#include "syshead.h"#include <stdio.h>#include <stdlib.h>#include <stdarg.h>#include <string.h>#include <setjmp.h>#include <cmocka.h>#include "test_common.h"#include "crypto.h"#include "options.h"#include "ssl_backend.h"#include "ssl_pkt.h"#include "tls_crypt.h"#include "mss.h"#include "reliable.h"
Go to the source code of this file.
Data Structures | |
| struct | test_pkt_context |
Functions | |
| int | parse_line (const char *line, char **p, const int n, const char *file, const int line_num, int msglevel, struct gc_arena *gc) |
| bool | key_state_export_keying_material (struct tls_session *session, const char *label, size_t label_size, void *ekm, size_t ekm_size) |
| Keying Material Exporters [RFC 5705] allows additional keying material to be derived from existing TLS channel. More... | |
| const char * | print_link_socket_actual (const struct link_socket_actual *act, struct gc_arena *gc) |
| struct tls_auth_standalone | init_tas_auth (int key_direction) |
| struct tls_auth_standalone | init_tas_crypt (bool server) |
| void | free_tas (struct tls_auth_standalone *tas) |
| void | test_tls_decrypt_lite_crypt (void **ut_state) |
| void | test_tls_decrypt_lite_auth (void **ut_state) |
| void | test_tls_decrypt_lite_none (void **ut_state) |
| static void | test_parse_ack (void **ut_state) |
| static void | test_verify_hmac_tls_auth (void **ut_state) |
| static void | test_verify_hmac_none (void **ut_state) |
| static hmac_ctx_t * | init_static_hmac (void) |
| static void | test_calc_session_id_hmac_static (void **ut_state) |
| static void | test_generate_reset_packet_plain (void **ut_state) |
| static void | test_generate_reset_packet_tls_auth (void **ut_state) |
| int | main (void) |
Variables | |
| const char | static_key [] |
| const uint8_t | client_reset_v2_none [] |
| const uint8_t | client_reset_v2_tls_auth [] |
| const uint8_t | client_reset_v2_tls_crypt [] |
| const uint8_t | client_ack_tls_auth_randomid [] |
| const uint8_t | client_control_with_ack [] |
| const uint8_t | client_ack_none_random_id [] |
Function Documentation
◆ free_tas()
| void free_tas | ( | struct tls_auth_standalone * | tas | ) |
Definition at line 218 of file test_pkt.c.
References free_buf(), free_key_ctx_bi(), crypto_options::key_ctx_bi, tls_wrap_ctx::opt, tls_auth_standalone::tls_wrap, tls_wrap_ctx::work, and tls_auth_standalone::workbuf.
Referenced by test_generate_reset_packet_tls_auth(), test_tls_decrypt_lite_auth(), test_tls_decrypt_lite_crypt(), test_tls_decrypt_lite_none(), and test_verify_hmac_tls_auth().
◆ init_static_hmac()
|
static |
Definition at line 488 of file test_pkt.c.
References ASSERT, hmac_ctx_init(), hmac_ctx_new(), md_valid(), and SHA256_DIGEST_LENGTH.
Referenced by test_calc_session_id_hmac_static().
◆ init_tas_auth()
| struct tls_auth_standalone init_tas_auth | ( | int | key_direction | ) |
Definition at line 179 of file test_pkt.c.
References alloc_buf(), CO_IGNORE_PACKET_ID, CO_PACKET_ID_LONG_FORM, crypto_read_openvpn_key(), crypto_options::flags, tls_auth_standalone::frame, frame::headroom, init_key_type(), crypto_options::key_ctx_bi, tls_wrap_ctx::mode, tls_wrap_ctx::opt, static_key, tls_crypt_kt(), tls_auth_standalone::tls_wrap, and tls_auth_standalone::workbuf.
Referenced by test_generate_reset_packet_tls_auth(), test_tls_decrypt_lite_auth(), and test_verify_hmac_tls_auth().
◆ init_tas_crypt()
| struct tls_auth_standalone init_tas_crypt | ( | bool | server | ) |
Definition at line 202 of file test_pkt.c.
References alloc_buf(), CO_IGNORE_PACKET_ID, CO_PACKET_ID_LONG_FORM, crypto_options::flags, crypto_options::key_ctx_bi, tls_wrap_ctx::mode, tls_wrap_ctx::opt, tls_wrap_ctx::original_wrap_keydata, static_key, tls_crypt_init_key(), tls_auth_standalone::tls_wrap, tls_wrap_ctx::work, and tls_auth_standalone::workbuf.
Referenced by test_tls_decrypt_lite_crypt().
