RubyGems - aws-crt - Versions diffs - 0.1.5 → 0.1.6 - Mend

aws-crt 0.1.5 → 0.1.6

Files changed (322) hide show

data/aws-crt-ffi/crt/s2n/tests/unit/s2n_fork_generation_number_test.c CHANGED Viewed

@@ -45,8 +45,14 @@ struct fgn_test_case {
 static void s2n_verify_child_exit_status(pid_t proc_pid)
 {
     int status = 0;
+#if defined(S2N_CLONE_SUPPORTED)
     EXPECT_EQUAL(waitpid(proc_pid, &status, __WALL), proc_pid);
+#else
+    /* __WALL is not relevant when clone() is not supported
+     * https://man7.org/linux/man-pages/man2/wait.2.html#NOTES
+     */
+    EXPECT_EQUAL(waitpid(proc_pid, &status, 0), proc_pid);
+#endif
     /* Check that child exited with EXIT_SUCCESS. If not, this indicates
      * that an error was encountered in the unit tests executed in that
      * child process.
@@ -249,16 +255,25 @@ static int s2n_unit_tests_common(struct fgn_test_case *test_case)
 static int s2n_test_case_default_cb(struct fgn_test_case *test_case)
 {
+    EXPECT_SUCCESS(s2n_init());
     EXPECT_EQUAL(s2n_unit_tests_common(test_case), S2N_SUCCESS);
+    EXPECT_SUCCESS(s2n_cleanup());
     return S2N_SUCCESS;
 }
 static int s2n_test_case_pthread_atfork_cb(struct fgn_test_case *test_case)
 {
     POSIX_GUARD_RESULT(s2n_ignore_wipeonfork_and_inherit_zero_for_testing());
+    EXPECT_SUCCESS(s2n_init());
     EXPECT_EQUAL(s2n_unit_tests_common(test_case), S2N_SUCCESS);
+    EXPECT_SUCCESS(s2n_cleanup());
     return S2N_SUCCESS;
 }
@@ -268,10 +283,14 @@ static int s2n_test_case_madv_wipeonfork_cb(struct fgn_test_case *test_case)
         TEST_DEBUG_PRINT("s2n_fork_generation_number_test.c test case not supported. Skipping.\nTest case: %s\n", test_case->test_case_label);
         return S2N_SUCCESS;
     }
     POSIX_GUARD_RESULT(s2n_ignore_pthread_atfork_for_testing());
+    EXPECT_SUCCESS(s2n_init());
     EXPECT_EQUAL(s2n_unit_tests_common(test_case), S2N_SUCCESS);
+    EXPECT_SUCCESS(s2n_cleanup());
     return S2N_SUCCESS;
 }
@@ -281,10 +300,14 @@ static int s2n_test_case_map_inherit_zero_cb(struct fgn_test_case *test_case)
         TEST_DEBUG_PRINT("s2n_fork_generation_number_test.c test case not supported. Skipping.\nTest case: %s\n", test_case->test_case_label);
         return S2N_SUCCESS;
     }
     POSIX_GUARD_RESULT(s2n_ignore_pthread_atfork_for_testing());
+    EXPECT_SUCCESS(s2n_init());
     EXPECT_EQUAL(s2n_unit_tests_common(test_case), S2N_SUCCESS);
+    EXPECT_SUCCESS(s2n_cleanup());
     return S2N_SUCCESS;
 }
@@ -297,7 +320,7 @@ struct fgn_test_case fgn_test_cases[NUMBER_OF_FGN_TEST_CASES] = {
 int main(int argc, char **argv)
 {
-    BEGIN_TEST();
+    BEGIN_TEST_NO_INIT();
     EXPECT_TRUE(s2n_array_len(fgn_test_cases) == NUMBER_OF_FGN_TEST_CASES);
@@ -331,5 +354,5 @@ int main(int argc, char **argv)
         }
     }
-    END_TEST();
+    END_TEST_NO_INIT();
 }

data/aws-crt-ffi/crt/s2n/tests/unit/s2n_mem_usage_test.c CHANGED Viewed

@@ -234,6 +234,11 @@ int main(int argc, char **argv)
     ssize_t handshake_diff = (vm_data_after_handshakes - vm_data_initial);
     ssize_t allocation_diff = (vm_data_after_allocation - vm_data_initial);
+    /*
+     * get_vm_data_size is required for this test to succeed.
+     * Any platform that doesn't implement get_vm_data_size should be excluded here.
+     */
+#ifndef __APPLE__
     if (allocation_diff > maxAllowedMemDiff
             || handshake_diff > maxAllowedMemDiff
             || handshake_diff < minAllowedMemDiff) {
@@ -241,6 +246,7 @@ int main(int argc, char **argv)
                 (int) ACTUAL_MEM_PER_CONNECTION(connectionsToUse, handshake_diff));
         FAIL_MSG("Unexpected memory usage. If expected, update MEM_PER_CONNECTION.");
     }
+#endif
     END_TEST();
 }

data/aws-crt-ffi/crt/s2n/tests/unit/s2n_override_openssl_random_test.c CHANGED Viewed

