#define RX_TEST_OP_KEY_UPDATE_TIMEOUT 11 /* complete key update process */
#define RX_TEST_OP_SET_INIT_KEY_PHASE 12 /* initial Key Phase bit value */
-/* These are subtest ops for RX_TEST_OP_CHECK_PKT, to additionally check frames */
-#define RX_TEST_OP_CHECK_PKT_FRAMES_OK 1 /* check that frames are parsed ok */
-#define RX_TEST_OP_CHECK_PKT_FRAMES_INVALID 2 /* check that frames fail to parse ok */
-
struct rx_test_op {
unsigned char op;
unsigned char subop;
RX_TEST_OP_CHECK_PKT, 0, (expect_body), sizeof(expect_body), \
&(expect_hdr), 0, 0, 0, NULL, NULL \
},
-#define RX_OP_CHECK_PKT_FRAMES_OK(expect_hdr, expect_body) \
- { \
- RX_TEST_OP_CHECK_PKT, RX_TEST_OP_CHECK_PKT_FRAMES_OK, \
- (expect_body), sizeof(expect_body), &(expect_hdr), \
- 0, 0, 0, NULL, NULL \
- },
-#define RX_OP_CHECK_PKT_FRAMES_INVALID(expect_hdr, expect_body) \
- { \
- RX_TEST_OP_CHECK_PKT, RX_TEST_OP_CHECK_PKT_FRAMES_INVALID, \
- (expect_body), sizeof(expect_body), &(expect_hdr), \
- 0, 0, 0, NULL, NULL \
- },
#define RX_OP_CHECK_NO_PKT() \
{ RX_TEST_OP_CHECK_NO_PKT, 0, NULL, 0, NULL, 0, 0, 0, NULL, NULL },
#define RX_OP_CHECK_KEY_EPOCH(expected) \
RX_OP_INJECT(rx_script_##n##_in)
#define RX_OP_CHECK_PKT_N(n) \
RX_OP_CHECK_PKT(rx_script_##n##_expect_hdr, rx_script_##n##_body)
-#define RX_OP_CHECK_PKT_FRAMES_OK_N(n) \
- RX_OP_CHECK_PKT_FRAMES_OK(rx_script_##n##_expect_hdr, rx_script_##n##_body)
-#define RX_OP_CHECK_PKT_FRAMES_INVALID_N(n) \
- RX_OP_CHECK_PKT_FRAMES_INVALID(rx_script_##n##_expect_hdr, rx_script_##n##_body)
#define RX_OP_INJECT_CHECK(n) \
RX_OP_INJECT_N(n) \
RX_OP_CHECK_PKT_N(n)
-#define RX_OP_INJECT_CHECK_FRAMES_OK(n) \
- RX_OP_INJECT_N(n) \
- RX_OP_CHECK_PKT_FRAMES_OK_N(n)
-
-#define RX_OP_INJECT_CHECK_FRAMES_INVALID(n) \
- RX_OP_INJECT_N(n) \
- RX_OP_CHECK_PKT_FRAMES_INVALID_N(3)
-
/* 1. RFC 9001 - A.3 Server Initial */
static const unsigned char rx_script_1_in[] = {
0xcf, 0x00, 0x00, 0x00, 0x01, 0x00, 0x08, 0xf0, 0x67, 0xa5, 0x50, 0x2a,
RX_OP_SET_INIT_LARGEST_PN(0)
RX_OP_ADD_RX_DCID(empty_conn_id)
RX_OP_PROVIDE_SECRET_INITIAL(rx_script_1_dcid)
- RX_OP_INJECT_CHECK_FRAMES_OK(1)
+ RX_OP_INJECT_CHECK(1)
RX_OP_CHECK_NO_PKT()
RX_OP_END
};
RX_OP_ADD_RX_DCID(empty_conn_id)
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT, QRL_SUITE_CHACHA20POLY1305,
rx_script_2_secret)
- RX_OP_INJECT_CHECK_FRAMES_OK(2)
+ RX_OP_INJECT_CHECK(2)
RX_OP_CHECK_NO_PKT()
RX_OP_END
};
* However, the depacketizer still handles this sort of packet, so
* we still pass the packet to it, to exercise what it does.
