MyMain()
{
SG_repo * pRepo = NULL;
SG_pathname * pPathnameTempDir = NULL;
TEMPLATE_MAIN_START;
VERIFY_ERR_CHECK( MyFn(create_repo)(pCtx,&pRepo) );
VERIFY_ERR_CHECK( MyFn(create_tmp_src_dir)(pCtx,&pPathnameTempDir) );
BEGIN_TEST( MyFn(create_some_blobs_from_bytes)(pCtx, pRepo) );
BEGIN_TEST( MyFn(create_some_blobs_from_files)(pCtx, pRepo,pPathnameTempDir) );
BEGIN_TEST( MyFn(create_zero_byte_blob)(pCtx, pRepo) );
//////////////////////////////////////////////////////////////////
// TODO delete repo directory and everything we created under it.
// TODO delete temp directory and everything we created under it.
// fall-thru to common cleanup
fail:
SG_REPO_NULLFREE(pCtx, pRepo);
SG_PATHNAME_NULLFREE(pCtx, pPathnameTempDir);
TEMPLATE_MAIN_END;
}
MyMain()
{
TEMPLATE_MAIN_START;
BEGIN_TEST( MyFn(test1)(pCtx) );
BEGIN_TEST( MyFn(test_W2771)(pCtx) );
TEMPLATE_MAIN_END;
}
MyMain()
{
TEMPLATE_MAIN_START;
BEGIN_TEST( MyFn(test__parseRfc850)(pCtx) );
BEGIN_TEST( MyFn(test__parseRfc850nonGmt)(pCtx) );
BEGIN_TEST( MyFn(test__formatRfc850)(pCtx) );
TEMPLATE_MAIN_END;
}
MyMain()
{
TEMPLATE_MAIN_START;
#if defined(MAC) || defined(LINUX)
BEGIN_TEST( MyFn(test1)(pCtx) );
BEGIN_TEST( MyFn(test2)(pCtx) );
#else
VERIFY_COND("Skipping test on Windows platform...", SG_TRUE);
#endif
TEMPLATE_MAIN_END;
}
int main(int argc, char **argv)
{
struct s2n_connection *conn;
uint8_t mac_key[] = "sample mac key";
uint8_t aes128_key[] = "123456789012345";
struct s2n_blob aes128 = {.data = aes128_key,.size = sizeof(aes128_key) };
uint8_t random_data[S2N_LARGE_RECORD_LENGTH + 1];
struct s2n_blob r = {.data = random_data, .size = sizeof(random_data)};
BEGIN_TEST();
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_get_urandom_data(&r));
/* Peer and we are in sync */
conn->server = &conn->secure;
conn->client = &conn->secure;
/* test the AES128 cipher with a SHA1 hash */
conn->secure.cipher_suite->cipher = &s2n_aes128;
conn->secure.cipher_suite->hmac_alg = S2N_HMAC_SHA1;
EXPECT_SUCCESS(conn->secure.cipher_suite->cipher->get_encryption_key(&conn->secure.server_key, &aes128));
EXPECT_SUCCESS(conn->secure.cipher_suite->cipher->get_decryption_key(&conn->secure.client_key, &aes128));
EXPECT_SUCCESS(s2n_hmac_init(&conn->secure.client_record_mac, S2N_HMAC_SHA1, mac_key, sizeof(mac_key)));
EXPECT_SUCCESS(s2n_hmac_init(&conn->secure.server_record_mac, S2N_HMAC_SHA1, mac_key, sizeof(mac_key)));
conn->actual_protocol_version = S2N_TLS11;
/* Align the record size, then subtract 20 bytes for the HMAC, 16 bytes for the explicit IV, and one byte
* for the padding length byte.
*/
int small_aligned_payload = S2N_SMALL_FRAGMENT_LENGTH - (S2N_SMALL_FRAGMENT_LENGTH % 16) - 20 - 16 - 1;
int large_aligned_payload = S2N_LARGE_FRAGMENT_LENGTH - (S2N_LARGE_FRAGMENT_LENGTH % 16) - 20 - 16 - 1;
int bytes_written;
/* Check the default: small record */
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->out));
EXPECT_SUCCESS(bytes_written = s2n_record_write(conn, TLS_APPLICATION_DATA, &r));
EXPECT_EQUAL(bytes_written, small_aligned_payload);
/* Check explicitly small records */
EXPECT_SUCCESS(s2n_connection_prefer_low_latency(conn));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->out));
EXPECT_SUCCESS(bytes_written = s2n_record_write(conn, TLS_APPLICATION_DATA, &r));
EXPECT_EQUAL(bytes_written, small_aligned_payload);
/* Check explicitly large records */
EXPECT_SUCCESS(s2n_connection_prefer_throughput(conn));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->out));
EXPECT_SUCCESS(bytes_written = s2n_record_write(conn, TLS_APPLICATION_DATA, &r));
EXPECT_EQUAL(bytes_written, large_aligned_payload);
/* Clean up */
EXPECT_SUCCESS(conn->secure.cipher_suite->cipher->destroy_key(&conn->secure.server_key));
EXPECT_SUCCESS(conn->secure.cipher_suite->cipher->destroy_key(&conn->secure.client_key));
EXPECT_SUCCESS(s2n_connection_free(conn));
EXPECT_SUCCESS(s2n_hmac_init(&conn->secure.server_record_mac, S2N_HMAC_SHA1, mac_key, sizeof(mac_key)));
END_TEST();
}
MyMain()
{
// char bufTopDir[SG_TID_MAX_BUFFER_LENGTH];
// SG_pathname* pPathTopDir = NULL;
TEMPLATE_MAIN_START;
// BEGIN_TEST( SG_tid__generate2(pCtx, bufTopDir, sizeof(bufTopDir), 32) );
// BEGIN_TEST( SG_PATHNAME__ALLOC__SZ(pCtx, &pPathTopDir,bufTopDir) );
// BEGIN_TEST( SG_fsobj__mkdir__pathname(pCtx, pPathTopDir) );
BEGIN_TEST( MyFn(list_vtables)(pCtx) );
BEGIN_TEST( MyFn(list_hashes)(pCtx) );
TEMPLATE_MAIN_END;
}
int main(int argc, char **argv)
{
struct s2n_stuffer dhparams_in, dhparams_out;
struct s2n_dh_params dh_params;
struct s2n_blob b;
BEGIN_TEST();
EXPECT_EQUAL(s2n_get_private_random_bytes_used(), 0);
/* Parse the DH params */
b.data = dhparams;
b.size = sizeof(dhparams);
EXPECT_SUCCESS(s2n_stuffer_alloc(&dhparams_in, sizeof(dhparams)));
EXPECT_SUCCESS(s2n_stuffer_alloc(&dhparams_out, sizeof(dhparams)));
EXPECT_SUCCESS(s2n_stuffer_write(&dhparams_in, &b));
EXPECT_SUCCESS(s2n_stuffer_dhparams_from_pem(&dhparams_in, &dhparams_out));
b.size = s2n_stuffer_data_available(&dhparams_out);
b.data = s2n_stuffer_raw_read(&dhparams_out, b.size);
EXPECT_SUCCESS(s2n_pkcs3_to_dh_params(&dh_params, &b));
EXPECT_SUCCESS(s2n_dh_generate_ephemeral_key(&dh_params));
/* Verify that our DRBG is called and that over-riding works */
EXPECT_NOT_EQUAL(s2n_get_private_random_bytes_used(), 0);
EXPECT_SUCCESS(s2n_dh_params_free(&dh_params));
EXPECT_SUCCESS(s2n_stuffer_free(&dhparams_out));
EXPECT_SUCCESS(s2n_stuffer_free(&dhparams_in));
END_TEST();
}
MyMain()
{
TEMPLATE_MAIN_START;
BEGIN_TEST( MyFn(do_tests)(pCtx) );
TEMPLATE_MAIN_END;
}
void test_succeeds(PSMove *move) {
int i;
BEGIN_TEST("psmove_update_leds succeeds (rate limiting disabled)");
for (i=0; i<10; i++) {
psmove_set_leds(move, i, i, i);
assert(psmove_update_leds(move) == Update_Success);
}
END_TEST();
}
MyMain()
{
TEMPLATE_MAIN_START;
BEGIN_TEST( MyFn(test1)(pCtx) );
BEGIN_TEST( MyFn(alloc__copy__shallow)(pCtx) );
BEGIN_TEST( MyFn(alloc__copy__deep)(pCtx) );
BEGIN_TEST( MyFn(clear__with_assoc)(pCtx) );
BEGIN_TEST( MyFn(find)(pCtx) );
BEGIN_TEST( MyFn(remove__index)(pCtx) );
BEGIN_TEST( MyFn(remove__value)(pCtx) );
BEGIN_TEST( MyFn(remove__if)(pCtx) );
BEGIN_TEST( MyFn(match_value__append)(pCtx) );
TEMPLATE_MAIN_END;
}
static void
test_simple_playback (IFusionSoundBuffer *buffer)
{
BEGIN_TEST( "Simple Playback" );
TEST(playback->Start (playback, 0, 0));
TEST(playback->Wait (playback));
END_TEST();
}
int main(int argc, char* argv[])
{
