summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl/unit
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2021-08-30 17:27:46 +0000
committercvs2svn <admin@example.com>2021-08-30 17:27:46 +0000
commit4e4f5b4c833ba5285e001bdb6b832bdf91c43da3 (patch)
treeab301f051b9dd067fa28b0fe56806a2893b8161e /src/regress/lib/libssl/unit
parent20a5de624e2e817be526407f2b8de078016ee258 (diff)
downloadopenbsd-tb_20210830.tar.gz
openbsd-tb_20210830.tar.bz2
openbsd-tb_20210830.zip
This commit was manufactured by cvs2git to create tag 'tb_20210830'.tb_20210830
Diffstat (limited to 'src/regress/lib/libssl/unit')
-rw-r--r--src/regress/lib/libssl/unit/Makefile27
-rw-r--r--src/regress/lib/libssl/unit/cipher_list.c204
-rw-r--r--src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c482
-rw-r--r--src/regress/lib/libssl/unit/ssl_methods.c267
-rw-r--r--src/regress/lib/libssl/unit/ssl_versions.c910
-rw-r--r--src/regress/lib/libssl/unit/tests.h44
-rw-r--r--src/regress/lib/libssl/unit/tls_ext_alpn.c442
-rw-r--r--src/regress/lib/libssl/unit/tls_prf.c251
8 files changed, 0 insertions, 2627 deletions
diff --git a/src/regress/lib/libssl/unit/Makefile b/src/regress/lib/libssl/unit/Makefile
deleted file mode 100644
index a1935bbd88..0000000000
--- a/src/regress/lib/libssl/unit/Makefile
+++ /dev/null
@@ -1,27 +0,0 @@
1# $OpenBSD: Makefile,v 1.12 2021/05/03 23:42:04 inoguchi Exp $
2
3TEST_CASES+= cipher_list
4TEST_CASES+= ssl_get_shared_ciphers
5TEST_CASES+= ssl_methods
6TEST_CASES+= ssl_versions
7TEST_CASES+= tls_ext_alpn
8TEST_CASES+= tls_prf
9
10REGRESS_TARGETS= all_tests
11
12WARNINGS= Yes
13LDLIBS= ${SSL_INT} -lcrypto
14CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror
15CFLAGS+= -DCERTSDIR=\"${.CURDIR}/../certs\"
16CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
17
18CLEANFILES+= ${TEST_CASES}
19
20all_tests: ${TEST_CASES}
21 @for test in $>; do \
22 ./$$test; \
23 done
24
25${TEST_CASES}: ${LIBSSL} ${LIBCRYPTO}
26
27.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/unit/cipher_list.c b/src/regress/lib/libssl/unit/cipher_list.c
deleted file mode 100644
index 9a5d978140..0000000000
--- a/src/regress/lib/libssl/unit/cipher_list.c
+++ /dev/null
@@ -1,204 +0,0 @@
1/* $OpenBSD: cipher_list.c,v 1.10 2021/01/09 12:39:22 tb Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19/*
20 * Test TLS ssl bytes (aka cipher suites) to cipher list and back.
21 *
22 * TLSv1.0 - RFC 2246 section 7.4.1.2 (ClientHello struct)
23 * TLSv1.1 - RFC 4346 section 7.4.1.2 (ClientHello struct)
24 * TLSv1.2 - RFC 5246 section 7.4.1.2 (ClientHello struct)
25 *
26 * In all of these standards, the relevant structures are:
27 *
28 * uint8 CipherSuite[2];
29 *
30 * struct {
31 * ...
32 * CipherSuite cipher_suites<2..2^16-2>
33 * ...
34 * } ClientHello;
35 */
36
37#include <openssl/ssl.h>
38
39#include <stdio.h>
40#include <string.h>
41
42#include "ssl_locl.h"
43
44#include "tests.h"
45
46static uint8_t cipher_bytes[] = {
47 0xcc, 0xa8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */
48 0xcc, 0xa9, /* ECDHE-RSA-CHACHA20-POLY1305 */
49 0xcc, 0xaa, /* DHE-RSA-CHACHA20-POLY1305 */
50 0x00, 0x9c, /* AES128-GCM-SHA256 */
51 0x00, 0x3d, /* AES256-SHA256 */
52};
53
54static uint16_t cipher_values[] = {
55 0xcca8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */
56 0xcca9, /* ECDHE-RSA-CHACHA20-POLY1305 */
57 0xccaa, /* DHE-RSA-CHACHA20-POLY1305 */
58 0x009c, /* AES128-GCM-SHA256 */
59 0x003d, /* AES256-SHA256 */
60};
61
62#define N_CIPHERS (sizeof(cipher_bytes) / 2)
63
64static int
65ssl_bytes_to_list_alloc(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
66{
67 SSL_CIPHER *cipher;
68 uint16_t value;
69 CBS cbs;
70 int i;
71
72 CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes));
73
74 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
75 CHECK(*ciphers != NULL);
76 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
77 for (i = 0; i < sk_SSL_CIPHER_num(*ciphers); i++) {
78 cipher = sk_SSL_CIPHER_value(*ciphers, i);
79 CHECK(cipher != NULL);
80 value = SSL_CIPHER_get_value(cipher);
81 CHECK(value == cipher_values[i]);
82 }
83
84 return 1;
85}
86
87static int
88ssl_list_to_bytes_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
89{
90 CBB cbb;
91 unsigned char *buf = NULL;
92 size_t buflen, outlen;
93 int ret = 0;
94
95 /* Space for cipher bytes, plus reneg SCSV and two spare bytes. */
96 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
97 buflen = sizeof(cipher_bytes) + 2 + 2;
98 CHECK((buf = calloc(1, buflen)) != NULL);
99
100 CHECK(CBB_init_fixed(&cbb, buf, buflen));
101 CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
102 CHECK(CBB_finish(&cbb, NULL, &outlen));
103
104 CHECK_GOTO(outlen > 0 && outlen == buflen - 2);
105 CHECK_GOTO(memcmp(buf, cipher_bytes, sizeof(cipher_bytes)) == 0);
106 CHECK_GOTO(buf[buflen - 4] == 0x00 && buf[buflen - 3] == 0xff);
107 CHECK_GOTO(buf[buflen - 2] == 0x00 && buf[buflen - 1] == 0x00);
108
109 ret = 1;
110
111err:
112 free(buf);
113 return ret;
114}
115
116static int
117ssl_list_to_bytes_no_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
118{
119 CBB cbb;
120 unsigned char *buf = NULL;
121 size_t buflen, outlen;
122 int ret = 0;
123
124 /* Space for cipher bytes and two spare bytes */
125 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
126 buflen = sizeof(cipher_bytes) + 2;
127 CHECK((buf = calloc(1, buflen)) != NULL);
128 buf[buflen - 2] = 0xfe;
129 buf[buflen - 1] = 0xab;
130
131 /* Set renegotiate so it doesn't add SCSV */
132 s->internal->renegotiate = 1;
133
134 CHECK(CBB_init_fixed(&cbb, buf, buflen));
135 CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
136 CHECK(CBB_finish(&cbb, NULL, &outlen));
137
138 CHECK_GOTO(outlen > 0 && outlen == buflen - 2);
139 CHECK_GOTO(memcmp(buf, cipher_bytes, sizeof(cipher_bytes)) == 0);
140 CHECK_GOTO(buf[buflen - 2] == 0xfe && buf[buflen - 1] == 0xab);
141
142 ret = 1;
143
144err:
145 free(buf);
146 return ret;
147}
148
149static int
150ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
151{
152 uint8_t empty_cipher_bytes[] = {0};
153 CBS cbs;
154
155 sk_SSL_CIPHER_free(*ciphers);
156
157 /* Invalid length: CipherSuite is 2 bytes so it must be even */
158 CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes) - 1);
159 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
160 CHECK(*ciphers == NULL);
161
162 /* Invalid length: cipher_suites must be at least 2 */
163 CBS_init(&cbs, empty_cipher_bytes, sizeof(empty_cipher_bytes));
164 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
165 CHECK(*ciphers == NULL);
166
167 return 1;
168}
169
170int
171main(void)
172{
173 STACK_OF(SSL_CIPHER) *ciphers = NULL;
174 SSL_CTX *ctx = NULL;
175 SSL *s = NULL;
176 int rv = 1;
177
178 SSL_library_init();
179
180 /* Use TLSv1.2 client to get all ciphers. */
181 CHECK_GOTO((ctx = SSL_CTX_new(TLSv1_2_client_method())) != NULL);
182 CHECK_GOTO((s = SSL_new(ctx)) != NULL);
183
184 if (!ssl_bytes_to_list_alloc(s, &ciphers))
185 goto err;
186 if (!ssl_list_to_bytes_scsv(s, &ciphers))
187 goto err;
188 if (!ssl_list_to_bytes_no_scsv(s, &ciphers))
189 goto err;
190 if (!ssl_bytes_to_list_invalid(s, &ciphers))
191 goto err;
192
193 rv = 0;
194
195err:
196 sk_SSL_CIPHER_free(ciphers);
197 SSL_CTX_free(ctx);
198 SSL_free(s);
199
200 if (!rv)
201 printf("PASS %s\n", __FILE__);
202
203 return rv;
204}
diff --git a/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c b/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c
deleted file mode 100644
index 212ea99f30..0000000000
--- a/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c
+++ /dev/null
@@ -1,482 +0,0 @@
1/* $OpenBSD: ssl_get_shared_ciphers.c,v 1.10 2021/05/04 18:20:05 tb Exp $ */
2/*
3 * Copyright (c) 2021 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <stdint.h>
19#include <stdio.h>
20#include <stdlib.h>
21#include <string.h>
22
23#include <openssl/bio.h>
24#include <openssl/crypto.h>
25#include <openssl/err.h>
26#include <openssl/ssl.h>
27
28struct peer_config {