*/
- RX_OP_INJECT_CHECK_FRAMES_OK(3)
+ RX_OP_INJECT_CHECK(3)
RX_OP_CHECK_NO_PKT()
RX_OP_END
};
static const struct rx_test_op rx_script_4[] = {
RX_OP_ADD_RX_DCID(empty_conn_id)
- RX_OP_INJECT_CHECK_FRAMES_OK(4)
+ RX_OP_INJECT_CHECK(4)
RX_OP_CHECK_NO_PKT()
RX_OP_END
};
RX_OP_ADD_RX_DCID(empty_conn_id)
RX_OP_PROVIDE_SECRET_INITIAL(rx_script_5_c2s_init_dcid)
RX_OP_INJECT_N(5)
- RX_OP_CHECK_PKT_FRAMES_OK_N(5a)
+ RX_OP_CHECK_PKT_N(5a)
RX_OP_CHECK_NO_PKT() /* not got secret for next packet yet */
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_HANDSHAKE,
QRL_SUITE_AES128GCM, rx_script_5_handshake_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(5b)
+ RX_OP_CHECK_PKT_N(5b)
RX_OP_CHECK_NO_PKT() /* not got secret for next packet yet */
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT,
QRL_SUITE_AES128GCM, rx_script_5_1rtt_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(5c)
+ RX_OP_CHECK_PKT_N(5c)
RX_OP_CHECK_NO_PKT()
/* Discard Initial EL and try injecting the packet again */
RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_INITIAL)
RX_OP_INJECT_N(5)
/* Initial packet is not output because we have discarded Initial keys */
- RX_OP_CHECK_PKT_FRAMES_OK_N(5b)
- RX_OP_CHECK_PKT_FRAMES_OK_N(5c)
+ RX_OP_CHECK_PKT_N(5b)
+ RX_OP_CHECK_PKT_N(5c)
RX_OP_CHECK_NO_PKT()
/* Try again with discarded keys */
RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_HANDSHAKE)
RX_OP_INJECT_N(5)
- RX_OP_CHECK_PKT_FRAMES_OK_N(5c)
+ RX_OP_CHECK_PKT_N(5c)
RX_OP_CHECK_NO_PKT()
/* Try again */
RX_OP_INJECT_N(5)
- RX_OP_CHECK_PKT_FRAMES_OK_N(5c)
+ RX_OP_CHECK_PKT_N(5c)
RX_OP_CHECK_NO_PKT()
/* Try again with discarded 1-RTT keys */
RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_1RTT)
RX_OP_INJECT_N(5)
RX_OP_CHECK_NO_PKT()
RX_OP_PROVIDE_SECRET_INITIAL(rx_script_5_c2s_init_dcid)
- RX_OP_CHECK_PKT_FRAMES_OK_N(5a)
+ RX_OP_CHECK_PKT_N(5a)
RX_OP_CHECK_NO_PKT()
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_HANDSHAKE,
QRL_SUITE_AES128GCM, rx_script_5_handshake_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(5b)
+ RX_OP_CHECK_PKT_N(5b)
RX_OP_CHECK_NO_PKT()
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT,
QRL_SUITE_AES128GCM, rx_script_5_1rtt_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(5c)
+ RX_OP_CHECK_PKT_N(5c)
RX_OP_CHECK_NO_PKT()
RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_INITIAL)
RX_OP_ADD_RX_DCID(empty_conn_id)
RX_OP_PROVIDE_SECRET_INITIAL(rx_script_6_c2s_init_dcid)
RX_OP_INJECT_N(6)
- RX_OP_CHECK_PKT_FRAMES_OK_N(6a)
+ RX_OP_CHECK_PKT_N(6a)
RX_OP_CHECK_NO_PKT() /* not got secret for next packet yet */
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_HANDSHAKE,
