summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2017-10-10 16:52:17 +0000
committerjsing <>2017-10-10 16:52:17 +0000
commit62790ade0e2b202d99093dd2d8dc2df8284e2543 (patch)
tree5d8a10c3f313abe51c783b05c23ef8ecb186137f
parent098764416bf22cf0022a14e54c917a7d274d5907 (diff)
downloadopenbsd-62790ade0e2b202d99093dd2d8dc2df8284e2543.tar.gz
openbsd-62790ade0e2b202d99093dd2d8dc2df8284e2543.tar.bz2
openbsd-62790ade0e2b202d99093dd2d8dc2df8284e2543.zip
Revise regress now that ssl_bytes_to_cipher_list() takes a CBS.
Diffstat
-rw-r--r--src/regress/lib/libssl/unit/cipher_list.c30
1 files changed, 10 insertions, 20 deletions
diff --git a/src/regress/lib/libssl/unit/cipher_list.c b/src/regress/lib/libssl/unit/cipher_list.c
index c4b42764a0..7a7ca37708 100644
--- a/src/regress/lib/libssl/unit/cipher_list.c
+++ b/src/regress/lib/libssl/unit/cipher_list.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cipher_list.c,v 1.6 2017/08/28 17:32:04 jsing Exp $ */ 1/* $OpenBSD: cipher_list.c,v 1.7 2017/10/10 16:52:17 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org> 3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
@@ -63,20 +63,17 @@ static uint16_t cipher_values[] = {
63 63
64#define N_CIPHERS (sizeof(cipher_bytes) / 2) 64#define N_CIPHERS (sizeof(cipher_bytes) / 2)
65 65
66extern STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,
67 const unsigned char *p, int num);
68extern int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
69 unsigned char *p, size_t len, size_t *outlen);
70
71static int 66static int
72ssl_bytes_to_list_alloc(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) 67ssl_bytes_to_list_alloc(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
73{ 68{
74 SSL_CIPHER *cipher; 69 SSL_CIPHER *cipher;
75 uint16_t value; 70 uint16_t value;
71 CBS cbs;
76 int i; 72 int i;
77 73
78 *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, 74 CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes));
79 sizeof(cipher_bytes)); 75
76 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
80 CHECK(*ciphers != NULL); 77 CHECK(*ciphers != NULL);
81 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS); 78 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
82 for (i = 0; i < sk_SSL_CIPHER_num(*ciphers); i++) { 79 for (i = 0; i < sk_SSL_CIPHER_num(*ciphers); i++) {
@@ -149,25 +146,18 @@ static int
149ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) 146ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
150{ 147{
151 uint8_t empty_cipher_bytes[] = {0}; 148 uint8_t empty_cipher_bytes[] = {0};
149 CBS cbs;
152 150
153 sk_SSL_CIPHER_free(*ciphers); 151 sk_SSL_CIPHER_free(*ciphers);
154 152
155 /* Invalid length: CipherSuite is 2 bytes so it must be even */ 153 /* Invalid length: CipherSuite is 2 bytes so it must be even */
156 *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, 154 CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes) - 1);
157 sizeof(cipher_bytes) - 1); 155 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
158 CHECK(*ciphers == NULL); 156 CHECK(*ciphers == NULL);
159 157
160 /* Invalid length: cipher_suites must be at least 2 */ 158 /* Invalid length: cipher_suites must be at least 2 */
161 *ciphers = ssl_bytes_to_cipher_list(s, empty_cipher_bytes, 159 CBS_init(&cbs, empty_cipher_bytes, sizeof(empty_cipher_bytes));
162 sizeof(empty_cipher_bytes)); 160 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
163 CHECK(*ciphers == NULL);
164
165 /* Invalid length: cipher_suites must be at most 2^16-2 */
166 *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, 0x10000);
167 CHECK(*ciphers == NULL);
168
169 /* Invalid len: prototype is signed, but it shouldn't accept len < 0 */
170 *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, -2);
171 CHECK(*ciphers == NULL); 161 CHECK(*ciphers == NULL);
172 162
173 return 1; 163 return 1;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 10:39:30 +0000