Test DTLS cookie generation and verification

author Matt Caswell <matt@openssl.org>

Thu, 18 Oct 2018 09:12:20 +0000 (10:12 +0100)

committer Matt Caswell <matt@openssl.org>

Fri, 19 Oct 2018 13:12:51 +0000 (14:12 +0100)
author Matt Caswell <matt@openssl.org>
Thu, 18 Oct 2018 09:12:20 +0000 (10:12 +0100)
committer Matt Caswell <matt@openssl.org>
Fri, 19 Oct 2018 13:12:51 +0000 (14:12 +0100)
diff --git a/test/dtlstest.c b/test/dtlstest.c

index c41aac8319cbd0d7a4a8b7ec5738b03812256fab..5afd7e94996a9cfe98590bfcac489ccd6c3bc5d2 100644 (file)
--- a/test/dtlstest.c
+++ b/test/dtlstest.c
@@ -7,6 +7,7 @@
   * https://www.openssl.org/source/license.html
   */
  
   * https://www.openssl.org/source/license.html
   */
  
+#include <string.h>
  #include <openssl/bio.h>
  #include <openssl/crypto.h>
  #include <openssl/ssl.h>
  #include <openssl/bio.h>
  #include <openssl/crypto.h>
  #include <openssl/ssl.h>
@@ -240,6 +241,55 @@ static int test_dtls_drop_records(int idx)
      return testresult;
  }
  
      return testresult;
  }
  
+static const char dummy_cookie[] = "0123456";
+
+static int generate_cookie_cb(SSL *ssl, unsigned char *cookie,
+                              unsigned int *cookie_len)
+{
+    memcpy(cookie, dummy_cookie, sizeof(dummy_cookie));
+    *cookie_len = sizeof(dummy_cookie);
+    return 1;
+}
+
+static int verify_cookie_cb(SSL *ssl, const unsigned char *cookie,
+                            unsigned int cookie_len)
+{
+    return TEST_mem_eq(cookie, cookie_len, dummy_cookie, sizeof(dummy_cookie));
+}
+
+static int test_cookie(void)
+{
+    SSL_CTX *sctx = NULL, *cctx = NULL;
+    SSL *serverssl = NULL, *clientssl = NULL;
+    int testresult = 0;
+
+    if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(),
+                                       DTLS_client_method(),
+                                       DTLS1_VERSION, DTLS_MAX_VERSION,
+                                       &sctx, &cctx, cert, privkey)))
+        return 0;
+
+    SSL_CTX_set_options(sctx, SSL_OP_COOKIE_EXCHANGE);
+    SSL_CTX_set_cookie_generate_cb(sctx, generate_cookie_cb);
+    SSL_CTX_set_cookie_verify_cb(sctx, verify_cookie_cb);
+
+    if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+                                      NULL, NULL))
+            || !TEST_true(create_ssl_connection(serverssl, clientssl,
+                                                SSL_ERROR_NONE)))
+        goto end;
+
+    testresult = 1;
+ end:
+    SSL_free(serverssl);
+    SSL_free(clientssl);
+    SSL_CTX_free(sctx);
+    SSL_CTX_free(cctx);
+
+    return testresult;
+}
+
+
  int setup_tests(void)
  {
      if (!TEST_ptr(cert = test_get_argument(0))
  int setup_tests(void)
  {
      if (!TEST_ptr(cert = test_get_argument(0))
@@ -248,6 +298,7 @@ int setup_tests(void)
  
      ADD_ALL_TESTS(test_dtls_unprocessed, NUM_TESTS);
      ADD_ALL_TESTS(test_dtls_drop_records, TOTAL_RECORDS);
  
      ADD_ALL_TESTS(test_dtls_unprocessed, NUM_TESTS);
      ADD_ALL_TESTS(test_dtls_drop_records, TOTAL_RECORDS);
+    ADD_TEST(test_cookie);
  
      return 1;
  }
  
      return 1;
  }
author	Matt Caswell <matt@openssl.org>
	Thu, 18 Oct 2018 09:12:20 +0000 (10:12 +0100)
committer	Matt Caswell <matt@openssl.org>
	Fri, 19 Oct 2018 13:12:51 +0000 (14:12 +0100)