QRL_SUITE_AES256GCM, rx_script_6_handshake_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(6b)
+ RX_OP_CHECK_PKT_N(6b)
RX_OP_CHECK_NO_PKT() /* not got secret for next packet yet */
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT,
QRL_SUITE_AES256GCM, rx_script_6_1rtt_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(6c)
+ RX_OP_CHECK_PKT_N(6c)
RX_OP_CHECK_NO_PKT()
/* Discard Initial EL and try injecting the packet again */
RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_INITIAL)
RX_OP_INJECT_N(6)
/* Initial packet is not output because we have discarded Initial keys */
- RX_OP_CHECK_PKT_FRAMES_OK_N(6b)
- RX_OP_CHECK_PKT_FRAMES_OK_N(6c)
+ RX_OP_CHECK_PKT_N(6b)
+ RX_OP_CHECK_PKT_N(6c)
RX_OP_CHECK_NO_PKT()
/* Try again with discarded keys */
RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_HANDSHAKE)
RX_OP_INJECT_N(6)
- RX_OP_CHECK_PKT_FRAMES_OK_N(6c)
+ RX_OP_CHECK_PKT_N(6c)
RX_OP_CHECK_NO_PKT()
/* Try again */
RX_OP_INJECT_N(6)
- RX_OP_CHECK_PKT_FRAMES_OK_N(6c)
+ RX_OP_CHECK_PKT_N(6c)
RX_OP_CHECK_NO_PKT()
/* Try again with discarded 1-RTT keys */
RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_1RTT)
RX_OP_INJECT_N(6)
RX_OP_CHECK_NO_PKT()
RX_OP_PROVIDE_SECRET_INITIAL(rx_script_6_c2s_init_dcid)
- RX_OP_CHECK_PKT_FRAMES_OK_N(6a)
+ RX_OP_CHECK_PKT_N(6a)
RX_OP_CHECK_NO_PKT()
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_HANDSHAKE,
QRL_SUITE_AES256GCM, rx_script_6_handshake_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(6b)
+ RX_OP_CHECK_PKT_N(6b)
RX_OP_CHECK_NO_PKT()
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT,
QRL_SUITE_AES256GCM, rx_script_6_1rtt_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(6c)
+ RX_OP_CHECK_PKT_N(6c)
RX_OP_CHECK_NO_PKT()
RX_OP_END
RX_OP_ADD_RX_DCID(empty_conn_id)
RX_OP_PROVIDE_SECRET_INITIAL(rx_script_7_c2s_init_dcid)
RX_OP_INJECT_N(7)
- RX_OP_CHECK_PKT_FRAMES_OK_N(7a)
+ RX_OP_CHECK_PKT_N(7a)
RX_OP_CHECK_NO_PKT() /* not got secret for next packet yet */
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_HANDSHAKE,
QRL_SUITE_CHACHA20POLY1305, rx_script_7_handshake_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(7b)
+ RX_OP_CHECK_PKT_N(7b)
RX_OP_CHECK_NO_PKT() /* not got secret for next packet yet */
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT,
QRL_SUITE_CHACHA20POLY1305, rx_script_7_1rtt_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(7c)
+ RX_OP_CHECK_PKT_N(7c)
RX_OP_CHECK_NO_PKT()
/* Discard Initial EL and try injecting the packet again */
RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_INITIAL)
RX_OP_INJECT_N(7)
/* Initial packet is not output because we have discarded Initial keys */
