Header (12) +
|
||||
* ProtocolVersion (2) + Random (32) = offset 59 for
|
||||
* legacy_session_id_echo length byte. */
|
||||
ExpectIntGE(test_ctx.c_len, 60);
|
||||
ExpectIntEQ(test_ctx.c_buff[0], handshake);
|
||||
ExpectIntEQ(test_ctx.c_buff[DTLS_RECORD_HEADER_SZ], server_hello);
|
||||
ExpectIntEQ(test_ctx.c_buff[DTLS_RECORD_HEADER_SZ +
|
||||
DTLS_HANDSHAKE_HEADER_SZ + OPAQUE16_LEN + RAN_LEN], 0);
|
||||
|
||||
/* Complete the handshake */
|
||||
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
|
||||
|
||||
wolfSSL_SESSION_free(sess);
|
||||
wolfSSL_free(ssl_c);
|
||||
wolfSSL_free(ssl_s);
|
||||
wolfSSL_CTX_free(ctx_c);
|
||||
wolfSSL_CTX_free(ctx_s);
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
@@ -52,6 +52,7 @@ int test_dtls_memio_wolfio_stateless(void);
|
||||
int test_dtls_mtu_fragment_headroom(void);
|
||||
int test_dtls_mtu_split_messages(void);
|
||||
int test_dtls13_min_rtx_interval(void);
|
||||
int test_dtls13_no_session_id_echo(void);
|
||||
|
||||
#define TEST_DTLS_DECLS \
|
||||
TEST_DECL_GROUP("dtls", test_dtls12_basic_connection_id), \
|
||||
@@ -83,5 +84,6 @@ int test_dtls13_min_rtx_interval(void);
|
||||
TEST_DECL_GROUP("dtls", test_dtls_mtu_fragment_headroom), \
|
||||
TEST_DECL_GROUP("dtls", test_dtls_mtu_split_messages), \
|
||||
TEST_DECL_GROUP("dtls", test_dtls_memio_wolfio_stateless), \
|
||||
TEST_DECL_GROUP("dtls", test_dtls13_min_rtx_interval)
|
||||
TEST_DECL_GROUP("dtls", test_dtls13_min_rtx_interval), \
|
||||
TEST_DECL_GROUP("dtls", test_dtls13_no_session_id_echo)
|
||||
#endif /* TESTS_API_DTLS_H */
|
||||
|
||||
+5
-5
@@ -80,12 +80,12 @@ int test_memio_write_cb(WOLFSSL *ssl, char *data, int sz, void *ctx)
|
||||
#ifdef WOLFSSL_DUMP_MEMIO_STREAM
|
||||
{
|
||||
char dump_file_name[64];
|
||||
WOLFSSL_BIO *dump_file;
|
||||
XFILE dump_file;
|
||||
sprintf(dump_file_name, "%s/%s.dump", tmpDirName, currentTestName);
|
||||
dump_file = wolfSSL_BIO_new_file(dump_file_name, "a");
|
||||
if (dump_file != NULL) {
|
||||
(void)wolfSSL_BIO_write(dump_file, data, sz);
|
||||
wolfSSL_BIO_free(dump_file);
|
||||
dump_file = XFOPEN(dump_file_name, "ab");
|
||||
if (dump_file != XBADFILE) {
|
||||
(void)XFWRITE(data, 1, (size_t)sz, dump_file);
|
||||
XFCLOSE(dump_file);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
+147
-74
@@ -22732,55 +22732,74 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t decodedCertCache_test(void)
|
||||
#endif /* defined(WOLFSSL_CERT_GEN_CACHE) && defined(WOLFSSL_TEST_CERT) &&
|
||||
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) */
|
||||
|
||||
#define RSA_TEST_BYTES 512 /* up to 4096-bit key */
|
||||
#define RSA_TEST_BYTES (RSA_MAX_SIZE / 8)
|
||||
|
||||
#if !defined(NO_ASN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
|
||||
!defined(WOLFSSL_RSA_VERIFY_ONLY)
|
||||
static wc_test_ret_t rsa_flatten_test(RsaKey* key)
|
||||
{
|
||||
wc_test_ret_t ret;
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
byte* e = NULL;
|
||||
byte* n = NULL;
|
||||
#else
|
||||
byte e[RSA_TEST_BYTES];
|
||||
byte n[RSA_TEST_BYTES];
|
||||
word32 eSz = sizeof(e);
|
||||
word32 nSz = sizeof(n);
|
||||
#endif
|
||||
word32 eSz = RSA_TEST_BYTES;
|
||||
word32 nSz = RSA_TEST_BYTES;
|
||||
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
e = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
n = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (e == NULL || n == NULL)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa_flatten);
|
||||
#endif
|
||||
|
||||
/* Parameter Validation testing. */
|
||||
ret = wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten);
|
||||
|
||||
ret = wc_RsaFlattenPublicKey(key, NULL, &eSz, n, &nSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten);
|
||||
|
||||