29 const char *name;
30 int server;
31 uint16_t max_version;
32 uint16_t min_version;
33 const char *ciphers;
34};
35
36struct ssl_shared_ciphers_test_data {
37 const char *description;
38 struct peer_config client_config;
39 struct peer_config server_config;
40 const char *shared_ciphers;
41 const char *shared_ciphers_without_aesni;
42};
43
44char *server_cert;
45char *server_key;
46
47static const struct ssl_shared_ciphers_test_data ssl_shared_ciphers_tests[] = {
48 {
49 .description = "TLSv1.3 defaults",
50 .client_config = {
51 .name = "client",
52 .server = 0,
53 .max_version = TLS1_3_VERSION,
54 .min_version = TLS1_3_VERSION,
55 .ciphers =
56 "AEAD-AES256-GCM-SHA384:"
57 "AEAD-CHACHA20-POLY1305-SHA256:"
58 "AEAD-AES128-GCM-SHA256",
59 },
60 .server_config = {
61 .name = "server",
62 .server = 1,
63 .max_version = TLS1_3_VERSION,
64 .min_version = TLS1_3_VERSION,
65 .ciphers =
66 "AEAD-AES256-GCM-SHA384:"
67 "AEAD-CHACHA20-POLY1305-SHA256:"
68 "AEAD-AES128-GCM-SHA256",
69 },
70 .shared_ciphers =
71 "AEAD-AES256-GCM-SHA384:"
72 "AEAD-CHACHA20-POLY1305-SHA256:"
73 "AEAD-AES128-GCM-SHA256",
74 },
75
76 {
77 .description = "TLSv1.3, client without ChaCha",
78 .client_config = {
79 .name = "client",
80 .server = 0,
81 .max_version = TLS1_3_VERSION,
82 .min_version = TLS1_3_VERSION,
83 .ciphers =
84 "AEAD-AES256-GCM-SHA384:"
85 "AEAD-AES128-GCM-SHA256",
86 },
87 .server_config = {
88 .name = "server",
89 .server = 1,
90 .max_version = TLS1_3_VERSION,
91 .min_version = TLS1_3_VERSION,
92 .ciphers =
93 "AEAD-AES256-GCM-SHA384:"
94 "AEAD-CHACHA20-POLY1305-SHA256:"
95 "AEAD-AES128-GCM-SHA256",
96 },
97 .shared_ciphers =
98 "AEAD-AES256-GCM-SHA384:"
99 "AEAD-AES128-GCM-SHA256",
100 },
101
102 {
103 .description = "TLSv1.2",
104 .client_config = {
105 .name = "client",
106 .server = 0,
107 .max_version = TLS1_2_VERSION,
108 .min_version = TLS1_2_VERSION,
109 .ciphers =
110 "ECDHE-RSA-AES256-GCM-SHA384:"
111 "ECDHE-ECDSA-AES256-GCM-SHA384:"
112 "ECDHE-RSA-AES256-SHA384:"
113 "ECDHE-ECDSA-AES256-SHA384:"
114 "ECDHE-RSA-AES256-SHA:"
115 "ECDHE-ECDSA-AES256-SHA",
116 },
117 .server_config = {
118 .name = "server",
119 .server = 1,
120 .max_version = TLS1_2_VERSION,
121 .min_version = TLS1_2_VERSION,
122 .ciphers =
123 "ECDHE-RSA-AES256-GCM-SHA384:"
124 "ECDHE-ECDSA-AES256-GCM-SHA384:"
125 "ECDHE-RSA-AES256-SHA384:"
126 "ECDHE-ECDSA-AES256-SHA384:"
127 "ECDHE-RSA-AES256-SHA:"
128 "ECDHE-ECDSA-AES256-SHA",
129 },
130 .shared_ciphers =
131 "ECDHE-RSA-AES256-GCM-SHA384:"
132 "ECDHE-ECDSA-AES256-GCM-SHA384:"
133 "ECDHE-RSA-AES256-SHA384:"
134 "ECDHE-ECDSA-AES256-SHA384:"
135 "ECDHE-RSA-AES256-SHA:"
136 "ECDHE-ECDSA-AES256-SHA",
137 },
138
139 {
140 .description = "TLSv1.2, server without ECDSA",
141 .client_config = {
142 .name = "client",
143 .server = 0,
144 .max_version = TLS1_2_VERSION,
145 .min_version = TLS1_2_VERSION,
146 .ciphers =
147 "ECDHE-RSA-AES256-GCM-SHA384:"
148 "ECDHE-ECDSA-AES256-GCM-SHA384:"
149 "ECDHE-RSA-AES256-SHA384:"
150 "ECDHE-ECDSA-AES256-SHA384:"
151 "ECDHE-RSA-AES256-SHA:"
152 "ECDHE-ECDSA-AES256-SHA",
153 },
154 .server_config = {
155 .name = "server",
156 .server = 1,
157 .max_version = TLS1_2_VERSION,
158 .min_version = TLS1_2_VERSION,
159 .ciphers =
160 "ECDHE-RSA-AES256-GCM-SHA384:"
161 "ECDHE-RSA-AES256-SHA384:"
162 "ECDHE-RSA-AES256-SHA",
163 },
164 .shared_ciphers =
165 "ECDHE-RSA-AES256-GCM-SHA384:"
166 "ECDHE-RSA-AES256-SHA384:"
167 "ECDHE-RSA-AES256-SHA",
168 },
169
170 {
171 .description = "TLSv1.3 ciphers are prepended",
172 .client_config = {
173 .name = "client",
174 .server = 0,
175 .max_version = TLS1_3_VERSION,
176 .min_version = TLS1_2_VERSION,
177 .ciphers =
178 "ECDHE-RSA-AES256-GCM-SHA384",
179 },
180 .server_config = {
181 .name = "server",
182 .server = 1,
183 .max_version = TLS1_3_VERSION,
184 .min_version = TLS1_2_VERSION,
185 .ciphers =
186 "ECDHE-RSA-AES256-GCM-SHA384",
187 },
188 .shared_ciphers =
189 "AEAD-AES256-GCM-SHA384:"
190 "AEAD-CHACHA20-POLY1305-SHA256:"
191 "AEAD-AES128-GCM-SHA256:"
192 "ECDHE-RSA-AES256-GCM-SHA384",
193 .shared_ciphers_without_aesni =
194 "AEAD-CHACHA20-POLY1305-SHA256:"
195 "AEAD-AES256-GCM-SHA384:"
196 "AEAD-AES128-GCM-SHA256:"
197 "ECDHE-RSA-AES256-GCM-SHA384",
198 },
199};
200
201static const size_t N_SHARED_CIPHERS_TESTS =
202 sizeof(ssl_shared_ciphers_tests) / sizeof(ssl_shared_ciphers_tests[0]);
203
204static SSL_CTX *
205peer_config_to_ssl_ctx(const struct peer_config *config)
206{
207 SSL_CTX *ctx;
208
209 if ((ctx = SSL_CTX_new(TLS_method())) == NULL) {
210 fprintf(stderr, "SSL_CTX_new(%s) failed\n", config->name);
211 goto err;
212 }
213 if (!SSL_CTX_set_max_proto_version(ctx, config->max_version)) {
214 fprintf(stderr, "max_proto_version(%s) failed\n", config->name);
215 goto err;
216 }
217 if (!SSL_CTX_set_min_proto_version(ctx, config->min_version)) {
218 fprintf(stderr, "min_proto_version(%s) failed\n", config->name);
219 goto err;
220 }
221 if (!SSL_CTX_set_cipher_list(ctx, config->ciphers)) {
222 fprintf(stderr, "set_cipher_list(%s) failed\n", config->name);
223 goto err;
224 }
225
226 if (config->server) {
227 if (!SSL_CTX_use_certificate_file(ctx, server_cert,
228 SSL_FILETYPE_PEM)) {
229 fprintf(stderr, "use_certificate_file(%s) failed\n",
230 config->name);
231 goto err;
232 }
233 if (!SSL_CTX_use_PrivateKey_file(ctx, server_key,
234 SSL_FILETYPE_PEM)) {
235 fprintf(stderr, "use_PrivateKey_file(%s) failed\n",
236 config->name);
237 goto err;
238 }
239 }
240
241 return ctx;
242
243 err:
244 SSL_CTX_free(ctx);
245 return NULL;
246}
247
248/* Connect client and server via a pair of "nonblocking" memory BIOs. */
249static int
250connect_peers(SSL *client_ssl, SSL *server_ssl, const char *description)
251{
252 BIO *client_wbio = NULL, *server_wbio = NULL;
253 int ret = 0;
254
255 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL) {
256 fprintf(stderr, "%s: failed to create client BIO\n",
257 description);
258 goto err;
259 }
260 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL) {
261 fprintf(stderr, "%s: failed to create server BIO\n",
262 description);
263 goto err;
264 }
265 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0) {
266 fprintf(stderr, "%s: failed to set client eof return\n",
267 description);
268 goto err;
269 }
270 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0) {
271 fprintf(stderr, "%s: failed to set server eof return\n",
272 description);
273 goto err;
274 }
275
276 /* Avoid double free. SSL_set_bio() takes ownership of the BIOs. */
277 BIO_up_ref(client_wbio);
278 BIO_up_ref(server_wbio);
279
280 SSL_set_bio(client_ssl, server_wbio, client_wbio);
281 SSL_set_bio(server_ssl, client_wbio, server_wbio);
282 client_wbio = NULL;
283 server_wbio = NULL;
284
285 ret = 1;
286
287 err:
288 BIO_free(client_wbio);
289 BIO_free(server_wbio);
290
291 return ret;
292}
293
294static int
295push_data_to_peer(SSL *ssl, int *ret, int (*func)(SSL *), const char *func_name,
296 const char *description)
297{
298 int ssl_err = 0;
299
300 if (*ret == 1)
301 return 1;
302
303 /*
304 * Do SSL_connect/SSL_accept/SSL_shutdown once and loop while hitting
305 * WANT_WRITE. If done or on WANT_READ hand off to peer.
306 */
307
308 do {
309 if ((*ret = func(ssl)) <= 0)
310 ssl_err = SSL_get_error(ssl, *ret);
311 } while (*ret <= 0 && ssl_err == SSL_ERROR_WANT_WRITE);
312
313 /* Ignore erroneous error - see SSL_shutdown(3)... */
314 if (func == SSL_shutdown && ssl_err == SSL_ERROR_SYSCALL)
315 return 1;
316
317 if (*ret <= 0 && ssl_err != SSL_ERROR_WANT_READ) {
318 fprintf(stderr, "%s: %s failed\n", description, func_name);
319 ERR_print_errors_fp(stderr);
320 return 0;
321 }
322
323 return 1;
324}
325
326/*
327 * Alternate between loops of SSL_connect() and SSL_accept() as long as only
328 * WANT_READ and WANT_WRITE situations are encountered. A function is repeated
329 * until WANT_READ is returned or it succeeds, then it's the other function's
330 * turn to make progress. Succeeds if SSL_connect() and SSL_accept() return 1.