@@ -105,7 +105,7 @@ int main(int argc, char **argv)
     EXPECT_SUCCESS(s2n_rand_set_callbacks(s2n_entropy_init_cleanup, s2n_entropy_init_cleanup, s2n_entropy_generator, s2n_entropy_generator));
     s2n_stack_blob(personalization_string, 32, 32);
-    EXPECT_SUCCESS(s2n_drbg_instantiate(&drbg, &personalization_string, S2N_AES_256_CTR_NO_DF_PR));
+    EXPECT_OK(s2n_drbg_instantiate(&drbg, &personalization_string, S2N_AES_256_CTR_NO_DF_PR));
     EXPECT_OK(s2n_set_private_drbg_for_test(drbg));
     /* Verify we switched to a new DRBG */
     EXPECT_OK(s2n_get_private_random_bytes_used(&bytes_used));

data/aws-crt-ffi/crt/s2n/tests/unit/s2n_random_test.c CHANGED Viewed

@@ -54,59 +54,28 @@ void process_safety_tester(int write_fd)
     _exit(0);
 }
-static int init(void) {
+static int init(void)
+{
     return S2N_SUCCESS;
 }
-static int cleanup(void) {
+static int cleanup(void)
+{
     return S2N_SUCCESS;
 }
-static int entropy(void *ptr, uint32_t size) {
+static int entropy(void *ptr, uint32_t size)
+{
     return S2N_SUCCESS;
 }
-int main(int argc, char **argv)
+static int fork_test(void)
 {
-    uint8_t bits[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 };
-    uint8_t bit_set_run[8];
-    int p[2], status;
     pid_t pid;
-    uint8_t data[5120];
+    int p[2], status;
+    uint8_t data[100];
     uint8_t child_data[100];
-    struct s2n_blob blob = {.data = data };
-    pthread_t threads[2];
-    BEGIN_TEST();
-    EXPECT_SUCCESS(s2n_disable_tls13_in_test());
-    /* Verify that randomness callbacks can't be set to NULL */
-    EXPECT_FAILURE(s2n_rand_set_callbacks(NULL, cleanup, entropy, entropy));
-    EXPECT_FAILURE(s2n_rand_set_callbacks(init, NULL, entropy, entropy));
-    EXPECT_FAILURE(s2n_rand_set_callbacks(init, cleanup, NULL, entropy));
-    EXPECT_FAILURE(s2n_rand_set_callbacks(init, cleanup, entropy, NULL));
-    /* Get one byte of data, to make sure the pool is (almost) full */
-    blob.size = 1;
-    EXPECT_OK(s2n_get_public_random_data(&blob));
-    /* Create two threads and have them each grab 100 bytes */
-    EXPECT_SUCCESS(pthread_create(&threads[0], NULL, thread_safety_tester, (void *)0));
-    EXPECT_SUCCESS(pthread_create(&threads[1], NULL, thread_safety_tester, (void *)1));
-    /* Wait for those threads to finish */
-    EXPECT_SUCCESS(pthread_join(threads[0], NULL));
-    EXPECT_SUCCESS(pthread_join(threads[1], NULL));
-    /* Confirm that their data differs from each other */
-    EXPECT_NOT_EQUAL(memcmp(thread_data[0], thread_data[1], 100), 0);
-    /* Confirm that their data differs from the parent thread */
-    blob.size = 100;
-    EXPECT_OK(s2n_get_public_random_data(&blob));
-    EXPECT_NOT_EQUAL(memcmp(thread_data[0], data, 100), 0);
-    EXPECT_NOT_EQUAL(memcmp(thread_data[1], data, 100), 0);
+    struct s2n_blob blob = {.data = data, .size = 100};
     /* Create a pipe */
     EXPECT_SUCCESS(pipe(p));
@@ -146,6 +115,56 @@ int main(int argc, char **argv)
     EXPECT_OK(s2n_get_public_random_data(&blob));
     EXPECT_NOT_EQUAL(memcmp(child_data, data, 100), 0);
+    return S2N_SUCCESS;
+}
+int main(int argc, char **argv)
+{
+    uint8_t bits[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 };
+    uint8_t bit_set_run[8];
+    uint8_t data[5120];
+    struct s2n_blob blob = {.data = data };
+    pthread_t threads[2];
+    BEGIN_TEST();
+    EXPECT_SUCCESS(s2n_disable_tls13_in_test());
+    /* Verify that randomness callbacks can't be set to NULL */
+    EXPECT_FAILURE(s2n_rand_set_callbacks(NULL, cleanup, entropy, entropy));
+    EXPECT_FAILURE(s2n_rand_set_callbacks(init, NULL, entropy, entropy));
+    EXPECT_FAILURE(s2n_rand_set_callbacks(init, cleanup, NULL, entropy));
+    EXPECT_FAILURE(s2n_rand_set_callbacks(init, cleanup, entropy, NULL));
+    /* Get one byte of data, to make sure the pool is (almost) full */
+    blob.size = 1;
+    EXPECT_OK(s2n_get_public_random_data(&blob));
+    /* Create two threads and have them each grab 100 bytes */
+    EXPECT_SUCCESS(pthread_create(&threads[0], NULL, thread_safety_tester, (void *)0));
+    EXPECT_SUCCESS(pthread_create(&threads[1], NULL, thread_safety_tester, (void *)1));
+    /* Wait for those threads to finish */
+    EXPECT_SUCCESS(pthread_join(threads[0], NULL));
+    EXPECT_SUCCESS(pthread_join(threads[1], NULL));
+    /* Confirm that their data differs from each other */
+    EXPECT_NOT_EQUAL(memcmp(thread_data[0], thread_data[1], 100), 0);
+    /* Confirm that their data differs from the parent thread */
+    blob.size = 100;
+    EXPECT_OK(s2n_get_public_random_data(&blob));
+    EXPECT_NOT_EQUAL(memcmp(thread_data[0], data, 100), 0);
+    EXPECT_NOT_EQUAL(memcmp(thread_data[1], data, 100), 0);
+    /* Fork with prediction resistance */
+    EXPECT_SUCCESS(fork_test());
+    /* Fork without prediction resistance */
+    EXPECT_OK(s2n_ignore_prediction_resistance_for_testing(true));
+    EXPECT_SUCCESS(fork_test());
+    EXPECT_OK(s2n_ignore_prediction_resistance_for_testing(false));
     /* Try to fetch a volume of randomly generated data, every size between 1 and 5120
      * bytes.
      */