◆ key_state_export_keying_material()
| bool key_state_export_keying_material | ( | struct tls_session * | session, |
| const char * | label, | ||
| size_t | label_size, | ||
| void * | ekm, | ||
| size_t | ekm_size | ||
| ) |
Keying Material Exporters [RFC 5705] allows additional keying material to be derived from existing TLS channel.
This exported keying material can then be used for a variety of purposes.
- Parameters
-
session The session associated with the given key_state label The label to use when exporting the key label_size The size of the label to use when exporting the key ekm Buffer to return the exported key material in ekm_size The size of ekm, in bytes
- Returns
- true if exporting succeeded, false otherwise
Definition at line 59 of file test_pkt.c.
References ASSERT.
◆ main()
| int main | ( | void | ) |
Definition at line 630 of file test_pkt.c.
References openvpn_unit_test_setup(), test_calc_session_id_hmac_static(), test_generate_reset_packet_plain(), test_generate_reset_packet_tls_auth(), test_parse_ack(), test_tls_decrypt_lite_auth(), test_tls_decrypt_lite_crypt(), test_tls_decrypt_lite_none(), test_verify_hmac_none(), and test_verify_hmac_tls_auth().
◆ parse_line()
| int parse_line | ( | const char * | line, |
| char ** | p, | ||
| const int | n, | ||
| const char * | file, | ||
| const int | line_num, | ||
| int | msglevel, | ||
| struct gc_arena * | gc | ||
| ) |
Definition at line 48 of file test_pkt.c.
◆ print_link_socket_actual()
| const char* print_link_socket_actual | ( | const struct link_socket_actual * | act, |
| struct gc_arena * | gc | ||
| ) |
Definition at line 67 of file test_pkt.c.
References print_link_socket_actual_ex(), PS_SHOW_PKTINFO, and PS_SHOW_PORT.
◆ test_calc_session_id_hmac_static()
|
static |
Definition at line 500 of file test_pkt.c.
References openvpn_sockaddr::addr, calculate_session_id_hmac(), hmac_ctx_cleanup(), hmac_ctx_free(), session_id::id, openvpn_sockaddr::in4, init_static_hmac(), now, and SID_SIZE.
Referenced by main().
◆ test_generate_reset_packet_plain()
|
static |
Definition at line 556 of file test_pkt.c.
References alloc_buf(), BLEN, BPTR, tls_auth_standalone::frame, free_buf(), free_tls_pre_decrypt_state(), frame::headroom, session_id::id, tls_wrap_ctx::mode, P_CONTROL_HARD_RESET_CLIENT_V2, P_OPCODE_SHIFT, tls_pre_decrypt_state::peer_session_id, SID_SIZE, tls_pre_decrypt_lite(), tls_reset_standalone(), tls_auth_standalone::tls_wrap, VERDICT_VALID_RESET_V2, and tls_auth_standalone::workbuf.
Referenced by main().
◆ test_generate_reset_packet_tls_auth()
|
static |
Definition at line 591 of file test_pkt.c.
References BLEN, BPTR, free_tas(), free_tls_pre_decrypt_state(), session_id::id, init_tas_auth(), KEY_DIRECTION_INVERSE, KEY_DIRECTION_NORMAL, now, tls_wrap_ctx::opt, P_CONTROL_HARD_RESET_CLIENT_V2, P_OPCODE_SHIFT, crypto_options::packet_id, packet_id_free(), packet_id_init(), tls_pre_decrypt_state::peer_session_id, reset_packet_id_send(), packet_id::send, SID_SIZE, tls_pre_decrypt_lite(), tls_reset_standalone(), tls_auth_standalone::tls_wrap, and VERDICT_VALID_RESET_V2.
Referenced by main().
◆ test_parse_ack()
|
static |
Definition at line 382 of file test_pkt.c.
References alloc_buf(), buf_advance(), buf_reset_len(), buf_write(), client_ack_none_random_id, client_control_with_ack, client_reset_v2_none, free_buf(), session_id::id, reliable_ack::len, reliable_ack::packet_id, reliable_ack_parse(), and SID_SIZE.
Referenced by main().
◆ test_tls_decrypt_lite_auth()
| void test_tls_decrypt_lite_auth | ( | void ** | ut_state | ) |
Definition at line 274 of file test_pkt.c.
References alloc_buf(), BPTR, buf_reset_len(), buf_write(), client_ack_tls_auth_randomid, client_reset_v2_none, client_reset_v2_tls_auth, free_buf(), free_key_ctx_bi(), free_tas(), free_tls_pre_decrypt_state(), init_tas_auth(), crypto_options::key_ctx_bi, KEY_DIRECTION_INVERSE, KEY_DIRECTION_NORMAL, tls_wrap_ctx::opt, tls_pre_decrypt_lite(), tls_auth_standalone::tls_wrap, VERDICT_INVALID, VERDICT_VALID_CONTROL_V1, and VERDICT_VALID_RESET_V2.
