From 609e30a69cde757dc85ed815fd86de14840c3a6c Mon Sep 17 00:00:00 2001 From: Marco Oliverio Date: Tue, 2 Dec 2025 11:02:12 +0100 Subject: [PATCH] test: tls13_early_data: refactor splitEarlyData test option --- tests/api/test_tls13.c | 254 +++++++++++++++++++++-------------------- 1 file changed, 129 insertions(+), 125 deletions(-) diff --git a/tests/api/test_tls13.c b/tests/api/test_tls13.c index abf0e1e02..59ad15abe 100644 --- a/tests/api/test_tls13.c +++ b/tests/api/test_tls13.c @@ -2011,164 +2011,168 @@ int test_tls13_early_data(void) method_provider server_meth; const char* tls_version; int isUdp; + int splitEarlyData; } params[] = { #ifdef WOLFSSL_TLS13 { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, - "TLS 1.3", 0 }, + "TLS 1.3", 0, 0 }, + { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, + "TLS 1.3", 0, 1 }, #endif #ifdef WOLFSSL_DTLS13 { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, - "DTLS 1.3", 1 }, + "DTLS 1.3", 1, 0 }, + { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, + "DTLS 1.3", 1, 1 }, #endif }; for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) { - for (splitEarlyData = 0; splitEarlyData < 2; splitEarlyData++) { - struct test_memio_ctx test_ctx; - WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; - WOLFSSL *ssl_c = NULL, *ssl_s = NULL; - WOLFSSL_SESSION *sess = NULL; + struct test_memio_ctx test_ctx; + WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; + WOLFSSL *ssl_c = NULL, *ssl_s = NULL; + WOLFSSL_SESSION *sess = NULL; + int splitEarlyData = params[i].splitEarlyData; - XMEMSET(&test_ctx, 0, sizeof(test_ctx)); + XMEMSET(&test_ctx, 0, sizeof(test_ctx)); - fprintf(stderr, "\tEarly data with %s\n", params[i].tls_version); + fprintf(stderr, "\tEarly data with %s\n", params[i].tls_version); - ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, - &ssl_s, params[i].client_meth, params[i].server_meth), 0); - - /* Get a ticket so that we can do 0-RTT on the next connection */ - ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); - /* Make sure we read the ticket */ - ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), -1); - ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); - ExpectNotNull(sess = wolfSSL_get1_session(ssl_c)); - - wolfSSL_free(ssl_c); - ssl_c = NULL; - wolfSSL_free(ssl_s); - ssl_s = NULL; - XMEMSET(&test_ctx, 0, sizeof(test_ctx)); - ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, + ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, params[i].client_meth, params[i].server_meth), 0); - wolfSSL_SetLoggingPrefix("client"); - ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS); + + /* Get a ticket so that we can do 0-RTT on the next connection */ + ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0); + /* Make sure we read the ticket */ + ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), -1); + ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ); + ExpectNotNull(sess = wolfSSL_get1_session(ssl_c)); + + wolfSSL_free(ssl_c); + ssl_c = NULL; + wolfSSL_free(ssl_s); + ssl_s = NULL; + XMEMSET(&test_ctx, 0, sizeof(test_ctx)); + ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, + &ssl_s, params[i].client_meth, params[i].server_meth), 0); + wolfSSL_SetLoggingPrefix("client"); + ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS); #ifdef WOLFSSL_DTLS13 - if (params[i].isUdp) { - wolfSSL_SetLoggingPrefix("server"); + if (params[i].isUdp) { + wolfSSL_SetLoggingPrefix("server"); #ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME - ExpectIntEQ(wolfSSL_dtls13_no_hrr_on_resume(ssl_s, 1), - WOLFSSL_SUCCESS); + ExpectIntEQ(wolfSSL_dtls13_no_hrr_on_resume(ssl_s, 1), + WOLFSSL_SUCCESS); #else - /* Let's test this but we generally don't recommend turning off - * the cookie exchange */ - ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS); + /* Let's test this but we generally don't recommend turning off + * the cookie exchange */ + ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS); #endif - } + } #endif - /* Test 0-RTT data */ - wolfSSL_SetLoggingPrefix("client"); + /* Test 0-RTT data */ + wolfSSL_SetLoggingPrefix("client"); + ExpectIntEQ(wolfSSL_write_early_data(ssl_c, msg, sizeof(msg), + &written), sizeof(msg)); + ExpectIntEQ(written, sizeof(msg)); + + if (splitEarlyData) { ExpectIntEQ(wolfSSL_write_early_data(ssl_c, msg, sizeof(msg), &written), sizeof(msg)); ExpectIntEQ(written, sizeof(msg)); + } - if (splitEarlyData) { - ExpectIntEQ(wolfSSL_write_early_data(ssl_c, msg, sizeof(msg), - &written), sizeof(msg)); - ExpectIntEQ(written, sizeof(msg)); - } + /* Read first 0-RTT data (if split otherwise entire data) */ + wolfSSL_SetLoggingPrefix("server"); + ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf), + &read), sizeof(msg)); + ExpectIntEQ(read, sizeof(msg)); + ExpectStrEQ(msg, msgBuf); - /* Read first 0-RTT data (if split otherwise entire data) */ - wolfSSL_SetLoggingPrefix("server"); - ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf), - &read), sizeof(msg)); + /* Test 0.5-RTT data */ + ExpectIntEQ(wolfSSL_write(ssl_s, msg4, sizeof(msg4)), sizeof(msg4)); + + if (splitEarlyData) { + /* Read second 0-RTT data */ + ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, + sizeof(msgBuf), &read), sizeof(msg)); ExpectIntEQ(read, sizeof(msg)); ExpectStrEQ(msg, msgBuf); + } - /* Test 0.5-RTT data */ - ExpectIntEQ(wolfSSL_write(ssl_s, msg4, sizeof(msg4)), sizeof(msg4)); - - if (splitEarlyData) { - /* Read second 0-RTT data */ - ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, - sizeof(msgBuf), &read), sizeof(msg)); - ExpectIntEQ(read, sizeof(msg)); - ExpectStrEQ(msg, msgBuf); - } - - if (params[i].isUdp) { - wolfSSL_SetLoggingPrefix("client"); - ExpectIntEQ(wolfSSL_connect(ssl_c), -1); - ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), - WC_NO_ERR_TRACE(APP_DATA_READY)); - - /* Read server 0.5-RTT data */ - ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), - sizeof(msg4)); - ExpectStrEQ(msg4, msgBuf); - - /* Complete handshake */ - ExpectIntEQ(wolfSSL_connect(ssl_c), -1); - ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), - WOLFSSL_ERROR_WANT_READ); - /* Use wolfSSL_is_init_finished to check if handshake is - * complete. Normally a user would loop until it is true but - * here we control both sides so we just assert the expected - * value. wolfSSL_read_early_data does not provide handshake - * status to us with non-blocking IO and we can't use - * wolfSSL_accept as TLS layer may return ZERO_RETURN due to - * early data parsing logic. */ - wolfSSL_SetLoggingPrefix("server"); - ExpectFalse(wolfSSL_is_init_finished(ssl_s)); - ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, - sizeof(msgBuf), &read), 0); - ExpectIntEQ(read, 0); - ExpectTrue(wolfSSL_is_init_finished(ssl_s)); - - wolfSSL_SetLoggingPrefix("client"); - ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); - } - else { - wolfSSL_SetLoggingPrefix("client"); - ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); - - wolfSSL_SetLoggingPrefix("server"); - ExpectFalse(wolfSSL_is_init_finished(ssl_s)); - ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, - sizeof(msgBuf), &read), 0); - ExpectIntEQ(read, 0); - ExpectTrue(wolfSSL_is_init_finished(ssl_s)); - - /* Read server 0.5-RTT data */ - wolfSSL_SetLoggingPrefix("client"); - ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), - sizeof(msg4)); - ExpectStrEQ(msg4, msgBuf); - } - - /* Test bi-directional write */ + if (params[i].isUdp) { wolfSSL_SetLoggingPrefix("client"); - ExpectIntEQ(wolfSSL_write(ssl_c, msg2, sizeof(msg2)), sizeof(msg2)); + ExpectIntEQ(wolfSSL_connect(ssl_c), -1); + ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), + WC_NO_ERR_TRACE(APP_DATA_READY)); + + /* Read server 0.5-RTT data */ + ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), + sizeof(msg4)); + ExpectStrEQ(msg4, msgBuf); + + /* Complete handshake */ + ExpectIntEQ(wolfSSL_connect(ssl_c), -1); + ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), + WOLFSSL_ERROR_WANT_READ); + /* Use wolfSSL_is_init_finished to check if handshake is + * complete. Normally a user would loop until it is true but + * here we control both sides so we just assert the expected + * value. wolfSSL_read_early_data does not provide handshake + * status to us with non-blocking IO and we can't use + * wolfSSL_accept as TLS layer may return ZERO_RETURN due to + * early data parsing logic. */ wolfSSL_SetLoggingPrefix("server"); - ExpectIntEQ(wolfSSL_read(ssl_s, msgBuf, sizeof(msgBuf)), - sizeof(msg2)); - ExpectStrEQ(msg2, msgBuf); - ExpectIntEQ(wolfSSL_write(ssl_s, msg3, sizeof(msg3)), sizeof(msg3)); + ExpectFalse(wolfSSL_is_init_finished(ssl_s)); + ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, + sizeof(msgBuf), &read), 0); + ExpectIntEQ(read, 0); + ExpectTrue(wolfSSL_is_init_finished(ssl_s)); + + wolfSSL_SetLoggingPrefix("client"); + ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); + } + else { + wolfSSL_SetLoggingPrefix("client"); + ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS); + + wolfSSL_SetLoggingPrefix("server"); + ExpectFalse(wolfSSL_is_init_finished(ssl_s)); + ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, + sizeof(msgBuf), &read), 0); + ExpectIntEQ(read, 0); + ExpectTrue(wolfSSL_is_init_finished(ssl_s)); + + /* Read server 0.5-RTT data */ wolfSSL_SetLoggingPrefix("client"); ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), - sizeof(msg3)); - ExpectStrEQ(msg3, msgBuf); - - wolfSSL_SetLoggingPrefix(NULL); - ExpectTrue(wolfSSL_session_reused(ssl_c)); - ExpectTrue(wolfSSL_session_reused(ssl_s)); - - wolfSSL_SESSION_free(sess); - wolfSSL_free(ssl_c); - wolfSSL_free(ssl_s); - wolfSSL_CTX_free(ctx_c); - wolfSSL_CTX_free(ctx_s); + sizeof(msg4)); + ExpectStrEQ(msg4, msgBuf); } + + /* Test bi-directional write */ + wolfSSL_SetLoggingPrefix("client"); + ExpectIntEQ(wolfSSL_write(ssl_c, msg2, sizeof(msg2)), sizeof(msg2)); + wolfSSL_SetLoggingPrefix("server"); + ExpectIntEQ(wolfSSL_read(ssl_s, msgBuf, sizeof(msgBuf)), + sizeof(msg2)); + ExpectStrEQ(msg2, msgBuf); + ExpectIntEQ(wolfSSL_write(ssl_s, msg3, sizeof(msg3)), sizeof(msg3)); + wolfSSL_SetLoggingPrefix("client"); + ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), + sizeof(msg3)); + ExpectStrEQ(msg3, msgBuf); + + wolfSSL_SetLoggingPrefix(NULL); + ExpectTrue(wolfSSL_session_reused(ssl_c)); + ExpectTrue(wolfSSL_session_reused(ssl_s)); + + wolfSSL_SESSION_free(sess); + wolfSSL_free(ssl_c); + wolfSSL_free(ssl_s); + wolfSSL_CTX_free(ctx_c); + wolfSSL_CTX_free(ctx_s); } #endif return EXPECT_RESULT();