summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2018-11-07 01:08:50 +0000
committercvs2svn <admin@example.com>2018-11-07 01:08:50 +0000
commit2035faf3f8aa95b888d9416c3cc7328c0ea18beb (patch)
treef08a08d357c5d30455c569890f747c1d9b241316 /src/regress/lib/libssl
parentbe03b61c1b8f59ccdd34dbe5f6c6b30de697d28b (diff)
downloadopenbsd-bluhm_20181106.tar.gz
openbsd-bluhm_20181106.tar.bz2
openbsd-bluhm_20181106.zip
This commit was manufactured by cvs2git to create tag 'bluhm_20181106'.bluhm_20181106
Diffstat (limited to 'src/regress/lib/libssl')
-rw-r--r--src/regress/lib/libssl/Makefile16
-rw-r--r--src/regress/lib/libssl/Makefile.inc2
-rw-r--r--src/regress/lib/libssl/asn1/Makefile10
-rw-r--r--src/regress/lib/libssl/asn1/asn1test.c478
-rw-r--r--src/regress/lib/libssl/bytestring/Makefile9
-rw-r--r--src/regress/lib/libssl/bytestring/bytestringtest.c876
-rw-r--r--src/regress/lib/libssl/certs/ca.pem45
-rw-r--r--src/regress/lib/libssl/certs/client.pem51
-rw-r--r--src/regress/lib/libssl/certs/server.pem51
-rw-r--r--src/regress/lib/libssl/ciphers/Makefile9
-rw-r--r--src/regress/lib/libssl/ciphers/cipherstest.c175
-rw-r--r--src/regress/lib/libssl/client/Makefile9
-rw-r--r--src/regress/lib/libssl/client/clienttest.c447
-rw-r--r--src/regress/lib/libssl/pqueue/Makefile17
-rw-r--r--src/regress/lib/libssl/pqueue/expected.txt3
-rw-r--r--src/regress/lib/libssl/pqueue/pq_test.c118
-rw-r--r--src/regress/lib/libssl/server/Makefile18
-rw-r--r--src/regress/lib/libssl/server/servertest.c200
-rw-r--r--src/regress/lib/libssl/ssl/Makefile16
-rw-r--r--src/regress/lib/libssl/ssl/ssltest.c2044
-rw-r--r--src/regress/lib/libssl/ssl/testssl138
-rw-r--r--src/regress/lib/libssl/tlsext/Makefile9
-rw-r--r--src/regress/lib/libssl/tlsext/tlsexttest.c2981
-rw-r--r--src/regress/lib/libssl/unit/Makefile24
-rw-r--r--src/regress/lib/libssl/unit/cipher_list.c204
-rw-r--r--src/regress/lib/libssl/unit/ssl_versions.c797
-rw-r--r--src/regress/lib/libssl/unit/tests.h44
-rw-r--r--src/regress/lib/libssl/unit/tls_ext_alpn.c442
-rw-r--r--src/regress/lib/libssl/unit/tls_prf.c251
29 files changed, 0 insertions, 9484 deletions
diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile
deleted file mode 100644
index 0cc3e156a3..0000000000
--- a/src/regress/lib/libssl/Makefile
+++ /dev/null
@@ -1,16 +0,0 @@
1# $OpenBSD: Makefile,v 1.26 2017/07/16 18:18:10 jsing Exp $
2
3SUBDIR= \
4 asn1 \
5 bytestring \
6 ciphers \
7 client \
8 pqueue \
9 server \
10 ssl \
11 tlsext \
12 unit
13
14install:
15
16.include <bsd.subdir.mk>
diff --git a/src/regress/lib/libssl/Makefile.inc b/src/regress/lib/libssl/Makefile.inc
deleted file mode 100644
index a8880845e9..0000000000
--- a/src/regress/lib/libssl/Makefile.inc
+++ /dev/null
@@ -1,2 +0,0 @@
1# Use this variable when the test needs internal symbols from libssl
2SSL_INT= -Wl,-Bstatic -lssl -Wl,-Bdynamic
diff --git a/src/regress/lib/libssl/asn1/Makefile b/src/regress/lib/libssl/asn1/Makefile
deleted file mode 100644
index f4a57933e2..0000000000
--- a/src/regress/lib/libssl/asn1/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2014/07/13 16:03:54 jsing Exp $
2
3PROG= asn1test
4LDADD= -lcrypto -lssl
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6
7WARNINGS= Yes
8CFLAGS+= -DLIBRESSL_INTERNAL -Werror
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/asn1/asn1test.c b/src/regress/lib/libssl/asn1/asn1test.c
deleted file mode 100644
index 69be086724..0000000000
--- a/src/regress/lib/libssl/asn1/asn1test.c
+++ /dev/null
@@ -1,478 +0,0 @@
1/* $OpenBSD: asn1test.c,v 1.6 2016/12/26 15:31:38 jsing Exp $ */
2/*
3 * Copyright (c) 2014, 2016 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdlib.h>
20
21#include <openssl/bio.h>
22#include <openssl/err.h>
23#include <openssl/ssl.h>
24#include <openssl/tls1.h>
25
26int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
27SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
28 long length);
29
30X509 *peer_cert;
31
32unsigned char *peer_cert_pem =
33 "-----BEGIN CERTIFICATE-----\n"
34 "MIIBcTCCARugAwIBAgIJAPYhaZJAvUuUMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV\n"
35 "BAoMCVRlc3QgUGVlcjAeFw0xNjEyMjYxNDQ3NDdaFw0yNjEyMjQxNDQ3NDdaMBQx\n"
36 "EjAQBgNVBAoMCVRlc3QgUGVlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCyhAdJ\n"
37 "wojHv/uKONh8MbmR2U2+VF1HQusnLfSfHPqkJfvDzLWJ41TG7QcXkx2rIJVtAFrO\n"
38 "U9yNdFYJLA/hsrbjAgMBAAGjUDBOMB0GA1UdDgQWBBS3bZOw7fvaortdsdE2TPMq\n"
39 "IRXFRzAfBgNVHSMEGDAWgBS3bZOw7fvaortdsdE2TPMqIRXFRzAMBgNVHRMEBTAD\n"
40 "AQH/MA0GCSqGSIb3DQEBBQUAA0EAHsxNS+rNUZbopeDMhVIviOfUmelDjJrT56Rc\n"
41 "VJoFN3Gc1cV8nQAHm9aJs71uksC+MN04Pzh0WqmYX9XXrnYPcg==\n"
42 "-----END CERTIFICATE-----\n";
43
44struct ssl_asn1_test {
45 SSL_SESSION session;
46 int peer_cert;
47 const unsigned char asn1[1024];
48 int asn1_len;
49};
50
51unsigned char tlsext_tick[] = {
52 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34,
53 0x2d, 0x30, 0x31, 0x36, 0x30, 0x3a, 0x20, 0x37,
54 0x74, 0x68, 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c,
55 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56,
56 0x45, 0x2d, 0x32, 0x30, 0x31, 0x30, 0x2d, 0x35,
57 0x32, 0x39, 0x38, 0x3a, 0x20, 0x38, 0x74, 0x68,
58 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32,
59 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d,
60 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30, 0x31, 0x39,
61 0x38, 0x3a, 0x20, 0x32, 0x31, 0x73, 0x74, 0x20,
62 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30,
63 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32,
64 0x30, 0x31, 0x34, 0x2d, 0x33, 0x34, 0x37, 0x30,
65 0x3a, 0x20, 0x33, 0x30, 0x74, 0x68, 0x20, 0x4d,
66 0x61, 0x79, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a,
67 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34,
68 0x2d, 0x30, 0x31, 0x39, 0x35, 0x3a, 0x20, 0x35,
69 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20,
70 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45,
71 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30, 0x32,
72 0x32, 0x31, 0x3a, 0x20, 0x35, 0x74, 0x68, 0x20,
73 0x4a, 0x75, 0x6e, 0x65, 0x20, 0x32, 0x30, 0x31,
74 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30,
75 0x31, 0x34, 0x2d, 0x30, 0x32, 0x32, 0x34, 0x3a,
76 0x20, 0x35, 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e,
77 0x65, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a,
78};
79
80struct ssl_asn1_test ssl_asn1_tests[] = {
81 {
82 .session = {
83 .cipher_id = 0x03000000L | 1,
84 .ssl_version = TLS1_2_VERSION,
85 },
86 .asn1 = {
87 0x30, 0x13, 0x02, 0x01, 0x01, 0x02, 0x02, 0x03,
88 0x03, 0x04, 0x02, 0x00, 0x01, 0x04, 0x00, 0x04,
89 0x00, 0xa4, 0x02, 0x04, 0x00,
90 },
91 .asn1_len = 21,
92 },
93 {
94 .session = {
95 .cipher_id = 0x03000000L | 1,
96 .ssl_version = TLS1_2_VERSION,
97 .master_key_length = 26,
98 .session_id = "0123456789",
99 .session_id_length = 10,
100 .sid_ctx = "abcdefghijklmnopqrstuvwxyz",
101 .sid_ctx_length = 26,
102 },
103 .asn1 = {
104 0x30, 0x51, 0x02, 0x01, 0x01, 0x02, 0x02, 0x03,
105 0x03, 0x04, 0x02, 0x00, 0x01, 0x04, 0x0a, 0x30,
106 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
107 0x39, 0x04, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00,
108 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
109 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
110 0x00, 0x00, 0x00, 0x00, 0x00, 0xa4, 0x1c, 0x04,
111 0x1a, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
112 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
113 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
114 0x78, 0x79, 0x7a,
115 },
116 .asn1_len = 83,
117 },
118 {
119 .session = {
120 .cipher_id = 0x03000000L | 1,
121 .ssl_version = TLS1_2_VERSION,
122 .master_key_length = 26,
123 .session_id = "0123456789",
124 .session_id_length = 10,
125 .sid_ctx = "abcdefghijklmnopqrstuvwxyz",
126 .sid_ctx_length = 26,
127 .time = 1405266069,
128 .timeout = 5,
129 .verify_result = 42,
130 .tlsext_hostname = "libressl.openbsd.org",
131 .tlsext_tick_lifetime_hint = 0x7abbccdd,
132 .tlsext_tick = tlsext_tick,
133 .tlsext_ticklen = sizeof(tlsext_tick),
134 },
135 .peer_cert = 1,
136 .asn1 = {
137 0x30, 0x82, 0x02, 0xd1, 0x02, 0x01, 0x01, 0x02,
138 0x02, 0x03, 0x03, 0x04, 0x02, 0x00, 0x01, 0x04,
139 0x0a, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36,
140 0x37, 0x38, 0x39, 0x04, 0x1a, 0x00, 0x00, 0x00,
141 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
142 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
143 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa1,
144 0x06, 0x02, 0x04, 0x53, 0xc2, 0xa8, 0x95, 0xa2,
145 0x03, 0x02, 0x01, 0x05, 0xa3, 0x82, 0x01, 0x75,
146 0x30, 0x82, 0x01, 0x71, 0x30, 0x82, 0x01, 0x1b,
147 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
148 0xf6, 0x21, 0x69, 0x92, 0x40, 0xbd, 0x4b, 0x94,
149 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
150 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30,
151 0x14, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55,
152 0x04, 0x0a, 0x0c, 0x09, 0x54, 0x65, 0x73, 0x74,
153 0x20, 0x50, 0x65, 0x65, 0x72, 0x30, 0x1e, 0x17,
154 0x0d, 0x31, 0x36, 0x31, 0x32, 0x32, 0x36, 0x31,
155 0x34, 0x34, 0x37, 0x34, 0x37, 0x5a, 0x17, 0x0d,
156 0x32, 0x36, 0x31, 0x32, 0x32, 0x34, 0x31, 0x34,
157 0x34, 0x37, 0x34, 0x37, 0x5a, 0x30, 0x14, 0x31,
158 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0a,
159 0x0c, 0x09, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50,
160 0x65, 0x65, 0x72, 0x30, 0x5c, 0x30, 0x0d, 0x06,
161 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
162 0x01, 0x01, 0x05, 0x00, 0x03, 0x4b, 0x00, 0x30,
163 0x48, 0x02, 0x41, 0x00, 0xb2, 0x84, 0x07, 0x49,
164 0xc2, 0x88, 0xc7, 0xbf, 0xfb, 0x8a, 0x38, 0xd8,
165 0x7c, 0x31, 0xb9, 0x91, 0xd9, 0x4d, 0xbe, 0x54,
166 0x5d, 0x47, 0x42, 0xeb, 0x27, 0x2d, 0xf4, 0x9f,
167 0x1c, 0xfa, 0xa4, 0x25, 0xfb, 0xc3, 0xcc, 0xb5,
168 0x89, 0xe3, 0x54, 0xc6, 0xed, 0x07, 0x17, 0x93,
169 0x1d, 0xab, 0x20, 0x95, 0x6d, 0x00, 0x5a, 0xce,
170 0x53, 0xdc, 0x8d, 0x74, 0x56, 0x09, 0x2c, 0x0f,
171 0xe1, 0xb2, 0xb6, 0xe3, 0x02, 0x03, 0x01, 0x00,
172 0x01, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06,
173 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
174 0xb7, 0x6d, 0x93, 0xb0, 0xed, 0xfb, 0xda, 0xa2,
175 0xbb, 0x5d, 0xb1, 0xd1, 0x36, 0x4c, 0xf3, 0x2a,
176 0x21, 0x15, 0xc5, 0x47, 0x30, 0x1f, 0x06, 0x03,
177 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,
178 0x14, 0xb7, 0x6d, 0x93, 0xb0, 0xed, 0xfb, 0xda,
179 0xa2, 0xbb, 0x5d, 0xb1, 0xd1, 0x36, 0x4c, 0xf3,
180 0x2a, 0x21, 0x15, 0xc5, 0x47, 0x30, 0x0c, 0x06,
181 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03,
182 0x01, 0x01, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a,
183 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
184 0x05, 0x00, 0x03, 0x41, 0x00, 0x1e, 0xcc, 0x4d,
185 0x4b, 0xea, 0xcd, 0x51, 0x96, 0xe8, 0xa5, 0xe0,
186 0xcc, 0x85, 0x52, 0x2f, 0x88, 0xe7, 0xd4, 0x99,
187 0xe9, 0x43, 0x8c, 0x9a, 0xd3, 0xe7, 0xa4, 0x5c,
188 0x54, 0x9a, 0x05, 0x37, 0x71, 0x9c, 0xd5, 0xc5,
189 0x7c, 0x9d, 0x00, 0x07, 0x9b, 0xd6, 0x89, 0xb3,
190 0xbd, 0x6e, 0x92, 0xc0, 0xbe, 0x30, 0xdd, 0x38,
191 0x3f, 0x38, 0x74, 0x5a, 0xa9, 0x98, 0x5f, 0xd5,
192 0xd7, 0xae, 0x76, 0x0f, 0x72, 0xa4, 0x1c, 0x04,
193 0x1a, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
194 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
195 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
196 0x78, 0x79, 0x7a, 0xa5, 0x03, 0x02, 0x01, 0x2a,
197 0xa6, 0x16, 0x04, 0x14, 0x6c, 0x69, 0x62, 0x72,
198 0x65, 0x73, 0x73, 0x6c, 0x2e, 0x6f, 0x70, 0x65,
199 0x6e, 0x62, 0x73, 0x64, 0x2e, 0x6f, 0x72, 0x67,
200 0xa9, 0x06, 0x02, 0x04, 0x7a, 0xbb, 0xcc, 0xdd,
201 0xaa, 0x81, 0xd2, 0x04, 0x81, 0xcf, 0x43, 0x56,
202 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30,
203 0x31, 0x36, 0x30, 0x3a, 0x20, 0x37, 0x74, 0x68,
204 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32,
205 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d,
206 0x32, 0x30, 0x31, 0x30, 0x2d, 0x35, 0x32, 0x39,
207 0x38, 0x3a, 0x20, 0x38, 0x74, 0x68, 0x20, 0x41,
208 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30, 0x31,
209 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30,
210 0x31, 0x34, 0x2d, 0x30, 0x31, 0x39, 0x38, 0x3a,
211 0x20, 0x32, 0x31, 0x73, 0x74, 0x20, 0x41, 0x70,
212 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30, 0x31, 0x34,
213 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31,
214 0x34, 0x2d, 0x33, 0x34, 0x37, 0x30, 0x3a, 0x20,
215 0x33, 0x30, 0x74, 0x68, 0x20, 0x4d, 0x61, 0x79,
216 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56,
217 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30,
218 0x31, 0x39, 0x35, 0x3a, 0x20, 0x35, 0x74, 0x68,
219 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20, 0x32, 0x30,
220 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32,
221 0x30, 0x31, 0x34, 0x2d, 0x30, 0x32, 0x32, 0x31,
222 0x3a, 0x20, 0x35, 0x74, 0x68, 0x20, 0x4a, 0x75,
223 0x6e, 0x65, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a,
224 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34,
225 0x2d, 0x30, 0x32, 0x32, 0x34, 0x3a, 0x20, 0x35,
226 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20,
227 0x32, 0x30, 0x31, 0x34, 0x0a,
228 },
229 .asn1_len = 725,
230 },
231 {
232 .session = {
233 .cipher_id = 0x03000000L | 1,
234 .ssl_version = TLS1_2_VERSION,
235 .timeout = -1,
236 },
237 .asn1 = {
238 0x0,
239 },
240 .asn1_len = -1,
241 },
242 {
243 .session = {
244 .cipher_id = 0x03000000L | 1,
245 .ssl_version = TLS1_2_VERSION,
246 .time = -1,
247 },
248 .asn1 = {
249 0x0,
250 },
251 .asn1_len = -1,
252 },
253};
254
255#define N_SSL_ASN1_TESTS \
256 (sizeof(ssl_asn1_tests) / sizeof(*ssl_asn1_tests))
257
258static int
259session_strcmp(const unsigned char *o1, const unsigned char *o2, size_t len)
260{
261 if (o1 == NULL && o2 == NULL)
262 return (0);
263 if (o1 == NULL || o2 == NULL)
264 return (1);
265 return memcmp(o1, o2, len);
266}
267
268static int
269session_cmp(SSL_SESSION *s1, SSL_SESSION *s2)
270{
271 /* Compare the ASN.1 encoded values from two sessions. */
272 if (s1->ssl_version != s2->ssl_version) {
273 fprintf(stderr, "ssl_version differs: %i != %i\n",
274 s1->ssl_version, s2->ssl_version);
275 return (1);
276 }
277 if (s1->cipher_id != s2->cipher_id) {
278 fprintf(stderr, "cipher_id differs: %li != %li\n",
279 s1->cipher_id, s2->cipher_id);
280 return (1);
281 }
282
283 if (s1->master_key_length != s2->master_key_length) {
284 fprintf(stderr, "master_key_length differs: %i != %i\n",
285 s1->master_key_length, s2->master_key_length);
286 return (1);
287 }
288 if (session_strcmp(s1->master_key, s2->master_key,
289 s1->master_key_length) != 0) {
290 fprintf(stderr, "master_key differs\n");
291 return (1);
292 }
293
294 if (s1->session_id_length != s2->session_id_length) {
295 fprintf(stderr, "session_id_length differs: %i != %i\n",
296 s1->session_id_length, s2->session_id_length);
297 return (1);
298 }
299 if (session_strcmp(s1->session_id, s2->session_id,
300 s1->session_id_length) != 0) {
301 fprintf(stderr, "session_id differs\n");
302 return (1);
303 }
304
305 if (s1->sid_ctx_length != s2->sid_ctx_length) {
306 fprintf(stderr, "sid_ctx_length differs: %i != %i\n",
307 s1->sid_ctx_length, s2->sid_ctx_length);
308 return (1);
309 }
310 if (session_strcmp(s1->sid_ctx, s2->sid_ctx,
311 s1->sid_ctx_length) != 0) {
312 fprintf(stderr, "sid_ctx differs\n");
313 return (1);
314 }
315
316 /* d2i_SSL_SESSION uses the current time if decoding a zero value. */
317 if ((s1->time != s2->time) && s1->time != 0 && s2->time != 0) {
318 fprintf(stderr, "time differs: %lli != %lli\n",
319 (long long)s1->time, (long long)s2->time);
320 return (1);
321 }
322 /* d2i_SSL_SESSION uses a timeout of 3 if decoding a zero value. */
323 if ((s1->timeout != s2->timeout) &&
324 s1->timeout != 3 && s2->timeout != 3) {
325 fprintf(stderr, "timeout differs: %li != %li\n",
326 s1->timeout, s2->timeout);
327 return (1);
328 }
329
330 /* Ensure that a certificate is or is not present in both. */
331 if ((s1->peer != NULL || s2->peer != NULL) &&
332 (s1->peer == NULL || s2->peer == NULL ||
333 X509_cmp(s1->peer, s2->peer) != 0)) {
334 fprintf(stderr, "peer differs\n");
335 return (1);
336 }
337
338 if (s1->verify_result != s2->verify_result) {
339 fprintf(stderr, "verify_result differs: %li != %li\n",
340 s1->verify_result, s2->verify_result);
341 return (1);
342 }
343
344 if (session_strcmp(s1->tlsext_hostname, s2->tlsext_hostname,
345 (s1->tlsext_hostname ? strlen(s1->tlsext_hostname) : 0)) != 0) {
346 fprintf(stderr, "sid_ctx differs\n");
347 return (1);
348 }
349 if (s1->tlsext_tick_lifetime_hint != s2->tlsext_tick_lifetime_hint) {
350 fprintf(stderr, "tlsext_tick_lifetime_hint differs: "
351 "%li != %li\n", s1->tlsext_tick_lifetime_hint,
352 s2->tlsext_tick_lifetime_hint);
353 return (1);
354 }
355 if (s1->tlsext_ticklen != s2->tlsext_ticklen) {
356 fprintf(stderr, "tlsext_ticklen differs: %zu != %zu\n",
357 s1->tlsext_ticklen, s2->tlsext_ticklen);
358 return (1);
359 }
360 if (session_strcmp(s1->tlsext_tick, s2->tlsext_tick,
361 s1->tlsext_ticklen) != 0) {
362 fprintf(stderr, "tlsext_tick differs\n");
363 return (1);
364 }
365
366 return (0);
367}
368
369static int
370do_ssl_asn1_test(int test_no, struct ssl_asn1_test *sat)
371{
372 SSL_SESSION session, *sp = NULL;
373 unsigned char *ap, *asn1 = NULL;
374 const unsigned char *pp;
375 int i, len, rv = 1;
376
377 if (sat->peer_cert)
378 sat->session.peer = peer_cert;
379
380 len = i2d_SSL_SESSION(&sat->session, NULL);
381 if (len != sat->asn1_len) {
382 fprintf(stderr, "FAIL: test %i returned ASN1 length %i, "
383 "want %i\n", test_no, len, sat->asn1_len);
384 goto failed;
385 }
386
387 /* See if the test is expected to fail... */
388 if (sat->asn1_len == -1)
389 return (0);
390
391 if ((asn1 = malloc(len)) == NULL)
392 errx(1, "failed to allocate memory");
393
394 ap = asn1;
395 len = i2d_SSL_SESSION(&sat->session, &ap);
396
397 /* Check the length again since the code path is different. */
398 if (len != sat->asn1_len) {
399 fprintf(stderr, "FAIL: test %i returned ASN1 length %i, "
400 "want %i\n", test_no, len, sat->asn1_len);
401 goto failed;
402 }
403 /* ap should now point at the end of the buffer. */
404 if (ap - asn1 != len) {
405 fprintf(stderr, "FAIL: test %i pointer increment does not "
406 "match length (%i != %i)\n", test_no, (int)(ap - asn1), len);
407 goto failed;
408 }
409
410 if (memcmp(asn1, &sat->asn1, len) != 0) {
411 fprintf(stderr, "FAIL: test %i - encoding differs:\n", test_no);
412 fprintf(stderr, "encoding:\n");
413 for (i = 1; i <= len; i++) {
414 fprintf(stderr, " 0x%02hhx,", asn1[i - 1]);
415 if (i % 8 == 0)
416 fprintf(stderr, "\n");
417 }
418 fprintf(stderr, "\n");
419 fprintf(stderr, "test data:\n");
420 for (i = 1; i <= sat->asn1_len; i++) {
421 fprintf(stderr, " 0x%02hhx,", sat->asn1[i - 1]);
422 if (i % 8 == 0)
423 fprintf(stderr, "\n");
424 }
425 fprintf(stderr, "\n");
426 goto failed;
427 }
428
429 sp = &session;
430 memset(sp, 0, sizeof(*sp));
431 pp = sat->asn1;
432
433 if ((sp = d2i_SSL_SESSION(&sp, &pp, sat->asn1_len)) == NULL) {
434 fprintf(stderr, "FAIL: test %i - decoding failed\n", test_no);
435 goto failed;
436 }
437
438 if (session_cmp(sp, &sat->session) != 0) {
439 fprintf(stderr, "FAIL: test %i - decoding differs\n", test_no);
440 goto failed;
441 }
442
443 rv = 0;
444
445failed:
446 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
447
448 free(asn1);
449
450 return (rv);
451}
452
453int
454main(int argc, char **argv)
455{
456 BIO *bio = NULL;
457 int failed = 0;
458 size_t i;
459
460 SSL_library_init();
461 SSL_load_error_strings();
462
463 bio = BIO_new_mem_buf(peer_cert_pem, -1);
464 if (bio == NULL)
465 errx(1, "failed to create bio");
466
467 peer_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
468 if (peer_cert == NULL)
469 errx(1, "failed to read peer cert");
470
471 for (i = 0; i < N_SSL_ASN1_TESTS; i++)
472 failed += do_ssl_asn1_test(i, &ssl_asn1_tests[i]);
473
474 X509_free(peer_cert);
475 BIO_free(bio);
476
477 return (failed);
478}
diff --git a/src/regress/lib/libssl/bytestring/Makefile b/src/regress/lib/libssl/bytestring/Makefile
deleted file mode 100644
index 162c81d255..0000000000
--- a/src/regress/lib/libssl/bytestring/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.5 2016/11/04 17:51:54 guenther Exp $
2
3PROG= bytestringtest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror -I$(BSDSRCDIR)/lib/libssl
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/bytestring/bytestringtest.c b/src/regress/lib/libssl/bytestring/bytestringtest.c
deleted file mode 100644
index 0e9f5f47e5..0000000000
--- a/src/regress/lib/libssl/bytestring/bytestringtest.c
+++ /dev/null
@@ -1,876 +0,0 @@
1/* $OpenBSD: bytestringtest.c,v 1.12 2018/08/16 18:40:19 jsing Exp $ */
2/*
3 * Copyright (c) 2014, Google Inc.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
12 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
14 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
15 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
16
17#include <stdio.h>
18#include <stdlib.h>
19#include <string.h>
20
21#include <openssl/crypto.h>
22
23#include "bytestring.h"
24
25/* This is from <openssl/base.h> in boringssl */
26#define OPENSSL_U64(x) x##ULL
27
28#define PRINT_ERROR printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
29 __LINE__)
30
31#define CHECK(a) do { \
32 if (!(a)) { \
33 PRINT_ERROR; \
34 return 0; \
35 } \
36} while (0)
37
38#define CHECK_GOTO(a) do { \
39 if (!(a)) { \
40 PRINT_ERROR; \
41 goto err; \
42 } \
43} while (0)
44
45static int
46test_skip(void)
47{
48 static const uint8_t kData[] = {1, 2, 3};
49 CBS data;
50
51 CBS_init(&data, kData, sizeof(kData));
52
53 CHECK(CBS_len(&data) == 3);
54 CHECK(CBS_skip(&data, 1));
55 CHECK(CBS_len(&data) == 2);
56 CHECK(CBS_skip(&data, 2));
57 CHECK(CBS_len(&data) == 0);
58 CHECK(!CBS_skip(&data, 1));
59
60 return 1;
61}
62
63static int
64test_get_u(void)
65{
66 static const uint8_t kData[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10};
67 uint8_t u8;
68 uint16_t u16;
69 uint32_t u32;
70 CBS data;
71
72 CBS_init(&data, kData, sizeof(kData));
73
74 CHECK(CBS_get_u8(&data, &u8));
75 CHECK(u8 == 1);
76 CHECK(CBS_get_u16(&data, &u16));
77 CHECK(u16 == 0x203);
78 CHECK(CBS_get_u24(&data, &u32));
79 CHECK(u32 == 0x40506);
80 CHECK(CBS_get_u32(&data, &u32));
81 CHECK(u32 == 0x708090a);
82 CHECK(!CBS_get_u8(&data, &u8));
83
84 return 1;
85}
86
87static int
88test_get_prefixed(void)
89{
90 static const uint8_t kData[] = {1, 2, 0, 2, 3, 4, 0, 0, 3, 3, 2, 1};
91 uint8_t u8;
92 uint16_t u16;
93 uint32_t u32;
94 CBS data, prefixed;
95
96 CBS_init(&data, kData, sizeof(kData));
97
98 CHECK(CBS_get_u8_length_prefixed(&data, &prefixed));
99 CHECK(CBS_len(&prefixed) == 1);
100 CHECK(CBS_get_u8(&prefixed, &u8));
101 CHECK(u8 == 2);
102 CHECK(CBS_get_u16_length_prefixed(&data, &prefixed));
103 CHECK(CBS_len(&prefixed) == 2);
104 CHECK(CBS_get_u16(&prefixed, &u16));
105 CHECK(u16 == 0x304);
106 CHECK(CBS_get_u24_length_prefixed(&data, &prefixed));
107 CHECK(CBS_len(&prefixed) == 3);
108 CHECK(CBS_get_u24(&prefixed, &u32));
109 CHECK(u32 == 0x30201);
110
111 return 1;
112}
113
114static int
115test_get_prefixed_bad(void)
116{
117 static const uint8_t kData1[] = {2, 1};
118 static const uint8_t kData2[] = {0, 2, 1};
119 static const uint8_t kData3[] = {0, 0, 2, 1};
120 CBS data, prefixed;
121
122 CBS_init(&data, kData1, sizeof(kData1));
123 CHECK(!CBS_get_u8_length_prefixed(&data, &prefixed));
124
125 CBS_init(&data, kData2, sizeof(kData2));
126 CHECK(!CBS_get_u16_length_prefixed(&data, &prefixed));
127
128 CBS_init(&data, kData3, sizeof(kData3));
129 CHECK(!CBS_get_u24_length_prefixed(&data, &prefixed));
130
131 return 1;
132}
133
134static int
135test_get_asn1(void)
136{
137 static const uint8_t kData1[] = {0x30, 2, 1, 2};
138 static const uint8_t kData2[] = {0x30, 3, 1, 2};
139 static const uint8_t kData3[] = {0x30, 0x80};
140 static const uint8_t kData4[] = {0x30, 0x81, 1, 1};
141 static const uint8_t kData5[4 + 0x80] = {0x30, 0x82, 0, 0x80};
142 static const uint8_t kData6[] = {0xa1, 3, 0x4, 1, 1};
143 static const uint8_t kData7[] = {0xa1, 3, 0x4, 2, 1};
144 static const uint8_t kData8[] = {0xa1, 3, 0x2, 1, 1};
145 static const uint8_t kData9[] = {0xa1, 3, 0x2, 1, 0xff};
146
147 CBS data, contents;
148 int present;
149 uint64_t value;
150
151 CBS_init(&data, kData1, sizeof(kData1));
152
153 CHECK(!CBS_peek_asn1_tag(&data, 0x1));
154 CHECK(CBS_peek_asn1_tag(&data, 0x30));
155
156 CHECK(CBS_get_asn1(&data, &contents, 0x30));
157 CHECK(CBS_len(&contents) == 2);
158 CHECK(memcmp(CBS_data(&contents), "\x01\x02", 2) == 0);
159
160 CBS_init(&data, kData2, sizeof(kData2));
161 /* data is truncated */
162 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
163
164 CBS_init(&data, kData3, sizeof(kData3));
165 /* zero byte length of length */
166 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
167
168 CBS_init(&data, kData4, sizeof(kData4));
169 /* long form mistakenly used. */
170 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
171
172 CBS_init(&data, kData5, sizeof(kData5));
173 /* length takes too many bytes. */
174 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
175
176 CBS_init(&data, kData1, sizeof(kData1));
177 /* wrong tag. */
178 CHECK(!CBS_get_asn1(&data, &contents, 0x31));
179
180 CBS_init(&data, NULL, 0);
181 /* peek at empty data. */
182 CHECK(!CBS_peek_asn1_tag(&data, 0x30));
183
184 CBS_init(&data, NULL, 0);
185 /* optional elements at empty data. */
186 CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa0));
187 CHECK(!present);
188 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present,
189 0xa0));
190 CHECK(!present);
191 CHECK(CBS_len(&contents) == 0);
192 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, NULL, 0xa0));
193 CHECK(CBS_len(&contents) == 0);
194 CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa0, 42));
195 CHECK(value == 42);
196
197 CBS_init(&data, kData6, sizeof(kData6));
198 /* optional element. */
199 CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa0));
200 CHECK(!present);
201 CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa1));
202 CHECK(present);
203 CHECK(CBS_len(&contents) == 3);
204 CHECK(memcmp(CBS_data(&contents), "\x04\x01\x01", 3) == 0);
205
206 CBS_init(&data, kData6, sizeof(kData6));
207 /* optional octet string. */
208 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present,
209 0xa0));
210 CHECK(!present);
211 CHECK(CBS_len(&contents) == 0);
212 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present,
213 0xa1));
214 CHECK(present);
215 CHECK(CBS_len(&contents) == 1);
216 CHECK(CBS_data(&contents)[0] == 1);
217
218 CBS_init(&data, kData7, sizeof(kData7));
219 /* invalid optional octet string. */
220 CHECK(!CBS_get_optional_asn1_octet_string(&data, &contents, &present,
221 0xa1));
222
223 CBS_init(&data, kData8, sizeof(kData8));
224 /* optional octet string. */
225 CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa0, 42));
226 CHECK(value == 42);
227 CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa1, 42));
228 CHECK(value == 1);
229
230 CBS_init(&data, kData9, sizeof(kData9));
231 /* invalid optional integer. */
232 CHECK(!CBS_get_optional_asn1_uint64(&data, &value, 0xa1, 42));
233
234 return 1;
235}
236
237static int
238test_get_optional_asn1_bool(void)
239{
240 CBS data;
241 int val;
242
243 static const uint8_t kTrue[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0xff};
244 static const uint8_t kFalse[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x00};
245 static const uint8_t kInvalid[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x01};
246
247 CBS_init(&data, NULL, 0);
248 val = 2;
249 CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0));
250 CHECK(val == 0);
251
252 CBS_init(&data, kTrue, sizeof(kTrue));
253 val = 2;
254 CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0));
255 CHECK(val == 1);
256
257 CBS_init(&data, kFalse, sizeof(kFalse));
258 val = 2;
259 CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 1));
260 CHECK(val == 0);
261
262 CBS_init(&data, kInvalid, sizeof(kInvalid));
263 CHECK(!CBS_get_optional_asn1_bool(&data, &val, 0x0a, 1));
264
265 return 1;
266}
267
268static int
269test_cbb_basic(void)
270{
271 static const uint8_t kExpected[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12};
272 uint8_t *buf = NULL;
273 size_t buf_len;
274 int ret = 0;
275 CBB cbb;
276
277 CHECK(CBB_init(&cbb, 100));
278
279 CBB_cleanup(&cbb);
280
281 CHECK(CBB_init(&cbb, 0));
282 CHECK_GOTO(CBB_add_u8(&cbb, 1));
283 CHECK_GOTO(CBB_add_u16(&cbb, 0x203));
284 CHECK_GOTO(CBB_add_u24(&cbb, 0x40506));
285 CHECK_GOTO(CBB_add_u32(&cbb, 0x708090a));
286 CHECK_GOTO(CBB_add_bytes(&cbb, (const uint8_t*) "\x0b\x0c", 2));
287 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
288
289 ret = (buf_len == sizeof(kExpected)
290 && memcmp(buf, kExpected, buf_len) == 0);
291
292 if (0) {
293err:
294 CBB_cleanup(&cbb);
295 }
296 free(buf);
297 return ret;
298}
299
300static int
301test_cbb_fixed(void)
302{
303 CBB cbb;
304 uint8_t buf[1];
305 uint8_t *out_buf = NULL;
306 size_t out_size;
307 int ret = 0;
308
309 CHECK(CBB_init_fixed(&cbb, NULL, 0));
310 CHECK_GOTO(!CBB_add_u8(&cbb, 1));
311 CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size));
312 CHECK(out_buf == NULL && out_size == 0);
313
314 CHECK(CBB_init_fixed(&cbb, buf, 1));
315 CHECK_GOTO(CBB_add_u8(&cbb, 1));
316 CHECK_GOTO(!CBB_add_u8(&cbb, 2));
317 CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size));
318
319 ret = (out_buf == buf && out_size == 1 && buf[0] == 1);
320
321 if (0) {
322err:
323 CBB_cleanup(&cbb);
324 }
325
326 return ret;
327}
328
329static int
330test_cbb_finish_child(void)
331{
332 CBB cbb, child;
333 uint8_t *out_buf = NULL;
334 size_t out_size;
335 int ret = 0;
336
337 CHECK(CBB_init(&cbb, 16));
338 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &child));
339 CHECK_GOTO(!CBB_finish(&child, &out_buf, &out_size));
340 CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size));
341
342 ret = (out_size == 1 && out_buf[0] == 0);
343
344err:
345 free(out_buf);
346 return ret;
347}
348
349static int
350test_cbb_prefixed(void)
351{
352 static const uint8_t kExpected[] = {0, 1, 1, 0, 2, 2, 3, 0, 0, 3,
353 4, 5, 6, 5, 4, 1, 0, 1, 2};
354 CBB cbb, contents, inner_contents, inner_inner_contents;
355 uint8_t *buf = NULL;
356 size_t buf_len;
357 int ret = 0;
358
359 CHECK(CBB_init(&cbb, 0));
360 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
361 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
362 CHECK_GOTO(CBB_add_u8(&contents, 1));
363 CHECK_GOTO(CBB_add_u16_length_prefixed(&cbb, &contents));
364 CHECK_GOTO(CBB_add_u16(&contents, 0x203));
365 CHECK_GOTO(CBB_add_u24_length_prefixed(&cbb, &contents));
366 CHECK_GOTO(CBB_add_u24(&contents, 0x40506));
367 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
368 CHECK_GOTO(CBB_add_u8_length_prefixed(&contents, &inner_contents));
369 CHECK_GOTO(CBB_add_u8(&inner_contents, 1));
370 CHECK_GOTO(CBB_add_u16_length_prefixed(&inner_contents,
371 &inner_inner_contents));
372 CHECK_GOTO(CBB_add_u8(&inner_inner_contents, 2));
373 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
374
375 ret = (buf_len == sizeof(kExpected)
376 && memcmp(buf, kExpected, buf_len) == 0);
377
378 if (0) {
379err:
380 CBB_cleanup(&cbb);
381 }
382 free(buf);
383 return ret;
384}
385
386static int
387test_cbb_discard_child(void)
388{
389 static const uint8_t kExpected[] = {
390 0xaa,
391 0,
392 1, 0xbb,
393 0, 2, 0xcc, 0xcc,
394 0, 0, 3, 0xdd, 0xdd, 0xdd,
395 1, 0xff,
396 };
397 CBB cbb, contents, inner_contents, inner_inner_contents;
398 uint8_t *buf = NULL;
399 size_t buf_len;
400 int ret = 0;
401
402 CHECK(CBB_init(&cbb, 0));
403 CHECK_GOTO(CBB_add_u8(&cbb, 0xaa));
404
405 // Discarding |cbb|'s children preserves the byte written.
406 CBB_discard_child(&cbb);
407
408 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
409 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
410 CHECK_GOTO(CBB_add_u8(&contents, 0xbb));
411 CHECK_GOTO(CBB_add_u16_length_prefixed(&cbb, &contents));
412 CHECK_GOTO(CBB_add_u16(&contents, 0xcccc));
413 CHECK_GOTO(CBB_add_u24_length_prefixed(&cbb, &contents));
414 CHECK_GOTO(CBB_add_u24(&contents, 0xdddddd));
415 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
416 CHECK_GOTO(CBB_add_u8(&contents, 0xff));
417 CHECK_GOTO(CBB_add_u8_length_prefixed(&contents, &inner_contents));
418 CHECK_GOTO(CBB_add_u8(&inner_contents, 0x42));
419 CHECK_GOTO(CBB_add_u16_length_prefixed(&inner_contents,
420 &inner_inner_contents));
421 CHECK_GOTO(CBB_add_u8(&inner_inner_contents, 0x99));
422
423 // Discard everything from |inner_contents| down.
424 CBB_discard_child(&contents);
425
426 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
427
428 ret = (buf_len == sizeof(kExpected)
429 && memcmp(buf, kExpected, buf_len) == 0);
430
431 if (0) {
432err:
433 CBB_cleanup(&cbb);
434 }
435 free(buf);
436 return ret;
437}
438
439static int
440test_cbb_misuse(void)
441{
442 CBB cbb, child, contents;
443 uint8_t *buf = NULL;
444 size_t buf_len;
445 int ret = 0;
446
447 CHECK(CBB_init(&cbb, 0));
448 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &child));
449 CHECK_GOTO(CBB_add_u8(&child, 1));
450 CHECK_GOTO(CBB_add_u8(&cbb, 2));
451
452 /*
453 * Since we wrote to |cbb|, |child| is now invalid and attempts to write
454 * to it should fail.