331 */
332static int
333handshake(SSL *client_ssl, SSL *server_ssl, const char *description)
334{
335 int loops = 0, client_ret = 0, server_ret = 0;
336
337 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
338 if (!push_data_to_peer(client_ssl, &client_ret, SSL_connect,
339 "SSL_connect", description))
340 return 0;
341
342 if (!push_data_to_peer(server_ssl, &server_ret, SSL_accept,
343 "SSL_accept", description))
344 return 0;
345 }
346
347 if (client_ret != 1 || server_ret != 1) {
348 fprintf(stderr, "%s: failed\n", __func__);
349 return 0;
350 }
351
352 return 1;
353}
354
355static int
356shutdown_peers(SSL *client_ssl, SSL *server_ssl, const char *description)
357{
358 int loops = 0, client_ret = 0, server_ret = 0;
359
360 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
361 if (!push_data_to_peer(client_ssl, &client_ret, SSL_shutdown,
362 "client shutdown", description))
363 return 0;
364
365 if (!push_data_to_peer(server_ssl, &server_ret, SSL_shutdown,
366 "server shutdown", description))
367 return 0;
368 }
369
370 if (client_ret != 1 || server_ret != 1) {
371 fprintf(stderr, "%s: failed\n", __func__);
372 return 0;
373 }
374
375 return 1;
376}
377
378/* from ssl_ciph.c */
379static inline int
380ssl_aes_is_accelerated(void)
381{
382#if defined(__i386__) || defined(__x86_64__)
383 return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
384#else
385 return (0);
386#endif
387}
388
389static int
390check_shared_ciphers(const struct ssl_shared_ciphers_test_data *test,
391 const char *got)
392{
393 const char *want = test->shared_ciphers;
394 int failed;
395
396 if (!ssl_aes_is_accelerated() &&
397 test->shared_ciphers_without_aesni != NULL)
398 want = test->shared_ciphers_without_aesni;
399
400 failed = strcmp(want, got);
401
402 if (failed)
403 fprintf(stderr, "%s: want \"%s\", got \"%s\"\n",
404 test->description, want, got);
405
406 return failed;
407}
408
409static int
410test_get_shared_ciphers(const struct ssl_shared_ciphers_test_data *test)
411{
412 SSL_CTX *client_ctx = NULL, *server_ctx = NULL;
413 SSL *client_ssl = NULL, *server_ssl = NULL;
414 char buf[4096];
415 int failed = 1;
416
417 if ((client_ctx = peer_config_to_ssl_ctx(&test->client_config)) == NULL)
418 goto err;
419 if ((server_ctx = peer_config_to_ssl_ctx(&test->server_config)) == NULL)
420 goto err;
421
422 if ((client_ssl = SSL_new(client_ctx)) == NULL) {
423 fprintf(stderr, "%s: failed to create client SSL\n",
424 test->description);
425 goto err;
426 }
427 if ((server_ssl = SSL_new(server_ctx)) == NULL) {
428 fprintf(stderr, "%s: failed to create server SSL\n",
429 test->description);
430 goto err;
431 }
432
433 if (!connect_peers(client_ssl, server_ssl, test->description))
434 goto err;
435
436 if (!handshake(client_ssl, server_ssl, test->description))
437 goto err;
438
439 if (SSL_get_shared_ciphers(server_ssl, buf, sizeof(buf)) == NULL) {
440 fprintf(stderr, "%s: failed to get shared ciphers\n",
441 test->description);
442 goto err;
443 }
444
445 if (!shutdown_peers(client_ssl, server_ssl, test->description))
446 goto err;
447
448 failed = check_shared_ciphers(test, buf);
449
450 err:
451 SSL_CTX_free(client_ctx);
452 SSL_CTX_free(server_ctx);
453 SSL_free(client_ssl);
454 SSL_free(server_ssl);
455
456 return failed;
457}
458
459int
460main(int argc, char **argv)
461{
462 size_t i;
463 int failed = 0;
464
465 if (asprintf(&server_cert, "%s/server.pem", CERTSDIR) == -1) {
466 fprintf(stderr, "asprintf server_cert failed\n");
467 failed = 1;
468 goto err;
469 }
470 server_key = server_cert;
471
472 for (i = 0; i < N_SHARED_CIPHERS_TESTS; i++)
473 failed |= test_get_shared_ciphers(&ssl_shared_ciphers_tests[i]);
474
475 if (failed == 0)
476 printf("PASS %s\n", __FILE__);
477
478 err:
479 free(server_cert);
480
481 return failed;
482}
diff --git a/src/regress/lib/libssl/unit/ssl_methods.c b/src/regress/lib/libssl/unit/ssl_methods.c
deleted file mode 100644
index 0fc33a406c..0000000000
--- a/src/regress/lib/libssl/unit/ssl_methods.c
+++ /dev/null
@@ -1,267 +0,0 @@
1/* $OpenBSD: ssl_methods.c,v 1.4 2021/04/04 20:21:43 tb Exp $ */
2/*
3 * Copyright (c) 2020 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <stdio.h>
19
20#include <openssl/ssl.h>
21
22struct ssl_method_test_data {
23 const SSL_METHOD *(*method)(void);
24 const char *name;
25 int server;
26 int dtls;
27};
28
29struct ssl_method_test_data ssl_method_tests[] = {
30 {
31 .method = SSLv23_method,
32 .name = "SSLv23_method",
33 .server = 1,
34 .dtls = 0,
35 },
36 {
37 .method = SSLv23_server_method,
38 .name = "SSLv23_server_method",
39 .server = 1,
40 .dtls = 0,
41 },
42 {
43 .method = SSLv23_client_method,
44 .name = "SSLv23_client_method",
45 .server = 0,
46 .dtls = 0,
47 },
48
49 {
50 .method = TLSv1_method,
51 .name = "TLSv1_method",
52 .server = 1,
53 .dtls = 0,
54 },
55 {
56 .method = TLSv1_server_method,
57 .name = "TLSv1_server_method",
58 .server = 1,
59 .dtls = 0,
60 },
61 {
62 .method = TLSv1_client_method,
63 .name = "TLSv1_client_method",
64 .server = 0,
65 .dtls = 0,
66 },
67
68 {
69 .method = TLSv1_1_method,
70 .name = "TLSv1_1_method",
71 .server = 1,
72 .dtls = 0,
73 },
74 {
75 .method = TLSv1_1_server_method,
76 .name = "TLSv1_1_server_method",
77 .server = 1,
78 .dtls = 0,
79 },
80 {
81 .method = TLSv1_1_client_method,
82 .name = "TLSv1_1_client_method",
83 .server = 0,
84 .dtls = 0,
85 },
86
87 {
88 .method = TLSv1_2_method,
89 .name = "TLSv1_2_method",
90 .server = 1,
91 .dtls = 0,
92 },
93 {
94 .method = TLSv1_2_server_method,
95 .name = "TLSv1_2_server_method",
96 .server = 1,
97 .dtls = 0,
98 },
99 {
100 .method = TLSv1_2_client_method,
101 .name = "TLSv1_2_client_method",
102 .server = 0,
103 .dtls = 0,
104 },
105
106 {
107 .method = TLS_method,
108 .name = "TLS_method",
109 .server = 1,
110 .dtls = 0,
111 },
112 {
113 .method = TLS_server_method,
114 .name = "TLS_server_method",
115 .server = 1,
116 .dtls = 0,
117 },
118 {
119 .method = TLS_client_method,
120 .name = "TLS_client_method",
121 .server = 0,
122 .dtls = 0,
123 },
124
125 {
126 .method = DTLSv1_method,
127 .name = "DTLSv1_method",
128 .server = 1,
129 .dtls = 1,
130 },
131 {
132 .method = DTLSv1_server_method,
133 .name = "DTLSv1_server_method",
134 .server = 1,
135 .dtls = 1,
136 },
137 {
138 .method = DTLSv1_client_method,
139 .name = "DTLSv1_client_method",
140 .server = 0,
141 .dtls = 1,
142 },
143
144 {
145 .method = DTLSv1_2_method,
146 .name = "DTLSv1_2_method",
147 .server = 1,
148 .dtls = 1,
149 },
150 {
151 .method = DTLSv1_2_server_method,
152 .name = "DTLSv1_2_server_method",
153 .server = 1,
154 .dtls = 1,
155 },
156 {
157 .method = DTLSv1_2_client_method,
158 .name = "DTLSv1_2_client_method",
159 .server = 0,
160 .dtls = 1,
161 },
162
163 {
164 .method = DTLS_method,
165 .name = "DTLS_method",
166 .server = 1,
167 .dtls = 1,
168 },
169 {
170 .method = DTLS_server_method,
171 .name = "DTLS_server_method",
172 .server = 1,
173 .dtls = 1,
174 },
175 {
176 .method = DTLS_client_method,
177 .name = "DTLS_client_method",
178 .server = 0,
179 .dtls = 1,
180 },
181};
182
183#define N_METHOD_TESTS (sizeof(ssl_method_tests) / sizeof(ssl_method_tests[0]))
184
185int test_client_or_server_method(struct ssl_method_test_data *);
186int test_dtls_method(struct ssl_method_test_data *);
187
188int
189test_client_or_server_method(struct ssl_method_test_data *testcase)
190{
191 SSL_CTX *ssl_ctx;
192 SSL *ssl = NULL;
193 int failed = 1;
194
195 if ((ssl_ctx = SSL_CTX_new(testcase->method())) == NULL) {
196 fprintf(stderr, "SSL_CTX_new returned NULL\n");
197 goto err;
198 }
199
200 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
201 fprintf(stderr, "SSL_new returned NULL\n");
202 goto err;
203 }
204
205 if (SSL_is_server(ssl) != testcase->server) {
206 fprintf(stderr, "%s: SSL_is_server: want %d, got %d\n",
207 testcase->name, testcase->server, SSL_is_server(ssl));
208 goto err;
209 }
210
211 failed = 0;
212
213 err:
214 SSL_free(ssl);
215 SSL_CTX_free(ssl_ctx);
216
217 return failed;
218}
219
220int
221test_dtls_method(struct ssl_method_test_data *testcase)
222{
223 SSL_CTX *ssl_ctx;
224 SSL *ssl = NULL;
225 int failed = 1;
226
227 if ((ssl_ctx = SSL_CTX_new(testcase->method())) == NULL) {
228 fprintf(stderr, "SSL_CTX_new returned NULL\n");
229 goto err;
230 }
231
232 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
233 fprintf(stderr, "SSL_new returned NULL\n");
234 goto err;
235 }
236
237 if (SSL_is_dtls(ssl) != testcase->dtls) {
238 fprintf(stderr, "%s: SSL_is_dtls: want %d, got %d\n",
239 testcase->name, testcase->dtls, SSL_is_dtls(ssl));
240 goto err;
241 }
242
243 failed = 0;
244
245 err:
246 SSL_free(ssl);
247 SSL_CTX_free(ssl_ctx);
248
249 return failed;
250}
251
252int
253main(int argc, char **argv)
254{
255 size_t i;
256 int failed = 0;
257
258 for (i = 0; i < N_METHOD_TESTS; i++) {
259 failed |= test_client_or_server_method(&ssl_method_tests[i]);
260 failed |= test_dtls_method(&ssl_method_tests[i]);
261 }
262
263 if (failed == 0)
264 printf("PASS %s\n", __FILE__);
265
266 return failed;
267}
diff --git a/src/regress/lib/libssl/unit/ssl_versions.c b/src/regress/lib/libssl/unit/ssl_versions.c
deleted file mode 100644