Referenced by main().
◆ test_tls_decrypt_lite_crypt()
| void test_tls_decrypt_lite_crypt | ( | void ** | ut_state | ) |
Definition at line 228 of file test_pkt.c.
References alloc_buf(), BPTR, buf_reset_len(), buf_write(), client_reset_v2_none, client_reset_v2_tls_auth, client_reset_v2_tls_crypt, free_buf(), free_key_ctx_bi(), free_tas(), free_tls_pre_decrypt_state(), init_tas_crypt(), crypto_options::key_ctx_bi, tls_wrap_ctx::opt, tls_pre_decrypt_lite(), tls_auth_standalone::tls_wrap, VERDICT_INVALID, and VERDICT_VALID_RESET_V2.
Referenced by main().
◆ test_tls_decrypt_lite_none()
| void test_tls_decrypt_lite_none | ( | void ** | ut_state | ) |
Definition at line 338 of file test_pkt.c.
References alloc_buf(), buf_reset_len(), buf_write(), client_ack_tls_auth_randomid, client_reset_v2_none, client_reset_v2_tls_auth, client_reset_v2_tls_crypt, free_buf(), free_tas(), free_tls_pre_decrypt_state(), tls_wrap_ctx::mode, tls_pre_decrypt_lite(), tls_auth_standalone::tls_wrap, VERDICT_VALID_CONTROL_V1, and VERDICT_VALID_RESET_V2.
Referenced by main().
◆ test_verify_hmac_none()
|
static |
Definition at line 458 of file test_pkt.c.
References openvpn_sockaddr::addr, alloc_buf(), buf_reset_len(), buf_write(), check_session_id_hmac(), client_ack_none_random_id, link_socket_actual::dest, free_buf(), free_tls_pre_decrypt_state(), hmac_ctx_cleanup(), hmac_ctx_free(), tls_wrap_ctx::mode, openvpn_sockaddr::sa, session_id_hmac_init(), tls_pre_decrypt_lite(), tls_auth_standalone::tls_wrap, and VERDICT_VALID_ACK_V1.
Referenced by main().
◆ test_verify_hmac_tls_auth()
|
static |
Definition at line 428 of file test_pkt.c.
References alloc_buf(), buf_reset_len(), buf_write(), check_session_id_hmac(), client_ack_tls_auth_randomid, link_socket_actual::dest, free_buf(), free_tas(), free_tls_pre_decrypt_state(), hmac_ctx_cleanup(), hmac_ctx_free(), init_tas_auth(), KEY_DIRECTION_NORMAL, session_id_hmac_init(), tls_pre_decrypt_lite(), and VERDICT_VALID_CONTROL_V1.
Referenced by main().
Variable Documentation
◆ client_ack_none_random_id
| const uint8_t client_ack_none_random_id[] |
Definition at line 172 of file test_pkt.c.
Referenced by test_parse_ack(), and test_verify_hmac_none().
◆ client_ack_tls_auth_randomid
| const uint8_t client_ack_tls_auth_randomid[] |
Definition at line 120 of file test_pkt.c.
Referenced by test_tls_decrypt_lite_auth(), test_tls_decrypt_lite_none(), and test_verify_hmac_tls_auth().
◆ client_control_with_ack
| const uint8_t client_control_with_ack[] |
Definition at line 165 of file test_pkt.c.
Referenced by test_parse_ack().
◆ client_reset_v2_none
| const uint8_t client_reset_v2_none[] |
Definition at line 98 of file test_pkt.c.
Referenced by test_parse_ack(), test_tls_decrypt_lite_auth(), test_tls_decrypt_lite_crypt(), and test_tls_decrypt_lite_none().
◆ client_reset_v2_tls_auth
| const uint8_t client_reset_v2_tls_auth[] |
Definition at line 102 of file test_pkt.c.
Referenced by test_tls_decrypt_lite_auth(), test_tls_decrypt_lite_crypt(), and test_tls_decrypt_lite_none().
◆ client_reset_v2_tls_crypt
| const uint8_t client_reset_v2_tls_crypt[] |
Definition at line 110 of file test_pkt.c.
Referenced by test_tls_decrypt_lite_crypt(), and test_tls_decrypt_lite_none().
◆ static_key
| const char static_key[] |
Definition at line 77 of file test_pkt.c.
Referenced by init_tas_auth(), and init_tas_crypt().
