1 use super::*;
2
3 #[tokio::test]
test_handshake_cache_single_push() -> Result<()>4 async fn test_handshake_cache_single_push() -> Result<()> {
5 let tests = vec![
6 (
7 "Single Push",
8 vec![HandshakeCacheItem {
9 typ: 0.into(),
10 is_client: true,
11 epoch: 0,
12 message_sequence: 0,
13 data: vec![0x00],
14 }],
15 vec![HandshakeCachePullRule {
16 typ: 0.into(),
17 epoch: 0,
18 is_client: true,
19 optional: false,
20 }],
21 vec![0x00],
22 ),
23 (
24 "Multi Push",
25 vec![
26 HandshakeCacheItem {
27 typ: 0.into(),
28 is_client: true,
29 epoch: 0,
30 message_sequence: 0,
31 data: vec![0x00],
32 },
33 HandshakeCacheItem {
34 typ: 1.into(),
35 is_client: true,
36 epoch: 0,
37 message_sequence: 1,
38 data: vec![0x01],
39 },
40 HandshakeCacheItem {
41 typ: 2.into(),
42 is_client: true,
43 epoch: 0,
44 message_sequence: 2,
45 data: vec![0x02],
46 },
47 ],
48 vec![
49 HandshakeCachePullRule {
50 typ: 0.into(),
51 epoch: 0,
52 is_client: true,
53 optional: false,
54 },
55 HandshakeCachePullRule {
56 typ: 1.into(),
57 epoch: 0,
58 is_client: true,
59 optional: false,
60 },
61 HandshakeCachePullRule {
62 typ: 2.into(),
63 epoch: 0,
64 is_client: true,
65 optional: false,
66 },
67 ],
68 vec![0x00, 0x01, 0x02],
69 ),
70 (
71 "Multi Push, Rules set order",
72 vec![
73 HandshakeCacheItem {
74 typ: 2.into(),
75 is_client: true,
76 epoch: 0,
77 message_sequence: 2,
78 data: vec![0x02],
79 },
80 HandshakeCacheItem {
81 typ: 0.into(),
82 is_client: true,
83 epoch: 0,
84 message_sequence: 0,
85 data: vec![0x00],
86 },
87 HandshakeCacheItem {
88 typ: 1.into(),
89 is_client: true,
90 epoch: 0,
91 message_sequence: 1,
92 data: vec![0x01],
93 },
94 ],
95 vec![
96 HandshakeCachePullRule {
97 typ: 0.into(),
98 epoch: 0,
99 is_client: true,
100 optional: false,
101 },
102 HandshakeCachePullRule {
103 typ: 1.into(),
104 epoch: 0,
105 is_client: true,
106 optional: false,
107 },
108 HandshakeCachePullRule {
109 typ: 2.into(),
110 epoch: 0,
111 is_client: true,
112 optional: false,
113 },
114 ],
115 vec![0x00, 0x01, 0x02],
116 ),
117 (
118 "Multi Push, Dupe Seqnum",
119 vec![
120 HandshakeCacheItem {
121 typ: 0.into(),
122 is_client: true,
123 epoch: 0,
124 message_sequence: 0,
125 data: vec![0x00],
126 },
127 HandshakeCacheItem {
128 typ: 1.into(),
129 is_client: true,
130 epoch: 0,
131 message_sequence: 1,
132 data: vec![0x01],
133 },
134 HandshakeCacheItem {
135 typ: 1.into(),
136 is_client: true,
137 epoch: 0,
138 message_sequence: 1,
139 data: vec![0x01],
140 },
141 ],
142 vec![
143 HandshakeCachePullRule {
144 typ: 0.into(),
145 epoch: 0,
146 is_client: true,
147 optional: false,
148 },
149 HandshakeCachePullRule {
150 typ: 1.into(),
151 epoch: 0,
152 is_client: true,
153 optional: false,
154 },
155 ],
156 vec![0x00, 0x01],
157 ),
158 (
159 "Multi Push, Dupe Seqnum Client/Server",
160 vec![
161 HandshakeCacheItem {
162 typ: 0.into(),
163 is_client: true,
164 epoch: 0,
165 message_sequence: 0,
166 data: vec![0x00],
167 },
168 HandshakeCacheItem {
169 typ: 1.into(),
170 is_client: true,
171 epoch: 0,
172 message_sequence: 1,
173 data: vec![0x01],
174 },
175 HandshakeCacheItem {
176 typ: 1.into(),
177 is_client: false,
178 epoch: 0,
179 message_sequence: 1,
180 data: vec![0x02],
181 },
182 ],
183 vec![
184 HandshakeCachePullRule {
185 typ: 0.into(),
186 epoch: 0,
187 is_client: true,
188 optional: false,
189 },
190 HandshakeCachePullRule {
191 typ: 1.into(),
