commit e7b9b6b3805a1217b7c8922891f29d48dd9ec041
author Ronald Cron <ronald.cron@arm.com> Fri Jun 10 17:24:31 2022 +0200
committer Ronald Cron <ronald.cron@arm.com> Mon Jun 27 09:28:49 2022 +0200
tree 72ff8c698732899cef43ea656dde9c3fcb77b7a2
parent ad8c17b9c6214a076b48ecdb2d27bf55cafb7490

tls13: Add checks of overread check failures

In Certificate message parsing tests with
invalid vector lengths, add checks that the
parsing failed on the expected overread check.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

tests/suites/test_suite_ssl.function

diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 29a065b..97eccbd 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -106,6 +106,22 @@
   opts->resize_buffers = 1;
 }
 
+#if defined(MBEDTLS_TEST_HOOKS)
+static void set_chk_buf_ptr_args(
+    mbedtls_ssl_chk_buf_ptr_args *args,
+    unsigned char *cur, unsigned char *end, size_t need )
+{
+    args->cur = cur;
+    args->end = end;
+    args->need = need;
+}
+
+static void reset_chk_buf_ptr_args( mbedtls_ssl_chk_buf_ptr_args *args )
+{
+    memset( args, 0, sizeof( *args ) );
+}
+#endif /* MBEDTLS_TEST_HOOKS */
+
 /*
  * Buffer structure for custom I/O callbacks.
  */
@@ -2308,6 +2324,7 @@
 }
 #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
 
+#if defined(MBEDTLS_TEST_HOOKS)
 /*
  * Tweak vector lengths in a TLS 1.3 Certificate message
  *
@@ -2320,7 +2337,8 @@
  *                    MBEDTLS_SSL_CHK_BUF_READ_PTR failure is expected.
  */
 int tweak_tls13_certificate_msg_vector_len(
-    unsigned char *buf, unsigned char **end, int tweak, int *expected_result )
+    unsigned char *buf, unsigned char **end, int tweak,
+    int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args )
 {
 /*
  * The definition of the tweaks assume that the certificate list contains only
@@ -2362,6 +2380,7 @@
          * certificate list length can be read
          */
         *end = buf + 3;
+        set_chk_buf_ptr_args( args, buf, *end, 4 );
         break;
 
         case 2:
@@ -2369,34 +2388,46 @@
          */
         *p_certificate_request_context_len =
             certificate_request_context_len + 1;
+        reset_chk_buf_ptr_args( args );
         break;
 
         case 3:
         /* Failure when checking if certificate_list data can be read. */
         MBEDTLS_PUT_UINT24_BE( certificate_list_len + 1,
                                p_certificate_list_len, 0 );
+        set_chk_buf_ptr_args( args, certificate_list, *end,
+                              certificate_list_len + 1 );
         break;
 
         case 4:
         /* Failure when checking if the cert_data length can be read. */
         MBEDTLS_PUT_UINT24_BE( 2, p_certificate_list_len, 0 );
+        set_chk_buf_ptr_args( args, p_cert_data_len, certificate_list + 2, 3 );
         break;
 
         case 5:
         /* Failure when checking if cert_data data can be read. */
         MBEDTLS_PUT_UINT24_BE( certificate_list_len - 3 + 1,
                                p_cert_data_len, 0 );
+        set_chk_buf_ptr_args( args, cert_data,
+                              certificate_list + certificate_list_len,
+                              certificate_list_len - 3 + 1 );
         break;
 
         case 6:
         /* Failure when checking if the extensions length can be read. */
         MBEDTLS_PUT_UINT24_BE( certificate_list_len - extensions_len - 1,
                                p_certificate_list_len, 0 );
+        set_chk_buf_ptr_args( args, p_extensions_len,
+            certificate_list + certificate_list_len - extensions_len - 1, 2 );
         break;
 
         case 7:
         /* Failure when checking if extensions data can be read. */
         MBEDTLS_PUT_UINT16_BE( extensions_len + 1, p_extensions_len, 0 );
+
+        set_chk_buf_ptr_args( args, extensions,
+            certificate_list + certificate_list_len, extensions_len + 1 );
         break;
 
         default:
@@ -2405,6 +2436,7 @@
 
     return( 0 );
 }
+#endif /* MBEDTLS_TEST_HOOKS */
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -5815,6 +5847,7 @@
     size_t buf_len;
     int step = 0;
     int expected_result;
+    mbedtls_ssl_chk_buf_ptr_args expected_chk_buf_ptr_args;
 
     /*
      * Test set-up
@@ -5862,7 +5895,7 @@
          */
 
         ret = tweak_tls13_certificate_msg_vector_len(
-            buf, &end, step, &expected_result );
+            buf, &end, step, &expected_result, &expected_chk_buf_ptr_args );
 
         if( ret != 0 )
             break;
@@ -5870,6 +5903,11 @@
         ret = mbedtls_ssl_tls13_parse_certificate( &(client_ep.ssl), buf, end );
         TEST_EQUAL( ret, expected_result );
 
+        TEST_ASSERT( mbedtls_ssl_cmp_chk_buf_ptr_fail_args(
+                         &expected_chk_buf_ptr_args ) == 0 );
+
+        mbedtls_ssl_reset_chk_buf_ptr_fail_args( );
+
         ret = mbedtls_ssl_session_reset( &(client_ep.ssl) );
         TEST_EQUAL( ret, 0 );
 
@@ -5878,6 +5916,7 @@
     }
 
 exit:
+    mbedtls_ssl_reset_chk_buf_ptr_fail_args( );
     mbedtls_endpoint_free( &client_ep, NULL );
     mbedtls_endpoint_free( &server_ep, NULL );
     USE_PSA_DONE( );