int main(int argc, char **argv)
{
uint8_t u8; uint16_t u16; uint32_t u32;
uint32_t stuffer_size = nondet_uint32();
__CPROVER_assume(stuffer_size > 0);
uint32_t entropy_size = nondet_uint32();
__CPROVER_assume(entropy_size > 0);
uint8_t entropy[entropy_size];
struct s2n_stuffer stuffer;
GUARD(s2n_stuffer_alloc(&stuffer, stuffer_size));
struct s2n_blob in = {.data = entropy,.size = entropy_size};
GUARD(s2n_stuffer_write(&stuffer, &in));
GUARD(s2n_stuffer_wipe(&stuffer));
while(nondet_bool()) {
GUARD(s2n_stuffer_write_uint8(&stuffer, nondet_uint64()));
}
while(nondet_bool()) {
GUARD(s2n_stuffer_read_uint8(&stuffer, &u8));
}
GUARD(s2n_stuffer_wipe(&stuffer));
while(nondet_bool()) {
GUARD(s2n_stuffer_write_uint16(&stuffer, nondet_uint64()));
}
while(nondet_bool()) {
GUARD(s2n_stuffer_read_uint16(&stuffer, &u16));
}
GUARD(s2n_stuffer_wipe(&stuffer));
while(nondet_bool()) {
GUARD(s2n_stuffer_write_uint24(&stuffer, nondet_uint64()));
}
while(nondet_bool()) {
GUARD(s2n_stuffer_read_uint24(&stuffer, &u32));
}
GUARD(s2n_stuffer_wipe(&stuffer));
while(nondet_bool()) {
GUARD(s2n_stuffer_write_uint32(&stuffer, nondet_uint64()));
}
while(nondet_bool()) {
GUARD(s2n_stuffer_read_uint32(&stuffer, &u32));
}
GUARD(s2n_stuffer_free(&stuffer));
}
int s2n_server_hello_send(struct s2n_connection *conn)
{
uint32_t gmt_unix_time = time(NULL);
struct s2n_stuffer *out = &conn->handshake.io;
struct s2n_stuffer server_random;
struct s2n_blob b, r;
uint8_t session_id_len = 0;
uint8_t protocol_version[S2N_TLS_PROTOCOL_VERSION_LEN];
b.data = conn->pending.server_random;
b.size = S2N_TLS_RANDOM_DATA_LEN;
/* Create the server random data */
GUARD(s2n_stuffer_init(&server_random, &b));
GUARD(s2n_stuffer_write_uint32(&server_random, gmt_unix_time));
r.data = s2n_stuffer_raw_write(&server_random, S2N_TLS_RANDOM_DATA_LEN - 4);
r.size = S2N_TLS_RANDOM_DATA_LEN - 4;
notnull_check(r.data);
GUARD(s2n_get_public_random_data(&r));
conn->actual_protocol_version = MIN(conn->client_protocol_version, conn->server_protocol_version);
protocol_version[0] = conn->actual_protocol_version / 10;
protocol_version[1] = conn->actual_protocol_version % 10;
conn->pending.signature_digest_alg = S2N_HASH_MD5_SHA1;
if (conn->actual_protocol_version == S2N_TLS12) {
conn->pending.signature_digest_alg = S2N_HASH_SHA1;
}
GUARD(s2n_stuffer_write_bytes(out, protocol_version, S2N_TLS_PROTOCOL_VERSION_LEN));
GUARD(s2n_stuffer_write_bytes(out, conn->pending.server_random, S2N_TLS_RANDOM_DATA_LEN));
GUARD(s2n_stuffer_write_uint8(out, session_id_len));
GUARD(s2n_stuffer_write_bytes(out, conn->pending.cipher_suite->value, S2N_TLS_CIPHER_SUITE_LEN));
GUARD(s2n_stuffer_write_uint8(out, S2N_TLS_COMPRESSION_METHOD_NULL));
GUARD(s2n_server_extensions_send(conn, out));
conn->actual_protocol_version_established = 1;
return 0;
}
int s2n_client_hello_send(struct s2n_connection *conn)
{
uint32_t gmt_unix_time = time(NULL);
struct s2n_stuffer *out = &conn->handshake.io;
struct s2n_stuffer client_random;
struct s2n_blob b, r;
uint8_t session_id_len = 0;
uint8_t client_protocol_version[S2N_TLS_PROTOCOL_VERSION_LEN];
b.data = conn->secure.client_random;
b.size = S2N_TLS_RANDOM_DATA_LEN;
/* Create the client random data */
GUARD(s2n_stuffer_init(&client_random, &b));
GUARD(s2n_stuffer_write_uint32(&client_random, gmt_unix_time));
r.data = s2n_stuffer_raw_write(&client_random, S2N_TLS_RANDOM_DATA_LEN - 4);
r.size = S2N_TLS_RANDOM_DATA_LEN - 4;
notnull_check(r.data);
GUARD(s2n_get_public_random_data(&r));
client_protocol_version[0] = conn->client_protocol_version / 10;
client_protocol_version[1] = conn->client_protocol_version % 10;
conn->client_hello_version = conn->client_protocol_version;
GUARD(s2n_stuffer_write_bytes(out, client_protocol_version, S2N_TLS_PROTOCOL_VERSION_LEN));
GUARD(s2n_stuffer_copy(&client_random, out, S2N_TLS_RANDOM_DATA_LEN));
GUARD(s2n_stuffer_write_uint8(out, session_id_len));
GUARD(s2n_stuffer_write_uint16(out, conn->config->cipher_preferences->count * S2N_TLS_CIPHER_SUITE_LEN));
GUARD(s2n_stuffer_write_bytes(out, conn->config->cipher_preferences->wire_format, conn->config->cipher_preferences->count * S2N_TLS_CIPHER_SUITE_LEN));
/* Zero compression methods */
GUARD(s2n_stuffer_write_uint8(out, 1));
GUARD(s2n_stuffer_write_uint8(out, 0));
/* Write the extensions */
GUARD(s2n_client_extensions_send(conn, out));
return 0;
}