data/aws-crt-ffi/crt/s2n/tests/unit/s2n_self_talk_broken_pipe_test.c CHANGED Viewed

@@ -59,7 +59,7 @@ void mock_client(struct s2n_test_io_pair *io_pair)
         exit(1);
     }
-#ifdef __FreeBSD__
+#if defined(__FreeBSD__) || defined(__APPLE__)
     /* On FreeBSD shutdown from one end of the socket pair does not give EPIPE. Must use close. */
     s2n_io_pair_close_one_end(io_pair, S2N_CLIENT);
 #else
@@ -152,7 +152,7 @@ int main(int argc, char **argv)
         sleep(1);
         char buffer[1];
         /* Fist flush on half closed pipe should get EPIPE */
-        size_t w = s2n_send(conn, buffer, 1, &blocked);
+        ssize_t w = s2n_send(conn, buffer, 1, &blocked);
         EXPECT_EQUAL(w, -1);
         EXPECT_EQUAL(s2n_errno, S2N_ERR_IO);
         EXPECT_EQUAL(errno, EPIPE);

data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_handshake_early_data_test.c CHANGED Viewed

@@ -285,10 +285,12 @@ int main()
             /* Rewrite hashes with known ClientHello */
             EXPECT_SUCCESS(s2n_conn_update_handshake_hashes(client_conn, &client_hello_msg));
+            EXPECT_OK(s2n_tls13_secrets_update(client_conn));
             EXPECT_OK(s2n_tls13_key_schedule_update(client_conn));
             /* Check early secret secret set correctly */
-            EXPECT_BYTEARRAY_EQUAL(client_conn->secrets.tls13.early_secret, early_secret.data, early_secret.size);
+            EXPECT_EQUAL(client_conn->secrets.tls13.extract_secret_type, S2N_EARLY_SECRET);
+            EXPECT_BYTEARRAY_EQUAL(client_conn->secrets.tls13.extract_secret, early_secret.data, early_secret.size);
             /* Check IV calculated correctly */
             EXPECT_BYTEARRAY_EQUAL(client_conn->secure.client_implicit_iv, iv.data, iv.size);

data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_hybrid_shared_secret_test.c CHANGED Viewed

