Skip to content

Commit 318fbcf

Browse files
embhornembhorn
committed
Add test test_tls13_derive_keys_no_key
1 parent e76f9f2 commit 318fbcf

3 files changed

Lines changed: 39 additions & 2 deletions

File tree

tests/api/test_tls13.c

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3186,3 +3186,38 @@ int test_tls13_cert_req_sigalgs(void)
31863186
return EXPECT_RESULT();
31873187
}
31883188

3189+
int test_tls13_derive_keys_no_key(void)
3190+
{
3191+
EXPECT_DECLS;
3192+
#if defined(WOLFSSL_TLS13) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
3193+
struct test_memio_ctx test_ctx;
3194+
WOLFSSL_CTX *ctx_c = NULL;
3195+
WOLFSSL_CTX *ctx_s = NULL;
3196+
WOLFSSL *ssl_c = NULL;
3197+
WOLFSSL *ssl_s = NULL;
3198+
3199+
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
3200+
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
3201+
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
3202+
3203+
/* DeriveTls13Keys with no_key should succeed (skip secret derivation,
3204+
* only derive keys/IVs from existing secrets). This is used with early
3205+
* data to derive keys without re-deriving the secrets. */
3206+
ExpectIntEQ(DeriveTls13Keys(ssl_s, no_key, DECRYPT_SIDE_ONLY, 0), 0);
3207+
ExpectIntEQ(DeriveTls13Keys(ssl_s, no_key, ENCRYPT_SIDE_ONLY, 0), 0);
3208+
ExpectIntEQ(DeriveTls13Keys(ssl_c, no_key, ENCRYPT_AND_DECRYPT_SIDE, 0),
3209+
0);
3210+
3211+
/* Unknown secret type should return BAD_FUNC_ARG */
3212+
ExpectIntEQ(DeriveTls13Keys(ssl_c, -1, ENCRYPT_SIDE_ONLY, 0),
3213+
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
3214+
3215+
wolfSSL_free(ssl_c);
3216+
wolfSSL_free(ssl_s);
3217+
wolfSSL_CTX_free(ctx_c);
3218+
wolfSSL_CTX_free(ctx_s);
3219+
#endif
3220+
3221+
return EXPECT_RESULT();
3222+
}
3223+

tests/api/test_tls13.h

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ int test_key_share_mismatch(void);
3939
int test_tls13_middlebox_compat_empty_session_id(void);
4040
int test_tls13_plaintext_alert(void);
4141
int test_tls13_cert_req_sigalgs(void);
42+
int test_tls13_derive_keys_no_key(void);
4243

4344
#define TEST_TLS13_DECLS \
4445
TEST_DECL_GROUP("tls13", test_tls13_apis), \
@@ -55,6 +56,7 @@ int test_tls13_cert_req_sigalgs(void);
5556
TEST_DECL_GROUP("tls13", test_key_share_mismatch), \
5657
TEST_DECL_GROUP("tls13", test_tls13_middlebox_compat_empty_session_id), \
5758
TEST_DECL_GROUP("tls13", test_tls13_plaintext_alert), \
58-
TEST_DECL_GROUP("tls13", test_tls13_cert_req_sigalgs)
59+
TEST_DECL_GROUP("tls13", test_tls13_cert_req_sigalgs), \
60+
TEST_DECL_GROUP("tls13", test_tls13_derive_keys_no_key)
5961

6062
#endif /* WOLFCRYPT_TEST_TLS13_H */

wolfssl/internal.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3758,7 +3758,7 @@ enum DeriveKeyType {
37583758

37593759
WOLFSSL_LOCAL int DeriveEarlySecret(WOLFSSL* ssl);
37603760
WOLFSSL_LOCAL int DeriveHandshakeSecret(WOLFSSL* ssl);
3761-
WOLFSSL_LOCAL int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store);
3761+
WOLFSSL_TEST_VIS int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store);
37623762
WOLFSSL_LOCAL int DeriveMasterSecret(WOLFSSL* ssl);
37633763
WOLFSSL_LOCAL int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret);
37643764
WOLFSSL_LOCAL int DeriveResumptionSecret(WOLFSSL* ssl, byte* key);

0 commit comments

Comments
 (0)