Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor(bindings/s2n-tls): finish test harness refactor #4636

Merged
merged 6 commits into from
Jul 11, 2024
Merged

refactor(bindings/s2n-tls): finish test harness refactor #4636

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
c5982ec
refactor(bindings/s2n-tls): finish test harness refactor
jmayclin Jul 1, 2024
eb85af3
address ci failures
jmayclin Jul 1, 2024
d0fd715
Update bindings/rust/s2n-tls/src/client_hello.rs
jmayclin Jul 9, 2024
cf30ecd
Merge branch 'main' into rust-harness-cleanup
jmayclin Jul 10, 2024
0db0e96
Merge branch 'main' into rust-harness-cleanup
jmayclin Jul 10, 2024
1987a67
Merge branch 'main' into rust-harness-cleanup
jmayclin Jul 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion bindings/rust/s2n-tls/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ pin-project-lite = "0.2"
hex = "0.4"

[dev-dependencies]
bytes = "1"
futures-test = "0.3"
openssl = "0.10"
temp-env = "0.3"
Expand Down
47 changes: 14 additions & 33 deletions bindings/rust/s2n-tls/src/callbacks/pkey.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,8 +121,8 @@ pub trait PrivateKeyCallback: 'static + Send + Sync {
mod tests {
use super::*;
use crate::{
config, connection, error, security, testing,
testing::{s2n_tls::*, *},
config, connection, error, security,
testing::{self, *},
};
use core::task::{Poll, Waker};
use futures_test::task::new_count_waker;
Expand All @@ -139,10 +139,7 @@ mod tests {
"/../../../tests/pems/ecdsa_p384_pkcs1_cert.pem"
));

fn new_pair<T>(
callback: T,
waker: Waker,
) -> Result<Pair<s2n_tls::Harness, s2n_tls::Harness>, Error>
fn new_pair<T>(callback: T, waker: Waker) -> Result<TestPair, Error>
where
T: 'static + PrivateKeyCallback,
{
Expand All @@ -157,20 +154,10 @@ mod tests {
config.build()?
};

let server = {
let mut server = connection::Connection::new_server();
server.set_config(config.clone())?;
server.set_waker(Some(&waker))?;
Harness::new(server)
};

let client = {
let mut client = connection::Connection::new_client();
client.set_config(config)?;
Harness::new(client)
};
let mut pair = TestPair::from_config(&config);
pair.server.set_waker(Some(&waker))?;

Ok(Pair::new(server, client))
Ok(pair)
}

fn ecdsa_sign(
Expand Down Expand Up @@ -214,11 +201,11 @@ mod tests {
let (waker, wake_count) = new_count_waker();
let counter = testing::Counter::default();
let callback = TestPkeyCallback(counter.clone());
let pair = new_pair(callback, waker)?;
let mut pair = new_pair(callback, waker)?;

assert_eq!(counter.count(), 0);
assert_eq!(wake_count, 0);
poll_tls_pair(pair);
pair.handshake()?;
assert_eq!(counter.count(), 1);
assert_eq!(wake_count, 0);

Expand Down Expand Up @@ -272,11 +259,11 @@ mod tests {
let (waker, wake_count) = new_count_waker();
let counter = testing::Counter::default();
let callback = TestPkeyCallback(counter.clone());
let pair = new_pair(callback, waker)?;
let mut pair = new_pair(callback, waker)?;

assert_eq!(counter.count(), 0);
assert_eq!(wake_count, 0);
poll_tls_pair(pair);
pair.handshake()?;
assert_eq!(counter.count(), 1);
assert_eq!(wake_count, POLL_COUNT);

Expand Down Expand Up @@ -306,14 +293,11 @@ mod tests {

assert_eq!(counter.count(), 0);
assert_eq!(wake_count, 0);
let result = poll_tls_pair_result(&mut pair);
let err = pair.handshake().unwrap_err();
assert_eq!(counter.count(), 1);
assert_eq!(wake_count, 0);

match result {
Ok(_) => panic!("Handshake unexpectedly succeeded"),
Err(e) => testing::assert_test_error(e, ERROR),
};
assert_test_error(err, ERROR);
Ok(())
}

