Skip to content

Commit 7157d12

Browse files
embhornembhorn
committed
Add test test_tls13_derive_keys_no_key
1 parent b25950c commit 7157d12

3 files changed

Lines changed: 39 additions & 2 deletions

File tree

tests/api/test_tls13.c

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3234,3 +3234,38 @@ int test_tls13_cert_req_sigalgs(void)
32343234
return EXPECT_RESULT();
32353235
}
32363236

3237+
int test_tls13_derive_keys_no_key(void)
3238+
{
3239+
EXPECT_DECLS;
3240+
#if defined(WOLFSSL_TLS13) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
3241+
struct test_memio_ctx test_ctx;
3242+
WOLFSSL_CTX *ctx_c = NULL;
3243+
WOLFSSL_CTX *ctx_s = NULL;
3244+
WOLFSSL *ssl_c = NULL;
3245+
WOLFSSL *ssl_s = NULL;
3246+
3247+
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
3248+
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
3249+
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
3250+
3251+
/* DeriveTls13Keys with no_key should succeed (skip secret derivation,
3252+
* only derive keys/IVs from existing secrets). This is used with early
3253+
* data to derive keys without re-deriving the secrets. */
3254+
ExpectIntEQ(DeriveTls13Keys(ssl_s, no_key, DECRYPT_SIDE_ONLY, 0), 0);
3255+
ExpectIntEQ(DeriveTls13Keys(ssl_s, no_key, ENCRYPT_SIDE_ONLY, 0), 0);
3256+
ExpectIntEQ(DeriveTls13Keys(ssl_c, no_key, ENCRYPT_AND_DECRYPT_SIDE, 0),
3257+
0);
3258+
3259+
/* Unknown secret type should return BAD_FUNC_ARG */
3260+
ExpectIntEQ(DeriveTls13Keys(ssl_c, -1, ENCRYPT_SIDE_ONLY, 0),
3261+
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
3262+
3263+
wolfSSL_free(ssl_c);
3264+
wolfSSL_free(ssl_s);
3265+
wolfSSL_CTX_free(ctx_c);
3266+
wolfSSL_CTX_free(ctx_s);
3267+
#endif
3268+
3269+
return EXPECT_RESULT();
3270+
}
3271+

tests/api/test_tls13.h

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,7 @@ int test_tls13_middlebox_compat_empty_session_id(void);
4040
int test_tls13_plaintext_alert(void);
4141
int test_tls13_warning_alert_is_fatal(void);
4242
int test_tls13_cert_req_sigalgs(void);
43+
int test_tls13_derive_keys_no_key(void);
4344

4445
#define TEST_TLS13_DECLS \
4546
TEST_DECL_GROUP("tls13", test_tls13_apis), \
@@ -57,6 +58,7 @@ int test_tls13_cert_req_sigalgs(void);
5758
TEST_DECL_GROUP("tls13", test_tls13_middlebox_compat_empty_session_id), \
5859
TEST_DECL_GROUP("tls13", test_tls13_plaintext_alert), \
5960
TEST_DECL_GROUP("tls13", test_tls13_warning_alert_is_fatal), \
60-
TEST_DECL_GROUP("tls13", test_tls13_cert_req_sigalgs)
61+
TEST_DECL_GROUP("tls13", test_tls13_cert_req_sigalgs), \
62+
TEST_DECL_GROUP("tls13", test_tls13_derive_keys_no_key)
6163

6264
#endif /* WOLFCRYPT_TEST_TLS13_H */

wolfssl/internal.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3761,7 +3761,7 @@ enum DeriveKeyType {
37613761

37623762
WOLFSSL_LOCAL int DeriveEarlySecret(WOLFSSL* ssl);
37633763
WOLFSSL_LOCAL int DeriveHandshakeSecret(WOLFSSL* ssl);
3764-
WOLFSSL_LOCAL int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store);
3764+
WOLFSSL_TEST_VIS int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store);
37653765
WOLFSSL_LOCAL int DeriveMasterSecret(WOLFSSL* ssl);
37663766
WOLFSSL_LOCAL int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret);
37673767
WOLFSSL_LOCAL int DeriveResumptionSecret(WOLFSSL* ssl, byte* key);

0 commit comments

Comments
 (0)