- RX_OP_CHECK_PKT_FRAMES_OK_N(7b)
- RX_OP_CHECK_PKT_FRAMES_OK_N(7c)
+ RX_OP_CHECK_PKT_N(7b)
+ RX_OP_CHECK_PKT_N(7c)
RX_OP_CHECK_NO_PKT()
/* Try again with discarded keys */
RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_HANDSHAKE)
RX_OP_INJECT_N(7)
- RX_OP_CHECK_PKT_FRAMES_OK_N(7c)
+ RX_OP_CHECK_PKT_N(7c)
RX_OP_CHECK_NO_PKT()
/* Try again */
RX_OP_INJECT_N(7)
- RX_OP_CHECK_PKT_FRAMES_OK_N(7c)
+ RX_OP_CHECK_PKT_N(7c)
RX_OP_CHECK_NO_PKT()
/* Try again with discarded 1-RTT keys */
RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_1RTT)
RX_OP_INJECT_N(7)
RX_OP_CHECK_NO_PKT()
RX_OP_PROVIDE_SECRET_INITIAL(rx_script_7_c2s_init_dcid)
- RX_OP_CHECK_PKT_FRAMES_OK_N(7a)
+ RX_OP_CHECK_PKT_N(7a)
RX_OP_CHECK_NO_PKT()
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_HANDSHAKE,
QRL_SUITE_CHACHA20POLY1305, rx_script_7_handshake_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(7b)
+ RX_OP_CHECK_PKT_N(7b)
RX_OP_CHECK_NO_PKT()
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT,
QRL_SUITE_CHACHA20POLY1305, rx_script_7_1rtt_secret)
- RX_OP_CHECK_PKT_FRAMES_OK_N(7c)
+ RX_OP_CHECK_PKT_N(7c)
RX_OP_CHECK_NO_PKT()
RX_OP_END
RX_OP_PROVIDE_SECRET(QUIC_ENC_LEVEL_1RTT,
QRL_SUITE_AES128GCM, rx_script_8_1rtt_secret)
/* Now the injected packet is successfully returned */
- RX_OP_CHECK_PKT_FRAMES_OK_N(8a)
+ RX_OP_CHECK_PKT_N(8a)
RX_OP_CHECK_NO_PKT()
RX_OP_CHECK_KEY_EPOCH(0)
/* Packet with new key phase */
RX_OP_INJECT_N(8b)
/* Packet is successfully decrypted and returned */
- RX_OP_CHECK_PKT_FRAMES_OK_N(8b)
+ RX_OP_CHECK_PKT_N(8b)
RX_OP_CHECK_NO_PKT()
/* Key epoch has increased */
RX_OP_CHECK_KEY_EPOCH(1)
*/
RX_OP_INJECT_N(8c)
/* Should still be decrypted OK */
- RX_OP_CHECK_PKT_FRAMES_OK_N(8c)
+ RX_OP_CHECK_PKT_N(8c)
RX_OP_CHECK_NO_PKT()
/* Epoch has not changed */
RX_OP_CHECK_KEY_EPOCH(1)
/* Another packet with the new keys. */
RX_OP_INJECT_N(8d)
- RX_OP_CHECK_PKT_FRAMES_OK_N(8d)
+ RX_OP_CHECK_PKT_N(8d)
RX_OP_CHECK_NO_PKT()
RX_OP_CHECK_KEY_EPOCH(1)
/* We can inject the old packet multiple times and it still works */
RX_OP_INJECT_N(8c)
- RX_OP_CHECK_PKT_FRAMES_OK_N(8c)
+ RX_OP_CHECK_PKT_N(8c)
RX_OP_CHECK_NO_PKT()
RX_OP_CHECK_KEY_EPOCH(1)
/* Move from COOLDOWN to NORMAL and try again */
RX_OP_KEY_UPDATE_TIMEOUT(1)
RX_OP_INJECT_N(8e)
- RX_OP_CHECK_PKT_FRAMES_OK_N(8e)
+ RX_OP_CHECK_PKT_N(8e)
RX_OP_CHECK_NO_PKT()
RX_OP_CHECK_KEY_EPOCH(2)
/* Can still receive old packet */
RX_OP_INJECT_N(8d)
- RX_OP_CHECK_PKT_FRAMES_OK_N(8d)
+ RX_OP_CHECK_PKT_N(8d)
RX_OP_CHECK_NO_PKT()
RX_OP_CHECK_KEY_EPOCH(2)
/* Try a packet from epoch 3 */
RX_OP_INJECT_N(8f)
- RX_OP_CHECK_PKT_FRAMES_OK_N(8f)
