Skip to content

Commit e070c19

Browse files
inbal2lFlickdm
inbal2l
authored and
Flickdm
committed
[Add] TLS Tests
- Integrate to project TLSTests.c file - Modify .inf files in UnitTest\Library\BaseCryptLib to include the TLSTests.c file and lib.
1 parent c66f022 commit e070c19

File tree

5 files changed

+379
-0
lines changed

5 files changed

+379
-0
lines changed

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/BaseCryptLibUnitTestApp.inf

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,7 @@
3232
AuthenticodeTests.c
3333
TSTests.c
3434
DhTests.c
35+
TLSTests.c
3536
RandTests.c
3637
Pkcs7EkuTests.c
3738
OaepEncryptTests.c
@@ -53,6 +54,7 @@
5354
UnitTestLib
5455
PrintLib
5556
BaseCryptLib
57+
TlsLib
5658

5759
[FixedPcd]
5860
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceHmacSha256New ## CONSUMES # MU_CHANGE

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/BaseCryptLibUnitTests.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ SUITE_DESC mSuiteDesc[] = {
2323
{ "Authenticode verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mAuthenticodeTestNum, mAuthenticodeTest },
2424
{ "ImageTimestamp verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mImageTimestampTestNum, mImageTimestampTest },
2525
{ "DH verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mDhTestNum, mDhTest },
26+
{ "TLS verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mTlsTestNum, mTlsTest },
2627
{ "PRNG verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mPrngTestNum, mPrngTest },
2728
{ "OAEP encrypt verify tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mOaepTestNum, mOaepTest },
2829
{ "Hkdf extract and expand tests", "CryptoPkg.BaseCryptLib", NULL, NULL, &mHkdfTestNum, mHkdfTest },