index 2ca72157ab..0000000000
--- a/src/regress/lib/libssl/unit/ssl_versions.c
+++ /dev/null
@@ -1,910 +0,0 @@
1/* $OpenBSD: ssl_versions.c,v 1.15 2021/06/27 16:54:55 jsing Exp $ */
2/*
3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include "ssl_locl.h"
21
22struct version_range_test {
23 const long options;
24 const uint16_t minver;
25 const uint16_t maxver;
26 const uint16_t want_minver;
27 const uint16_t want_maxver;
28};
29
30static struct version_range_test version_range_tests[] = {
31 {
32 .options = 0,
33 .minver = TLS1_VERSION,
34 .maxver = TLS1_3_VERSION,
35 .want_minver = TLS1_VERSION,
36 .want_maxver = TLS1_3_VERSION,
37 },
38 {
39 .options = 0,
40 .minver = TLS1_VERSION,
41 .maxver = TLS1_2_VERSION,
42 .want_minver = TLS1_VERSION,
43 .want_maxver = TLS1_2_VERSION,
44 },
45 {
46 .options = SSL_OP_NO_TLSv1,
47 .minver = TLS1_VERSION,
48 .maxver = TLS1_2_VERSION,
49 .want_minver = TLS1_1_VERSION,
50 .want_maxver = TLS1_2_VERSION,
51 },
52 {
53 .options = SSL_OP_NO_TLSv1_3,
54 .minver = TLS1_VERSION,
55 .maxver = TLS1_3_VERSION,
56 .want_minver = TLS1_VERSION,
57 .want_maxver = TLS1_2_VERSION,
58 },
59 {
60 .options = SSL_OP_NO_TLSv1_2,
61 .minver = TLS1_VERSION,
62 .maxver = TLS1_2_VERSION,
63 .want_minver = TLS1_VERSION,
64 .want_maxver = TLS1_1_VERSION,
65 },
66 {
67 .options = SSL_OP_NO_TLSv1_1,
68 .minver = TLS1_VERSION,
69 .maxver = TLS1_2_VERSION,
70 .want_minver = TLS1_VERSION,
71 .want_maxver = TLS1_VERSION,
72 },
73 {
74 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
75 .minver = TLS1_VERSION,
76 .maxver = TLS1_2_VERSION,
77 .want_minver = TLS1_2_VERSION,
78 .want_maxver = TLS1_2_VERSION,
79 },
80 {
81 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
82 .minver = TLS1_VERSION,
83 .maxver = TLS1_2_VERSION,
84 .want_minver = TLS1_VERSION,
85 .want_maxver = TLS1_VERSION,
86 },
87 {
88 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2,
89 .minver = TLS1_VERSION,
90 .maxver = TLS1_2_VERSION,
91 .want_minver = TLS1_1_VERSION,
92 .want_maxver = TLS1_1_VERSION,
93 },
94 {
95 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
96 SSL_OP_NO_TLSv1_2,
97 .minver = TLS1_VERSION,
98 .maxver = TLS1_2_VERSION,
99 .want_minver = 0,
100 .want_maxver = 0,
101 },
102 {
103 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
104 SSL_OP_NO_TLSv1_2,
105 .minver = TLS1_VERSION,
106 .maxver = TLS1_3_VERSION,
107 .want_minver = TLS1_3_VERSION,
108 .want_maxver = TLS1_3_VERSION,
109 },
110 {
111 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
112 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3,
113 .minver = TLS1_VERSION,
114 .maxver = TLS1_3_VERSION,
115 .want_minver = 0,
116 .want_maxver = 0,
117 },
118 {
119 .options = 0,
120 .minver = TLS1_VERSION,
121 .maxver = TLS1_2_VERSION,
122 .want_minver = TLS1_VERSION,
123 .want_maxver = TLS1_2_VERSION,
124 },
125 {
126 .options = 0,
127 .minver = TLS1_1_VERSION,
128 .maxver = TLS1_2_VERSION,
129 .want_minver = TLS1_1_VERSION,
130 .want_maxver = TLS1_2_VERSION,
131 },
132 {
133 .options = 0,
134 .minver = TLS1_2_VERSION,
135 .maxver = TLS1_2_VERSION,
136 .want_minver = TLS1_2_VERSION,
137 .want_maxver = TLS1_2_VERSION,
138 },
139 {
140 .options = 0,
141 .minver = TLS1_VERSION,
142 .maxver = TLS1_3_VERSION,
143 .want_minver = TLS1_VERSION,
144 .want_maxver = TLS1_3_VERSION,
145 },
146 {
147 .options = 0,
148 .minver = TLS1_1_VERSION,
149 .maxver = TLS1_3_VERSION,
150 .want_minver = TLS1_1_VERSION,
151 .want_maxver = TLS1_3_VERSION,
152 },
153 {
154 .options = 0,
155 .minver = TLS1_2_VERSION,
156 .maxver = TLS1_3_VERSION,
157 .want_minver = TLS1_2_VERSION,
158 .want_maxver = TLS1_3_VERSION,
159 },
160 {
161 .options = 0,
162 .minver = TLS1_3_VERSION,
163 .maxver = TLS1_3_VERSION,
164 .want_minver = TLS1_3_VERSION,
165 .want_maxver = TLS1_3_VERSION,
166 },
167 {
168 .options = 0,
169 .minver = TLS1_VERSION,
170 .maxver = TLS1_1_VERSION,
171 .want_minver = TLS1_VERSION,
172 .want_maxver = TLS1_1_VERSION,
173 },
174 {
175 .options = 0,
176 .minver = TLS1_VERSION,
177 .maxver = TLS1_VERSION,
178 .want_minver = TLS1_VERSION,
179 .want_maxver = TLS1_VERSION,
180 },
181};
182
183#define N_VERSION_RANGE_TESTS \
184 (sizeof(version_range_tests) / sizeof(*version_range_tests))
185
186static int
187test_ssl_enabled_version_range(void)
188{
189 struct version_range_test *vrt;
190 uint16_t minver, maxver;
191 SSL_CTX *ssl_ctx = NULL;
192 SSL *ssl = NULL;
193 int failed = 1;
194 size_t i;
195
196 fprintf(stderr, "INFO: starting enabled version range tests...\n");
197
198 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) {
199 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
200 goto failure;
201 }
202 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
203 fprintf(stderr, "SSL_new() returned NULL\n");
204 goto failure;
205 }
206
207 failed = 0;
208
209 for (i = 0; i < N_VERSION_RANGE_TESTS; i++) {
210 vrt = &version_range_tests[i];
211
212 SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
213 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
214 SSL_set_options(ssl, vrt->options);
215
216 minver = maxver = 0xffff;
217 ssl->internal->min_tls_version = vrt->minver;
218 ssl->internal->max_tls_version = vrt->maxver;
219
220 if (ssl_enabled_tls_version_range(ssl, &minver, &maxver) != 1) {
221 if (vrt->want_minver != 0 || vrt->want_maxver != 0) {
222 fprintf(stderr, "FAIL: test %zu - failed but "
223 "wanted non-zero versions\n", i);
224 failed++;
225 }
226 continue;
227 }
228 if (minver != vrt->want_minver) {
229 fprintf(stderr, "FAIL: test %zu - got minver %x, "
230 "want %x\n", i, minver, vrt->want_minver);
231 failed++;
232 }
233 if (maxver != vrt->want_maxver) {
234 fprintf(stderr, "FAIL: test %zu - got maxver %x, "
235 "want %x\n", i, maxver, vrt->want_maxver);
236 failed++;
237 }
238 }
239
240 failure:
241 SSL_CTX_free(ssl_ctx);
242 SSL_free(ssl);
243
244 return (failed);
245}
246
247struct shared_version_test {
248 const SSL_METHOD *(*ssl_method)(void);
249 const long options;
250 const uint16_t minver;
251 const uint16_t maxver;
252 const uint16_t peerver;
253 const uint16_t want_maxver;
254};
255
256static struct shared_version_test shared_version_tests[] = {
257 {
258 .ssl_method = TLS_method,
259 .options = 0,
260 .minver = TLS1_VERSION,
261 .maxver = TLS1_2_VERSION,
262 .peerver = SSL2_VERSION,
263 .want_maxver = 0,
264 },
265 {
266 .ssl_method = TLS_method,
267 .options = 0,
268 .minver = TLS1_VERSION,
269 .maxver = TLS1_2_VERSION,
270 .peerver = SSL3_VERSION,
271 .want_maxver = 0,
272 },
273 {
274 .ssl_method = TLS_method,
275 .options = 0,
276 .minver = TLS1_VERSION,
277 .maxver = TLS1_2_VERSION,
278 .peerver = TLS1_VERSION,
279 .want_maxver = TLS1_VERSION,
280 },
281 {
282 .ssl_method = TLS_method,
283 .options = 0,
284 .minver = TLS1_VERSION,
285 .maxver = TLS1_2_VERSION,
286 .peerver = TLS1_1_VERSION,
287 .want_maxver = TLS1_1_VERSION,
288 },
289 {
290 .ssl_method = TLS_method,
291 .options = 0,
292 .minver = TLS1_VERSION,
293 .maxver = TLS1_2_VERSION,
294 .peerver = TLS1_2_VERSION,
295 .want_maxver = TLS1_2_VERSION,
296 },
297 {
298 .ssl_method = TLS_method,
299 .options = 0,
300 .minver = TLS1_VERSION,
301 .maxver = TLS1_2_VERSION,
302 .peerver = TLS1_3_VERSION,
303 .want_maxver = TLS1_2_VERSION,
304 },
305 {
306 .ssl_method = TLS_method,
307 .options = 0,
308 .minver = TLS1_VERSION,
309 .maxver = TLS1_2_VERSION,
310 .peerver = 0x7f12,
311 .want_maxver = TLS1_2_VERSION,
312 },
313 {
314 .ssl_method = TLS_method,
315 .options = SSL_OP_NO_TLSv1_2,
316 .minver = TLS1_VERSION,
317 .maxver = TLS1_2_VERSION,
318 .peerver = TLS1_2_VERSION,
319 .want_maxver = TLS1_1_VERSION,
320 },
321 {
322 .ssl_method = TLS_method,
323 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
324 .minver = TLS1_VERSION,
325 .maxver = TLS1_2_VERSION,
326 .peerver = TLS1_2_VERSION,
327 .want_maxver = TLS1_VERSION,
328 },
329 {
330 .ssl_method = TLS_method,
331 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
332 .minver = TLS1_VERSION,
333 .maxver = TLS1_2_VERSION,
334 .peerver = TLS1_2_VERSION,
335 .want_maxver = 0,
336 },
337 {
338 .ssl_method = TLS_method,
339 .options = SSL_OP_NO_TLSv1,
340 .minver = TLS1_VERSION,
341 .maxver = TLS1_2_VERSION,
342 .peerver = TLS1_1_VERSION,
343 .want_maxver = TLS1_1_VERSION,
344 },
345 {
346 .ssl_method = TLS_method,
347 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
348 .minver = TLS1_VERSION,
349 .maxver = TLS1_2_VERSION,
350 .peerver = TLS1_1_VERSION,
351 .want_maxver = 0,
352 },
353 {
354 .ssl_method = TLS_method,
355 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
356 .minver = TLS1_VERSION,
357 .maxver = TLS1_2_VERSION,
358 .peerver = TLS1_1_VERSION,
359 .want_maxver = TLS1_VERSION,
360 },
361 {
362 .ssl_method = TLS_method,
363 .options = SSL_OP_NO_TLSv1,
364 .minver = TLS1_VERSION,
365 .maxver = TLS1_2_VERSION,
366 .peerver = TLS1_VERSION,
367 .want_maxver = 0,
368 },
369 {
370 .ssl_method = TLS_method,
371 .options = 0,
372 .minver = TLS1_VERSION,
373 .maxver = TLS1_1_VERSION,
374 .peerver = TLS1_2_VERSION,
375 .want_maxver = TLS1_1_VERSION,
376 },
377 {
378 .ssl_method = TLS_method,
379 .options = 0,
380 .minver = TLS1_VERSION,
381 .maxver = TLS1_VERSION,