PSMove *move = psmove_connect();
int i;
if (move == NULL) {
printf("Could not connect to default Move controller.\n"
"Please connect one via USB or Bluetooth.\n");
exit(1);
}
INFO("Rate limiting is disabled by default");
test_succeeds(move);
INFO("Enabling rate limiting");
psmove_set_rate_limiting(move, 1);
BEGIN_TEST("psmove_update_leds ignores updates (rate limiting enabled)");
for (i=0; i<10; i++) {
psmove_set_leds(move, i, i, i);
assert(psmove_update_leds(move) == Update_Ignored);
}
END_TEST();
INFO("Disabling rate limiting");
psmove_set_rate_limiting(move, 0);
BEGIN_TEST("psmove_update_leds ignores updates (unchanged values)");
psmove_set_leds(move, 1, 1, 1);
assert(psmove_update_leds(move) == Update_Success);
for (i=0; i<10; i++) {
assert(psmove_update_leds(move) == Update_Ignored);
}
END_TEST();
test_succeeds(move);
psmove_disconnect(move);
return 0;
}
MyMain()
{
TEMPLATE_MAIN_START;
#if defined(HAVE_EXEC_DEBUG_STACKTRACE)
BEGIN_TEST( MyFn(test1)(pCtx) );
#else
INFOP("u0085_crash", ("Skipping crash stacktrace test....") );
#endif
TEMPLATE_MAIN_END;
}
static void
test_looping_playback (IFusionSoundBuffer *buffer)
{
BEGIN_TEST( "Looping Playback" );
TEST(playback->Start (playback, 0, -1));
sleep (5);
TEST(playback->Stop (playback));
END_TEST();
}
int main(int argc, char **argv)
{
struct s2n_connection *conn;
BEGIN_TEST();
EXPECT_NULL(conn = s2n_connection_new(S2N_CLIENT));
EXPECT_SUCCESS(setenv("S2N_ENABLE_CLIENT_MODE", "1", 0));
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_CLIENT));
EXPECT_SUCCESS(s2n_connection_free(conn));
END_TEST();
}
static void
test_positioned_playback (IFusionSoundBuffer *buffer)
{
FSBufferDescription desc;
BEGIN_TEST( "Positioned Playback" );
TEST(buffer->GetDescription (buffer, &desc));
TEST(playback->Start (playback, desc.length * 1/3, desc.length * 1/4));
TEST(playback->Wait (playback));
END_TEST();
}
static void
test_pitch_value (IFusionSoundBuffer *buffer)
{
int i;
BEGIN_TEST( "Pitch Value" );
TEST(playback->Start (playback, 0, -1));
for (i=500; i<1500; i++) {
TEST(playback->SetPitch (playback, i/1000.0f));
usleep (20000);
}
END_TEST();
}
static void
test_pan_value (IFusionSoundBuffer *buffer)
{
int i;
BEGIN_TEST( "Pan Value" );
TEST(playback->Start (playback, 0, 0));
for (i=0; i<150; i++) {
TEST(playback->SetPan (playback, sin (i/3.0)));
usleep (20000);
}
END_TEST();
}
static void
test_volume_level (IFusionSoundBuffer *buffer)
{
int i;
BEGIN_TEST( "Volume Level" );
TEST(playback->Start (playback, 0, 0));
for (i=0; i<150; i++) {
TEST(playback->SetVolume (playback, sin (i/3.0) / 3.0f + 0.6f ));
usleep (20000);
}
END_TEST();
}
int main(int argc, char **argv)
{
BEGIN_TEST();
/* Test generate->write->read->compute_shared with all supported curves */
for (int i = 0; i < sizeof(s2n_ecc_supported_curves) / sizeof(s2n_ecc_supported_curves[0]); i++) {
struct s2n_ecc_params server_params, client_params;
struct s2n_stuffer wire;
struct s2n_blob server_shared, client_shared, ecdh_params_sent, ecdh_params_received;
EXPECT_SUCCESS(s2n_stuffer_growable_alloc(&wire, 1024));
/* Server generates a key for a given curve */
server_params.negotiated_curve = &s2n_ecc_supported_curves[i];
EXPECT_SUCCESS(s2n_ecc_generate_ephemeral_key(&server_params));
/* Server sends the public */
EXPECT_SUCCESS(s2n_ecc_write_ecc_params(&server_params, &wire, &ecdh_params_sent));
/* Client reads the public */
struct s2n_ecdhe_raw_server_params ecdhe_data = {{0}};
EXPECT_SUCCESS(s2n_ecc_read_ecc_params(&wire, &ecdh_params_received, &ecdhe_data));
EXPECT_SUCCESS(s2n_ecc_parse_ecc_params(&client_params, &ecdhe_data));
/* The client got the curve */
EXPECT_EQUAL(client_params.negotiated_curve, server_params.negotiated_curve);
/* Client sends its public */
EXPECT_SUCCESS(s2n_ecc_compute_shared_secret_as_client(&client_params, &wire, &client_shared));
/* Server receives it */
EXPECT_SUCCESS(s2n_ecc_compute_shared_secret_as_server(&server_params, &wire, &server_shared));
/* Shared is the same for the client and the server */
EXPECT_EQUAL(client_shared.size, server_shared.size);
EXPECT_BYTEARRAY_EQUAL(client_shared.data, server_shared.data, client_shared.size);
/* Clean up */
EXPECT_SUCCESS(s2n_stuffer_free(&wire));
EXPECT_SUCCESS(s2n_free(&server_shared));
EXPECT_SUCCESS(s2n_free(&client_shared));
EXPECT_SUCCESS(s2n_ecc_params_free(&server_params));
EXPECT_SUCCESS(s2n_ecc_params_free(&client_params));
}
END_TEST();
}
static void
test_stop_continue_playback (IFusionSoundBuffer *buffer)
{
int i;
BEGIN_TEST( "Stop/Continue Playback" );
TEST(playback->Start (playback, 0, -1));
for (i=0; i<5; i++) {
usleep (500000);
TEST(playback->Stop (playback));
usleep (200000);
TEST(playback->Continue (playback));
}
END_TEST();
}
int main(int argc, char **argv)
{
unsigned char publicKey[BIKE1_L1_PUBLIC_KEY_BYTES];
unsigned char privateKey[BIKE1_L1_SECRET_KEY_BYTES];
unsigned char clientSharedSecretPlaintext[BIKE1_L1_SHARED_SECRET_BYTES];
unsigned char serverSharedSecretPlaintext[BIKE1_L1_SHARED_SECRET_BYTES];
unsigned char encryptedSecret[BIKE1_L1_CIPHERTEXT_BYTES];
BEGIN_TEST();
// BIKE is not supported in FIPS mode
if (s2n_is_in_fips_mode()) {
END_TEST();
}
EXPECT_SUCCESS(BIKE1_L1_crypto_kem_keypair(publicKey, privateKey));
EXPECT_SUCCESS(BIKE1_L1_crypto_kem_enc(encryptedSecret, clientSharedSecretPlaintext, publicKey));
EXPECT_SUCCESS(BIKE1_L1_crypto_kem_dec(serverSharedSecretPlaintext, encryptedSecret, privateKey));
EXPECT_BYTEARRAY_EQUAL(serverSharedSecretPlaintext, clientSharedSecretPlaintext, BIKE1_L1_SHARED_SECRET_BYTES);
END_TEST();
}
int main(int argc, char **argv)
{
struct s2n_timer timer;
uint64_t nanoseconds;
BEGIN_TEST();
/* First: Perform some tests using the real clock */
EXPECT_SUCCESS(s2n_timer_start(&timer));
EXPECT_SUCCESS(s2n_timer_reset(&timer, &nanoseconds));
EXPECT_TRUE(nanoseconds < 1000000000);
EXPECT_SUCCESS(s2n_timer_elapsed(&timer, &nanoseconds));
EXPECT_TRUE(nanoseconds < 1000000000);
EXPECT_SUCCESS(sleep(1));
EXPECT_SUCCESS(s2n_timer_reset(&timer, &nanoseconds));
EXPECT_TRUE(nanoseconds > 1000000000);
EXPECT_TRUE(nanoseconds < 2000000000);
EXPECT_SUCCESS(sleep(1));
EXPECT_SUCCESS(s2n_timer_elapsed(&timer, &nanoseconds));
EXPECT_TRUE(nanoseconds > 1000000000);
EXPECT_TRUE(nanoseconds < 2000000000);
#if !defined(__APPLE__) || !defined(__MACH__)
/* Next: perform some tests around timespec boundaries */
/* Pretend that there were 999,999,999 nanoseconds elapsed in the