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TLSTests.c

Lines changed: 371 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,371 @@
1+
/** @file
2+
This is a unit test for RSA OAEP encrypt/decrypt.
3+
4+
Copyright (c) Microsoft Corporation. All rights reserved.
5+
SPDX-License-Identifier: BSD-2-Clause-Patent
6+
**/
7+
8+
#include "TestBaseCryptLib.h"
9+
#include <Library/TlsLib.h>
10+
11+
typedef void *TLS_OBJ;
12+
13+
// List of Ciphers as appears in TLS Cipher Suite Registry of the IANA
14+
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
15+
16+
UINT16 mCipherId[] = {
17+
0xC030, // TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
18+
0xC02F, // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
19+
0xC028, // TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
20+
0xC027 // TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
21+
};
22+
#define CIPHER_COUNT (sizeof(mCipherId) / sizeof(mCipherId[0]))
23+
24+
// Note: Setting TLS 1.2 (Redefined to avoid dependency on MdePkg/Include/IndustryStandard/Tls1.h)
25+
#define TLS12_PROTOCOL_VERSION_MAJOR 0x03
26+
#define TLS12_PROTOCOL_VERSION_MINOR 0x03
27+
28+
#define EfiTlsClient 0
29+
#define BUFFER_SIZE 1024
30+
31+
// NOTE: For the following tests, if fails, resources are not freed (This is aligned with other tests)
32+
33+
UNIT_TEST_STATUS
34+
EFIAPI
35+
TestVerifyTlsPreReq (
36+
UNIT_TEST_CONTEXT Context
37+
)
38+
{
39+
return UNIT_TEST_PASSED;
40+
}
41+
42+
VOID
43+
EFIAPI
44+
TestVerifyTlsCleanUp (
45+
UNIT_TEST_CONTEXT Context
46+
)
47+
{
48+
// TODO: Fill in in case needed
49+
}
50+
51+
UNIT_TEST_STATUS
52+
EFIAPI
53+
TestTsl12CreatCtxObjNewFree (
54+
IN UNIT_TEST_CONTEXT Context
55+
)
56+
{
57+
BOOLEAN Status = TlsInitialize ();
58+
59+
UT_ASSERT_TRUE (Status);
60+
61+
TLS_OBJ SslCtxObj = TlsCtxNew (TLS12_PROTOCOL_VERSION_MAJOR, TLS12_PROTOCOL_VERSION_MINOR);
62+
63+
UT_ASSERT_NOT_NULL (SslCtxObj);
64+
65+
TLS_OBJ TlsObj = TlsNew (SslCtxObj);
66+
67+
UT_ASSERT_NOT_NULL (TlsObj);
68+
69+
// Cleanup
70+
TlsFree (TlsObj);
71+
TlsCtxFree (SslCtxObj);
72+
73+
return UNIT_TEST_PASSED;
74+
}
75+
76+
UNIT_TEST_STATUS
77+
EFIAPI
78+
TestTsl12CreateConnection (
79+
IN UNIT_TEST_CONTEXT Context
80+
)
81+
{
82+
EFI_STATUS Status = EFI_SUCCESS;
83+
BOOLEAN Result = FALSE;
84+
85+
Result = TlsInitialize ();
86+
UT_ASSERT_TRUE (Result);
87+
88+
TLS_OBJ TlsCtx = TlsCtxNew (TLS12_PROTOCOL_VERSION_MAJOR, TLS12_PROTOCOL_VERSION_MINOR);
89+
90+
UT_ASSERT_NOT_NULL (TlsCtx);
91+
92+
TLS_OBJ TlsConn = TlsNew (TlsCtx);
93+
94+
UT_ASSERT_NOT_NULL (TlsConn);
95+
96+
Status = TlsSetConnectionEnd (TlsConn, EfiTlsClient);
97+
UT_ASSERT_EQUAL (EFI_SUCCESS, Status);
98+
99+
// Cleanup
100+
TlsFree (TlsConn);
101+
TlsCtxFree (TlsCtx);
102+
103+
return UNIT_TEST_PASSED;
104+
}
105+
106+
UNIT_TEST_STATUS
107+
EFIAPI
108+
TestTsl12VerifyConnVersion (
109+
IN UNIT_TEST_CONTEXT Context
110+
)
111+
{
112+
EFI_STATUS Status = EFI_SUCCESS;
113+
BOOLEAN Result = FALSE;
114+
115+
Result = TlsInitialize ();
116+
UT_ASSERT_TRUE (Result);
117+
118+
TLS_OBJ TlsCtx = TlsCtxNew (TLS12_PROTOCOL_VERSION_MAJOR, TLS12_PROTOCOL_VERSION_MINOR);
119+
120+
UT_ASSERT_NOT_NULL (TlsCtx);
121+
122+
TLS_OBJ TlsConn = TlsNew (TlsCtx);
123+
124+
UT_ASSERT_NOT_NULL (TlsConn);
125+
UT_ASSERT_EQUAL ((UINT16)(TLS12_PROTOCOL_VERSION_MAJOR|TLS12_PROTOCOL_VERSION_MINOR), TlsGetVersion (TlsConn));
126+
127+