Expand Down Expand Up @@ -362,14 +346,11 @@ mod tests {

assert_eq!(counter.count(), 0);
assert_eq!(wake_count, 0);
let result = poll_tls_pair_result(&mut pair);
let err = pair.handshake().unwrap_err();
assert_eq!(counter.count(), 1);
assert_eq!(wake_count, POLL_COUNT);

match result {
Ok(_) => panic!("Handshake unexpectedly succeeded"),
Err(e) => testing::assert_test_error(e, ERROR),
};
assert_test_error(err, ERROR);
Ok(())
}
}
58 changes: 22 additions & 36 deletions bindings/rust/s2n-tls/src/client_hello.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -229,30 +229,21 @@ pub mod fingerprint {
fingerprint::{FingerprintType, MD5_HASH_SIZE},
ClientHello,
},
connection::Connection,
error::{Error, ErrorType},
security,
testing::{poll_tls_pair, tls_pair},
testing::TestPair,
};

/// This function is a test fixture used a generate a valid ClientHello so
/// that we don't have to copy and paste the raw bytes for test fixtures
fn get_client_hello_bytes() -> Vec<u8> {
fn get_client_hello_bytes() -> Result<Vec<u8>, crate::error::Error> {
let config = crate::testing::config_builder(&security::DEFAULT_TLS13)
.unwrap()
.build()
.unwrap();
let pair = tls_pair(config);
let pair = poll_tls_pair(pair);
.build()?;
let mut pair = TestPair::from_config(&config);
pair.handshake()?;
// this doesn't have the handshake header
let client_hello_message = pair
.server
.0
.connection()
.client_hello()
.unwrap()
.raw_message()
.unwrap();
let client_hello_message = pair.server.client_hello()?.raw_message()?;
// handshake header is {tag: u8, client_hello_length: u24}
let mut client_hello = vec![0; 4];
// As long as the client hello is small, no bit fiddling is required
Expand All @@ -261,7 +252,7 @@ pub mod fingerprint {
client_hello[0] = 1;
client_hello[3] = client_hello_message.len() as u8;
client_hello.extend(client_hello_message.iter());
client_hello
Ok(client_hello)
}

fn known_test_case(
Expand Down Expand Up @@ -290,7 +281,7 @@ pub mod fingerprint {
pub fn get_client_hello() -> Box<ClientHello> {
// sets up connection and handshakes
let raw_client_hello = get_client_hello_bytes();
ClientHello::parse_client_hello(raw_client_hello.as_slice()).unwrap()
ClientHello::parse_client_hello(raw_client_hello.unwrap().as_slice()).unwrap()
}

pub fn client_hello_bytes() -> Vec<u8> {
Expand Down Expand Up @@ -324,28 +315,23 @@ pub mod fingerprint {
.unwrap()
.build()
.unwrap();
let pair = crate::testing::tls_pair(config);
let mut pair = TestPair::from_config(&config);

// client_hellos can not be accessed before the handshake
assert!(pair.client.0.connection().client_hello().is_err());
assert!(pair.server.0.connection().client_hello().is_err());

let pair = poll_tls_pair(pair);
let server_conn = pair.server.0.connection();
let client_conn = pair.server.0.connection();
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There was a copy-paste mistake in this test. The client_hello method is not available for client connections, which is a property of the underlying C implementation. This never would have worked, and the client assertion is removed in the new version.


let check_client_hello = |conn: &Connection| -> Result<(), Error> {
let client_hello = conn.client_hello().unwrap();
let mut hash = Vec::new();
let fingerprint_size =
client_hello.fingerprint_hash(FingerprintType::JA3, &mut hash)?;
let mut string = String::with_capacity(fingerprint_size as usize);
client_hello.fingerprint_string(FingerprintType::JA3, &mut string)?;
Ok(())
};
assert!(pair.client.client_hello().is_err());
assert!(pair.server.client_hello().is_err());

pair.handshake().unwrap();

assert!(check_client_hello(server_conn).is_ok());
assert!(check_client_hello(client_conn).is_ok());
let client_hello = pair.server.client_hello().unwrap();
let mut hash = Vec::new();
let fingerprint_size = client_hello
.fingerprint_hash(FingerprintType::JA3, &mut hash)
.unwrap();
let mut string = String::with_capacity(fingerprint_size as usize);
client_hello
.fingerprint_string(FingerprintType::JA3, &mut string)
.unwrap();
}

// known value test case copied from s2n_fingerprint_ja3_test.c
Expand Down
Loading
Loading