* previously measured instant. Keep reseting the timer until
* the second progresses from that instant, and there are also
* less than 999,999,999 nanoseconds elapsed.
*
* This sets up a situation in which the tv_sec field causes time
* to move "forwards", and tv_nsec causes it to move backwards.
* e.g.
*
* previous_time = 10
*
* timer.time.tv_sec = 11
* timer.time.tv_nsec = 123456789;
*
* delta will be:
* (11 - 10) * 1000000000
* + (123456789 - 999999999)
*
* = 123456790 (same as 1 + 123456789)
*/
time_t previous_time;
do {
previous_time = timer.time.tv_sec;
timer.time.tv_nsec = 999999999;
EXPECT_SUCCESS(s2n_timer_reset(&timer, &nanoseconds));
}
while(previous_time != (timer.time.tv_sec - 1) || timer.time.tv_nsec == 999999999);
EXPECT_TRUE(nanoseconds < 1000000000);
EXPECT_TRUE(nanoseconds == 1 + timer.time.tv_nsec);
/* Now we perform the oppossite test: make sure that the previous value for
* nsec is smaller than the later one */
do {
previous_time = timer.time.tv_sec;
timer.time.tv_nsec = 0;
EXPECT_SUCCESS(s2n_timer_reset(&timer, &nanoseconds));
}
while(previous_time != (timer.time.tv_sec - 1) || timer.time.tv_nsec == 0);
EXPECT_TRUE(nanoseconds > 1000000000);
EXPECT_TRUE(nanoseconds < 2000000000);
EXPECT_TRUE(nanoseconds == 1000000000 + timer.time.tv_nsec);
#endif
END_TEST();
}
int main(int argc, char **argv)
{
struct s2n_connection *conn;
struct s2n_config *config;
s2n_blocked_status blocked;
int status;
pid_t pid;
int server_to_client[2];
int client_to_server[2];
BEGIN_TEST();
EXPECT_SUCCESS(setenv("S2N_ENABLE_CLIENT_MODE", "1", 0));
for (int cert = 0; cert < SUPPORTED_CERTIFICATE_FORMATS; cert++) {
for (int is_dh_key_exchange = 0; is_dh_key_exchange <= 1; is_dh_key_exchange++) {
/* Create a pipe */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
/* Create a child process */
pid = fork();
if (pid == 0) {
/* This is the child process, close the read end of the pipe */
EXPECT_SUCCESS(close(client_to_server[0]));
EXPECT_SUCCESS(close(server_to_client[1]));
/* Write the fragmented hello message */
mock_client(client_to_server[1], server_to_client[0]);
}
/* This is the parent */
EXPECT_SUCCESS(close(client_to_server[1]));
EXPECT_SUCCESS(close(server_to_client[0]));
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
conn->server_protocol_version = S2N_TLS12;
conn->client_protocol_version = S2N_TLS12;
conn->actual_protocol_version = S2N_TLS12;
EXPECT_NOT_NULL(config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(config, certificates[cert], private_keys[cert]));
if (is_dh_key_exchange) {
EXPECT_SUCCESS(s2n_config_add_dhparams(config, dhparams));
}
EXPECT_SUCCESS(s2n_connection_set_config(conn, config));
/* Set up the connection to read from the fd */
EXPECT_SUCCESS(s2n_connection_set_read_fd(conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(conn, server_to_client[1]));
/* Negotiate the handshake. */
EXPECT_SUCCESS(s2n_negotiate(conn, &blocked));
char buffer[0xffff];
for (int i = 1; i < 0xffff; i += 100) {
char * ptr = buffer;
int size = i;
do {
int bytes_read = 0;
EXPECT_SUCCESS(bytes_read = s2n_recv(conn, ptr, size, &blocked));
size -= bytes_read;
ptr += bytes_read;
} while(size);
for (int j = 0; j < i; j++) {
EXPECT_EQUAL(buffer[j], 33);
}
}
int shutdown_rc = -1;
do {
shutdown_rc = s2n_shutdown(conn, &blocked);
EXPECT_TRUE(shutdown_rc == 0 || (errno == EAGAIN && blocked));
} while(shutdown_rc != 0);
EXPECT_SUCCESS(s2n_connection_free(conn));
EXPECT_SUCCESS(s2n_config_free(config));
/* Clean up */
EXPECT_EQUAL(waitpid(-1, &status, 0), pid);
EXPECT_EQUAL(status, 0);
}
}
END_TEST();
return 0;
}
int main(int argc, char **argv)
{
struct s2n_config *server_config;
struct s2n_cipher_preferences *default_cipher_preferences;
BEGIN_TEST();
EXPECT_SUCCESS(setenv("S2N_ENABLE_CLIENT_MODE", "1", 0));
EXPECT_SUCCESS(setenv("S2N_DONT_MLOCK", "1", 0));
EXPECT_SUCCESS(s2n_init());
EXPECT_NOT_NULL(server_config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(server_config, certificate, private_key));
EXPECT_SUCCESS(s2n_config_add_dhparams(server_config, dhparams));
EXPECT_NOT_NULL(default_cipher_preferences = server_config->cipher_preferences);
/* Verify that a handshake succeeds for every cipher in the default list. */
for (int cipher_idx = 0; cipher_idx < default_cipher_preferences->count; cipher_idx++) {
struct s2n_cipher_preferences server_cipher_preferences;
struct s2n_connection *client_conn;
struct s2n_connection *server_conn;
int client_more;
int server_more;
int server_to_client[2];
int client_to_server[2];
/* Craft a cipher preference with a cipher_idx cipher
NOTE: Its safe to use memcpy as the address of server_cipher_preferences
will never be NULL */
memcpy(&server_cipher_preferences, default_cipher_preferences, sizeof(server_cipher_preferences));
server_cipher_preferences.count = 1;
server_cipher_preferences.wire_format = default_cipher_preferences->wire_format + cipher_idx * S2N_TLS_CIPHER_SUITE_LEN;
server_config->cipher_preferences = &server_cipher_preferences;
/* Create nonblocking pipes */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
for (int i = 0; i < 2; i++) {
EXPECT_NOT_EQUAL(fcntl(server_to_client[i], F_SETFL, fcntl(server_to_client[i], F_GETFL) | O_NONBLOCK), -1);
EXPECT_NOT_EQUAL(fcntl(client_to_server[i], F_SETFL, fcntl(client_to_server[i], F_GETFL) | O_NONBLOCK), -1);
}
EXPECT_NOT_NULL(client_conn = s2n_connection_new(S2N_CLIENT));
EXPECT_SUCCESS(s2n_connection_set_read_fd(client_conn, server_to_client[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(client_conn, client_to_server[1]));
EXPECT_NOT_NULL(server_conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_read_fd(server_conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(server_conn, server_to_client[1]));
EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config));
do {
int ret;
ret = s2n_negotiate(client_conn, &client_more);
EXPECT_TRUE(ret == 0 || (client_more && errno == EAGAIN));
ret = s2n_negotiate(server_conn, &server_more);
EXPECT_TRUE(ret == 0 || (server_more && errno == EAGAIN));
} while (client_more || server_more);
EXPECT_SUCCESS(s2n_shutdown(client_conn, &client_more));
EXPECT_SUCCESS(s2n_connection_free(client_conn));
EXPECT_SUCCESS(s2n_shutdown(server_conn, &server_more));
EXPECT_SUCCESS(s2n_connection_free(server_conn));
for (int i = 0; i < 2; i++) {
EXPECT_SUCCESS(close(server_to_client[i]));
EXPECT_SUCCESS(close(client_to_server[i]));
}
}
