int s2n_server_status_send(struct s2n_connection *conn)
{
uint32_t length = conn->config->cert_and_key_pairs->ocsp_status.size + 4;
GUARD(s2n_stuffer_write_uint24(&conn->handshake.io, length));
GUARD(s2n_stuffer_write_uint8(&conn->handshake.io, (uint8_t)S2N_STATUS_REQUEST_OCSP));
GUARD(s2n_stuffer_write_uint24(&conn->handshake.io, conn->config->cert_and_key_pairs->ocsp_status.size));
GUARD(s2n_stuffer_write(&conn->handshake.io, &conn->config->cert_and_key_pairs->ocsp_status));
return 0;
}
int s2n_server_status_send(struct s2n_connection *conn)
{
uint32_t length = conn->config->cert_and_key_pairs->ocsp_status.size + 4;
GUARD(s2n_stuffer_write_uint24(&conn->handshake.io, length));
GUARD(s2n_stuffer_write_uint8(&conn->handshake.io, (uint8_t)S2N_STATUS_REQUEST_OCSP));
GUARD(s2n_stuffer_write_uint24(&conn->handshake.io, conn->config->cert_and_key_pairs->ocsp_status.size));
GUARD(s2n_stuffer_write(&conn->handshake.io, &conn->config->cert_and_key_pairs->ocsp_status));
conn->handshake.next_state = SERVER_HELLO_DONE;
if (conn->pending.cipher_suite->key_exchange_alg->flags & S2N_KEY_EXCHANGE_EPH) {
conn->handshake.next_state = SERVER_KEY;
}
return 0;
}
int main(int argc, char **argv)
{
uint8_t u8; uint16_t u16; uint32_t u32;
uint32_t stuffer_size = nondet_uint32();
__CPROVER_assume(stuffer_size > 0);
uint32_t entropy_size = nondet_uint32();
__CPROVER_assume(entropy_size > 0);
uint8_t entropy[entropy_size];
struct s2n_stuffer stuffer;
GUARD(s2n_stuffer_alloc(&stuffer, stuffer_size));
struct s2n_blob in = {.data = entropy,.size = entropy_size};
GUARD(s2n_stuffer_write(&stuffer, &in));
GUARD(s2n_stuffer_wipe(&stuffer));
while(nondet_bool()) {
GUARD(s2n_stuffer_write_uint8(&stuffer, nondet_uint64()));
}
while(nondet_bool()) {
GUARD(s2n_stuffer_read_uint8(&stuffer, &u8));
}
GUARD(s2n_stuffer_wipe(&stuffer));
while(nondet_bool()) {
GUARD(s2n_stuffer_write_uint16(&stuffer, nondet_uint64()));
}
while(nondet_bool()) {
GUARD(s2n_stuffer_read_uint16(&stuffer, &u16));
}
GUARD(s2n_stuffer_wipe(&stuffer));
while(nondet_bool()) {
GUARD(s2n_stuffer_write_uint24(&stuffer, nondet_uint64()));
}
while(nondet_bool()) {
GUARD(s2n_stuffer_read_uint24(&stuffer, &u32));
}
GUARD(s2n_stuffer_wipe(&stuffer));
while(nondet_bool()) {
GUARD(s2n_stuffer_write_uint32(&stuffer, nondet_uint64()));
}
while(nondet_bool()) {
GUARD(s2n_stuffer_read_uint32(&stuffer, &u32));
}
GUARD(s2n_stuffer_free(&stuffer));
}
int s2n_handshake_write_header(struct s2n_connection *conn, uint8_t message_type)
{
if (s2n_stuffer_data_available(&conn->handshake.io)) {
S2N_ERROR(S2N_ERR_HANDSHAKE_STATE);
}
/* Write the message header */
GUARD(s2n_stuffer_write_uint8(&conn->handshake.io, message_type));
/* Leave the length blank for now */
uint16_t length = 0;
GUARD(s2n_stuffer_write_uint24(&conn->handshake.io, length));
return 0;
}
int s2n_handshake_finish_header(struct s2n_connection *conn)
{
uint16_t length = s2n_stuffer_data_available(&conn->handshake.io);
if (length < TLS_HANDSHAKE_HEADER_LENGTH) {
S2N_ERROR(S2N_ERR_SIZE_MISMATCH);
}
uint16_t payload = length - TLS_HANDSHAKE_HEADER_LENGTH;
/* Write the message header */
GUARD(s2n_stuffer_rewrite(&conn->handshake.io));
GUARD(s2n_stuffer_skip_write(&conn->handshake.io, 1));
GUARD(s2n_stuffer_write_uint24(&conn->handshake.io, payload));
GUARD(s2n_stuffer_skip_write(&conn->handshake.io, payload));
return 0;
}
