diff --git a/codebuild/bin/grep_simple_mistakes.sh b/codebuild/bin/grep_simple_mistakes.sh index 02951e7089f..c6e508c515c 100755 --- a/codebuild/bin/grep_simple_mistakes.sh +++ b/codebuild/bin/grep_simple_mistakes.sh @@ -101,6 +101,26 @@ for file in $S2N_FILES_ARRAY_SIZING_RETURN; do fi done +############################################# +# Detect any test loops not using s2n_array_len(). +# This is not necessarily a problem, but it's been a common source of errors, +# so we should just enforce stricter conventions. +############################################# +S2N_TEST_FILES_WITH_SIZEOF_LOOP=$(find "$PWD" -type f -name "s2n*.c" -path "*/tests/*") +for file in $S2N_TEST_FILES_WITH_SIZEOF_LOOP; do + WITH_QUESTIONABLE_SIZEOF_LOOP=`grep -Ern 'for \(.+; .+ <=? sizeof\(.+\); .+\)' $file | \ + grep -vE '<=? sizeof\(.*bytes\);' | + grep -vE '<=? sizeof\(.*data\);' | + grep -vE '<=? sizeof\(.*u8\);'` + if [ "${#WITH_QUESTIONABLE_SIZEOF_LOOP}" != "0" ]; then + FAILED=1 + printf "\e[1;34mWarning: sizeof is only valid for arrays of chars or uint8_ts. " + printf "Use s2n_array_len for other types, " + printf "or append \"bytes\", \"data\", or \"u8\" to your variable name for clarity. " + printf "Warning in $file:\e[0m\n$WITH_QUESTIONABLE_SIZEOF_LOOP\n\n" + fi +done + ############################################# # Assert that all assignments from s2n_stuffer_raw_read() have a # notnull_check (or similar manual null check) on the same, or next, line. diff --git a/tests/unit/s2n_client_extensions_test.c b/tests/unit/s2n_client_extensions_test.c index b916c58951e..e1263898843 100644 --- a/tests/unit/s2n_client_extensions_test.c +++ b/tests/unit/s2n_client_extensions_test.c @@ -32,7 +32,7 @@ #define ZERO_TO_THIRTY_ONE 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, \ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F -static uint8_t server_ocsp_status[] = { +static uint8_t server_ocsp_status_bytes[] = { /* clang-format off */ 0x30, 0x82, 0x06, 0x45, 0x0a, 0x01, 0x00, 0xa0, 0x82, 0x06, 0x3e, 0x30, 0x82, 0x06, 0x3a, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01, 0x04, 0x82, 0x06, 0x2b, 0x30, 0x82, 0x06, 0x27, 0x30, 0x81, 0xeb, 0xa1, 0x70, 0x30, 0x6e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x49, 0x4c, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x28, 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6f, 0x6d, 0x20, 0x4c, 0x74, 0x64, 0x2e, 0x20, 0x28, 0x53, 0x74, 0x61, 0x72, 0x74, 0x20, 0x43, 0x6f, 0x6d, 0x6d, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6c, 0x20, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x65, 0x64, 0x29, 0x31, 0x2c, 0x30, 0x2a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x23, 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6f, 0x6d, 0x20, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x20, 0x31, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x4f, 0x43, 0x53, 0x50, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x65, 0x72, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x35, 0x30, 0x32, 0x32, 0x37, 0x30, 0x36, 0x34, 0x36, 0x34, 0x35, 0x5a, 0x30, 0x66, 0x30, 0x64, 0x30, 0x3c, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x65, 0x68, 0x87, 0x4f, 0x40, 0x75, 0x0f, 