382 .peerver = TLS1_2_VERSION,
383 .want_maxver = TLS1_VERSION,
384 },
385 {
386 .ssl_method = TLSv1_method,
387 .options = 0,
388 .minver = TLS1_VERSION,
389 .maxver = TLS1_2_VERSION,
390 .peerver = TLS1_VERSION,
391 .want_maxver = TLS1_VERSION,
392 },
393 {
394 .ssl_method = TLSv1_method,
395 .options = 0,
396 .minver = TLS1_1_VERSION,
397 .maxver = TLS1_2_VERSION,
398 .peerver = TLS1_VERSION,
399 .want_maxver = 0,
400 },
401 {
402 .ssl_method = TLSv1_1_method,
403 .options = 0,
404 .minver = TLS1_VERSION,
405 .maxver = TLS1_2_VERSION,
406 .peerver = TLS1_1_VERSION,
407 .want_maxver = TLS1_1_VERSION,
408 },
409 {
410 .ssl_method = DTLS_method,
411 .options = 0,
412 .minver = TLS1_1_VERSION,
413 .maxver = TLS1_2_VERSION,
414 .peerver = DTLS1_VERSION,
415 .want_maxver = DTLS1_VERSION,
416 },
417 {
418 .ssl_method = DTLS_method,
419 .options = 0,
420 .minver = TLS1_1_VERSION,
421 .maxver = TLS1_2_VERSION,
422 .peerver = DTLS1_2_VERSION,
423 .want_maxver = DTLS1_2_VERSION,
424 },
425 {
426 .ssl_method = DTLS_method,
427 .options = 0,
428 .minver = TLS1_1_VERSION,
429 .maxver = TLS1_2_VERSION,
430 .peerver = 0xfefc, /* DTLSv1.3, probably. */
431 .want_maxver = DTLS1_2_VERSION,
432 },
433 {
434 .ssl_method = DTLSv1_method,
435 .options = 0,
436 .minver = TLS1_1_VERSION,
437 .maxver = TLS1_1_VERSION,
438 .peerver = DTLS1_2_VERSION,
439 .want_maxver = DTLS1_VERSION,
440 },
441 {
442 .ssl_method = DTLSv1_2_method,
443 .options = 0,
444 .minver = TLS1_2_VERSION,
445 .maxver = TLS1_2_VERSION,
446 .peerver = DTLS1_2_VERSION,
447 .want_maxver = DTLS1_2_VERSION,
448 },
449 {
450 .ssl_method = DTLSv1_method,
451 .options = 0,
452 .minver = TLS1_1_VERSION,
453 .maxver = TLS1_1_VERSION,
454 .peerver = TLS1_2_VERSION,
455 .want_maxver = 0,
456 },
457 {
458 .ssl_method = DTLS_method,
459 .options = SSL_OP_NO_DTLSv1,
460 .minver = TLS1_1_VERSION,
461 .maxver = TLS1_2_VERSION,
462 .peerver = DTLS1_VERSION,
463 .want_maxver = 0,
464 },
465 {
466 .ssl_method = DTLS_method,
467 .options = SSL_OP_NO_DTLSv1,
468 .minver = TLS1_1_VERSION,
469 .maxver = TLS1_2_VERSION,
470 .peerver = DTLS1_2_VERSION,
471 .want_maxver = DTLS1_2_VERSION,
472 },
473 {
474 .ssl_method = DTLS_method,
475 .options = SSL_OP_NO_DTLSv1_2,
476 .minver = TLS1_1_VERSION,
477 .maxver = TLS1_2_VERSION,
478 .peerver = DTLS1_2_VERSION,
479 .want_maxver = DTLS1_VERSION,
480 },
481};
482
483#define N_SHARED_VERSION_TESTS \
484 (sizeof(shared_version_tests) / sizeof(*shared_version_tests))
485
486static int
487test_ssl_max_shared_version(void)
488{
489 struct shared_version_test *svt;
490 SSL_CTX *ssl_ctx = NULL;
491 SSL *ssl = NULL;
492 uint16_t maxver;
493 int failed = 0;
494 size_t i;
495
496 failed = 0;
497
498 fprintf(stderr, "INFO: starting max shared version tests...\n");
499
500 for (i = 0; i < N_SHARED_VERSION_TESTS; i++) {
501 svt = &shared_version_tests[i];
502
503 if ((ssl_ctx = SSL_CTX_new(svt->ssl_method())) == NULL) {
504 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
505 return 1;
506 }
507 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
508 fprintf(stderr, "SSL_new() returned NULL\n");
509 return 1;
510 }
511
512 SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
513 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
514 SSL_set_options(ssl, svt->options);
515
516 maxver = 0;
517 ssl->internal->min_tls_version = svt->minver;
518 ssl->internal->max_tls_version = svt->maxver;
519
520 if (!ssl_max_shared_version(ssl, svt->peerver, &maxver)) {
521 if (svt->want_maxver != 0) {
522 fprintf(stderr, "FAIL: test %zu - failed but "
523 "wanted non-zero shared version (peer %x)\n",
524 i, svt->peerver);
525 failed++;
526 }
527 continue;
528 }
529 if (maxver != svt->want_maxver) {
530 fprintf(stderr, "FAIL: test %zu - got shared "
531 "version %x, want %x\n", i, maxver,
532 svt->want_maxver);
533 failed++;
534 }
535
536 SSL_CTX_free(ssl_ctx);
537 SSL_free(ssl);
538 }
539
540 return (failed);
541}
542
543struct min_max_version_test {
544 const SSL_METHOD *(*ssl_method)(void);
545 const uint16_t minver;
546 const uint16_t maxver;
547 const uint16_t want_minver;
548 const uint16_t want_maxver;
549 const int want_min_fail;
550 const int want_max_fail;
551};
552
553static struct min_max_version_test min_max_version_tests[] = {
554 {
555 .ssl_method = TLS_method,
556 .minver = 0,
557 .maxver = 0,
558 .want_minver = 0,
559 .want_maxver = 0,
560 },
561 {
562 .ssl_method = TLS_method,
563 .minver = TLS1_VERSION,
564 .maxver = 0,
565 .want_minver = TLS1_VERSION,
566 .want_maxver = 0,
567 },
568 {
569 .ssl_method = TLS_method,
570 .minver = 0,
571 .maxver = TLS1_2_VERSION,
572 .want_minver = 0,
573 .want_maxver = TLS1_2_VERSION,
574 },
575 {
576 .ssl_method = TLS_method,
577 .minver = 0,
578 .maxver = TLS1_3_VERSION,
579 .want_minver = 0,
580 .want_maxver = TLS1_3_VERSION,
581 },
582 {
583 .ssl_method = TLS_method,
584 .minver = TLS1_VERSION,
585 .maxver = TLS1_2_VERSION,
586 .want_minver = TLS1_VERSION,
587 .want_maxver = TLS1_2_VERSION,
588 },
589 {
590 .ssl_method = TLS_method,
591 .minver = TLS1_1_VERSION,
592 .maxver = 0,
593 .want_minver = TLS1_1_VERSION,
594 .want_maxver = 0,
595 },
596 {
597 .ssl_method = TLS_method,
598 .minver = TLS1_2_VERSION,
599 .maxver = 0,
600 .want_minver = TLS1_2_VERSION,
601 .want_maxver = 0,
602 },
603 {
604 .ssl_method = TLS_method,
605 .minver = 0x0300,
606 .maxver = 0,
607 .want_minver = TLS1_VERSION,
608 .want_maxver = 0,
609 },
610 {
611 .ssl_method = TLS_method,
612 .minver = 0x0305,
613 .maxver = 0,
614 .want_min_fail = 1,
615 },
616 {
617 .ssl_method = TLS_method,
618 .minver = 0,
619 .maxver = 0x0305,
620 .want_minver = 0,
621 .want_maxver = TLS1_3_VERSION,
622 },
623 {
624 .ssl_method = TLS_method,
625 .minver = 0,
626 .maxver = TLS1_1_VERSION,
627 .want_minver = 0,
628 .want_maxver = TLS1_1_VERSION,
629 },
630 {
631 .ssl_method = TLS_method,
632 .minver = 0,
633 .maxver = TLS1_VERSION,
634 .want_minver = 0,
635 .want_maxver = TLS1_VERSION,
636 },
637 {
638 .ssl_method = TLS_method,
639 .minver = 0,
640 .maxver = 0x0300,
641 .want_max_fail = 1,
642 },
643 {
644 .ssl_method = TLS_method,
645 .minver = TLS1_2_VERSION,
646 .maxver = TLS1_1_VERSION,
647 .want_minver = TLS1_2_VERSION,
648 .want_maxver = 0,
649 .want_max_fail = 1,
650 },
651 {
652 .ssl_method = TLSv1_1_method,
653 .minver = 0,
654 .maxver = 0,
655 .want_minver = 0,
656 .want_maxver = 0,
657 },
658 {
659 .ssl_method = TLSv1_1_method,
660 .minver = TLS1_VERSION,
661 .maxver = TLS1_2_VERSION,
662 .want_minver = TLS1_1_VERSION,
663 .want_maxver = TLS1_1_VERSION,
664 },
665 {
666 .ssl_method = TLSv1_1_method,
667 .minver = TLS1_2_VERSION,
668 .maxver = 0,
669 .want_minver = 0,
670 .want_maxver = 0,
671 .want_min_fail = 1,
672 },
673 {
674 .ssl_method = TLSv1_1_method,
675 .minver = 0,
676 .maxver = TLS1_VERSION,
677 .want_minver = 0,
678 .want_maxver = 0,
679 .want_max_fail = 1,
680 },
681 {
682 .ssl_method = DTLS_method,
683 .minver = 0,
684 .maxver = 0,
685 .want_minver = 0,
686 .want_maxver = 0,
687 },
688 {
689 .ssl_method = DTLS_method,
690 .minver = 0,
691 .maxver = DTLS1_VERSION,
692 .want_minver = 0,
693 .want_maxver = DTLS1_VERSION,
694 },
695 {
696 .ssl_method = DTLS_method,
697 .minver = DTLS1_VERSION,
698 .maxver = 0,
699 .want_minver = DTLS1_VERSION,
700 .want_maxver = 0,
701 },
702 {
703 .ssl_method = DTLS_method,
704 .minver = DTLS1_VERSION,
705 .maxver = DTLS1_2_VERSION,
706 .want_minver = DTLS1_VERSION,
707 .want_maxver = DTLS1_2_VERSION,
708 },
709 {
710 .ssl_method = DTLSv1_method,
711 .minver = 0,
712 .maxver = 0,
713 .want_minver = 0,
714 .want_maxver = 0,
715 },
716 {
717 .ssl_method = DTLSv1_method,
718 .minver = DTLS1_VERSION,
719 .maxver = 0,
720 .want_minver = DTLS1_VERSION,
721 .want_maxver = 0,
722 },
723 {
724 .ssl_method = DTLSv1_method,
725 .minver = 0,
726 .maxver = DTLS1_VERSION,
727 .want_minver = 0,
728 .want_maxver = DTLS1_VERSION,
729 },
730 {
731 .ssl_method = DTLSv1_method,
732 .minver = 0,
733 .maxver = DTLS1_2_VERSION,
734 .want_minver = 0,
735 .want_maxver = DTLS1_VERSION,
736 },
737 {
738 .ssl_method = DTLSv1_method,
739 .minver = TLS1_VERSION,
740 .maxver = TLS1_2_VERSION,
741 .want_minver = 0,
742 .want_maxver = 0,
743 .want_min_fail = 1,
744 .want_max_fail = 1,
745 },
746};
747
748#define N_MIN_MAX_VERSION_TESTS \
749 (sizeof(min_max_version_tests) / sizeof(*min_max_version_tests))
750
751static int
752test_ssl_min_max_version(void)
753{
754 struct min_max_version_test *mmvt;
755 SSL_CTX *ssl_ctx = NULL;
756 SSL *ssl = NULL;
757 int failed = 0;
758 size_t i;
759
760 failed = 0;
761
762 fprintf(stderr, "INFO: starting min max version tests...\n");
763
764 for (i = 0; i < N_MIN_MAX_VERSION_TESTS; i++) {
765 mmvt = &min_max_version_tests[i];
766
767 if ((ssl_ctx = SSL_CTX_new(mmvt->ssl_method())) == NULL) {
768 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
769 return 1;
770 }
771
772 if (!SSL_CTX_set_min_proto_version(ssl_ctx, mmvt->minver)) {
773 if (!mmvt->want_min_fail) {
774 fprintf(stderr, "FAIL: test %zu - failed to set "
775 "SSL_CTX min version\n", i);
776 failed++;
777 }
778 goto next;
779 }
780 if (!SSL_CTX_set_max_proto_version(ssl_ctx, mmvt->maxver)) {