EXPECT_SUCCESS(s2n_config_free(server_config));
END_TEST();
return 0;
}
int main(int argc, char **argv)
{
BEGIN_TEST();
EXPECT_SUCCESS(setenv("S2N_ENABLE_CLIENT_MODE", "1", 0));
EXPECT_SUCCESS(setenv("S2N_DONT_MLOCK", "1", 0));
EXPECT_SUCCESS(s2n_init());
/* Client doens't use the server name extension. */
{
struct s2n_connection *client_conn;
struct s2n_connection *server_conn;
struct s2n_config *server_config;
s2n_blocked_status client_blocked;
s2n_blocked_status server_blocked;
int server_to_client[2];
int client_to_server[2];
/* Create nonblocking pipes */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
for (int i = 0; i < 2; i++) {
EXPECT_NOT_EQUAL(fcntl(server_to_client[i], F_SETFL, fcntl(server_to_client[i], F_GETFL) | O_NONBLOCK), -1);
EXPECT_NOT_EQUAL(fcntl(client_to_server[i], F_SETFL, fcntl(client_to_server[i], F_GETFL) | O_NONBLOCK), -1);
}
EXPECT_NOT_NULL(client_conn = s2n_connection_new(S2N_CLIENT));
EXPECT_SUCCESS(s2n_connection_set_read_fd(client_conn, server_to_client[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(client_conn, client_to_server[1]));
EXPECT_NOT_NULL(server_conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_read_fd(server_conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(server_conn, server_to_client[1]));
EXPECT_NOT_NULL(server_config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(server_config, certificate, private_key));
EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config));
do {
int ret;
ret = s2n_negotiate(client_conn, &client_blocked);
EXPECT_TRUE(ret == 0 || (client_blocked && errno == EAGAIN));
ret = s2n_negotiate(server_conn, &server_blocked);
EXPECT_TRUE(ret == 0 || (server_blocked && errno == EAGAIN));
} while (client_blocked || server_blocked);
/* Verify that the server didn't receive the server name. */
EXPECT_NULL(s2n_get_server_name(server_conn));
EXPECT_SUCCESS(s2n_shutdown(client_conn, &client_blocked));
EXPECT_SUCCESS(s2n_connection_free(client_conn));
EXPECT_SUCCESS(s2n_shutdown(server_conn, &server_blocked));
EXPECT_SUCCESS(s2n_connection_free(server_conn));
EXPECT_SUCCESS(s2n_config_free(server_config));
for (int i = 0; i < 2; i++) {
EXPECT_SUCCESS(close(server_to_client[i]));
EXPECT_SUCCESS(close(client_to_server[i]));
}
}
/* Client uses the server name extension. */
{
struct s2n_connection *client_conn;
struct s2n_connection *server_conn;
struct s2n_config *server_config;
s2n_blocked_status client_blocked;
s2n_blocked_status server_blocked;
int server_to_client[2];
int client_to_server[2];
const char *sent_server_name = "awesome.amazonaws.com";
const char *received_server_name;
/* Create nonblocking pipes */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
for (int i = 0; i < 2; i++) {
EXPECT_NOT_EQUAL(fcntl(server_to_client[i], F_SETFL, fcntl(server_to_client[i], F_GETFL) | O_NONBLOCK), -1);
EXPECT_NOT_EQUAL(fcntl(client_to_server[i], F_SETFL, fcntl(client_to_server[i], F_GETFL) | O_NONBLOCK), -1);
}
EXPECT_NOT_NULL(client_conn = s2n_connection_new(S2N_CLIENT));
EXPECT_SUCCESS(s2n_connection_set_read_fd(client_conn, server_to_client[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(client_conn, client_to_server[1]));
/* Set the server name */
EXPECT_SUCCESS(s2n_set_server_name(client_conn, sent_server_name));
EXPECT_NOT_NULL(server_conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_read_fd(server_conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(server_conn, server_to_client[1]));
EXPECT_NOT_NULL(server_config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(server_config, certificate, private_key));
EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config));
do {
int ret;
ret = s2n_negotiate(client_conn, &client_blocked);
EXPECT_TRUE(ret == 0 || (client_blocked && errno == EAGAIN));
ret = s2n_negotiate(server_conn, &server_blocked);
EXPECT_TRUE(ret == 0 || (server_blocked && errno == EAGAIN));
} while (client_blocked || server_blocked);
/* Verify that the server name was received intact. */
EXPECT_NOT_NULL(received_server_name = s2n_get_server_name(server_conn));
EXPECT_EQUAL(strlen(received_server_name), strlen(sent_server_name));
EXPECT_BYTEARRAY_EQUAL(received_server_name, sent_server_name, strlen(received_server_name));
EXPECT_SUCCESS(s2n_shutdown(client_conn, &client_blocked));
EXPECT_SUCCESS(s2n_connection_free(client_conn));
EXPECT_SUCCESS(s2n_shutdown(server_conn, &server_blocked));
EXPECT_SUCCESS(s2n_connection_free(server_conn));
EXPECT_SUCCESS(s2n_config_free(server_config));
for (int i = 0; i < 2; i++) {
EXPECT_SUCCESS(close(server_to_client[i]));
EXPECT_SUCCESS(close(client_to_server[i]));
}
}
/* Client sends multiple server names. */
{
struct s2n_connection *server_conn;
struct s2n_config *server_config;
s2n_blocked_status server_blocked;
int server_to_client[2];
int client_to_server[2];
const char *sent_server_name = "svr";
const char *received_server_name;
uint8_t client_extensions[] = {
/* Extension type TLS_EXTENSION_SERVER_NAME */
0x00, 0x00,
/* Extension size */
0x00, 0x0C,
/* All server names len */
0x00, 0x0A,
/* First server name type - host name */
0x00,
/* First server name len */
0x00, 0x03,
/* First server name, matches sent_server_name */
's', 'v', 'r',
/* Second server name type - host name */
0x00,
/* Second server name len */
0x00, 0x01,
/* Second server name */
0xFF,
};
int client_extensions_len = sizeof(client_extensions);
uint8_t client_hello_message[] = {
/* Protocol version TLS 1.2 */
0x03, 0x03,
/* Client random */
ZERO_TO_THIRTY_ONE,
/* SessionID len - 32 bytes */
0x20,
/* Session ID */
ZERO_TO_THIRTY_ONE,
/* Cipher suites len */
0x00, 0x02,
/* Cipher suite - TLS_RSA_WITH_AES_128_CBC_SHA256 */
0x00, 0x3C,
/* Compression methods len */
0x01,
/* Compression method - none */
0x00,
/* Extensions len */
(client_extensions_len >> 8) & 0xff, (client_extensions_len & 0xff),
};
int body_len = sizeof(client_hello_message) + client_extensions_len;
uint8_t message_header[] = {
/* Handshake message type CLIENT HELLO */
0x01,
/* Body len */
(body_len >> 16) & 0xff, (body_len >> 8) & 0xff, (body_len & 0xff),
};
int message_len = sizeof(message_header) + body_len;
uint8_t record_header[] = {
/* Record type HANDSHAKE */
0x16,
/* Protocol version TLS 1.2 */
0x03, 0x03,
/* Message len */
(message_len >> 8) & 0xff, (message_len & 0xff),
};
/* Create nonblocking pipes */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
for (int i = 0; i < 2; i++) {