455 */
456 CHECK_GOTO(!CBB_add_u8(&child, 1));
457 CHECK_GOTO(!CBB_add_u16(&child, 1));
458 CHECK_GOTO(!CBB_add_u24(&child, 1));
459 CHECK_GOTO(!CBB_add_u8_length_prefixed(&child, &contents));
460 CHECK_GOTO(!CBB_add_u16_length_prefixed(&child, &contents));
461 CHECK_GOTO(!CBB_add_asn1(&child, &contents, 1));
462 CHECK_GOTO(!CBB_add_bytes(&child, (const uint8_t*) "a", 1));
463 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
464
465 ret = (buf_len == 3 && memcmp(buf, "\x01\x01\x02", 3) == 0);
466
467 if (0) {
468err:
469 CBB_cleanup(&cbb);
470 }
471 free(buf);
472 return ret;
473}
474
475static int
476test_cbb_asn1(void)
477{
478 static const uint8_t kExpected[] = {0x30, 3, 1, 2, 3};
479 uint8_t *buf = NULL, *test_data = NULL;
480 size_t buf_len;
481 CBB cbb, contents, inner_contents;
482 int ret = 0;
483 int alloc = 0;
484
485 CHECK_GOTO(CBB_init(&cbb, 0));
486 alloc = 1;
487 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
488 CHECK_GOTO(CBB_add_bytes(&contents, (const uint8_t*) "\x01\x02\x03",
489 3));
490 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
491 alloc = 0;
492
493 CHECK_GOTO(buf_len == sizeof(kExpected));
494 CHECK_GOTO(memcmp(buf, kExpected, buf_len) == 0);
495
496 free(buf);
497 buf = NULL;
498
499 CHECK_GOTO(((test_data = malloc(100000)) != NULL));
500 memset(test_data, 0x42, 100000);
501
502 CHECK_GOTO(CBB_init(&cbb, 0));
503 alloc = 1;
504 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
505 CHECK_GOTO(CBB_add_bytes(&contents, test_data, 130));
506 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
507 alloc = 0;
508
509 CHECK_GOTO(buf_len == 3 + 130);
510 CHECK_GOTO(memcmp(buf, "\x30\x81\x82", 3) == 0);
511 CHECK_GOTO(memcmp(buf + 3, test_data, 130) == 0);
512
513 free(buf);
514 buf = NULL;
515
516 CHECK_GOTO(CBB_init(&cbb, 0));
517 alloc = 1;
518 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
519 CHECK_GOTO(CBB_add_bytes(&contents, test_data, 1000));
520 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
521 alloc = 0;
522
523 CHECK_GOTO(buf_len == 4 + 1000);
524 CHECK_GOTO(memcmp(buf, "\x30\x82\x03\xe8", 4) == 0);
525 CHECK_GOTO(!memcmp(buf + 4, test_data, 1000));
526
527 free(buf);
528 buf = NULL;
529
530 CHECK_GOTO(CBB_init(&cbb, 0));
531 alloc = 1;
532 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
533 CHECK_GOTO(CBB_add_asn1(&contents, &inner_contents, 0x30));
534 CHECK_GOTO(CBB_add_bytes(&inner_contents, test_data, 100000));
535 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
536 alloc = 0;
537
538 CHECK_GOTO(buf_len == 5 + 5 + 100000);
539 CHECK_GOTO(memcmp(buf, "\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0", 10)
540 == 0);
541 CHECK_GOTO(!memcmp(buf + 10, test_data, 100000));
542
543 ret = 1;
544
545 if (0) {
546err:
547 if (alloc)
548 CBB_cleanup(&cbb);
549 }
550 free(buf);
551 free(test_data);
552 return ret;
553}
554
555static int
556do_indefinite_convert(const char *name, const uint8_t *definite_expected,
557 size_t definite_len, const uint8_t *indefinite, size_t indefinite_len)
558{
559 CBS in;
560 uint8_t *out = NULL;
561 size_t out_len;
562 int ret = 0;
563
564 CBS_init(&in, indefinite, indefinite_len);
565
566 CHECK_GOTO(CBS_asn1_indefinite_to_definite(&in, &out, &out_len));
567
568 if (out == NULL) {
569
570 if (indefinite_len != definite_len ||
571 memcmp(definite_expected, indefinite, indefinite_len) != 0) {
572 PRINT_ERROR;
573 goto err;
574 }
575
576 return 1;
577 }
578
579 if (out_len != definite_len ||
580 memcmp(out, definite_expected, definite_len) != 0) {
581 PRINT_ERROR;
582 goto err;
583 }
584
585 ret = 1;
586err:
587 free(out);
588 return ret;
589}
590
591static int
592test_indefinite_convert(void)
593{
594 static const uint8_t kSimpleBER[] = {0x01, 0x01, 0x00};
595
596 /* kIndefBER contains a SEQUENCE with an indefinite length. */
597 static const uint8_t kIndefBER[] = {0x30, 0x80, 0x01, 0x01, 0x02, 0x00,
598 0x00};
599 static const uint8_t kIndefDER[] = {0x30, 0x03, 0x01, 0x01, 0x02};
600
601 /*
602 * kOctetStringBER contains an indefinite length OCTETSTRING with two
603 * parts. These parts need to be concatenated in DER form.
604 */
605 static const uint8_t kOctetStringBER[] = {0x24, 0x80, 0x04, 0x02, 0,
606 1, 0x04, 0x02, 2, 3, 0x00, 0x00};
607 static const uint8_t kOctetStringDER[] = {0x04, 0x04, 0, 1, 2, 3};
608
609 /*
610 * kNSSBER is part of a PKCS#12 message generated by NSS that uses
611 * indefinite length elements extensively.
612 */
613 static const uint8_t kNSSBER[] = {
614 0x30, 0x80, 0x02, 0x01, 0x03, 0x30, 0x80, 0x06, 0x09, 0x2a, 0x86,
615 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x80, 0x24, 0x80,
616 0x04, 0x04, 0x01, 0x02, 0x03, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00,
617 0x00, 0x30, 0x39, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e,
618 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x84, 0x98, 0xfc, 0x66,
619 0x33, 0xee, 0xba, 0xe7, 0x90, 0xc1, 0xb6, 0xe8, 0x8f, 0xfe, 0x1d,
620 0xc5, 0xa5, 0x97, 0x93, 0x3e, 0x04, 0x10, 0x38, 0x62, 0xc6, 0x44,
621 0x12, 0xd5, 0x30, 0x00, 0xf8, 0xf2, 0x1b, 0xf0, 0x6e, 0x10, 0x9b,
622 0xb8, 0x02, 0x02, 0x07, 0xd0, 0x00, 0x00,
623 };
624
625 static const uint8_t kNSSDER[] = {
626 0x30, 0x53, 0x02, 0x01, 0x03, 0x30, 0x13, 0x06, 0x09, 0x2a, 0x86,
627 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x06, 0x04, 0x04,
628 0x01, 0x02, 0x03, 0x04, 0x30, 0x39, 0x30, 0x21, 0x30, 0x09, 0x06,
629 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x84,
630 0x98, 0xfc, 0x66, 0x33, 0xee, 0xba, 0xe7, 0x90, 0xc1, 0xb6, 0xe8,
631 0x8f, 0xfe, 0x1d, 0xc5, 0xa5, 0x97, 0x93, 0x3e, 0x04, 0x10, 0x38,
632 0x62, 0xc6, 0x44, 0x12, 0xd5, 0x30, 0x00, 0xf8, 0xf2, 0x1b, 0xf0,
633 0x6e, 0x10, 0x9b, 0xb8, 0x02, 0x02, 0x07, 0xd0,
634 };
635
636 CHECK(do_indefinite_convert("kSimpleBER", kSimpleBER, sizeof(kSimpleBER),
637 kSimpleBER, sizeof(kSimpleBER)));
638 CHECK(do_indefinite_convert("kIndefBER", kIndefDER, sizeof(kIndefDER),
639 kIndefBER, sizeof(kIndefBER)));
640 CHECK(do_indefinite_convert("kOctetStringBER", kOctetStringDER,
641 sizeof(kOctetStringDER), kOctetStringBER,
642 sizeof(kOctetStringBER)));
643 CHECK(do_indefinite_convert("kNSSBER", kNSSDER, sizeof(kNSSDER), kNSSBER,
644 sizeof(kNSSBER)));
645
646 return 1;
647}
648
649typedef struct {
650 uint64_t value;
651 const char *encoding;
652 size_t encoding_len;
653} ASN1_UINT64_TEST;
654
655static const ASN1_UINT64_TEST kAsn1Uint64Tests[] = {
656 {0, "\x02\x01\x00", 3},
657 {1, "\x02\x01\x01", 3},
658 {127, "\x02\x01\x7f", 3},
659 {128, "\x02\x02\x00\x80", 4},
660 {0xdeadbeef, "\x02\x05\x00\xde\xad\xbe\xef", 7},
661 {OPENSSL_U64(0x0102030405060708),
662 "\x02\x08\x01\x02\x03\x04\x05\x06\x07\x08", 10},
663 {OPENSSL_U64(0xffffffffffffffff),
664 "\x02\x09\x00\xff\xff\xff\xff\xff\xff\xff\xff", 11},
665};
666
667typedef struct {
668 const char *encoding;
669 size_t encoding_len;
670} ASN1_INVALID_UINT64_TEST;
671
672static const ASN1_INVALID_UINT64_TEST kAsn1InvalidUint64Tests[] = {
673 /* Bad tag. */
674 {"\x03\x01\x00", 3},
675 /* Empty contents. */
676 {"\x02\x00", 2},
677 /* Negative number. */
678 {"\x02\x01\x80", 3},
679 /* Overflow. */
680 {"\x02\x09\x01\x00\x00\x00\x00\x00\x00\x00\x00", 11},
681 /* Leading zeros. */
682 {"\x02\x02\x00\x01", 4},
683};
684
685static int
686test_asn1_uint64(void)
687{
688 CBB cbb;
689 uint8_t *out = NULL;
690 size_t i;
691 int ret = 0;
692 int alloc = 0;
693
694 for (i = 0; i < sizeof(kAsn1Uint64Tests) / sizeof(kAsn1Uint64Tests[0]);
695 i++) {
696 const ASN1_UINT64_TEST *test = &kAsn1Uint64Tests[i];
697 CBS cbs;
698 uint64_t value;
699 size_t len;
700
701 CBS_init(&cbs, (const uint8_t *)test->encoding,
702 test->encoding_len);
703
704 CHECK(CBS_get_asn1_uint64(&cbs, &value));
705 CHECK(CBS_len(&cbs) == 0);
706 CHECK(value == test->value);
707
708 CHECK(CBB_init(&cbb, 0));
709 alloc = 1;
710 CHECK_GOTO(CBB_add_asn1_uint64(&cbb, test->value));
711 CHECK_GOTO(CBB_finish(&cbb, &out, &len));
712 alloc = 0;
713
714 CHECK_GOTO(len == test->encoding_len);
715 CHECK_GOTO(memcmp(out, test->encoding, len) == 0);
716 free(out);
717 out = NULL;
718 }
719
720 for (i = 0; i < sizeof(kAsn1InvalidUint64Tests)
721 / sizeof(kAsn1InvalidUint64Tests[0]); i++) {
722 const ASN1_INVALID_UINT64_TEST *test =
723 &kAsn1InvalidUint64Tests[i];
724 CBS cbs;
725 uint64_t value;
726
727 CBS_init(&cbs, (const uint8_t *)test->encoding,
728 test->encoding_len);
729 CHECK(!CBS_get_asn1_uint64(&cbs, &value));
730 }
731
732 ret = 1;
733
734 if (0) {
735err:
736 if (alloc)
737 CBB_cleanup(&cbb);
738 }
739 free(out);
740
741 return ret;
742}
743
744static int
745test_offset(void)
746{
747 uint8_t v;
748 static const uint8_t input[] = {1, 2, 3, 4, 5};
749 CBS data;
750
751 CBS_init(&data, input, sizeof(input));
752 CHECK(sizeof(input) == 5);
753 CHECK(CBS_len(&data) == 5);
754 CHECK(CBS_offset(&data) == 0);
755 CHECK(CBS_get_u8(&data, &v));
756 CHECK(v == 1);
757 CHECK(CBS_len(&data) == 4);
758 CHECK(CBS_offset(&data) == 1);
759 CHECK(CBS_skip(&data, 2));
760 CHECK(CBS_len(&data) == 2);
761 CHECK(CBS_offset(&data) == 3);
762 CHECK(CBS_get_u8(&data, &v));
763 CHECK(v == 4);
764 CHECK(CBS_get_u8(&data, &v));
765 CHECK(v == 5);
766 CHECK(CBS_len(&data) == 0);
767 CHECK(CBS_offset(&data) == 5);
768 CHECK(!CBS_skip(&data, 1));
769
770 CBS_init(&data, input, sizeof(input));
771 CHECK(CBS_skip(&data, 2));
772 CHECK(CBS_len(&data) == 3);
773 CHECK(CBS_offset(&data) == 2);
774 CHECK(CBS_skip(&data, 3));
775 CHECK(CBS_len(&data) == 0);
776 CHECK(CBS_offset(&data) == 5);
777 CHECK(!CBS_get_u8(&data, &v));
778
779 return 1;
780}
781
782static int
783test_write_bytes(void)
784{
785 int ret = 0;
786 uint8_t v;
787 size_t len;
788 static const uint8_t input[] = {'f', 'o', 'o', 'b', 'a', 'r'};
789 CBS data;
790 char *tmp = NULL;
791
792 CHECK_GOTO((tmp = malloc(sizeof(input))) != NULL);
793 memset(tmp, 100, sizeof(input));
794
795 CBS_init(&data, input, sizeof(input));
796 CHECK_GOTO(CBS_len(&data) == 6);
797 CHECK_GOTO(CBS_offset(&data) == 0);
798 CHECK_GOTO(CBS_get_u8(&data, &v));
799 CHECK_GOTO(v == 102 /* f */);
800 CHECK_GOTO(CBS_skip(&data, 1));
801 CHECK_GOTO(!CBS_skip(&data, 15));
802 CHECK_GOTO(CBS_write_bytes(&data, tmp, sizeof(input), &len));
803 CHECK_GOTO(len == 4);
804 CHECK_GOTO(memcmp(input + 2, tmp, len) == 0);
805 CHECK_GOTO(tmp[4] == 100 && tmp[5] == 100);
806
807 ret = 1;
808
809err:
810 free(tmp);
811 return ret;
812}
813
814static int
815test_cbs_dup(void)
816{
817 CBS data, check;
818 static const uint8_t input[] = {'f', 'o', 'o', 'b', 'a', 'r'};
819
820 CBS_init(&data, input, sizeof(input));
821 CHECK(CBS_len(&data) == 6);
822 CBS_dup(&data, &check);
823 CHECK(CBS_len(&check) == 6);
824 CHECK(CBS_data(&data) == CBS_data(&check));
825 CHECK(CBS_skip(&data, 1));
826 CHECK(CBS_len(&data) == 5);
827 CHECK(CBS_len(&check) == 6);
828 CHECK(CBS_data(&data) == CBS_data(&check) + 1);
829 CHECK(CBS_skip(&check, 1));
830 CHECK(CBS_len(&data) == 5);
831 CHECK(CBS_len(&check) == 5);
832 CHECK(CBS_data(&data) == CBS_data(&check));
833 CHECK(CBS_offset(&data) == 1);
834 CHECK(CBS_offset(&check) == 1);
835
836 CBS_init(&data, input, sizeof(input));
837 CHECK(CBS_skip(&data, 5));
838 CBS_dup(&data, &check);
839 CHECK(CBS_len(&data) == 1);
840 CHECK(CBS_len(&check) == 1);
841 CHECK(CBS_data(&data) == input + 5);
842 CHECK(CBS_data(&data) == CBS_data(&check));
843 CHECK(CBS_offset(&data) == 5);
844 CHECK(CBS_offset(&check) == 5);
845
846 return 1;
847}
848
849int
850main(void)
851{
852 int failed = 0;
853
854 failed |= !test_skip();
855 failed |= !test_get_u();
856 failed |= !test_get_prefixed();
857 failed |= !test_get_prefixed_bad();
858 failed |= !test_get_asn1();
859 failed |= !test_cbb_basic();
860 failed |= !test_cbb_fixed();
861 failed |= !test_cbb_finish_child();
862 failed |= !test_cbb_discard_child();
863 failed |= !test_cbb_misuse();
864 failed |= !test_cbb_prefixed();
865 failed |= !test_cbb_asn1();
866 failed |= !test_indefinite_convert();
867 failed |= !test_asn1_uint64();
868 failed |= !test_get_optional_asn1_bool();
869 failed |= !test_offset();
870 failed |= !test_write_bytes();
871 failed |= !test_cbs_dup();
872
873 if (!failed)
874 printf("PASS\n");
875 return failed;
876}
diff --git a/src/regress/lib/libssl/certs/ca.pem b/src/regress/lib/libssl/certs/ca.pem
deleted file mode 100644
index 07f9b3fddb..0000000000
--- a/src/regress/lib/libssl/certs/ca.pem
+++ /dev/null
@@ -1,45 +0,0 @@
1-----BEGIN CERTIFICATE-----
2MIIDtjCCAp6gAwIBAgIJAJz/hGfwYXLrMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
3BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
4VElORyBQVVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBD
5QTAeFw0xNDA1MjQxNDQ1MTFaFw0yNDA1MjExNDQ1MTFaMGgxCzAJBgNVBAYTAlVL
6MRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVTVElORyBQ
7VVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBDQTCCASIw
8DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANMaarigKGOra5Mc/LrhOkcmHzDs
9vkYL7dfaaht8fLBKRTYwzSBvO9x54koTWjq7HkbaxkYAg3HnDTkNCyzkGKNdM89H
10q/PtGIFFlceQIOat3Kjd05Iw3PtLEWTDjT6FMA9Mkjk/XbpmycqRIwNKtgICoFsG
11juIpc4P31kxK7i3ri+JnlyvVmRZjJxrheJB0qHGXilrOVDPOliDn//jXbcyzXemu
12R8KgAeQM4IIs9jYHJOgHrTItIpwa9wNTEp9KCGkO6xr20NkKyDp6XRyd+hmnUB7r
1377WTptvKPFFTjTDFqEtcif9U2kVkCfn2mSRO8noCbVH++fuR8LMWlD99gt8CAwEA
14AaNjMGEwHQYDVR0OBBYEFIwZD9dCMXcFBuHTsZ/rOft4cTpFMB8GA1UdIwQYMBaA
15FIwZD9dCMXcFBuHTsZ/rOft4cTpFMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
16BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCPfqm4KbYtXEB8aP1RdUH2BkPSjyau
17WQLMGfKNF/zkUQue0REgdJ4wVR06NTTlOCsfHC6b68vgz2QFC1mM8ZANgDiyr4M1
186gjvP0eZQVxokJ3EMzjDMFRHIiFrZZAFr7aGq8dxoruuehovqyehuJRakAe0oNUb
194ZTKrGuTKh9Mwti9721XNFByjeTFL2dlH6ulz7qyfI+lrTi+pNsUchuVYE8a1TP3
20OEiG6whsyPU1YoTlemC1mvW0ixtj8Tcem0KyotCUyOmJlwyWj0bA43sCI6z/OVqJ
21tVvwgfqrOeVNk9nN2JslCsttnwstwqUfDoEXFoScej2CT0QezFGPTN21
22-----END CERTIFICATE-----
23-----BEGIN CERTIFICATE-----
24MIIDvjCCAqagAwIBAgIJAPrXr2k7uM/OMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
25BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
26VElORyBQVVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBD
27QTAeFw0xNDA1MjQxNDQ1MTFaFw0yNDA1MDExNDQ1MTFaMHAxCzAJBgNVBAYTAlVL
28MRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVTVElORyBQ
29VVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJtZWRpYXRl
30IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsErw75CmLYD6pkrG
31W/YhAl/K8L5wJYxDjqu2FghxjD8K308W3EHq4uBxEwR1OHXaM1+6ZZw7/r2I37VL
32IdurBEAIEUdbzx0so74FPawgz5EW2CTqoJnK8F71/vo5Kj1VPwW46CxwxUR3cfvJ
33GNXND2ip0TcyTSPLROXOyQakcVfIGJmdSa1wHKi+c2gMA4emADudZUOYLrg80gr2
34ldePm07ynbVsKKzCcStw8MdmoW9Qt3fLnPJn2TFUUBNWj+4kvL+88edWCVQXKNds
35ysD/CDrH4W/hjyPDStVsM6XpiNU0+L2ZY6fcj3OP8d0goOx45xotMn9m8hNkCGsr
36VXx9IwIDAQABo2MwYTAdBgNVHQ4EFgQUNsNsiOeV/rC97M4+PYarIYGH2towHwYD
37VR0jBBgwFoAUjBkP10IxdwUG4dOxn+s5+3hxOkUwDwYDVR0TAQH/BAUwAwEB/zAO
38BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAAIwwR8jyFN6qYGIRAKi
39ahyeHd26hNPC4RiCvjz6dytuvDUqfMTUZcjBy6Ez1Wsfs1/PC8u3IDpOTwZSz72K
40ACQzPpmXREWkO5nx8I+W+94yJsbklhsTxDlZj3X2oJCQ7qO4hdIpYESWfMchYra9
415e55SMBXeGDp+uRILt+6UfOXCGaXaoYqyrzQROJAiGy1x96A/5sU6ZU3KdKN1JLM
42XTZ268ihubCMRVScHnpYUjRDoGrhnQM7007ybVfRUGNXDs+ENqjGfyxc5ScR+Un4
43UQtOd4zD2g9wrdXvlDiqxci6W7IOEPVP6qHG2GIh+T2zpO3GOAuZCe5cjLiCDATs
44hNw=
45-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client.pem b/src/regress/lib/libssl/certs/client.pem
deleted file mode 100644
index ce4bf49ce6..0000000000
--- a/src/regress/lib/libssl/certs/client.pem
+++ /dev/null
@@ -1,51 +0,0 @@
1subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Client Cert
2issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
3-----BEGIN CERTIFICATE-----
4MIIDpTCCAo2gAwIBAgIJAPYm3GvOr5eTMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
5BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
6VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
7ZWRpYXRlIENBMB4XDTE0MDUyNDE0NDUxMVoXDTI0MDQwMTE0NDUxMVowZDELMAkG
8A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
9RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgQ2xpZW50IENlcnQw
10ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ranbHRLcLVqN+0BzcZpY
11+yOLqxzDWT1LD9eW1stC4NzXX9/DCtSIVyN7YIHdGLrIPr64IDdXXaMRzgZ2rOKs
12lmHCAiFpO/ja99gGCJRxH0xwQatqAULfJVHeUhs7OEGOZc2nWifjqKvGfNTilP7D
13nwi69ipQFq9oS19FmhwVHk2wg7KZGHI1qDyG04UrfCZMRitvS9+UVhPpIPjuiBi2
14x3/FZIpL5gXJvvFK6xHY63oq2asyzBATntBgnP4qJFWWcvRx24wF1PnZabxuVoL2
15bPnQ/KvONDrw3IdqkKhYNTul7jEcu3OlcZIMw+7DiaKJLAzKb/bBF5gm/pwW6As9
16AgMBAAGjTjBMMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCwGCWCGSAGG
17+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0B
18AQUFAAOCAQEAJzA4KTjkjXGSC4He63yX9Br0DneGBzjAwc1H6f72uqnCs8m7jgkE
19PQJFdTzQUKh97QPUuayZ2gl8XHagg+iWGy60Kw37gQ0+lumCN2sllvifhHU9R03H
20bWtS4kue+yQjMbrzf3zWygMDgwvFOUAIgBpH9qGc+CdNu97INTYd0Mvz51vLlxRn
21sC5aBYCWaZFnw3lWYxf9eVFRy9U+DkYFqX0LpmbDtcKP7AZGE6ZwSzaim+Cnoz1u
22Cgn+QmpFXgJKMFIZ82iSZISn+JkCCGxctZX1lMvai4Wi8Y0HxW9FTFZ6KBNwwE4B
23zjbN/ehBkgLlW/DWfi44DvwUHmuU6QP3cw==
24-----END CERTIFICATE-----
25-----BEGIN RSA PRIVATE KEY-----
26MIIEpQIBAAKCAQEAtK2p2x0S3C1ajftAc3GaWPsji6scw1k9Sw/XltbLQuDc11/f
27wwrUiFcje2CB3Ri6yD6+uCA3V12jEc4GdqzirJZhwgIhaTv42vfYBgiUcR9McEGr
28agFC3yVR3lIbOzhBjmXNp1on46irxnzU4pT+w58IuvYqUBavaEtfRZocFR5NsIOy
29mRhyNag8htOFK3wmTEYrb0vflFYT6SD47ogYtsd/xWSKS+YFyb7xSusR2Ot6Ktmr
30MswQE57QYJz+KiRVlnL0cduMBdT52Wm8blaC9mz50PyrzjQ68NyHapCoWDU7pe4x
31HLtzpXGSDMPuw4miiSwMym/2wReYJv6cFugLPQIDAQABAoIBAAZOyc9MhIwLSU4L
32p4RgQvM4UVVe8/Id+3XTZ8NsXExJbWxXfIhiqGjaIfL8u4vsgRjcl+v1s/jo2/iT
33KMab4o4D8gXD7UavQVDjtjb/ta79WL3SjRl2Uc9YjjMkyq6WmDNQeo2NKDdafCTB
341uzSJtLNipB8Z53ELPuHJhxX9QMHrMnuha49riQgXZ7buP9iQrHJFhImBjSzbxJx
35L+TI6rkyLSf9Wi0Pd3L27Ob3QWNfNRYNSeTE+08eSRChkur5W0RuXAcuAICdQlCl
36LBvWO/LmmvbzCqiDcgy/TliSb6CGGwgiNG7LJZmlkYNj8laGwalNlYZs3UrVv6NO
37Br2loAECgYEA2kvCvPGj0Dg/6g7WhXDvAkEbcaL1tSeCxBbNH+6HS2UWMWvyTtCn
38/bbD519QIdkvayy1QjEf32GV/UjUVmlULMLBcDy0DGjtL3+XpIhLKWDNxN1v1/ai
391oz23ZJCOgnk6K4qtFtlRS1XtynjA+rBetvYvLP9SKeFrnpzCgaA2r0CgYEA0+KX
401ACXDTNH5ySX3kMjSS9xdINf+OOw4CvPHFwbtc9aqk2HePlEsBTz5I/W3rKwXva3
41NqZ/bRqVVeZB/hHKFywgdUQk2Uc5z/S7Lw70/w1HubNTXGU06Ngb6zOFAo/o/TwZ
42zTP1BMIKSOB6PAZPS3l+aLO4FRIRotfFhgRHOoECgYEAmiZbqt8cJaJDB/5YYDzC
43mp3tSk6gIb936Q6M5VqkMYp9pIKsxhk0N8aDCnTU+kIK6SzWBpr3/d9Ecmqmfyq7
445SvWO3KyVf0WWK9KH0abhOm2BKm2HBQvI0DB5u8sUx2/hsvOnjPYDISbZ11t0MtK
45u35Zy89yMYcSsIYJjG/ROCUCgYEAgI2P9G5PNxEP5OtMwOsW84Y3Xat/hPAQFlI+
46HES+AzbFGWJkeT8zL2nm95tVkFP1sggZ7Kxjz3w7cpx7GX0NkbWSE9O+T51pNASV
47tN1sQ3p5M+/a+cnlqgfEGJVvc7iAcXQPa3LEi5h2yPR49QYXAgG6cifn3dDSpmwn
48SUI7PQECgYEApGCIIpSRPLAEHTGmP87RBL1smurhwmy2s/pghkvUkWehtxg0sGHh
49kuaqDWcskogv+QC0sVdytiLSz8G0DwcEcsHK1Fkyb8A+ayiw6jWJDo2m9+IF4Fww
501Te6jFPYDESnbhq7+TLGgHGhtwcu5cnb4vSuYXGXKupZGzoLOBbv1Zw=
51-----END RSA PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server.pem b/src/regress/lib/libssl/certs/server.pem
deleted file mode 100644
index 7412490f51..0000000000
--- a/src/regress/lib/libssl/certs/server.pem
+++ /dev/null
@@ -1,51 +0,0 @@
1subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert
2issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
3-----BEGIN CERTIFICATE-----
4MIIDpTCCAo2gAwIBAgIJAPYm3GvOr5eUMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
5BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
6VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
7ZWRpYXRlIENBMB4XDTE0MDUyNDE0NDUxMloXDTI0MDQwMTE0NDUxMlowZDELMAkG
8A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
9RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgU2VydmVyIENlcnQw
10ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzhPOSNtyyRspmeuUpxfNJ
11KCLTuf7g3uQ4zu4iHOmRO5TQci+HhVlLZrHF9XqFXcIP0y4pWDbMSGuiorUmzmfi
12R7bfSdI/+qIQt8KXRH6HNG1t8ou0VSvWId5TS5Dq/er5ODUr9OaaDva7EquHIcMv
13vPQGuI+OEAcnleVCy9HVEIySrO4P3CNIicnGkwwiAud05yUAq/gPXBC1hTtmlPD7
14TVcGVSEiJdvzqqlgv02qedGrkki6GY4S7GjZxrrf7Foc2EP+51LJzwLQx3/JfrCU
1541NEWAsu/Sl0tQabXESN+zJ1pDqoZ3uHMgpQjeGiE0olr+YcsSW/tJmiU9OiAr8R
16AgMBAAGjTjBMMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCwGCWCGSAGG
17+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0B
18AQUFAAOCAQEADfy8VrY5er5ebYLyiC1il5kVOuJHSf8aN5SciJz/VcifA1+Hl2Bu
19CfuizhP/kUdB9PTSj8ep9sL+5PBFl7CZJDO6Sxs5+qJe15XvLBP8UEdvc779plL6
20StUMJT0aU/MaqUZZCldC3G4CcbwzOzKSD5YzvxxIGspxBWRduZKKMOju/4aqK76p
21dwA/VGCve9mjft3LIrb0gSaPi5KmdGtpAjzW3H1+63DSqxCYb1oiPtUZBs4STwjh
22WPRmAEVR4RPCETM3Sth4C+bE0QMCGY12ctcbzhj7Xgo7LcSpqviq6JD8SPuU7ISL
23hy4NcnBBHJr9OV9WTLpmS9V9Vg6QmOpxQw==
24-----END CERTIFICATE-----
25-----BEGIN RSA PRIVATE KEY-----
26MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv
27h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL
28tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu
29D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI
30uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6
31qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn
32zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3
33r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D
34AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R
355s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm
36W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH
37674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg
38utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY
39BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX
404qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a
41WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8
42bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH
436ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex
444UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa
45WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g
46n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB
47JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+
48OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX
49xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK
50UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==
51-----END RSA PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/ciphers/Makefile b/src/regress/lib/libssl/ciphers/Makefile
deleted file mode 100644
index c9a58a5e09..0000000000
--- a/src/regress/lib/libssl/ciphers/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2015/02/06 08:48:39 jsing Exp $
2
3PROG= cipherstest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/ciphers/cipherstest.c b/src/regress/lib/libssl/ciphers/cipherstest.c
deleted file mode 100644
index d76fbfc8c0..0000000000
--- a/src/regress/lib/libssl/ciphers/cipherstest.c
+++ /dev/null
@@ -1,175 +0,0 @@
1/*
2 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <openssl/ssl.h>
18
19#include <err.h>
20#include <stdio.h>
21#include <string.h>
22
23static int
24get_put_test(const char *name, const SSL_METHOD *method)
25{
26 STACK_OF(SSL_CIPHER) *ciphers;
27 const SSL_CIPHER *cipher;
28 unsigned char buf[2];
29 SSL_CTX *ssl_ctx = NULL;
30 SSL *ssl = NULL;
31 int ret = 1;
32 int i, len;
33
34 if ((len = method->put_cipher_by_char(NULL, NULL)) != 2) {
35 fprintf(stderr,
36 "%s: put_cipher_by_char() returned len %i (want 2)\n",
37 name, len);
38 return (1);
39 }
40
41 if ((ssl_ctx = SSL_CTX_new(method)) == NULL) {
42 fprintf(stderr, "%s: SSL_CTX_new() returned NULL\n", name);
43 goto failure;
44 }
45 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
46 fprintf(stderr, "%s: SSL_new() returned NULL\n", name);
47 goto failure;
48 }
49
50 if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {
51 fprintf(stderr, "%s: no ciphers\n", name);
52 goto failure;
53 }
54
55 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
56 cipher = sk_SSL_CIPHER_value(ciphers, i);
57 if ((len = method->put_cipher_by_char(cipher, buf)) != 2) {
58 fprintf(stderr,
59 "%s: put_cipher_by_char() returned len %i for %s "
60 "(want 2)\n",
61 name, len, SSL_CIPHER_get_name(cipher));
62 goto failure;
63 }
64 if ((cipher = method->get_cipher_by_char(buf)) == NULL) {
65 fprintf(stderr,
66 "%s: get_cipher_by_char() returned NULL for %s\n",
67 name, SSL_CIPHER_get_name(cipher));
68 goto failure;
69 }
70 }
71
72 ret = 0;
73
74failure:
75 SSL_CTX_free(ssl_ctx);
76 SSL_free(ssl);
77
78 return (ret);
79}
80
81static int
82cipher_get_put_tests(void)
83{
84 int failed = 0;
85
86 failed |= get_put_test("SSLv23", SSLv23_method());
87 failed |= get_put_test("SSLv23_client", SSLv23_client_method());
88 failed |= get_put_test("SSLv23_server", SSLv23_server_method());
89
90 failed |= get_put_test("TLSv1", TLSv1_method());
91 failed |= get_put_test("TLSv1_client", TLSv1_client_method());
92 failed |= get_put_test("TLSv1_server", TLSv1_server_method());
93
94 failed |= get_put_test("TLSv1_1", TLSv1_1_method());
95 failed |= get_put_test("TLSv1_1_client", TLSv1_1_client_method());
96 failed |= get_put_test("TLSv1_1_server", TLSv1_1_server_method());
97
98 failed |= get_put_test("TLSv1_2", TLSv1_2_method());
99 failed |= get_put_test("TLSv1_2_client", TLSv1_2_client_method());
100 failed |= get_put_test("TLSv1_2_server", TLSv1_2_server_method());
101
102 failed |= get_put_test("DTLSv1", DTLSv1_method());
103 failed |= get_put_test("DTLSv1_client", DTLSv1_client_method());
104 failed |= get_put_test("DTLSv1_server", DTLSv1_server_method());
105
106 return failed;
107}
108
109static int
110cipher_get_by_value_tests(void)
111{
112 STACK_OF(SSL_CIPHER) *ciphers;
113 const SSL_CIPHER *cipher;
114 SSL_CTX *ssl_ctx = NULL;
115 SSL *ssl = NULL;
116 unsigned long id;
117 uint16_t value;
118 int ret = 1;
119 int i;
120
121 if ((ssl_ctx = SSL_CTX_new(SSLv23_method())) == NULL) {
122 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
123 goto failure;
124 }
125 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
126 fprintf(stderr, "SSL_new() returned NULL\n");
127 goto failure;
128 }
129
130 if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {
131 fprintf(stderr, "no ciphers\n");
132 goto failure;
133 }
134
135 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
136 cipher = sk_SSL_CIPHER_value(ciphers, i);
137
138 id = SSL_CIPHER_get_id(cipher);
139 if (SSL_CIPHER_get_by_id(id) == NULL) {
140 fprintf(stderr, "SSL_CIPHER_get_by_id() failed "
141 "for %s (0x%lx)\n", SSL_CIPHER_get_name(cipher),
142 id);
143 goto failure;
144 }
145
146 value = SSL_CIPHER_get_value(cipher);
147 if (SSL_CIPHER_get_by_value(value) == NULL) {
148 fprintf(stderr, "SSL_CIPHER_get_by_value() failed "
149 "for %s (0x%04hx)\n", SSL_CIPHER_get_name(cipher),
150 value);
151 goto failure;
152 }
153 }
154
155 ret = 0;
156
157failure:
158 SSL_CTX_free(ssl_ctx);
159 SSL_free(ssl);
160
161 return (ret);
162}
163
164int
165main(int argc, char **argv)
166{
167 int failed = 0;
168
169 SSL_library_init();
170
171 failed |= cipher_get_put_tests();
172 failed |= cipher_get_by_value_tests();
173
174 return (failed);
175}
diff --git a/src/regress/lib/libssl/client/Makefile b/src/regress/lib/libssl/client/Makefile
deleted file mode 100644
index 4f99f0e97c..0000000000
--- a/src/regress/lib/libssl/client/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2015/09/01 17:02:18 jsing Exp $
2
3PROG= clienttest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c
deleted file mode 100644
index cb45dc583c..0000000000
--- a/src/regress/lib/libssl/client/clienttest.c
+++ /dev/null
@@ -1,447 +0,0 @@
1/*
2 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <openssl/ssl.h>
18
19#include <openssl/dtls1.h>
20#include <openssl/ssl3.h>
21
22#include <err.h>
23#include <stdio.h>
24#include <string.h>
25
26#define DTLS_HM_OFFSET (DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH)
27#define DTLS_RANDOM_OFFSET (DTLS_HM_OFFSET + 2)
28#define DTLS_CIPHER_OFFSET (DTLS_HM_OFFSET + 38)
29
30#define SSL3_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH)
31#define SSL3_RANDOM_OFFSET (SSL3_HM_OFFSET + 2)
32#define SSL3_CIPHER_OFFSET (SSL3_HM_OFFSET + 37)
33
34static unsigned char cipher_list_dtls1[] = {
35 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
36 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
37 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
38 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08,
39 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
40};
41
42static unsigned char client_hello_dtls1[] = {
43 0x16, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00,
44 0x00, 0x00, 0x00, 0x00, 0x60, 0x01, 0x00, 0x00,
45 0x54, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
46 0x54, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00,
47 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
48 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
49 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
50 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x26, 0xc0,
51 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00,
52 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0,
53 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00,
54 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00,
55 0x16, 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00,
56 0x04, 0x00, 0x23, 0x00, 0x00,
57};
58
59static unsigned char cipher_list_tls10[] = {
60 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
61 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
62 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
63 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07,
64 0x00, 0x05, 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08,
65 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
66};
67
68static unsigned char client_hello_tls10[] = {
69 0x16, 0x03, 0x01, 0x00, 0x71, 0x01, 0x00, 0x00,
70 0x6d, 0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
71 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
72 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
73 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
74 0x00, 0x00, 0x00, 0x00, 0x00, 0x2e, 0xc0, 0x14,
75 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88,
76 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13,
77 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f,
78 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
79 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
80 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x16,
81 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a,
82 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17,
83 0x00, 0x18, 0x00, 0x23, 0x00, 0x00,
84};
85
86static unsigned char cipher_list_tls11[] = {
87 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
88 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
89 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
90 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07,
91 0x00, 0x05, 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08,
92 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
93};
94
95static unsigned char client_hello_tls11[] = {
96 0x16, 0x03, 0x01, 0x00, 0x71, 0x01, 0x00, 0x00,
97 0x6d, 0x03, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00,
98 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
99 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
100 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
101 0x00, 0x00, 0x00, 0x00, 0x00, 0x2e, 0xc0, 0x14,
102 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88,
103 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13,
104 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f,
105 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
106 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
107 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x16,
108 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a,
109 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17,
110 0x00, 0x18, 0x00, 0x23, 0x00, 0x00,
111};
112
113static unsigned char cipher_list_tls12_aes[] = {
114 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24,
115 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b,
116 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa,
117 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
118 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
119 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
120 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
121 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
122 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
123 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
124 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
125 0x00, 0x0a, 0x00, 0xff,
126};
127
128static unsigned char cipher_list_tls12_chacha[] = {
129 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30,
130 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
131 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
132 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
133 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
134 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
135 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
136 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
137 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
138 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
139 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
140 0x00, 0x0a, 0x00, 0xff,
141};
142
143static unsigned char client_hello_tls12[] = {
144 0x16, 0x03, 0x01, 0x00, 0xbf, 0x01, 0x00, 0x00,
145 0xbb, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
146 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
147 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
148 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
149 0x00, 0x00, 0x00, 0x00, 0x00, 0x5c, 0xcc, 0xa9,
150 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c,
151 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a,
152 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85,
153 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
154 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
155 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
156 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
157 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
158 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
159 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04,
160 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
161 0x00, 0xff, 0x01, 0x00, 0x00, 0x36, 0x00, 0x0b,
162 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08,
163 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
164 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x1c,
165 0x00, 0x1a, 0x06, 0x01, 0x06, 0x03, 0xef, 0xef,
166 0x05, 0x01, 0x05, 0x03, 0x04, 0x01, 0x04, 0x03,
167 0xee, 0xee, 0xed, 0xed, 0x03, 0x01, 0x03, 0x03,
168 0x02, 0x01, 0x02, 0x03,
169};
170
171struct client_hello_test {
172 const unsigned char *desc;
173 const int protocol;
174 const size_t random_start;
175 const SSL_METHOD *(*ssl_method)(void);
176 const long ssl_options;
177};
178
179static struct client_hello_test client_hello_tests[] = {
180 {
181 .desc = "DTLSv1 client",
182 .protocol = DTLS1_VERSION,
183 .random_start = DTLS_RANDOM_OFFSET,
184 .ssl_method = DTLSv1_client_method,
185 },
186 {
187 .desc = "TLSv1 client",
188 .protocol = TLS1_VERSION,
189 .random_start = SSL3_RANDOM_OFFSET,
190 .ssl_method = TLSv1_client_method,
191 },
192 {
193 .desc = "TLSv1_1 client",
194 .protocol = TLS1_1_VERSION,
195 .random_start = SSL3_RANDOM_OFFSET,
196 .ssl_method = TLSv1_1_client_method,
197 },
198 {
199 .desc = "TLSv1_2 client",
200 .protocol = TLS1_2_VERSION,
201 .random_start = SSL3_RANDOM_OFFSET,
202 .ssl_method = TLSv1_2_client_method,
203 },
204 {