@@ -35,6 +35,9 @@
 /* Included so we can test functions that are otherwise unavailable */
 #include "tls/s2n_tls13_handshake.c"
+S2N_RESULT s2n_tls13_derive_secret(struct s2n_connection *conn, s2n_extract_secret_type_t secret_type,
+        s2n_mode mode, struct s2n_blob *secret);
 static int read_priv_ecc(EVP_PKEY **pkey, const char *priv_ecc);
 static int set_up_conns(struct s2n_connection *client_conn, struct s2n_connection *server_conn,
                         const char *client_priv_ecc, const char *server_priv_ecc, const struct s2n_kem_group *kem_group,
@@ -560,7 +563,12 @@ int main(int argc, char **argv) {
             EXPECT_SUCCESS(s2n_hash_new(&hash_state));
             EXPECT_SUCCESS(s2n_hash_init(&hash_state, secrets.hash_algorithm));
             EXPECT_SUCCESS(s2n_hash_update(&hash_state, test_vector->transcript, strlen(test_vector->transcript)));
-            EXPECT_SUCCESS(s2n_hash_digest(&hash_state, client_conn->handshake.hashes->server_hello_digest, secrets.size));
+            EXPECT_SUCCESS(s2n_hash_digest(&hash_state, client_conn->handshake.hashes->transcript_hash_digest, secrets.size));
+            client_conn->handshake.handshake_type = NEGOTIATED | FULL_HANDSHAKE;
+            while(s2n_conn_get_current_message_type(client_conn) != SERVER_HELLO) {
+                client_conn->handshake.message_number++;
+            }
             s2n_tls13_key_blob(client_traffic_secret, secrets.size);
             s2n_tls13_key_blob(server_traffic_secret, secrets.size);

data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_key_schedule_rfc8448_test.c CHANGED Viewed