ret = wc_RsaFlattenPublicKey(key, e, NULL, n, &nSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten);
|
||||
|
||||
ret = wc_RsaFlattenPublicKey(key, e, &eSz, NULL, &nSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten);
|
||||
|
||||
ret = wc_RsaFlattenPublicKey(key, e, &eSz, n, NULL);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten);
|
||||
|
||||
ret = wc_RsaFlattenPublicKey(key, e, &eSz, n, &nSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten);
|
||||
|
||||
eSz = 0;
|
||||
ret = wc_RsaFlattenPublicKey(key, e, &eSz, n, &nSz);
|
||||
if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten);
|
||||
|
||||
eSz = sizeof(e);
|
||||
eSz = RSA_TEST_BYTES;
|
||||
nSz = 0;
|
||||
ret = wc_RsaFlattenPublicKey(key, e, &eSz, n, &nSz);
|
||||
if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_flatten);
|
||||
|
||||
return 0;
|
||||
ret = 0;
|
||||
|
||||
exit_rsa_flatten:
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
XFREE(e, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(n, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
#endif /* NO_ASN */
|
||||
|
||||
@@ -22789,75 +22808,100 @@ static wc_test_ret_t rsa_flatten_test(RsaKey* key)
|
||||
static wc_test_ret_t rsa_export_key_test(RsaKey* key)
|
||||
{
|
||||
wc_test_ret_t ret;
|
||||
byte e[3];
|
||||
byte e[3];
|
||||
word32 eSz = sizeof(e);
|
||||
byte n[RSA_TEST_BYTES];
|
||||
word32 nSz = sizeof(n);
|
||||
byte d[RSA_TEST_BYTES];
|
||||
word32 dSz = sizeof(d);
|
||||
byte p[RSA_TEST_BYTES/2];
|
||||
word32 pSz = sizeof(p);
|
||||
byte q[RSA_TEST_BYTES/2];
|
||||
word32 qSz = sizeof(q);
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
byte* n = NULL;
|
||||
byte* d = NULL;
|
||||
byte* p = NULL;
|
||||
byte* q = NULL;
|
||||
#else
|
||||
byte n[RSA_TEST_BYTES];
|
||||
byte d[RSA_TEST_BYTES];
|
||||
byte p[RSA_TEST_BYTES/2];
|
||||
byte q[RSA_TEST_BYTES/2];
|
||||
#endif
|
||||
word32 nSz = RSA_TEST_BYTES;
|
||||
word32 dSz = RSA_TEST_BYTES;
|
||||
word32 pSz = RSA_TEST_BYTES/2;
|
||||
word32 qSz = RSA_TEST_BYTES/2;
|
||||
word32 zero = 0;
|
||||
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
n = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
d = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
p = (byte*)XMALLOC(RSA_TEST_BYTES/2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
q = (byte*)XMALLOC(RSA_TEST_BYTES/2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (n == NULL || d == NULL || p == NULL || q == NULL)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa_export);
|
||||
#endif
|
||||
|
||||
ret = wc_RsaExportKey(NULL, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, NULL, &eSz, n, &nSz, d, &dSz, p, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, NULL, n, &nSz, d, &dSz, p, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, NULL, &nSz, d, &dSz, p, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, NULL, d, &dSz, p, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, NULL, &dSz, p, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, NULL, p, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, NULL, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, NULL, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, NULL, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q, NULL);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
|
||||
ret = wc_RsaExportKey(key, e, &zero, n, &nSz, d, &dSz, p, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &zero, d, &dSz, p, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &zero, p, &pSz, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &zero, q, &qSz);
|
||||
if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q, &zero);
|
||||
if (ret != WC_NO_ERR_TRACE(RSA_BUFFER_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
|
||||
ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q, &qSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_export);
|
||||
|
||||
return 0;
|
||||
ret = 0;
|
||||
|
||||
exit_rsa_export:
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
XFREE(n, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(d, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(p, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(q, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
#endif /* !HAVE_FIPS && !NO_ASN && !WOLFSSL_RSA_VERIFY_ONLY */
|
||||
|
||||
@@ -22884,41 +22928,51 @@ static wc_test_ret_t rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG
|
||||
0xa6, 0x58, 0x0a, 0x33, 0x0b, 0x84, 0x5f, 0x5f
|
||||
};
|
||||
word32 inLen = (word32)XSTRLEN((char*)in);
|
||||
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
|
||||
word32 outSz = RSA_TEST_BYTES;
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
byte* out = NULL;
|
||||
out = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (out == NULL)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa_sig);
|
||||
#else
|
||||
byte out[RSA_TEST_BYTES];
|
||||
#endif
|
||||
|
||||
/* Parameter Validation testing. */
|
||||
ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_NONE, key, keyLen);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_RSA, key, 0);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
sigSz = (word32)modLen;
|
||||
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, NULL,
|
||||
inLen, out, &sigSz, key, keyLen, rng);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
0, out, &sigSz, key, keyLen, rng);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, NULL, &sigSz, key, keyLen, rng);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, NULL, key, keyLen, rng);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, &sigSz, NULL, keyLen, rng);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, &sigSz, key, 0, rng);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, &sigSz, key, keyLen, NULL);
|
||||
#if defined(WOLFSSL_AFALG_XILINX_RSA) || defined(WOLFSSL_XILINX_CRYPT)
|
||||
@@ -22942,112 +22996,119 @@ static wc_test_ret_t rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG
|
||||
#else
|
||||
if (ret != WC_NO_ERR_TRACE(MISSING_RNG_E))
|
||||
#endif
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
sigSz = 0;
|
||||
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, &sigSz, key, keyLen, rng);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, NULL,
|
||||
inLen, out, (word32)modLen, key, keyLen);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
0, out, (word32)modLen, key, keyLen);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, NULL, (word32)modLen, key, keyLen);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, 0, key, keyLen);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, (word32)modLen, NULL, keyLen);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, (word32)modLen, key, 0);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
#ifndef HAVE_ECC
|
||||
ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_ECC, key, keyLen);
|
||||
if (ret != WC_NO_ERR_TRACE(SIG_TYPE_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
#endif
|
||||
#if defined(WOLF_CRYPTO_CB_ONLY_RSA)
|
||||
return 0;
|
||||
ret = 0;
|
||||
goto exit_rsa_sig;
|
||||
#endif
|
||||
/* Use APIs. */
|
||||
ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_RSA, key, keyLen);
|
||||
if (ret != modLen)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
ret = wc_SignatureGetSize(WC_SIGNATURE_TYPE_RSA_W_ENC, key, keyLen);
|
||||
if (ret != modLen)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
sigSz = (word32)ret;
|
||||
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
|
||||
XMEMSET(out, 0, sizeof(out));
|
||||
XMEMSET(out, 0, outSz);
|
||||