205 .desc = "SSLv23 default",
206 .protocol = TLS1_2_VERSION,
207 .random_start = SSL3_RANDOM_OFFSET,
208 .ssl_method = SSLv23_client_method,
209 .ssl_options = 0,
210 },
211 {
212 .desc = "SSLv23 (no TLSv1.2)",
213 .protocol = TLS1_1_VERSION,
214 .random_start = SSL3_RANDOM_OFFSET,
215 .ssl_method = SSLv23_client_method,
216 .ssl_options = SSL_OP_NO_TLSv1_2,
217 },
218 {
219 .desc = "SSLv23 (no TLSv1.1)",
220 .protocol = TLS1_VERSION,
221 .random_start = SSL3_RANDOM_OFFSET,
222 .ssl_method = SSLv23_client_method,
223 .ssl_options = SSL_OP_NO_TLSv1_1,
224 },
225 {
226 .desc = "TLS default",
227 .protocol = TLS1_2_VERSION,
228 .random_start = SSL3_RANDOM_OFFSET,
229 .ssl_method = TLS_client_method,
230 .ssl_options = 0,
231 },
232 {
233 .desc = "TLS (no TLSv1.2)",
234 .protocol = TLS1_1_VERSION,
235 .random_start = SSL3_RANDOM_OFFSET,
236 .ssl_method = TLS_client_method,
237 .ssl_options = SSL_OP_NO_TLSv1_2,
238 },
239 {
240 .desc = "TLS (no TLSv1.1)",
241 .protocol = TLS1_VERSION,
242 .random_start = SSL3_RANDOM_OFFSET,
243 .ssl_method = TLS_client_method,
244 .ssl_options = SSL_OP_NO_TLSv1_1,
245 },
246 {
247 .desc = "TLS (no TLSv1.0, no TLSv1.1)",
248 .protocol = TLS1_2_VERSION,
249 .random_start = SSL3_RANDOM_OFFSET,
250 .ssl_method = TLS_client_method,
251 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
252 },
253};
254
255#define N_CLIENT_HELLO_TESTS \
256 (sizeof(client_hello_tests) / sizeof(*client_hello_tests))
257
258static void
259hexdump(const unsigned char *buf, size_t len)
260{
261 size_t i;
262
263 for (i = 1; i <= len; i++)
264 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
265
266 fprintf(stderr, "\n");
267}
268
269static inline int
270ssl_aes_is_accelerated(void)
271{
272#if defined(__i386__) || defined(__x86_64__)
273 return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
274#else
275 return (0);
276#endif
277}
278
279static int
280make_client_hello(int protocol, char **out, size_t *outlen)
281{
282 size_t client_hello_len, cipher_list_len, cipher_list_offset;
283 const char *client_hello, *cipher_list;
284 char *p;
285
286 *out = NULL;
287 *outlen = 0;
288
289 switch (protocol) {
290 case DTLS1_VERSION:
291 client_hello = client_hello_dtls1;
292 client_hello_len = sizeof(client_hello_dtls1);
293 cipher_list = cipher_list_dtls1;
294 cipher_list_len = sizeof(cipher_list_dtls1);
295 cipher_list_offset = DTLS_CIPHER_OFFSET;
296 break;
297
298 case TLS1_VERSION:
299 client_hello = client_hello_tls10;
300 client_hello_len = sizeof(client_hello_tls10);
301 cipher_list = cipher_list_tls10;
302 cipher_list_len = sizeof(cipher_list_tls10);
303 cipher_list_offset = SSL3_CIPHER_OFFSET;
304 break;
305
306 case TLS1_1_VERSION:
307 client_hello = client_hello_tls11;
308 client_hello_len = sizeof(client_hello_tls11);
309 cipher_list = cipher_list_tls11;
310 cipher_list_len = sizeof(cipher_list_tls11);
311 cipher_list_offset = SSL3_CIPHER_OFFSET;
312 break;
313
314 case TLS1_2_VERSION:
315 client_hello = client_hello_tls12;
316 client_hello_len = sizeof(client_hello_tls12);
317 if (ssl_aes_is_accelerated() == 1)
318 cipher_list = cipher_list_tls12_aes;
319 else
320 cipher_list = cipher_list_tls12_chacha;
321 cipher_list_len = sizeof(cipher_list_tls12_chacha);
322 cipher_list_offset = SSL3_CIPHER_OFFSET;
323 break;
324
325 default:
326 return (-1);
327 }
328
329 if ((p = malloc(client_hello_len)) == NULL)
330 return (-1);
331
332 memcpy(p, client_hello, client_hello_len);
333 memcpy(p + cipher_list_offset, cipher_list, cipher_list_len);
334
335 *out = p;
336 *outlen = client_hello_len;
337
338 return (0);
339}
340
341static int
342client_hello_test(int testno, struct client_hello_test *cht)
343{
344 BIO *rbio = NULL, *wbio = NULL;
345 SSL_CTX *ssl_ctx = NULL;
346 SSL *ssl = NULL;
347 char *client_hello = NULL;
348 size_t client_hello_len;
349 char *wbuf, rbuf[1];
350 int ret = 1;
351 size_t i;
352 long len;
353
354 fprintf(stderr, "Test %i - %s\n", testno, cht->desc);
355
356 /* Providing a small buf causes *_get_server_hello() to return. */
357 if ((rbio = BIO_new_mem_buf(rbuf, sizeof(rbuf))) == NULL) {
358 fprintf(stderr, "Failed to setup rbio\n");
359 goto failure;
360 }
361 if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
362 fprintf(stderr, "Failed to setup wbio\n");
363 goto failure;
364 }
365
366 if ((ssl_ctx = SSL_CTX_new(cht->ssl_method())) == NULL) {
367 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
368 goto failure;
369 }
370
371 SSL_CTX_set_options(ssl_ctx, cht->ssl_options);
372
373 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
374 fprintf(stderr, "SSL_new() returned NULL\n");
375 goto failure;
376 }
377
378 rbio->references = 2;
379 wbio->references = 2;
380
381 SSL_set_bio(ssl, rbio, wbio);
382
383 if (SSL_connect(ssl) != 0) {
384 fprintf(stderr, "SSL_connect() returned non-zero\n");
385 goto failure;
386 }
387
388 len = BIO_get_mem_data(wbio, &wbuf);
389
390 if (make_client_hello(cht->protocol, &client_hello,
391 &client_hello_len) != 0)
392 goto failure;
393
394 if ((size_t)len != client_hello_len) {
395 fprintf(stderr, "FAIL: test returned ClientHello length %li, "
396 "want %zu\n", len, client_hello_len);
397 fprintf(stderr, "received:\n");
398 hexdump(wbuf, len);
399 goto failure;
400 }
401
402 /* We expect the client random to differ. */
403 i = cht->random_start + SSL3_RANDOM_SIZE;
404 if (memcmp(client_hello, wbuf, cht->random_start) != 0 ||
405 memcmp(&client_hello[cht->random_start],
406 &wbuf[cht->random_start], SSL3_RANDOM_SIZE) == 0 ||
407 memcmp(&client_hello[i], &wbuf[i], len - i) != 0) {
408 fprintf(stderr, "FAIL: ClientHello differs:\n");
409 fprintf(stderr, "received:\n");
410 memset(&wbuf[cht->random_start], 0, SSL3_RANDOM_SIZE);
411 hexdump(wbuf, len);
412 fprintf(stderr, "test data:\n");
413 hexdump(client_hello, client_hello_len);
414 fprintf(stderr, "\n");
415 goto failure;
416 }
417
418 ret = 0;
419
420failure:
421 SSL_CTX_free(ssl_ctx);
422 SSL_free(ssl);
423
424 rbio->references = 1;
425 wbio->references = 1;
426
427 BIO_free(rbio);
428 BIO_free(wbio);
429
430 free(client_hello);
431
432 return (ret);
433}
434
435int
436main(int argc, char **argv)
437{
438 int failed = 0;
439 size_t i;
440
441 SSL_library_init();
442
443 for (i = 0; i < N_CLIENT_HELLO_TESTS; i++)
444 failed |= client_hello_test(i, &client_hello_tests[i]);
445
446 return (failed);
447}
diff --git a/src/regress/lib/libssl/pqueue/Makefile b/src/regress/lib/libssl/pqueue/Makefile
deleted file mode 100644
index 48c2cb7e61..0000000000
--- a/src/regress/lib/libssl/pqueue/Makefile
+++ /dev/null
@@ -1,17 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2016/11/04 19:45:12 jsing Exp $
2
3PROG= pq_test
4SRC= ${.CURDIR}/../../../../lib/libssl
5CFLAGS+= -I${SRC}
6
7LDADD= ${SSL_INT} -lcrypto
8DPADD= ${LIBSSL} ${LIBCRYPTO}
9WARNINGS= Yes
10CFLAGS+= -DLIBRESSL_INTERNAL -Werror
11
12REGRESS_TARGETS= regress-pq_test
13
14regress-pq_test: ${PROG}
15 ${.OBJDIR}/pq_test | cmp -s ${.CURDIR}/expected.txt /dev/stdin
16
17.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/pqueue/expected.txt b/src/regress/lib/libssl/pqueue/expected.txt
deleted file mode 100644
index c59d6cd838..0000000000
--- a/src/regress/lib/libssl/pqueue/expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
1item 6966726167696c69
2item 7374696365787069
3item 737570657263616c
diff --git a/src/regress/lib/libssl/pqueue/pq_test.c b/src/regress/lib/libssl/pqueue/pq_test.c
deleted file mode 100644
index a078ba5366..0000000000
--- a/src/regress/lib/libssl/pqueue/pq_test.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* crypto/pqueue/pq_test.c */
2/*
3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
5 */
6/* ====================================================================
7 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * openssl-core@OpenSSL.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include "pqueue.h"
63
64/* remember to change expected.txt if you change these values */
65unsigned char prio1[8] = "supercal";
66unsigned char prio2[8] = "ifragili";
67unsigned char prio3[8] = "sticexpi";
68
69static void
70pqueue_print(pqueue pq)
71{
72 pitem *iter, *item;
73
74 iter = pqueue_iterator(pq);
75 for (item = pqueue_next(&iter); item != NULL;
76 item = pqueue_next(&iter)) {
77 printf("item\t%02x%02x%02x%02x%02x%02x%02x%02x\n",
78 item->priority[0], item->priority[1],
79 item->priority[2], item->priority[3],
80 item->priority[4], item->priority[5],
81 item->priority[6], item->priority[7]);
82 }
83}
84
85int
86main(void)
87{
88 pitem *item;
89 pqueue pq;
90
91 pq = pqueue_new();
92
93 item = pitem_new(prio3, NULL);
94 pqueue_insert(pq, item);
95
96 item = pitem_new(prio1, NULL);
97 pqueue_insert(pq, item);
98
99 item = pitem_new(prio2, NULL);
100 pqueue_insert(pq, item);
101
102 item = pqueue_find(pq, prio1);
103 fprintf(stderr, "found %p\n", item->priority);
104
105 item = pqueue_find(pq, prio2);
106 fprintf(stderr, "found %p\n", item->priority);
107
108 item = pqueue_find(pq, prio3);
109 fprintf(stderr, "found %p\n", item ? item->priority: 0);
110
111 pqueue_print(pq);
112
113 for (item = pqueue_pop(pq); item != NULL; item = pqueue_pop(pq))
114 pitem_free(item);
115
116 pqueue_free(pq);
117 return 0;
118}
diff --git a/src/regress/lib/libssl/server/Makefile b/src/regress/lib/libssl/server/Makefile
deleted file mode 100644
index 705190d076..0000000000
--- a/src/regress/lib/libssl/server/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2017/03/05 14:15:53 jsing Exp $
2
3PROG= servertest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9REGRESS_TARGETS= \
10 regress-servertest
11
12regress-servertest: ${PROG}
13 ./servertest \
14 ${.CURDIR}/../../libssl/certs/server.pem \
15 ${.CURDIR}/../../libssl/certs/server.pem \
16 ${.CURDIR}/../../libssl/certs/ca.pem
17
18.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/server/servertest.c b/src/regress/lib/libssl/server/servertest.c
deleted file mode 100644
index 32578599e5..0000000000
--- a/src/regress/lib/libssl/server/servertest.c
+++ /dev/null
@@ -1,200 +0,0 @@
1/* $OpenBSD: servertest.c,v 1.1 2017/03/05 14:15:53 jsing Exp $ */
2/*
3 * Copyright (c) 2015, 2016, 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include <openssl/err.h>
21#include <openssl/dtls1.h>
22#include <openssl/ssl3.h>
23
24#include <err.h>
25#include <stdio.h>
26#include <string.h>
27
28char *server_ca_file;
29char *server_cert_file;
30char *server_key_file;
31
32static unsigned char sslv2_client_hello_tls10[] = {
33 0x80, 0x6a, 0x01, 0x03, 0x01, 0x00, 0x51, 0x00,
34 0x00, 0x00, 0x10, 0x00, 0x00, 0x39, 0x00, 0x00,
35 0x38, 0x00, 0x00, 0x35, 0x00, 0x00, 0x16, 0x00,
36 0x00, 0x13, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x33,
37 0x00, 0x00, 0x32, 0x00, 0x00, 0x2f, 0x00, 0x00,
38 0x07, 0x00, 0x00, 0x66, 0x00, 0x00, 0x05, 0x00,
39 0x00, 0x04, 0x00, 0x00, 0x63, 0x00, 0x00, 0x62,
40 0x00, 0x00, 0x61, 0x00, 0x00, 0x15, 0x00, 0x00,
41 0x12, 0x00, 0x00, 0x09, 0x00, 0x00, 0x65, 0x00,
42 0x00, 0x64, 0x00, 0x00, 0x60, 0x00, 0x00, 0x14,
43 0x00, 0x00, 0x11, 0x00, 0x00, 0x08, 0x00, 0x00,
44 0x06, 0x00, 0x00, 0x03, 0xdd, 0xb6, 0x59, 0x26,
45 0x46, 0xe6, 0x79, 0x77, 0xf4, 0xec, 0x42, 0x76,
46 0xc8, 0x73, 0xad, 0x9c,
47};
48
49static unsigned char sslv2_client_hello_tls12[] = {
50 0x80, 0xcb, 0x01, 0x03, 0x03, 0x00, 0xa2, 0x00,
51 0x00, 0x00, 0x20, 0x00, 0x00, 0xa5, 0x00, 0x00,
52 0xa3, 0x00, 0x00, 0xa1, 0x00, 0x00, 0x9f, 0x00,
53 0x00, 0x6b, 0x00, 0x00, 0x6a, 0x00, 0x00, 0x69,
54 0x00, 0x00, 0x68, 0x00, 0x00, 0x39, 0x00, 0x00,
55 0x38, 0x00, 0x00, 0x37, 0x00, 0x00, 0x36, 0x00,
56 0x00, 0x88, 0x00, 0x00, 0x87, 0x00, 0x00, 0x86,
57 0x00, 0x00, 0x85, 0x00, 0x00, 0x9d, 0x00, 0x00,
58 0x3d, 0x00, 0x00, 0x35, 0x00, 0x00, 0x84, 0x00,
59 0x00, 0xa4, 0x00, 0x00, 0xa2, 0x00, 0x00, 0xa0,
60 0x00, 0x00, 0x9e, 0x00, 0x00, 0x67, 0x00, 0x00,
61 0x40, 0x00, 0x00, 0x3f, 0x00, 0x00, 0x3e, 0x00,
62 0x00, 0x33, 0x00, 0x00, 0x32, 0x00, 0x00, 0x31,
63 0x00, 0x00, 0x30, 0x00, 0x00, 0x9a, 0x00, 0x00,
64 0x99, 0x00, 0x00, 0x98, 0x00, 0x00, 0x97, 0x00,
65 0x00, 0x45, 0x00, 0x00, 0x44, 0x00, 0x00, 0x43,
66 0x00, 0x00, 0x42, 0x00, 0x00, 0x9c, 0x00, 0x00,
67 0x3c, 0x00, 0x00, 0x2f, 0x00, 0x00, 0x96, 0x00,
68 0x00, 0x41, 0x00, 0x00, 0x07, 0x00, 0x00, 0x05,
69 0x00, 0x00, 0x04, 0x00, 0x00, 0x16, 0x00, 0x00,
70 0x13, 0x00, 0x00, 0x10, 0x00, 0x00, 0x0d, 0x00,
71 0x00, 0x0a, 0x00, 0x00, 0xff, 0x1d, 0xfd, 0x90,
72 0x03, 0x61, 0x3c, 0x5a, 0x22, 0x83, 0xed, 0x11,
73 0x85, 0xf4, 0xea, 0x36, 0x59, 0xd9, 0x1b, 0x27,
74 0x22, 0x01, 0x14, 0x07, 0x66, 0xb2, 0x24, 0xf5,
75 0x4e, 0x7d, 0x9d, 0x9c, 0x52,
76};
77
78struct server_hello_test {
79 const unsigned char *desc;
80 unsigned char *client_hello;
81 const size_t client_hello_len;
82 const SSL_METHOD *(*ssl_method)(void);
83 const long ssl_options;
84};
85
86static struct server_hello_test server_hello_tests[] = {
87 {
88 .desc = "TLSv1.0 in SSLv2 record",
89 .client_hello = sslv2_client_hello_tls10,
90 .client_hello_len = sizeof(sslv2_client_hello_tls10),
91 .ssl_method = TLS_server_method,
92 .ssl_options = 0,
93 },
94 {
95 .desc = "TLSv1.2 in SSLv2 record",
96 .client_hello = sslv2_client_hello_tls12,
97 .client_hello_len = sizeof(sslv2_client_hello_tls12),
98 .ssl_method = TLS_server_method,
99 .ssl_options = 0,
100 },
101};
102
103#define N_SERVER_HELLO_TESTS \
104 (sizeof(server_hello_tests) / sizeof(*server_hello_tests))
105
106static int
107server_hello_test(int testno, struct server_hello_test *sht)
108{
109 BIO *rbio = NULL, *wbio = NULL;
110 SSL_CTX *ssl_ctx = NULL;
111 SSL *ssl = NULL;
112 int ret = 1;
113
114 fprintf(stderr, "Test %i - %s\n", testno, sht->desc);
115
116 if ((rbio = BIO_new_mem_buf(sht->client_hello,
117 sht->client_hello_len)) == NULL) {
118 fprintf(stderr, "Failed to setup rbio\n");
119 goto failure;
120 }
121 if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
122 fprintf(stderr, "Failed to setup wbio\n");
123 goto failure;
124 }
125
126 if ((ssl_ctx = SSL_CTX_new(sht->ssl_method())) == NULL) {
127 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
128 goto failure;
129 }
130
131 if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
132 SSL_FILETYPE_PEM) != 1) {
133 fprintf(stderr, "Failed to load server certificate");
134 goto failure;
135 }
136 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
137 SSL_FILETYPE_PEM) != 1) {
138 fprintf(stderr, "Failed to load server private key");
139 goto failure;
140 }
141
142 SSL_CTX_set_dh_auto(ssl_ctx, 1);
143 SSL_CTX_set_ecdh_auto(ssl_ctx, 1);
144 SSL_CTX_set_options(ssl_ctx, sht->ssl_options);
145
146 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
147 fprintf(stderr, "SSL_new() returned NULL\n");
148 goto failure;
149 }
150
151 rbio->references = 2;
152 wbio->references = 2;
153
154 SSL_set_bio(ssl, rbio, wbio);
155
156 if (SSL_accept(ssl) != 0) {
157 fprintf(stderr, "SSL_accept() returned non-zero\n");
158 ERR_print_errors_fp(stderr);
159 goto failure;
160 }
161
162 ret = 0;
163
164 failure:
165 SSL_CTX_free(ssl_ctx);
166 SSL_free(ssl);
167
168 rbio->references = 1;
169 wbio->references = 1;
170
171 BIO_free(rbio);
172 BIO_free(wbio);
173
174 return (ret);
175}
176
177int
178main(int argc, char **argv)
179{
180 int failed = 0;
181 size_t i;
182
183 if (argc != 4) {
184 fprintf(stderr, "usage: %s keyfile certfile cafile\n",
185 argv[0]);
186 exit(1);
187 }
188
189 server_key_file = argv[1];
190 server_cert_file = argv[2];
191 server_ca_file = argv[3];
192
193 SSL_library_init();
194 SSL_load_error_strings();
195
196 for (i = 0; i < N_SERVER_HELLO_TESTS; i++)
197 failed |= server_hello_test(i, &server_hello_tests[i]);
198
199 return (failed);
200}
diff --git a/src/regress/lib/libssl/ssl/Makefile b/src/regress/lib/libssl/ssl/Makefile
deleted file mode 100644
index 581341c310..0000000000
--- a/src/regress/lib/libssl/ssl/Makefile
+++ /dev/null
@@ -1,16 +0,0 @@
1# $OpenBSD: Makefile,v 1.3 2014/07/08 15:53:53 jsing Exp $
2
3PROG= ssltest
4LDADD= -lcrypto -lssl
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9REGRESS_TARGETS=regress-ssltest
10
11regress-ssltest: ${PROG}
12 sh ${.CURDIR}/testssl \
13 ${.CURDIR}/../certs/server.pem ${.CURDIR}/../certs/server.pem \
14 ${.CURDIR}/../certs/ca.pem
15
16.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/ssl/ssltest.c b/src/regress/lib/libssl/ssl/ssltest.c
deleted file mode 100644
index 7137d0c407..0000000000
--- a/src/regress/lib/libssl/ssl/ssltest.c
+++ /dev/null
@@ -1,2044 +0,0 @@
1/* ssl/ssltest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#define _BSD_SOURCE 1 /* Or gethostname won't be declared properly
144 on Linux and GNU platforms. */
145#include <sys/types.h>
146#include <sys/param.h>
147#include <sys/socket.h>
148
149#include <netinet/in.h>
150
151#include <assert.h>
152#include <errno.h>
153#include <limits.h>
154#include <netdb.h>
155#include <stdio.h>
156#include <stdlib.h>
157#include <string.h>
158#include <time.h>
159#include <unistd.h>
160
161#include <ctype.h>
162
163#include <openssl/opensslconf.h>
164#include <openssl/bio.h>
165#include <openssl/crypto.h>
166#include <openssl/evp.h>
167#include <openssl/x509.h>
168#include <openssl/x509v3.h>
169#include <openssl/ssl.h>
170#ifndef OPENSSL_NO_ENGINE
171#include <openssl/engine.h>
172#endif
173#include <openssl/err.h>
174#include <openssl/rand.h>
175#include <openssl/rsa.h>
176#include <openssl/dsa.h>
177#include <openssl/dh.h>
178#include <openssl/bn.h>
179
180#define TEST_SERVER_CERT "../apps/server.pem"
181#define TEST_CLIENT_CERT "../apps/client.pem"
182
183static int verify_callback(int ok, X509_STORE_CTX *ctx);
184static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength);
185static void free_tmp_rsa(void);
186static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
187#define APP_CALLBACK_STRING "Test Callback Argument"
188struct app_verify_arg {
189 char *string;
190 int app_verify;
191 int allow_proxy_certs;
192 char *proxy_auth;
193 char *proxy_cond;
194};
195
196static DH *get_dh1024(void);
197static DH *get_dh1024dsa(void);
198
199static BIO *bio_err = NULL;
200static BIO *bio_stdout = NULL;
201
202static const char *alpn_client;
203static const char *alpn_server;
204static const char *alpn_expected;
205static unsigned char *alpn_selected;
206
207/*
208 * next_protos_parse parses a comma separated list of strings into a string
209 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
210 * outlen: (output) set to the length of the resulting buffer on success.
211 * err: (maybe NULL) on failure, an error message line is written to this BIO.
212 * in: a NUL terminated string like "abc,def,ghi"
213 *
214 * returns: a malloced buffer or NULL on failure.
215 */
216static unsigned char *
217next_protos_parse(unsigned short *outlen, const char *in)
218{
219 size_t i, len, start = 0;
220 unsigned char *out;
221
222 len = strlen(in);
223 if (len >= 65535)
224 return (NULL);
225
226 if ((out = malloc(strlen(in) + 1)) == NULL)
227 return (NULL);
228
229 for (i = 0; i <= len; ++i) {
230 if (i == len || in[i] == ',') {
231 if (i - start > 255) {
232 free(out);
233 return (NULL);
234 }
235 out[start] = i - start;
236 start = i + 1;
237 } else
238 out[i+1] = in[i];
239 }
240 *outlen = len + 1;
241 return (out);
242}
243
244static int
245cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen,
246 const unsigned char *in, unsigned int inlen, void *arg)
247{
248 unsigned char *protos;
249 unsigned short protos_len;
250
251 if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) {
252 fprintf(stderr,
253 "failed to parser ALPN server protocol string: %s\n",
254 alpn_server);
255 abort();
256 }
257
258 if (SSL_select_next_proto((unsigned char **)out, outlen, protos,
259 protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) {
260 free(protos);
261 return (SSL_TLSEXT_ERR_NOACK);
262 }
263
264 /*
265 * Make a copy of the selected protocol which will be freed in
266 * verify_alpn.
267 */
268 if ((alpn_selected = malloc(*outlen)) == NULL) {
269 fprintf(stderr, "malloc failed\n");
270 abort();
271 }
272 memcpy(alpn_selected, *out, *outlen);
273 *out = alpn_selected;
274 free(protos);
275
276 return (SSL_TLSEXT_ERR_OK);
277}
278
279static int
280verify_alpn(SSL *client, SSL *server)
281{
282 const unsigned char *client_proto, *server_proto;
283 unsigned int client_proto_len = 0, server_proto_len = 0;
284
285 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
286 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
287
288 free(alpn_selected);
289 alpn_selected = NULL;
290
291 if (client_proto_len != server_proto_len ||
292 memcmp(client_proto, server_proto, client_proto_len) != 0) {
293 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
294 goto err;
295 }
296
297 if (client_proto_len > 0 && alpn_expected == NULL) {
298 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
299 goto err;
300 }
301
302 if (alpn_expected != NULL &&
303 (client_proto_len != strlen(alpn_expected) ||
304 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
305 BIO_printf(bio_stdout, "ALPN selected protocols not equal to "
306 "expected protocol: %s\n", alpn_expected);
307 goto err;
308 }
309
310 return (0);
311
312err:
313 BIO_printf(bio_stdout, "ALPN results: client: '");
314 BIO_write(bio_stdout, client_proto, client_proto_len);
315 BIO_printf(bio_stdout, "', server: '");
316 BIO_write(bio_stdout, server_proto, server_proto_len);
317 BIO_printf(bio_stdout, "'\n");
318 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
319 alpn_client, alpn_server);
320
321 return (-1);
322}
323
324static char *cipher = NULL;
325static int verbose = 0;
326static int debug = 0;
327
328int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
329 clock_t *c_time);
330int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
331static int do_test_cipherlist(void);
332
333static void
334sv_usage(void)
335{
336 fprintf(stderr, "usage: ssltest [args ...]\n");
337 fprintf(stderr, "\n");
338 fprintf(stderr, " -server_auth - check server certificate\n");
339 fprintf(stderr, " -client_auth - do client authentication\n");
340 fprintf(stderr, " -proxy - allow proxy certificates\n");
341 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
342 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n");
343 fprintf(stderr, " -v - more output\n");
344 fprintf(stderr, " -d - debug output\n");
345 fprintf(stderr, " -reuse - use session-id reuse\n");
346 fprintf(stderr, " -num <val> - number of connections to perform\n");
347 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n");
348 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
349 fprintf(stderr, " -no_dhe - disable DHE\n");
350 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
351 fprintf(stderr, " -dtls1 - use DTLSv1\n");
352 fprintf(stderr, " -tls1 - use TLSv1\n");
353 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
354 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
355 fprintf(stderr, " -cert arg - Server certificate file\n");
356 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n");
357 fprintf(stderr, " -c_cert arg - Client certificate file\n");
358 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n");
359 fprintf(stderr, " -cipher arg - The cipher list\n");
360 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
361 fprintf(stderr, " -f - Test even cases that can't work\n");
362 fprintf(stderr, " -time - measure processor time used by client and server\n");
363 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \
364 " Use \"openssl ecparam -list_curves\" for all names\n" \
365 " (default is sect163r2).\n");
366 fprintf(stderr, " -test_cipherlist - verifies the order of the ssl cipher lists\n");
367 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
368 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
369 fprintf(stderr, " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
370}
371
372static void
373print_details(SSL *c_ssl, const char *prefix)
374{
375 const SSL_CIPHER *ciph;
376 X509 *cert;
377
378 ciph = SSL_get_current_cipher(c_ssl);
379 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
380 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph),
381 SSL_CIPHER_get_name(ciph));
382 cert = SSL_get_peer_certificate(c_ssl);
383 if (cert != NULL) {
384 EVP_PKEY *pkey = X509_get_pubkey(cert);
385 if (pkey != NULL) {
386 if (pkey->type == EVP_PKEY_RSA &&
387 pkey->pkey.rsa != NULL &&
388 pkey->pkey.rsa->n != NULL) {
389 BIO_printf(bio_stdout, ", %d bit RSA",
390 BN_num_bits(pkey->pkey.rsa->n));
391 } else if (pkey->type == EVP_PKEY_DSA &&
392 pkey->pkey.dsa != NULL &&
393 pkey->pkey.dsa->p != NULL) {
394 BIO_printf(bio_stdout, ", %d bit DSA",
395 BN_num_bits(pkey->pkey.dsa->p));
396 }
397 EVP_PKEY_free(pkey);
398 }
399 X509_free(cert);
400 }
401 /* The SSL API does not allow us to look at temporary RSA/DH keys,
402 * otherwise we should print their lengths too */
403 BIO_printf(bio_stdout, "\n");
404}
405
406static void
407lock_dbg_cb(int mode, int type, const char *file, int line)
408{
409 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
410 const char *errstr = NULL;
411 int rw;
412
413 rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
414 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
415 errstr = "invalid mode";
416 goto err;
417 }
418
419 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
420 errstr = "type out of bounds";
421 goto err;
422 }
423
424 if (mode & CRYPTO_LOCK) {
425 if (modes[type]) {
426 errstr = "already locked";
427 /* must not happen in a single-threaded program
428 * (would deadlock) */
429 goto err;
430 }
431
432 modes[type] = rw;
433 } else if (mode & CRYPTO_UNLOCK) {
434 if (!modes[type]) {
435 errstr = "not locked";
436 goto err;
437 }
438
439 if (modes[type] != rw) {
440 errstr = (rw == CRYPTO_READ) ?
441 "CRYPTO_r_unlock on write lock" :
442 "CRYPTO_w_unlock on read lock";
443 }
444
445 modes[type] = 0;
446 } else {
447 errstr = "invalid mode";
448 goto err;
449 }
450
451err:
452 if (errstr) {
453 /* we cannot use bio_err here */
454 fprintf(stderr,
455 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
456 errstr, mode, type, file, line);
457 }
458}
459
460int
461main(int argc, char *argv[])
462{
463 char *CApath = NULL, *CAfile = NULL;
464 int badop = 0;
465 int bio_pair = 0;
466 int force = 0;
467 int tls1 = 0, dtls1 = 0, ret = 1;
468 int client_auth = 0;
469 int server_auth = 0, i;
470 struct app_verify_arg app_verify_arg =
471 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
472 char *server_cert = TEST_SERVER_CERT;
473 char *server_key = NULL;
474 char *client_cert = TEST_CLIENT_CERT;
475 char *client_key = NULL;
476 char *named_curve = NULL;
477 SSL_CTX *s_ctx = NULL;
478 SSL_CTX *c_ctx = NULL;
479 const SSL_METHOD *meth = NULL;
480 SSL *c_ssl, *s_ssl;
481 int number = 1, reuse = 0;
482 long bytes = 256L;
483 DH *dh;
484 int dhe1024dsa = 0;
485 EC_KEY *ecdh = NULL;
486 int no_dhe = 0;
487 int no_ecdhe = 0;
488 int print_time = 0;
489 clock_t s_time = 0, c_time = 0;
490 int test_cipherlist = 0;
491
492 verbose = 0;
493 debug = 0;
494 cipher = 0;
495
496 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT);
497
498 CRYPTO_set_locking_callback(lock_dbg_cb);
499
500 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT);
501
502 argc--;
503 argv++;
504
505 while (argc >= 1) {
506 if (!strcmp(*argv, "-F")) {
507 fprintf(stderr, "not compiled with FIPS support, so exitting without running.\n");
508 exit(0);
509 } else if (strcmp(*argv, "-server_auth") == 0)
510 server_auth = 1;
511 else if (strcmp(*argv, "-client_auth") == 0)
512 client_auth = 1;
513 else if (strcmp(*argv, "-proxy_auth") == 0) {
514 if (--argc < 1)
515 goto bad;
516 app_verify_arg.proxy_auth= *(++argv);
517 } else if (strcmp(*argv, "-proxy_cond") == 0) {
518 if (--argc < 1)
519 goto bad;
520 app_verify_arg.proxy_cond= *(++argv);
521 } else if (strcmp(*argv, "-v") == 0)
522 verbose = 1;
523 else if (strcmp(*argv, "-d") == 0)
524 debug = 1;
525 else if (strcmp(*argv, "-reuse") == 0)
526 reuse = 1;
527 else if (strcmp(*argv, "-dhe1024dsa") == 0) {
528 dhe1024dsa = 1;
529 } else if (strcmp(*argv, "-no_dhe") == 0)
530 no_dhe = 1;
531 else if (strcmp(*argv, "-no_ecdhe") == 0)
532 no_ecdhe = 1;
533 else if (strcmp(*argv, "-dtls1") == 0)
534 dtls1 = 1;
535 else if (strcmp(*argv, "-tls1") == 0)
536 tls1 = 1;
537 else if (strncmp(*argv, "-num", 4) == 0) {
538 if (--argc < 1)
539 goto bad;
540 number = atoi(*(++argv));
541 if (number == 0)
542 number = 1;
543 } else if (strcmp(*argv, "-bytes") == 0) {
544 if (--argc < 1)
545 goto bad;
546 bytes = atol(*(++argv));
547 if (bytes == 0L)
548 bytes = 1L;
549 i = strlen(argv[0]);
550 if (argv[0][i - 1] == 'k')
551 bytes*=1024L;
552 if (argv[0][i - 1] == 'm')
553 bytes*=1024L*1024L;
554 } else if (strcmp(*argv, "-cert") == 0) {
555 if (--argc < 1)
556 goto bad;
557 server_cert= *(++argv);
558 } else if (strcmp(*argv, "-s_cert") == 0) {
559 if (--argc < 1)
560 goto bad;
561 server_cert= *(++argv);
562 } else if (strcmp(*argv, "-key") == 0) {
563 if (--argc < 1)
564 goto bad;
565 server_key= *(++argv);
566 } else if (strcmp(*argv, "-s_key") == 0) {
567 if (--argc < 1)
568 goto bad;
569 server_key= *(++argv);
570 } else if (strcmp(*argv, "-c_cert") == 0) {
571 if (--argc < 1)
572 goto bad;
573 client_cert= *(++argv);
574 } else if (strcmp(*argv, "-c_key") == 0) {
575 if (--argc < 1)
576 goto bad;
577 client_key= *(++argv);
578 } else if (strcmp(*argv, "-cipher") == 0) {
579 if (--argc < 1)
580 goto bad;
581 cipher= *(++argv);
582 } else if (strcmp(*argv, "-CApath") == 0) {
583 if (--argc < 1)
584 goto bad;
585 CApath= *(++argv);
586 } else if (strcmp(*argv, "-CAfile") == 0) {
587 if (--argc < 1)
588 goto bad;
589 CAfile= *(++argv);
590 } else if (strcmp(*argv, "-bio_pair") == 0) {
591 bio_pair = 1;
592 } else if (strcmp(*argv, "-f") == 0) {
593 force = 1;
594 } else if (strcmp(*argv, "-time") == 0) {
595 print_time = 1;
596 } else if (strcmp(*argv, "-named_curve") == 0) {
597 if (--argc < 1)
598 goto bad;
599 named_curve = *(++argv);
600 } else if (strcmp(*argv, "-app_verify") == 0) {
601 app_verify_arg.app_verify = 1;
602 } else if (strcmp(*argv, "-proxy") == 0) {
603 app_verify_arg.allow_proxy_certs = 1;
604 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
605 test_cipherlist = 1;
606 } else if (strcmp(*argv, "-alpn_client") == 0) {
607 if (--argc < 1)
608 goto bad;
609 alpn_client = *(++argv);
610 } else if (strcmp(*argv, "-alpn_server") == 0) {
611 if (--argc < 1)
612 goto bad;
613 alpn_server = *(++argv);
614 } else if (strcmp(*argv, "-alpn_expected") == 0) {
615 if (--argc < 1)
616 goto bad;
617 alpn_expected = *(++argv);
618 } else {
619 fprintf(stderr, "unknown option %s\n", *argv);
620 badop = 1;
621 break;
622 }
623 argc--;
624 argv++;
625 }
626 if (badop) {
627bad:
628 sv_usage();
629 goto end;
630 }
631
632 if (test_cipherlist == 1) {
633 /* ensure that the cipher list are correctly sorted and exit */
634 if (do_test_cipherlist() == 0)
635 exit(1);
636 ret = 0;
637 goto end;
638 }
639
640 if (!dtls1 && !tls1 &&
641 number > 1 && !reuse && !force) {
642 fprintf(stderr,
643 "This case cannot work. Use -f to perform "
644 "the test anyway (and\n-d to see what happens), "
645 "or add one of -dtls1, -tls1, -reuse\n"
646 "to avoid protocol mismatch.\n");
647 exit(1);
648 }
649
650 if (print_time) {
651 if (!bio_pair) {
652 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
653 bio_pair = 1;
654 }
655 if (number < 50 && !force)
656 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
657 }
658
659/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
660
661 SSL_library_init();
662 SSL_load_error_strings();
663
664 if (dtls1)
665 meth = DTLSv1_method();
666 else if (tls1)
667 meth = TLSv1_method();
668 else
669 meth = SSLv23_method();
670
671 c_ctx = SSL_CTX_new(meth);
672 s_ctx = SSL_CTX_new(meth);
673 if ((c_ctx == NULL) || (s_ctx == NULL)) {
674 ERR_print_errors(bio_err);
675 goto end;
676 }
677
678 if (cipher != NULL) {
679 SSL_CTX_set_cipher_list(c_ctx, cipher);
680 SSL_CTX_set_cipher_list(s_ctx, cipher);
681 }
682
683 if (!no_dhe) {
684 if (dhe1024dsa) {
685 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
686 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
687 dh = get_dh1024dsa();
688 } else
689 dh = get_dh1024();
690 SSL_CTX_set_tmp_dh(s_ctx, dh);
691 DH_free(dh);
692 }
693
694 if (!no_ecdhe) {
695 int nid;
696
697 if (named_curve != NULL) {
698 nid = OBJ_sn2nid(named_curve);
699 if (nid == 0) {
700 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
701 goto end;
702 }
703 } else
704 nid = NID_X9_62_prime256v1;
705
706 ecdh = EC_KEY_new_by_curve_name(nid);
707 if (ecdh == NULL) {
708 BIO_printf(bio_err, "unable to create curve\n");
709 goto end;
710 }
711
712 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
713 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
714 EC_KEY_free(ecdh);
715 }
716
717 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
718
719 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert,
720 SSL_FILETYPE_PEM)) {
721 ERR_print_errors(bio_err);
722 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
723 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) {
724 ERR_print_errors(bio_err);
725 goto end;
726 }
727
728 if (client_auth) {
729 SSL_CTX_use_certificate_file(c_ctx, client_cert,
730 SSL_FILETYPE_PEM);
731 SSL_CTX_use_PrivateKey_file(c_ctx,
732 (client_key ? client_key : client_cert),
733 SSL_FILETYPE_PEM);
734 }
735
736 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
737 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
738 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
739 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
740 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
741 ERR_print_errors(bio_err);
742 /* goto end; */
743 }
744
745 if (client_auth) {
746 BIO_printf(bio_err, "client authentication\n");
747 SSL_CTX_set_verify(s_ctx,
748 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
749 verify_callback);
750 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
751 &app_verify_arg);
752 }
753 if (server_auth) {
754 BIO_printf(bio_err, "server authentication\n");
755 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER,
756 verify_callback);
757 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
758 &app_verify_arg);
759 }
760
761 {
762 int session_id_context = 0;
763 SSL_CTX_set_session_id_context(s_ctx,
764 (void *)&session_id_context, sizeof(session_id_context));
765 }
766
767 if (alpn_server != NULL)
768 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
769
770 if (alpn_client != NULL) {
771 unsigned short alpn_len;
772 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
773
774 if (alpn == NULL) {
775 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
776 goto end;
777 }
778 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
779 free(alpn);
780 }
781
782 c_ssl = SSL_new(c_ctx);
783 s_ssl = SSL_new(s_ctx);
784
785 for (i = 0; i < number; i++) {
786 if (!reuse)
787 SSL_set_session(c_ssl, NULL);
788 if (bio_pair)
789 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time,
790 &c_time);
791 else
792 ret = doit(s_ssl, c_ssl, bytes);
793 }
794
795 if (!verbose) {
796 print_details(c_ssl, "");
797 }
798 if ((number > 1) || (bytes > 1L))
799 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",
800 number, bytes);
801 if (print_time) {
802#ifdef CLOCKS_PER_SEC
803 /* "To determine the time in seconds, the value returned
804 * by the clock function should be divided by the value
805 * of the macro CLOCKS_PER_SEC."