@@ -58,6 +58,20 @@ static int s2n_test_set_recv_key(struct s2n_session_key *key, struct s2n_blob *i
         EXPECT_BYTEARRAY_EQUAL(test_recv_key, (key).data, (key).size); \
     }
+static S2N_RESULT s2n_set_test_secret(struct s2n_connection *conn, uint8_t *secret_bytes, const struct s2n_blob secret)
+{
+    RESULT_ENSURE_REF(conn);
+    RESULT_ENSURE_REF(secret_bytes);
+    RESULT_CHECKED_MEMCPY(secret_bytes, secret.data, secret.size);
+    /*
+     * Mark the last secret extracted as the master secret to
+     * indicate that all secrets have already been derived.
+     * This test is interested in keys, not secrets.
+     */
+    conn->secrets.tls13.extract_secret_type = S2N_MASTER_SECRET;
+    return S2N_RESULT_OK;
+}
 int main(int argc, char **argv)
 {
     BEGIN_TEST();
@@ -92,36 +106,6 @@ int main(int argc, char **argv)
                 [CLIENT_FINISHED] = 6,
         };
-        /**
-         *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3
-         *= type=test
-         *#    {client}  extract secret "handshake" (same as server handshake
-         *# secret)
-         *
-         *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3
-         *#    {server}  extract secret "handshake":
-         *#
-         *#       salt (32 octets):  6f 26 15 a1 08 c7 02 c5 67 8f 54 fc 9d ba b6 97
-         *#          16 c0 76 18 9c 48 25 0c eb ea c3 57 6c 36 11 ba
-         *#
-         *#       IKM (32 octets):  8b d4 05 4f b5 5b 9d 63 fd fb ac f9 f0 4b 9f 0d
-         *#          35 e6 d6 3f 53 75 63 ef d4 62 72 90 0f 89 49 2d
-         *#
-         *#       secret (32 octets):  1d c8 26 e9 36 06 aa 6f dc 0a ad c1 2f 74 1b
-         *#          01 04 6a a6 b9 9f 69 1e d2 21 a9 f0 ca 04 3f be ac
-         */
-        S2N_BLOB_FROM_HEX(handshake_secret, "1d c8 26 e9 36 06 aa 6f dc 0a ad c1 2f 74 1b \
-               01 04 6a a6 b9 9f 69 1e d2 21 a9 f0 ca 04 3f be ac");
-        /**
-         *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3
-         *= type=test
-         *#       hash (32 octets):  86 0c 06 ed c0 78 58 ee 8e 78 f0 e7 42 8c 58 ed
-         *#          d6 b4 3f 2c a3 e6 e9 5f 02 ed 06 3c f0 e1 ca d8
-         */
-        S2N_BLOB_FROM_HEX(server_hello_hash, "86 0c 06 ed c0 78 58 ee 8e 78 f0 e7 42 8c 58 ed \
-                     d6 b4 3f 2c a3 e6 e9 5f 02 ed 06 3c f0 e1 ca d8");
         /* Derive server handshake traffic keys */
         {
             /**
@@ -146,6 +130,8 @@ int main(int argc, char **argv)
              *#
              *#       iv expanded (12 octets):  5d 31 3e b2 67 12 76 ee 13 00 0b 30
              */
+            S2N_BLOB_FROM_HEX(secret, "b6 7b 7d 69 0c c1 6c 4e 75 e5 42 13 cb 2d 37 b4 \
+                         e9 c9 12 bc de d9 10 5d 42 be fd 59 d3 91 ad 38");
             S2N_BLOB_FROM_HEX(key, "3f ce 51 60 09 c2 17 27 d0 f2 e4 e8 6e \
                          e4 03 bc");
             S2N_BLOB_FROM_HEX(iv, "5d 31 3e b2 67 12 76 ee 13 00 0b 30");
@@ -154,15 +140,13 @@ int main(int argc, char **argv)
                 DEFER_CLEANUP(struct s2n_connection *conn = s2n_connection_new(modes[i]), s2n_connection_ptr_free);
                 conn->secure.cipher_suite = cipher_suite;
                 conn->actual_protocol_version = S2N_TLS13;
-                EXPECT_OK(s2n_connection_set_test_handshake_secret(conn, &handshake_secret));
-                EXPECT_MEMCPY_SUCCESS(conn->handshake.hashes->server_hello_digest,
-                        server_hello_hash.data, server_hello_hash.size);
+                EXPECT_OK(s2n_set_test_secret(conn, conn->secrets.tls13.server_handshake_secret, secret));
                 conn->handshake.handshake_type = one_rtt_handshake_type;
                 conn->handshake.message_number = one_rtt_message_nums[SERVER_HELLO];
                 EXPECT_EQUAL(s2n_conn_get_current_message_type(conn), SERVER_HELLO);
                 EXPECT_OK(s2n_tls13_key_schedule_update(conn));
                 EXPECT_IVS_EQUAL(conn, iv, S2N_SERVER);
                 EXPECT_KEYS_EQUAL(conn, key, S2N_SERVER);
             }
@@ -192,6 +176,8 @@ int main(int argc, char **argv)
              *#
              *#       iv expanded (12 octets):  5b d3 c7 1b 83 6e 0b 76 bb 73 26 5f
              */
+            S2N_BLOB_FROM_HEX(secret, "b3 ed db 12 6e 06 7f 35 a7 80 b3 ab f4 5e 2d 8f \
+                         3b 1a 95 07 38 f5 2e 96 00 74 6a 0e 27 a5 5a 21");
             S2N_BLOB_FROM_HEX(key, "db fa a6 93 d1 76 2c 5b 66 6a f5 d9 50 \
                          25 8d 01");
             S2N_BLOB_FROM_HEX(iv, "5b d3 c7 1b 83 6e 0b 76 bb 73 26 5f");
@@ -200,16 +186,9 @@ int main(int argc, char **argv)
                 DEFER_CLEANUP(struct s2n_connection *conn = s2n_connection_new(modes[i]), s2n_connection_ptr_free);
                 conn->secure.cipher_suite = cipher_suite;
