diff options
| author | jsing <> | 2021-06-27 16:55:46 +0000 |
|---|---|---|
| committer | jsing <> | 2021-06-27 16:55:46 +0000 |
| commit | a7ed9ad139d7a9319648b19afe65bf3e6b015fb1 (patch) | |
| tree | b5dc95e9b9ffbd5b72660282017df98f7a23b9d6 | |
| parent | d45b9e73fb482b1b4b217864570c29e250d2f7ea (diff) | |
| download | openbsd-a7ed9ad139d7a9319648b19afe65bf3e6b015fb1.tar.gz openbsd-a7ed9ad139d7a9319648b19afe65bf3e6b015fb1.tar.bz2 openbsd-a7ed9ad139d7a9319648b19afe65bf3e6b015fb1.zip | |
Add test coverage for DTLSv1.2 client hellos.
| -rw-r--r-- | src/regress/lib/libssl/client/clienttest.c | 109 |
1 files changed, 102 insertions, 7 deletions
diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c index 2770e9559c..e797811e01 100644 --- a/src/regress/lib/libssl/client/clienttest.c +++ b/src/regress/lib/libssl/client/clienttest.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: clienttest.c,v 1.31 2021/06/27 16:40:25 jsing Exp $ */ | 1 | /* $OpenBSD: clienttest.c,v 1.32 2021/06/27 16:55:46 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -60,6 +60,63 @@ static const uint8_t client_hello_dtls1[] = { | |||
| 60 | 0x00, | 60 | 0x00, |
| 61 | }; | 61 | }; |
| 62 | 62 | ||
| 63 | static const uint8_t cipher_list_dtls12_aes[] = { | ||
| 64 | 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, | ||
| 65 | 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, | ||
| 66 | 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, | ||
| 67 | 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, | ||
| 68 | 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, | ||
| 69 | 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, | ||
| 70 | 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, | ||
| 71 | 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, | ||
| 72 | 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, | ||
| 73 | 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, | ||
| 74 | 0x00, 0x0a, 0x00, 0xff | ||
| 75 | }; | ||
| 76 | |||
| 77 | static const uint8_t cipher_list_dtls12_chacha[] = { | ||
| 78 | 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, | ||
| 79 | 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, | ||
| 80 | 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, | ||
| 81 | 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, | ||
| 82 | 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, | ||
| 83 | 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, | ||
| 84 | 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, | ||
| 85 | 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, | ||
| 86 | 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, | ||
| 87 | 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, | ||
| 88 | 0x00, 0x0a, 0x00, 0xff, | ||
| 89 | }; | ||
| 90 | |||
| 91 | static const uint8_t client_hello_dtls12[] = { | ||
| 92 | 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
| 93 | 0x00, 0x00, 0x00, 0x00, 0xbe, 0x01, 0x00, 0x00, | ||
| 94 | 0xb2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
| 95 | 0xb2, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
| 96 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
| 97 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
| 98 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
| 99 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x54, 0xc0, | ||
| 100 | 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, | ||
| 101 | 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, | ||
| 102 | 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, | ||
| 103 | 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, | ||
| 104 | 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, | ||
| 105 | 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, | ||
| 106 | 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, | ||
| 107 | 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, | ||
| 108 | 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, | ||
| 109 | 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, | ||
| 110 | 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x34, 0x00, | ||
| 111 | 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, | ||
| 112 | 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, | ||
| 113 | 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, 0x00, 0x00, | ||
| 114 | 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08, 0x06, 0x06, | ||
| 115 | 0x01, 0x06, 0x03, 0x08, 0x05, 0x05, 0x01, 0x05, | ||
| 116 | 0x03, 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0x02, | ||
| 117 | 0x01, 0x02, 0x03, | ||