Status = TlsSetConnectionEnd (TlsConn, EfiTlsClient);
128+
UT_ASSERT_EQUAL (EFI_SUCCESS, Status);
129+
130+
TlsFree (TlsConn);
131+
TlsCtxFree (TlsCtx);
132+
133+
return UNIT_TEST_PASSED;
134+
}
135+
136+
UNIT_TEST_STATUS
137+
EFIAPI
138+
TestTsl12VerifySetCipherList (
139+
IN
140+
UNIT_TEST_CONTEXT
141+
Context
142+
)
143+
{
144+
UINT16 CipherId = 0;
145+
EFI_STATUS Status = EFI_SUCCESS;
146+
BOOLEAN Result = FALSE;
147+
148+
Result = TlsInitialize ();
149+
UT_ASSERT_TRUE (Result);
150+
151+
TLS_OBJ TlsCtx = TlsCtxNew (TLS12_PROTOCOL_VERSION_MAJOR, TLS12_PROTOCOL_VERSION_MINOR);
152+
153+
UT_ASSERT_NOT_NULL (TlsCtx);
154+
155+
TLS_OBJ TlsConn = TlsNew (TlsCtx);
156+
157+
UT_ASSERT_NOT_NULL (TlsConn);
158+
159+
Status = TlsSetConnectionEnd (TlsConn, EfiTlsClient);
160+
UT_ASSERT_EQUAL (EFI_SUCCESS, Status);
161+
162+
Status = TlsSetCipherList (TlsConn, mCipherId, CIPHER_COUNT);
163+
UT_ASSERT_EQUAL (EFI_SUCCESS, Status);
164+
165+
TlsGetCurrentCipher (TlsConn, &CipherId);
166+
UT_ASSERT_EQUAL (EFI_SUCCESS, Status);
167+
168+
BOOLEAN Found = FALSE;
169+
170+
for (int i = 0; i < CIPHER_COUNT; i++) {
171+
if (mCipherId[i] == CipherId) {
172+
Found = TRUE;
173+
break;
174+
}
175+
}
176+
177+
UT_ASSERT_TRUE (Found);
178+
179+
// Cleanup
180+
// NOTE: this is aligned with other tests, but will not be called if test fails
181+
TlsFree (TlsConn);
182+
TlsCtxFree (TlsCtx);
183+
184+
return UNIT_TEST_PASSED;
185+
}
186+
187+
UNIT_TEST_STATUS
188+
EFIAPI
189+
TestTsl12GetCurrentCipher (
190+
IN UNIT_TEST_CONTEXT Context
191+
)
192+
{
193+
UINT16 CipherId = 0;
194+
EFI_STATUS Status = EFI_SUCCESS;
195+
BOOLEAN Result = FALSE;
196+
197+
Result = TlsInitialize ();
198+
UT_ASSERT_TRUE (Result);
199+
200+
TLS_OBJ TlsCtx = TlsCtxNew (TLS12_PROTOCOL_VERSION_MAJOR, TLS12_PROTOCOL_VERSION_MINOR);
201+
202+
UT_ASSERT_NOT_NULL (TlsCtx);
203+
204+
TLS_OBJ TlsConn = TlsNew (TlsCtx);
205+
206+
UT_ASSERT_NOT_NULL (TlsConn);
207+
208+
TlsGetCurrentCipher (TlsConn, &CipherId);
209+
UT_ASSERT_EQUAL (EFI_SUCCESS, Status);
210+
211+
BOOLEAN Found = FALSE;
212+
213+
// Check if default config support ciphers
214+
for (int i = 0; i < CIPHER_COUNT; i++) {
215+
if (mCipherId[i] == CipherId) {
216+
Found = TRUE;
217+
break;
218+
}
219+
}
220+
221+
UT_ASSERT_TRUE (Found);
222+
223+
Status = TlsSetConnectionEnd (TlsConn, EfiTlsClient);
224+
UT_ASSERT_EQUAL (EFI_SUCCESS, Status);
225+
226+
// Cleanup
227+
// NOTE: this is aligned with other tests, but will not be called if test fails
228+
TlsFree (TlsConn);
229+
TlsCtxFree (TlsCtx);
230+
231+
return UNIT_TEST_PASSED;
232+
}
233+
234+
// ~~~~ TODO: check if any of these tests are needed ~~~~
235+
236+
UNIT_TEST_STATUS
237+
EFIAPI
238+
TestTlsCtrlTrafficIn (
239+
IN UNIT_TEST_CONTEXT Context
240+
)
241+
{
242+
BOOLEAN Status = TlsInitialize ();
243+
244+
UT_ASSERT_TRUE (Status);
245+
246+
TLS_OBJ TlsCtx = TlsCtxNew (TLS12_PROTOCOL_VERSION_MAJOR, TLS12_PROTOCOL_VERSION_MINOR);
247+
248+
UT_ASSERT_NOT_NULL (TlsCtx);
249+
250+
TLS_OBJ TlsConn = TlsNew (TlsCtx);
251+
252+
UT_ASSERT_NOT_NULL (TlsConn);
253+
254+
UINT8 Buffer[BUFFER_SIZE] = { 0 };
255+
UINTN BufferSize = sizeof (Buffer);
256+
257+
UT_ASSERT_EQUAL (0, TlsCtrlTrafficIn (TlsConn, &Buffer, BufferSize)); // No data to process
258+
259+
// Cleanup
260+
TlsFree (TlsConn);
261+
TlsCtxFree (TlsCtx);
262+
263+
return UNIT_TEST_PASSED;
264+
}
265+
266+
UNIT_TEST_STATUS
267+
EFIAPI
268+
TestTlsCtrlTrafficOut (
