#define MSG6 "test"
#define MSG7 "message."
-#define TLS13_AES_256_GCM_SHA384_BYTES ((const unsigned char *)"\x13\x02")
#define TLS13_AES_128_GCM_SHA256_BYTES ((const unsigned char *)"\x13\x01")
+#define TLS13_AES_256_GCM_SHA384_BYTES ((const unsigned char *)"\x13\x02")
+#define TLS13_CHACHA20_POLY1305_SHA256_BYTES ((const unsigned char *)"\x13\x03")
+#define TLS13_AES_128_CCM_SHA256_BYTES ((const unsigned char *)"\x13\x04")
+#define TLS13_AES_128_CCM_8_SHA256_BYTES ((const unsigned char *)"\x13\05")
static SSL_SESSION *create_a_psk(SSL *ssl)
return testresult;
}
+/*
+ * Test TLSv1.3 PSK can be used to send early_data with all 5 ciphersuites
+ * idx == 0: Test with TLS1_3_RFC_AES_128_GCM_SHA256
+ * idx == 1: Test with TLS1_3_RFC_AES_256_GCM_SHA384
+ * idx == 2: Test with TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
+ * idx == 3: Test with TLS1_3_RFC_AES_128_CCM_SHA256
+ * idx == 4: Test with TLS1_3_RFC_AES_128_CCM_8_SHA256
+ */
+static int test_early_data_psk_with_all_ciphers(int idx)
+{
+ SSL_CTX *cctx = NULL, *sctx = NULL;
+ SSL *clientssl = NULL, *serverssl = NULL;
+ int testresult = 0;
+ SSL_SESSION *sess = NULL;
+ unsigned char buf[20];
+ size_t readbytes, written;
+ const SSL_CIPHER *cipher;
+ const char *cipher_str[] = {
+ TLS1_3_RFC_AES_128_GCM_SHA256,
+ TLS1_3_RFC_AES_256_GCM_SHA384,
+# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+ TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
+# else
+ NULL,
+# endif
+ TLS1_3_RFC_AES_128_CCM_SHA256,
+ TLS1_3_RFC_AES_128_CCM_8_SHA256
+ };
+ const unsigned char *cipher_bytes[] = {
+ TLS13_AES_128_GCM_SHA256_BYTES,
+ TLS13_AES_256_GCM_SHA384_BYTES,
+# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+ TLS13_CHACHA20_POLY1305_SHA256_BYTES,
+# else
+ NULL,
+# endif
+ TLS13_AES_128_CCM_SHA256_BYTES,
+ TLS13_AES_128_CCM_8_SHA256_BYTES
+ };
+
+ if (cipher_str[idx] == NULL)
+ return 1;
+
+ /* We always set this up with a final parameter of "2" for PSK */
+ if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl,
+ &serverssl, &sess, 2)))
+ goto end;
+
+ if (!TEST_true(SSL_set_ciphersuites(clientssl, cipher_str[idx]))
+ || !TEST_true(SSL_set_ciphersuites(serverssl, cipher_str[idx])))
+ goto end;
+
+ /*
+ * 'setupearly_data_test' creates only one instance of SSL_SESSION
+ * and assigns to both client and server with incremented reference
+ * and the same instance is updated in 'sess'.
+ * So updating ciphersuite in 'sess' which will get reflected in
+ * PSK handshake using psk use sess and find sess cb.
+ */
+ cipher = SSL_CIPHER_find(clientssl, cipher_bytes[idx]);
+ if (!TEST_ptr(cipher) || !TEST_true(SSL_SESSION_set_cipher(sess, cipher)))
+ goto end;
+
+ SSL_set_connect_state(clientssl);
+ if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1),
+ &written)))
+ goto end;
+
+ if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf),
+ &readbytes),
+ SSL_READ_EARLY_DATA_SUCCESS)
+ || !TEST_mem_eq(buf, readbytes, MSG1, strlen(MSG1))
+ || !TEST_int_eq(SSL_get_early_data_status(serverssl),
+ SSL_EARLY_DATA_ACCEPTED)
+ || !TEST_int_eq(SSL_connect(clientssl), 1)
+ || !TEST_int_eq(SSL_accept(serverssl), 1))
+ goto end;
+
+ /* Send some normal data from client to server */
+ if (!TEST_true(SSL_write_ex(clientssl, MSG2, strlen(MSG2), &written))
+ || !TEST_size_t_eq(written, strlen(MSG2)))
+ goto end;
+
+ if (!TEST_true(SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes))
+ || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2)))
+ goto end;
+
+ testresult = 1;
+ end:
+ SSL_SESSION_free(sess);
+ SSL_SESSION_free(clientpsk);
+ SSL_SESSION_free(serverpsk);
+ clientpsk = serverpsk = NULL;
+ if (clientssl != NULL)
+ SSL_shutdown(clientssl);
+ if (serverssl != NULL)
+ SSL_shutdown(serverssl);
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ SSL_CTX_free(sctx);
+ SSL_CTX_free(cctx);
+ return testresult;
+}
+
/*
* Test that a server that doesn't try to read early data can handle a
* client sending some.
ADD_ALL_TESTS(test_early_data_skip_abort, 3);
ADD_ALL_TESTS(test_early_data_not_sent, 3);
ADD_ALL_TESTS(test_early_data_psk, 8);
+ ADD_ALL_TESTS(test_early_data_psk_with_all_ciphers, 5);
ADD_ALL_TESTS(test_early_data_not_expected, 3);
# ifndef OPENSSL_NO_TLS1_2
ADD_ALL_TESTS(test_early_data_tls1_2, 3);