192 epoch: 0,
193 is_client: true,
194 optional: false,
195 },
196 HandshakeCachePullRule {
197 typ: 1.into(),
198 epoch: 0,
199 is_client: false,
200 optional: false,
201 },
202 ],
203 vec![0x00, 0x01, 0x02],
204 ),
205 (
206 "Multi Push, Dupe Seqnum with Unique HandshakeType",
207 vec![
208 HandshakeCacheItem {
209 typ: 1.into(),
210 is_client: true,
211 epoch: 0,
212 message_sequence: 0,
213 data: vec![0x00],
214 },
215 HandshakeCacheItem {
216 typ: 2.into(),
217 is_client: true,
218 epoch: 0,
219 message_sequence: 1,
220 data: vec![0x01],
221 },
222 HandshakeCacheItem {
223 typ: 3.into(),
224 is_client: false,
225 epoch: 0,
226 message_sequence: 0,
227 data: vec![0x02],
228 },
229 ],
230 vec![
231 HandshakeCachePullRule {
232 typ: 1.into(),
233 epoch: 0,
234 is_client: true,
235 optional: false,
236 },
237 HandshakeCachePullRule {
238 typ: 2.into(),
239 epoch: 0,
240 is_client: true,
241 optional: false,
242 },
243 HandshakeCachePullRule {
244 typ: 3.into(),
245 epoch: 0,
246 is_client: false,
247 optional: false,
248 },
249 ],
250 vec![0x00, 0x01, 0x02],
251 ),
252 (
253 "Multi Push, Wrong epoch",
254 vec![
255 HandshakeCacheItem {
256 typ: 1.into(),
257 is_client: true,
258 epoch: 0,
259 message_sequence: 0,
260 data: vec![0x00],
261 },
262 HandshakeCacheItem {
263 typ: 2.into(),
264 is_client: true,
265 epoch: 1,
266 message_sequence: 1,
267 data: vec![0x01],
268 },
269 HandshakeCacheItem {
270 typ: 2.into(),
271 is_client: true,
272 epoch: 0,
273 message_sequence: 2,
274 data: vec![0x11],
275 },
276 HandshakeCacheItem {
277 typ: 3.into(),
278 is_client: false,
279 epoch: 0,
280 message_sequence: 0,
281 data: vec![0x02],
282 },
283 HandshakeCacheItem {
284 typ: 3.into(),
285 is_client: false,
286 epoch: 1,
287 message_sequence: 0,
288 data: vec![0x12],
289 },
290 HandshakeCacheItem {
291 typ: 3.into(),
292 is_client: false,
293 epoch: 2,
294 message_sequence: 0,
295 data: vec![0x12],
296 },
297 ],
298 vec![
299 HandshakeCachePullRule {
300 typ: 1.into(),
301 epoch: 0,
302 is_client: true,
303 optional: false,
304 },
305 HandshakeCachePullRule {
306 typ: 2.into(),
307 epoch: 1,
308 is_client: true,
309 optional: false,
310 },
311 HandshakeCachePullRule {
312 typ: 3.into(),
313 epoch: 0,
314 is_client: false,
315 optional: false,
316 },
317 ],
318 vec![0x00, 0x01, 0x02],
319 ),
320 ];
321
322 for (name, inputs, rules, expected) in tests {
323 let mut h = HandshakeCache::new();
324 for i in inputs {
325 h.push(i.data, i.epoch, i.message_sequence, i.typ, i.is_client)
326 .await;
327 }
328 let verify_data = h.pull_and_merge(&rules).await;
329 assert_eq!(
330 verify_data, expected,
331 "handshakeCache '{name}' exp:{expected:?} actual {verify_data:?}",
332 );
333 }
334
335 Ok(())
336 }
337
338 #[tokio::test]
test_handshake_cache_session_hash() -> Result<()>339 async fn test_handshake_cache_session_hash() -> Result<()> {
340 let tests = vec![
341 (
342 "Standard Handshake",
343 vec![
344 HandshakeCacheItem {
345 typ: HandshakeType::ClientHello,
346 is_client: true,
347 epoch: 0,
348 message_sequence: 0,
349 data: vec![0x00],
350 },
351 HandshakeCacheItem {
352 typ: HandshakeType::ServerHello,
353 is_client: false,
354 epoch: 0,
355 message_sequence: 1,
356 data: vec![0x01],
357 },
358 HandshakeCacheItem {
359 typ: HandshakeType::Certificate,
360 is_client: false,
361 epoch: 0,
362 message_sequence: 2,
363 data: vec![0x02],
364 },