                 conn->actual_protocol_version = S2N_TLS13;
-                EXPECT_OK(s2n_connection_set_test_handshake_secret(conn, &handshake_secret));
-                EXPECT_MEMCPY_SUCCESS(conn->handshake.hashes->server_hello_digest,
-                        server_hello_hash.data, server_hello_hash.size);
+                EXPECT_OK(s2n_set_test_secret(conn, conn->secrets.tls13.client_handshake_secret, secret));
                 conn->handshake.handshake_type = one_rtt_handshake_type;
-                conn->handshake.message_number = one_rtt_message_nums[SERVER_HELLO];
-                EXPECT_EQUAL(s2n_conn_get_current_message_type(conn), SERVER_HELLO);
-                EXPECT_OK(s2n_tls13_secrets_update(conn));
                 conn->handshake.message_number = one_rtt_message_nums[SERVER_FINISHED];
                 EXPECT_EQUAL(s2n_conn_get_current_message_type(conn), SERVER_FINISHED);
                 EXPECT_OK(s2n_tls13_key_schedule_update(conn));
@@ -219,38 +198,6 @@ int main(int argc, char **argv)
             }
         }
-        /**
-         *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3
-         *= type=test
-         *#    {client}  extract secret "master" (same as server master secret)
-         *
-         *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3
-         *= type=test
-         *#    {server}  extract secret "master":
-         *#
-         *#       salt (32 octets):  43 de 77 e0 c7 77 13 85 9a 94 4d b9 db 25 90 b5
-         *#          31 90 a6 5b 3e e2 e4 f1 2d d7 a0 bb 7c e2 54 b4
-         *#
-         *#       IKM (32 octets):  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
-         *#          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
-         **
-         *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3
-         *= type=test
-         *#       secret (32 octets):  18 df 06 84 3d 13 a0 8b f2 a4 49 84 4c 5f 8a
-         *#          47 80 01 bc 4d 4c 62 79 84 d5 a4 1d a8 d0 40 29 19
-         */
-        S2N_BLOB_FROM_HEX(master_secret, "18 df 06 84 3d 13 a0 8b f2 a4 49 84 4c 5f 8a \
-                     47 80 01 bc 4d 4c 62 79 84 d5 a4 1d a8 d0 40 29 19");
-        /**
-         *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3
-         *= type=test
-         *#       hash (32 octets):  96 08 10 2a 0f 1c cc 6d b6 25 0b 7b 7e 41 7b 1a
-         *#          00 0e aa da 3d aa e4 77 7a 76 86 c9 ff 83 df 13
-         */
-        S2N_BLOB_FROM_HEX(server_finished_hash, "96 08 10 2a 0f 1c cc 6d b6 25 0b 7b 7e 41 7b 1a \
-                     00 0e aa da 3d aa e4 77 7a 76 86 c9 ff 83 df 13");
         /* Derive server application traffic keys */
         {
             /**
@@ -275,6 +222,8 @@ int main(int argc, char **argv)
              *#
              *#       iv expanded (12 octets):  cf 78 2b 88 dd 83 54 9a ad f1 e9 84
              */
+            S2N_BLOB_FROM_HEX(secret, "a1 1a f9 f0 55 31 f8 56 ad 47 11 6b 45 a9 50 32 \
+                         82 04 b4 f4 4b fb 6b 3a 4b 4f 1f 3f cb 63 16 43");
             S2N_BLOB_FROM_HEX(key, "9f 02 28 3b 6c 9c 07 ef c2 6b b9 f2 ac \
                          92 e3 56");
             S2N_BLOB_FROM_HEX(iv, "cf 78 2b 88 dd 83 54 9a ad f1 e9 84");
@@ -289,16 +238,9 @@ int main(int argc, char **argv)
                 DEFER_CLEANUP(struct s2n_connection *conn = s2n_connection_new(modes[i]), s2n_connection_ptr_free);
                 conn->secure.cipher_suite = cipher_suite;
                 conn->actual_protocol_version = S2N_TLS13;
-                EXPECT_OK(s2n_connection_set_test_master_secret(conn, &master_secret));
-                EXPECT_MEMCPY_SUCCESS(conn->handshake.hashes->server_finished_digest,
-                        server_finished_hash.data, server_finished_hash.size);
+                EXPECT_OK(s2n_set_test_secret(conn, conn->secrets.tls13.server_app_secret, secret));
                 conn->handshake.handshake_type = one_rtt_handshake_type;
-                conn->handshake.message_number = one_rtt_message_nums[SERVER_FINISHED];
-                EXPECT_EQUAL(s2n_conn_get_current_message_type(conn), SERVER_FINISHED);
-                EXPECT_OK(s2n_tls13_secrets_update(conn));
                 conn->handshake.message_number = one_rtt_message_nums[trigger_message];
                 EXPECT_EQUAL(s2n_conn_get_current_message_type(conn), trigger_message);
                 EXPECT_OK(s2n_tls13_key_schedule_update(conn));
@@ -332,6 +274,8 @@ int main(int argc, char **argv)
              *#
              *#       iv expanded (12 octets):  5b 78 92 3d ee 08 57 90 33 e5 23 d9
              */
+            S2N_BLOB_FROM_HEX(secret, "9e 40 64 6c e7 9a 7f 9d c0 5a f8 88 9b ce 65 52 \
+                         87 5a fa 0b 06 df 00 87 f7 92 eb b7 c1 75 04 a5");
             S2N_BLOB_FROM_HEX(key, "17 42 2d da 59 6e d5 d9 ac d8 90 e3 c6 \