806 * -- ISO/IEC 9899 */
807 BIO_printf(bio_stdout,
808 "Approximate total server time: %6.2f s\n"
809 "Approximate total client time: %6.2f s\n",
810 (double)s_time/CLOCKS_PER_SEC,
811 (double)c_time/CLOCKS_PER_SEC);
812#else
813 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
814 * -- cc on NeXTstep/OpenStep */
815 BIO_printf(bio_stdout,
816 "Approximate total server time: %6.2f units\n"
817 "Approximate total client time: %6.2f units\n",
818 (double)s_time,
819 (double)c_time);
820#endif
821 }
822
823 SSL_free(s_ssl);
824 SSL_free(c_ssl);
825
826end:
827 SSL_CTX_free(s_ctx);
828 SSL_CTX_free(c_ctx);
829 BIO_free(bio_stdout);
830
831 free_tmp_rsa();
832#ifndef OPENSSL_NO_ENGINE
833 ENGINE_cleanup();
834#endif
835 CRYPTO_cleanup_all_ex_data();
836 ERR_free_strings();
837 ERR_remove_thread_state(NULL);
838 EVP_cleanup();
839 CRYPTO_mem_leaks(bio_err);
840 BIO_free(bio_err);
841
842 exit(ret);
843 return ret;
844}
845
846int
847doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time,
848 clock_t *c_time)
849{
850 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
851 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
852 BIO *server = NULL, *server_io = NULL;
853 BIO *client = NULL, *client_io = NULL;
854 int ret = 1;
855
856 size_t bufsiz = 256; /* small buffer for testing */
857
858 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
859 goto err;
860 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
861 goto err;
862
863 s_ssl_bio = BIO_new(BIO_f_ssl());
864 if (!s_ssl_bio)
865 goto err;
866
867 c_ssl_bio = BIO_new(BIO_f_ssl());
868 if (!c_ssl_bio)
869 goto err;
870
871 SSL_set_connect_state(c_ssl);
872 SSL_set_bio(c_ssl, client, client);
873 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
874
875 SSL_set_accept_state(s_ssl);
876 SSL_set_bio(s_ssl, server, server);
877 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
878
879 do {
880 /* c_ssl_bio: SSL filter BIO
881 *
882 * client: pseudo-I/O for SSL library
883 *
884 * client_io: client's SSL communication; usually to be
885 * relayed over some I/O facility, but in this
886 * test program, we're the server, too:
887 *
888 * server_io: server's SSL communication
889 *
890 * server: pseudo-I/O for SSL library
891 *
892 * s_ssl_bio: SSL filter BIO
893 *
894 * The client and the server each employ a "BIO pair":
895 * client + client_io, server + server_io.
896 * BIO pairs are symmetric. A BIO pair behaves similar
897 * to a non-blocking socketpair (but both endpoints must
898 * be handled by the same thread).
899 * [Here we could connect client and server to the ends
900 * of a single BIO pair, but then this code would be less
901 * suitable as an example for BIO pairs in general.]
902 *
903 * Useful functions for querying the state of BIO pair endpoints:
904 *
905 * BIO_ctrl_pending(bio) number of bytes we can read now
906 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
907 * other side's read attempt
908 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
909 *
910 * ..._read_request is never more than ..._write_guarantee;
911 * it depends on the application which one you should use.
912 */
913
914 /* We have non-blocking behaviour throughout this test program, but
915 * can be sure that there is *some* progress in each iteration; so
916 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
917 * -- we just try everything in each iteration
918 */
919
920 {
921 /* CLIENT */
922
923 char cbuf[1024*8];
924 int i, r;
925 clock_t c_clock = clock();
926
927 memset(cbuf, 0, sizeof(cbuf));
928
929 if (debug)
930 if (SSL_in_init(c_ssl))
931 printf("client waiting in SSL_connect - %s\n",
932 SSL_state_string_long(c_ssl));
933
934 if (cw_num > 0) {
935 /* Write to server. */
936
937 if (cw_num > (long)sizeof cbuf)
938 i = sizeof cbuf;
939 else
940 i = (int)cw_num;
941 r = BIO_write(c_ssl_bio, cbuf, i);
942 if (r < 0) {
943 if (!BIO_should_retry(c_ssl_bio)) {
944 fprintf(stderr, "ERROR in CLIENT\n");
945 goto err;
946 }
947 /* BIO_should_retry(...) can just be ignored here.
948 * The library expects us to call BIO_write with
949 * the same arguments again, and that's what we will
950 * do in the next iteration. */
951 } else if (r == 0) {
952 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
953 goto err;
954 } else {
955 if (debug)
956 printf("client wrote %d\n", r);
957 cw_num -= r;
958
959 }
960 }
961
962 if (cr_num > 0) {
963 /* Read from server. */
964
965 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
966 if (r < 0) {
967 if (!BIO_should_retry(c_ssl_bio)) {
968 fprintf(stderr, "ERROR in CLIENT\n");
969 goto err;
970 }
971 /* Again, "BIO_should_retry" can be ignored. */
972 } else if (r == 0) {
973 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
974 goto err;
975 } else {
976 if (debug)
977 printf("client read %d\n", r);
978 cr_num -= r;
979 }
980 }
981
982 /* c_time and s_time increments will typically be very small
983 * (depending on machine speed and clock tick intervals),
984 * but sampling over a large number of connections should
985 * result in fairly accurate figures. We cannot guarantee
986 * a lot, however -- if each connection lasts for exactly
987 * one clock tick, it will be counted only for the client
988 * or only for the server or even not at all.
989 */
990 *c_time += (clock() - c_clock);
991 }
992
993 {
994 /* SERVER */
995
996 char sbuf[1024*8];
997 int i, r;
998 clock_t s_clock = clock();
999
1000 memset(sbuf, 0, sizeof(sbuf));
1001
1002 if (debug)
1003 if (SSL_in_init(s_ssl))
1004 printf("server waiting in SSL_accept - %s\n",
1005 SSL_state_string_long(s_ssl));
1006
1007 if (sw_num > 0) {
1008 /* Write to client. */
1009
1010 if (sw_num > (long)sizeof sbuf)
1011 i = sizeof sbuf;
1012 else
1013 i = (int)sw_num;
1014 r = BIO_write(s_ssl_bio, sbuf, i);
1015 if (r < 0) {
1016 if (!BIO_should_retry(s_ssl_bio)) {
1017 fprintf(stderr, "ERROR in SERVER\n");
1018 goto err;
1019 }
1020 /* Ignore "BIO_should_retry". */
1021 } else if (r == 0) {
1022 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1023 goto err;
1024 } else {
1025 if (debug)
1026 printf("server wrote %d\n", r);
1027 sw_num -= r;
1028
1029 }
1030 }
1031
1032 if (sr_num > 0) {
1033 /* Read from client. */
1034
1035 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
1036 if (r < 0) {
1037 if (!BIO_should_retry(s_ssl_bio)) {
1038 fprintf(stderr, "ERROR in SERVER\n");
1039 goto err;
1040 }
1041 /* blah, blah */
1042 } else if (r == 0) {
1043 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1044 goto err;
1045 } else {
1046 if (debug)
1047 printf("server read %d\n", r);
1048 sr_num -= r;
1049 }
1050 }
1051
1052 *s_time += (clock() - s_clock);
1053 }
1054
1055 {
1056 /* "I/O" BETWEEN CLIENT AND SERVER. */
1057
1058 size_t r1, r2;
1059 BIO *io1 = server_io, *io2 = client_io;
1060 /* we use the non-copying interface for io1
1061 * and the standard BIO_write/BIO_read interface for io2
1062 */
1063
1064 static int prev_progress = 1;
1065 int progress = 0;
1066
1067 /* io1 to io2 */
1068 do {
1069 size_t num;
1070 int r;
1071
1072 r1 = BIO_ctrl_pending(io1);
1073 r2 = BIO_ctrl_get_write_guarantee(io2);
1074
1075 num = r1;
1076 if (r2 < num)
1077 num = r2;
1078 if (num) {
1079 char *dataptr;
1080
1081 if (INT_MAX < num) /* yeah, right */
1082 num = INT_MAX;
1083
1084 r = BIO_nread(io1, &dataptr, (int)num);
1085 assert(r > 0);
1086 assert(r <= (int)num);
1087 /* possibly r < num (non-contiguous data) */
1088 num = r;
1089 r = BIO_write(io2, dataptr, (int)num);
1090 if (r != (int)num) /* can't happen */
1091 {
1092 fprintf(stderr, "ERROR: BIO_write could not write "
1093 "BIO_ctrl_get_write_guarantee() bytes");
1094 goto err;
1095 }
1096 progress = 1;
1097
1098 if (debug)
1099 printf((io1 == client_io) ?
1100 "C->S relaying: %d bytes\n" :
1101 "S->C relaying: %d bytes\n",
1102 (int)num);
1103 }
1104 } while (r1 && r2);
1105
1106 /* io2 to io1 */
1107 {
1108 size_t num;
1109 int r;
1110
1111 r1 = BIO_ctrl_pending(io2);
1112 r2 = BIO_ctrl_get_read_request(io1);
1113 /* here we could use ..._get_write_guarantee instead of
1114 * ..._get_read_request, but by using the latter
1115 * we test restartability of the SSL implementation
1116 * more thoroughly */
1117 num = r1;
1118 if (r2 < num)
1119 num = r2;
1120 if (num) {
1121 char *dataptr;
1122
1123 if (INT_MAX < num)
1124 num = INT_MAX;
1125
1126 if (num > 1)
1127 --num; /* test restartability even more thoroughly */
1128
1129 r = BIO_nwrite0(io1, &dataptr);
1130 assert(r > 0);
1131 if (r < (int)num)
1132 num = r;
1133 r = BIO_read(io2, dataptr, (int)num);
1134 if (r != (int)num) /* can't happen */
1135 {
1136 fprintf(stderr, "ERROR: BIO_read could not read "
1137 "BIO_ctrl_pending() bytes");
1138 goto err;
1139 }
1140 progress = 1;
1141 r = BIO_nwrite(io1, &dataptr, (int)num);
1142 if (r != (int)num) /* can't happen */
1143 {
1144 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
1145 "BIO_nwrite0() bytes");
1146 goto err;
1147 }
1148
1149 if (debug)
1150 printf((io2 == client_io) ?
1151 "C->S relaying: %d bytes\n" :
1152 "S->C relaying: %d bytes\n",
1153 (int)num);
1154 }
1155 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
1156
1157 if (!progress && !prev_progress) {
1158 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
1159 fprintf(stderr, "ERROR: got stuck\n");
1160 goto err;
1161 }
1162 }
1163 prev_progress = progress;
1164 }
1165 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
1166
1167 if (verbose)
1168 print_details(c_ssl, "DONE via BIO pair: ");
1169
1170 if (verify_alpn(c_ssl, s_ssl) < 0) {
1171 ret = 1;
1172 goto err;
1173 }
1174
1175 ret = 0;
1176
1177err:
1178 ERR_print_errors(bio_err);
1179
1180 BIO_free(server);
1181 BIO_free(server_io);
1182 BIO_free(client);
1183 BIO_free(client_io);
1184 BIO_free(s_ssl_bio);
1185 BIO_free(c_ssl_bio);
1186
1187 return ret;
1188}
1189
1190
1191#define W_READ 1
1192#define W_WRITE 2
1193#define C_DONE 1
1194#define S_DONE 2
1195
1196int
1197doit(SSL *s_ssl, SSL *c_ssl, long count)
1198{
1199 char cbuf[1024*8], sbuf[1024*8];
1200 long cw_num = count, cr_num = count;
1201 long sw_num = count, sr_num = count;
1202 int ret = 1;
1203 BIO *c_to_s = NULL;
1204 BIO *s_to_c = NULL;
1205 BIO *c_bio = NULL;
1206 BIO *s_bio = NULL;
1207 int c_r, c_w, s_r, s_w;
1208 int i, j;
1209 int done = 0;
1210 int c_write, s_write;
1211 int do_server = 0, do_client = 0;
1212
1213 memset(cbuf, 0, sizeof(cbuf));
1214 memset(sbuf, 0, sizeof(sbuf));
1215
1216 c_to_s = BIO_new(BIO_s_mem());
1217 s_to_c = BIO_new(BIO_s_mem());
1218 if ((s_to_c == NULL) || (c_to_s == NULL)) {
1219 ERR_print_errors(bio_err);
1220 goto err;
1221 }
1222
1223 c_bio = BIO_new(BIO_f_ssl());
1224 s_bio = BIO_new(BIO_f_ssl());
1225 if ((c_bio == NULL) || (s_bio == NULL)) {
1226 ERR_print_errors(bio_err);
1227 goto err;
1228 }
1229
1230 SSL_set_connect_state(c_ssl);
1231 SSL_set_bio(c_ssl, s_to_c, c_to_s);
1232 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
1233
1234 SSL_set_accept_state(s_ssl);
1235 SSL_set_bio(s_ssl, c_to_s, s_to_c);
1236 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
1237
1238 c_r = 0;
1239 s_r = 1;
1240 c_w = 1;
1241 s_w = 0;
1242 c_write = 1, s_write = 0;
1243
1244 /* We can always do writes */
1245 for (;;) {
1246 do_server = 0;
1247 do_client = 0;
1248
1249 i = (int)BIO_pending(s_bio);
1250 if ((i && s_r) || s_w)
1251 do_server = 1;
1252
1253 i = (int)BIO_pending(c_bio);
1254 if ((i && c_r) || c_w)
1255 do_client = 1;
1256
1257 if (do_server && debug) {
1258 if (SSL_in_init(s_ssl))
1259 printf("server waiting in SSL_accept - %s\n",
1260 SSL_state_string_long(s_ssl));
1261 }
1262
1263 if (do_client && debug) {
1264 if (SSL_in_init(c_ssl))
1265 printf("client waiting in SSL_connect - %s\n",
1266 SSL_state_string_long(c_ssl));
1267 }
1268
1269 if (!do_client && !do_server) {
1270 fprintf(stdout, "ERROR in STARTUP\n");
1271 ERR_print_errors(bio_err);
1272 goto err;
1273 }
1274
1275 if (do_client && !(done & C_DONE)) {
1276 if (c_write) {
1277 j = (cw_num > (long)sizeof(cbuf)) ?
1278 (int)sizeof(cbuf) : (int)cw_num;
1279 i = BIO_write(c_bio, cbuf, j);
1280 if (i < 0) {
1281 c_r = 0;
1282 c_w = 0;
1283 if (BIO_should_retry(c_bio)) {
1284 if (BIO_should_read(c_bio))
1285 c_r = 1;
1286 if (BIO_should_write(c_bio))
1287 c_w = 1;
1288 } else {
1289 fprintf(stderr, "ERROR in CLIENT\n");
1290 ERR_print_errors(bio_err);
1291 goto err;
1292 }
1293 } else if (i == 0) {
1294 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1295 goto err;
1296 } else {
1297 if (debug)
1298 printf("client wrote %d\n", i);
1299 /* ok */
1300 s_r = 1;
1301 c_write = 0;
1302 cw_num -= i;
1303 }
1304 } else {
1305 i = BIO_read(c_bio, cbuf, sizeof(cbuf));
1306 if (i < 0) {
1307 c_r = 0;
1308 c_w = 0;
1309 if (BIO_should_retry(c_bio)) {
1310 if (BIO_should_read(c_bio))
1311 c_r = 1;
1312 if (BIO_should_write(c_bio))
1313 c_w = 1;
1314 } else {
1315 fprintf(stderr, "ERROR in CLIENT\n");
1316 ERR_print_errors(bio_err);
1317 goto err;
1318 }
1319 } else if (i == 0) {
1320 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1321 goto err;
1322 } else {
1323 if (debug)
1324 printf("client read %d\n", i);
1325 cr_num -= i;
1326 if (sw_num > 0) {
1327 s_write = 1;
1328 s_w = 1;
1329 }
1330 if (cr_num <= 0) {
1331 s_write = 1;
1332 s_w = 1;
1333 done = S_DONE|C_DONE;
1334 }
1335 }
1336 }
1337 }
1338
1339 if (do_server && !(done & S_DONE)) {
1340 if (!s_write) {
1341 i = BIO_read(s_bio, sbuf, sizeof(cbuf));
1342 if (i < 0) {
1343 s_r = 0;
1344 s_w = 0;
1345 if (BIO_should_retry(s_bio)) {
1346 if (BIO_should_read(s_bio))
1347 s_r = 1;
1348 if (BIO_should_write(s_bio))
1349 s_w = 1;
1350 } else {
1351 fprintf(stderr, "ERROR in SERVER\n");
1352 ERR_print_errors(bio_err);
1353 goto err;
1354 }
1355 } else if (i == 0) {
1356 ERR_print_errors(bio_err);
1357 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n");
1358 goto err;
1359 } else {
1360 if (debug)
1361 printf("server read %d\n", i);
1362 sr_num -= i;
1363 if (cw_num > 0) {
1364 c_write = 1;
1365 c_w = 1;
1366 }
1367 if (sr_num <= 0) {
1368 s_write = 1;
1369 s_w = 1;
1370 c_write = 0;
1371 }
1372 }
1373 } else {
1374 j = (sw_num > (long)sizeof(sbuf)) ?
1375 (int)sizeof(sbuf) : (int)sw_num;
1376 i = BIO_write(s_bio, sbuf, j);
1377 if (i < 0) {
1378 s_r = 0;
1379 s_w = 0;
1380 if (BIO_should_retry(s_bio)) {
1381 if (BIO_should_read(s_bio))
1382 s_r = 1;
1383 if (BIO_should_write(s_bio))
1384 s_w = 1;
1385 } else {
1386 fprintf(stderr, "ERROR in SERVER\n");
1387 ERR_print_errors(bio_err);
1388 goto err;
1389 }
1390 } else if (i == 0) {
1391 ERR_print_errors(bio_err);
1392 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n");
1393 goto err;
1394 } else {
1395 if (debug)
1396 printf("server wrote %d\n", i);
1397 sw_num -= i;
1398 s_write = 0;
1399 c_r = 1;
1400 if (sw_num <= 0)
1401 done |= S_DONE;
1402 }
1403 }
1404 }
1405
1406 if ((done & S_DONE) && (done & C_DONE))
1407 break;
1408 }
1409
1410 if (verbose)
1411 print_details(c_ssl, "DONE: ");
1412
1413 if (verify_alpn(c_ssl, s_ssl) < 0) {
1414 ret = 1;
1415 goto err;
1416 }
1417
1418 ret = 0;
1419err:
1420 /* We have to set the BIO's to NULL otherwise they will be
1421 * free()ed twice. Once when th s_ssl is SSL_free()ed and
1422 * again when c_ssl is SSL_free()ed.
1423 * This is a hack required because s_ssl and c_ssl are sharing the same
1424 * BIO structure and SSL_set_bio() and SSL_free() automatically
1425 * BIO_free non NULL entries.
1426 * You should not normally do this or be required to do this */
1427 if (s_ssl != NULL) {
1428 s_ssl->rbio = NULL;
1429 s_ssl->wbio = NULL;
1430 }
1431 if (c_ssl != NULL) {
1432 c_ssl->rbio = NULL;
1433 c_ssl->wbio = NULL;
1434 }
1435
1436 BIO_free(c_to_s);
1437 BIO_free(s_to_c);
1438 BIO_free_all(c_bio);
1439 BIO_free_all(s_bio);
1440
1441 return (ret);
1442}
1443
1444static int
1445get_proxy_auth_ex_data_idx(void)
1446{
1447 static volatile int idx = -1;
1448 if (idx < 0) {
1449 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
1450 if (idx < 0) {
1451 idx = X509_STORE_CTX_get_ex_new_index(0,
1452 "SSLtest for verify callback", NULL, NULL, NULL);
1453 }
1454 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
1455 }
1456 return idx;
1457}
1458
1459static int
1460verify_callback(int ok, X509_STORE_CTX *ctx)
1461{
1462 char *s, buf[256];
1463
1464 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
1465 sizeof buf);
1466 if (s != NULL) {
1467 if (ok)
1468 fprintf(stderr, "depth=%d %s\n",
1469 ctx->error_depth, buf);
1470 else {
1471 fprintf(stderr, "depth=%d error=%d %s\n",
1472 ctx->error_depth, ctx->error, buf);
1473 }
1474 }
1475
1476 if (ok == 0) {
1477 fprintf(stderr, "Error string: %s\n",
1478 X509_verify_cert_error_string(ctx->error));
1479 switch (ctx->error) {
1480 case X509_V_ERR_CERT_NOT_YET_VALID:
1481 case X509_V_ERR_CERT_HAS_EXPIRED:
1482 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
1483 fprintf(stderr, " ... ignored.\n");
1484 ok = 1;
1485 }
1486 }
1487
1488 if (ok == 1) {
1489 X509 *xs = ctx->current_cert;
1490#if 0
1491 X509 *xi = ctx->current_issuer;
1492#endif
1493
1494 if (xs->ex_flags & EXFLAG_PROXY) {
1495 unsigned int *letters =
1496 X509_STORE_CTX_get_ex_data(ctx,
1497 get_proxy_auth_ex_data_idx());
1498
1499 if (letters) {
1500 int found_any = 0;
1501 int i;
1502 PROXY_CERT_INFO_EXTENSION *pci =
1503 X509_get_ext_d2i(xs, NID_proxyCertInfo,
1504 NULL, NULL);
1505
1506 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
1507 case NID_Independent:
1508 /* Completely meaningless in this
1509 program, as there's no way to
1510 grant explicit rights to a
1511 specific PrC. Basically, using
1512 id-ppl-Independent is the perfect
1513 way to grant no rights at all. */
1514 fprintf(stderr, " Independent proxy certificate");
1515 for (i = 0; i < 26; i++)
1516 letters[i] = 0;
1517 break;
1518 case NID_id_ppl_inheritAll:
1519 /* This is basically a NOP, we
1520 simply let the current rights
1521 stand as they are. */
1522 fprintf(stderr, " Proxy certificate inherits all");
1523 break;
1524 default:
1525 s = (char *)
1526 pci->proxyPolicy->policy->data;
1527 i = pci->proxyPolicy->policy->length;
1528
1529 /* The algorithm works as follows:
1530 it is assumed that previous
1531 iterations or the initial granted
1532 rights has already set some elements
1533 of `letters'. What we need to do is
1534 to clear those that weren't granted
1535 by the current PrC as well. The
1536 easiest way to do this is to add 1
1537 to all the elements whose letters
1538 are given with the current policy.
1539 That way, all elements that are set
1540 by the current policy and were
1541 already set by earlier policies and
1542 through the original grant of rights
1543 will get the value 2 or higher.
1544 The last thing to do is to sweep
1545 through `letters' and keep the
1546 elements having the value 2 as set,
1547 and clear all the others. */
1548
1549 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s);
1550 while (i-- > 0) {
1551 int c = *s++;
1552 if (isascii(c) && isalpha(c)) {
1553 if (islower(c))
1554 c = toupper(c);
1555 letters[c - 'A']++;
1556 }
1557 }
1558 for (i = 0; i < 26; i++)
1559 if (letters[i] < 2)
1560 letters[i] = 0;
1561 else
1562 letters[i] = 1;
1563 }
1564
1565 found_any = 0;
1566 fprintf(stderr, ", resulting proxy rights = ");
1567 for (i = 0; i < 26; i++)
1568 if (letters[i]) {
1569 fprintf(stderr, "%c", i + 'A');
1570 found_any = 1;
1571 }
1572 if (!found_any)
1573 fprintf(stderr, "none");
1574 fprintf(stderr, "\n");
1575
1576 PROXY_CERT_INFO_EXTENSION_free(pci);
1577 }
1578 }
1579 }
1580
1581 return (ok);
1582}
1583
1584static void
1585process_proxy_debug(int indent, const char *format, ...)
1586{
1587 static const char indentation[] =
1588 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
1589 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
1590 char my_format[256];
1591 va_list args;
1592
1593 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s",
1594 indent, indent, indentation, format);
1595
1596 va_start(args, format);
1597 vfprintf(stderr, my_format, args);
1598 va_end(args);
1599}
1600/* Priority levels:
1601 0 [!]var, ()
1602 1 & ^
1603 2 |
1604*/
1605static int process_proxy_cond_adders(unsigned int letters[26],
1606 const char *cond, const char **cond_end, int *pos, int indent);
1607
1608static int
1609process_proxy_cond_val(unsigned int letters[26], const char *cond,
1610 const char **cond_end, int *pos, int indent)
1611{
1612 int c;
1613 int ok = 1;
1614 int negate = 0;
1615
1616 while (isspace((int)*cond)) {
1617 cond++;
1618 (*pos)++;
1619 }
1620 c = *cond;
1621
1622 if (debug)
1623 process_proxy_debug(indent,
1624 "Start process_proxy_cond_val at position %d: %s\n",
1625 *pos, cond);
1626
1627 while (c == '!') {
1628 negate = !negate;
1629 cond++;
1630 (*pos)++;
1631 while (isspace((int)*cond)) {
1632 cond++;
1633 (*pos)++;
1634 }
1635 c = *cond;
1636 }
1637
1638 if (c == '(') {
1639 cond++;
1640 (*pos)++;
1641 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
1642 indent + 1);
1643 cond = *cond_end;
1644 if (ok < 0)
1645 goto end;
1646 while (isspace((int)*cond)) {
1647 cond++;
1648 (*pos)++;
1649 }
1650 c = *cond;
1651 if (c != ')') {
1652 fprintf(stderr,
1653 "Weird condition character in position %d: "
1654 "%c\n", *pos, c);
1655 ok = -1;
1656 goto end;
1657 }
1658 cond++;
1659 (*pos)++;
1660 } else if (isascii(c) && isalpha(c)) {
1661 if (islower(c))
1662 c = toupper(c);
1663 ok = letters[c - 'A'];
1664 cond++;
1665 (*pos)++;
1666 } else {
1667 fprintf(stderr,
1668 "Weird condition character in position %d: "
1669 "%c\n", *pos, c);
1670 ok = -1;
1671 goto end;
1672 }
1673end:
1674 *cond_end = cond;
1675 if (ok >= 0 && negate)
1676 ok = !ok;
1677
1678 if (debug)
1679 process_proxy_debug(indent,
1680 "End process_proxy_cond_val at position %d: %s, returning %d\n",
1681 *pos, cond, ok);
1682
1683 return ok;
1684}
1685
1686static int
1687process_proxy_cond_multipliers(unsigned int letters[26], const char *cond,
1688 const char **cond_end, int *pos, int indent)
1689{
1690 int ok;
1691 char c;
1692
1693 if (debug)
1694 process_proxy_debug(indent,
1695 "Start process_proxy_cond_multipliers at position %d: %s\n",
1696 *pos, cond);
1697
1698 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
1699 cond = *cond_end;
1700 if (ok < 0)
1701 goto end;
1702
1703 while (ok >= 0) {
1704 while (isspace((int)*cond)) {
1705 cond++;
1706 (*pos)++;
1707 }
1708 c = *cond;
1709
1710 switch (c) {
1711 case '&':
1712 case '^':
1713 {
1714 int save_ok = ok;
1715
1716 cond++;
1717 (*pos)++;
1718 ok = process_proxy_cond_val(letters,
1719 cond, cond_end, pos, indent + 1);
1720 cond = *cond_end;
1721 if (ok < 0)
1722 break;
1723
1724 switch (c) {
1725 case '&':
1726 ok &= save_ok;
1727 break;
1728 case '^':
1729 ok ^= save_ok;
1730 break;
1731 default:
1732 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
1733 " STOPPING\n");
1734 exit(1);
1735 }
1736 }
1737 break;
1738 default:
1739 goto end;
1740 }
1741 }
1742end:
1743 if (debug)
1744 process_proxy_debug(indent,
1745 "End process_proxy_cond_multipliers at position %d: %s, "
1746 "returning %d\n",
1747 *pos, cond, ok);
1748
1749 *cond_end = cond;
1750 return ok;
1751}
1752
1753static int
1754process_proxy_cond_adders(unsigned int letters[26], const char *cond,
1755 const char **cond_end, int *pos, int indent)
1756{
1757 int ok;
1758 char c;
1759
1760 if (debug)
1761 process_proxy_debug(indent,
1762 "Start process_proxy_cond_adders at position %d: %s\n",
1763 *pos, cond);
1764
1765 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
1766 indent + 1);
1767 cond = *cond_end;
1768 if (ok < 0)
1769 goto end;
1770
1771 while (ok >= 0) {
1772 while (isspace((int)*cond)) {
1773 cond++;
1774 (*pos)++;
1775 }
1776 c = *cond;
1777
1778 switch (c) {
1779 case '|':
1780 {
1781 int save_ok = ok;
1782
1783 cond++;
1784 (*pos)++;
1785 ok = process_proxy_cond_multipliers(letters,
1786 cond, cond_end, pos, indent + 1);
1787 cond = *cond_end;
1788 if (ok < 0)
1789 break;
1790
1791 switch (c) {
1792 case '|':
1793 ok |= save_ok;
1794 break;
1795 default:
1796 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
1797 " STOPPING\n");
1798 exit(1);
1799 }
1800 }
1801 break;
1802 default:
1803 goto end;
1804 }
1805 }
1806end:
1807 if (debug)
1808 process_proxy_debug(indent,
1809 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
1810 *pos, cond, ok);
1811
1812 *cond_end = cond;
1813 return ok;
1814}
1815
1816static int
1817process_proxy_cond(unsigned int letters[26], const char *cond,
1818 const char **cond_end)
1819{
1820 int pos = 1;
1821 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
1822}
1823
1824static int
1825app_verify_callback(X509_STORE_CTX *ctx, void *arg)
1826{
1827 int ok = 1;
1828 struct app_verify_arg *cb_arg = arg;
1829 unsigned int letters[26]; /* only used with proxy_auth */
1830
1831 if (cb_arg->app_verify) {
1832 char *s = NULL, buf[256];
1833
1834 fprintf(stderr, "In app_verify_callback, allowing cert. ");
1835 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
1836 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
1837 (void *)ctx, (void *)ctx->cert);
1838 if (ctx->cert)
1839 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
1840 if (s != NULL) {
1841 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf);
1842 }
1843 return (1);
1844 }
1845 if (cb_arg->proxy_auth) {
1846 int found_any = 0, i;
1847 char *sp;
1848
1849 for (i = 0; i < 26; i++)
1850 letters[i] = 0;
1851 for (sp = cb_arg->proxy_auth; *sp; sp++) {
1852 int c = *sp;
1853 if (isascii(c) && isalpha(c)) {
1854 if (islower(c))
1855 c = toupper(c);
1856 letters[c - 'A'] = 1;
1857 }
1858 }
1859
1860 fprintf(stderr, " Initial proxy rights = ");
1861 for (i = 0; i < 26; i++)
1862 if (letters[i]) {
1863 fprintf(stderr, "%c", i + 'A');
1864 found_any = 1;
1865 }
1866 if (!found_any)
1867 fprintf(stderr, "none");
1868 fprintf(stderr, "\n");
1869
1870 X509_STORE_CTX_set_ex_data(ctx,
1871 get_proxy_auth_ex_data_idx(), letters);
1872 }
1873 if (cb_arg->allow_proxy_certs) {
1874 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
1875 }
1876
1877 ok = X509_verify_cert(ctx);
1878
1879 if (cb_arg->proxy_auth) {
1880 if (ok > 0) {
1881 const char *cond_end = NULL;
1882
1883 ok = process_proxy_cond(letters,
1884 cb_arg->proxy_cond, &cond_end);
1885
1886 if (ok < 0)
1887 exit(3);
1888 if (*cond_end) {
1889 fprintf(stderr, "Stopped processing condition before it's end.\n");
1890 ok = 0;
1891 }
1892 if (!ok)
1893 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
1894 cb_arg->proxy_cond);
1895 else
1896 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
1897 cb_arg->proxy_cond);
1898 }
1899 }
1900 return (ok);
1901}
1902
1903static RSA *rsa_tmp = NULL;
1904
1905static RSA *
1906tmp_rsa_cb(SSL *s, int is_export, int keylength)
1907{
1908 BIGNUM *bn = NULL;
1909 if (rsa_tmp == NULL) {
1910 bn = BN_new();
1911 rsa_tmp = RSA_new();
1912 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
1913 BIO_printf(bio_err, "Memory error...");
1914 goto end;
1915 }
1916 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength);
1917 (void)BIO_flush(bio_err);
1918 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
1919 BIO_printf(bio_err, "Error generating key.");
1920 RSA_free(rsa_tmp);
1921 rsa_tmp = NULL;
1922 }
1923end:
1924 BIO_printf(bio_err, "\n");
1925 (void)BIO_flush(bio_err);
1926 }
1927 if (bn)
1928 BN_free(bn);
1929 return (rsa_tmp);
1930}
1931
1932static void
1933free_tmp_rsa(void)
1934{
1935 if (rsa_tmp != NULL) {
1936 RSA_free(rsa_tmp);
1937 rsa_tmp = NULL;
1938 }
1939}
1940
1941/* These DH parameters have been generated as follows:
1942 * $ openssl dhparam -C -noout 1024
1943 * $ openssl dhparam -C -noout -dsaparam 1024
1944 * (The second function has been renamed to avoid name conflicts.)
1945 */
1946static DH *
1947get_dh1024()
1948{
1949 static unsigned char dh1024_p[] = {
1950 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A,
1951 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2,
1952 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0,
1953 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2,
1954 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C,
1955 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8,
1956 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52,
1957 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1,
1958 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1,
1959 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB,
1960 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
1961 };
1962 static unsigned char dh1024_g[] = {
1963 0x02,
1964 };
1965 DH *dh;
1966
1967 if ((dh = DH_new()) == NULL)
1968 return (NULL);
1969 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
1970 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
1971 if ((dh->p == NULL) || (dh->g == NULL)) {
1972 DH_free(dh);
1973 return (NULL);
1974 }
1975 return (dh);
1976}
1977
1978static DH *
1979get_dh1024dsa()
1980{
1981 static unsigned char dh1024_p[] = {
1982 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00,
1983 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19,
1984 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2,
1985 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55,
1986 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC,
1987 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97,
1988 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D,
1989 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB,
1990 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6,
1991 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E,
1992 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
1993 };
1994 static unsigned char dh1024_g[] = {
1995 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05,
1996 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3,
1997 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9,
1998 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C,
1999 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65,
2000 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60,
2001 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6,
2002 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7,
2003 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1,
2004 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60,
2005 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
2006 };
2007 DH *dh;
2008
2009 if ((dh = DH_new()) == NULL)
2010 return (NULL);
2011 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
2012 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
2013 if ((dh->p == NULL) || (dh->g == NULL)) {
2014 DH_free(dh);
2015 return (NULL);
2016 }
2017 dh->length = 160;
2018 return (dh);
2019}
2020
2021static int
2022do_test_cipherlist(void)
2023{
2024 int i = 0;
2025 const SSL_METHOD *meth;
2026 const SSL_CIPHER *ci, *tci = NULL;
2027
2028 fprintf(stderr, "testing TLSv1 cipher list order: ");
2029 meth = TLSv1_method();
2030 tci = NULL;
2031 while ((ci = meth->get_cipher(i++)) != NULL) {
2032 if (tci != NULL) {
2033 if (ci->id >= tci->id) {
2034 fprintf(stderr,
2035 "failed %lx vs. %lx\n", ci->id, tci->id);
2036 return 0;
2037 }
2038 }
2039 tci = ci;
2040 }
2041 fprintf(stderr, "ok\n");
2042
2043 return 1;
2044}
diff --git a/src/regress/lib/libssl/ssl/testssl b/src/regress/lib/libssl/ssl/testssl
deleted file mode 100644
index 3563d13607..0000000000
--- a/src/regress/lib/libssl/ssl/testssl
+++ /dev/null
@@ -1,138 +0,0 @@
1#!/bin/sh
2
3key="$1"
4cert="$2"
5CA="-CAfile $3"
6ssltest="${4-./ssltest} -key $key -cert $cert -c_key $key -c_cert $cert"
7openssl=${5-openssl}
8extra="$6"
9
10$openssl version || exit 1
11
12if $openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
13 dsa_cert=YES
14else
15 dsa_cert=NO
16fi
17
18#############################################################################
19
20echo test sslv2/sslv3
21$ssltest $extra || exit 1
22
23echo test sslv2/sslv3 with server authentication
24$ssltest -server_auth $CA $extra || exit 1
25
26echo test sslv2/sslv3 with client authentication
27$ssltest -client_auth $CA $extra || exit 1
28
29echo test sslv2/sslv3 with both client and server authentication
30$ssltest -server_auth -client_auth $CA $extra || exit 1
31
32echo test sslv2/sslv3 via BIO pair
33$ssltest $extra || exit 1
34
35if [ $dsa_cert = NO ]; then
36 echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
37 $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
38fi
39
40echo test sslv2/sslv3 with 1024bit DHE via BIO pair
41$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
42
43echo test sslv2/sslv3 with server authentication
44$ssltest -bio_pair -server_auth $CA $extra || exit 1
45
46echo test sslv2/sslv3 with client authentication via BIO pair
47$ssltest -bio_pair -client_auth $CA $extra || exit 1
48
49echo test sslv2/sslv3 with both client and server authentication via BIO pair
50$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
51
52echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
53$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
54
55echo "Testing ciphersuites"
56for protocol in TLSv1.2; do
57 echo "Testing ciphersuites for $protocol"
58 for cipher in `$openssl ciphers "$protocol+aRSA" | tr ':' ' '`; do
59 echo "Testing $cipher"
60 $ssltest -cipher $cipher
61 if [ $? -ne 0 ] ; then
62 echo "Failed $cipher"
63 exit 1
64 fi
65 done
66done
67
68#############################################################################
69
70if $openssl no-dh; then
71 echo skipping anonymous DH tests
72else
73 echo test tls1 with 1024bit anonymous DH, multiple handshakes
74 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
75fi
76
77#if $openssl no-rsa; then
78# echo skipping RSA tests
79#else
80# echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
81# ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
82#
83# if $openssl no-dh; then
84# echo skipping RSA+DHE tests
85# else
86# echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
87# ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
88# fi
89#fi
90
91#
92# DTLS tests
93#
94
95echo test dtlsv1
96$ssltest -dtls1 $extra || exit 1
97
98echo test dtlsv1 with server authentication
99$ssltest -dtls1 -server_auth $CA $extra || exit 1
100
101echo test dtlsv1 with client authentication
102$ssltest -dtls1 -client_auth $CA $extra || exit 1
103
104echo test dtlsv1 with both client and server authentication
105$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1
106
107echo "Testing DTLS ciphersuites"
108for protocol in SSLv3; do
109 echo "Testing ciphersuites for $protocol"
110 for cipher in `$openssl ciphers "RSA+$protocol" | tr ':' '\n' |
111 grep -v RC4`; do
112 echo "Testing $cipher"
113 $ssltest -cipher $cipher -dtls1
114 if [ $? -ne 0 ] ; then
115 echo "Failed $cipher"
116 exit 1
117 fi
118 done
119done
120
121#
122# ALPN tests
123#
124echo "Testing ALPN..."
125$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server bar || exit 1
126$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server foo \
127 -alpn_expected foo || exit 1
128$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo \
129 -alpn_expected foo || exit 1
130$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo \
131 -alpn_expected foo || exit 1
132$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar \
133 -alpn_expected foo || exit 1
134$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo \
135 -alpn_expected bar || exit 1
136$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo \
137 -alpn_expected bar || exit 1
138$ssltest -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo || exit 1
diff --git a/src/regress/lib/libssl/tlsext/Makefile b/src/regress/lib/libssl/tlsext/Makefile
deleted file mode 100644
index 48b5bc1e25..0000000000
--- a/src/regress/lib/libssl/tlsext/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2017/07/16 18:18:10 jsing Exp $
2
3PROG= tlsexttest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror -I$(BSDSRCDIR)/lib/libssl
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c
deleted file mode 100644
index b50736d802..0000000000
--- a/src/regress/lib/libssl/tlsext/tlsexttest.c
+++ /dev/null
@@ -1,2981 +0,0 @@
1/* $OpenBSD: tlsexttest.c,v 1.19 2018/11/06 01:19:35 jsing Exp $ */
2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#include <err.h>
20
21#include "ssl_locl.h"
22
23#include "bytestring.h"
24#include "ssl_tlsext.h"
25
26static void
27hexdump(const unsigned char *buf, size_t len)
28{
29 size_t i;
30
31 for (i = 1; i <= len; i++)
32 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
33
34 fprintf(stderr, "\n");
35}
36
37static void
38hexdump2(const uint16_t *buf, size_t len)
39{
40 size_t i;
41
42 for (i = 1; i <= len / 2; i++)
43 fprintf(stderr, " 0x%04hx,%s", buf[i - 1], i % 8 ? "" : "\n");
44
45 fprintf(stderr, "\n");
46}
47
48static void
49compare_data(const uint8_t *recv, size_t recv_len, const uint8_t *expect,
50 size_t expect_len)
51{
52 fprintf(stderr, "received:\n");
53 hexdump(recv, recv_len);
54
55 fprintf(stderr, "test data:\n");
56 hexdump(expect, expect_len);
57}
58
59static void
60compare_data2(const uint16_t *recv, size_t recv_len, const uint16_t *expect,
61 size_t expect_len)
62{
63 fprintf(stderr, "received:\n");
64 hexdump2(recv, recv_len);
65
66 fprintf(stderr, "test data:\n");
67 hexdump2(expect, expect_len);
68}
69
70#define FAIL(msg, ...) \
71do { \
72 fprintf(stderr, "[%s:%d] FAIL: ", __FILE__, __LINE__); \
73 fprintf(stderr, msg, ##__VA_ARGS__); \
74} while(0)
75
76/*
77 * Supported Application-Layer Protocol Negotiation - RFC 7301
78 *
79 * There are already extensive unit tests for this so this just
80 * tests the state info.