781 if (!mmvt->want_max_fail) {
782 fprintf(stderr, "FAIL: test %zu - failed to set "
783 "SSL_CTX min version\n", i);
784 failed++;
785 }
786 goto next;
787 }
788
789 if (mmvt->want_min_fail) {
790 fprintf(stderr, "FAIL: test %zu - successfully set "
791 "SSL_CTX min version, should have failed\n", i);
792 failed++;
793 goto next;
794 }
795 if (mmvt->want_max_fail) {
796 fprintf(stderr, "FAIL: test %zu - successfully set "
797 "SSL_CTX max version, should have failed\n", i);
798 failed++;
799 goto next;
800 }
801
802 if (SSL_CTX_get_min_proto_version(ssl_ctx) != mmvt->want_minver) {
803 fprintf(stderr, "FAIL: test %zu - got SSL_CTX min "
804 "version 0x%x, want 0x%x\n", i,
805 SSL_CTX_get_min_proto_version(ssl_ctx), mmvt->want_minver);
806 failed++;
807 goto next;
808 }
809 if (SSL_CTX_get_max_proto_version(ssl_ctx) != mmvt->want_maxver) {
810 fprintf(stderr, "FAIL: test %zu - got SSL_CTX max "
811 "version 0x%x, want 0x%x\n", i,
812 SSL_CTX_get_max_proto_version(ssl_ctx), mmvt->want_maxver);
813 failed++;
814 goto next;
815 }
816
817 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
818 fprintf(stderr, "SSL_new() returned NULL\n");
819 return 1;
820 }
821
822 if (SSL_get_min_proto_version(ssl) != mmvt->want_minver) {
823 fprintf(stderr, "FAIL: test %zu - initial SSL min "
824 "version 0x%x, want 0x%x\n", i,
825 SSL_get_min_proto_version(ssl), mmvt->want_minver);
826 failed++;
827 goto next;
828 }
829 if (SSL_get_max_proto_version(ssl) != mmvt->want_maxver) {
830 fprintf(stderr, "FAIL: test %zu - initial SSL max "
831 "version 0x%x, want 0x%x\n", i,
832 SSL_get_max_proto_version(ssl), mmvt->want_maxver);
833 failed++;
834 goto next;
835 }
836
837 if (!SSL_set_min_proto_version(ssl, mmvt->minver)) {
838 if (mmvt->want_min_fail) {
839 fprintf(stderr, "FAIL: test %zu - failed to set "
840 "SSL min version\n", i);
841 failed++;
842 }
843 goto next;
844 }
845 if (!SSL_set_max_proto_version(ssl, mmvt->maxver)) {
846 if (mmvt->want_max_fail) {
847 fprintf(stderr, "FAIL: test %zu - failed to set "
848 "SSL min version\n", i);
849 failed++;
850 }
851 goto next;
852 }
853
854 if (mmvt->want_min_fail) {
855 fprintf(stderr, "FAIL: test %zu - successfully set SSL "
856 "min version, should have failed\n", i);
857 failed++;
858 goto next;
859 }
860 if (mmvt->want_max_fail) {
861 fprintf(stderr, "FAIL: test %zu - successfully set SSL "
862 "max version, should have failed\n", i);
863 failed++;
864 goto next;
865 }
866
867 if (SSL_get_min_proto_version(ssl) != mmvt->want_minver) {
868 fprintf(stderr, "FAIL: test %zu - got SSL min "
869 "version 0x%x, want 0x%x\n", i,
870 SSL_get_min_proto_version(ssl), mmvt->want_minver);
871 failed++;
872 goto next;
873 }
874 if (SSL_get_max_proto_version(ssl) != mmvt->want_maxver) {
875 fprintf(stderr, "FAIL: test %zu - got SSL max "
876 "version 0x%x, want 0x%x\n", i,
877 SSL_get_max_proto_version(ssl), mmvt->want_maxver);
878 failed++;
879 goto next;
880 }
881
882 next:
883 SSL_CTX_free(ssl_ctx);
884 SSL_free(ssl);
885
886 ssl_ctx = NULL;
887 ssl = NULL;
888 }
889
890 return (failed);
891}
892
893int
894main(int argc, char **argv)
895{
896 int failed = 0;
897
898 SSL_library_init();
899
900 /* XXX - Test ssl_supported_version_range() */
901
902 failed |= test_ssl_enabled_version_range();
903 failed |= test_ssl_max_shared_version();
904 failed |= test_ssl_min_max_version();
905
906 if (failed == 0)
907 printf("PASS %s\n", __FILE__);
908
909 return (failed);
910}
diff --git a/src/regress/lib/libssl/unit/tests.h b/src/regress/lib/libssl/unit/tests.h
deleted file mode 100644
index 287816946a..0000000000
--- a/src/regress/lib/libssl/unit/tests.h
+++ /dev/null
@@ -1,44 +0,0 @@
1/* $OpenBSD: tests.h,v 1.1 2015/06/27 23:35:52 doug Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef LIBRESSL_REGRESS_TESTS_H__
19#define LIBRESSL_REGRESS_TESTS_H__ 1
20
21/* Ugly macros that are useful for regression tests. */
22
23#define SKIP(a) do { \
24 printf("Skipping test in %s [%s:%d]\n", __func__, __FILE__, \
25 __LINE__); \
26} while (0)
27
28#define CHECK(a) do { \
29 if (!(a)) { \
30 printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
31 __LINE__); \
32 return 0; \
33 } \
34} while (0)
35
36#define CHECK_GOTO(a) do { \
37 if (!(a)) { \
38 printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
39 __LINE__); \
40 goto err; \
41 } \
42} while (0)
43
44#endif /* LIBRESSL_REGRESS_TESTS_H__ */
diff --git a/src/regress/lib/libssl/unit/tls_ext_alpn.c b/src/regress/lib/libssl/unit/tls_ext_alpn.c
deleted file mode 100644
index 378929aa5b..0000000000
--- a/src/regress/lib/libssl/unit/tls_ext_alpn.c
+++ /dev/null
@@ -1,442 +0,0 @@
1/* $OpenBSD: tls_ext_alpn.c,v 1.7 2020/07/03 04:14:10 tb Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/*
19 * Test TLS extension Application-Layer Protocol Negotiation (RFC 7301).
20 */
21#include <stdio.h>
22#include <openssl/ssl.h>
23
24#include "ssl_locl.h"
25#include "ssl_tlsext.h"
26
27#include "tests.h"
28
29/*
30 * In the ProtocolNameList, ProtocolNames must not include empty strings and
31 * byte strings must not be truncated.
32 *
33 * This uses some of the IANA approved protocol names from:
34 * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
35 */
36
37/* Valid for client and server since it only has one name. */
38static uint8_t proto_single[] = {
39 /* Extension extensions<0..2^16-1> -- All TLS extensions */
40 0x00, 0x0f, /* len */
41 /* ExtensionType extension_type */
42 0x00, 0x10, /* ALPN */
43 /* opaque extension_data<0..2^16-1> */
44 0x00, 0x0b, /* len */
45 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
46 0x00, 0x09, /* len of all names */
47 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
48 0x08, /* len */
49 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31
50};
51
52/* Valid for client, but NOT server. Server must have exactly one name. */
53static uint8_t proto_multiple1[] = {
54 /* Extension extensions<0..2^16-1> -- All TLS extensions */
55 0x00, 0x19, /* len */
56 /* ExtensionType extension_type */
57 0x00, 0x10, /* ALPN */
58 /* opaque extension_data<0..2^16-1> */
59 0x00, 0x15, /* len */
60 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
61 0x00, 0x13, /* len of all names */
62 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
63 0x08, /* len */
64 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
65 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
66 0x09, /* len */
67 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
68};
69
70/* Valid for client, but NOT server. Server must have exactly one name. */
71static uint8_t proto_multiple2[] = {
72 /* Extension extensions<0..2^16-1> -- All TLS extensions */
73 0x00, 0x1c, /* len */
74 /* ExtensionType extension_type */
75 0x00, 0x10, /* ALPN */
76 /* opaque extension_data<0..2^16-1> */
77 0x00, 0x18, /* len */
78 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
79 0x00, 0x16, /* len of all names */
80 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
81 0x08, /* len */
82 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
83 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
84 0x02, /* len */
85 0x68, 0x32,
86 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
87 0x09, /* len */
88 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
89};
90
91/* Valid for client, but NOT server. Server must have exactly one name. */
92static uint8_t proto_multiple3[] = {
93 /* Extension extensions<0..2^16-1> -- All TLS extensions */
94 0x00, 0x20, /* len */
95 /* ExtensionType extension_type */
96 0x00, 0x10, /* ALPN */
97 /* opaque extension_data<0..2^16-1> */
98 0x00, 0x1c, /* len */
99 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
100 0x00, 0x1a, /* len of all names */
101 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
102 0x08, /* len */
103 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
104 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
105 0x02, /* len */
106 0x68, 0x32,
107 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
108 0x09, /* len */
109 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e,
110 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
111 0x03, /* len */
112 0x68, 0x32, 0x63
113};
114
115static uint8_t proto_empty[] = {
116 /* Extension extensions<0..2^16-1> -- All TLS extensions. */
117 0x00, 0x00, /* none present. */
118};
119
120/* Invalid for both client and server. Length is wrong. */
121static uint8_t proto_invalid_len1[] = {
122 /* Extension extensions<0..2^16-1> -- All TLS extensions */
123 0x00, 0x0a, /* len */
124 /* ExtensionType extension_type */
125 0x00, 0x10, /* ALPN */
126 /* opaque extension_data<0..2^16-1> */
127 0x00, 0x06, /* len */
128 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
129 0x00, 0x04, /* len of all names */
130 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
131 0x04, /* XXX len too large */
132 0x68, 0x32, 0x63
133};
134static uint8_t proto_invalid_len2[] = {
135 /* Extension extensions<0..2^16-1> -- All TLS extensions */
136 0x00, 0x0a, /* len */
137 /* ExtensionType extension_type */
138 0x00, 0x10, /* ALPN */
139 /* opaque extension_data<0..2^16-1> */
140 0x00, 0x06, /* len */