EXPECT_NOT_EQUAL(fcntl(server_to_client[i], F_SETFL, fcntl(server_to_client[i], F_GETFL) | O_NONBLOCK), -1);
EXPECT_NOT_EQUAL(fcntl(client_to_server[i], F_SETFL, fcntl(client_to_server[i], F_GETFL) | O_NONBLOCK), -1);
}
EXPECT_NOT_NULL(server_conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_read_fd(server_conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(server_conn, server_to_client[1]));
EXPECT_NOT_NULL(server_config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(server_config, certificate, private_key));
EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config));
/* Send the client hello */
EXPECT_EQUAL(write(client_to_server[1], record_header, sizeof(record_header)), sizeof(record_header));
EXPECT_EQUAL(write(client_to_server[1], message_header, sizeof(message_header)), sizeof(message_header));
EXPECT_EQUAL(write(client_to_server[1], client_hello_message, sizeof(client_hello_message)), sizeof(client_hello_message));
EXPECT_EQUAL(write(client_to_server[1], client_extensions, sizeof(client_extensions)), sizeof(client_extensions));
/* Verify that the CLIENT HELLO is accepted */
s2n_negotiate(server_conn, &server_blocked);
EXPECT_EQUAL(server_blocked, 1);
EXPECT_EQUAL(server_conn->handshake.state, CLIENT_KEY);
/* Verify that the server name was received intact. */
EXPECT_NOT_NULL(received_server_name = s2n_get_server_name(server_conn));
EXPECT_EQUAL(strlen(received_server_name), strlen(sent_server_name));
EXPECT_BYTEARRAY_EQUAL(received_server_name, sent_server_name, strlen(received_server_name));
EXPECT_SUCCESS(s2n_shutdown(server_conn, &server_blocked));
EXPECT_SUCCESS(s2n_connection_free(server_conn));
EXPECT_SUCCESS(s2n_config_free(server_config));
for (int i = 0; i < 2; i++) {
EXPECT_SUCCESS(close(server_to_client[i]));
EXPECT_SUCCESS(close(client_to_server[i]));
}
}
/* Client doesn't use the OCSP extension. */
{
struct s2n_connection *client_conn;
struct s2n_connection *server_conn;
struct s2n_config *server_config;
s2n_blocked_status client_blocked;
s2n_blocked_status server_blocked;
int server_to_client[2];
int client_to_server[2];
uint32_t length;
/* Create nonblocking pipes */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
for (int i = 0; i < 2; i++) {
EXPECT_NOT_EQUAL(fcntl(server_to_client[i], F_SETFL, fcntl(server_to_client[i], F_GETFL) | O_NONBLOCK), -1);
EXPECT_NOT_EQUAL(fcntl(client_to_server[i], F_SETFL, fcntl(client_to_server[i], F_GETFL) | O_NONBLOCK), -1);
}
EXPECT_NOT_NULL(client_conn = s2n_connection_new(S2N_CLIENT));
EXPECT_SUCCESS(s2n_connection_set_read_fd(client_conn, server_to_client[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(client_conn, client_to_server[1]));
EXPECT_NOT_NULL(server_conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_read_fd(server_conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(server_conn, server_to_client[1]));
EXPECT_NOT_NULL(server_config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key_with_status(server_config, certificate, private_key, server_ocsp_status, sizeof(server_ocsp_status)));
EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config));
do {
int ret;
ret = s2n_negotiate(client_conn, &client_blocked);
EXPECT_TRUE(ret == 0 || client_blocked);
ret = s2n_negotiate(server_conn, &server_blocked);
EXPECT_TRUE(ret == 0 || server_blocked);
} while (client_blocked || server_blocked);
/* Verify that the client didn't receive an OCSP response. */
EXPECT_NULL(s2n_connection_get_ocsp_response(client_conn, &length));
EXPECT_EQUAL(length, 0);
EXPECT_SUCCESS(s2n_shutdown(client_conn, &client_blocked));
EXPECT_SUCCESS(s2n_connection_free(client_conn));
EXPECT_SUCCESS(s2n_shutdown(server_conn, &server_blocked));
EXPECT_SUCCESS(s2n_connection_free(server_conn));
EXPECT_SUCCESS(s2n_config_free(server_config));
for (int i = 0; i < 2; i++) {
EXPECT_SUCCESS(close(server_to_client[i]));
EXPECT_SUCCESS(close(client_to_server[i]));
}
}
/* Server doesn't support the OCSP extension. */
{
struct s2n_connection *client_conn;
struct s2n_connection *server_conn;
struct s2n_config *server_config;
struct s2n_config *client_config;
s2n_blocked_status client_blocked;
s2n_blocked_status server_blocked;
int server_to_client[2];
int client_to_server[2];
uint32_t length;
/* Create nonblocking pipes */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
for (int i = 0; i < 2; i++) {
EXPECT_NOT_EQUAL(fcntl(server_to_client[i], F_SETFL, fcntl(server_to_client[i], F_GETFL) | O_NONBLOCK), -1);
EXPECT_NOT_EQUAL(fcntl(client_to_server[i], F_SETFL, fcntl(client_to_server[i], F_GETFL) | O_NONBLOCK), -1);
}
EXPECT_NOT_NULL(client_conn = s2n_connection_new(S2N_CLIENT));
EXPECT_SUCCESS(s2n_connection_set_read_fd(client_conn, server_to_client[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(client_conn, client_to_server[1]));
EXPECT_NOT_NULL(client_config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_set_status_request_type(client_config, S2N_STATUS_REQUEST_OCSP));
EXPECT_SUCCESS(s2n_connection_set_config(client_conn, client_config));
EXPECT_NOT_NULL(server_conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_read_fd(server_conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(server_conn, server_to_client[1]));
EXPECT_NOT_NULL(server_config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(server_config, certificate, private_key));
EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config));
do {
int ret;
ret = s2n_negotiate(client_conn, &client_blocked);
EXPECT_TRUE(ret == 0 || client_blocked);
ret = s2n_negotiate(server_conn, &server_blocked);
EXPECT_TRUE(ret == 0 || server_blocked);
} while (client_blocked || server_blocked);
/* Verify that the client didn't receive an OCSP response. */
EXPECT_NULL(s2n_connection_get_ocsp_response(client_conn, &length));
EXPECT_EQUAL(length, 0);
EXPECT_SUCCESS(s2n_shutdown(client_conn, &client_blocked));
EXPECT_SUCCESS(s2n_connection_free(client_conn));
EXPECT_SUCCESS(s2n_shutdown(server_conn, &server_blocked));
EXPECT_SUCCESS(s2n_connection_free(server_conn));
EXPECT_SUCCESS(s2n_config_free(server_config));
EXPECT_SUCCESS(s2n_config_free(client_config));
for (int i = 0; i < 2; i++) {
EXPECT_SUCCESS(close(server_to_client[i]));
EXPECT_SUCCESS(close(client_to_server[i]));
}
}
/* Server and client support the OCSP extension. */
{
struct s2n_connection *client_conn;
struct s2n_connection *server_conn;
struct s2n_config *server_config;