81 */
82
83const uint8_t tlsext_alpn_multiple_protos_val[] = {
84 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
85 0x08, /* len */
86 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
87 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
88 0x09, /* len */
89 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
90};
91
92const uint8_t tlsext_alpn_multiple_protos[] = {
93 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
94 0x00, 0x13, /* len of all names */
95 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
96 0x08, /* len */
97 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
98 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
99 0x09, /* len */
100 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
101};
102
103const uint8_t tlsext_alpn_single_proto_val[] = {
104 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
105 0x08, /* len */
106 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31
107};
108
109const uint8_t tlsext_alpn_single_proto_name[] = {
110 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* 'http/1.1' */
111};
112
113const uint8_t tlsext_alpn_single_proto[] = {
114 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
115 0x00, 0x09, /* len of all names */
116 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
117 0x08, /* len */
118 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31
119};
120
121static int
122test_tlsext_alpn_clienthello(void)
123{
124 SSL_CTX *ssl_ctx = NULL;
125 SSL *ssl = NULL;
126 uint8_t *data = NULL;
127 CBB cbb;
128 CBS cbs;
129 int failure, alert;
130 size_t dlen;
131
132 CBB_init(&cbb, 0);
133
134 failure = 1;
135
136 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
137 errx(1, "failed to create SSL_CTX");
138 if ((ssl = SSL_new(ssl_ctx)) == NULL)
139 errx(1, "failed to create SSL");
140
141 /* By default, we don't need this */
142 if (tlsext_alpn_clienthello_needs(ssl)) {
143 FAIL("clienthello should not need ALPN by default");
144 goto err;
145 }
146
147 /*
148 * Prereqs:
149 * 1) Set s->internal->alpn_client_proto_list
150 * - Using SSL_set_alpn_protos()
151 * 2) We have not finished or renegotiated.
152 * - S3I(s)->tmp.finish_md_len == 0
153 */
154 if (SSL_set_alpn_protos(ssl, tlsext_alpn_single_proto_val,
155 sizeof(tlsext_alpn_single_proto_val)) != 0) {
156 FAIL("should be able to set ALPN to http/1.1");
157 goto err;
158 }
159 if (!tlsext_alpn_clienthello_needs(ssl)) {
160 FAIL("clienthello should need ALPN by now");
161 goto err;
162 }
163
164 /* Make sure we can build the clienthello with a single proto. */
165
166 if (!tlsext_alpn_clienthello_build(ssl, &cbb)) {
167 FAIL("clienthello failed to build ALPN\n");
168 goto err;
169 }
170 if (!CBB_finish(&cbb, &data, &dlen))
171 errx(1, "failed to finish CBB");
172
173 if (dlen != sizeof(tlsext_alpn_single_proto)) {
174 FAIL("got clienthello ALPN with length %zu, "
175 "want length %zu\n", dlen,
176 sizeof(tlsext_alpn_single_proto));
177 compare_data(data, dlen, tlsext_alpn_single_proto,
178 sizeof(tlsext_alpn_single_proto));
179 goto err;
180 }
181 if (memcmp(data, tlsext_alpn_single_proto, dlen) != 0) {
182 FAIL("clienthello ALPN differs:\n");
183 compare_data(data, dlen, tlsext_alpn_single_proto,
184 sizeof(tlsext_alpn_single_proto));
185 goto err;
186 }
187
188 CBB_cleanup(&cbb);
189 CBB_init(&cbb, 0);
190 free(data);
191 data = NULL;
192
193 /* Make sure we can parse the single proto. */
194
195 CBS_init(&cbs, tlsext_alpn_single_proto,
196 sizeof(tlsext_alpn_single_proto));
197 if (!tlsext_alpn_clienthello_parse(ssl, &cbs, &alert)) {
198 FAIL("failed to parse ALPN");
199 goto err;
200 }
201 if (CBS_len(&cbs) != 0) {
202 FAIL("extension data remaining");
203 goto err;
204 }
205
206 if (ssl->internal->alpn_client_proto_list_len !=
207 sizeof(tlsext_alpn_single_proto_val)) {
208 FAIL("got clienthello ALPN with length %zu, "
209 "want length %zu\n", dlen,
210 sizeof(tlsext_alpn_single_proto_val));
211 compare_data(ssl->internal->alpn_client_proto_list,
212 ssl->internal->alpn_client_proto_list_len,
213 tlsext_alpn_single_proto_val,
214 sizeof(tlsext_alpn_single_proto_val));
215 goto err;
216 }
217 if (memcmp(ssl->internal->alpn_client_proto_list,
218 tlsext_alpn_single_proto_val,
219 sizeof(tlsext_alpn_single_proto_val)) != 0) {
220 FAIL("clienthello ALPN differs:\n");
221 compare_data(data, dlen, tlsext_alpn_single_proto_val,
222 sizeof(tlsext_alpn_single_proto_val));
223 goto err;
224 }
225
226 /* Make sure we can build the clienthello with multiple entries. */
227
228 if (SSL_set_alpn_protos(ssl, tlsext_alpn_multiple_protos_val,
229 sizeof(tlsext_alpn_multiple_protos_val)) != 0) {
230 FAIL("should be able to set ALPN to http/1.1");
231 goto err;
232 }
233 if (!tlsext_alpn_clienthello_needs(ssl)) {
234 FAIL("clienthello should need ALPN by now");
235 goto err;
236 }
237
238 if (!tlsext_alpn_clienthello_build(ssl, &cbb)) {
239 FAIL("clienthello failed to build ALPN\n");
240 goto err;
241 }
242 if (!CBB_finish(&cbb, &data, &dlen))
243 errx(1, "failed to finish CBB");
244
245 if (dlen != sizeof(tlsext_alpn_multiple_protos)) {
246 FAIL("got clienthello ALPN with length %zu, "
247 "want length %zu\n", dlen,
248 sizeof(tlsext_alpn_multiple_protos));
249 compare_data(data, dlen, tlsext_alpn_multiple_protos,
250 sizeof(tlsext_alpn_multiple_protos));
251 goto err;
252 }
253 if (memcmp(data, tlsext_alpn_multiple_protos, dlen) != 0) {
254 FAIL("clienthello ALPN differs:\n");
255 compare_data(data, dlen, tlsext_alpn_multiple_protos,
256 sizeof(tlsext_alpn_multiple_protos));
257 goto err;
258 }
259
260 /* Make sure we can parse multiple protos */
261
262 CBS_init(&cbs, tlsext_alpn_multiple_protos,
263 sizeof(tlsext_alpn_multiple_protos));
264 if (!tlsext_alpn_clienthello_parse(ssl, &cbs, &alert)) {
265 FAIL("failed to parse ALPN");
266 goto err;
267 }
268 if (CBS_len(&cbs) != 0) {
269 FAIL("extension data remaining");
270 goto err;
271 }
272
273 if (ssl->internal->alpn_client_proto_list_len !=
274 sizeof(tlsext_alpn_multiple_protos_val)) {
275 FAIL("got clienthello ALPN with length %zu, "
276 "want length %zu\n", dlen,
277 sizeof(tlsext_alpn_multiple_protos_val));
278 compare_data(ssl->internal->alpn_client_proto_list,
279 ssl->internal->alpn_client_proto_list_len,
280 tlsext_alpn_multiple_protos_val,
281 sizeof(tlsext_alpn_multiple_protos_val));
282 goto err;
283 }
284 if (memcmp(ssl->internal->alpn_client_proto_list,
285 tlsext_alpn_multiple_protos_val,
286 sizeof(tlsext_alpn_multiple_protos_val)) != 0) {
287 FAIL("clienthello ALPN differs:\n");
288 compare_data(data, dlen, tlsext_alpn_multiple_protos_val,
289 sizeof(tlsext_alpn_multiple_protos_val));
290 goto err;
291 }
292
293 /* Make sure we can remove the list and avoid ALPN */
294
295 free(ssl->internal->alpn_client_proto_list);
296 ssl->internal->alpn_client_proto_list = NULL;
297 ssl->internal->alpn_client_proto_list_len = 0;
298
299 if (tlsext_alpn_clienthello_needs(ssl)) {
300 FAIL("clienthello should need ALPN by default");
301 goto err;
302 }
303
304 failure = 0;
305
306 err:
307 CBB_cleanup(&cbb);
308 SSL_CTX_free(ssl_ctx);
309 SSL_free(ssl);
310 free(data);
311
312 return (failure);
313}
314
315static int
316test_tlsext_alpn_serverhello(void)
317{
318 SSL_CTX *ssl_ctx = NULL;
319 SSL *ssl = NULL;
320 uint8_t *data = NULL;
321 CBB cbb;
322 CBS cbs;
323 int failure, alert;
324 size_t dlen;
325
326 CBB_init(&cbb, 0);
327
328 failure = 1;
329
330 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
331 errx(1, "failed to create SSL_CTX");
332 if ((ssl = SSL_new(ssl_ctx)) == NULL)
333 errx(1, "failed to create SSL");
334
335 /* By default, ALPN isn't needed. */
336 if (tlsext_alpn_serverhello_needs(ssl)) {
337 FAIL("serverhello should not need ALPN by default\n");
338 goto err;
339 }
340
341 /*
342 * The server has a single ALPN selection which is set by
343 * SSL_CTX_set_alpn_select_cb() and calls SSL_select_next_proto().
344 *
345 * This will be a plain name and separate length.
346 */
347 if ((S3I(ssl)->alpn_selected = malloc(sizeof(tlsext_alpn_single_proto_name))) == NULL) {
348 errx(1, "failed to malloc");
349 }
350 memcpy(S3I(ssl)->alpn_selected, tlsext_alpn_single_proto_name,
351 sizeof(tlsext_alpn_single_proto_name));
352 S3I(ssl)->alpn_selected_len = sizeof(tlsext_alpn_single_proto_name);
353
354 if (!tlsext_alpn_serverhello_needs(ssl)) {
355 FAIL("serverhello should need ALPN after a protocol is selected\n");
356 goto err;
357 }
358
359 /* Make sure we can build a serverhello with one protocol */
360
361 if (!tlsext_alpn_serverhello_build(ssl, &cbb)) {
362 FAIL("serverhello should be able to build a response");
363 goto err;
364 }
365 if (!CBB_finish(&cbb, &data, &dlen))
366 errx(1, "failed to finish CBB");
367
368 if (dlen != sizeof(tlsext_alpn_single_proto)) {
369 FAIL("got clienthello ALPN with length %zu, "
370 "want length %zu\n", dlen,
371 sizeof(tlsext_alpn_single_proto));
372 compare_data(data, dlen, tlsext_alpn_single_proto,
373 sizeof(tlsext_alpn_single_proto));
374 goto err;
375 }
376 if (memcmp(data, tlsext_alpn_single_proto, dlen) != 0) {
377 FAIL("clienthello ALPN differs:\n");
378 compare_data(data, dlen, tlsext_alpn_single_proto,
379 sizeof(tlsext_alpn_single_proto));
380 goto err;
381 }
382
383 CBB_cleanup(&cbb);
384 CBB_init(&cbb, 0);
385 free(data);
386 data = NULL;
387
388 /* Make sure we can parse the single proto. */
389
390 CBS_init(&cbs, tlsext_alpn_single_proto,
391 sizeof(tlsext_alpn_single_proto));
392
393 /* Shouldn't be able to parse without requesting */
394 if (tlsext_alpn_serverhello_parse(ssl, &cbs, &alert)) {
395 FAIL("Should only parse serverhello if we requested it");
396 goto err;
397 }
398
399 /* Should be able to parse once requested. */
400 if (SSL_set_alpn_protos(ssl, tlsext_alpn_single_proto_val,
401 sizeof(tlsext_alpn_single_proto_val)) != 0) {
402 FAIL("should be able to set ALPN to http/1.1");
403 goto err;
404 }
405 if (!tlsext_alpn_serverhello_parse(ssl, &cbs, &alert)) {
406 FAIL("Should be able to parse serverhello when we request it");
407 goto err;
408 }
409 if (CBS_len(&cbs) != 0) {
410 FAIL("extension data remaining");
411 goto err;
412 }
413
414 if (S3I(ssl)->alpn_selected_len !=
415 sizeof(tlsext_alpn_single_proto_name)) {
416 FAIL("got serverhello ALPN with length %zu, "
417 "want length %zu\n", dlen,
418 sizeof(tlsext_alpn_single_proto_name));
419 compare_data(S3I(ssl)->alpn_selected,
420 S3I(ssl)->alpn_selected_len,
421 tlsext_alpn_single_proto_name,
422 sizeof(tlsext_alpn_single_proto_name));
423 goto err;
424 }
425 if (memcmp(S3I(ssl)->alpn_selected,
426 tlsext_alpn_single_proto_name,
427 sizeof(tlsext_alpn_single_proto_name)) != 0) {
428 FAIL("serverhello ALPN differs:\n");
429 compare_data(S3I(ssl)->alpn_selected,
430 S3I(ssl)->alpn_selected_len,
431 tlsext_alpn_single_proto_name,
432 sizeof(tlsext_alpn_single_proto_name));
433 goto err;
434 }
435
436 /*
437 * We should NOT be able to build a serverhello with multiple
438 * protocol names. However, the existing code did not check for this
439 * case because it is passed in as an encoded value.
440 */
441
442 /* Make sure we can remove the list and avoid ALPN */
443
444 free(S3I(ssl)->alpn_selected);
445 S3I(ssl)->alpn_selected = NULL;
446 S3I(ssl)->alpn_selected_len = 0;
447
448 if (tlsext_alpn_serverhello_needs(ssl)) {
449 FAIL("serverhello should need ALPN by default");
450 goto err;
451 }
452
453 failure = 0;
454
455 err:
456 CBB_cleanup(&cbb);
457 SSL_CTX_free(ssl_ctx);
458 SSL_free(ssl);
459 free(data);
460
461 return (failure);
462
463}
464
465/*
466 * Supported Elliptic Curves - RFC 4492 section 5.1.1.
467 *
468 * This extension is only used by the client.
469 */
470
471static uint8_t tlsext_supportedgroups_clienthello_default[] = {
472 0x00, 0x06,
473 0x00, 0x1d, /* X25519 (29) */
474 0x00, 0x17, /* secp256r1 (23) */
475 0x00, 0x18 /* secp384r1 (24) */
476};
477
478static uint16_t tlsext_supportedgroups_clienthello_secp384r1_val[] = {
479 0x0018 /* tls1_ec_nid2curve_id(NID_secp384r1) */
480};
481static uint8_t tlsext_supportedgroups_clienthello_secp384r1[] = {
482 0x00, 0x02,
483 0x00, 0x18 /* secp384r1 (24) */
484};
485
486/* Example from RFC 4492 section 5.1.1 */
487static uint16_t tlsext_supportedgroups_clienthello_nistp192and224_val[] = {
488 0x0013, /* tls1_ec_nid2curve_id(NID_X9_62_prime192v1) */
489 0x0015 /* tls1_ec_nid2curve_id(NID_secp224r1) */
490};
491static uint8_t tlsext_supportedgroups_clienthello_nistp192and224[] = {
492 0x00, 0x04,
493 0x00, 0x13, /* secp192r1 aka NIST P-192 */
494 0x00, 0x15 /* secp224r1 aka NIST P-224 */
495};
496
497static int
498test_tlsext_supportedgroups_clienthello(void)
499{
500 unsigned char *data = NULL;
501 SSL_CTX *ssl_ctx = NULL;
502 SSL *ssl = NULL;
503 size_t dlen;
504 int failure, alert;
505 CBB cbb;
506 CBS cbs;
507
508 failure = 1;
509
510 if (!CBB_init(&cbb, 0))
511 errx(1, "failed to create CBB");
512
513 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
514 errx(1, "failed to create SSL_CTX");
515 if ((ssl = SSL_new(ssl_ctx)) == NULL)
516 errx(1, "failed to create SSL");
517
518 /*
519 * Default ciphers include EC so we need it by default.
520 */
521 if (!tlsext_supportedgroups_clienthello_needs(ssl)) {
522 FAIL("clienthello should need Ellipticcurves for default "
523 "ciphers\n");
524 goto err;
525 }
526
527 /*
528 * Exclude cipher suites so we can test not including it.
529 */
530 if (!SSL_set_cipher_list(ssl, "TLSv1.2:!ECDHE:!ECDSA")) {
531 FAIL("clienthello should be able to set cipher list\n");
532 goto err;
533 }
534 if (tlsext_supportedgroups_clienthello_needs(ssl)) {
535 FAIL("clienthello should not need Ellipticcurves\n");
536 goto err;
537 }
538
539 /*
540 * Use libtls default for the rest of the testing
541 */
542 if (!SSL_set_cipher_list(ssl, "TLSv1.2+AEAD+ECDHE")) {
543 FAIL("clienthello should be able to set cipher list\n");
544 goto err;
545 }
546 if (!tlsext_supportedgroups_clienthello_needs(ssl)) {
547 FAIL("clienthello should need Ellipticcurves\n");
548 goto err;
549 }
550
551 /*
552 * Test with a session secp384r1. The default is used instead.
553 */
554 if ((ssl->session = SSL_SESSION_new()) == NULL)
555 errx(1, "failed to create session");
556
557 if ((SSI(ssl)->tlsext_supportedgroups = malloc(sizeof(uint16_t)))
558 == NULL) {
559 FAIL("client could not malloc\n");
560 goto err;
561 }
562 SSI(ssl)->tlsext_supportedgroups[0] = tls1_ec_nid2curve_id(NID_secp384r1);
563 SSI(ssl)->tlsext_supportedgroups_length = 1;
564
565 if (!tlsext_supportedgroups_clienthello_needs(ssl)) {
566 FAIL("clienthello should need Ellipticcurves\n");
567 goto err;
568 }
569
570 if (!tlsext_supportedgroups_clienthello_build(ssl, &cbb)) {
571 FAIL("clienthello failed to build Ellipticcurves\n");
572 goto err;
573 }
574
575 if (!CBB_finish(&cbb, &data, &dlen))
576 errx(1, "failed to finish CBB");
577
578 if (dlen != sizeof(tlsext_supportedgroups_clienthello_default)) {
579 FAIL("got clienthello Ellipticcurves with length %zu, "
580 "want length %zu\n", dlen,
581 sizeof(tlsext_supportedgroups_clienthello_default));
582 compare_data(data, dlen, tlsext_supportedgroups_clienthello_default,
583 sizeof(tlsext_supportedgroups_clienthello_default));
584 goto err;
585 }
586
587 if (memcmp(data, tlsext_supportedgroups_clienthello_default, dlen) != 0) {
588 FAIL("clienthello Ellipticcurves differs:\n");
589 compare_data(data, dlen, tlsext_supportedgroups_clienthello_default,
590 sizeof(tlsext_supportedgroups_clienthello_default));
591 goto err;
592 }
593
594 /*
595 * Test parsing secp384r1
596 */
597 CBB_cleanup(&cbb);
598 CBB_init(&cbb, 0);
599 free(data);
600 data = NULL;
601
602 SSL_SESSION_free(ssl->session);
603 if ((ssl->session = SSL_SESSION_new()) == NULL)
604 errx(1, "failed to create session");
605
606 CBS_init(&cbs, tlsext_supportedgroups_clienthello_secp384r1,
607 sizeof(tlsext_supportedgroups_clienthello_secp384r1));
608 if (!tlsext_supportedgroups_clienthello_parse(ssl, &cbs, &alert)) {
609 FAIL("failed to parse clienthello Ellipticcurves\n");
610 goto err;
611 }
612 if (CBS_len(&cbs) != 0) {
613 FAIL("extension data remaining");
614 goto err;
615 }
616
617 if (SSI(ssl)->tlsext_supportedgroups_length !=
618 sizeof(tlsext_supportedgroups_clienthello_secp384r1_val) / sizeof(uint16_t)) {
619 FAIL("no tlsext_ellipticcurves from clienthello "
620 "Ellipticcurves\n");
621 goto err;
622 }
623
624 if (memcmp(SSI(ssl)->tlsext_supportedgroups,
625 tlsext_supportedgroups_clienthello_secp384r1_val,
626 sizeof(tlsext_supportedgroups_clienthello_secp384r1_val)) != 0) {
627 FAIL("clienthello had an incorrect Ellipticcurves "
628 "entry\n");
629 compare_data2(SSI(ssl)->tlsext_supportedgroups,
630 SSI(ssl)->tlsext_supportedgroups_length * 2,
631 tlsext_supportedgroups_clienthello_secp384r1_val,
632 sizeof(tlsext_supportedgroups_clienthello_secp384r1_val));
633 goto err;
634 }
635
636 /*
637 * Use a custom order.
638 */
639 CBB_cleanup(&cbb);
640 CBB_init(&cbb, 0);
641
642 SSL_SESSION_free(ssl->session);
643 if ((ssl->session = SSL_SESSION_new()) == NULL)
644 errx(1, "failed to create session");
645
646 if ((ssl->internal->tlsext_supportedgroups = malloc(sizeof(uint16_t) * 2)) == NULL) {
647 FAIL("client could not malloc\n");
648 goto err;
649 }
650 ssl->internal->tlsext_supportedgroups[0] = tls1_ec_nid2curve_id(NID_X9_62_prime192v1);
651 ssl->internal->tlsext_supportedgroups[1] = tls1_ec_nid2curve_id(NID_secp224r1);
652 ssl->internal->tlsext_supportedgroups_length = 2;
653
654 if (!tlsext_supportedgroups_clienthello_needs(ssl)) {
655 FAIL("clienthello should need Ellipticcurves\n");
656 goto err;
657 }
658
659 if (!tlsext_supportedgroups_clienthello_build(ssl, &cbb)) {
660 FAIL("clienthello failed to build Ellipticcurves\n");
661 goto err;
662 }
663
664 if (!CBB_finish(&cbb, &data, &dlen))
665 errx(1, "failed to finish CBB");
666
667 if (dlen != sizeof(tlsext_supportedgroups_clienthello_nistp192and224)) {
668 FAIL("got clienthello Ellipticcurves with length %zu, "
669 "want length %zu\n", dlen,
670 sizeof(tlsext_supportedgroups_clienthello_nistp192and224));
671 fprintf(stderr, "received:\n");
672 hexdump(data, dlen);
673 fprintf(stderr, "test data:\n");
674 hexdump(tlsext_supportedgroups_clienthello_nistp192and224,
675 sizeof(tlsext_supportedgroups_clienthello_nistp192and224));
676 goto err;
677 }
678
679 if (memcmp(data, tlsext_supportedgroups_clienthello_nistp192and224, dlen) != 0) {
680 FAIL("clienthello Ellipticcurves differs:\n");
681 fprintf(stderr, "received:\n");
682 hexdump(data, dlen);
683 fprintf(stderr, "test data:\n");
684 hexdump(tlsext_supportedgroups_clienthello_nistp192and224,
685 sizeof(tlsext_supportedgroups_clienthello_nistp192and224));
686 goto err;
687 }
688
689 /*
690 * Parse non-default curves to session.
691 */
692 CBB_cleanup(&cbb);
693 CBB_init(&cbb, 0);
694 free(data);
695 data = NULL;
696
697 SSL_SESSION_free(ssl->session);
698 if ((ssl->session = SSL_SESSION_new()) == NULL)
699 errx(1, "failed to create session");
700
701 /* Reset back to the default list. */
702 free(ssl->internal->tlsext_supportedgroups);
703 ssl->internal->tlsext_supportedgroups = NULL;
704 ssl->internal->tlsext_supportedgroups_length = 0;
705
706 CBS_init(&cbs, tlsext_supportedgroups_clienthello_nistp192and224,
707 sizeof(tlsext_supportedgroups_clienthello_nistp192and224));
708 if (!tlsext_supportedgroups_clienthello_parse(ssl, &cbs, &alert)) {
709 FAIL("failed to parse clienthello Ellipticcurves\n");
710 goto err;
711 }
712 if (CBS_len(&cbs) != 0) {
713 FAIL("extension data remaining");
714 goto err;
715 }
716
717 if (SSI(ssl)->tlsext_supportedgroups_length !=
718 sizeof(tlsext_supportedgroups_clienthello_nistp192and224_val) / sizeof(uint16_t)) {
719 FAIL("no tlsext_ellipticcurves from clienthello "
720 "Ellipticcurves\n");
721 goto err;
722 }
723
724 if (memcmp(SSI(ssl)->tlsext_supportedgroups,
725 tlsext_supportedgroups_clienthello_nistp192and224_val,
726 sizeof(tlsext_supportedgroups_clienthello_nistp192and224_val)) != 0) {
727 FAIL("clienthello had an incorrect Ellipticcurves entry\n");
728 compare_data2(SSI(ssl)->tlsext_supportedgroups,
729 SSI(ssl)->tlsext_supportedgroups_length * 2,
730 tlsext_supportedgroups_clienthello_nistp192and224_val,
731 sizeof(tlsext_supportedgroups_clienthello_nistp192and224_val));
732 goto err;
733 }
734
735 failure = 0;
736
737 err:
738 CBB_cleanup(&cbb);
739 SSL_CTX_free(ssl_ctx);
740 SSL_free(ssl);
741 free(data);
742
743 return (failure);
744}
745
746
747/* elliptic_curves is only used by the client so this doesn't test much. */
748static int
749test_tlsext_supportedgroups_serverhello(void)
750{
751 SSL_CTX *ssl_ctx = NULL;
752 SSL *ssl = NULL;
753 int failure;
754
755 failure = 1;
756
757 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
758 errx(1, "failed to create SSL_CTX");
759 if ((ssl = SSL_new(ssl_ctx)) == NULL)
760 errx(1, "failed to create SSL");
761
762 if (tlsext_supportedgroups_serverhello_needs(ssl)) {
763 FAIL("serverhello should not need elliptic_curves\n");
764 goto err;
765 }
766
767 if ((ssl->session = SSL_SESSION_new()) == NULL)
768 errx(1, "failed to create session");
769
770 if (tlsext_supportedgroups_serverhello_needs(ssl)) {
771 FAIL("serverhello should not need elliptic_curves\n");
772 goto err;
773 }
774
775 failure = 0;
776
777 err:
778 SSL_CTX_free(ssl_ctx);
779 SSL_free(ssl);
780
781 return (failure);
782
783}
784
785/*
786 * Supported Point Formats - RFC 4492 section 5.1.2.
787 *
788 * Examples are from the RFC. Both client and server have the same build and
789 * parse but the needs differ.
790 */
791
792static uint8_t tlsext_ecpf_hello_uncompressed_val[] = {
793 TLSEXT_ECPOINTFORMAT_uncompressed
794};
795static uint8_t tlsext_ecpf_hello_uncompressed[] = {
796 0x01,
797 0x00 /* TLSEXT_ECPOINTFORMAT_uncompressed */
798};
799
800static uint8_t tlsext_ecpf_hello_prime[] = {
801 0x01,
802 0x01 /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime */
803};
804
805static uint8_t tlsext_ecpf_hello_prefer_order_val[] = {
806 TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime,
807 TLSEXT_ECPOINTFORMAT_uncompressed,
808 TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2
809};
810static uint8_t tlsext_ecpf_hello_prefer_order[] = {
811 0x03,
812 0x01, /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime */
813 0x00, /* TLSEXT_ECPOINTFORMAT_uncompressed */
814 0x02 /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 */
815};
816
817static int
818test_tlsext_ecpf_clienthello(void)
819{
820 uint8_t *data = NULL;
821 SSL_CTX *ssl_ctx = NULL;
822 SSL *ssl = NULL;
823 size_t dlen;
824 int failure, alert;
825 CBB cbb;
826 CBS cbs;
827
828 failure = 1;
829
830 CBB_init(&cbb, 0);
831
832 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
833 errx(1, "failed to create SSL_CTX");
834 if ((ssl = SSL_new(ssl_ctx)) == NULL)
835 errx(1, "failed to create SSL");
836
837 /*
838 * Default ciphers include EC so we need it by default.
839 */
840 if (!tlsext_ecpf_clienthello_needs(ssl)) {
841 FAIL("clienthello should need ECPointFormats for default "
842 "ciphers\n");
843 goto err;
844 }
845
846 /*
847 * Exclude EC cipher suites so we can test not including it.
848 */
849 if (!SSL_set_cipher_list(ssl, "ALL:!ECDHE:!ECDH")) {
850 FAIL("clienthello should be able to set cipher list\n");
851 goto err;
852 }
853 if (tlsext_ecpf_clienthello_needs(ssl)) {
854 FAIL("clienthello should not need ECPointFormats\n");
855 goto err;
856 }
857
858 /*
859 * Use libtls default for the rest of the testing
860 */
861 if (!SSL_set_cipher_list(ssl, "TLSv1.2+AEAD+ECDHE")) {
862 FAIL("clienthello should be able to set cipher list\n");
863 goto err;
864 }
865 if (!tlsext_ecpf_clienthello_needs(ssl)) {
866 FAIL("clienthello should need ECPointFormats\n");
867 goto err;
868 }
869
870 /*
871 * The default ECPointFormats should only have uncompressed
872 */
873 if ((ssl->session = SSL_SESSION_new()) == NULL)
874 errx(1, "failed to create session");
875
876 if (!tlsext_ecpf_clienthello_build(ssl, &cbb)) {
877 FAIL("clienthello failed to build ECPointFormats\n");
878 goto err;
879 }
880
881 if (!CBB_finish(&cbb, &data, &dlen))
882 errx(1, "failed to finish CBB");
883
884 if (dlen != sizeof(tlsext_ecpf_hello_uncompressed)) {
885 FAIL("got clienthello ECPointFormats with length %zu, "
886 "want length %zu\n", dlen,
887 sizeof(tlsext_ecpf_hello_uncompressed));
888 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
889 sizeof(tlsext_ecpf_hello_uncompressed));
890 goto err;
891 }
892
893 if (memcmp(data, tlsext_ecpf_hello_uncompressed, dlen) != 0) {
894 FAIL("clienthello ECPointFormats differs:\n");
895 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
896 sizeof(tlsext_ecpf_hello_uncompressed));
897 goto err;
898 }
899
900 /*
901 * Make sure we can parse the default.
902 */
903 CBB_cleanup(&cbb);
904 CBB_init(&cbb, 0);
905 free(data);
906 data = NULL;
907
908 SSL_SESSION_free(ssl->session);
909 if ((ssl->session = SSL_SESSION_new()) == NULL)
910 errx(1, "failed to create session");
911
912 CBS_init(&cbs, tlsext_ecpf_hello_uncompressed,
913 sizeof(tlsext_ecpf_hello_uncompressed));
914 if (!tlsext_ecpf_clienthello_parse(ssl, &cbs, &alert)) {
915 FAIL("failed to parse clienthello ECPointFormats\n");
916 goto err;
917 }
918 if (CBS_len(&cbs) != 0) {
919 FAIL("extension data remaining");
920 goto err;
921 }
922
923 if (SSI(ssl)->tlsext_ecpointformatlist_length !=
924 sizeof(tlsext_ecpf_hello_uncompressed_val)) {
925 FAIL("no tlsext_ecpointformats from clienthello "
926 "ECPointFormats\n");
927 goto err;
928 }
929
930 if (memcmp(SSI(ssl)->tlsext_ecpointformatlist,
931 tlsext_ecpf_hello_uncompressed_val,
932 sizeof(tlsext_ecpf_hello_uncompressed_val)) != 0) {
933 FAIL("clienthello had an incorrect ECPointFormats entry\n");
934 goto err;
935 }
936
937 /*
938 * Test with a custom order.
939 */
940 CBB_cleanup(&cbb);
941 CBB_init(&cbb, 0);
942 free(data);
943 data = NULL;
944
945 SSL_SESSION_free(ssl->session);
946 if ((ssl->session = SSL_SESSION_new()) == NULL)
947 errx(1, "failed to create session");
948
949 if ((ssl->internal->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) {
950 FAIL("client could not malloc\n");
951 goto err;
952 }
953 ssl->internal->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
954 ssl->internal->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed;
955 ssl->internal->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
956 ssl->internal->tlsext_ecpointformatlist_length = 3;
957
958 if (!tlsext_ecpf_clienthello_needs(ssl)) {
959 FAIL("clienthello should need ECPointFormats with a custom "
960 "format\n");
961 goto err;
962 }
963
964 if (!tlsext_ecpf_clienthello_build(ssl, &cbb)) {
965 FAIL("clienthello failed to build ECPointFormats\n");
966 goto err;
967 }
968
969 if (!CBB_finish(&cbb, &data, &dlen))
970 errx(1, "failed to finish CBB");
971
972 if (dlen != sizeof(tlsext_ecpf_hello_prefer_order)) {
973 FAIL("got clienthello ECPointFormats with length %zu, "
974 "want length %zu\n", dlen,
975 sizeof(tlsext_ecpf_hello_prefer_order));
976 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
977 sizeof(tlsext_ecpf_hello_prefer_order));
978 goto err;
979 }
980
981 if (memcmp(data, tlsext_ecpf_hello_prefer_order, dlen) != 0) {
982 FAIL("clienthello ECPointFormats differs:\n");
983 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
984 sizeof(tlsext_ecpf_hello_prefer_order));
985 goto err;
986 }
987
988 /*
989 * Make sure that we can parse this custom order.
990 */
991 CBB_cleanup(&cbb);
992 CBB_init(&cbb, 0);
993 free(data);
994 data = NULL;
995
996 SSL_SESSION_free(ssl->session);
997 if ((ssl->session = SSL_SESSION_new()) == NULL)
998 errx(1, "failed to create session");
999
1000 /* Reset the custom list so we go back to the default uncompressed. */
1001 free(ssl->internal->tlsext_ecpointformatlist);
1002 ssl->internal->tlsext_ecpointformatlist = NULL;
1003 ssl->internal->tlsext_ecpointformatlist_length = 0;
1004
1005 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order,
1006 sizeof(tlsext_ecpf_hello_prefer_order));
1007 if (!tlsext_ecpf_clienthello_parse(ssl, &cbs, &alert)) {
1008 FAIL("failed to parse clienthello ECPointFormats\n");
1009 goto err;
1010 }
1011 if (CBS_len(&cbs) != 0) {
1012 FAIL("extension data remaining");
1013 goto err;
1014 }
1015
1016 if (SSI(ssl)->tlsext_ecpointformatlist_length !=
1017 sizeof(tlsext_ecpf_hello_prefer_order_val)) {
1018 FAIL("no tlsext_ecpointformats from clienthello "
1019 "ECPointFormats\n");
1020 goto err;
1021 }
1022
1023 if (memcmp(SSI(ssl)->tlsext_ecpointformatlist,
1024 tlsext_ecpf_hello_prefer_order_val,
1025 sizeof(tlsext_ecpf_hello_prefer_order_val)) != 0) {
1026 FAIL("clienthello had an incorrect ECPointFormats entry\n");
1027 goto err;
1028 }
1029
1030
1031 failure = 0;
1032
1033 err:
1034 CBB_cleanup(&cbb);
1035 SSL_CTX_free(ssl_ctx);
1036 SSL_free(ssl);
1037 free(data);
1038
1039 return (failure);
1040}
1041
1042static int
1043test_tlsext_ecpf_serverhello(void)
1044{
1045 uint8_t *data = NULL;
1046 SSL_CTX *ssl_ctx = NULL;
1047 SSL *ssl = NULL;
1048 size_t dlen;
1049 int failure, alert;
1050 CBB cbb;
1051 CBS cbs;
1052
1053 failure = 1;
1054
1055 CBB_init(&cbb, 0);
1056
1057 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1058 errx(1, "failed to create SSL_CTX");
1059 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1060 errx(1, "failed to create SSL");
1061
1062 if ((ssl->session = SSL_SESSION_new()) == NULL)
1063 errx(1, "failed to create session");
1064
1065 /* Setup the state so we can call needs. */
1066 if ((S3I(ssl)->hs.new_cipher =
1067 ssl3_get_cipher_by_id(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305))
1068 == NULL) {
1069 FAIL("serverhello cannot find cipher\n");
1070 goto err;
1071 }
1072 if ((SSI(ssl)->tlsext_ecpointformatlist = malloc(sizeof(uint8_t)))
1073 == NULL) {
1074 FAIL("server could not malloc\n");
1075 goto err;
1076 }
1077 SSI(ssl)->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
1078 SSI(ssl)->tlsext_ecpointformatlist_length = 1;
1079
1080 if (!tlsext_ecpf_serverhello_needs(ssl)) {
1081 FAIL("serverhello should need ECPointFormats now\n");
1082 goto err;
1083 }
1084
1085 /*
1086 * The server will ignore the session list and use either a custom
1087 * list or the default (uncompressed).
1088 */
1089 if (!tlsext_ecpf_serverhello_build(ssl, &cbb)) {
1090 FAIL("serverhello failed to build ECPointFormats\n");
1091 goto err;
1092 }
1093
1094 if (!CBB_finish(&cbb, &data, &dlen))
1095 errx(1, "failed to finish CBB");
1096
1097 if (dlen != sizeof(tlsext_ecpf_hello_uncompressed)) {
1098 FAIL("got serverhello ECPointFormats with length %zu, "
1099 "want length %zu\n", dlen,
1100 sizeof(tlsext_ecpf_hello_uncompressed));
1101 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
1102 sizeof(tlsext_ecpf_hello_uncompressed));
1103 goto err;
1104 }
1105
1106 if (memcmp(data, tlsext_ecpf_hello_uncompressed, dlen) != 0) {
1107 FAIL("serverhello ECPointFormats differs:\n");
1108 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
1109 sizeof(tlsext_ecpf_hello_uncompressed));
1110 goto err;
1111 }
1112
1113 /*
1114 * Cannot parse a non-default list without at least uncompressed.
1115 */
1116 CBB_cleanup(&cbb);
1117 CBB_init(&cbb, 0);
1118 free(data);
1119 data = NULL;
1120
1121 SSL_SESSION_free(ssl->session);
1122 if ((ssl->session = SSL_SESSION_new()) == NULL)
1123 errx(1, "failed to create session");
1124
1125 CBS_init(&cbs, tlsext_ecpf_hello_prime,
1126 sizeof(tlsext_ecpf_hello_prime));
1127 if (tlsext_ecpf_serverhello_parse(ssl, &cbs, &alert)) {
1128 FAIL("must include uncompressed in serverhello ECPointFormats\n");
1129 goto err;
1130 }
1131 if (CBS_len(&cbs) != 0) {
1132 FAIL("extension data remaining");
1133 goto err;
1134 }
1135
1136 /*
1137 * Test with a custom order that replaces the default uncompressed.
1138 */
1139 CBB_cleanup(&cbb);
1140 CBB_init(&cbb, 0);
1141 free(data);
1142 data = NULL;
1143
1144 SSL_SESSION_free(ssl->session);
1145 if ((ssl->session = SSL_SESSION_new()) == NULL)
1146 errx(1, "failed to create session");
1147
1148 /* Add a session list even though it will be ignored. */
1149 if ((SSI(ssl)->tlsext_ecpointformatlist = malloc(sizeof(uint8_t)))
1150 == NULL) {
1151 FAIL("server could not malloc\n");
1152 goto err;
1153 }
1154 SSI(ssl)->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
1155 SSI(ssl)->tlsext_ecpointformatlist_length = 1;
1156
1157 /* Replace the default list with a custom one. */
1158 if ((ssl->internal->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) {
1159 FAIL("server could not malloc\n");
1160 goto err;
1161 }
1162 ssl->internal->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
1163 ssl->internal->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed;
1164 ssl->internal->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
1165 ssl->internal->tlsext_ecpointformatlist_length = 3;
1166
1167 if (!tlsext_ecpf_serverhello_needs(ssl)) {
1168 FAIL("serverhello should need ECPointFormats\n");
1169 goto err;
1170 }
1171
1172 if (!tlsext_ecpf_serverhello_build(ssl, &cbb)) {
1173 FAIL("serverhello failed to build ECPointFormats\n");
1174 goto err;
1175 }
1176
1177 if (!CBB_finish(&cbb, &data, &dlen))
1178 errx(1, "failed to finish CBB");
1179
1180 if (dlen != sizeof(tlsext_ecpf_hello_prefer_order)) {
1181 FAIL("got serverhello ECPointFormats with length %zu, "
1182 "want length %zu\n", dlen,
1183 sizeof(tlsext_ecpf_hello_prefer_order));
1184 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
1185 sizeof(tlsext_ecpf_hello_prefer_order));
1186 goto err;
1187 }
1188
1189 if (memcmp(data, tlsext_ecpf_hello_prefer_order, dlen) != 0) {
1190 FAIL("serverhello ECPointFormats differs:\n");
1191 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
1192 sizeof(tlsext_ecpf_hello_prefer_order));
1193 goto err;
1194 }
1195
1196 /*
1197 * Should be able to parse the custom list into a session list.
1198 */
1199 CBB_cleanup(&cbb);
1200 CBB_init(&cbb, 0);
1201 free(data);
1202 data = NULL;
1203
1204 SSL_SESSION_free(ssl->session);
1205 if ((ssl->session = SSL_SESSION_new()) == NULL)
1206 errx(1, "failed to create session");
1207
1208 /* Reset back to the default (uncompressed) */
1209 free(ssl->internal->tlsext_ecpointformatlist);
1210 ssl->internal->tlsext_ecpointformatlist = NULL;
1211 ssl->internal->tlsext_ecpointformatlist_length = 0;
1212
1213 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order,
1214 sizeof(tlsext_ecpf_hello_prefer_order));
1215 if (!tlsext_ecpf_serverhello_parse(ssl, &cbs, &alert)) {
1216 FAIL("failed to parse serverhello ECPointFormats\n");
1217 goto err;
1218 }
1219 if (CBS_len(&cbs) != 0) {
1220 FAIL("extension data remaining");
1221 goto err;
1222 }
1223
1224 if (SSI(ssl)->tlsext_ecpointformatlist_length !=
1225 sizeof(tlsext_ecpf_hello_prefer_order_val)) {
1226 FAIL("no tlsext_ecpointformats from serverhello "
1227 "ECPointFormats\n");
1228 goto err;
1229 }
1230
1231 if (memcmp(SSI(ssl)->tlsext_ecpointformatlist,
1232 tlsext_ecpf_hello_prefer_order_val,
1233 sizeof(tlsext_ecpf_hello_prefer_order_val)) != 0) {
1234 FAIL("serverhello had an incorrect ECPointFormats entry\n");
1235 goto err;
1236 }
1237
1238 failure = 0;
1239
1240 err:
1241 CBB_cleanup(&cbb);
1242 SSL_CTX_free(ssl_ctx);
1243 SSL_free(ssl);
1244 free(data);
1245
1246 return (failure);
1247}
1248
1249/*
1250 * Renegotiation Indication - RFC 5746.