365 HandshakeCacheItem {
366 typ: HandshakeType::ServerKeyExchange,
367 is_client: false,
368 epoch: 0,
369 message_sequence: 3,
370 data: vec![0x03],
371 },
372 HandshakeCacheItem {
373 typ: HandshakeType::ServerHelloDone,
374 is_client: false,
375 epoch: 0,
376 message_sequence: 4,
377 data: vec![0x04],
378 },
379 HandshakeCacheItem {
380 typ: HandshakeType::ClientKeyExchange,
381 is_client: true,
382 epoch: 0,
383 message_sequence: 5,
384 data: vec![0x05],
385 },
386 ],
387 vec![
388 0x17, 0xe8, 0x8d, 0xb1, 0x87, 0xaf, 0xd6, 0x2c, 0x16, 0xe5, 0xde, 0xbf, 0x3e, 0x65,
389 0x27, 0xcd, 0x00, 0x6b, 0xc0, 0x12, 0xbc, 0x90, 0xb5, 0x1a, 0x81, 0x0c, 0xd8, 0x0c,
390 0x2d, 0x51, 0x1f, 0x43,
391 ],
392 ),
393 (
394 "Handshake With Client Cert Request",
395 vec![
396 HandshakeCacheItem {
397 typ: HandshakeType::ClientHello,
398 is_client: true,
399 epoch: 0,
400 message_sequence: 0,
401 data: vec![0x00],
402 },
403 HandshakeCacheItem {
404 typ: HandshakeType::ServerHello,
405 is_client: false,
406 epoch: 0,
407 message_sequence: 1,
408 data: vec![0x01],
409 },
410 HandshakeCacheItem {
411 typ: HandshakeType::Certificate,
412 is_client: false,
413 epoch: 0,
414 message_sequence: 2,
415 data: vec![0x02],
416 },
417 HandshakeCacheItem {
418 typ: HandshakeType::ServerKeyExchange,
419 is_client: false,
420 epoch: 0,
421 message_sequence: 3,
422 data: vec![0x03],
423 },
424 HandshakeCacheItem {
425 typ: HandshakeType::CertificateRequest,
426 is_client: false,
427 epoch: 0,
428 message_sequence: 4,
429 data: vec![0x04],
430 },
431 HandshakeCacheItem {
432 typ: HandshakeType::ServerHelloDone,
433 is_client: false,
434 epoch: 0,
435 message_sequence: 5,
436 data: vec![0x05],
437 },
438 HandshakeCacheItem {
439 typ: HandshakeType::ClientKeyExchange,
440 is_client: true,
441 epoch: 0,
442 message_sequence: 6,
443 data: vec![0x06],
444 },
445 ],
446 vec![
447 0x57, 0x35, 0x5a, 0xc3, 0x30, 0x3c, 0x14, 0x8f, 0x11, 0xae, 0xf7, 0xcb, 0x17, 0x94,
448 0x56, 0xb9, 0x23, 0x2c, 0xde, 0x33, 0xa8, 0x18, 0xdf, 0xda, 0x2c, 0x2f, 0xcb, 0x93,
449 0x25, 0x74, 0x9a, 0x6b,
450 ],
451 ),
452 (
453 "Handshake Ignores after ClientKeyExchange",
454 vec![
455 HandshakeCacheItem {
456 typ: HandshakeType::ClientHello,
457 is_client: true,
458 epoch: 0,
459 message_sequence: 0,
460 data: vec![0x00],
461 },
462 HandshakeCacheItem {
463 typ: HandshakeType::ServerHello,
464 is_client: false,
465 epoch: 0,
466 message_sequence: 1,
467 data: vec![0x01],
468 },
469 HandshakeCacheItem {
470 typ: HandshakeType::Certificate,
471 is_client: false,
472 epoch: 0,
473 message_sequence: 2,
474 data: vec![0x02],
475 },
476 HandshakeCacheItem {
477 typ: HandshakeType::ServerKeyExchange,
478 is_client: false,
479 epoch: 0,
480 message_sequence: 3,
481 data: vec![0x03],
482 },
483 HandshakeCacheItem {
484 typ: HandshakeType::CertificateRequest,
485 is_client: false,
486 epoch: 0,
487 message_sequence: 4,
488 data: vec![0x04],
489 },
490 HandshakeCacheItem {
491 typ: HandshakeType::ServerHelloDone,
492 is_client: false,
493 epoch: 0,
494 message_sequence: 5,
495 data: vec![0x05],
496 },
497 HandshakeCacheItem {
498 typ: HandshakeType::ClientKeyExchange,
499 is_client: true,
500 epoch: 0,
501 message_sequence: 6,
502 data: vec![0x06],
503 },
504 HandshakeCacheItem {
505 typ: HandshakeType::CertificateVerify,
506 is_client: true,
507 epoch: 0,
508 message_sequence: 7,
509 data: vec![0x07],
510 },
