tlsexttest: check additional logic in tlsext randomization

This verifies that we put PSK always last and that the Apache 2 special does what it is supposed to do. There is also some weak validation of the Fisher-Yates shuffle that will likely catch errors introduced in tlsext_randomize_build_order()
author: tb <> 2023-04-27 10:53:58 +0000
committer: tb <> 2023-04-27 10:53:58 +0000
commit: 7e4f1618bbb0aff3c288e85be3ef058031f36db8 (patch)
tree: 075a11198f3f0cde85f34cfc44b54d52ee590ef3
parent: 8d067d0e36156c578e77712fa2fd5d998c57b6be (diff)
download: openbsd-7e4f1618bbb0aff3c288e85be3ef058031f36db8.tar.gz
openbsd-7e4f1618bbb0aff3c288e85be3ef058031f36db8.tar.bz2
openbsd-7e4f1618bbb0aff3c288e85be3ef058031f36db8.zip
1 files changed, 103 insertions, 1 deletions
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c
index f5241c8f62..2da1b6487b 100644
--- a/src/regress/lib/libssl/tlsext/tlsexttest.c
+++ b/src/regress/lib/libssl/tlsext/tlsexttest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tlsexttest.c,v 1.80 2023/04/23 18:59:41 tb Exp $ */
+/* $OpenBSD: tlsexttest.c,v 1.81 2023/04/27 10:53:58 tb Exp $ */
 /*
 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -33,6 +33,7 @@ struct tls_extension_funcs {
        int (*parse)(SSL *s, uint16_t msg_type, CBS *cbs, int *alert);
 };
+uint16_t tls_extension_type(const struct tls_extension *);
 const struct tls_extension *tls_extension_find(uint16_t, size_t *);
 const struct tls_extension_funcs *tlsext_funcs(const struct tls_extension *,
    int);
@@ -4442,6 +4443,105 @@ test_tlsext_valid_hostnames(void)
        return failure;
 }
+#define N_TLSEXT_RANDOMIZATION_TESTS 1000
+static int
+test_tlsext_check_extension_order(SSL *ssl)
+{
+        const struct tls_extension *ext;
+        uint16_t type;
+        size_t alpn_idx, sni_idx;
+        size_t i;
+        if (ssl->tlsext_build_order_len == 0) {
+                FAIL("Unexpected zero build order length");
+                return 1;
+        }
+        ext = ssl->tlsext_build_order[ssl->tlsext_build_order_len - 1];
+        if ((type = tls_extension_type(ext)) != TLSEXT_TYPE_psk) {
+                FAIL("last extension is %u, want %u\n", type, TLSEXT_TYPE_psk);
+                return 1;
+        }
+        if (ssl->server)
+                return 0;
+        alpn_idx = sni_idx = ssl->tlsext_build_order_len;
+        for (i = 0; i < ssl->tlsext_build_order_len; i++) {
+                ext = ssl->tlsext_build_order[i];
+                if (tls_extension_type(ext) == TLSEXT_TYPE_alpn)
+                        alpn_idx = i;
+                if (tls_extension_type(ext) == TLSEXT_TYPE_server_name)
+                        sni_idx = i;
+        }
+        if (alpn_idx == ssl->tlsext_build_order_len) {
+                FAIL("could not find alpn extension\n");
+                return 1;
+        }
+        if (sni_idx == ssl->tlsext_build_order_len) {
+                FAIL("could not find alpn extension\n");
+                return 1;
+        }
+        if (sni_idx >= alpn_idx) {
+                FAIL("sni does not precede alpn: %zu >= %zu\n",
+                    sni_idx, alpn_idx);
+                return 1;
+        }
+        return 0;
+}
+static int
+test_tlsext_randomized_extensions(SSL *ssl)
+{
+        size_t i;
+        int failed = 0;
+        for (i = 0; i < N_TLSEXT_RANDOMIZATION_TESTS; i++) {
+                if (!tlsext_randomize_build_order(ssl))
+                        errx(1, "failed to randomize extensions");
+                failed |= test_tlsext_check_extension_order(ssl);
+        }
+        return failed;
+}
+static int
+test_tlsext_extension_order(void)
+{
+        SSL_CTX *ssl_ctx = NULL;
+        SSL *ssl = NULL;
+        int failure;
+        failure = 0;
+        if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+                errx(1, "failed to create SSL_CTX");
+        if ((ssl = SSL_new(ssl_ctx)) == NULL)
+                errx(1, "failed to create SSL");
+        failure |= test_tlsext_randomized_extensions(ssl);
+        SSL_CTX_free(ssl_ctx);
+        SSL_free(ssl);
+        if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
+                errx(1, "failed to create SSL_CTX");
+        if ((ssl = SSL_new(ssl_ctx)) == NULL)
+                errx(1, "failed to create SSL");
+        failure |= test_tlsext_randomized_extensions(ssl);
+        SSL_CTX_free(ssl_ctx);
+        SSL_free(ssl);
+        return failure;
+}
 int
 main(int argc, char **argv)
 {
@@ -4500,5 +4600,7 @@ main(int argc, char **argv)
        failed |= test_tlsext_quic_transport_parameters_client();
        failed |= test_tlsext_quic_transport_parameters_server();
+        failed |= test_tlsext_extension_order();
        return (failed);
 }
author	tb <>	2023-04-27 10:53:58 +0000