1251 */
1252
1253static unsigned char tlsext_ri_prev_client[] = {
1254 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
1255 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
1256};
1257
1258static unsigned char tlsext_ri_prev_server[] = {
1259 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88,
1260 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00,
1261};
1262
1263static unsigned char tlsext_ri_clienthello[] = {
1264 0x10,
1265 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
1266 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
1267};
1268
1269static unsigned char tlsext_ri_serverhello[] = {
1270 0x20,
1271 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
1272 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
1273 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88,
1274 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00,
1275};
1276
1277static int
1278test_tlsext_ri_clienthello(void)
1279{
1280 unsigned char *data = NULL;
1281 SSL_CTX *ssl_ctx = NULL;
1282 SSL *ssl = NULL;
1283 int failure;
1284 size_t dlen;
1285 int alert;
1286 CBB cbb;
1287 CBS cbs;
1288
1289 failure = 1;
1290
1291 CBB_init(&cbb, 0);
1292
1293 if ((ssl_ctx = SSL_CTX_new(TLSv1_2_client_method())) == NULL)
1294 errx(1, "failed to create SSL_CTX");
1295 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1296 errx(1, "failed to create SSL");
1297
1298 if (tlsext_ri_clienthello_needs(ssl)) {
1299 FAIL("clienthello should not need RI\n");
1300 goto err;
1301 }
1302
1303 if (!SSL_renegotiate(ssl)) {
1304 FAIL("client failed to set renegotiate\n");
1305 goto err;
1306 }
1307
1308 if (!tlsext_ri_clienthello_needs(ssl)) {
1309 FAIL("clienthello should need RI\n");
1310 goto err;
1311 }
1312
1313 memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client,
1314 sizeof(tlsext_ri_prev_client));
1315 S3I(ssl)->previous_client_finished_len = sizeof(tlsext_ri_prev_client);
1316
1317 S3I(ssl)->renegotiate_seen = 0;
1318
1319 if (!tlsext_ri_clienthello_build(ssl, &cbb)) {
1320 FAIL("clienthello failed to build RI\n");
1321 goto err;
1322 }
1323
1324 if (!CBB_finish(&cbb, &data, &dlen))
1325 errx(1, "failed to finish CBB");
1326
1327 if (dlen != sizeof(tlsext_ri_clienthello)) {
1328 FAIL("got clienthello RI with length %zu, "
1329 "want length %zu\n", dlen, sizeof(tlsext_ri_clienthello));
1330 goto err;
1331 }
1332
1333 if (memcmp(data, tlsext_ri_clienthello, dlen) != 0) {
1334 FAIL("clienthello RI differs:\n");
1335 fprintf(stderr, "received:\n");
1336 hexdump(data, dlen);
1337 fprintf(stderr, "test data:\n");
1338 hexdump(tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello));
1339 goto err;
1340 }
1341
1342 CBS_init(&cbs, tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello));
1343 if (!tlsext_ri_clienthello_parse(ssl, &cbs, &alert)) {
1344 FAIL("failed to parse clienthello RI\n");
1345 goto err;
1346 }
1347 if (CBS_len(&cbs) != 0) {
1348 FAIL("extension data remaining");
1349 goto err;
1350 }
1351
1352 if (S3I(ssl)->renegotiate_seen != 1) {
1353 FAIL("renegotiate seen not set\n");
1354 goto err;
1355 }
1356 if (S3I(ssl)->send_connection_binding != 1) {
1357 FAIL("send connection binding not set\n");
1358 goto err;
1359 }
1360
1361 memset(S3I(ssl)->previous_client_finished, 0,
1362 sizeof(S3I(ssl)->previous_client_finished));
1363
1364 S3I(ssl)->renegotiate_seen = 0;
1365
1366 CBS_init(&cbs, tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello));
1367 if (tlsext_ri_clienthello_parse(ssl, &cbs, &alert)) {
1368 FAIL("parsed invalid clienthello RI\n");
1369 failure = 1;
1370 goto err;
1371 }
1372
1373 if (S3I(ssl)->renegotiate_seen == 1) {
1374 FAIL("renegotiate seen set\n");
1375 goto err;
1376 }
1377
1378 failure = 0;
1379
1380 err:
1381 CBB_cleanup(&cbb);
1382 SSL_CTX_free(ssl_ctx);
1383 SSL_free(ssl);
1384 free(data);
1385
1386 return (failure);
1387}
1388
1389static int
1390test_tlsext_ri_serverhello(void)
1391{
1392 unsigned char *data = NULL;
1393 SSL_CTX *ssl_ctx = NULL;
1394 SSL *ssl = NULL;
1395 int failure;
1396 size_t dlen;
1397 int alert;
1398 CBB cbb;
1399 CBS cbs;
1400
1401 failure = 1;
1402
1403 CBB_init(&cbb, 0);
1404
1405 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1406 errx(1, "failed to create SSL_CTX");
1407 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1408 errx(1, "failed to create SSL");
1409
1410 if (tlsext_ri_serverhello_needs(ssl)) {
1411 FAIL("serverhello should not need RI\n");
1412 goto err;
1413 }
1414
1415 S3I(ssl)->send_connection_binding = 1;
1416
1417 if (!tlsext_ri_serverhello_needs(ssl)) {
1418 FAIL("serverhello should need RI\n");
1419 goto err;
1420 }
1421
1422 memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client,
1423 sizeof(tlsext_ri_prev_client));
1424 S3I(ssl)->previous_client_finished_len = sizeof(tlsext_ri_prev_client);
1425
1426 memcpy(S3I(ssl)->previous_server_finished, tlsext_ri_prev_server,
1427 sizeof(tlsext_ri_prev_server));
1428 S3I(ssl)->previous_server_finished_len = sizeof(tlsext_ri_prev_server);
1429
1430 S3I(ssl)->renegotiate_seen = 0;
1431
1432 if (!tlsext_ri_serverhello_build(ssl, &cbb)) {
1433 FAIL("serverhello failed to build RI\n");
1434 goto err;
1435 }
1436
1437 if (!CBB_finish(&cbb, &data, &dlen))
1438 errx(1, "failed to finish CBB");
1439
1440 if (dlen != sizeof(tlsext_ri_serverhello)) {
1441 FAIL("got serverhello RI with length %zu, "
1442 "want length %zu\n", dlen, sizeof(tlsext_ri_serverhello));
1443 goto err;
1444 }
1445
1446 if (memcmp(data, tlsext_ri_serverhello, dlen) != 0) {
1447 FAIL("serverhello RI differs:\n");
1448 fprintf(stderr, "received:\n");
1449 hexdump(data, dlen);
1450 fprintf(stderr, "test data:\n");
1451 hexdump(tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello));
1452 goto err;
1453 }
1454
1455 CBS_init(&cbs, tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello));
1456 if (!tlsext_ri_serverhello_parse(ssl, &cbs, &alert)) {
1457 FAIL("failed to parse serverhello RI\n");
1458 goto err;
1459 }
1460 if (CBS_len(&cbs) != 0) {
1461 FAIL("extension data remaining");
1462 goto err;
1463 }
1464
1465 if (S3I(ssl)->renegotiate_seen != 1) {
1466 FAIL("renegotiate seen not set\n");
1467 goto err;
1468 }
1469 if (S3I(ssl)->send_connection_binding != 1) {
1470 FAIL("send connection binding not set\n");
1471 goto err;
1472 }
1473
1474 memset(S3I(ssl)->previous_client_finished, 0,
1475 sizeof(S3I(ssl)->previous_client_finished));
1476 memset(S3I(ssl)->previous_server_finished, 0,
1477 sizeof(S3I(ssl)->previous_server_finished));
1478
1479 S3I(ssl)->renegotiate_seen = 0;
1480
1481 CBS_init(&cbs, tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello));
1482 if (tlsext_ri_serverhello_parse(ssl, &cbs, &alert)) {
1483 FAIL("parsed invalid serverhello RI\n");
1484 goto err;
1485 }
1486
1487 if (S3I(ssl)->renegotiate_seen == 1) {
1488 FAIL("renegotiate seen set\n");
1489 goto err;
1490 }
1491
1492 failure = 0;
1493
1494 err:
1495 CBB_cleanup(&cbb);
1496 SSL_CTX_free(ssl_ctx);
1497 SSL_free(ssl);
1498 free(data);
1499
1500 return (failure);
1501}
1502
1503/*
1504 * Signature Algorithms - RFC 5246 section 7.4.1.4.1.
1505 */
1506
1507static unsigned char tlsext_sigalgs_clienthello[] = {
1508 0x00, 0x1a, 0x06, 0x01, 0x06, 0x03, 0xef, 0xef,
1509 0x05, 0x01, 0x05, 0x03, 0x04, 0x01, 0x04, 0x03,
1510 0xee, 0xee, 0xed, 0xed, 0x03, 0x01, 0x03, 0x03,
1511 0x02, 0x01, 0x02, 0x03,
1512};
1513
1514static int
1515test_tlsext_sigalgs_clienthello(void)
1516{
1517 unsigned char *data = NULL;
1518 SSL_CTX *ssl_ctx = NULL;
1519 SSL *ssl = NULL;
1520 int failure = 0;
1521 size_t dlen;
1522 int alert;
1523 CBB cbb;
1524 CBS cbs;
1525
1526 CBB_init(&cbb, 0);
1527
1528 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
1529 errx(1, "failed to create SSL_CTX");
1530 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1531 errx(1, "failed to create SSL");
1532
1533 ssl->client_version = TLS1_1_VERSION;
1534
1535 if (tlsext_sigalgs_clienthello_needs(ssl)) {
1536 fprintf(stderr, "FAIL: clienthello should not need sigalgs\n");
1537 failure = 1;
1538 goto done;
1539 }
1540
1541 ssl->client_version = TLS1_2_VERSION;
1542
1543 if (!tlsext_sigalgs_clienthello_needs(ssl)) {
1544 fprintf(stderr, "FAIL: clienthello should need sigalgs\n");
1545 failure = 1;
1546 goto done;
1547 }
1548
1549 if (!tlsext_sigalgs_clienthello_build(ssl, &cbb)) {
1550 fprintf(stderr, "FAIL: clienthello failed to build sigalgs\n");
1551 failure = 1;
1552 goto done;
1553 }
1554
1555 if (!CBB_finish(&cbb, &data, &dlen))
1556 errx(1, "failed to finish CBB");
1557
1558 if (dlen != sizeof(tlsext_sigalgs_clienthello)) {
1559 fprintf(stderr, "FAIL: got clienthello sigalgs with length %zu, "
1560 "want length %zu\n", dlen, sizeof(tlsext_sigalgs_clienthello));
1561 failure = 1;
1562 goto done;
1563 }
1564
1565 if (memcmp(data, tlsext_sigalgs_clienthello, dlen) != 0) {
1566 fprintf(stderr, "FAIL: clienthello SNI differs:\n");
1567 fprintf(stderr, "received:\n");
1568 hexdump(data, dlen);
1569 fprintf(stderr, "test data:\n");
1570 hexdump(tlsext_sigalgs_clienthello, sizeof(tlsext_sigalgs_clienthello));
1571 failure = 1;
1572 goto done;
1573 }
1574
1575 CBS_init(&cbs, tlsext_sigalgs_clienthello, sizeof(tlsext_sigalgs_clienthello));
1576 if (!tlsext_sigalgs_clienthello_parse(ssl, &cbs, &alert)) {
1577 fprintf(stderr, "FAIL: failed to parse clienthello SNI\n");
1578 failure = 1;
1579 goto done;
1580 }
1581 if (CBS_len(&cbs) != 0) {
1582 FAIL("extension data remaining");
1583 goto done;
1584 }
1585
1586 if (ssl->cert->pkeys[SSL_PKEY_RSA_SIGN].digest != EVP_sha512()) {
1587 fprintf(stderr, "FAIL: RSA sign digest mismatch\n");
1588 failure = 1;
1589 goto done;
1590 }
1591 if (ssl->cert->pkeys[SSL_PKEY_RSA_ENC].digest != EVP_sha512()) {
1592 fprintf(stderr, "FAIL: RSA enc digest mismatch\n");
1593 failure = 1;
1594 goto done;
1595 }
1596 if (ssl->cert->pkeys[SSL_PKEY_ECC].digest != EVP_sha512()) {
1597 fprintf(stderr, "FAIL: ECC digest mismatch\n");
1598 failure = 1;
1599 goto done;
1600 }
1601 if (ssl->cert->pkeys[SSL_PKEY_GOST01].digest != EVP_streebog512()) {
1602 fprintf(stderr, "FAIL: GOST01 digest mismatch\n");
1603 failure = 1;
1604 goto done;
1605 }
1606
1607 done:
1608 CBB_cleanup(&cbb);
1609 SSL_CTX_free(ssl_ctx);
1610 SSL_free(ssl);
1611 free(data);
1612
1613 return (failure);
1614}
1615
1616static int
1617test_tlsext_sigalgs_serverhello(void)
1618{
1619 unsigned char *data = NULL;
1620 SSL_CTX *ssl_ctx = NULL;
1621 SSL *ssl = NULL;
1622 int failure = 0;
1623 size_t dlen;
1624 int alert;
1625 CBB cbb;
1626 CBS cbs;
1627
1628 CBB_init(&cbb, 0);
1629
1630 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1631 errx(1, "failed to create SSL_CTX");
1632 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1633 errx(1, "failed to create SSL");
1634
1635 if (tlsext_sigalgs_serverhello_needs(ssl)) {
1636 fprintf(stderr, "FAIL: serverhello should not need sigalgs\n");
1637 failure = 1;
1638 goto done;
1639 }
1640
1641 if (tlsext_sigalgs_serverhello_build(ssl, &cbb)) {
1642 fprintf(stderr, "FAIL: serverhello should not build sigalgs\n");
1643 failure = 1;
1644 goto done;
1645 }
1646
1647 if (!CBB_finish(&cbb, &data, &dlen))
1648 errx(1, "failed to finish CBB");
1649
1650 CBS_init(&cbs, tlsext_sigalgs_clienthello, sizeof(tlsext_sigalgs_clienthello));
1651 if (tlsext_sigalgs_serverhello_parse(ssl, &cbs, &alert)) {
1652 fprintf(stderr, "FAIL: serverhello should not parse sigalgs\n");
1653 failure = 1;
1654 goto done;
1655 }
1656
1657 done:
1658 CBB_cleanup(&cbb);
1659 SSL_CTX_free(ssl_ctx);
1660 SSL_free(ssl);
1661 free(data);
1662
1663 return (failure);
1664}
1665
1666/*
1667 * Server Name Indication - RFC 6066 section 3.
1668 */
1669
1670#define TEST_SNI_SERVERNAME "www.libressl.org"
1671
1672static unsigned char tlsext_sni_clienthello[] = {
1673 0x00, 0x13, 0x00, 0x00, 0x10, 0x77, 0x77, 0x77,
1674 0x2e, 0x6c, 0x69, 0x62, 0x72, 0x65, 0x73, 0x73,
1675 0x6c, 0x2e, 0x6f, 0x72, 0x67,
1676};
1677
1678static unsigned char tlsext_sni_serverhello[] = {
1679};
1680
1681static int
1682test_tlsext_sni_clienthello(void)
1683{
1684 unsigned char *data = NULL;
1685 SSL_CTX *ssl_ctx = NULL;
1686 SSL *ssl = NULL;
1687 int failure;
1688 size_t dlen;
1689 int alert;
1690 CBB cbb;
1691 CBS cbs;
1692
1693 failure = 1;
1694
1695 CBB_init(&cbb, 0);
1696
1697 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
1698 errx(1, "failed to create SSL_CTX");
1699 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1700 errx(1, "failed to create SSL");
1701
1702 if (tlsext_sni_clienthello_needs(ssl)) {
1703 FAIL("clienthello should not need SNI\n");
1704 goto err;
1705 }
1706
1707 if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) {
1708 FAIL("client failed to set server name\n");
1709 goto err;
1710 }
1711
1712 if (!tlsext_sni_clienthello_needs(ssl)) {
1713 FAIL("clienthello should need SNI\n");
1714 goto err;
1715 }
1716
1717 if (!tlsext_sni_clienthello_build(ssl, &cbb)) {
1718 FAIL("clienthello failed to build SNI\n");
1719 goto err;
1720 }
1721
1722 if (!CBB_finish(&cbb, &data, &dlen))
1723 errx(1, "failed to finish CBB");
1724
1725 if (dlen != sizeof(tlsext_sni_clienthello)) {
1726 FAIL("got clienthello SNI with length %zu, "
1727 "want length %zu\n", dlen, sizeof(tlsext_sni_clienthello));
1728 goto err;
1729 }
1730
1731 if (memcmp(data, tlsext_sni_clienthello, dlen) != 0) {
1732 FAIL("clienthello SNI differs:\n");
1733 fprintf(stderr, "received:\n");
1734 hexdump(data, dlen);
1735 fprintf(stderr, "test data:\n");
1736 hexdump(tlsext_sni_clienthello, sizeof(tlsext_sni_clienthello));
1737 goto err;
1738 }
1739
1740 if ((ssl->session = SSL_SESSION_new()) == NULL)
1741 errx(1, "failed to create session");
1742
1743 ssl->internal->hit = 0;
1744
1745 CBS_init(&cbs, tlsext_sni_clienthello, sizeof(tlsext_sni_clienthello));
1746 if (!tlsext_sni_clienthello_parse(ssl, &cbs, &alert)) {
1747 FAIL("failed to parse clienthello SNI\n");
1748 goto err;
1749 }
1750 if (CBS_len(&cbs) != 0) {
1751 FAIL("extension data remaining");
1752 goto err;
1753 }
1754
1755 if (ssl->session->tlsext_hostname == NULL) {
1756 FAIL("no tlsext_hostname from clienthello SNI\n");
1757 goto err;
1758 }
1759
1760 if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) ||
1761 strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME,
1762 strlen(TEST_SNI_SERVERNAME)) != 0) {
1763 FAIL("got tlsext_hostname `%s', want `%s'\n",
1764 ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME);
1765 goto err;
1766 }
1767
1768 ssl->internal->hit = 1;
1769
1770 if ((ssl->session->tlsext_hostname = strdup("notthesame.libressl.org")) ==
1771 NULL)
1772 errx(1, "failed to strdup tlsext_hostname");
1773
1774 CBS_init(&cbs, tlsext_sni_clienthello, sizeof(tlsext_sni_clienthello));
1775 if (tlsext_sni_clienthello_parse(ssl, &cbs, &alert)) {
1776 FAIL("parsed clienthello with mismatched SNI\n");
1777 goto err;
1778 }
1779
1780 failure = 0;
1781
1782 err:
1783 CBB_cleanup(&cbb);
1784 SSL_CTX_free(ssl_ctx);
1785 SSL_free(ssl);
1786 free(data);
1787
1788 return (failure);
1789}
1790
1791static int
1792test_tlsext_sni_serverhello(void)
1793{
1794 unsigned char *data = NULL;
1795 SSL_CTX *ssl_ctx = NULL;
1796 SSL *ssl = NULL;
1797 int failure;
1798 size_t dlen;
1799 int alert;
1800 CBB cbb;
1801 CBS cbs;
1802
1803 failure = 1;
1804
1805 CBB_init(&cbb, 0);
1806
1807 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1808 errx(1, "failed to create SSL_CTX");
1809 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1810 errx(1, "failed to create SSL");
1811
1812 if ((ssl->session = SSL_SESSION_new()) == NULL)
1813 errx(1, "failed to create session");
1814
1815 if (tlsext_sni_serverhello_needs(ssl)) {
1816 FAIL("serverhello should not need SNI\n");
1817 goto err;
1818 }
1819
1820 if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) {
1821 FAIL("client failed to set server name\n");
1822 goto err;
1823 }
1824
1825 if ((ssl->session->tlsext_hostname = strdup(TEST_SNI_SERVERNAME)) ==
1826 NULL)
1827 errx(1, "failed to strdup tlsext_hostname");
1828
1829 if (!tlsext_sni_serverhello_needs(ssl)) {
1830 FAIL("serverhello should need SNI\n");
1831 goto err;
1832 }
1833
1834 if (!tlsext_sni_serverhello_build(ssl, &cbb)) {
1835 FAIL("serverhello failed to build SNI\n");
1836 goto err;
1837 }
1838
1839 if (!CBB_finish(&cbb, &data, &dlen))
1840 errx(1, "failed to finish CBB");
1841
1842 if (dlen != sizeof(tlsext_sni_serverhello)) {
1843 FAIL("got serverhello SNI with length %zu, "
1844 "want length %zu\n", dlen, sizeof(tlsext_sni_serverhello));
1845 goto err;
1846 }
1847
1848 if (memcmp(data, tlsext_sni_serverhello, dlen) != 0) {
1849 FAIL("serverhello SNI differs:\n");
1850 fprintf(stderr, "received:\n");
1851 hexdump(data, dlen);
1852 fprintf(stderr, "test data:\n");
1853 hexdump(tlsext_sni_serverhello, sizeof(tlsext_sni_serverhello));
1854 goto err;
1855 }
1856
1857 free(ssl->session->tlsext_hostname);
1858 ssl->session->tlsext_hostname = NULL;
1859
1860 CBS_init(&cbs, tlsext_sni_serverhello, sizeof(tlsext_sni_serverhello));
1861 if (!tlsext_sni_serverhello_parse(ssl, &cbs, &alert)) {
1862 FAIL("failed to parse serverhello SNI\n");
1863 goto err;
1864 }
1865 if (CBS_len(&cbs) != 0) {
1866 FAIL("extension data remaining");
1867 goto err;
1868 }
1869
1870 if (ssl->session->tlsext_hostname == NULL) {
1871 FAIL("no tlsext_hostname after serverhello SNI\n");
1872 goto err;
1873 }
1874
1875 if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) ||
1876 strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME,
1877 strlen(TEST_SNI_SERVERNAME)) != 0) {
1878 FAIL("got tlsext_hostname `%s', want `%s'\n",
1879 ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME);
1880 goto err;
1881 }
1882
1883 failure = 0;
1884
1885 err:
1886 CBB_cleanup(&cbb);
1887 SSL_CTX_free(ssl_ctx);
1888 SSL_free(ssl);
1889 free(data);
1890
1891 return (failure);
1892}
1893
1894static unsigned char tls_ocsp_clienthello_default[] = {
1895 0x01, 0x00, 0x00, 0x00, 0x00
1896};
1897
1898static int
1899test_tlsext_ocsp_clienthello(void)
1900{
1901 unsigned char *data = NULL;
1902 SSL_CTX *ssl_ctx = NULL;
1903 SSL *ssl = NULL;
1904 size_t dlen;
1905 int failure;
1906 int alert;
1907 CBB cbb;
1908 CBS cbs;
1909
1910 failure = 1;
1911
1912 CBB_init(&cbb, 0);
1913
1914 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
1915 errx(1, "failed to create SSL_CTX");
1916 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1917 errx(1, "failed to create SSL");
1918
1919 if (tlsext_ocsp_clienthello_needs(ssl)) {
1920 FAIL("clienthello should not need ocsp\n");
1921 goto err;
1922 }
1923 SSL_set_tlsext_status_type(ssl, TLSEXT_STATUSTYPE_ocsp);
1924
1925 if (!tlsext_ocsp_clienthello_needs(ssl)) {
1926 FAIL("clienthello should need ocsp\n");
1927 goto err;
1928 }
1929 if (!tlsext_ocsp_clienthello_build(ssl, &cbb)) {
1930 FAIL("clienthello failed to build SNI\n");
1931 goto err;
1932 }
1933 if (!CBB_finish(&cbb, &data, &dlen))
1934 errx(1, "failed to finish CBB");
1935
1936 if (dlen != sizeof(tls_ocsp_clienthello_default)) {
1937 FAIL("got ocsp clienthello with length %zu, "
1938 "want length %zu\n", dlen,
1939 sizeof(tls_ocsp_clienthello_default));
1940 goto err;
1941 }
1942 if (memcmp(data, tls_ocsp_clienthello_default, dlen) != 0) {
1943 FAIL("ocsp clienthello differs:\n");
1944 fprintf(stderr, "received:\n");
1945 hexdump(data, dlen);
1946 fprintf(stderr, "test data:\n");
1947 hexdump(tls_ocsp_clienthello_default,
1948 sizeof(tls_ocsp_clienthello_default));
1949 goto err;
1950 }
1951 CBS_init(&cbs, tls_ocsp_clienthello_default,
1952 sizeof(tls_ocsp_clienthello_default));
1953 if (!tlsext_ocsp_clienthello_parse(ssl, &cbs, &alert)) {
1954 FAIL("failed to parse ocsp clienthello\n");
1955 goto err;
1956 }
1957 if (CBS_len(&cbs) != 0) {
1958 FAIL("extension data remaining");
1959 goto err;
1960 }
1961
1962 failure = 0;
1963
1964 err:
1965 CBB_cleanup(&cbb);
1966 SSL_CTX_free(ssl_ctx);
1967 SSL_free(ssl);
1968 free(data);
1969
1970 return (failure);
1971}
1972
1973static int
1974test_tlsext_ocsp_serverhello(void)
1975{
1976 unsigned char *data = NULL;
1977 SSL_CTX *ssl_ctx = NULL;
1978 SSL *ssl = NULL;
1979 size_t dlen;
1980 int failure;
1981 CBB cbb;
1982
1983 failure = 1;
1984
1985 CBB_init(&cbb, 0);
1986
1987 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
1988 errx(1, "failed to create SSL_CTX");
1989 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1990 errx(1, "failed to create SSL");
1991
1992 if (tlsext_ocsp_serverhello_needs(ssl)) {
1993 FAIL("serverhello should not need ocsp\n");
1994 goto err;
1995 }
1996
1997 ssl->internal->tlsext_status_expected = 1;
1998
1999 if (!tlsext_ocsp_serverhello_needs(ssl)) {
2000 FAIL("serverhello should need ocsp\n");
2001 goto err;
2002 }
2003 if (!tlsext_ocsp_serverhello_build(ssl, &cbb)) {
2004 FAIL("serverhello failed to build ocsp\n");
2005 goto err;
2006 }
2007
2008 if (!CBB_finish(&cbb, &data, &dlen))
2009 errx(1, "failed to finish CBB");
2010
2011 failure = 0;
2012
2013 err:
2014 CBB_cleanup(&cbb);
2015 SSL_CTX_free(ssl_ctx);
2016 SSL_free(ssl);
2017 free(data);
2018
2019 return (failure);
2020}
2021
2022/*
2023 * Session ticket - RFC 5077 since no known implementations use 4507.
2024 *
2025 * Session tickets can be length 0 (special case) to 2^16-1.
2026 *
2027 * The state is encrypted by the server so it is opaque to the client.
2028 */
2029static uint8_t tlsext_sessionticket_hello_min[1];
2030static uint8_t tlsext_sessionticket_hello_max[65535];
2031
2032static int
2033test_tlsext_sessionticket_clienthello(void)
2034{
2035 unsigned char *data = NULL;
2036 SSL_CTX *ssl_ctx = NULL;
2037 SSL *ssl = NULL;
2038 int failure;
2039 CBB cbb;
2040 size_t dlen;
2041 uint8_t dummy[1234];
2042
2043 failure = 1;
2044
2045 CBB_init(&cbb, 0);
2046
2047 /* Create fake session tickets with random data. */
2048 arc4random_buf(tlsext_sessionticket_hello_min,
2049 sizeof(tlsext_sessionticket_hello_min));
2050 arc4random_buf(tlsext_sessionticket_hello_max,
2051 sizeof(tlsext_sessionticket_hello_max));
2052
2053 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
2054 errx(1, "failed to create SSL_CTX");
2055 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2056 errx(1, "failed to create SSL");
2057
2058 /* Should need a ticket by default. */
2059 if (!tlsext_sessionticket_clienthello_needs(ssl)) {
2060 FAIL("clienthello should need Sessionticket for default "
2061 "ciphers\n");
2062 goto err;
2063 }
2064
2065 /* Test disabling tickets. */
2066 if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) {
2067 FAIL("Cannot disable tickets in the TLS connection");
2068 return 0;
2069 }
2070 if (tlsext_sessionticket_clienthello_needs(ssl)) {
2071 FAIL("clienthello should not need SessionTicket if it was disabled");
2072 goto err;
2073 }
2074
2075 /* Test re-enabling tickets. */
2076 if ((SSL_clear_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) != 0) {
2077 FAIL("Cannot re-enable tickets in the TLS connection");
2078 return 0;
2079 }
2080 if (!tlsext_sessionticket_clienthello_needs(ssl)) {
2081 FAIL("clienthello should need SessionTicket if it was disabled");
2082 goto err;
2083 }
2084
2085 /* Since we don't have a session, we should build an empty ticket. */
2086 if (!tlsext_sessionticket_clienthello_build(ssl, &cbb)) {
2087 FAIL("Cannot build a ticket");
2088 goto err;
2089 }
2090 if (!CBB_finish(&cbb, &data, &dlen)) {
2091 FAIL("Cannot finish CBB");
2092 goto err;
2093 }
2094 if (dlen != 0) {
2095 FAIL("Expected 0 length but found %zu\n", dlen);
2096 goto err;
2097 }
2098
2099 CBB_cleanup(&cbb);
2100 CBB_init(&cbb, 0);
2101 free(data);
2102 data = NULL;
2103
2104 /* With a new session (but no ticket), we should still have 0 length */
2105 if ((ssl->session = SSL_SESSION_new()) == NULL)
2106 errx(1, "failed to create session");
2107 if (!tlsext_sessionticket_clienthello_needs(ssl)) {
2108 FAIL("Should still want a session ticket with a new session");
2109 goto err;
2110 }
2111 if (!tlsext_sessionticket_clienthello_build(ssl, &cbb)) {
2112 FAIL("Cannot build a ticket");
2113 goto err;
2114 }
2115 if (!CBB_finish(&cbb, &data, &dlen)) {
2116 FAIL("Cannot finish CBB");
2117 goto err;
2118 }
2119 if (dlen != 0) {
2120 FAIL("Expected 0 length but found %zu\n", dlen);
2121 goto err;
2122 }
2123
2124 CBB_cleanup(&cbb);
2125 CBB_init(&cbb, 0);
2126 free(data);
2127 data = NULL;
2128
2129 /* With a new session (and ticket), we should use that ticket */
2130 SSL_SESSION_free(ssl->session);
2131 if ((ssl->session = SSL_SESSION_new()) == NULL)
2132 errx(1, "failed to create session");
2133
2134 arc4random_buf(&dummy, sizeof(dummy));
2135 if ((ssl->session->tlsext_tick = malloc(sizeof(dummy))) == NULL) {
2136 errx(1, "failed to malloc");
2137 }
2138 memcpy(ssl->session->tlsext_tick, dummy, sizeof(dummy));
2139 ssl->session->tlsext_ticklen = sizeof(dummy);
2140
2141 if (!tlsext_sessionticket_clienthello_needs(ssl)) {
2142 FAIL("Should still want a session ticket with a new session");
2143 goto err;
2144 }
2145 if (!tlsext_sessionticket_clienthello_build(ssl, &cbb)) {
2146 FAIL("Cannot build a ticket");
2147 goto err;
2148 }
2149 if (!CBB_finish(&cbb, &data, &dlen)) {
2150 FAIL("Cannot finish CBB");
2151 goto err;
2152 }
2153 if (dlen != sizeof(dummy)) {
2154 FAIL("Expected %zu length but found %zu\n", sizeof(dummy), dlen);
2155 goto err;
2156 }
2157 if (memcmp(data, dummy, dlen) != 0) {
2158 FAIL("serverhello SNI differs:\n");
2159 compare_data(data, dlen,
2160 dummy, sizeof(dummy));
2161 goto err;
2162 }
2163
2164 CBB_cleanup(&cbb);
2165 CBB_init(&cbb, 0);
2166 free(data);
2167 data = NULL;
2168 free(ssl->session->tlsext_tick);
2169 ssl->session->tlsext_tick = NULL;
2170 ssl->session->tlsext_ticklen = 0;
2171
2172 /*
2173 * Send in NULL to disable session tickets at runtime without going
2174 * through SSL_set_options().
2175 */
2176 if (!SSL_set_session_ticket_ext(ssl, NULL, 0)) {
2177 FAIL("Could not set a NULL custom ticket");
2178 goto err;
2179 }
2180 /* Should not need a ticket in this case */
2181 if (tlsext_sessionticket_clienthello_needs(ssl)) {
2182 FAIL("Should not want to use session tickets with a NULL custom");
2183 goto err;
2184 }
2185
2186 /*
2187 * If you want to remove the tlsext_session_ticket behavior, you have
2188 * to do it manually.
2189 */
2190 free(ssl->internal->tlsext_session_ticket);
2191 ssl->internal->tlsext_session_ticket = NULL;
2192
2193 if (!tlsext_sessionticket_clienthello_needs(ssl)) {
2194 FAIL("Should need a session ticket again when the custom one is removed");
2195 goto err;
2196 }
2197
2198 /* Test a custom session ticket (not recommended in practice) */
2199 if (!SSL_set_session_ticket_ext(ssl, tlsext_sessionticket_hello_max,
2200 sizeof(tlsext_sessionticket_hello_max))) {
2201 FAIL("Should be able to set a custom ticket");
2202 goto err;
2203 }
2204 if (!tlsext_sessionticket_clienthello_needs(ssl)) {
2205 FAIL("Should need a session ticket again when the custom one is not empty");
2206 goto err;
2207 }
2208 if (!tlsext_sessionticket_clienthello_build(ssl, &cbb)) {
2209 FAIL("Cannot build a ticket with a max length random payload");
2210 goto err;
2211 }
2212 if (!CBB_finish(&cbb, &data, &dlen)) {
2213 FAIL("Cannot finish CBB");
2214 goto err;
2215 }
2216 if (dlen != sizeof(tlsext_sessionticket_hello_max)) {
2217 FAIL("Expected %zu length but found %zu\n",
2218 sizeof(tlsext_sessionticket_hello_max), dlen);
2219 goto err;
2220 }
2221 if (memcmp(data, tlsext_sessionticket_hello_max,
2222 sizeof(tlsext_sessionticket_hello_max)) != 0) {
2223 FAIL("Expected to get what we passed in");
2224 compare_data(data, dlen,
2225 tlsext_sessionticket_hello_max,
2226 sizeof(tlsext_sessionticket_hello_max));
2227 goto err;
2228 }
2229
2230 failure = 0;
2231
2232 err:
2233 CBB_cleanup(&cbb);
2234 SSL_CTX_free(ssl_ctx);
2235 SSL_free(ssl);
2236 free(data);
2237
2238 return (failure);
2239}
2240
2241
2242static int
2243test_tlsext_sessionticket_serverhello(void)
2244{
2245 SSL_CTX *ssl_ctx = NULL;
2246 SSL *ssl = NULL;
2247 int failure;
2248 uint8_t *data;
2249 size_t dlen;
2250 CBB cbb;
2251
2252 CBB_init(&cbb, 0);
2253
2254 failure = 1;
2255
2256 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
2257 errx(1, "failed to create SSL_CTX");
2258 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2259 errx(1, "failed to create SSL");
2260
2261 /*
2262 * By default, should not need a session ticket since the ticket
2263 * is not yet expected.
2264 */
2265 if (tlsext_sessionticket_serverhello_needs(ssl)) {
2266 FAIL("serverhello should not need SessionTicket by default\n");
2267 goto err;
2268 }
2269
2270 /* Test disabling tickets. */
2271 if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) {
2272 FAIL("Cannot disable tickets in the TLS connection");
2273 return 0;
2274 }
2275 if (tlsext_sessionticket_serverhello_needs(ssl)) {
2276 FAIL("serverhello should not need SessionTicket if it was disabled");
2277 goto err;
2278 }
2279
2280 /* Test re-enabling tickets. */
2281 if ((SSL_clear_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) != 0) {
2282 FAIL("Cannot re-enable tickets in the TLS connection");
2283 return 0;
2284 }
2285 if (tlsext_sessionticket_serverhello_needs(ssl)) {
2286 FAIL("serverhello should not need SessionTicket yet");
2287 goto err;
2288 }
2289
2290 /* Set expected to require it. */
2291 ssl->internal->tlsext_ticket_expected = 1;
2292 if (!tlsext_sessionticket_serverhello_needs(ssl)) {
2293 FAIL("serverhello should now be required for SessionTicket");
2294 goto err;
2295 }
2296
2297 /* server hello's session ticket should always be 0 length payload. */
2298 if (!tlsext_sessionticket_serverhello_build(ssl, &cbb)) {
2299 FAIL("Cannot build a ticket with a max length random payload");
2300 goto err;
2301 }
2302 if (!CBB_finish(&cbb, &data, &dlen)) {
2303 FAIL("Cannot finish CBB");
2304 goto err;
2305 }
2306 if (dlen != 0) {
2307 FAIL("Expected 0 length but found %zu\n", dlen);
2308 goto err;
2309 }
2310
2311 failure = 0;
2312
2313 err:
2314 SSL_CTX_free(ssl_ctx);
2315 SSL_free(ssl);
2316
2317 return (failure);
2318}
2319
2320#ifndef OPENSSL_NO_SRTP
2321/*
2322 * Supported Secure Real-time Transport Protocol (RFC 5764 section 4.1.1)
2323 */
2324
2325/* Colon separated string values */
2326const char *tlsext_srtp_single_profile = "SRTP_AES128_CM_SHA1_80";
2327const char *tlsext_srtp_multiple_profiles = "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32";
2328
2329const char *tlsext_srtp_aes128cmsha80 = "SRTP_AES128_CM_SHA1_80";
2330const char *tlsext_srtp_aes128cmsha32 = "SRTP_AES128_CM_SHA1_32";
2331
2332const uint8_t tlsext_srtp_single[] = {
2333 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2334 0x00, 0x02, /* len */
2335 0x00, 0x01, /* SRTP_AES128_CM_SHA1_80 */
2336 0x00 /* opaque srtp_mki<0..255> */
2337};
2338
2339const uint8_t tlsext_srtp_multiple[] = {
2340 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2341 0x00, 0x04, /* len */
2342 0x00, 0x01, /* SRTP_AES128_CM_SHA1_80 */
2343 0x00, 0x02, /* SRTP_AES128_CM_SHA1_32 */
2344 0x00 /* opaque srtp_mki<0..255> */
2345};
2346
2347const uint8_t tlsext_srtp_multiple_invalid[] = {
2348 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2349 0x00, 0x04, /* len */
2350 0x00, 0x08, /* arbitrary value not found in known profiles */
2351 0x00, 0x09, /* arbitrary value not found in known profiles */
2352 0x00 /* opaque srtp_mki<0..255> */
2353};
2354
2355const uint8_t tlsext_srtp_single_invalid[] = {
2356 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2357 0x00, 0x02, /* len */
2358 0x00, 0x08, /* arbitrary value not found in known profiles */
2359 0x00 /* opaque srtp_mki<0..255> */
2360};
2361
2362const uint8_t tlsext_srtp_multiple_one_valid[] = {
2363 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2364 0x00, 0x04, /* len */
2365 0x00, 0x08, /* arbitrary value not found in known profiles */
2366 0x00, 0x02, /* SRTP_AES128_CM_SHA1_32 */
2367 0x00 /* opaque srtp_mki<0..255> */
2368};
2369
2370static int
2371test_tlsext_srtp_clienthello(void)
2372{
2373 SRTP_PROTECTION_PROFILE *prof;
2374 SSL_CTX *ssl_ctx = NULL;
2375 SSL *ssl = NULL;
2376 uint8_t *data = NULL;
2377 CBB cbb;
2378 CBS cbs;
2379 int failure, alert;
2380 size_t dlen;
2381
2382 CBB_init(&cbb, 0);
2383
2384 failure = 1;
2385
2386 /* SRTP is for DTLS */
2387 if ((ssl_ctx = SSL_CTX_new(DTLSv1_client_method())) == NULL)
2388 errx(1, "failed to create SSL_CTX");
2389 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2390 errx(1, "failed to create SSL");
2391
2392 /* By default, we don't need this */
2393 if (tlsext_srtp_clienthello_needs(ssl)) {
2394 FAIL("clienthello should not need SRTP by default\n");
2395 goto err;
2396 }
2397
2398 if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_single_profile) != 0) {
2399 FAIL("should be able to set a single SRTP\n");
2400 goto err;
2401 }
2402 if (!tlsext_srtp_clienthello_needs(ssl)) {
2403 FAIL("clienthello should need SRTP\n");
2404 goto err;
2405 }
2406
2407 /* Make sure we can build the clienthello with a single profile. */
2408
2409 if (!tlsext_srtp_clienthello_build(ssl, &cbb)) {
2410 FAIL("clienthello failed to build SRTP\n");
2411 goto err;
2412 }
2413 if (!CBB_finish(&cbb, &data, &dlen))
2414 errx(1, "failed to finish CBB");
2415
2416 if (dlen != sizeof(tlsext_srtp_single)) {
2417 FAIL("got clienthello SRTP with length %zu, "
2418 "want length %zu\n", dlen,
2419 sizeof(tlsext_srtp_single));
2420 compare_data(data, dlen, tlsext_srtp_single,
2421 sizeof(tlsext_srtp_single));
2422 goto err;
2423 }
2424 if (memcmp(data, tlsext_srtp_single, dlen) != 0) {
2425 FAIL("clienthello SRTP differs:\n");
2426 compare_data(data, dlen, tlsext_srtp_single,
2427 sizeof(tlsext_srtp_single));
2428 goto err;
2429 }
2430
2431 CBB_cleanup(&cbb);
2432 CBB_init(&cbb, 0);
2433 free(data);
2434 data = NULL;
2435
2436 /* Make sure we can parse the single profile. */
2437
2438 if (SSL_get_selected_srtp_profile(ssl) != NULL) {
2439 FAIL("SRTP profile should not be set yet\n");
2440 goto err;
2441 }
2442
2443 CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single));
2444 if (!tlsext_srtp_clienthello_parse(ssl, &cbs, &alert)) {
2445 FAIL("failed to parse SRTP\n");
2446 goto err;
2447 }
2448 if (CBS_len(&cbs) != 0) {
2449 FAIL("extension data remaining");
2450 goto err;
2451 }
2452
2453 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
2454 FAIL("SRTP profile should be set now\n");
2455 goto err;
2456 }
2457 if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) {
2458 FAIL("SRTP profile was not set properly\n");
2459 goto err;
2460 }
2461
2462 if (!tlsext_srtp_serverhello_needs(ssl)) {
2463 FAIL("should send server extension when profile selected\n");
2464 goto err;
2465 }
2466
2467 /* Make sure we can build the clienthello with multiple entries. */
2468
2469 if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_multiple_profiles) != 0) {
2470 FAIL("should be able to set SRTP to multiple profiles\n");
2471 goto err;
2472 }
2473 if (!tlsext_srtp_clienthello_needs(ssl)) {
2474 FAIL("clienthello should need SRTP by now\n");
2475 goto err;
2476 }
2477
2478 if (!tlsext_srtp_clienthello_build(ssl, &cbb)) {
2479 FAIL("clienthello failed to build SRTP\n");
2480 goto err;
2481 }
2482 if (!CBB_finish(&cbb, &data, &dlen))
2483 errx(1, "failed to finish CBB");
2484
2485 if (dlen != sizeof(tlsext_srtp_multiple)) {
2486 FAIL("got clienthello SRTP with length %zu, "
2487 "want length %zu\n", dlen,
2488 sizeof(tlsext_srtp_multiple));
2489 compare_data(data, dlen, tlsext_srtp_multiple,
2490 sizeof(tlsext_srtp_multiple));
2491 goto err;
2492 }
2493 if (memcmp(data, tlsext_srtp_multiple, dlen) != 0) {
2494 FAIL("clienthello SRTP differs:\n");
2495 compare_data(data, dlen, tlsext_srtp_multiple,
2496 sizeof(tlsext_srtp_multiple));
2497 goto err;
2498 }
2499
2500 CBB_cleanup(&cbb);
2501 CBB_init(&cbb, 0);
2502 free(data);
2503 data = NULL;
2504
2505 /* Make sure we can parse multiple profiles (selects server preferred) */
2506
2507 ssl->internal->srtp_profile = NULL;
2508
2509 CBS_init(&cbs, tlsext_srtp_multiple,
2510 sizeof(tlsext_srtp_multiple));
2511 if (!tlsext_srtp_clienthello_parse(ssl, &cbs, &alert)) {
2512 FAIL("failed to parse SRTP\n");
2513 goto err;
2514 }
2515 if (CBS_len(&cbs) != 0) {
2516 FAIL("extension data remaining");
2517 goto err;
2518 }
2519
2520 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
2521 FAIL("SRTP profile should be set now\n");
2522 goto err;
2523 }
2524 if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) {
2525 FAIL("SRTP profile was not set properly\n");
2526 goto err;
2527 }
2528
2529 if (!tlsext_srtp_serverhello_needs(ssl)) {
2530 FAIL("should send server extension when profile selected\n");
2531 goto err;
2532 }
2533
2534 /*
2535 * Make sure we can parse the clienthello with multiple entries
2536 * where one is unknown.