struct s2n_config *client_config;
s2n_blocked_status client_blocked;
s2n_blocked_status server_blocked;
int server_to_client[2];
int client_to_server[2];
uint32_t length;
/* Create nonblocking pipes */
EXPECT_SUCCESS(pipe(server_to_client));
EXPECT_SUCCESS(pipe(client_to_server));
for (int i = 0; i < 2; i++) {
EXPECT_NOT_EQUAL(fcntl(server_to_client[i], F_SETFL, fcntl(server_to_client[i], F_GETFL) | O_NONBLOCK), -1);
EXPECT_NOT_EQUAL(fcntl(client_to_server[i], F_SETFL, fcntl(client_to_server[i], F_GETFL) | O_NONBLOCK), -1);
}
EXPECT_NOT_NULL(client_conn = s2n_connection_new(S2N_CLIENT));
EXPECT_SUCCESS(s2n_connection_set_read_fd(client_conn, server_to_client[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(client_conn, client_to_server[1]));
EXPECT_NOT_NULL(client_config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_set_status_request_type(client_config, S2N_STATUS_REQUEST_OCSP));
EXPECT_SUCCESS(s2n_connection_set_config(client_conn, client_config));
EXPECT_NOT_NULL(server_conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_connection_set_read_fd(server_conn, client_to_server[0]));
EXPECT_SUCCESS(s2n_connection_set_write_fd(server_conn, server_to_client[1]));
EXPECT_NOT_NULL(server_config = s2n_config_new());
EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key_with_status(server_config, certificate, private_key, server_ocsp_status, sizeof(server_ocsp_status)));
EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config));
do {
int ret;
ret = s2n_negotiate(client_conn, &client_blocked);
EXPECT_TRUE(ret == 0 || client_blocked);
ret = s2n_negotiate(server_conn, &server_blocked);
EXPECT_TRUE(ret == 0 || server_blocked);
} while (client_blocked || server_blocked);
/* Verify that the client didn't receive an OCSP response. */
EXPECT_NULL(s2n_connection_get_ocsp_response(client_conn, &length));
EXPECT_EQUAL(length, 0);
EXPECT_SUCCESS(s2n_shutdown(client_conn, &client_blocked));
EXPECT_SUCCESS(s2n_connection_free(client_conn));
EXPECT_SUCCESS(s2n_shutdown(server_conn, &server_blocked));
EXPECT_SUCCESS(s2n_connection_free(server_conn));
EXPECT_SUCCESS(s2n_config_free(server_config));
EXPECT_SUCCESS(s2n_config_free(client_config));
for (int i = 0; i < 2; i++) {
EXPECT_SUCCESS(close(server_to_client[i]));
EXPECT_SUCCESS(close(client_to_server[i]));
}
}
END_TEST();
return 0;
}
int main(int argc, char **argv)
{
struct s2n_connection *conn;
uint8_t random_data[S2N_DEFAULT_FRAGMENT_LENGTH + 1];
uint8_t mac_key[] = "sample mac key";
uint8_t aes128_key[] = "123456789012345";
uint8_t aes256_key[] = "1234567890123456789012345678901";
struct s2n_blob aes128 = {.data = aes128_key,.size = sizeof(aes128_key) };
struct s2n_blob aes256 = {.data = aes256_key,.size = sizeof(aes256_key) };
struct s2n_blob r = {.data = random_data, .size = sizeof(random_data)};
BEGIN_TEST();
EXPECT_SUCCESS(s2n_init());
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_get_urandom_data(&r));
/* Peer and we are in sync */
conn->server = &conn->active;
conn->client = &conn->active;
/* test the AES128 cipher with a SHA1 hash */
conn->active.cipher_suite->cipher = &s2n_aes128_gcm;
conn->active.cipher_suite->hmac_alg = S2N_HMAC_SHA1;
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->get_encryption_key(&conn->active.server_key, &aes128));
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->get_decryption_key(&conn->active.client_key, &aes128));
EXPECT_SUCCESS(s2n_hmac_init(&conn->active.client_record_mac, S2N_HMAC_SHA1, mac_key, sizeof(mac_key)));
EXPECT_SUCCESS(s2n_hmac_init(&conn->active.server_record_mac, S2N_HMAC_SHA1, mac_key, sizeof(mac_key)));
conn->actual_protocol_version = S2N_TLS12;
int max_fragment = S2N_DEFAULT_FRAGMENT_LENGTH;
for (int i = 0; i <= max_fragment + 1; i++) {
struct s2n_blob in = {.data = random_data,.size = i };
int bytes_written;
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->out));
EXPECT_SUCCESS(bytes_written = s2n_record_write(conn, TLS_APPLICATION_DATA, &in));
static const int overhead = 20 /* TLS header */
+ 8 /* IV */
+ 16; /* TAG */
if (i < max_fragment - overhead) {
EXPECT_EQUAL(bytes_written, i);
} else {
EXPECT_EQUAL(bytes_written, max_fragment - overhead);
}
uint16_t predicted_length = bytes_written + 20;
predicted_length += conn->active.cipher_suite->cipher->io.aead.record_iv_size;
predicted_length += conn->active.cipher_suite->cipher->io.aead.tag_size;
EXPECT_EQUAL(conn->out.blob.data[0], TLS_APPLICATION_DATA);
EXPECT_EQUAL(conn->out.blob.data[1], 3);
EXPECT_EQUAL(conn->out.blob.data[2], 3);
EXPECT_EQUAL(conn->out.blob.data[3], (predicted_length >> 8) & 0xff);
EXPECT_EQUAL(conn->out.blob.data[4], predicted_length & 0xff);
/* The data should be encrypted */
if (bytes_written > 10) {
EXPECT_NOT_EQUAL(memcmp(conn->out.blob.data + 5, random_data, bytes_written), 0);
}
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)));
/* Let's decrypt it */
uint8_t content_type;
uint16_t fragment_length;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_SUCCESS(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_EQUAL(fragment_length, predicted_length);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
/* Now lets corrupt some data and ensure the tests pass */
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_reread(&conn->out));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)));
/* Tamper the protocol version in the header, and ensure decryption fails, as we use this in the AAD */
conn->in.blob.data[2] = 2;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_FAILURE(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
/* Tamper with the IV and ensure decryption fails */
for (int j = 0; j < S2N_TLS_GCM_IV_LEN; j++) {
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_reread(&conn->out));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)));
conn->in.blob.data[5 + j] ++;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_FAILURE(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
}
/* Tamper with the TAG and ensure decryption fails */
for (int j = 0; j < S2N_TLS_GCM_TAG_LEN; j++) {
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_reread(&conn->out));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)));
conn->in.blob.data[conn->in.blob.size - j - 1] ++;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_FAILURE(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
}
/* Tamper w ith the cipher text and ensure decryption fails */