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, &sigSz, key, keyLen, rng);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, (word32)modLen, key, keyLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
sigSz = (word32)sizeof(out);
|
||||
sigSz = outSz;
|
||||
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA_W_ENC,
|
||||
in, inLen, out, &sigSz, key, keyLen, rng);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA_W_ENC,
|
||||
in, inLen, out, (word32)modLen, key, keyLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
/* Wrong signature type. */
|
||||
ret = wc_SignatureVerify(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
|
||||
inLen, out, (word32)modLen, key, keyLen);
|
||||
if (ret == 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
/* check hash functions */
|
||||
sigSz = (word32)sizeof(out);
|
||||
sigSz = outSz;
|
||||
ret = wc_SignatureGenerateHash(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA,
|
||||
hash, (int)sizeof(hash), out, &sigSz, key, keyLen, rng);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
ret = wc_SignatureVerifyHash(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA,
|
||||
hash, (int)sizeof(hash), out, (word32)modLen, key, keyLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
sigSz = (word32)sizeof(out);
|
||||
sigSz = outSz;
|
||||
ret = wc_SignatureGenerateHash(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA_W_ENC,
|
||||
hashEnc, (int)sizeof(hashEnc), out, &sigSz, key, keyLen, rng);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
|
||||
ret = wc_SignatureVerifyHash(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA_W_ENC,
|
||||
hashEnc, (int)sizeof(hashEnc), out, (word32)modLen, key, keyLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_sig);
|
||||
#else
|
||||
(void)hash;
|
||||
(void)hashEnc;
|
||||
#endif /* !WOLFSSL_RSA_PUBLIC_ONLY && !WOLFSSL_RSA_VERIFY_ONLY */
|
||||
|
||||
return 0;
|
||||
ret = 0;
|
||||
|
||||
exit_rsa_sig:
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
#endif /* !NO_SIG_WRAPPER && !NO_SHA256 */
|
||||
|
||||
@@ -64286,7 +64347,11 @@ static wc_test_ret_t rsa_onlycb_test(myCryptoDevCtx *ctx)
|
||||
|
||||
word32 sigSz;
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte in[] = TEST_STRING;
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
byte* out = NULL;
|
||||
#else
|
||||
byte out[RSA_TEST_BYTES];
|
||||
#endif
|
||||
|
||||
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \
|
||||
!defined(USE_CERT_BUFFERS_3072) && !defined(USE_CERT_BUFFERS_4096) && \
|
||||
@@ -64324,6 +64389,11 @@ static wc_test_ret_t rsa_onlycb_test(myCryptoDevCtx *ctx)
|
||||
if (tmp == NULL)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, exit_onlycb);
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
out = (byte*)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (out == NULL)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, exit_onlycb);
|
||||
#endif
|
||||
|
||||
#ifdef USE_CERT_BUFFERS_1024
|
||||
XMEMCPY(tmp, client_key_der_1024, (size_t)sizeof_client_key_der_1024);
|
||||
@@ -64417,6 +64487,9 @@ exit_onlycb:
|
||||
#else
|
||||
wc_FreeRsaKey(key);
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
#endif
|
||||
return ret;
|
||||
|
||||
@@ -4692,10 +4692,7 @@ struct WOLFSSL_SESSION {
|
||||
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
|
||||
WOLFSSL_X509* peer; /* peer cert */
|
||||
#endif
|
||||
#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
|
||||
defined(HAVE_SESSION_TICKET))
|
||||
ProtocolVersion version; /* which version was used */
|
||||
#endif
|
||||
#if defined(SESSION_CERTS) || !defined(NO_RESUME_SUITE_CHECK) || \
|
||||
(defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
|
||||
byte cipherSuite0; /* first byte, normally 0 */
|
||||
|
||||
Reference in New Issue
Block a user