2537 */
2538 ssl->internal->srtp_profile = NULL;
2539
2540 CBS_init(&cbs, tlsext_srtp_multiple_one_valid,
2541 sizeof(tlsext_srtp_multiple_one_valid));
2542 if (!tlsext_srtp_clienthello_parse(ssl, &cbs, &alert)) {
2543 FAIL("failed to parse SRTP\n");
2544 goto err;
2545 }
2546 if (CBS_len(&cbs) != 0) {
2547 FAIL("extension data remaining");
2548 goto err;
2549 }
2550
2551 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
2552 FAIL("SRTP profile should be set now\n");
2553 goto err;
2554 }
2555 if (strcmp(prof->name, tlsext_srtp_aes128cmsha32) != 0) {
2556 FAIL("SRTP profile was not set properly\n");
2557 goto err;
2558 }
2559
2560 if (!tlsext_srtp_serverhello_needs(ssl)) {
2561 FAIL("should send server extension when profile selected\n");
2562 goto err;
2563 }
2564
2565 /* Make sure we fall back to negotiated when none work. */
2566
2567 ssl->internal->srtp_profile = NULL;
2568
2569 CBS_init(&cbs, tlsext_srtp_multiple_invalid,
2570 sizeof(tlsext_srtp_multiple_invalid));
2571 if (!tlsext_srtp_clienthello_parse(ssl, &cbs, &alert)) {
2572 FAIL("should be able to fall back to negotiated\n");
2573 goto err;
2574 }
2575 if (CBS_len(&cbs) != 0) {
2576 FAIL("extension data remaining");
2577 goto err;
2578 }
2579
2580 /* If we fallback, the server should NOT send the extension. */
2581 if (SSL_get_selected_srtp_profile(ssl) != NULL) {
2582 FAIL("should not have selected a profile when none found\n");
2583 goto err;
2584 }
2585 if (tlsext_srtp_serverhello_needs(ssl)) {
2586 FAIL("should not send server tlsext when no profile found\n");
2587 goto err;
2588 }
2589
2590 failure = 0;
2591
2592 err:
2593 CBB_cleanup(&cbb);
2594 SSL_CTX_free(ssl_ctx);
2595 SSL_free(ssl);
2596 free(data);
2597
2598 return (failure);
2599}
2600
2601static int
2602test_tlsext_srtp_serverhello(void)
2603{
2604 SRTP_PROTECTION_PROFILE *prof;
2605 SSL_CTX *ssl_ctx = NULL;
2606 SSL *ssl = NULL;
2607 uint8_t *data = NULL;
2608 CBB cbb;
2609 CBS cbs;
2610 int failure, alert;
2611 size_t dlen;
2612
2613 CBB_init(&cbb, 0);
2614
2615 failure = 1;
2616
2617 /* SRTP is for DTLS */
2618 if ((ssl_ctx = SSL_CTX_new(DTLSv1_client_method())) == NULL)
2619 errx(1, "failed to create SSL_CTX");
2620 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2621 errx(1, "failed to create SSL");
2622
2623 /* By default, we don't need this */
2624 if (tlsext_srtp_serverhello_needs(ssl)) {
2625 FAIL("serverhello should not need SRTP by default\n");
2626 goto err;
2627 }
2628
2629 if (srtp_find_profile_by_name((char *)tlsext_srtp_aes128cmsha80, &prof,
2630 strlen(tlsext_srtp_aes128cmsha80))) {
2631 FAIL("should be able to find the given profile\n");
2632 goto err;
2633 }
2634 ssl->internal->srtp_profile = prof;
2635 if (!tlsext_srtp_serverhello_needs(ssl)) {
2636 FAIL("serverhello should need SRTP by now\n");
2637 goto err;
2638 }
2639
2640 /* Make sure we can build the serverhello with a single profile. */
2641
2642 if (!tlsext_srtp_serverhello_build(ssl, &cbb)) {
2643 FAIL("serverhello failed to build SRTP\n");
2644 goto err;
2645 }
2646 if (!CBB_finish(&cbb, &data, &dlen))
2647 errx(1, "failed to finish CBB");
2648
2649 if (dlen != sizeof(tlsext_srtp_single)) {
2650 FAIL("got serverhello SRTP with length %zu, "
2651 "want length %zu\n", dlen,
2652 sizeof(tlsext_srtp_single));
2653 compare_data(data, dlen, tlsext_srtp_single,
2654 sizeof(tlsext_srtp_single));
2655 goto err;
2656 }
2657 if (memcmp(data, tlsext_srtp_single, dlen) != 0) {
2658 FAIL("serverhello SRTP differs:\n");
2659 compare_data(data, dlen, tlsext_srtp_single,
2660 sizeof(tlsext_srtp_single));
2661 goto err;
2662 }
2663
2664 CBB_cleanup(&cbb);
2665 CBB_init(&cbb, 0);
2666 free(data);
2667 data = NULL;
2668
2669 /* Make sure we can parse the single profile. */
2670 ssl->internal->srtp_profile = NULL;
2671
2672 if (SSL_get_selected_srtp_profile(ssl) != NULL) {
2673 FAIL("SRTP profile should not be set yet\n");
2674 goto err;
2675 }
2676
2677 /* Setup the environment as if a client sent a list of profiles. */
2678 if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_multiple_profiles) != 0) {
2679 FAIL("should be able to set multiple profiles in SRTP\n");
2680 goto err;
2681 }
2682
2683 CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single));
2684 if (!tlsext_srtp_serverhello_parse(ssl, &cbs, &alert)) {
2685 FAIL("failed to parse SRTP\n");
2686 goto err;
2687 }
2688 if (CBS_len(&cbs) != 0) {
2689 FAIL("extension data remaining");
2690 goto err;
2691 }
2692
2693 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
2694 FAIL("SRTP profile should be set now\n");
2695 goto err;
2696 }
2697 if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) {
2698 FAIL("SRTP profile was not set properly\n");
2699 goto err;
2700 }
2701
2702 /* Make sure we cannot parse multiple profiles */
2703 ssl->internal->srtp_profile = NULL;
2704
2705 CBS_init(&cbs, tlsext_srtp_multiple,
2706 sizeof(tlsext_srtp_multiple));
2707 if (tlsext_srtp_serverhello_parse(ssl, &cbs, &alert)) {
2708 FAIL("should not find multiple entries from the server\n");
2709 goto err;
2710 }
2711
2712 /* Make sure we cannot parse a serverhello with unknown profile */
2713 ssl->internal->srtp_profile = NULL;
2714
2715 CBS_init(&cbs, tlsext_srtp_single_invalid,
2716 sizeof(tlsext_srtp_single_invalid));
2717 if (tlsext_srtp_serverhello_parse(ssl, &cbs, &alert)) {
2718 FAIL("should not be able to parse this\n");
2719 goto err;
2720 }
2721
2722 failure = 0;
2723
2724 err:
2725 CBB_cleanup(&cbb);
2726 SSL_CTX_free(ssl_ctx);
2727 SSL_free(ssl);
2728 free(data);
2729
2730 return (failure);
2731}
2732#endif /* OPENSSL_NO_SRTP */
2733
2734unsigned char tlsext_clienthello_default[] = {
2735 0x00, 0x36, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00,
2736 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d,
2737 0x00, 0x17, 0x00, 0x18, 0x00, 0x23, 0x00, 0x00,
2738 0x00, 0x0d, 0x00, 0x1c, 0x00, 0x1a, 0x06, 0x01,
2739 0x06, 0x03, 0xef, 0xef, 0x05, 0x01, 0x05, 0x03,
2740 0x04, 0x01, 0x04, 0x03, 0xee, 0xee, 0xed, 0xed,
2741 0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 0x02, 0x03,
2742};
2743
2744unsigned char tlsext_clienthello_disabled[] = {};
2745
2746static int
2747test_tlsext_clienthello_build(void)
2748{
2749 unsigned char *data = NULL;
2750 SSL_CTX *ssl_ctx = NULL;
2751 SSL *ssl = NULL;
2752 size_t dlen;
2753 int failure;
2754 CBB cbb;
2755
2756 failure = 1;
2757
2758 if (!CBB_init(&cbb, 0))
2759 errx(1, "failed to create CBB");
2760
2761 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
2762 errx(1, "failed to create SSL_CTX");
2763 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2764 errx(1, "failed to create SSL");
2765
2766 if (!tlsext_clienthello_build(ssl, &cbb)) {
2767 FAIL("failed to build clienthello extensions\n");
2768 goto err;
2769 }
2770 if (!CBB_finish(&cbb, &data, &dlen))
2771 errx(1, "failed to finish CBB");
2772
2773 if (dlen != sizeof(tlsext_clienthello_default)) {
2774 FAIL("got clienthello extensions with length %zu, "
2775 "want length %zu\n", dlen,
2776 sizeof(tlsext_clienthello_default));
2777 compare_data(data, dlen, tlsext_clienthello_default,
2778 sizeof(tlsext_clienthello_default));
2779 goto err;
2780 }
2781 if (memcmp(data, tlsext_clienthello_default, dlen) != 0) {
2782 FAIL("clienthello extensions differs:\n");
2783 compare_data(data, dlen, tlsext_clienthello_default,
2784 sizeof(tlsext_clienthello_default));
2785 goto err;
2786 }
2787
2788 CBB_cleanup(&cbb);
2789 CBB_init(&cbb, 0);
2790
2791 /* Switch to TLSv1.1, disable EC ciphers and session tickets. */
2792 ssl->client_version = TLS1_1_VERSION;
2793 if (!SSL_set_cipher_list(ssl, "TLSv1.2:!ECDHE:!ECDSA")) {
2794 FAIL("failed to set cipher list\n");
2795 goto err;
2796 }
2797 if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) {
2798 FAIL("failed to disable session tickets");
2799 return 0;
2800 }
2801
2802 if (!tlsext_clienthello_build(ssl, &cbb)) {
2803 FAIL("failed to build clienthello extensions\n");
2804 goto err;
2805 }
2806 if (!CBB_finish(&cbb, &data, &dlen))
2807 errx(1, "failed to finish CBB");
2808
2809 if (dlen != sizeof(tlsext_clienthello_disabled)) {
2810 FAIL("got clienthello extensions with length %zu, "
2811 "want length %zu\n", dlen,
2812 sizeof(tlsext_clienthello_disabled));
2813 compare_data(data, dlen, tlsext_clienthello_disabled,
2814 sizeof(tlsext_clienthello_disabled));
2815 goto err;
2816 }
2817 if (memcmp(data, tlsext_clienthello_disabled, dlen) != 0) {
2818 FAIL("clienthello extensions differs:\n");
2819 compare_data(data, dlen, tlsext_clienthello_disabled,
2820 sizeof(tlsext_clienthello_disabled));
2821 goto err;
2822 }
2823
2824 failure = 0;
2825
2826 err:
2827 CBB_cleanup(&cbb);
2828 SSL_CTX_free(ssl_ctx);
2829 SSL_free(ssl);
2830 free(data);
2831
2832 return (failure);
2833}
2834
2835unsigned char tlsext_serverhello_default[] = {};
2836
2837unsigned char tlsext_serverhello_enabled[] = {
2838 0x00, 0x13, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00,
2839 0x05, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01,
2840 0x00, 0x00, 0x23, 0x00, 0x00,
2841};
2842
2843static int
2844test_tlsext_serverhello_build(void)
2845{
2846 unsigned char *data = NULL;
2847 SSL_CTX *ssl_ctx = NULL;
2848 SSL *ssl = NULL;
2849 size_t dlen;
2850 int failure;
2851 CBB cbb;
2852
2853 failure = 1;
2854
2855 if (!CBB_init(&cbb, 0))
2856 errx(1, "failed to create CBB");
2857
2858 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
2859 errx(1, "failed to create SSL_CTX");
2860 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2861 errx(1, "failed to create SSL");
2862 if ((ssl->session = SSL_SESSION_new()) == NULL)
2863 errx(1, "failed to create session");
2864
2865 S3I(ssl)->hs.new_cipher =
2866 ssl3_get_cipher_by_id(TLS1_CK_RSA_WITH_AES_128_SHA256);
2867
2868 if (!tlsext_serverhello_build(ssl, &cbb)) {
2869 FAIL("failed to build serverhello extensions\n");
2870 goto err;
2871 }
2872 if (!CBB_finish(&cbb, &data, &dlen))
2873 errx(1, "failed to finish CBB");
2874
2875 if (dlen != sizeof(tlsext_serverhello_default)) {
2876 FAIL("got serverhello extensions with length %zu, "
2877 "want length %zu\n", dlen,
2878 sizeof(tlsext_serverhello_default));
2879 compare_data(data, dlen, tlsext_serverhello_default,
2880 sizeof(tlsext_serverhello_default));
2881 goto err;
2882 }
2883 if (memcmp(data, tlsext_serverhello_default, dlen) != 0) {
2884 FAIL("serverhello extensions differs:\n");
2885 compare_data(data, dlen, tlsext_serverhello_default,
2886 sizeof(tlsext_serverhello_default));
2887 goto err;
2888 }
2889
2890 CBB_cleanup(&cbb);
2891 CBB_init(&cbb, 0);
2892
2893 /* Turn a few things on so we get extensions... */
2894 S3I(ssl)->send_connection_binding = 1;
2895 S3I(ssl)->hs.new_cipher =
2896 ssl3_get_cipher_by_id(TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256);
2897 ssl->internal->tlsext_status_expected = 1;
2898 ssl->internal->tlsext_ticket_expected = 1;
2899 if ((SSI(ssl)->tlsext_ecpointformatlist = malloc(1)) == NULL)
2900 errx(1, "malloc failed");
2901 SSI(ssl)->tlsext_ecpointformatlist_length = 1;
2902 SSI(ssl)->tlsext_ecpointformatlist[0] =
2903 TLSEXT_ECPOINTFORMAT_uncompressed;
2904
2905 if (!tlsext_serverhello_build(ssl, &cbb)) {
2906 FAIL("failed to build serverhello extensions\n");
2907 goto err;
2908 }
2909 if (!CBB_finish(&cbb, &data, &dlen))
2910 errx(1, "failed to finish CBB");
2911
2912 if (dlen != sizeof(tlsext_serverhello_enabled)) {
2913 FAIL("got serverhello extensions with length %zu, "
2914 "want length %zu\n", dlen,
2915 sizeof(tlsext_serverhello_enabled));
2916 compare_data(data, dlen, tlsext_serverhello_enabled,
2917 sizeof(tlsext_serverhello_enabled));
2918 goto err;
2919 }
2920 if (memcmp(data, tlsext_serverhello_enabled, dlen) != 0) {
2921 FAIL("serverhello extensions differs:\n");
2922 compare_data(data, dlen, tlsext_serverhello_enabled,
2923 sizeof(tlsext_serverhello_enabled));
2924 goto err;
2925 }
2926
2927 failure = 0;
2928
2929 err:
2930 CBB_cleanup(&cbb);
2931 SSL_CTX_free(ssl_ctx);
2932 SSL_free(ssl);
2933 free(data);
2934
2935 return (failure);
2936}
2937
2938int
2939main(int argc, char **argv)
2940{
2941 int failed = 0;
2942
2943 SSL_library_init();
2944 SSL_load_error_strings();
2945
2946 failed |= test_tlsext_alpn_clienthello();
2947 failed |= test_tlsext_alpn_serverhello();
2948
2949 failed |= test_tlsext_supportedgroups_clienthello();
2950 failed |= test_tlsext_supportedgroups_serverhello();
2951
2952 failed |= test_tlsext_ecpf_clienthello();
2953 failed |= test_tlsext_ecpf_serverhello();
2954
2955 failed |= test_tlsext_ri_clienthello();
2956 failed |= test_tlsext_ri_serverhello();
2957
2958 failed |= test_tlsext_sigalgs_clienthello();
2959 failed |= test_tlsext_sigalgs_serverhello();
2960
2961 failed |= test_tlsext_sni_clienthello();
2962 failed |= test_tlsext_sni_serverhello();
2963
2964 failed |= test_tlsext_ocsp_clienthello();
2965 failed |= test_tlsext_ocsp_serverhello();
2966
2967 failed |= test_tlsext_sessionticket_clienthello();
2968 failed |= test_tlsext_sessionticket_serverhello();
2969
2970#ifndef OPENSSL_NO_SRTP
2971 failed |= test_tlsext_srtp_clienthello();
2972 failed |= test_tlsext_srtp_serverhello();
2973#else
2974 fprintf(stderr, "Skipping SRTP tests due to OPENSSL_NO_SRTP\n");
2975#endif
2976
2977 failed |= test_tlsext_clienthello_build();
2978 failed |= test_tlsext_serverhello_build();
2979
2980 return (failed);
2981}
diff --git a/src/regress/lib/libssl/unit/Makefile b/src/regress/lib/libssl/unit/Makefile
deleted file mode 100644
index 6b8a397c07..0000000000
--- a/src/regress/lib/libssl/unit/Makefile
+++ /dev/null
@@ -1,24 +0,0 @@
1# $OpenBSD: Makefile,v 1.9 2017/03/10 15:06:15 jsing Exp $
2
3TEST_CASES+= cipher_list
4TEST_CASES+= ssl_versions
5TEST_CASES+= tls_ext_alpn
6TEST_CASES+= tls_prf
7
8REGRESS_TARGETS= all_tests
9
10WARNINGS= Yes
11LDLIBS= ${SSL_INT} -lcrypto
12CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror
13CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
14
15CLEANFILES+= ${TEST_CASES}
16
17all_tests: ${TEST_CASES}
18 @for test in $>; do \
19 ./$$test; \
20 done
21
22${TEST_CASES}: ${LIBSSL} ${LIBCRYPTO}
23
24.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/unit/cipher_list.c b/src/regress/lib/libssl/unit/cipher_list.c
deleted file mode 100644
index 70f547abd6..0000000000
--- a/src/regress/lib/libssl/unit/cipher_list.c
+++ /dev/null
@@ -1,204 +0,0 @@
1/* $OpenBSD: cipher_list.c,v 1.9 2018/06/02 16:35:02 jsing Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19/*
20 * Test TLS ssl bytes (aka cipher suites) to cipher list and back.
21 *
22 * TLSv1.0 - RFC 2246 section 7.4.1.2 (ClientHello struct)
23 * TLSv1.1 - RFC 4346 section 7.4.1.2 (ClientHello struct)
24 * TLSv1.2 - RFC 5246 section 7.4.1.2 (ClientHello struct)
25 *
26 * In all of these standards, the relevant structures are:
27 *
28 * uint8 CipherSuite[2];
29 *
30 * struct {
31 * ...
32 * CipherSuite cipher_suites<2..2^16-2>
33 * ...
34 * } ClientHello;
35 */
36
37#include <openssl/ssl.h>
38
39#include <stdio.h>
40#include <string.h>
41
42#include "ssl_locl.h"
43
44#include "tests.h"
45
46static uint8_t cipher_bytes[] = {
47 0xcc, 0xa8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */
48 0xcc, 0xa9, /* ECDHE-RSA-CHACHA20-POLY1305 */
49 0xcc, 0xaa, /* DHE-RSA-CHACHA20-POLY1305 */
50 0x00, 0x9c, /* AES128-GCM-SHA256 */
51 0x00, 0x3d, /* AES256-SHA256 */
52};
53
54static uint16_t cipher_values[] = {
55 0xcca8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */
56 0xcca9, /* ECDHE-RSA-CHACHA20-POLY1305 */
57 0xccaa, /* DHE-RSA-CHACHA20-POLY1305 */
58 0x009c, /* AES128-GCM-SHA256 */
59 0x003d, /* AES256-SHA256 */
60};
61
62#define N_CIPHERS (sizeof(cipher_bytes) / 2)
63
64static int
65ssl_bytes_to_list_alloc(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
66{
67 SSL_CIPHER *cipher;
68 uint16_t value;
69 CBS cbs;
70 int i;
71
72 CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes));
73
74 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
75 CHECK(*ciphers != NULL);
76 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
77 for (i = 0; i < sk_SSL_CIPHER_num(*ciphers); i++) {
78 cipher = sk_SSL_CIPHER_value(*ciphers, i);
79 CHECK(cipher != NULL);
80 value = SSL_CIPHER_get_value(cipher);
81 CHECK(value == cipher_values[i]);
82 }
83
84 return 1;
85}
86
87static int
88ssl_list_to_bytes_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
89{
90 CBB cbb;
91 unsigned char *buf = NULL;
92 size_t buflen, outlen;
93 int ret = 0;
94
95 /* Space for cipher bytes, plus reneg SCSV and two spare bytes. */
96 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
97 buflen = sizeof(cipher_bytes) + 2 + 2;
98 CHECK((buf = calloc(1, buflen)) != NULL);
99
100 CHECK(CBB_init_fixed(&cbb, buf, buflen));
101 CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
102 CHECK(CBB_finish(&cbb, NULL, &outlen));
103
104 CHECK_GOTO(outlen > 0 && outlen == buflen - 2);
105 CHECK_GOTO(memcmp(buf, cipher_bytes, sizeof(cipher_bytes)) == 0);
106 CHECK_GOTO(buf[buflen - 4] == 0x00 && buf[buflen - 3] == 0xff);
107 CHECK_GOTO(buf[buflen - 2] == 0x00 && buf[buflen - 1] == 0x00);
108
109 ret = 1;
110
111err:
112 free(buf);
113 return ret;
114}
115
116static int
117ssl_list_to_bytes_no_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
118{
119 CBB cbb;
120 unsigned char *buf = NULL;
121 size_t buflen, outlen;
122 int ret = 0;
123
124 /* Space for cipher bytes and two spare bytes */
125 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
126 buflen = sizeof(cipher_bytes) + 2;
127 CHECK((buf = calloc(1, buflen)) != NULL);
128 buf[buflen - 2] = 0xfe;
129 buf[buflen - 1] = 0xab;
130
131 /* Set renegotiate so it doesn't add SCSV */
132 s->internal->renegotiate = 1;
133
134 CHECK(CBB_init_fixed(&cbb, buf, buflen));
135 CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
136 CHECK(CBB_finish(&cbb, NULL, &outlen));
137
138 CHECK_GOTO(outlen > 0 && outlen == buflen - 2);
139 CHECK_GOTO(memcmp(buf, cipher_bytes, sizeof(cipher_bytes)) == 0);
140 CHECK_GOTO(buf[buflen - 2] == 0xfe && buf[buflen - 1] == 0xab);
141
142 ret = 1;
143
144err:
145 free(buf);
146 return ret;
147}
148
149static int
150ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
151{
152 uint8_t empty_cipher_bytes[] = {0};
153 CBS cbs;
154
155 sk_SSL_CIPHER_free(*ciphers);
156
157 /* Invalid length: CipherSuite is 2 bytes so it must be even */
158 CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes) - 1);
159 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
160 CHECK(*ciphers == NULL);
161
162 /* Invalid length: cipher_suites must be at least 2 */
163 CBS_init(&cbs, empty_cipher_bytes, sizeof(empty_cipher_bytes));
164 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
165 CHECK(*ciphers == NULL);
166
167 return 1;
168}
169
170int
171main(void)
172{
173 STACK_OF(SSL_CIPHER) *ciphers = NULL;
174 SSL_CTX *ctx = NULL;
175 SSL *s = NULL;
176 int rv = 1;
177
178 SSL_library_init();
179
180 /* Use TLSv1.2 client to get all ciphers. */
181 CHECK_GOTO((ctx = SSL_CTX_new(TLSv1_2_client_method())) != NULL);
182 CHECK_GOTO((s = SSL_new(ctx)) != NULL);
183
184 if (!ssl_bytes_to_list_alloc(s, &ciphers))
185 goto err;
186 if (!ssl_list_to_bytes_scsv(s, &ciphers))
187 goto err;
188 if (!ssl_list_to_bytes_no_scsv(s, &ciphers))
189 goto err;
190 if (!ssl_bytes_to_list_invalid(s, &ciphers))
191 goto err;
192
193 rv = 0;
194
195err:
196 sk_SSL_CIPHER_free(ciphers);
197 SSL_CTX_free(ctx);
198 SSL_free(s);
199
200 if (!rv)
201 printf("PASS %s\n", __FILE__);
202
203 return rv;
204}
diff --git a/src/regress/lib/libssl/unit/ssl_versions.c b/src/regress/lib/libssl/unit/ssl_versions.c
deleted file mode 100644
index 11519c3732..0000000000
--- a/src/regress/lib/libssl/unit/ssl_versions.c
+++ /dev/null
@@ -1,797 +0,0 @@
1/* $OpenBSD: ssl_versions.c,v 1.6 2018/11/06 01:40:57 jsing Exp $ */
2/*
3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include "ssl_locl.h"
21
22struct version_range_test {
23 const long options;
24 const uint16_t minver;
25 const uint16_t maxver;
26 const uint16_t want_minver;
27 const uint16_t want_maxver;
28};
29
30static struct version_range_test version_range_tests[] = {
31 {
32 .options = 0,
33 .minver = TLS1_VERSION,
34 .maxver = TLS1_3_VERSION,
35 .want_minver = TLS1_VERSION,
36 .want_maxver = TLS1_3_VERSION,
37 },
38 {
39 .options = 0,
40 .minver = TLS1_VERSION,
41 .maxver = TLS1_2_VERSION,
42 .want_minver = TLS1_VERSION,
43 .want_maxver = TLS1_2_VERSION,
44 },
45 {
46 .options = SSL_OP_NO_TLSv1,
47 .minver = TLS1_VERSION,
48 .maxver = TLS1_2_VERSION,
49 .want_minver = TLS1_1_VERSION,
50 .want_maxver = TLS1_2_VERSION,
51 },
52 {
53 .options = SSL_OP_NO_TLSv1_3,
54 .minver = TLS1_VERSION,
55 .maxver = TLS1_3_VERSION,
56 .want_minver = TLS1_VERSION,
57 .want_maxver = TLS1_2_VERSION,
58 },
59 {
60 .options = SSL_OP_NO_TLSv1_2,
61 .minver = TLS1_VERSION,
62 .maxver = TLS1_2_VERSION,
63 .want_minver = TLS1_VERSION,
64 .want_maxver = TLS1_1_VERSION,
65 },
66 {
67 .options = SSL_OP_NO_TLSv1_1,
68 .minver = TLS1_VERSION,
69 .maxver = TLS1_2_VERSION,
70 .want_minver = TLS1_VERSION,
71 .want_maxver = TLS1_VERSION,
72 },
73 {
74 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
75 .minver = TLS1_VERSION,
76 .maxver = TLS1_2_VERSION,
77 .want_minver = TLS1_2_VERSION,
78 .want_maxver = TLS1_2_VERSION,
79 },
80 {
81 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
82 .minver = TLS1_VERSION,
83 .maxver = TLS1_2_VERSION,
84 .want_minver = TLS1_VERSION,
85 .want_maxver = TLS1_VERSION,
86 },
87 {
88 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2,
89 .minver = TLS1_VERSION,
90 .maxver = TLS1_2_VERSION,
91 .want_minver = TLS1_1_VERSION,
92 .want_maxver = TLS1_1_VERSION,
93 },
94 {
95 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
96 SSL_OP_NO_TLSv1_2,
97 .minver = TLS1_VERSION,
98 .maxver = TLS1_2_VERSION,
99 .want_minver = 0,
100 .want_maxver = 0,
101 },
102 {
103 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
104 SSL_OP_NO_TLSv1_2,
105 .minver = TLS1_VERSION,
106 .maxver = TLS1_3_VERSION,
107 .want_minver = TLS1_3_VERSION,
108 .want_maxver = TLS1_3_VERSION,
109 },
110 {
111 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
112 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3,
113 .minver = TLS1_VERSION,
114 .maxver = TLS1_3_VERSION,
115 .want_minver = 0,
116 .want_maxver = 0,
117 },
118 {
119 .options = 0,
120 .minver = TLS1_VERSION,
121 .maxver = TLS1_2_VERSION,
122 .want_minver = TLS1_VERSION,
123 .want_maxver = TLS1_2_VERSION,
124 },
125 {
126 .options = 0,
127 .minver = TLS1_1_VERSION,
128 .maxver = TLS1_2_VERSION,
129 .want_minver = TLS1_1_VERSION,
130 .want_maxver = TLS1_2_VERSION,
131 },
132 {
133 .options = 0,
134 .minver = TLS1_2_VERSION,
135 .maxver = TLS1_2_VERSION,
136 .want_minver = TLS1_2_VERSION,
137 .want_maxver = TLS1_2_VERSION,
138 },
139 {
140 .options = 0,
141 .minver = TLS1_VERSION,
142 .maxver = TLS1_3_VERSION,
143 .want_minver = TLS1_VERSION,
144 .want_maxver = TLS1_3_VERSION,
145 },
146 {
147 .options = 0,
148 .minver = TLS1_1_VERSION,
149 .maxver = TLS1_3_VERSION,
150 .want_minver = TLS1_1_VERSION,
151 .want_maxver = TLS1_3_VERSION,
152 },
153 {
154 .options = 0,
155 .minver = TLS1_2_VERSION,
156 .maxver = TLS1_3_VERSION,
157 .want_minver = TLS1_2_VERSION,
158 .want_maxver = TLS1_3_VERSION,
159 },
160 {
161 .options = 0,
162 .minver = TLS1_3_VERSION,
163 .maxver = TLS1_3_VERSION,
164 .want_minver = TLS1_3_VERSION,
165 .want_maxver = TLS1_3_VERSION,
166 },
167 {
168 .options = 0,
169 .minver = TLS1_VERSION,
170 .maxver = TLS1_1_VERSION,
171 .want_minver = TLS1_VERSION,
172 .want_maxver = TLS1_1_VERSION,
173 },
174 {
175 .options = 0,
176 .minver = TLS1_VERSION,
177 .maxver = TLS1_VERSION,
178 .want_minver = TLS1_VERSION,
179 .want_maxver = TLS1_VERSION,
180 },
181};
182
183#define N_VERSION_RANGE_TESTS \
184 (sizeof(version_range_tests) / sizeof(*version_range_tests))
185
186static int
187test_ssl_enabled_version_range(void)
188{
189 struct version_range_test *vrt;
190 uint16_t minver, maxver;
191 SSL_CTX *ssl_ctx = NULL;
192 SSL *ssl = NULL;
193 int failed = 1;
194 size_t i;
195
196 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) {
197 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
198 goto failure;
199 }
200 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
201 fprintf(stderr, "SSL_new() returned NULL\n");
202 goto failure;
203 }
204
205 failed = 0;
206
207 for (i = 0; i < N_VERSION_RANGE_TESTS; i++) {
208 vrt = &version_range_tests[i];
209
210 SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
211 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
212 SSL_set_options(ssl, vrt->options);
213
214 minver = maxver = 0xffff;
215 ssl->internal->min_version = vrt->minver;
216 ssl->internal->max_version = vrt->maxver;
217
218 if (ssl_enabled_version_range(ssl, &minver, &maxver) != 1) {
219 if (vrt->want_minver != 0 || vrt->want_maxver != 0) {
220 fprintf(stderr, "FAIL: test %zu - failed but "
221 "wanted non-zero versions\n", i);
222 failed++;
223 }
224 continue;
225 }
226 if (minver != vrt->want_minver) {
227 fprintf(stderr, "FAIL: test %zu - got minver %x, "
228 "want %x\n", i, minver, vrt->want_minver);
229 failed++;
230 }
231 if (maxver != vrt->want_maxver) {
232 fprintf(stderr, "FAIL: test %zu - got maxver %x, "
233 "want %x\n", i, maxver, vrt->want_maxver);
234 failed++;
235 }
236 }
237
238 failure:
239 SSL_CTX_free(ssl_ctx);
240 SSL_free(ssl);
241
242 return (failed);
243}
244
245struct shared_version_test {
246 const SSL_METHOD *(*ssl_method)(void);
247 const long options;
248 const uint16_t minver;
249 const uint16_t maxver;
250 const uint16_t peerver;
251 const uint16_t want_maxver;
252};
253
254static struct shared_version_test shared_version_tests[] = {
255 {
256 .ssl_method = TLS_method,
257 .options = 0,
258 .minver = TLS1_VERSION,
259 .maxver = TLS1_2_VERSION,
260 .peerver = SSL2_VERSION,
261 .want_maxver = 0,
262 },
263 {
264 .ssl_method = TLS_method,
265 .options = 0,
266 .minver = TLS1_VERSION,
267 .maxver = TLS1_2_VERSION,
268 .peerver = SSL3_VERSION,
269 .want_maxver = 0,
270 },
271 {
272 .ssl_method = TLS_method,
273 .options = 0,
274 .minver = TLS1_VERSION,
275 .maxver = TLS1_2_VERSION,
276 .peerver = TLS1_VERSION,
277 .want_maxver = TLS1_VERSION,
278 },
279 {
280 .ssl_method = TLS_method,
281 .options = 0,
282 .minver = TLS1_VERSION,
283 .maxver = TLS1_2_VERSION,
284 .peerver = TLS1_1_VERSION,
285 .want_maxver = TLS1_1_VERSION,
286 },
287 {
288 .ssl_method = TLS_method,
289 .options = 0,
290 .minver = TLS1_VERSION,
291 .maxver = TLS1_2_VERSION,
292 .peerver = TLS1_2_VERSION,
293 .want_maxver = TLS1_2_VERSION,
294 },
295 {
296 .ssl_method = TLS_method,
297 .options = 0,
298 .minver = TLS1_VERSION,
299 .maxver = TLS1_2_VERSION,
300 .peerver = TLS1_3_VERSION,
301 .want_maxver = TLS1_2_VERSION,
302 },
303 {
304 .ssl_method = TLS_method,
305 .options = 0,
306 .minver = TLS1_VERSION,
307 .maxver = TLS1_2_VERSION,
308 .peerver = 0x7f12,
309 .want_maxver = TLS1_2_VERSION,
310 },
311 {
312 .ssl_method = TLS_method,
313 .options = SSL_OP_NO_TLSv1_2,
314 .minver = TLS1_VERSION,
315 .maxver = TLS1_2_VERSION,
316 .peerver = TLS1_2_VERSION,
317 .want_maxver = TLS1_1_VERSION,
318 },
319 {
320 .ssl_method = TLS_method,
321 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
322 .minver = TLS1_VERSION,
323 .maxver = TLS1_2_VERSION,
324 .peerver = TLS1_2_VERSION,
325 .want_maxver = TLS1_VERSION,
326 },
327 {
328 .ssl_method = TLS_method,
329 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
330 .minver = TLS1_VERSION,
331 .maxver = TLS1_2_VERSION,
332 .peerver = TLS1_2_VERSION,
333 .want_maxver = 0,
334 },
335 {
336 .ssl_method = TLS_method,
337 .options = SSL_OP_NO_TLSv1,
338 .minver = TLS1_VERSION,
339 .maxver = TLS1_2_VERSION,
340 .peerver = TLS1_1_VERSION,
341 .want_maxver = TLS1_1_VERSION,
342 },
343 {
344 .ssl_method = TLS_method,
345 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
346 .minver = TLS1_VERSION,
347 .maxver = TLS1_2_VERSION,
348 .peerver = TLS1_1_VERSION,
349 .want_maxver = 0,
350 },
351 {
352 .ssl_method = TLS_method,
353 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
354 .minver = TLS1_VERSION,
355 .maxver = TLS1_2_VERSION,
356 .peerver = TLS1_1_VERSION,
357 .want_maxver = TLS1_VERSION,
358 },
359 {
360 .ssl_method = TLS_method,
361 .options = SSL_OP_NO_TLSv1,
362 .minver = TLS1_VERSION,
363 .maxver = TLS1_2_VERSION,
364 .peerver = TLS1_VERSION,
365 .want_maxver = 0,
366 },
367 {
368 .ssl_method = TLS_method,
369 .options = 0,
370 .minver = TLS1_VERSION,
371 .maxver = TLS1_1_VERSION,
372 .peerver = TLS1_2_VERSION,
373 .want_maxver = TLS1_1_VERSION,
374 },
375 {
376 .ssl_method = TLS_method,
377 .options = 0,
378 .minver = TLS1_VERSION,
379 .maxver = TLS1_VERSION,
380 .peerver = TLS1_2_VERSION,
381 .want_maxver = TLS1_VERSION,
382 },
383 {
384 .ssl_method = TLSv1_method,
385 .options = 0,
386 .minver = TLS1_VERSION,
387 .maxver = TLS1_2_VERSION,
388 .peerver = TLS1_VERSION,
389 .want_maxver = TLS1_VERSION,
390 },
391 {
392 .ssl_method = TLSv1_method,
393 .options = 0,
394 .minver = TLS1_1_VERSION,
395 .maxver = TLS1_2_VERSION,
396 .peerver = TLS1_VERSION,
397 .want_maxver = 0,
398 },
399 {
400 .ssl_method = TLSv1_1_method,
401 .options = 0,
402 .minver = TLS1_VERSION,
403 .maxver = TLS1_2_VERSION,
404 .peerver = TLS1_1_VERSION,
405 .want_maxver = TLS1_1_VERSION,
406 },
407 {
408 .ssl_method = DTLSv1_method,
409 .options = 0,
410 .minver = TLS1_VERSION,
411 .maxver = TLS1_2_VERSION,
412 .peerver = DTLS1_VERSION,
413 .want_maxver = DTLS1_VERSION,
414 },
415 {
416 .ssl_method = DTLSv1_method,
417 .options = 0,
418 .minver = TLS1_VERSION,
419 .maxver = TLS1_2_VERSION,
420 .peerver = TLS1_2_VERSION,
421 .want_maxver = 0,
422 },
423};
424
425#define N_SHARED_VERSION_TESTS \
426 (sizeof(shared_version_tests) / sizeof(*shared_version_tests))
427
428static int
429test_ssl_max_shared_version(void)
430{
431 struct shared_version_test *svt;
432 SSL_CTX *ssl_ctx = NULL;
433 SSL *ssl = NULL;
434 uint16_t maxver;
435 int failed = 0;
436 size_t i;
437
438 failed = 0;
439
440 for (i = 0; i < N_SHARED_VERSION_TESTS; i++) {
441 svt = &shared_version_tests[i];
442
443 if ((ssl_ctx = SSL_CTX_new(svt->ssl_method())) == NULL) {
444 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
445 return 1;
446 }
447 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
448 fprintf(stderr, "SSL_new() returned NULL\n");
449 return 1;
450 }
451
452 SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
453 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
454 SSL_set_options(ssl, svt->options);
455
456 maxver = 0;
457 ssl->internal->min_version = svt->minver;
458 ssl->internal->max_version = svt->maxver;
459
460 if (ssl_max_shared_version(ssl, svt->peerver, &maxver) != 1) {
461 if (svt->want_maxver != 0) {
462 fprintf(stderr, "FAIL: test %zu - failed but "
463 "wanted non-zero shared version\n", i);
464 failed++;
465 }
466 continue;
467 }
468 if (maxver != svt->want_maxver) {
469 fprintf(stderr, "FAIL: test %zu - got shared "
470 "version %x, want %x\n", i, maxver,
471 svt->want_maxver);
472 failed++;
473 }
474
475 SSL_CTX_free(ssl_ctx);
476 SSL_free(ssl);
477 }
478
479 return (failed);
480}
481
482struct min_max_version_test {
483 const SSL_METHOD *(*ssl_method)(void);
484 const uint16_t minver;
485 const uint16_t maxver;
486 const uint16_t want_minver;
487 const uint16_t want_maxver;
488};
489
490static struct min_max_version_test min_max_version_tests[] = {
491 {
492 .ssl_method = TLS_method,
493 .minver = 0,
494 .maxver = 0,
495 .want_minver = TLS1_VERSION,
496 .want_maxver = TLS1_2_VERSION,
497 },
498 {
499 .ssl_method = TLS_method,
500 .minver = TLS1_VERSION,
501 .maxver = 0,
502 .want_minver = TLS1_VERSION,
503 .want_maxver = TLS1_2_VERSION,
504 },
505 {
506 .ssl_method = TLS_method,
507 .minver = 0,
508 .maxver = TLS1_2_VERSION,
509 .want_minver = TLS1_VERSION,
510 .want_maxver = TLS1_2_VERSION,
511 },
512 {
513 .ssl_method = TLS_method,
514 .minver = 0,
515 .maxver = TLS1_3_VERSION,
516 .want_minver = TLS1_VERSION,
517 .want_maxver = TLS1_2_VERSION,
518 },
519 {
520 .ssl_method = TLS_method,
521 .minver = TLS1_VERSION,
522 .maxver = TLS1_2_VERSION,
523 .want_minver = TLS1_VERSION,
524 .want_maxver = TLS1_2_VERSION,
525 },
526 {
527 .ssl_method = TLS_method,
528 .minver = TLS1_1_VERSION,
529 .maxver = 0,
530 .want_minver = TLS1_1_VERSION,
531 .want_maxver = TLS1_2_VERSION,
532 },
533 {
534 .ssl_method = TLS_method,
535 .minver = TLS1_2_VERSION,
536 .maxver = 0,
537 .want_minver = TLS1_2_VERSION,
538 .want_maxver = TLS1_2_VERSION,
539 },
540 {
541 .ssl_method = TLS_method,
542 .minver = 0x0300,
543 .maxver = 0,
544 .want_minver = TLS1_VERSION,
545 .want_maxver = TLS1_2_VERSION,
546 },
547 {
548 .ssl_method = TLS_method,
549 .minver = 0x0305,
550 .maxver = 0,
551 .want_minver = 0,
552 .want_maxver = 0,
553 },
554 {
555 .ssl_method = TLS_method,
556 .minver = 0,
557 .maxver = 0x0305,
558 .want_minver = TLS1_VERSION,
559 .want_maxver = TLS1_2_VERSION,
560 },
561 {
562 .ssl_method = TLS_method,
563 .minver = 0,
564 .maxver = TLS1_1_VERSION,
565 .want_minver = TLS1_VERSION,
566 .want_maxver = TLS1_1_VERSION,
567 },
568 {
569 .ssl_method = TLS_method,
570 .minver = 0,
571 .maxver = TLS1_VERSION,
572 .want_minver = TLS1_VERSION,
573 .want_maxver = TLS1_VERSION,
574 },
575 {
576 .ssl_method = TLS_method,
577 .minver = 0,
578 .maxver = 0x0300,
579 .want_minver = 0,
580 .want_maxver = 0,
581 },
582 {
583 .ssl_method = TLS_method,
584 .minver = TLS1_2_VERSION,
585 .maxver = TLS1_1_VERSION,
586 .want_minver = TLS1_2_VERSION,
587 .want_maxver = 0,
588 },
589 {
590 .ssl_method = TLSv1_1_method,
591 .minver = 0,
592 .maxver = 0,
593 .want_minver = TLS1_1_VERSION,
594 .want_maxver = TLS1_1_VERSION,
595 },
596 {
597 .ssl_method = TLSv1_1_method,
598 .minver = TLS1_VERSION,
599 .maxver = TLS1_2_VERSION,
600 .want_minver = TLS1_1_VERSION,
601 .want_maxver = TLS1_1_VERSION,
602 },
603 {
604 .ssl_method = TLSv1_1_method,
605 .minver = TLS1_2_VERSION,
606 .maxver = 0,
607 .want_minver = 0,
608 .want_maxver = 0,
609 },
610 {
611 .ssl_method = TLSv1_1_method,
612 .minver = 0,
613 .maxver = TLS1_VERSION,
614 .want_minver = 0,
615 .want_maxver = 0,
616 },
617 {
618 .ssl_method = DTLSv1_method,
619 .minver = 0,
620 .maxver = 0,
621 .want_minver = DTLS1_VERSION,
622 .want_maxver = DTLS1_VERSION,
623 },
624 {
625 .ssl_method = DTLSv1_method,
626 .minver = DTLS1_VERSION,
627 .maxver = 0,
628 .want_minver = DTLS1_VERSION,
629 .want_maxver = DTLS1_VERSION,
630 },
631 {
632 .ssl_method = DTLSv1_method,
633 .minver = 0,
634 .maxver = DTLS1_VERSION,
635 .want_minver = DTLS1_VERSION,
636 .want_maxver = DTLS1_VERSION,
637 },
638 {
639 .ssl_method = DTLSv1_method,
640 .minver = TLS1_VERSION,
641 .maxver = TLS1_2_VERSION,
642 .want_minver = 0,
643 .want_maxver = 0,
644 },
645};
646
647#define N_MIN_MAX_VERSION_TESTS \
648 (sizeof(min_max_version_tests) / sizeof(*min_max_version_tests))
649
650static int
651test_ssl_min_max_version(void)
652{
653 struct min_max_version_test *mmvt;
654 SSL_CTX *ssl_ctx = NULL;
655 SSL *ssl = NULL;
656 int failed = 0;
657 size_t i;
658
659 failed = 0;
660
661 for (i = 0; i < N_SHARED_VERSION_TESTS; i++) {
662 mmvt = &min_max_version_tests[i];
663
664 if ((ssl_ctx = SSL_CTX_new(mmvt->ssl_method())) == NULL) {
665 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
666 return 1;
667 }
668
669 if (SSL_CTX_set_min_proto_version(ssl_ctx, mmvt->minver) != 1) {
670 if (mmvt->want_minver != 0) {
671 fprintf(stderr, "FAIL: test %zu - failed to set "
672 "SSL_CTX min version\n", i);
673 failed++;
674 }
675 goto next;
676 }
677 if (SSL_CTX_set_max_proto_version(ssl_ctx, mmvt->maxver) != 1) {
678 if (mmvt->want_maxver != 0) {
679 fprintf(stderr, "FAIL: test %zu - failed to set "
680 "SSL_CTX min version\n", i);
681 failed++;
682 }
683 goto next;
684 }
685
686 if (mmvt->want_minver == 0) {
687 fprintf(stderr, "FAIL: test %zu - successfully set "
688 "SSL_CTX min version, should have failed\n", i);
689 goto next;
690 }
691 if (mmvt->want_maxver == 0) {
692 fprintf(stderr, "FAIL: test %zu - successfully set "
693 "SSL_CTX max version, should have failed\n", i);
694 goto next;
695 }
696
697 if (SSL_CTX_get_min_proto_version(ssl_ctx) != mmvt->want_minver) {
698 fprintf(stderr, "FAIL: test %zu - got SSL_CTX min "
699 "version 0x%x, want 0x%x\n", i,
700 SSL_CTX_get_min_proto_version(ssl_ctx), mmvt->want_minver);
701 goto next;
702 }
703 if (SSL_CTX_get_max_proto_version(ssl_ctx) != mmvt->want_maxver) {
704 fprintf(stderr, "FAIL: test %zu - got SSL_CTX max "
705 "version 0x%x, want 0x%x\n", i,
706 SSL_CTX_get_max_proto_version(ssl_ctx), mmvt->want_maxver);
707 goto next;
708 }
709
710 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
711 fprintf(stderr, "SSL_new() returned NULL\n");
712 return 1;
713 }
714
715 if (SSL_get_min_proto_version(ssl) != mmvt->want_minver) {
716 fprintf(stderr, "FAIL: test %zu - initial SSL min "
717 "version 0x%x, want 0x%x\n", i,
718 SSL_get_min_proto_version(ssl), mmvt->want_minver);
719 goto next;
720 }
721 if (SSL_get_max_proto_version(ssl) != mmvt->want_maxver) {
722 fprintf(stderr, "FAIL: test %zu - initial SSL max "
723 "version 0x%x, want 0x%x\n", i,
724 SSL_get_max_proto_version(ssl), mmvt->want_maxver);
725 goto next;
726 }
727
728 if (SSL_set_min_proto_version(ssl, mmvt->minver) != 1) {
729 if (mmvt->want_minver != 0) {
730 fprintf(stderr, "FAIL: test %zu - failed to set "
731 "SSL min version\n", i);
732 failed++;
733 }
734 goto next;
735 }
736 if (SSL_set_max_proto_version(ssl, mmvt->maxver) != 1) {
737 if (mmvt->want_maxver != 0) {
738 fprintf(stderr, "FAIL: test %zu - failed to set "
739 "SSL min version\n", i);
740 failed++;
741 }
742 goto next;
743 }
744
745 if (mmvt->want_minver == 0) {
746 fprintf(stderr, "FAIL: test %zu - successfully set SSL "
747 "min version, should have failed\n", i);
748 goto next;
749 }
750 if (mmvt->want_maxver == 0) {
751 fprintf(stderr, "FAIL: test %zu - successfully set SSL "
752 "max version, should have failed\n", i);
753 goto next;
754 }
755
756 if (SSL_get_min_proto_version(ssl) != mmvt->want_minver) {
757 fprintf(stderr, "FAIL: test %zu - got SSL min "
758 "version 0x%x, want 0x%x\n", i,
759 SSL_get_min_proto_version(ssl), mmvt->want_minver);
760 goto next;
761 }
762 if (SSL_get_max_proto_version(ssl) != mmvt->want_maxver) {
763 fprintf(stderr, "FAIL: test %zu - got SSL max "
764 "version 0x%x, want 0x%x\n", i,
765 SSL_get_max_proto_version(ssl), mmvt->want_maxver);
766 goto next;
767 }
768
769 next:
770 SSL_CTX_free(ssl_ctx);
771 SSL_free(ssl);
772
773 ssl_ctx = NULL;
774 ssl = NULL;
775 }
776
777 return (failed);
778}
779
780int
781main(int argc, char **argv)
782{
783 int failed = 0;
784
785 SSL_library_init();
786
787 /* XXX - Test ssl_supported_version_range() */
788
789 failed |= test_ssl_enabled_version_range();
790 failed |= test_ssl_max_shared_version();
791 failed |= test_ssl_min_max_version();
792
793 if (failed == 0)
794 printf("PASS %s\n", __FILE__);
795
796 return (failed);
797}
diff --git a/src/regress/lib/libssl/unit/tests.h b/src/regress/lib/libssl/unit/tests.h
deleted file mode 100644
index 287816946a..0000000000
--- a/src/regress/lib/libssl/unit/tests.h
+++ /dev/null
@@ -1,44 +0,0 @@
1/* $OpenBSD: tests.h,v 1.1 2015/06/27 23:35:52 doug Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef LIBRESSL_REGRESS_TESTS_H__
19#define LIBRESSL_REGRESS_TESTS_H__ 1
20
21/* Ugly macros that are useful for regression tests. */
22
23#define SKIP(a) do { \
24 printf("Skipping test in %s [%s:%d]\n", __func__, __FILE__, \
25 __LINE__); \
26} while (0)
27
28#define CHECK(a) do { \
29 if (!(a)) { \
30 printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
31 __LINE__); \
32 return 0; \
33 } \
34} while (0)
35
36#define CHECK_GOTO(a) do { \
37 if (!(a)) { \
38 printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
39 __LINE__); \
40 goto err; \
41 } \
42} while (0)
43
44#endif /* LIBRESSL_REGRESS_TESTS_H__ */
diff --git a/src/regress/lib/libssl/unit/tls_ext_alpn.c b/src/regress/lib/libssl/unit/tls_ext_alpn.c
deleted file mode 100644
index 7dec1bfc51..0000000000
--- a/src/regress/lib/libssl/unit/tls_ext_alpn.c
+++ /dev/null
@@ -1,442 +0,0 @@
1/* $OpenBSD: tls_ext_alpn.c,v 1.5 2018/02/08 11:31:00 jsing Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/*
19 * Test TLS extension Application-Layer Protocol Negotiation (RFC 7301).