                          3f 50 51");
             S2N_BLOB_FROM_HEX(iv, "5b 78 92 3d ee 08 57 90 33 e5 23 d9");
@@ -340,16 +284,9 @@ int main(int argc, char **argv)
                 DEFER_CLEANUP(struct s2n_connection *conn = s2n_connection_new(modes[i]), s2n_connection_ptr_free);
                 conn->secure.cipher_suite = cipher_suite;
                 conn->actual_protocol_version = S2N_TLS13;
-                EXPECT_OK(s2n_connection_set_test_master_secret(conn, &master_secret));
-                EXPECT_MEMCPY_SUCCESS(conn->handshake.hashes->server_finished_digest,
-                        server_finished_hash.data, server_finished_hash.size);
+                EXPECT_OK(s2n_set_test_secret(conn, conn->secrets.tls13.client_app_secret, secret));
                 conn->handshake.handshake_type = one_rtt_handshake_type;
-                conn->handshake.message_number = one_rtt_message_nums[SERVER_FINISHED];
-                EXPECT_EQUAL(s2n_conn_get_current_message_type(conn), SERVER_FINISHED);
-                EXPECT_OK(s2n_tls13_secrets_update(conn));
                 conn->handshake.message_number = one_rtt_message_nums[CLIENT_FINISHED];
                 EXPECT_EQUAL(s2n_conn_get_current_message_type(conn), CLIENT_FINISHED);
                 EXPECT_OK(s2n_tls13_key_schedule_update(conn));
@@ -368,35 +305,6 @@ int main(int argc, char **argv)
                 [SERVER_FINISHED] = 3,
         };
-        /**
-         *= https://www.rfc-editor.org/rfc/rfc8448.html#section-4
-         *= type=test
-         *#    {server}  extract secret "early" (same as client early secret)
-         *
-         *= https://www.rfc-editor.org/rfc/rfc8448.html#section-4
-         *= type=test
-         *#    {client}  extract secret "early":
-         *#
-         *#       salt:  0 (all zero octets)
-         *#
-         *#       IKM (32 octets):  4e cd 0e b6 ec 3b 4d 87 f5 d6 02 8f 92 2c a4 c5
-         *#          85 1a 27 7f d4 13 11 c9 e6 2d 2c 94 92 e1 c4 f3
-         *#
-         *#       secret (32 octets):  9b 21 88 e9 b2 fc 6d 64 d7 1d c3 29 90 0e 20
-         *#          bb 41 91 50 00 f6 78 aa 83 9c bb 79 7c b7 d8 33 2c
-         */
-        S2N_BLOB_FROM_HEX(early_secret, "9b 21 88 e9 b2 fc 6d 64 d7 1d c3 29 90 0e 20 \
-                     bb 41 91 50 00 f6 78 aa 83 9c bb 79 7c b7 d8 33 2c");
-        /**
-         *= https://www.rfc-editor.org/rfc/rfc8448.html#section-4
-         *= type=test
-         *#       hash (32 octets):  08 ad 0f a0 5d 7c 72 33 b1 77 5b a2 ff 9f 4c 5b
-         *#          8b 59 27 6b 7f 22 7f 13 a9 76 24 5f 5d 96 09 13
-         */
-        S2N_BLOB_FROM_HEX(client_hello_hash, "08 ad 0f a0 5d 7c 72 33 b1 77 5b a2 ff 9f 4c 5b \
-                     8b 59 27 6b 7f 22 7f 13 a9 76 24 5f 5d 96 09 13");
         /* Derive early application traffic keys */
         {
             /**
@@ -421,6 +329,8 @@ int main(int argc, char **argv)
              *#
              *#       iv expanded (12 octets):  6d 47 5f 09 93 c8 e5 64 61 0d b2 b9
              */
+            S2N_BLOB_FROM_HEX(secret, "3f bb e6 a6 0d eb 66 c3 0a 32 79 5a ba 0e ff 7e \
+                         aa 10 10 55 86 e7 be 5c 09 67 8d 63 b6 ca ab 62");
             S2N_BLOB_FROM_HEX(key, "92 02 05 a5 b7 bf 21 15 e6 fc 5c 29 42 \
                          83 4f 54");
             S2N_BLOB_FROM_HEX(iv, "6d 47 5f 09 93 c8 e5 64 61 0d b2 b9");
@@ -436,22 +346,13 @@ int main(int argc, char **argv)
                 conn->secure.cipher_suite = cipher_suite;
                 conn->actual_protocol_version = S2N_TLS13;
                 conn->early_data_state = S2N_EARLY_DATA_REQUESTED;
-                EXPECT_OK(s2n_connection_set_test_early_secret(conn, &early_secret));
-                EXPECT_MEMCPY_SUCCESS(conn->handshake.hashes->client_hello_digest,
-                        client_hello_hash.data, client_hello_hash.size);
-                /*
-                 * The handshake secret isn't factored into the early data key,
-                 * but needs to be set to something because the server derives the handshake
-                 * secret before it calculates the early data key.
-                 */
-                EXPECT_OK(s2n_connection_set_test_handshake_secret(conn, &(struct s2n_blob){ 0 }));
+                EXPECT_OK(s2n_set_test_secret(conn, conn->secrets.tls13.client_early_secret, secret));
                 conn->handshake.handshake_type = resumed_handshake_type;
                 conn->handshake.message_number = resumed_message_nums[trigger_message];
                 EXPECT_EQUAL(s2n_conn_get_current_message_type(conn), trigger_message);
                 EXPECT_OK(s2n_tls13_key_schedule_update(conn));
                 EXPECT_IVS_EQUAL(conn, iv, S2N_CLIENT);
                 EXPECT_KEYS_EQUAL(conn, key, S2N_CLIENT);
             }