for (int j = S2N_TLS_GCM_IV_LEN; j < conn->in.blob.size - S2N_TLS_GCM_TAG_LEN; j++) {
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_reread(&conn->out));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)));
conn->in.blob.data[5 + j] ++;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_FAILURE(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
}
}
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->destroy_key(&conn->active.server_key));
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->destroy_key(&conn->active.client_key));
EXPECT_SUCCESS(s2n_connection_free(conn));
/* test the AES256 cipher with a SHA1 hash */
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
conn->active.cipher_suite->cipher = &s2n_aes256_gcm;
conn->active.cipher_suite->hmac_alg = S2N_HMAC_SHA1;
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->get_encryption_key(&conn->active.server_key, &aes256));
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->get_decryption_key(&conn->active.client_key, &aes256));
EXPECT_SUCCESS(s2n_hmac_init(&conn->active.client_record_mac, S2N_HMAC_SHA1, mac_key, sizeof(mac_key)));
EXPECT_SUCCESS(s2n_hmac_init(&conn->active.server_record_mac, S2N_HMAC_SHA1, mac_key, sizeof(mac_key)));
conn->actual_protocol_version = S2N_TLS12;
for (int i = 0; i <= max_fragment + 1; i++) {
struct s2n_blob in = {.data = random_data,.size = i };
int bytes_written;
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->out));
EXPECT_SUCCESS(bytes_written = s2n_record_write(conn, TLS_APPLICATION_DATA, &in));
static const int overhead = 20 /* TLS header */
+ 8 /* IV */
+ 16; /* TAG */
if (i < max_fragment - overhead) {
EXPECT_EQUAL(bytes_written, i);
} else {
EXPECT_EQUAL(bytes_written, max_fragment - overhead);
}
uint16_t predicted_length = bytes_written + 20;
predicted_length += conn->active.cipher_suite->cipher->io.aead.record_iv_size;
predicted_length += conn->active.cipher_suite->cipher->io.aead.tag_size;
EXPECT_EQUAL(conn->out.blob.data[0], TLS_APPLICATION_DATA);
EXPECT_EQUAL(conn->out.blob.data[1], 3);
EXPECT_EQUAL(conn->out.blob.data[2], 3);
EXPECT_EQUAL(conn->out.blob.data[3], (predicted_length >> 8) & 0xff);
EXPECT_EQUAL(conn->out.blob.data[4], predicted_length & 0xff);
/* The data should be encrypted */
if (bytes_written > 10) {
EXPECT_NOT_EQUAL(memcmp(conn->out.blob.data + 5, random_data, bytes_written), 0);
}
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)));
/* Let's decrypt it */
uint8_t content_type;
uint16_t fragment_length;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_SUCCESS(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_EQUAL(fragment_length, predicted_length);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
/* Now lets corrupt some data and ensure the tests pass */
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_reread(&conn->out));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)));
/* Tamper the protocol version in the header, and ensure decryption fails, as we use this in the AAD */
conn->in.blob.data[2] = 2;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_FAILURE(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
/* Tamper with the IV and ensure decryption fails */
for (int j = 0; j < S2N_TLS_GCM_IV_LEN; j++) {
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_reread(&conn->out));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)));
conn->in.blob.data[5 + j] ++;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_FAILURE(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
}
/* Tamper with the TAG and ensure decryption fails */
for (int j = 0; j < S2N_TLS_GCM_TAG_LEN; j++) {
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_reread(&conn->out));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)));
conn->in.blob.data[conn->in.blob.size - j - 1] ++;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_FAILURE(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
}
/* Tamper w ith the cipher text and ensure decryption fails */
for (int j = S2N_TLS_GCM_IV_LEN; j < conn->in.blob.size - S2N_TLS_GCM_TAG_LEN; j++) {
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_reread(&conn->out));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)));
conn->in.blob.data[5 + j] ++;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_FAILURE(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
}
}
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->destroy_key(&conn->active.server_key));
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->destroy_key(&conn->active.client_key));
EXPECT_SUCCESS(s2n_connection_free(conn));
END_TEST();
}
int check_cc_ccache_iterator_next(void) {
cc_int32 err = 0;
cc_context_t context = NULL;
cc_ccache_t ccache = NULL;
cc_ccache_iterator_t iterator = NULL;
unsigned int i;
BEGIN_TEST("cc_ccache_iterator_next");
err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
if (!err) {
err = destroy_all_ccaches(context);
}
// iterate with no ccaches
if (!err) {
err = cc_context_new_ccache_iterator(context, &iterator);
}
check_once_cc_ccache_iterator_next(iterator, 0, ccNoError, "iterating over an empty collection");
if (iterator) {
cc_ccache_iterator_release(iterator);
iterator = NULL;
}
// iterate with one ccache
if (!err) {
destroy_all_ccaches(context);
err = cc_context_create_new_ccache(context, cc_credentials_v5, "*****@*****.**", &ccache);
}
if (ccache) {
cc_ccache_release(ccache);
ccache = NULL;
}
if (!err) {
err = cc_context_new_ccache_iterator(context, &iterator);
}
check_once_cc_ccache_iterator_next(iterator, 1, ccNoError, "iterating over a collection of 1 ccache");
if (iterator) {
cc_ccache_iterator_release(iterator);
iterator = NULL;
}
// iterate with several ccaches
if (!err) {
destroy_all_ccaches(context);
}
for(i = 0; !err && (i < 1000); i++)
{
if (i%100 == 0) fprintf(stdout, ".");
err = cc_context_create_new_ccache(context, cc_credentials_v5, "*****@*****.**", &ccache);
if (ccache) {
cc_ccache_release(ccache);
ccache = NULL;
}
}
if (!err) {
err = cc_context_new_ccache_iterator(context, &iterator);
}
check_once_cc_ccache_iterator_next(iterator, 1000, ccNoError, "iterating over a collection of 1000 ccache");
if (iterator) {
cc_ccache_iterator_release(iterator);
iterator = NULL;
}
if (ccache) { cc_ccache_release(ccache); }
if (iterator) { cc_ccache_iterator_release(iterator); }
if (context) {
destroy_all_ccaches(context);
cc_context_release(context);