20 */
21#include <stdio.h>
22#include <openssl/ssl.h>
23
24#include "ssl_locl.h"
25#include "ssl_tlsext.h"
26
27#include "tests.h"
28
29/*
30 * In the ProtocolNameList, ProtocolNames must not include empty strings and
31 * byte strings must not be truncated.
32 *
33 * This uses some of the IANA approved protocol names from:
34 * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
35 */
36
37/* Valid for client and server since it only has one name. */
38static uint8_t proto_single[] = {
39 /* Extension extensions<0..2^16-1> -- All TLS extensions */
40 0x00, 0x0f, /* len */
41 /* ExtensionType extension_type */
42 0x00, 0x10, /* ALPN */
43 /* opaque extension_data<0..2^16-1> */
44 0x00, 0x0b, /* len */
45 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
46 0x00, 0x09, /* len of all names */
47 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
48 0x08, /* len */
49 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31
50};
51
52/* Valid for client, but NOT server. Server must have exactly one name. */
53static uint8_t proto_multiple1[] = {
54 /* Extension extensions<0..2^16-1> -- All TLS extensions */
55 0x00, 0x19, /* len */
56 /* ExtensionType extension_type */
57 0x00, 0x10, /* ALPN */
58 /* opaque extension_data<0..2^16-1> */
59 0x00, 0x15, /* len */
60 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
61 0x00, 0x13, /* len of all names */
62 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
63 0x08, /* len */
64 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
65 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
66 0x09, /* len */
67 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
68};
69
70/* Valid for client, but NOT server. Server must have exactly one name. */
71static uint8_t proto_multiple2[] = {
72 /* Extension extensions<0..2^16-1> -- All TLS extensions */
73 0x00, 0x1c, /* len */
74 /* ExtensionType extension_type */
75 0x00, 0x10, /* ALPN */
76 /* opaque extension_data<0..2^16-1> */
77 0x00, 0x18, /* len */
78 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
79 0x00, 0x16, /* len of all names */
80 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
81 0x08, /* len */
82 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
83 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
84 0x02, /* len */
85 0x68, 0x32,
86 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
87 0x09, /* len */
88 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
89};
90
91/* Valid for client, but NOT server. Server must have exactly one name. */
92static uint8_t proto_multiple3[] = {
93 /* Extension extensions<0..2^16-1> -- All TLS extensions */
94 0x00, 0x20, /* len */
95 /* ExtensionType extension_type */
96 0x00, 0x10, /* ALPN */
97 /* opaque extension_data<0..2^16-1> */
98 0x00, 0x1c, /* len */
99 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
100 0x00, 0x1a, /* len of all names */
101 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
102 0x08, /* len */
103 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
104 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
105 0x02, /* len */
106 0x68, 0x32,
107 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
108 0x09, /* len */
109 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e,
110 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
111 0x03, /* len */
112 0x68, 0x32, 0x63
113};
114
115static uint8_t proto_empty[] = {
116 /* Extension extensions<0..2^16-1> -- All TLS extensions. */
117 0x00, 0x00, /* none present. */
118};
119
120/* Invalid for both client and server. Length is wrong. */
121static uint8_t proto_invalid_len1[] = {
122 /* Extension extensions<0..2^16-1> -- All TLS extensions */
123 0x00, 0x0a, /* len */
124 /* ExtensionType extension_type */
125 0x00, 0x10, /* ALPN */
126 /* opaque extension_data<0..2^16-1> */
127 0x00, 0x06, /* len */
128 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
129 0x00, 0x04, /* len of all names */
130 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
131 0x04, /* XXX len too large */
132 0x68, 0x32, 0x63
133};
134static uint8_t proto_invalid_len2[] = {
135 /* Extension extensions<0..2^16-1> -- All TLS extensions */
136 0x00, 0x0a, /* len */
137 /* ExtensionType extension_type */
138 0x00, 0x10, /* ALPN */
139 /* opaque extension_data<0..2^16-1> */
140 0x00, 0x06, /* len */
141 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
142 0x00, 0x04, /* len of all names */
143 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
144 0x02, /* XXX len too small */
145 0x68, 0x32, 0x63
146};
147static uint8_t proto_invalid_len3[] = {
148 /* Extension extensions<0..2^16-1> -- All TLS extensions */
149 0x00, 0x0a, /* len */
150 /* ExtensionType extension_type */
151 0x00, 0x10, /* ALPN */
152 /* opaque extension_data<0..2^16-1> */
153 0x00, 0x06, /* len */
154 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
155 0x00, 0x03, /* XXX len too small */
156 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
157 0x03, /* len */
158 0x68, 0x32, 0x63
159};
160static uint8_t proto_invalid_len4[] = {
161 /* Extension extensions<0..2^16-1> -- All TLS extensions */
162 0x00, 0x0a, /* len */
163 /* ExtensionType extension_type */
164 0x00, 0x10, /* ALPN */
165 /* opaque extension_data<0..2^16-1> */
166 0x00, 0x06, /* len */
167 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
168 0x00, 0x06, /* XXX len too large */
169 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
170 0x03, /* len */
171 0x68, 0x32, 0x63
172};
173static uint8_t proto_invalid_len5[] = {
174 /* Extension extensions<0..2^16-1> -- All TLS extensions */
175 0x00, 0x0a, /* len */
176 /* ExtensionType extension_type */
177 0x00, 0x10, /* ALPN */
178 /* opaque extension_data<0..2^16-1> */
179 0x01, 0x08, /* XXX len too large */
180 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
181 0x00, 0x04, /* len */
182 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
183 0x03, /* len */
184 0x68, 0x32, 0x63
185};
186static uint8_t proto_invalid_len6[] = {
187 /* Extension extensions<0..2^16-1> -- All TLS extensions */
188 0x00, 0x0a, /* len */
189 /* ExtensionType extension_type */
190 0x00, 0x10, /* ALPN */
191 /* opaque extension_data<0..2^16-1> */
192 0x00, 0x05, /* XXX len too small */
193 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
194 0x00, 0x04, /* len */
195 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
196 0x03, /* len */
197 0x68, 0x32, 0x63
198};
199static uint8_t proto_invalid_len7[] = {
200 /* Extension extensions<0..2^16-1> -- All TLS extensions */
201 0x00, 0x06, /* XXX len too small */
202 /* ExtensionType extension_type */
203 0x00, 0x10, /* ALPN */
204 /* opaque extension_data<0..2^16-1> */
205 0x00, 0x06, /* len */
206 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
207 0x00, 0x04, /* len */
208 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
209 0x03, /* len */
210 0x68, 0x32, 0x63
211};
212static uint8_t proto_invalid_len8[] = {
213 /* Extension extensions<0..2^16-1> -- All TLS extensions */
214 0x00, 0x0b, /* XXX len too large */
215 /* ExtensionType extension_type */
216 0x00, 0x10, /* ALPN */
217 /* opaque extension_data<0..2^16-1> */
218 0x00, 0x06, /* len */
219 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
220 0x00, 0x04, /* len */
221 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
222 0x03, /* len */
223 0x68, 0x32, 0x63
224};
225
226/* Invalid for client and server since it is missing data. */
227static uint8_t proto_invalid_missing1[] = {
228 /* Extension extensions<0..2^16-1> -- All TLS extensions */
229 0x00, 0x0a, /* len */
230 /* ExtensionType extension_type */
231 0x00, 0x10, /* ALPN */
232 /* opaque extension_data<0..2^16-1> */
233 0x00, 0x06, /* len */
234 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
235 0x00, 0x04, /* len of all names */
236 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
237 /* XXX missing */
238};
239static uint8_t proto_invalid_missing2[] = {
240 /* Extension extensions<0..2^16-1> -- All TLS extensions */
241 0x00, 0x0a, /* len */
242 /* ExtensionType extension_type */
243 0x00, 0x10, /* ALPN */
244 /* opaque extension_data<0..2^16-1> */
245 0x00, 0x00, /* XXX missing name list */
246 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
247};
248static uint8_t proto_invalid_missing3[] = {
249 /* Extension extensions<0..2^16-1> -- All TLS extensions */
250 0x00, 0x0a, /* len */
251 /* ExtensionType extension_type */
252 0x00, 0x10, /* ALPN */
253 /* opaque extension_data<0..2^16-1> */
254 0x00, 0x02, /* XXX size is sufficient but missing data for name list */
255 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
256};
257static uint8_t proto_invalid_missing4[] = {
258 /* Extension extensions<0..2^16-1> -- All TLS extensions */
259 0x00, 0x0a, /* len */
260 /* ExtensionType extension_type */
261 0x00, 0x10, /* ALPN */
262 /* opaque extension_data<0..2^16-1> */
263 /* XXX missing */
264};
265static uint8_t proto_invalid_missing5[] = {
266 /* Extension extensions<0..2^16-1> -- All TLS extensions */
267 0x00, 0x1c, /* len */
268 /* ExtensionType extension_type */
269 0x00, 0x10, /* ALPN */
270 /* opaque extension_data<0..2^16-1> */
271 0x00, 0x18, /* len */
272 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
273 0x00, 0x16, /* len of all names */
274 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
275 0x08, /* len */
276 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
277 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
278 0x02, /* len */
279 0x68, 0x32,
280 /* XXX missing name */
281};
282static uint8_t proto_invalid_missing6[] = {
283 /* Extension extensions<0..2^16-1> -- All TLS extensions */
284 0x00, 0x07, /* len */
285 /* ExtensionType extension_type */
286 0x00, 0x10, /* ALPN */
287 /* opaque extension_data<0..2^16-1> */
288 0x00, 0x03, /* len */
289 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
290 0x00, 0x01, /* XXX len must be at least 2 */
291 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
292 0x00, /* XXX len cannot be 0 */
293};
294static uint8_t proto_invalid_missing7[] = {
295 /* Extension extensions<0..2^16-1> -- All TLS extensions */
296 0x00, 0x07, /* len */
297 /* ExtensionType extension_type */
298 0x00, 0x10, /* ALPN */
299 /* opaque extension_data<0..2^16-1> */
300 0x00, 0x03, /* len */
301 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
302 0x00, 0x02, /* XXX len is at least 2 but not correct. */
303 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
304 0x00, /* XXX len cannot be 0 */
305};
306static uint8_t proto_invalid_missing8[] = {
307 /* Extension extensions<0..2^16-1> -- All TLS extensions */
308 0x00, 0x01, /* len */
309 /* ExtensionType extension_type */
310 0x00, /* XXX need a 2 byte type */
311};
312static uint8_t proto_invalid_missing9[] = {
313 /* Extension extensions<0..2^16-1> -- All TLS extensions */
314 0x0a, /* XXX need a 2 byte len */
315};
316
317
318#define CHECK_BOTH(c_val, s_val, proto) do { \
319 { \
320 CBS cbs; \
321 int al; \
322 \
323 CBS_init(&cbs, proto, sizeof(proto)); \
324 CHECK(c_val == tlsext_clienthello_parse(s, &cbs, &al)); \
325 CBS_init(&cbs, proto, sizeof(proto)); \
326 CHECK(s_val == tlsext_serverhello_parse(s, &cbs, &al)); \
327 } \
328} while (0)
329
330static int dummy_alpn_cb(SSL *ssl, const unsigned char **out,
331 unsigned char *outlen, const unsigned char *in, unsigned int inlen,
332 void *arg);
333
334static int
335check_valid_alpn(SSL *s)
336{
337 const uint8_t str[] = {
338 0x08, /* len */
339 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* http/1.1 */
340 };
341
342 /* Setup in order to test ALPN. */
343 CHECK(! SSL_set_alpn_protos(s, str, 9));
344 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL);
345
346 /* Prerequisites to test these. */
347 CHECK(s->internal->alpn_client_proto_list != NULL);
348 CHECK(s->ctx->internal->alpn_select_cb != NULL);
349 //CHECK(s->s3->tmp.finish_md_len == 0);
350
351 CHECK_BOTH(1, 1, proto_single);
352 CHECK_BOTH(1, 1, proto_empty);
353
354 /* Multiple protocol names are only valid for client */
355 CHECK_BOTH(1, 0, proto_multiple1);
356 CHECK_BOTH(1, 0, proto_multiple2);
357 CHECK_BOTH(1, 0, proto_multiple3);
358
359 return 1;
360}
361
362/*
363 * Some of the IANA approved IDs from:
364 * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
365 */
366static int
367check_invalid_alpn(SSL *s)
368{
369 const uint8_t str[] = {
370 0x08, /* len */
371 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* http/1.1 */
372 };
373
374 /* Setup in order to test ALPN. */
375 CHECK(! SSL_set_alpn_protos(s, str, 9));
376 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL);
377
378 /* Prerequisites to test these. */
379 CHECK(s->internal->alpn_client_proto_list != NULL);
380 CHECK(s->ctx->internal->alpn_select_cb != NULL);
381 //CHECK(s->s3->tmp.finish_md_len == 0);
382
383 /* None of these are valid for client or server */
384 CHECK_BOTH(0, 0, proto_invalid_len1);
385 CHECK_BOTH(0, 0, proto_invalid_len2);
386 CHECK_BOTH(0, 0, proto_invalid_len3);
387 CHECK_BOTH(0, 0, proto_invalid_len4);
388 CHECK_BOTH(0, 0, proto_invalid_len5);
389 CHECK_BOTH(0, 0, proto_invalid_len6);
390 CHECK_BOTH(0, 0, proto_invalid_len7);
391 CHECK_BOTH(0, 0, proto_invalid_len8);
392 CHECK_BOTH(0, 0, proto_invalid_missing1);
393 CHECK_BOTH(0, 0, proto_invalid_missing2);
394 CHECK_BOTH(0, 0, proto_invalid_missing3);
395 CHECK_BOTH(0, 0, proto_invalid_missing4);
396 CHECK_BOTH(0, 0, proto_invalid_missing5);
397 CHECK_BOTH(0, 0, proto_invalid_missing6);
398 CHECK_BOTH(0, 0, proto_invalid_missing7);
399 CHECK_BOTH(0, 0, proto_invalid_missing8);
400 CHECK_BOTH(0, 0, proto_invalid_missing9);
401
402 return 1;
403}
404
405int
406dummy_alpn_cb(SSL *ssl __attribute__((unused)), const unsigned char **out,
407 unsigned char *outlen, const unsigned char *in, unsigned int inlen,
408 void *arg __attribute__((unused)))
409{
410 *out = in;
411 *outlen = (unsigned char)inlen;
412
413 return 0;
414}
415
416int
417main(void)
418{
419 SSL_CTX *ctx = NULL;
420 SSL *s = NULL;
421 int rv = 1;
422
423 SSL_library_init();
424
425 CHECK_GOTO((ctx = SSL_CTX_new(TLSv1_2_client_method())) != NULL);
426 CHECK_GOTO((s = SSL_new(ctx)) != NULL);
427
428 if (!check_valid_alpn(s))
429 goto err;
430 if (!check_invalid_alpn(s))
431 goto err;
432
433 rv = 0;
434
435err:
436 SSL_CTX_free(ctx);
437 SSL_free(s);
438
439 if (!rv)
440 printf("PASS %s\n", __FILE__);
441 return rv;
442}
diff --git a/src/regress/lib/libssl/unit/tls_prf.c b/src/regress/lib/libssl/unit/tls_prf.c
deleted file mode 100644
index 2eacb12af3..0000000000
--- a/src/regress/lib/libssl/unit/tls_prf.c
+++ /dev/null
@@ -1,251 +0,0 @@
1/* $OpenBSD: tls_prf.c,v 1.4 2017/05/06 22:24:58 beck Exp $ */
2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include "ssl_locl.h"
21
22int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len,
23 const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len,
24 const void *seed3, size_t seed3_len, const void *seed4, size_t seed4_len,
25 const void *seed5, size_t seed5_len, unsigned char *out, size_t out_len);
26
27#define TLS_PRF_OUT_LEN 128
28
29struct tls_prf_test {
30 const unsigned char *desc;
31 const SSL_METHOD *(*ssl_method)(void);
32 const uint16_t cipher_value;
33 const unsigned char out[TLS_PRF_OUT_LEN];
34};
35
36static struct tls_prf_test tls_prf_tests[] = {
37 {
38 .desc = "MD5+SHA1",
39 .ssl_method = TLSv1_method,
40 .cipher_value = 0x0033,
41 .out = {
42 0x03, 0xa1, 0xc1, 0x7d, 0x2c, 0xa5, 0x3d, 0xe8,
43 0x9d, 0x59, 0x5e, 0x30, 0xf5, 0x71, 0xbb, 0x96,
44 0xde, 0x5c, 0x8e, 0xdc, 0x25, 0x8a, 0x7c, 0x05,
45 0x9f, 0x7d, 0x35, 0x29, 0x45, 0xae, 0x56, 0xad,
46 0x9f, 0x57, 0x15, 0x5c, 0xdb, 0x83, 0x3a, 0xac,
47 0x19, 0xa8, 0x2b, 0x40, 0x72, 0x38, 0x1e, 0xed,
48 0xf3, 0x25, 0xde, 0x84, 0x84, 0xd8, 0xd1, 0xfc,
49 0x31, 0x85, 0x81, 0x12, 0x55, 0x4d, 0x12, 0xb5,
50 0xed, 0x78, 0x5e, 0xba, 0xc8, 0xec, 0x8d, 0x28,
51 0xa1, 0x21, 0x1e, 0x6e, 0x07, 0xf1, 0xfc, 0xf5,
52 0xbf, 0xe4, 0x8e, 0x8e, 0x97, 0x15, 0x93, 0x85,
53 0x75, 0xdd, 0x87, 0x09, 0xd0, 0x4e, 0xe5, 0xd5,
54 0x9e, 0x1f, 0xd6, 0x1c, 0x3b, 0xe9, 0xad, 0xba,
55 0xe0, 0x16, 0x56, 0x62, 0x90, 0xd6, 0x82, 0x84,
56 0xec, 0x8a, 0x22, 0xbe, 0xdc, 0x6a, 0x5e, 0x05,
57 0x12, 0x44, 0xec, 0x60, 0x61, 0xd1, 0x8a, 0x66,
58 },
59 },
60 {
61 .desc = "GOST94",
62 .ssl_method = TLSv1_2_method,
63 .cipher_value = 0x0081,
64 .out = {
65 0xcc, 0xd4, 0x89, 0x5f, 0x52, 0x08, 0x9b, 0xc7,
66 0xf9, 0xb5, 0x83, 0x58, 0xe8, 0xc7, 0x71, 0x49,
67 0x39, 0x99, 0x1f, 0x14, 0x8f, 0x85, 0xbe, 0x64,
68 0xee, 0x40, 0x5c, 0xe7, 0x5f, 0x68, 0xaf, 0xf2,
69 0xcd, 0x3a, 0x94, 0x52, 0x33, 0x53, 0x46, 0x7d,
70 0xb6, 0xc5, 0xe1, 0xb8, 0xa4, 0x04, 0x69, 0x91,
71 0x0a, 0x9c, 0x88, 0x86, 0xd9, 0x60, 0x63, 0xdd,
72 0xd8, 0xe7, 0x2e, 0xee, 0xce, 0xe2, 0x20, 0xd8,
73 0x9a, 0xfa, 0x9c, 0x63, 0x0c, 0x9c, 0xa1, 0x76,
74 0xed, 0x78, 0x9a, 0x84, 0x70, 0xb4, 0xd1, 0x51,
75 0x1f, 0xde, 0x44, 0xe8, 0x90, 0x21, 0x3f, 0xeb,
76 0x05, 0xf4, 0x77, 0x59, 0xf3, 0xad, 0xdd, 0x34,
77 0x3d, 0x3a, 0x7c, 0xd0, 0x59, 0x40, 0xe1, 0x3f,
78 0x04, 0x4b, 0x8b, 0xd6, 0x95, 0x46, 0xb4, 0x9e,
79 0x4c, 0x2d, 0xf7, 0xee, 0xbd, 0xbc, 0xcb, 0x5c,
80 0x3a, 0x36, 0x0c, 0xd0, 0x27, 0xcb, 0x45, 0x06,
81 },
82 },
83 {
84 .desc = "SHA256 (via TLSv1.2)",
85 .ssl_method = TLSv1_2_method,
86 .cipher_value = 0x0033,
87 .out = {
88 0x37, 0xa7, 0x06, 0x71, 0x6e, 0x19, 0x19, 0xda,
89 0x23, 0x8c, 0xcc, 0xb4, 0x2f, 0x31, 0x64, 0x9d,
90 0x05, 0x29, 0x1c, 0x33, 0x7e, 0x09, 0x1b, 0x0c,
91 0x0e, 0x23, 0xc1, 0xb0, 0x40, 0xcc, 0x31, 0xf7,
92 0x55, 0x66, 0x68, 0xd9, 0xa8, 0xae, 0x74, 0x75,
93 0xf3, 0x46, 0xe9, 0x3a, 0x54, 0x9d, 0xe0, 0x8b,
94 0x7e, 0x6c, 0x63, 0x1c, 0xfa, 0x2f, 0xfd, 0xc9,
95 0xd3, 0xf1, 0xd3, 0xfe, 0x7b, 0x9e, 0x14, 0x95,
96 0xb5, 0xd0, 0xad, 0x9b, 0xee, 0x78, 0x8c, 0x83,
97 0x18, 0x58, 0x7e, 0xa2, 0x23, 0xc1, 0x8b, 0x62,
98 0x94, 0x12, 0xcb, 0xb6, 0x60, 0x69, 0x32, 0xfe,
99 0x98, 0x0e, 0x93, 0xb0, 0x8e, 0x5c, 0xfb, 0x6e,
100 0xdb, 0x9a, 0xc2, 0x9f, 0x8c, 0x5c, 0x43, 0x19,
101 0xeb, 0x4a, 0x52, 0xad, 0x62, 0x2b, 0xdd, 0x9f,
102 0xa3, 0x74, 0xa6, 0x96, 0x61, 0x4d, 0x98, 0x40,
103 0x63, 0xa6, 0xd4, 0xbb, 0x17, 0x11, 0x75, 0xed,
104 },
105 },
106 {
107 .desc = "SHA384",
108 .ssl_method = TLSv1_2_method,
109 .cipher_value = 0x009d,
110 .out = {
111 0x00, 0x93, 0xc3, 0xfd, 0xa7, 0xbb, 0xdc, 0x5b,
112 0x13, 0x3a, 0xe6, 0x8b, 0x1b, 0xac, 0xf3, 0xfb,
113 0x3c, 0x9a, 0x78, 0xf6, 0x19, 0xf0, 0x13, 0x0f,
114 0x0d, 0x01, 0x9d, 0xdf, 0x0a, 0x28, 0x38, 0xce,
115 0x1a, 0x9b, 0x43, 0xbe, 0x56, 0x12, 0xa7, 0x16,
116 0x58, 0xe1, 0x8a, 0xe4, 0xc5, 0xbb, 0x10, 0x4c,
117 0x3a, 0xf3, 0x7f, 0xd3, 0xdb, 0xe4, 0xe0, 0x3d,
118 0xcc, 0x83, 0xca, 0xf0, 0xf9, 0x69, 0xcc, 0x70,
119 0x83, 0x32, 0xf6, 0xfc, 0x81, 0x80, 0x02, 0xe8,
120 0x31, 0x1e, 0x7c, 0x3b, 0x34, 0xf7, 0x34, 0xd1,
121 0xcf, 0x2a, 0xc4, 0x36, 0x2f, 0xe9, 0xaa, 0x7f,
122 0x6d, 0x1f, 0x5e, 0x0e, 0x39, 0x05, 0x15, 0xe1,
123 0xa2, 0x9a, 0x4d, 0x97, 0x8c, 0x62, 0x46, 0xf1,
124 0x87, 0x65, 0xd8, 0xe9, 0x14, 0x11, 0xa6, 0x48,
125 0xd7, 0x0e, 0x6e, 0x70, 0xad, 0xfb, 0x3f, 0x36,
126 0x05, 0x76, 0x4b, 0xe4, 0x28, 0x50, 0x4a, 0xf2,
127 },
128 },
129 {
130 .desc = "STREEBOG256",
131 .ssl_method = TLSv1_2_method,
132 .cipher_value = 0xff87,
133 .out = {
134 0x3e, 0x13, 0xb9, 0xeb, 0x85, 0x8c, 0xb4, 0x21,
135 0x23, 0x40, 0x9b, 0x73, 0x04, 0x56, 0xe2, 0xff,
136 0xce, 0x52, 0x1f, 0x82, 0x7f, 0x17, 0x5b, 0x80,
137 0x23, 0x71, 0xca, 0x30, 0xdf, 0xfc, 0xdc, 0x2d,
138 0xc0, 0xfc, 0x5d, 0x23, 0x5a, 0x54, 0x7f, 0xae,
139 0xf5, 0x7d, 0x52, 0x1e, 0x86, 0x95, 0xe1, 0x2d,
140 0x28, 0xe7, 0xbe, 0xd7, 0xd0, 0xbf, 0xa9, 0x96,
141 0x13, 0xd0, 0x9c, 0x0c, 0x1c, 0x16, 0x05, 0xbb,
142 0x26, 0xd7, 0x30, 0x39, 0xb9, 0x53, 0x28, 0x98,
143 0x4f, 0x1b, 0x83, 0xc3, 0xce, 0x1c, 0x7c, 0x34,
144 0xa2, 0xc4, 0x7a, 0x54, 0x16, 0xc6, 0xa7, 0x9e,
145 0xed, 0x4b, 0x7b, 0x83, 0xa6, 0xae, 0xe2, 0x5b,
146 0x96, 0xf5, 0x6c, 0xad, 0x1f, 0xa3, 0x83, 0xb2,
147 0x84, 0x32, 0xed, 0xe3, 0x2c, 0xf6, 0xd4, 0x73,
148 0x30, 0xef, 0x9d, 0xbe, 0xe7, 0x23, 0x9a, 0xbf,
149 0x4d, 0x1c, 0xe7, 0xef, 0x3d, 0xea, 0x46, 0xe2,
150 },
151 },
152};
153
154#define N_TLS_PRF_TESTS \
155 (sizeof(tls_prf_tests) / sizeof(*tls_prf_tests))
156
157#define TLS_PRF_SEED1 "tls prf seed 1"
158#define TLS_PRF_SEED2 "tls prf seed 2"
159#define TLS_PRF_SEED3 "tls prf seed 3"
160#define TLS_PRF_SEED4 "tls prf seed 4"
161#define TLS_PRF_SEED5 "tls prf seed 5"
162#define TLS_PRF_SECRET "tls prf secretz"
163
164static void
165hexdump(const unsigned char *buf, size_t len)
166{
167 size_t i;
168
169 for (i = 1; i <= len; i++)
170 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
171
172 fprintf(stderr, "\n");
173}
174
175static int
176do_tls_prf_test(int test_no, struct tls_prf_test *tpt)
177{
178 unsigned char *out = NULL;
179 const SSL_CIPHER *cipher;
180 SSL_CTX *ssl_ctx = NULL;
181 SSL *ssl = NULL;
182 int failure = 1;
183 int len;
184
185 fprintf(stderr, "Test %i - %s\n", test_no, tpt->desc);
186
187 if ((out = malloc(TLS_PRF_OUT_LEN)) == NULL)
188 errx(1, "failed to allocate out");
189
190 if ((ssl_ctx = SSL_CTX_new(tpt->ssl_method())) == NULL)
191 errx(1, "failed to create SSL context");
192 if ((ssl = SSL_new(ssl_ctx)) == NULL)
193 errx(1, "failed to create SSL context");
194
195 if ((cipher = ssl3_get_cipher_by_value(tpt->cipher_value)) == NULL) {
196 fprintf(stderr, "FAIL: no cipher %hx\n", tpt->cipher_value);
197 goto failure;
198 }
199
200 S3I(ssl)->hs.new_cipher = cipher;
201
202 for (len = 1; len <= TLS_PRF_OUT_LEN; len++) {
203 memset(out, 'A', TLS_PRF_OUT_LEN);
204
205 if (tls1_PRF(ssl, TLS_PRF_SECRET, sizeof(TLS_PRF_SECRET),
206 TLS_PRF_SEED1, sizeof(TLS_PRF_SEED1), TLS_PRF_SEED2,
207 sizeof(TLS_PRF_SEED2), TLS_PRF_SEED3, sizeof(TLS_PRF_SEED3),
208 TLS_PRF_SEED4, sizeof(TLS_PRF_SEED4), TLS_PRF_SEED5,
209 sizeof(TLS_PRF_SEED5), out, len) != 1) {
210 fprintf(stderr, "FAIL: tls_PRF failed for len %i\n",
211 len);
212 goto failure;
213 }
214
215 if (memcmp(out, tpt->out, len) != 0) {
216 fprintf(stderr, "FAIL: tls_PRF output differs for "
217 "len %i\n", len);
218 fprintf(stderr, "output:\n");
219 hexdump(out, TLS_PRF_OUT_LEN);
220 fprintf(stderr, "test data:\n");
221 hexdump(tpt->out, TLS_PRF_OUT_LEN);
222 fprintf(stderr, "\n");
223 goto failure;
224 }
225 }
226
227 failure = 0;
228
229 failure:
230 SSL_free(ssl);
231 SSL_CTX_free(ssl_ctx);
232
233 free(out);
234
235 return failure;
236}
237
238int
239main(int argc, char **argv)
240{
241 int failed = 0;
242 size_t i;
243
244 SSL_library_init();
245 SSL_load_error_strings();
246
247 for (i = 0; i < N_TLS_PRF_TESTS; i++)
248 failed |= do_tls_prf_test(i, &tls_prf_tests[i]);
249
250 return failed;
251}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-26 18:19:08 +0000