| 118 | }; | ||
| 119 | |||
| 63 | static const uint8_t cipher_list_tls10[] = { | 120 | static const uint8_t cipher_list_tls10[] = { |
| 64 | 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, | 121 | 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, |
| 65 | 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, | 122 | 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, |
| @@ -173,34 +230,60 @@ static const uint8_t client_hello_tls12[] = { | |||
| 173 | }; | 230 | }; |
| 174 | 231 | ||
| 175 | struct client_hello_test { | 232 | struct client_hello_test { |
| 176 | const uint8_t *desc; | 233 | const char *desc; |
| 177 | const int protocol; | 234 | const int protocol; |
| 178 | const size_t random_start; | 235 | const size_t random_start; |
| 179 | const SSL_METHOD *(*ssl_method)(void); | 236 | const SSL_METHOD *(*ssl_method)(void); |
| 180 | const long ssl_options; | 237 | const long ssl_options; |
| 181 | }; | 238 | }; |
| 182 | 239 | ||
| 183 | static const struct client_hello_test client_hello_tests[] = { | 240 | static struct client_hello_test client_hello_tests[] = { |
| 184 | { | 241 | { |
| 185 | .desc = "DTLSv1 client", | 242 | .desc = "DTLSv1 client method", |
| 186 | .protocol = DTLS1_VERSION, | 243 | .protocol = DTLS1_VERSION, |
| 187 | .random_start = DTLS_RANDOM_OFFSET, | 244 | .random_start = DTLS_RANDOM_OFFSET, |
| 188 | .ssl_method = DTLSv1_client_method, | 245 | .ssl_method = DTLSv1_client_method, |
| 189 | }, | 246 | }, |
| 190 | { | 247 | { |
| 191 | .desc = "TLSv1 client", | 248 | .desc = "DTLSv1.2 client method", |
| 249 | .protocol = DTLS1_2_VERSION, | ||
| 250 | .random_start = DTLS_RANDOM_OFFSET, | ||
| 251 | .ssl_method = DTLSv1_2_client_method, | ||
| 252 | }, | ||
| 253 | { | ||
| 254 | .desc = "DTLS client method", | ||
| 255 | .protocol = DTLS1_2_VERSION, | ||
| 256 | .random_start = DTLS_RANDOM_OFFSET, | ||
| 257 | .ssl_method = DTLS_client_method, | ||
| 258 | }, | ||
| 259 | { | ||
| 260 | .desc = "DTLS client method (no DTLSv1.2)", | ||
| 261 | .protocol = DTLS1_VERSION, | ||
| 262 | .random_start = DTLS_RANDOM_OFFSET, | ||
| 263 | .ssl_method = DTLS_client_method, | ||
| 264 | .ssl_options = SSL_OP_NO_DTLSv1_2, | ||
| 265 | }, | ||
| 266 | { | ||
| 267 | .desc = "DTLS client method (no DTLSv1.0)", | ||
| 268 | .protocol = DTLS1_2_VERSION, | ||
| 269 | .random_start = DTLS_RANDOM_OFFSET, | ||
| 270 | .ssl_method = DTLS_client_method, | ||
| 271 | .ssl_options = SSL_OP_NO_DTLSv1, | ||
| 272 | }, | ||
| 273 | { | ||
| 274 | .desc = "TLSv1 client method", | ||
| 192 | .protocol = TLS1_VERSION, | 275 | .protocol = TLS1_VERSION, |
| 193 | .random_start = SSL3_RANDOM_OFFSET, | 276 | .random_start = SSL3_RANDOM_OFFSET, |
| 194 | .ssl_method = TLSv1_client_method, | 277 | .ssl_method = TLSv1_client_method, |
| 195 | }, | 278 | }, |
| 196 | { | 279 | { |
| 197 | .desc = "TLSv1_1 client", | 280 | .desc = "TLSv1_1 client method", |
| 198 | .protocol = TLS1_1_VERSION, | 281 | .protocol = TLS1_1_VERSION, |
| 199 | .random_start = SSL3_RANDOM_OFFSET, | 282 | .random_start = SSL3_RANDOM_OFFSET, |
| 200 | .ssl_method = TLSv1_1_client_method, | 283 | .ssl_method = TLSv1_1_client_method, |
| 201 | }, | 284 | }, |
| 202 | { | 285 | { |
| 203 | .desc = "TLSv1_2 client", | 286 | .desc = "TLSv1_2 client method", |
| 204 | .protocol = TLS1_2_VERSION, | 287 | .protocol = TLS1_2_VERSION, |
| 205 | .random_start = SSL3_RANDOM_OFFSET, | 288 | .random_start = SSL3_RANDOM_OFFSET, |
| 206 | .ssl_method = TLSv1_2_client_method, | 289 | .ssl_method = TLSv1_2_client_method, |
| @@ -332,6 +415,18 @@ make_client_hello(int protocol, char **out, size_t *outlen) | |||
| 332 | cipher_list_offset = DTLS_CIPHER_OFFSET; | 415 | cipher_list_offset = DTLS_CIPHER_OFFSET; |
| 333 | break; | 416 | break; |
| 334 | 417 | ||
| 418 | case DTLS1_2_VERSION: | ||
| 419 | client_hello = client_hello_dtls12; | ||
| 420 | client_hello_len = sizeof(client_hello_dtls12); | ||
| 421 | cipher_list = cipher_list_dtls12_chacha; | ||
| 422 | cipher_list_len = sizeof(cipher_list_dtls12_chacha); | ||
| 423 | if (ssl_aes_is_accelerated()) { | ||
| 424 | cipher_list = cipher_list_dtls12_aes; | ||
| 425 | cipher_list_len = sizeof(cipher_list_dtls12_aes); | ||
| 426 | } | ||
| 427 | cipher_list_offset = DTLS_CIPHER_OFFSET; | ||
| 428 | break; | ||
| 429 | |||
| 335 | case TLS1_VERSION: | 430 | case TLS1_VERSION: |
| 336 | client_hello = client_hello_tls10; | 431 | client_hello = client_hello_tls10; |
| 337 | client_hello_len = sizeof(client_hello_tls10); | 432 | client_hello_len = sizeof(client_hello_tls10); |