}
END_TEST_AND_RETURN
}
int main(int argc, char **argv)
{
struct s2n_connection *conn;
uint8_t mac_key[] = "sample mac key";
uint8_t rc4_key[] = "123456789012345";
struct s2n_blob key_iv = {.data = rc4_key,.size = sizeof(rc4_key) };
uint8_t random_data[S2N_SMALL_FRAGMENT_LENGTH + 1];
struct s2n_blob r = {.data = random_data, .size = sizeof(random_data)};
BEGIN_TEST();
EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
EXPECT_SUCCESS(s2n_get_urandom_data(&r));
/* Peer and we are in sync */
conn->server = &conn->active;
/* test the RC4 cipher with a SHA1 hash */
conn->active.cipher_suite->cipher = &s2n_rc4;
conn->active.cipher_suite->hmac_alg = S2N_HMAC_SHA1;
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->init(&conn->active.server_key));
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->init(&conn->active.client_key));
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->get_decryption_key(&conn->active.client_key, &key_iv));
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->get_encryption_key(&conn->active.server_key, &key_iv));
EXPECT_SUCCESS(s2n_hmac_init(&conn->active.client_record_mac, S2N_HMAC_SHA1, mac_key, sizeof(mac_key)));
EXPECT_SUCCESS(s2n_hmac_init(&conn->active.server_record_mac, S2N_HMAC_SHA1, mac_key, sizeof(mac_key)));
conn->actual_protocol_version = S2N_TLS11;
for (int i = 0; i <= S2N_SMALL_FRAGMENT_LENGTH + 1; i++) {
struct s2n_blob in = {.data = random_data,.size = i };
int bytes_written;
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->out));
EXPECT_SUCCESS(bytes_written = s2n_record_write(conn, TLS_APPLICATION_DATA, &in));
if (i <= S2N_SMALL_FRAGMENT_LENGTH - 20) {
EXPECT_EQUAL(bytes_written, i);
} else {
EXPECT_EQUAL(bytes_written, S2N_SMALL_FRAGMENT_LENGTH - 20);
}
uint16_t predicted_length = bytes_written + 20;
EXPECT_EQUAL(conn->out.blob.data[0], TLS_APPLICATION_DATA);
EXPECT_EQUAL(conn->out.blob.data[1], 3);
EXPECT_EQUAL(conn->out.blob.data[2], 2);
EXPECT_EQUAL(conn->out.blob.data[3], (predicted_length >> 8) & 0xff);
EXPECT_EQUAL(conn->out.blob.data[4], predicted_length & 0xff);
/* The data should be encrypted */
if (bytes_written > 10) {
EXPECT_NOT_EQUAL(memcmp(conn->out.blob.data + 5, random_data, bytes_written), 0);
}
/* Copy the encrypted out data to the in data */
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->header_in, 5))
EXPECT_SUCCESS(s2n_stuffer_copy(&conn->out, &conn->in, s2n_stuffer_data_available(&conn->out)))
/* Check that the data looks right */
EXPECT_EQUAL(bytes_written + 20, s2n_stuffer_data_available(&conn->in));
/* Let's decrypt it */
uint8_t content_type;
uint16_t fragment_length;
EXPECT_SUCCESS(s2n_record_header_parse(conn, &content_type, &fragment_length));
EXPECT_SUCCESS(s2n_record_parse(conn));
EXPECT_EQUAL(content_type, TLS_APPLICATION_DATA);
EXPECT_EQUAL(fragment_length, predicted_length);
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->header_in));
EXPECT_SUCCESS(s2n_stuffer_wipe(&conn->in));
}
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->destroy_key(&conn->active.server_key));
EXPECT_SUCCESS(conn->active.cipher_suite->cipher->destroy_key(&conn->active.client_key));
EXPECT_SUCCESS(s2n_connection_free(conn));
END_TEST();
}
int main(int argc, char **argv)
{
uint8_t digest_pad[64];
uint8_t output_pad[96];
uint8_t hello[] = "Hello world!\n";
struct s2n_stuffer output;
struct s2n_hash_state hash, copy;
struct s2n_blob out = {.data = output_pad,.size = sizeof(output_pad) };
BEGIN_TEST();
/* Initialise our output stuffers */
EXPECT_SUCCESS(s2n_stuffer_init(&output, &out));
uint8_t md5_digest_size;
GUARD(s2n_hash_digest_size(S2N_HASH_MD5, &md5_digest_size));
EXPECT_EQUAL(md5_digest_size, 16);
EXPECT_SUCCESS(s2n_hash_init(&hash, S2N_HASH_MD5));
EXPECT_SUCCESS(s2n_hash_update(&hash, hello, strlen((char *)hello)));
EXPECT_SUCCESS(s2n_hash_copy(©, &hash));
EXPECT_SUCCESS(s2n_hash_digest(&hash, digest_pad, MD5_DIGEST_LENGTH));
for (int i = 0; i < 16; i++) {
EXPECT_SUCCESS(s2n_stuffer_write_uint8_hex(&output, digest_pad[i]));
}
/* Reference value from command line md5sum */
EXPECT_EQUAL(memcmp(output_pad, "59ca0efa9f5633cb0371bbc0355478d8", 16 * 2), 0);
/* Check the copy */
EXPECT_SUCCESS(s2n_hash_digest(©, digest_pad, MD5_DIGEST_LENGTH));
for (int i = 0; i < 16; i++) {
EXPECT_SUCCESS(s2n_stuffer_write_uint8_hex(&output, digest_pad[i]));
}
/* Reference value from command line md5sum */
EXPECT_EQUAL(memcmp(output_pad, "59ca0efa9f5633cb0371bbc0355478d8", 16 * 2), 0);
EXPECT_SUCCESS(s2n_stuffer_init(&output, &out));
uint8_t sha1_digest_size;
GUARD(s2n_hash_digest_size(S2N_HASH_SHA1, &sha1_digest_size));
EXPECT_EQUAL(sha1_digest_size, 20);
EXPECT_SUCCESS(s2n_hash_init(&hash, S2N_HASH_SHA1));
EXPECT_SUCCESS(s2n_hash_update(&hash, hello, strlen((char *)hello)));
EXPECT_SUCCESS(s2n_hash_digest(&hash, digest_pad, SHA_DIGEST_LENGTH));
for (int i = 0; i < 20; i++) {
EXPECT_SUCCESS(s2n_stuffer_write_uint8_hex(&output, digest_pad[i]));
}
/* Reference value from command line sha1sum */
EXPECT_EQUAL(memcmp(output_pad, "47a013e660d408619d894b20806b1d5086aab03b", 20 * 2), 0);
EXPECT_SUCCESS(s2n_stuffer_init(&output, &out));
uint8_t sha256_digest_size;
GUARD(s2n_hash_digest_size(S2N_HASH_SHA256, &sha256_digest_size));
EXPECT_EQUAL(sha256_digest_size, 32);
EXPECT_SUCCESS(s2n_hash_init(&hash, S2N_HASH_SHA256));
EXPECT_SUCCESS(s2n_hash_update(&hash, hello, strlen((char *)hello)));
EXPECT_SUCCESS(s2n_hash_digest(&hash, digest_pad, SHA256_DIGEST_LENGTH));
for (int i = 0; i < 32; i++) {
EXPECT_SUCCESS(s2n_stuffer_write_uint8_hex(&output, digest_pad[i]));
}
/* Reference value from command line sha256sum */
EXPECT_EQUAL(memcmp(output_pad, "0ba904eae8773b70c75333db4de2f3ac45a8ad4ddba1b242f0b3cfc199391dd8", 32 * 2), 0);
EXPECT_SUCCESS(s2n_stuffer_init(&output, &out));
uint8_t sha384_digest_size;
GUARD(s2n_hash_digest_size(S2N_HASH_SHA384, &sha384_digest_size));
EXPECT_EQUAL(sha384_digest_size, 48);
EXPECT_SUCCESS(s2n_hash_init(&hash, S2N_HASH_SHA384));
EXPECT_SUCCESS(s2n_hash_update(&hash, hello, strlen((char *)hello)));
EXPECT_SUCCESS(s2n_hash_digest(&hash, digest_pad, SHA384_DIGEST_LENGTH));
for (int i = 0; i < 48; i++) {
EXPECT_SUCCESS(s2n_stuffer_write_uint8_hex(&output, digest_pad[i]));
}
/* Reference value from command line sha512sum */
EXPECT_EQUAL(memcmp(output_pad, "f7f8f1b9d5a9a61742eeda26c20990282ac08dabda14e70376fcb4c8b46198a9959ea9d7d194b38520eed5397ffe6d8e", 48 * 2), 0);
END_TEST();
}