+ RX_OP_CHECK_PKT_N(8f)
RX_OP_CHECK_NO_PKT()
RX_OP_CHECK_KEY_EPOCH(3)
OSSL_QRX *qrx;
OSSL_QRX_ARGS args;
- /* OSSL_ACKM with necessary data */
- OSSL_ACKM *ackm;
- OSSL_CC_DATA *ccdata;
- OSSL_STATM statm; /* NOT the state machine! */
-
- /* Used for the RX depacketizer, and wraps the |qrx| and |ackm| */
+ /* Used for the RX depacketizer */
SSL_CTX *quic_ssl_ctx;
QUIC_CONNECTION *quic_conn;
};
static void rx_state_teardown(struct rx_state *s)
{
- if (s->ackm != NULL) {
- ossl_ackm_free(s->ackm);
- ossl_quic_conn_set_ackm(s->quic_conn, NULL);
- s->ackm = NULL;
- }
- if (s->ccdata != NULL) {
- ossl_cc_dummy_method.free(s->ccdata);
- s->ccdata = NULL;
- }
-
if (s->quic_conn != NULL) {
SSL_free((SSL *)s->quic_conn);
s->quic_conn = NULL;
static uint64_t time_counter = 0;
-static OSSL_TIME fake_now(void *ignored)
-{
- OSSL_TIME f = {0};
-
- return f;
-}
-
static OSSL_TIME expected_time(uint64_t counter)
{
return ossl_time_multiply(ossl_ticks2time(OSSL_TIME_MS), counter);
return 1;
}
-static int rx_state_ensure_for_frames(struct rx_state *s)
-{
- SSL *qs;
-
- if (!rx_state_ensure(s))
- return 0;
-
- /* Initialise ACK manager and congestion controller. */
- if ((s->ccdata == NULL
- && !TEST_ptr(s->ccdata = ossl_cc_dummy_method.new(NULL, NULL, NULL)))
- || (s->ackm == NULL
- && !TEST_ptr(s->ackm = ossl_ackm_new(fake_now, NULL, &s->statm,
- &ossl_cc_dummy_method,
- s->ccdata))))
- return 0;
-
- if (s->quic_conn == NULL
- && (!TEST_ptr(s->quic_ssl_ctx
- = SSL_CTX_new_ex(NULL, NULL, OSSL_QUIC_client_method()))
- || !TEST_ptr(qs = SSL_new(s->quic_ssl_ctx))
- || !TEST_ptr(s->quic_conn = ossl_quic_conn_from_ssl(qs))
- || !TEST_true(ossl_quic_conn_set_qrx(s->quic_conn, s->qrx))
- || !TEST_true(ossl_quic_conn_set_ackm(s->quic_conn, s->ackm))))
- return 0;
- return 1;
-}
-
static int rx_run_script(const struct rx_test_op *script)
{
int testresult = 0;
op->buf, op->buf_len, 1)))
goto err;
- switch (op->subop) {
- case RX_TEST_OP_CHECK_PKT_FRAMES_OK:
- if (!TEST_true(rx_state_ensure_for_frames(&s)))
- goto err;
- if (!TEST_true(ossl_quic_handle_frames(s.quic_conn, pkt)))
- goto err;
- ossl_qrx_pkt_release(pkt);
- pkt = NULL;
- break;
- case RX_TEST_OP_CHECK_PKT_FRAMES_INVALID:
- if (!TEST_true(rx_state_ensure_for_frames(&s)))
- goto err;
- if (!TEST_false(ossl_quic_handle_frames(s.quic_conn, pkt)))
- goto err;
- ossl_qrx_pkt_release(pkt);
- pkt = NULL;
- break;
- default:
- ossl_qrx_pkt_release(pkt);
- pkt = NULL;
- break;
- }
+ ossl_qrx_pkt_release(pkt);
+ pkt = NULL;
break;
case RX_TEST_OP_CHECK_NO_PKT:
if (!TEST_true(rx_state_ensure(&s)))
projects / thirdparty / openssl.git / commitdiff
