diff options
Diffstat (limited to 'tests/tls13/prf-early.c')
-rw-r--r-- | tests/tls13/prf-early.c | 154 |
1 files changed, 78 insertions, 76 deletions
diff --git a/tests/tls13/prf-early.c b/tests/tls13/prf-early.c index a55970cf3c..205b8f44fe 100644 --- a/tests/tls13/prf-early.c +++ b/tests/tls13/prf-early.c @@ -18,7 +18,7 @@ */ #ifdef HAVE_CONFIG_H -# include <config.h> +#include <config.h> #endif #include <assert.h> @@ -34,25 +34,25 @@ int main(int argc, char **argv) #else -# include <string.h> -# include <sys/types.h> -# include <netinet/in.h> -# include <sys/socket.h> -# include <sys/wait.h> -# include <arpa/inet.h> -# include <unistd.h> -# include <gnutls/gnutls.h> -# include <gnutls/crypto.h> +#include <string.h> +#include <sys/types.h> +#include <netinet/in.h> +#include <sys/socket.h> +#include <sys/wait.h> +#include <arpa/inet.h> +#include <unistd.h> +#include <gnutls/gnutls.h> +#include <gnutls/crypto.h> -# include "cert-common.h" -# include "utils.h" -# include "virt-time.h" +#include "cert-common.h" +#include "utils.h" +#include "virt-time.h" static void terminate(void); -# define SESSIONS 2 -# define MAX_BUF 5*1024 -# define MSG "Hello TLS" +#define SESSIONS 2 +#define MAX_BUF 5 * 1024 +#define MSG "Hello TLS" extern unsigned int _gnutls_global_version; @@ -73,22 +73,20 @@ static void client_log_func(int level, const char *str) /* These are global */ static pid_t child; -static const -gnutls_datum_t hrnd = { (void *) - "\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", +static const gnutls_datum_t hrnd = { + (void *)"\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; -static const -gnutls_datum_t hsrnd = { (void *) - "\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", +static const gnutls_datum_t hsrnd = { + (void *)"\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32 }; static int gnutls_rnd_works; int __attribute__((visibility("protected"))) - gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) +gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) { gnutls_rnd_works = 1; @@ -103,7 +101,7 @@ int __attribute__((visibility("protected"))) static gnutls_datum_t session_ticket_key = { NULL, 0 }; -static void dump(const char *name, const uint8_t * data, unsigned data_size) +static void dump(const char *name, const uint8_t *data, unsigned data_size) { unsigned i; @@ -113,33 +111,40 @@ static void dump(const char *name, const uint8_t * data, unsigned data_size) fprintf(stderr, "\n"); } -# define TRY(label_size, label, extra_size, extra, size, exp) \ - { \ - ret = gnutls_prf_early(session, label_size, label, extra_size, extra, size, \ - (void*)key_material); \ - if (ret < 0) { \ - fprintf(stderr, "gnutls_prf_early: error in %d\n", __LINE__); \ - gnutls_perror(ret); \ - exit(1); \ - } \ - if (memcmp(key_material, exp, size) != 0) { \ - fprintf(stderr, "gnutls_prf_early: output doesn't match for '%s'\n", label); \ - dump("got ", key_material, size); \ - dump("expected ", exp, size); \ - exit(1); \ - } \ +#define TRY(label_size, label, extra_size, extra, size, exp) \ + { \ + ret = gnutls_prf_early(session, label_size, label, extra_size, \ + extra, size, (void *)key_material); \ + if (ret < 0) { \ + fprintf(stderr, "gnutls_prf_early: error in %d\n", \ + __LINE__); \ + gnutls_perror(ret); \ + exit(1); \ + } \ + if (memcmp(key_material, exp, size) != 0) { \ + fprintf(stderr, \ + "gnutls_prf_early: output doesn't match for '%s'\n", \ + label); \ + dump("got ", key_material, size); \ + dump("expected ", exp, size); \ + exit(1); \ + } \ } -# define KEY_EXP_VALUE "\xec\xc2\x4a\x6b\x07\x89\xd9\x19\xd9\x73\x6d\xd0\x00\x73\xc9\x7a\xd7\x92\xef\x56\x91\x61\xb4\xff\x5f\xef\x81\xc1\x98\x68\x4e\xdf\xd7\x7e" -# define HELLO_VALUE "\x4f\x85\x33\x64\x48\xff\x0d\x8b\xd5\x50\x0f\x97\x91\x5b\x7d\x8d\xc9\x05\x91\x45\x4f\xb9\x4b\x4b\xbc\xbf\x58\x84\x1a\x46\xe3" -# define CONTEXT_VALUE "\x11\x8d\x85\xa8\x91\xe5\x50\x75\x44\x88\x69\xaf\x95\x9a\xb0\x29\xd4\xae\xcd\x11\xcb\x1d\x29\x7c\xe6\x24\xd4\x7c\x95\xdb\x5c" -# define NULL_CONTEXT_VALUE "\x56\x99\x41\x73\x5e\x73\x34\x7f\x3d\x69\x9f\xc0\x3b\x8b\x86\x33\xc6\xc3\x97\x46\x61\x62\x3f\x55\xab\x39\x60\xa5\xeb\xfe\x37" +#define KEY_EXP_VALUE \ + "\xec\xc2\x4a\x6b\x07\x89\xd9\x19\xd9\x73\x6d\xd0\x00\x73\xc9\x7a\xd7\x92\xef\x56\x91\x61\xb4\xff\x5f\xef\x81\xc1\x98\x68\x4e\xdf\xd7\x7e" +#define HELLO_VALUE \ + "\x4f\x85\x33\x64\x48\xff\x0d\x8b\xd5\x50\x0f\x97\x91\x5b\x7d\x8d\xc9\x05\x91\x45\x4f\xb9\x4b\x4b\xbc\xbf\x58\x84\x1a\x46\xe3" +#define CONTEXT_VALUE \ + "\x11\x8d\x85\xa8\x91\xe5\x50\x75\x44\x88\x69\xaf\x95\x9a\xb0\x29\xd4\xae\xcd\x11\xcb\x1d\x29\x7c\xe6\x24\xd4\x7c\x95\xdb\x5c" +#define NULL_CONTEXT_VALUE \ + "\x56\x99\x41\x73\x5e\x73\x34\x7f\x3d\x69\x9f\xc0\x3b\x8b\x86\x33\xc6\xc3\x97\x46\x61\x62\x3f\x55\xab\x39\x60\xa5\xeb\xfe\x37" static int handshake_callback_called; static int handshake_callback(gnutls_session_t session, unsigned int htype, unsigned post, unsigned int incoming, - const gnutls_datum_t * msg) + const gnutls_datum_t *msg) { unsigned char key_material[512]; int ret; @@ -148,10 +153,10 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, handshake_callback_called++; - TRY(13, "key expansion", 0, NULL, 34, (uint8_t *) KEY_EXP_VALUE); - TRY(6, "hello", 0, NULL, 31, (uint8_t *) HELLO_VALUE); - TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t *) CONTEXT_VALUE); - TRY(12, "null-context", 0, "", 31, (uint8_t *) NULL_CONTEXT_VALUE); + TRY(13, "key expansion", 0, NULL, 34, (uint8_t *)KEY_EXP_VALUE); + TRY(6, "hello", 0, NULL, 31, (uint8_t *)HELLO_VALUE); + TRY(7, "context", 5, "abcd\xfa", 31, (uint8_t *)CONTEXT_VALUE); + TRY(12, "null-context", 0, "", 31, (uint8_t *)NULL_CONTEXT_VALUE); return 0; } @@ -184,9 +189,10 @@ static void client(int sds[]) gnutls_init(&session, GNUTLS_CLIENT); /* Use default priorities, sets %NO_SHUFFLE_EXTENSIONS */ - ret = gnutls_priority_set_direct(session, - "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1:%NO_SHUFFLE_EXTENSIONS", - &err); + ret = gnutls_priority_set_direct( + session, + "NONE:+VERS-TLS1.3:+AES-256-GCM:+AEAD:+SIGN-RSA-PSS-RSAE-SHA384:+GROUP-SECP256R1:%NO_SHUFFLE_EXTENSIONS", + &err); if (ret < 0) { fail("client: priority set failed (%s): %s\n", gnutls_strerror(ret), err); @@ -204,18 +210,16 @@ static void client(int sds[]) if (t > 0) { gnutls_session_set_data(session, session_data.data, session_data.size); - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_CLIENT_HELLO, - GNUTLS_HOOK_POST, - handshake_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_CLIENT_HELLO, + GNUTLS_HOOK_POST, handshake_callback); } /* Perform the TLS handshake */ do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { fail("client: Handshake failed: %s\n", strerror(ret)); @@ -227,8 +231,8 @@ static void client(int sds[]) if (debug) success("client: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); ret = gnutls_cipher_get(session); if (ret != GNUTLS_CIPHER_AES_256_GCM) { @@ -264,8 +268,7 @@ static void client(int sds[]) } while (ret == GNUTLS_E_AGAIN); if (ret == 0) { if (debug) - success - ("client: Peer has closed the TLS connection\n"); + success("client: Peer has closed the TLS connection\n"); } else if (ret < 0) { fail("client: Error: %s\n", gnutls_strerror(ret)); } @@ -335,9 +338,10 @@ static void server(int sds[]) /* avoid calling all the priority functions, since the defaults * are adequate. */ - ret = gnutls_priority_set_direct(session, - "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA384:-GROUP-ALL:+GROUP-SECP256R1", - NULL); + ret = gnutls_priority_set_direct( + session, + "NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA384:-GROUP-ALL:+GROUP-SECP256R1", + NULL); if (ret < 0) { fail("server: priority set failed (%s)\n\n", gnutls_strerror(ret)); @@ -359,17 +363,15 @@ static void server(int sds[]) "gnutls_rnd() could not be overridden, skipping prf checks see #584\n"); exit(77); } else { - gnutls_handshake_set_hook_function(session, - GNUTLS_HANDSHAKE_CLIENT_HELLO, - GNUTLS_HOOK_POST, - handshake_callback); + gnutls_handshake_set_hook_function( + session, GNUTLS_HANDSHAKE_CLIENT_HELLO, + GNUTLS_HOOK_POST, handshake_callback); } } do { ret = gnutls_handshake(session); - } - while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close(sds[t]); gnutls_deinit(session); @@ -382,8 +384,8 @@ static void server(int sds[]) if (debug) success("server: TLS version is: %s\n", - gnutls_protocol_get_name - (gnutls_protocol_get_version(session))); + gnutls_protocol_get_name( + gnutls_protocol_get_version(session))); if (t == 0) { if (handshake_callback_called != 0) @@ -399,12 +401,12 @@ static void server(int sds[]) if (ret == 0) { if (debug) - success - ("server: Peer has closed the GnuTLS connection\n"); + success("server: Peer has closed the GnuTLS connection\n"); break; } else if (ret < 0) { kill(child, SIGTERM); - fail("server: Received corrupted data(%d). Closing...\n", ret); + fail("server: Received corrupted data(%d). Closing...\n", + ret); break; } else if (ret > 0) { /* echo data back to the client @@ -480,4 +482,4 @@ void doit(void) } } -#endif /* _WIN32 */ +#endif /* _WIN32 */ |