141 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
142 0x00, 0x04, /* len of all names */
143 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
144 0x02, /* XXX len too small */
145 0x68, 0x32, 0x63
146};
147static uint8_t proto_invalid_len3[] = {
148 /* Extension extensions<0..2^16-1> -- All TLS extensions */
149 0x00, 0x0a, /* len */
150 /* ExtensionType extension_type */
151 0x00, 0x10, /* ALPN */
152 /* opaque extension_data<0..2^16-1> */
153 0x00, 0x06, /* len */
154 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
155 0x00, 0x03, /* XXX len too small */
156 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
157 0x03, /* len */
158 0x68, 0x32, 0x63
159};
160static uint8_t proto_invalid_len4[] = {
161 /* Extension extensions<0..2^16-1> -- All TLS extensions */
162 0x00, 0x0a, /* len */
163 /* ExtensionType extension_type */
164 0x00, 0x10, /* ALPN */
165 /* opaque extension_data<0..2^16-1> */
166 0x00, 0x06, /* len */
167 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
168 0x00, 0x06, /* XXX len too large */
169 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
170 0x03, /* len */
171 0x68, 0x32, 0x63
172};
173static uint8_t proto_invalid_len5[] = {
174 /* Extension extensions<0..2^16-1> -- All TLS extensions */
175 0x00, 0x0a, /* len */
176 /* ExtensionType extension_type */
177 0x00, 0x10, /* ALPN */
178 /* opaque extension_data<0..2^16-1> */
179 0x01, 0x08, /* XXX len too large */
180 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
181 0x00, 0x04, /* len */
182 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
183 0x03, /* len */
184 0x68, 0x32, 0x63
185};
186static uint8_t proto_invalid_len6[] = {
187 /* Extension extensions<0..2^16-1> -- All TLS extensions */
188 0x00, 0x0a, /* len */
189 /* ExtensionType extension_type */
190 0x00, 0x10, /* ALPN */
191 /* opaque extension_data<0..2^16-1> */
192 0x00, 0x05, /* XXX len too small */
193 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
194 0x00, 0x04, /* len */
195 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
196 0x03, /* len */
197 0x68, 0x32, 0x63
198};
199static uint8_t proto_invalid_len7[] = {
200 /* Extension extensions<0..2^16-1> -- All TLS extensions */
201 0x00, 0x06, /* XXX len too small */
202 /* ExtensionType extension_type */
203 0x00, 0x10, /* ALPN */
204 /* opaque extension_data<0..2^16-1> */
205 0x00, 0x06, /* len */
206 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
207 0x00, 0x04, /* len */
208 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
209 0x03, /* len */
210 0x68, 0x32, 0x63
211};
212static uint8_t proto_invalid_len8[] = {
213 /* Extension extensions<0..2^16-1> -- All TLS extensions */
214 0x00, 0x0b, /* XXX len too large */
215 /* ExtensionType extension_type */
216 0x00, 0x10, /* ALPN */
217 /* opaque extension_data<0..2^16-1> */
218 0x00, 0x06, /* len */
219 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
220 0x00, 0x04, /* len */
221 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
222 0x03, /* len */
223 0x68, 0x32, 0x63
224};
225
226/* Invalid for client and server since it is missing data. */
227static uint8_t proto_invalid_missing1[] = {
228 /* Extension extensions<0..2^16-1> -- All TLS extensions */
229 0x00, 0x0a, /* len */
230 /* ExtensionType extension_type */
231 0x00, 0x10, /* ALPN */
232 /* opaque extension_data<0..2^16-1> */
233 0x00, 0x06, /* len */
234 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
235 0x00, 0x04, /* len of all names */
236 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
237 /* XXX missing */
238};
239static uint8_t proto_invalid_missing2[] = {
240 /* Extension extensions<0..2^16-1> -- All TLS extensions */
241 0x00, 0x0a, /* len */
242 /* ExtensionType extension_type */
243 0x00, 0x10, /* ALPN */
244 /* opaque extension_data<0..2^16-1> */
245 0x00, 0x00, /* XXX missing name list */
246 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
247};
248static uint8_t proto_invalid_missing3[] = {
249 /* Extension extensions<0..2^16-1> -- All TLS extensions */
250 0x00, 0x0a, /* len */
251 /* ExtensionType extension_type */
252 0x00, 0x10, /* ALPN */
253 /* opaque extension_data<0..2^16-1> */
254 0x00, 0x02, /* XXX size is sufficient but missing data for name list */
255 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
256};
257static uint8_t proto_invalid_missing4[] = {
258 /* Extension extensions<0..2^16-1> -- All TLS extensions */
259 0x00, 0x0a, /* len */
260 /* ExtensionType extension_type */
261 0x00, 0x10, /* ALPN */
262 /* opaque extension_data<0..2^16-1> */
263 /* XXX missing */
264};
265static uint8_t proto_invalid_missing5[] = {
266 /* Extension extensions<0..2^16-1> -- All TLS extensions */
267 0x00, 0x1c, /* len */
268 /* ExtensionType extension_type */
269 0x00, 0x10, /* ALPN */
270 /* opaque extension_data<0..2^16-1> */
271 0x00, 0x18, /* len */
272 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
273 0x00, 0x16, /* len of all names */
274 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
275 0x08, /* len */
276 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
277 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
278 0x02, /* len */
279 0x68, 0x32,
280 /* XXX missing name */
281};
282static uint8_t proto_invalid_missing6[] = {
283 /* Extension extensions<0..2^16-1> -- All TLS extensions */
284 0x00, 0x07, /* len */
285 /* ExtensionType extension_type */
286 0x00, 0x10, /* ALPN */
287 /* opaque extension_data<0..2^16-1> */
288 0x00, 0x03, /* len */
289 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
290 0x00, 0x01, /* XXX len must be at least 2 */
291 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
292 0x00, /* XXX len cannot be 0 */
293};
294static uint8_t proto_invalid_missing7[] = {
295 /* Extension extensions<0..2^16-1> -- All TLS extensions */
296 0x00, 0x07, /* len */
297 /* ExtensionType extension_type */
298 0x00, 0x10, /* ALPN */
299 /* opaque extension_data<0..2^16-1> */
300 0x00, 0x03, /* len */
301 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
302 0x00, 0x02, /* XXX len is at least 2 but not correct. */
303 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
304 0x00, /* XXX len cannot be 0 */
305};
306static uint8_t proto_invalid_missing8[] = {
307 /* Extension extensions<0..2^16-1> -- All TLS extensions */
308 0x00, 0x01, /* len */
309 /* ExtensionType extension_type */
310 0x00, /* XXX need a 2 byte type */
311};
312static uint8_t proto_invalid_missing9[] = {
313 /* Extension extensions<0..2^16-1> -- All TLS extensions */
314 0x0a, /* XXX need a 2 byte len */
315};
316
317
318#define CHECK_BOTH(c_val, s_val, proto) do { \
319 { \
320 CBS cbs; \
321 int al; \
322 \
323 CBS_init(&cbs, proto, sizeof(proto)); \
324 CHECK(c_val == tlsext_server_parse(s, SSL_TLSEXT_MSG_CH, &cbs, &al)); \
325 CBS_init(&cbs, proto, sizeof(proto)); \
326 CHECK(s_val == tlsext_client_parse(s, SSL_TLSEXT_MSG_SH, &cbs, &al)); \
327 } \
328} while (0)
329
330static int dummy_alpn_cb(SSL *ssl, const unsigned char **out,
331 unsigned char *outlen, const unsigned char *in, unsigned int inlen,
332 void *arg);
333
334static int
335check_valid_alpn(SSL *s)
336{
337 const uint8_t str[] = {
338 0x08, /* len */
339 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* http/1.1 */
340 };
341
342 /* Setup in order to test ALPN. */
343 CHECK(! SSL_set_alpn_protos(s, str, 9));
344 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL);
345
346 /* Prerequisites to test these. */
347 CHECK(s->internal->alpn_client_proto_list != NULL);
348 CHECK(s->ctx->internal->alpn_select_cb != NULL);
349 //CHECK(s->s3->tmp.finish_md_len == 0);
350
351 CHECK_BOTH(1, 1, proto_single);
352 CHECK_BOTH(1, 1, proto_empty);
353
354 /* Multiple protocol names are only valid for client */
355 CHECK_BOTH(1, 0, proto_multiple1);
356 CHECK_BOTH(1, 0, proto_multiple2);
357 CHECK_BOTH(1, 0, proto_multiple3);
358
359 return 1;
360}
361
362/*
363 * Some of the IANA approved IDs from:
364 * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
365 */
366static int
367check_invalid_alpn(SSL *s)
368{
369 const uint8_t str[] = {
370 0x08, /* len */
371 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* http/1.1 */
372 };
373
374 /* Setup in order to test ALPN. */
375 CHECK(! SSL_set_alpn_protos(s, str, 9));
376 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL);
377
378 /* Prerequisites to test these. */
379 CHECK(s->internal->alpn_client_proto_list != NULL);
380 CHECK(s->ctx->internal->alpn_select_cb != NULL);
381 //CHECK(s->s3->tmp.finish_md_len == 0);
382
383 /* None of these are valid for client or server */
384 CHECK_BOTH(0, 0, proto_invalid_len1);
385 CHECK_BOTH(0, 0, proto_invalid_len2);
386 CHECK_BOTH(0, 0, proto_invalid_len3);
387 CHECK_BOTH(0, 0, proto_invalid_len4);
388 CHECK_BOTH(0, 0, proto_invalid_len5);
389 CHECK_BOTH(0, 0, proto_invalid_len6);
390 CHECK_BOTH(0, 0, proto_invalid_len7);
391 CHECK_BOTH(0, 0, proto_invalid_len8);
392 CHECK_BOTH(0, 0, proto_invalid_missing1);
393 CHECK_BOTH(0, 0, proto_invalid_missing2);
394 CHECK_BOTH(0, 0, proto_invalid_missing3);
395 CHECK_BOTH(0, 0, proto_invalid_missing4);
396 CHECK_BOTH(0, 0, proto_invalid_missing5);
397 CHECK_BOTH(0, 0, proto_invalid_missing6);