269+
IN UNIT_TEST_CONTEXT Context
270+
)
271+
{
272+
BOOLEAN Status = TlsInitialize ();
273+
274+
UT_ASSERT_TRUE (Status);
275+
276+
TLS_OBJ TlsCtx = TlsCtxNew (TLS12_PROTOCOL_VERSION_MAJOR, TLS12_PROTOCOL_VERSION_MINOR);
277+
278+
UT_ASSERT_NOT_NULL (TlsCtx);
279+
280+
TLS_OBJ TlsConn = TlsNew (TlsCtx);
281+
282+
UT_ASSERT_NOT_NULL (TlsConn);
283+
284+
UINT8 Buffer[] = "Hello World";
285+
CONST UINTN BufferSize = sizeof (Buffer);
286+
287+
UT_ASSERT_EQUAL (BufferSize, TlsCtrlTrafficOut (TlsConn, &Buffer, BufferSize));
288+
289+
// Cleanup
290+
TlsFree (TlsConn);
291+
TlsCtxFree (TlsCtx);
292+
293+
return UNIT_TEST_PASSED;
294+
}
295+
296+
UNIT_TEST_STATUS
297+
EFIAPI
298+
TestTlsRead (
299+
IN UNIT_TEST_CONTEXT Context
300+
)
301+
{
302+
BOOLEAN Status = TlsInitialize ();
303+
304+
UT_ASSERT_TRUE (Status);
305+
306+
TLS_OBJ TlsCtx = TlsCtxNew (TLS12_PROTOCOL_VERSION_MAJOR, TLS12_PROTOCOL_VERSION_MINOR);
307+
308+
UT_ASSERT_NOT_NULL (TlsCtx);
309+
310+
TLS_OBJ TlsConn = TlsNew (TlsCtx);
311+
312+
UT_ASSERT_NOT_NULL (TlsConn);
313+
314+
UINT8 Buffer[BUFFER_SIZE] = { 0 };
315+
UINTN BufferSize = sizeof (Buffer);
316+
317+
UT_ASSERT_EQUAL (BufferSize, TlsRead (TlsConn, &Buffer, BufferSize));
318+
319+
// Cleanup
320+
TlsFree (TlsConn);
321+
TlsCtxFree (TlsCtx);
322+
323+
return UNIT_TEST_PASSED;
324+
}
325+
326+
UNIT_TEST_STATUS
327+
EFIAPI
328+
TestTlsWrite (
329+
IN UNIT_TEST_CONTEXT Context
330+
)
331+
{
332+
BOOLEAN Status = TlsInitialize ();
333+
334+
UT_ASSERT_TRUE (Status);
335+
336+
TLS_OBJ TlsCtx = TlsCtxNew (TLS12_PROTOCOL_VERSION_MAJOR, TLS12_PROTOCOL_VERSION_MINOR);
337+
338+
UT_ASSERT_NOT_NULL (TlsCtx);
339+
340+
TLS_OBJ TlsConn = TlsNew (TlsCtx);
341+
342+
UT_ASSERT_NOT_NULL (TlsConn);
343+
344+
UINT8 Buffer[] = "Hello World";
345+
CONST UINTN BufferSize = sizeof (Buffer);
346+
347+
UT_ASSERT_EQUAL (BufferSize, TlsWrite (TlsConn, &Buffer, BufferSize));
348+
349+
// Cleanup
350+
TlsFree (TlsConn);
351+
TlsCtxFree (TlsCtx);
352+
353+
return UNIT_TEST_PASSED;
354+
}
355+
356+
TEST_DESC mTlsTest[] = {
357+
//
358+
// -----Description--------------------------------Class---------------------Function----------------Pre-----------------Post------------Context
359+
//
360+
{ "TestTsl12CreatCtxObjNewFree()", "CryptoPkg.BaseCryptLib.Tls", TestTsl12CreatCtxObjNewFree, TestVerifyTlsPreReq, NULL, NULL },
361+
{ "TestTsl12CreateConnection()", "CryptoPkg.BaseCryptLib.Tls", TestTsl12CreateConnection, TestVerifyTlsPreReq, NULL, NULL },
362+
{ "TestTsl12VerifyConnVersion()", "CryptoPkg.BaseCryptLib.Tls", TestTsl12VerifyConnVersion, TestVerifyTlsPreReq, NULL, NULL },
363+
{ "TestTsl12VerifySetCipherList()", "CryptoPkg.BaseCryptLib.Tls", TestTsl12VerifySetCipherList, TestVerifyTlsPreReq, NULL, NULL },
364+
{ "TestTsl12GetCurrentCipher()", "CryptoPkg.BaseCryptLib.Tls", TestTsl12GetCurrentCipher, TestVerifyTlsPreReq, NULL, NULL },
365+
{ "TestTlsCtrlTrafficIn()", "CryptoPkg.BaseCryptLib.Tls", TestTlsCtrlTrafficIn, TestVerifyTlsPreReq, NULL, NULL },
366+
{ "TestTlsCtrlTrafficOut()", "CryptoPkg.BaseCryptLib.Tls", TestTlsCtrlTrafficOut, TestVerifyTlsPreReq, NULL, NULL },
367+
{ "TestTlsRead()", "CryptoPkg.BaseCryptLib.Tls", TestTlsRead, TestVerifyTlsPreReq, NULL, NULL },
368+
{ "TestTlsWrite()", "CryptoPkg.BaseCryptLib.Tls", TestTlsWrite, TestVerifyTlsPreReq, NULL, NULL }
369+
};
370+
371+
UINTN mTlsTestNum = ARRAY_SIZE (mTlsTest);

0 commit comments

Comments
 (0)