511 HandshakeCacheItem {
512 typ: HandshakeType::Finished,
513 is_client: true,
514 epoch: 1,
515 message_sequence: 7,
516 data: vec![0x08],
517 },
518 HandshakeCacheItem {
519 typ: HandshakeType::Finished,
520 is_client: false,
521 epoch: 1,
522 message_sequence: 7,
523 data: vec![0x09],
524 },
525 ],
526 vec![
527 0x57, 0x35, 0x5a, 0xc3, 0x30, 0x3c, 0x14, 0x8f, 0x11, 0xae, 0xf7, 0xcb, 0x17, 0x94,
528 0x56, 0xb9, 0x23, 0x2c, 0xde, 0x33, 0xa8, 0x18, 0xdf, 0xda, 0x2c, 0x2f, 0xcb, 0x93,
529 0x25, 0x74, 0x9a, 0x6b,
530 ],
531 ),
532 (
533 "Handshake Ignores wrong epoch",
534 vec![
535 HandshakeCacheItem {
536 typ: HandshakeType::ClientHello,
537 is_client: true,
538 epoch: 0,
539 message_sequence: 0,
540 data: vec![0x00],
541 },
542 HandshakeCacheItem {
543 typ: HandshakeType::ServerHello,
544 is_client: false,
545 epoch: 0,
546 message_sequence: 1,
547 data: vec![0x01],
548 },
549 HandshakeCacheItem {
550 typ: HandshakeType::Certificate,
551 is_client: false,
552 epoch: 0,
553 message_sequence: 2,
554 data: vec![0x02],
555 },
556 HandshakeCacheItem {
557 typ: HandshakeType::ServerKeyExchange,
558 is_client: false,
559 epoch: 0,
560 message_sequence: 3,
561 data: vec![0x03],
562 },
563 HandshakeCacheItem {
564 typ: HandshakeType::CertificateRequest,
565 is_client: false,
566 epoch: 0,
567 message_sequence: 4,
568 data: vec![0x04],
569 },
570 HandshakeCacheItem {
571 typ: HandshakeType::ServerHelloDone,
572 is_client: false,
573 epoch: 0,
574 message_sequence: 5,
575 data: vec![0x05],
576 },
577 HandshakeCacheItem {
578 typ: HandshakeType::ClientKeyExchange,
579 is_client: true,
580 epoch: 0,
581 message_sequence: 6,
582 data: vec![0x06],
583 },
584 HandshakeCacheItem {
585 typ: HandshakeType::CertificateVerify,
586 is_client: true,
587 epoch: 0,
588 message_sequence: 7,
589 data: vec![0x07],
590 },
591 HandshakeCacheItem {
592 typ: HandshakeType::Finished,
593 is_client: true,
594 epoch: 0,
595 message_sequence: 7,
596 data: vec![0xf0],
597 },
598 HandshakeCacheItem {
599 typ: HandshakeType::Finished,
600 is_client: false,
601 epoch: 0,
602 message_sequence: 7,
603 data: vec![0xf1],
604 },
605 HandshakeCacheItem {
606 typ: HandshakeType::Finished,
607 is_client: true,
608 epoch: 1,
609 message_sequence: 7,
610 data: vec![0x08],
611 },
612 HandshakeCacheItem {
613 typ: HandshakeType::Finished,
614 is_client: false,
615 epoch: 1,
616 message_sequence: 7,
617 data: vec![0x09],
618 },
619 HandshakeCacheItem {
620 typ: HandshakeType::Finished,
621 is_client: true,
622 epoch: 0,
623 message_sequence: 7,
624 data: vec![0xf0],
625 },
626 HandshakeCacheItem {
627 typ: HandshakeType::Finished,
628 is_client: false,
629 epoch: 0,
630 message_sequence: 7,
631 data: vec![0xf1],
632 },
633 ],
634 vec![
635 0x57, 0x35, 0x5a, 0xc3, 0x30, 0x3c, 0x14, 0x8f, 0x11, 0xae, 0xf7, 0xcb, 0x17, 0x94,
636 0x56, 0xb9, 0x23, 0x2c, 0xde, 0x33, 0xa8, 0x18, 0xdf, 0xda, 0x2c, 0x2f, 0xcb, 0x93,
637 0x25, 0x74, 0x9a, 0x6b,
638 ],
639 ),
640 ];
641
642 for (name, inputs, expected) in tests {
643 let mut h = HandshakeCache::new();
644 for i in inputs {
645 h.push(i.data, i.epoch, i.message_sequence, i.typ, i.is_client)
646 .await;
647 }
648
649 let verify_data = h.session_hash(CipherSuiteHash::Sha256, 0, &[]).await?;
650
651 assert_eq!(
652 verify_data, expected,
653 "handshakeCacheSesssionHassh '{name}' exp: {expected:?} actual {verify_data:?}"
654 );
655 }
656
657 Ok(())
658 }
659