398 CHECK_BOTH(0, 0, proto_invalid_missing7);
399 CHECK_BOTH(0, 0, proto_invalid_missing8);
400 CHECK_BOTH(0, 0, proto_invalid_missing9);
401
402 return 1;
403}
404
405int
406dummy_alpn_cb(SSL *ssl __attribute__((unused)), const unsigned char **out,
407 unsigned char *outlen, const unsigned char *in, unsigned int inlen,
408 void *arg __attribute__((unused)))
409{
410 *out = in;
411 *outlen = (unsigned char)inlen;
412
413 return 0;
414}
415
416int
417main(void)
418{
419 SSL_CTX *ctx = NULL;
420 SSL *s = NULL;
421 int rv = 1;
422
423 SSL_library_init();
424
425 CHECK_GOTO((ctx = SSL_CTX_new(TLSv1_2_client_method())) != NULL);
426 CHECK_GOTO((s = SSL_new(ctx)) != NULL);
427
428 if (!check_valid_alpn(s))
429 goto err;
430 if (!check_invalid_alpn(s))
431 goto err;
432
433 rv = 0;
434
435err:
436 SSL_CTX_free(ctx);
437 SSL_free(s);
438
439 if (!rv)
440 printf("PASS %s\n", __FILE__);
441 return rv;
442}
diff --git a/src/regress/lib/libssl/unit/tls_prf.c b/src/regress/lib/libssl/unit/tls_prf.c
deleted file mode 100644
index 9e8f5b4053..0000000000
--- a/src/regress/lib/libssl/unit/tls_prf.c
+++ /dev/null
@@ -1,251 +0,0 @@
1/* $OpenBSD: tls_prf.c,v 1.5 2021/03/24 19:02:35 jsing Exp $ */
2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include "ssl_locl.h"
21
22int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len,
23 const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len,
24 const void *seed3, size_t seed3_len, const void *seed4, size_t seed4_len,
25 const void *seed5, size_t seed5_len, unsigned char *out, size_t out_len);
26
27#define TLS_PRF_OUT_LEN 128
28
29struct tls_prf_test {
30 const unsigned char *desc;
31 const SSL_METHOD *(*ssl_method)(void);
32 const uint16_t cipher_value;
33 const unsigned char out[TLS_PRF_OUT_LEN];
34};
35
36static struct tls_prf_test tls_prf_tests[] = {
37 {
38 .desc = "MD5+SHA1",
39 .ssl_method = TLSv1_method,
40 .cipher_value = 0x0033,
41 .out = {
42 0x03, 0xa1, 0xc1, 0x7d, 0x2c, 0xa5, 0x3d, 0xe8,
43 0x9d, 0x59, 0x5e, 0x30, 0xf5, 0x71, 0xbb, 0x96,
44 0xde, 0x5c, 0x8e, 0xdc, 0x25, 0x8a, 0x7c, 0x05,
45 0x9f, 0x7d, 0x35, 0x29, 0x45, 0xae, 0x56, 0xad,
46 0x9f, 0x57, 0x15, 0x5c, 0xdb, 0x83, 0x3a, 0xac,
47 0x19, 0xa8, 0x2b, 0x40, 0x72, 0x38, 0x1e, 0xed,
48 0xf3, 0x25, 0xde, 0x84, 0x84, 0xd8, 0xd1, 0xfc,
49 0x31, 0x85, 0x81, 0x12, 0x55, 0x4d, 0x12, 0xb5,
50 0xed, 0x78, 0x5e, 0xba, 0xc8, 0xec, 0x8d, 0x28,
51 0xa1, 0x21, 0x1e, 0x6e, 0x07, 0xf1, 0xfc, 0xf5,
52 0xbf, 0xe4, 0x8e, 0x8e, 0x97, 0x15, 0x93, 0x85,
53 0x75, 0xdd, 0x87, 0x09, 0xd0, 0x4e, 0xe5, 0xd5,
54 0x9e, 0x1f, 0xd6, 0x1c, 0x3b, 0xe9, 0xad, 0xba,
55 0xe0, 0x16, 0x56, 0x62, 0x90, 0xd6, 0x82, 0x84,
56 0xec, 0x8a, 0x22, 0xbe, 0xdc, 0x6a, 0x5e, 0x05,
57 0x12, 0x44, 0xec, 0x60, 0x61, 0xd1, 0x8a, 0x66,
58 },
59 },
60 {
61 .desc = "GOST94",
62 .ssl_method = TLSv1_2_method,
63 .cipher_value = 0x0081,
64 .out = {
65 0xcc, 0xd4, 0x89, 0x5f, 0x52, 0x08, 0x9b, 0xc7,
66 0xf9, 0xb5, 0x83, 0x58, 0xe8, 0xc7, 0x71, 0x49,
67 0x39, 0x99, 0x1f, 0x14, 0x8f, 0x85, 0xbe, 0x64,
68 0xee, 0x40, 0x5c, 0xe7, 0x5f, 0x68, 0xaf, 0xf2,
69 0xcd, 0x3a, 0x94, 0x52, 0x33, 0x53, 0x46, 0x7d,
70 0xb6, 0xc5, 0xe1, 0xb8, 0xa4, 0x04, 0x69, 0x91,
71 0x0a, 0x9c, 0x88, 0x86, 0xd9, 0x60, 0x63, 0xdd,
72 0xd8, 0xe7, 0x2e, 0xee, 0xce, 0xe2, 0x20, 0xd8,
73 0x9a, 0xfa, 0x9c, 0x63, 0x0c, 0x9c, 0xa1, 0x76,
74 0xed, 0x78, 0x9a, 0x84, 0x70, 0xb4, 0xd1, 0x51,
75 0x1f, 0xde, 0x44, 0xe8, 0x90, 0x21, 0x3f, 0xeb,
76 0x05, 0xf4, 0x77, 0x59, 0xf3, 0xad, 0xdd, 0x34,
77 0x3d, 0x3a, 0x7c, 0xd0, 0x59, 0x40, 0xe1, 0x3f,
78 0x04, 0x4b, 0x8b, 0xd6, 0x95, 0x46, 0xb4, 0x9e,
79 0x4c, 0x2d, 0xf7, 0xee, 0xbd, 0xbc, 0xcb, 0x5c,
80 0x3a, 0x36, 0x0c, 0xd0, 0x27, 0xcb, 0x45, 0x06,
81 },
82 },
83 {
84 .desc = "SHA256 (via TLSv1.2)",
85 .ssl_method = TLSv1_2_method,
86 .cipher_value = 0x0033,
87 .out = {
88 0x37, 0xa7, 0x06, 0x71, 0x6e, 0x19, 0x19, 0xda,
89 0x23, 0x8c, 0xcc, 0xb4, 0x2f, 0x31, 0x64, 0x9d,
90 0x05, 0x29, 0x1c, 0x33, 0x7e, 0x09, 0x1b, 0x0c,
91 0x0e, 0x23, 0xc1, 0xb0, 0x40, 0xcc, 0x31, 0xf7,
92 0x55, 0x66, 0x68, 0xd9, 0xa8, 0xae, 0x74, 0x75,
93 0xf3, 0x46, 0xe9, 0x3a, 0x54, 0x9d, 0xe0, 0x8b,
94 0x7e, 0x6c, 0x63, 0x1c, 0xfa, 0x2f, 0xfd, 0xc9,
95 0xd3, 0xf1, 0xd3, 0xfe, 0x7b, 0x9e, 0x14, 0x95,
96 0xb5, 0xd0, 0xad, 0x9b, 0xee, 0x78, 0x8c, 0x83,
97 0x18, 0x58, 0x7e, 0xa2, 0x23, 0xc1, 0x8b, 0x62,
98 0x94, 0x12, 0xcb, 0xb6, 0x60, 0x69, 0x32, 0xfe,
99 0x98, 0x0e, 0x93, 0xb0, 0x8e, 0x5c, 0xfb, 0x6e,
100 0xdb, 0x9a, 0xc2, 0x9f, 0x8c, 0x5c, 0x43, 0x19,
101 0xeb, 0x4a, 0x52, 0xad, 0x62, 0x2b, 0xdd, 0x9f,
102 0xa3, 0x74, 0xa6, 0x96, 0x61, 0x4d, 0x98, 0x40,
103 0x63, 0xa6, 0xd4, 0xbb, 0x17, 0x11, 0x75, 0xed,
104 },
105 },
106 {
107 .desc = "SHA384",
108 .ssl_method = TLSv1_2_method,
109 .cipher_value = 0x009d,
110 .out = {
111 0x00, 0x93, 0xc3, 0xfd, 0xa7, 0xbb, 0xdc, 0x5b,
112 0x13, 0x3a, 0xe6, 0x8b, 0x1b, 0xac, 0xf3, 0xfb,
113 0x3c, 0x9a, 0x78, 0xf6, 0x19, 0xf0, 0x13, 0x0f,
114 0x0d, 0x01, 0x9d, 0xdf, 0x0a, 0x28, 0x38, 0xce,
115 0x1a, 0x9b, 0x43, 0xbe, 0x56, 0x12, 0xa7, 0x16,
116 0x58, 0xe1, 0x8a, 0xe4, 0xc5, 0xbb, 0x10, 0x4c,
117 0x3a, 0xf3, 0x7f, 0xd3, 0xdb, 0xe4, 0xe0, 0x3d,
118 0xcc, 0x83, 0xca, 0xf0, 0xf9, 0x69, 0xcc, 0x70,
119 0x83, 0x32, 0xf6, 0xfc, 0x81, 0x80, 0x02, 0xe8,
120 0x31, 0x1e, 0x7c, 0x3b, 0x34, 0xf7, 0x34, 0xd1,
121 0xcf, 0x2a, 0xc4, 0x36, 0x2f, 0xe9, 0xaa, 0x7f,
122 0x6d, 0x1f, 0x5e, 0x0e, 0x39, 0x05, 0x15, 0xe1,
123 0xa2, 0x9a, 0x4d, 0x97, 0x8c, 0x62, 0x46, 0xf1,
124 0x87, 0x65, 0xd8, 0xe9, 0x14, 0x11, 0xa6, 0x48,
125 0xd7, 0x0e, 0x6e, 0x70, 0xad, 0xfb, 0x3f, 0x36,
126 0x05, 0x76, 0x4b, 0xe4, 0x28, 0x50, 0x4a, 0xf2,
127 },
128 },
129 {
130 .desc = "STREEBOG256",
131 .ssl_method = TLSv1_2_method,
132 .cipher_value = 0xff87,
133 .out = {
134 0x3e, 0x13, 0xb9, 0xeb, 0x85, 0x8c, 0xb4, 0x21,
135 0x23, 0x40, 0x9b, 0x73, 0x04, 0x56, 0xe2, 0xff,
136 0xce, 0x52, 0x1f, 0x82, 0x7f, 0x17, 0x5b, 0x80,
137 0x23, 0x71, 0xca, 0x30, 0xdf, 0xfc, 0xdc, 0x2d,
138 0xc0, 0xfc, 0x5d, 0x23, 0x5a, 0x54, 0x7f, 0xae,
139 0xf5, 0x7d, 0x52, 0x1e, 0x86, 0x95, 0xe1, 0x2d,
140 0x28, 0xe7, 0xbe, 0xd7, 0xd0, 0xbf, 0xa9, 0x96,
141 0x13, 0xd0, 0x9c, 0x0c, 0x1c, 0x16, 0x05, 0xbb,
142 0x26, 0xd7, 0x30, 0x39, 0xb9, 0x53, 0x28, 0x98,
143 0x4f, 0x1b, 0x83, 0xc3, 0xce, 0x1c, 0x7c, 0x34,
144 0xa2, 0xc4, 0x7a, 0x54, 0x16, 0xc6, 0xa7, 0x9e,
145 0xed, 0x4b, 0x7b, 0x83, 0xa6, 0xae, 0xe2, 0x5b,
146 0x96, 0xf5, 0x6c, 0xad, 0x1f, 0xa3, 0x83, 0xb2,
147 0x84, 0x32, 0xed, 0xe3, 0x2c, 0xf6, 0xd4, 0x73,
148 0x30, 0xef, 0x9d, 0xbe, 0xe7, 0x23, 0x9a, 0xbf,
149 0x4d, 0x1c, 0xe7, 0xef, 0x3d, 0xea, 0x46, 0xe2,
150 },
151 },
152};
153
154#define N_TLS_PRF_TESTS \
155 (sizeof(tls_prf_tests) / sizeof(*tls_prf_tests))
156
157#define TLS_PRF_SEED1 "tls prf seed 1"
158#define TLS_PRF_SEED2 "tls prf seed 2"
159#define TLS_PRF_SEED3 "tls prf seed 3"
160#define TLS_PRF_SEED4 "tls prf seed 4"
161#define TLS_PRF_SEED5 "tls prf seed 5"
162#define TLS_PRF_SECRET "tls prf secretz"
163
164static void
165hexdump(const unsigned char *buf, size_t len)
166{
167 size_t i;
168
169 for (i = 1; i <= len; i++)
170 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
171
172 fprintf(stderr, "\n");
173}
174
175static int
176do_tls_prf_test(int test_no, struct tls_prf_test *tpt)
177{
178 unsigned char *out = NULL;
179 const SSL_CIPHER *cipher;
180 SSL_CTX *ssl_ctx = NULL;
181 SSL *ssl = NULL;
182 int failure = 1;
183 int len;
184
185 fprintf(stderr, "Test %i - %s\n", test_no, tpt->desc);
186
187 if ((out = malloc(TLS_PRF_OUT_LEN)) == NULL)
188 errx(1, "failed to allocate out");
189
190 if ((ssl_ctx = SSL_CTX_new(tpt->ssl_method())) == NULL)
191 errx(1, "failed to create SSL context");
192 if ((ssl = SSL_new(ssl_ctx)) == NULL)
193 errx(1, "failed to create SSL context");
194
195 if ((cipher = ssl3_get_cipher_by_value(tpt->cipher_value)) == NULL) {
196 fprintf(stderr, "FAIL: no cipher %hx\n", tpt->cipher_value);
197 goto failure;
198 }
199
200 S3I(ssl)->hs.cipher = cipher;
201
202 for (len = 1; len <= TLS_PRF_OUT_LEN; len++) {
203 memset(out, 'A', TLS_PRF_OUT_LEN);
204
205 if (tls1_PRF(ssl, TLS_PRF_SECRET, sizeof(TLS_PRF_SECRET),
206 TLS_PRF_SEED1, sizeof(TLS_PRF_SEED1), TLS_PRF_SEED2,
207 sizeof(TLS_PRF_SEED2), TLS_PRF_SEED3, sizeof(TLS_PRF_SEED3),
208 TLS_PRF_SEED4, sizeof(TLS_PRF_SEED4), TLS_PRF_SEED5,
209 sizeof(TLS_PRF_SEED5), out, len) != 1) {
210 fprintf(stderr, "FAIL: tls_PRF failed for len %i\n",
211 len);
212 goto failure;
213 }
214
215 if (memcmp(out, tpt->out, len) != 0) {
216 fprintf(stderr, "FAIL: tls_PRF output differs for "
217 "len %i\n", len);
218 fprintf(stderr, "output:\n");
219 hexdump(out, TLS_PRF_OUT_LEN);
220 fprintf(stderr, "test data:\n");
221 hexdump(tpt->out, TLS_PRF_OUT_LEN);
222 fprintf(stderr, "\n");
223 goto failure;
224 }
225 }
226
227 failure = 0;
228
229 failure:
230 SSL_free(ssl);
231 SSL_CTX_free(ssl_ctx);
232
233 free(out);
234
235 return failure;
236}
237
238int
239main(int argc, char **argv)
240{
241 int failed = 0;
242 size_t i;
243
244 SSL_library_init();
245 SSL_load_error_strings();
246
247 for (i = 0; i < N_TLS_PRF_TESTS; i++)
248 failed |= do_tls_prf_test(i, &tls_prf_tests[i]);
249
250 return failed;
251}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-02-10 03:26:32 +0000