committer	tb <>	2023-04-27 10:53:58 +0000
commit	7e4f1618bbb0aff3c288e85be3ef058031f36db8 (patch)
tree	075a11198f3f0cde85f34cfc44b54d52ee590ef3
parent	8d067d0e36156c578e77712fa2fd5d998c57b6be (diff)
download	openbsd-7e4f1618bbb0aff3c288e85be3ef058031f36db8.tar.gz openbsd-7e4f1618bbb0aff3c288e85be3ef058031f36db8.tar.bz2 openbsd-7e4f1618bbb0aff3c288e85be3ef058031f36db8.zip

diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c index f5241c8f62..2da1b6487b 100644 --- a/src/regress/lib/libssl/tlsext/tlsexttest.c +++ b/src/regress/lib/libssl/tlsext/tlsexttest.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tlsexttest.c,v 1.80 2023/04/23 18:59:41 tb Exp $ */	1	/* $OpenBSD: tlsexttest.c,v 1.81 2023/04/27 10:53:58 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>	4	* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -33,6 +33,7 @@ struct tls_extension_funcs {
33	int (parse)(SSL s, uint16_t msg_type, CBS cbs, int alert);	33	int (parse)(SSL s, uint16_t msg_type, CBS cbs, int alert);
34	};	34	};
35		35
		36	uint16_t tls_extension_type(const struct tls_extension *);
36	const struct tls_extension tls_extension_find(uint16_t, size_t );	37	const struct tls_extension tls_extension_find(uint16_t, size_t );
37	const struct tls_extension_funcs tlsext_funcs(const struct tls_extension ,	38	const struct tls_extension_funcs tlsext_funcs(const struct tls_extension ,
38	int);	39	int);
@@ -4442,6 +4443,105 @@ test_tlsext_valid_hostnames(void)
4442	return failure;	4443	return failure;
4443	}	4444	}
4444		4445
		4446	#define N_TLSEXT_RANDOMIZATION_TESTS 1000
		4447
		4448	static int
		4449	test_tlsext_check_extension_order(SSL *ssl)
		4450	{
		4451	const struct tls_extension *ext;
		4452	uint16_t type;
		4453	size_t alpn_idx, sni_idx;
		4454	size_t i;
		4455
		4456	if (ssl->tlsext_build_order_len == 0) {
		4457	FAIL("Unexpected zero build order length");
		4458	return 1;
		4459	}
		4460
		4461	ext = ssl->tlsext_build_order[ssl->tlsext_build_order_len - 1];
		4462	if ((type = tls_extension_type(ext)) != TLSEXT_TYPE_psk) {
		4463	FAIL("last extension is %u, want %u\n", type, TLSEXT_TYPE_psk);
		4464	return 1;
		4465	}
		4466
		4467	if (ssl->server)
		4468	return 0;
		4469
		4470	alpn_idx = sni_idx = ssl->tlsext_build_order_len;
		4471	for (i = 0; i < ssl->tlsext_build_order_len; i++) {
		4472	ext = ssl->tlsext_build_order[i];
		4473	if (tls_extension_type(ext) == TLSEXT_TYPE_alpn)
		4474	alpn_idx = i;
		4475	if (tls_extension_type(ext) == TLSEXT_TYPE_server_name)
		4476	sni_idx = i;
		4477	}
		4478
		4479	if (alpn_idx == ssl->tlsext_build_order_len) {
		4480	FAIL("could not find alpn extension\n");
		4481	return 1;
		4482	}
		4483
		4484	if (sni_idx == ssl->tlsext_build_order_len) {
		4485	FAIL("could not find alpn extension\n");
		4486	return 1;
		4487	}
		4488
		4489	if (sni_idx >= alpn_idx) {
		4490	FAIL("sni does not precede alpn: %zu >= %zu\n",
		4491	sni_idx, alpn_idx);
		4492	return 1;
		4493	}
		4494
		4495	return 0;
		4496	}
		4497
		4498	static int
		4499	test_tlsext_randomized_extensions(SSL *ssl)
		4500	{
		4501	size_t i;
		4502	int failed = 0;
		4503
		4504	for (i = 0; i < N_TLSEXT_RANDOMIZATION_TESTS; i++) {
		4505	if (!tlsext_randomize_build_order(ssl))
		4506	errx(1, "failed to randomize extensions");
		4507	failed \|= test_tlsext_check_extension_order(ssl);
		4508	}
		4509
		4510	return failed;
		4511	}
		4512
		4513	static int
		4514	test_tlsext_extension_order(void)
		4515	{
		4516	SSL_CTX *ssl_ctx = NULL;
		4517	SSL *ssl = NULL;
		4518	int failure;
		4519
		4520	failure = 0;
		4521
		4522	if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
		4523	errx(1, "failed to create SSL_CTX");
		4524	if ((ssl = SSL_new(ssl_ctx)) == NULL)
		4525	errx(1, "failed to create SSL");
		4526
		4527	failure \|= test_tlsext_randomized_extensions(ssl);
		4528
		4529	SSL_CTX_free(ssl_ctx);
		4530	SSL_free(ssl);
		4531
		4532	if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
		4533	errx(1, "failed to create SSL_CTX");
		4534	if ((ssl = SSL_new(ssl_ctx)) == NULL)
		4535	errx(1, "failed to create SSL");
		4536
		4537	failure \|= test_tlsext_randomized_extensions(ssl);
		4538
		4539	SSL_CTX_free(ssl_ctx);
		4540	SSL_free(ssl);
		4541
		4542	return failure;
		4543	}
		4544
4445	int	4545	int
4446	main(int argc, char **argv)	4546	main(int argc, char **argv)
4447	{	4547	{
@@ -4500,5 +4600,7 @@ main(int argc, char **argv)
4500	failed \|= test_tlsext_quic_transport_parameters_client();	4600	failed \|= test_tlsext_quic_transport_parameters_client();
4501	failed \|= test_tlsext_quic_transport_parameters_server();	4601	failed \|= test_tlsext_quic_transport_parameters_server();
4502		4602
		4603	failed \|= test_tlsext_extension_order();
		4604
4503	return (failed);	4605	return (failed);
4504	}	4606	}