data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_key_schedule_test.c CHANGED Viewed

@@ -195,9 +195,6 @@ int main(int argc, char **argv)
                 EXPECT_SUCCESS(s2n_connection_set_secret_callback(conn,
                         s2n_test_secret_cb, (void*)&secrets));
-                bool expect_early_data_secret = (conn->mode == S2N_SERVER && WITH_EARLY_DATA(conn))
-                        || (conn->mode == S2N_CLIENT && conn->early_data_state == S2N_EARLY_DATA_REQUESTED);
                 /* Perform the handshake */
                 while (s2n_conn_get_current_message_type(conn) != APPLICATION_DATA) {
                     /*
@@ -272,11 +269,12 @@ int main(int argc, char **argv)
                             break;
                     }
+                    EXPECT_OK(s2n_tls13_secrets_update(conn));
                     EXPECT_OK(s2n_tls13_key_schedule_update(conn));
                     conn->handshake.message_number++;
                 }
-                EXPECT_OK(s2n_connection_verify_secrets(conn, &secrets, expect_early_data_secret));
+                EXPECT_OK(s2n_connection_verify_secrets(conn, &secrets, test_cases[i].is_early_data_requested));
             }
             /* Restore derive and extract methods */

data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_pq_handshake_test.c CHANGED Viewed

@@ -183,14 +183,19 @@ int s2n_test_tls13_pq_handshake(const struct s2n_security_policy *client_sec_pol
     struct s2n_tls13_secrets *server_secrets = &server_conn->secrets.tls13;
     POSIX_ENSURE_EQ(server_secret_info.size, client_secret_info.size);
     uint8_t size = server_secret_info.size;
-    POSIX_ENSURE_NE(0, memcmp(all_zeros, client_secrets->early_secret, size));
-    POSIX_ENSURE_NE(0, memcmp(all_zeros, client_secrets->handshake_secret, size));
-    POSIX_ENSURE_NE(0, memcmp(all_zeros, server_secrets->early_secret, size));
-    POSIX_ENSURE_NE(0, memcmp(all_zeros, server_secrets->handshake_secret, size));
+    POSIX_ENSURE_EQ(client_secrets->extract_secret_type, S2N_HANDSHAKE_SECRET);
+    POSIX_ENSURE_NE(0, memcmp(all_zeros, client_secrets->extract_secret, size));
+    POSIX_ENSURE_NE(0, memcmp(all_zeros, client_secrets->client_handshake_secret, size));
+    POSIX_ENSURE_NE(0, memcmp(all_zeros, client_secrets->server_handshake_secret, size));
+    POSIX_ENSURE_EQ(server_secrets->extract_secret_type, S2N_HANDSHAKE_SECRET);
+    POSIX_ENSURE_NE(0, memcmp(all_zeros, server_secrets->extract_secret, size));
+    POSIX_ENSURE_NE(0, memcmp(all_zeros, server_secrets->client_handshake_secret, size));
+    POSIX_ENSURE_NE(0, memcmp(all_zeros, server_secrets->server_handshake_secret, size));
     /* Verify client and server secrets are equal to each other */
-    POSIX_ENSURE_EQ(0, memcmp(server_secrets->early_secret, client_secrets->early_secret, size));
-    POSIX_ENSURE_EQ(0, memcmp(server_secrets->handshake_secret, client_secrets->handshake_secret, size));
+    POSIX_ENSURE_EQ(0, memcmp(server_secrets->extract_secret, client_secrets->extract_secret, size));
+    POSIX_ENSURE_EQ(0, memcmp(server_secrets->client_handshake_secret, client_secrets->client_handshake_secret, size));
+    POSIX_ENSURE_EQ(0, memcmp(server_secrets->server_handshake_secret, client_secrets->server_handshake_secret, size));
     /* Clean up */
     POSIX_GUARD(s2n_stuffer_free(&client_to_server));