0x01, 0x6a, 0x34, 0x75, 0x62, 0x5e, 0x1f, 0x5c, 0x93, 0xe5, 0xa2, 0x6d, 0x58, 0x04, 0x14, 0xeb, 0x42, 0x34, 0xd0, 0x98, 0xb0, 0xab, 0x9f, 0xf4, 0x1b, 0x6b, 0x08, 0xf7, 0xcc, 0x64, 0x2e, 0xef, 0x0e, 0x2c, 0x45, 0x02, 0x03, 0x0f, 0x87, 0x2c, 0x80, 0x00, 0x18, 0x0f, 0x32, 0x30, @@ -753,7 +753,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_read_test_pem(S2N_DEFAULT_TEST_PRIVATE_KEY, private_key, S2N_MAX_TEST_PEM_SIZE)); EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(server_config, cert_chain, private_key)); EXPECT_SUCCESS(s2n_config_set_extension_data(server_config, S2N_EXTENSION_OCSP_STAPLING, - server_ocsp_status, sizeof(server_ocsp_status))); + server_ocsp_status_bytes, sizeof(server_ocsp_status_bytes))); EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config)); EXPECT_SUCCESS(s2n_negotiate_test_server_and_client(server_conn, client_conn)); @@ -862,7 +862,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_read_test_pem(S2N_DEFAULT_TEST_PRIVATE_KEY, private_key, S2N_MAX_TEST_PEM_SIZE)); EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(server_config, cert_chain, private_key)); EXPECT_SUCCESS(s2n_config_set_extension_data(server_config, S2N_EXTENSION_OCSP_STAPLING, - server_ocsp_status, sizeof(server_ocsp_status))); + server_ocsp_status_bytes, sizeof(server_ocsp_status_bytes))); EXPECT_NOT_NULL(server_conn = s2n_connection_new(S2N_SERVER)); EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config)); @@ -877,10 +877,10 @@ int main(int argc, char **argv) /* Verify that the client received an OCSP response. */ EXPECT_EQUAL(s2n_connection_is_ocsp_stapled(client_conn), 1); EXPECT_NOT_NULL(server_ocsp_reply = s2n_connection_get_ocsp_response(client_conn, &length)); - EXPECT_EQUAL(length, sizeof(server_ocsp_status)); + EXPECT_EQUAL(length, sizeof(server_ocsp_status_bytes)); - for (size_t i = 0; i < sizeof(server_ocsp_status); i++) { - EXPECT_EQUAL(server_ocsp_reply[i], server_ocsp_status[i]); + for (size_t i = 0; i < sizeof(server_ocsp_status_bytes); i++) { + EXPECT_EQUAL(server_ocsp_reply[i], server_ocsp_status_bytes[i]); } EXPECT_SUCCESS(s2n_shutdown_test_server_and_client(server_conn, client_conn)); @@ -923,7 +923,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_read_test_pem(S2N_DEFAULT_TEST_PRIVATE_KEY, private_key, S2N_MAX_TEST_PEM_SIZE)); EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(server_config, cert_chain, private_key)); EXPECT_SUCCESS(s2n_config_set_extension_data(server_config, S2N_EXTENSION_OCSP_STAPLING, - server_ocsp_status, sizeof(server_ocsp_status))); + server_ocsp_status_bytes, sizeof(server_ocsp_status_bytes))); EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config)); EXPECT_SUCCESS(s2n_negotiate_test_server_and_client(server_conn, client_conn)); @@ -934,10 +934,10 @@ int main(int argc, char **argv) /* Verify that the client received an OCSP response. */ EXPECT_EQUAL(s2n_connection_is_ocsp_stapled(client_conn), 1); EXPECT_NOT_NULL(server_ocsp_reply = s2n_connection_get_ocsp_response(client_conn, &length)); - EXPECT_EQUAL(length, sizeof(server_ocsp_status)); + EXPECT_EQUAL(length, sizeof(server_ocsp_status_bytes)); - for (size_t i = 0; i < sizeof(server_ocsp_status); i++) { - EXPECT_EQUAL(server_ocsp_reply[i], server_ocsp_status[i]); + for (size_t i = 0; i < sizeof(server_ocsp_status_bytes); i++) { + EXPECT_EQUAL(server_ocsp_reply[i], server_ocsp_status_bytes[i]); } EXPECT_SUCCESS(s2n_shutdown_test_server_and_client(server_conn, client_conn)); @@ -985,7 +985,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_read_test_pem(S2N_DEFAULT_ECDSA_TEST_PRIVATE_KEY, private_key, S2N_MAX_TEST_PEM_SIZE)); EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key(server_config, cert_chain, private_key)); EXPECT_SUCCESS(s2n_config_set_extension_data(server_config, S2N_EXTENSION_OCSP_STAPLING, - server_ocsp_status, sizeof(server_ocsp_status))); + server_ocsp_status_bytes, sizeof(server_ocsp_status_bytes))); EXPECT_SUCCESS(s2n_connection_set_config(server_conn, server_config)); EXPECT_SUCCESS(s2n_negotiate_test_server_and_client(server_conn, client_conn)); @@ -997,10 +997,10 @@ int main(int argc, char **argv) EXPECT_EQUAL(s2n_connection_is_ocsp_stapled(client_conn), 1); EXPECT_NOT_NULL(server_ocsp_reply = s2n_connection_get_ocsp_response(client_conn, &length)); - EXPECT_EQUAL(length, sizeof(server_ocsp_status)); + EXPECT_EQUAL(length, sizeof(server_ocsp_status_bytes)); - for (size_t i = 0; i < sizeof(server_ocsp_status); i++) { - EXPECT_EQUAL(server_ocsp_reply[i], server_ocsp_status[i]); + for (size_t i = 0; i < sizeof(server_ocsp_status_bytes); i++) { + EXPECT_EQUAL(server_ocsp_reply[i], server_ocsp_status_bytes[i]); } EXPECT_SUCCESS(s2n_shutdown_test_server_and_client(server_conn, client_conn)); diff --git a/tests/unit/s2n_client_hello_recv_test.c b/tests/unit/s2n_client_hello_recv_test.c index 9a89dcc2d60..2422559e9e9 100644 --- a/tests/unit/s2n_client_hello_recv_test.c +++ b/tests/unit/s2n_client_hello_recv_test.c @@ -521,19 +521,19 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_connection_set_config(server, tls12_config)); struct s2n_stuffer server_in = { 0 }; - uint8_t sslv2_client_hello[] = { + uint8_t sslv2_client_hello_bytes[] = { SSLv2_CLIENT_HELLO_HEADER, SSLv2_CLIENT_HELLO_PREFIX, SSLv2_CLIENT_HELLO_CIPHER_SUITES, SSLv2_CLIENT_HELLO_CHALLENGE, }; EXPECT_SUCCESS(s2n_blob_init(&server_in.blob, - sslv2_client_hello, sizeof(sslv2_client_hello))); + sslv2_client_hello_bytes, sizeof(sslv2_client_hello_bytes))); EXPECT_SUCCESS(s2n_connection_set_recv_io_stuffer(&server_in, server)); /* Read message one byte at a time */ s2n_blocked_status blocked = S2N_NOT_BLOCKED; - for (size_t i = 0; i < sizeof(sslv2_client_hello); i++) { + for (size_t i = 0; i < sizeof(sslv2_client_hello_bytes); i++) { EXPECT_ERROR_WITH_ERRNO( s2n_negotiate_until_message(server, &blocked, SERVER_HELLO), S2N_ERR_IO_BLOCKED); diff --git a/tests/unit/s2n_client_key_share_extension_pq_test.c b/tests/unit/s2n_client_key_share_extension_pq_test.c index 9768cbb4109..4521f38ea1c 100644 --- a/tests/unit/s2n_client_key_share_extension_pq_test.c +++ b/tests/unit/s2n_client_key_share_extension_pq_test.c @@ -656,7 +656,7 @@ int main() /* Do NOT mark the highest priority available KEM group as mutually supported */ EXPECT_OK(s2n_set_all_mutually_supported_groups(server_conn)); - for (int i = 0; i < sizeof(server_conn->kex_params.mutually_supported_kem_groups); i++) { + for (int i = 0; i < s2n_array_len(server_conn->kex_params.mutually_supported_kem_groups); i++) { if (server_conn->kex_params.mutually_supported_kem_groups[i] && s2n_kem_group_is_available(server_conn->kex_params.mutually_supported_kem_groups[i])) { server_conn->kex_params.mutually_supported_kem_groups[i] = NULL; @@ -717,7 +717,7 @@ int main() /* Do NOT mark the highest priority available KEM group as mutually supported */ EXPECT_OK(s2n_set_all_mutually_supported_groups(server_conn)); - for (int i = 0; i < sizeof(server_conn->kex_params.mutually_supported_kem_groups); i++) { + for (int i = 0; i < s2n_array_len(server_conn->kex_params.mutually_supported_kem_groups); i++) { if (server_conn->kex_params.mutually_supported_kem_groups[i] && s2n_kem_group_is_available(server_conn->kex_params.mutually_supported_kem_groups[i])) { server_conn->kex_params.mutually_supported_kem_groups[i] = NULL; diff --git a/tests/unit/s2n_quic_support_io_test.c b/tests/unit/s2n_quic_support_io_test.c index 8a2b744cfb7..1fdd64e0745 100644 --- a/tests/unit/s2n_quic_support_io_test.c +++ b/tests/unit/s2n_quic_support_io_test.c @@ -517,7 +517,7 @@ int main(int argc, char **argv) EXPECT_FAILURE(s2n_recv_quic_post_handshake_message(NULL, &blocked)); /* Parsable session ticket message */ - uint8_t ticket_message[] = { + uint8_t ticket_message_bytes[] = { TLS_SERVER_NEW_SESSION_TICKET, 0x00, 0x00, 0x12, /* message size */ TEST_LIFETIME, /* ticket lifetime */ @@ -562,7 +562,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_connection_set_io_stuffers(&stuffer, &stuffer, conn)); /* Construct ST handshake message */ - EXPECT_SUCCESS(s2n_stuffer_write_bytes(&stuffer, ticket_message, sizeof(ticket_message))); + EXPECT_SUCCESS(s2n_stuffer_write_bytes(&stuffer, ticket_message_bytes, sizeof(ticket_message_bytes))); EXPECT_SUCCESS(s2n_recv_quic_post_handshake_message(conn, &blocked)); @@ -571,7 +571,7 @@ int main(int argc, char **argv) }; /* Test: successfully reads and processes fragmented post-handshake message */ - for (size_t i = 1; i < sizeof(ticket_message); i++) { + for (size_t i = 1; i < sizeof(ticket_message_bytes); i++) { DEFER_CLEANUP(struct s2n_connection *conn = s2n_connection_new(S2N_CLIENT), s2n_connection_ptr_free); DEFER_CLEANUP(struct s2n_config *config = s2n_config_new(), s2n_config_ptr_free); EXPECT_SUCCESS(s2n_config_set_session_tickets_onoff(config, 1)); @@ -585,7 +585,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_connection_set_io_stuffers(&stuffer, &stuffer, conn)); /* Mock receiving a fragmented handshake message */ - EXPECT_SUCCESS(s2n_stuffer_write_bytes(&stuffer, ticket_message, i)); + EXPECT_SUCCESS(s2n_stuffer_write_bytes(&stuffer, ticket_message_bytes, i)); EXPECT_FAILURE_WITH_ERRNO(s2n_recv_quic_post_handshake_message(conn, &blocked), S2N_ERR_IO_BLOCKED); EXPECT_EQUAL(blocked, S2N_BLOCKED_ON_READ); @@ -594,7 +594,7 @@ int main(int argc, char **argv) EXPECT_EQUAL(session_ticket_cb_count, 0); /* "Write" the rest of the message */ - EXPECT_SUCCESS(s2n_stuffer_write_bytes(&stuffer, ticket_message + i, sizeof(ticket_message) - i)); + EXPECT_SUCCESS(s2n_stuffer_write_bytes(&stuffer, ticket_message_bytes + i, sizeof(ticket_message_bytes) - i)); EXPECT_SUCCESS(s2n_recv_quic_post_handshake_message(conn, &blocked)); diff --git a/tests/unit/s2n_resume_test.c b/tests/unit/s2n_resume_test.c index b0c10223fbb..b45f16e3e0c 100644 --- a/tests/unit/s2n_resume_test.c +++ b/tests/unit/s2n_resume_test.c @@ -405,7 +405,7 @@ int main(int argc, char **argv) conn->secure->cipher_suite = &s2n_ecdhe_ecdsa_with_aes_128_gcm_sha256; uint8_t ems_state[] = { false, true }; - for (size_t i = 0; i < sizeof(ems_state); i++) { + for (size_t i = 0; i < s2n_array_len(ems_state); i++) { /* Test the two different EMS states */ conn->ems_negotiated = ems_state[i]; diff --git a/tests/unit/s2n_server_cert_request_test.c b/tests/unit/s2n_server_cert_request_test.c index fbdd6392c92..f6171ab29f2 100644 --- a/tests/unit/s2n_server_cert_request_test.c +++ b/tests/unit/s2n_server_cert_request_test.c @@ -68,8 +68,8 @@ int main(int argc, char **argv) uint8_t *their_cert_type_pref_list = s2n_stuffer_raw_read(in, cert_types_len); - EXPECT_EQUAL(cert_types_len, sizeof(s2n_cert_type_preference_list)); - for (size_t idx = 0; idx < sizeof(s2n_cert_type_preference_list); idx++) { + EXPECT_EQUAL(cert_types_len, s2n_array_len(s2n_cert_type_preference_list)); + for (size_t idx = 0; idx < s2n_array_len(s2n_cert_type_preference_list); idx++) { EXPECT_EQUAL(their_cert_type_pref_list[idx], s2n_cert_type_preference_list[idx]); } @@ -96,8 +96,8 @@ int main(int argc, char **argv) uint8_t *their_cert_type_pref_list = s2n_stuffer_raw_read(in, cert_types_len); - EXPECT_EQUAL(cert_types_len, sizeof(s2n_cert_type_preference_list_legacy_dss)); - for (size_t idx = 0; idx < sizeof(s2n_cert_type_preference_list_legacy_dss); idx++) { + EXPECT_EQUAL(cert_types_len, s2n_array_len(s2n_cert_type_preference_list_legacy_dss)); + for (size_t idx = 0; idx < s2n_array_len(s2n_cert_type_preference_list_legacy_dss); idx++) { EXPECT_EQUAL(their_cert_type_pref_list[idx], s2n_cert_type_preference_list_legacy_dss[idx]); } diff --git a/tests/unit/s2n_tls12_handshake_test.c b/tests/unit/s2n_tls12_handshake_test.c index 3d1d784de74..04c3b7cbbc5 100644 --- a/tests/unit/s2n_tls12_handshake_test.c +++ b/tests/unit/s2n_tls12_handshake_test.c @@ -482,7 +482,7 @@ int main(int argc, char **argv) conn->handshake.handshake_type = test_handshake_type; - for (size_t i = 0; i < sizeof(expected) / sizeof(char *); i++) { + for (size_t i = 0; i < s2n_array_len(expected); i++) { conn->handshake.message_number = i; EXPECT_STRING_EQUAL(expected[i], s2n_connection_get_last_message_name(conn)); } diff --git a/tests/unit/s2n_tls13_cert_verify_test.c b/tests/unit/s2n_tls13_cert_verify_test.c index 7987ac4c1b4..7a6e781be1a 100644 --- a/tests/unit/s2n_tls13_cert_verify_test.c +++ b/tests/unit/s2n_tls13_cert_verify_test.c @@ -226,7 +226,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_enable_tls13_in_test()); - for (size_t i = 0; i < sizeof(test_cases) / sizeof(struct s2n_tls13_cert_verify_test); i++) { + for (size_t i = 0; i < s2n_array_len(test_cases); i++) { /* Run all tests for server sending and client receiving/verifying cert_verify message */ run_tests(&test_cases[i], S2N_CLIENT); diff --git a/tests/unit/s2n_tls13_prf_test.c b/tests/unit/s2n_tls13_prf_test.c index 411e4c2bf2c..06de5d34ea7 100644 --- a/tests/unit/s2n_tls13_prf_test.c +++ b/tests/unit/s2n_tls13_prf_test.c @@ -53,10 +53,10 @@ int main(int argc, char **argv) DEFER_CLEANUP(struct s2n_stuffer expected_secret_in = { 0 }, s2n_stuffer_free); DEFER_CLEANUP(struct s2n_stuffer expected_expanded_in = { 0 }, s2n_stuffer_free); - char client_handshake_message[sizeof(client_handshake_message_hex_in) / 2] = { 0 }; - char server_handshake_message[sizeof(server_handshake_message_hex_in) / 2] = { 0 }; - char expected_secret[sizeof(expected_secret_hex_in) / 2] = { 0 }; - char expected_expanded[sizeof(expected_expanded_hex_in) / 2] = { 0 }; + uint8_t client_handshake_message_bytes[sizeof(client_handshake_message_hex_in) / 2] = { 0 }; + uint8_t server_handshake_message_bytes[sizeof(server_handshake_message_hex_in) / 2] = { 0 }; + uint8_t expected_secret_bytes[sizeof(expected_secret_hex_in) / 2] = { 0 }; + uint8_t expected_expanded_bytes[sizeof(expected_expanded_hex_in) / 2] = { 0 }; uint8_t digest_buf[SHA256_DIGEST_LENGTH]; uint8_t secret_buf[SHA256_DIGEST_LENGTH]; @@ -74,28 +74,28 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_stuffer_alloc_ro_from_string(&expected_expanded_in, expected_expanded_hex_in)); /* Parse the hex */ - for (size_t i = 0; i < sizeof(client_handshake_message); i++) { + for (size_t i = 0; i < sizeof(client_handshake_message_bytes); i++) { uint8_t c = 0; EXPECT_OK(s2n_stuffer_read_uint8_hex(&client_handshake_message_in, &c)); - client_handshake_message[i] = c; + client_handshake_message_bytes[i] = c; } - for (size_t i = 0; i < sizeof(server_handshake_message); i++) { + for (size_t i = 0; i < sizeof(server_handshake_message_bytes); i++) { uint8_t c = 0; EXPECT_OK(s2n_stuffer_read_uint8_hex(&server_handshake_message_in, &c)); - server_handshake_message[i] = c; + server_handshake_message_bytes[i] = c; } - for (size_t i = 0; i < sizeof(expected_secret); i++) { + for (size_t i = 0; i < sizeof(expected_secret_bytes); i++) { uint8_t c = 0; EXPECT_OK(s2n_stuffer_read_uint8_hex(&expected_secret_in, &c)); - expected_secret[i] = c; + expected_secret_bytes[i] = c; } - for (size_t i = 0; i < sizeof(expected_expanded); i++) { + for (size_t i = 0; i < sizeof(expected_expanded_bytes); i++) { uint8_t c = 0; EXPECT_OK(s2n_stuffer_read_uint8_hex(&expected_expanded_in, &c)); - expected_expanded[i] = c; + expected_expanded_bytes[i] = c; } EXPECT_SUCCESS(s2n_hash_new(&transcript_hash)); @@ -124,7 +124,7 @@ int main(int argc, char **argv) /* Validate the early secret */ EXPECT_SUCCESS(s2n_hkdf_extract(&throwaway, S2N_HMAC_SHA256, &salt, &ikm, &secret)); - EXPECT_EQUAL(memcmp(secret_buf, expected_secret, sizeof(secret_buf)), 0); + EXPECT_EQUAL(memcmp(secret_buf, expected_secret_bytes, sizeof(secret_buf)), 0); /* Validate the derived secret */ S2N_BLOB_LABEL(label, "derived"); @@ -134,7 +134,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_hmac_new(&hmac)); EXPECT_SUCCESS(s2n_hkdf_expand_label(&hmac, S2N_HMAC_SHA256, &secret, &label, &digest, &output)); - EXPECT_EQUAL(memcmp(output_buf, expected_expanded, sizeof(output_buf)), 0); + EXPECT_EQUAL(memcmp(output_buf, expected_expanded_bytes, sizeof(output_buf)), 0); EXPECT_SUCCESS(s2n_hmac_free(&throwaway)); EXPECT_SUCCESS(s2n_hmac_free(&hmac));