summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2023-07-15 19:29:46 +0000
committercvs2svn <admin@example.com>2023-07-15 19:29:46 +0000
commit72cc860132e5b7971e495ba621dcd0713b5dd801 (patch)
treeeb2977d6a31db45cc5481c643fa2a77238fa93bb /src/regress/lib/libssl
parent0d87a20f1d7f7c6ae9a6cbb5bc3c2235ee3fe18a (diff)
downloadopenbsd-tb_20230715.tar.gz
openbsd-tb_20230715.tar.bz2
openbsd-tb_20230715.zip
This commit was manufactured by cvs2git to create tag 'tb_20230715'.tb_20230715
Diffstat (limited to 'src/regress/lib/libssl')
-rw-r--r--src/regress/lib/libssl/Makefile33
-rw-r--r--src/regress/lib/libssl/Makefile.inc4
-rw-r--r--src/regress/lib/libssl/api/Makefile10
-rw-r--r--src/regress/lib/libssl/api/apitest.c374
-rw-r--r--src/regress/lib/libssl/asn1/Makefile11
-rw-r--r--src/regress/lib/libssl/asn1/asn1test.c478
-rw-r--r--src/regress/lib/libssl/buffer/Makefile10
-rw-r--r--src/regress/lib/libssl/buffer/buffertest.c364
-rw-r--r--src/regress/lib/libssl/bytestring/Makefile10
-rw-r--r--src/regress/lib/libssl/bytestring/bytestringtest.c968
-rw-r--r--src/regress/lib/libssl/certs/ca-int-ecdsa.crl8
-rw-r--r--src/regress/lib/libssl/certs/ca-int-ecdsa.pem13
-rw-r--r--src/regress/lib/libssl/certs/ca-int-rsa.crl11
-rw-r--r--src/regress/lib/libssl/certs/ca-int-rsa.pem22
-rw-r--r--src/regress/lib/libssl/certs/ca-root-ecdsa.pem13
-rw-r--r--src/regress/lib/libssl/certs/ca-root-rsa.pem22
-rw-r--r--src/regress/lib/libssl/certs/ca.pem45
-rw-r--r--src/regress/lib/libssl/certs/client.pem51
-rw-r--r--src/regress/lib/libssl/certs/client1-ecdsa-chain.pem27
-rw-r--r--src/regress/lib/libssl/certs/client1-ecdsa.pem19
-rw-r--r--src/regress/lib/libssl/certs/client1-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/client1-rsa.pem50
-rw-r--r--src/regress/lib/libssl/certs/client2-ecdsa-chain.pem26
-rw-r--r--src/regress/lib/libssl/certs/client2-ecdsa.pem18
-rw-r--r--src/regress/lib/libssl/certs/client2-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/client2-rsa.pem50
-rw-r--r--src/regress/lib/libssl/certs/client3-ecdsa-chain.pem26
-rw-r--r--src/regress/lib/libssl/certs/client3-ecdsa.pem18
-rw-r--r--src/regress/lib/libssl/certs/client3-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/client3-rsa.pem50
-rwxr-xr-xsrc/regress/lib/libssl/certs/make-certs.sh263
-rw-r--r--src/regress/lib/libssl/certs/server.pem51
-rw-r--r--src/regress/lib/libssl/certs/server1-ecdsa-chain.pem26
-rw-r--r--src/regress/lib/libssl/certs/server1-ecdsa.pem18
-rw-r--r--src/regress/lib/libssl/certs/server1-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/server1-rsa.pem50
-rw-r--r--src/regress/lib/libssl/certs/server2-ecdsa-chain.pem26
-rw-r--r--src/regress/lib/libssl/certs/server2-ecdsa.pem18
-rw-r--r--src/regress/lib/libssl/certs/server2-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/server2-rsa.pem50
-rw-r--r--src/regress/lib/libssl/certs/server3-ecdsa-chain.pem26
-rw-r--r--src/regress/lib/libssl/certs/server3-ecdsa.pem18
-rw-r--r--src/regress/lib/libssl/certs/server3-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/server3-rsa.pem50
-rw-r--r--src/regress/lib/libssl/ciphers/Makefile9
-rw-r--r--src/regress/lib/libssl/ciphers/cipherstest.c531
-rw-r--r--src/regress/lib/libssl/client/Makefile9
-rw-r--r--src/regress/lib/libssl/client/clienttest.c754
-rw-r--r--src/regress/lib/libssl/dtls/Makefile20
-rw-r--r--src/regress/lib/libssl/dtls/dtlstest.c1077
-rw-r--r--src/regress/lib/libssl/exporter/Makefile10
-rw-r--r--src/regress/lib/libssl/exporter/exportertest.c664
-rw-r--r--src/regress/lib/libssl/handshake/Makefile34
-rw-r--r--src/regress/lib/libssl/handshake/handshake_table.c550
-rw-r--r--src/regress/lib/libssl/handshake/valid_handshakes_terminate.c54
-rw-r--r--src/regress/lib/libssl/interop/LICENSE15
-rw-r--r--src/regress/lib/libssl/interop/Makefile19
-rw-r--r--src/regress/lib/libssl/interop/Makefile.inc90
-rw-r--r--src/regress/lib/libssl/interop/README18
-rw-r--r--src/regress/lib/libssl/interop/botan/Makefile84
-rw-r--r--src/regress/lib/libssl/interop/botan/client.cpp228
-rw-r--r--src/regress/lib/libssl/interop/cert/Makefile98
-rw-r--r--src/regress/lib/libssl/interop/cipher/Makefile172
-rw-r--r--src/regress/lib/libssl/interop/client.c285
-rw-r--r--src/regress/lib/libssl/interop/libressl/Makefile34
-rw-r--r--src/regress/lib/libssl/interop/netcat/Makefile84
-rw-r--r--src/regress/lib/libssl/interop/openssl11/Makefile43
-rw-r--r--src/regress/lib/libssl/interop/openssl30/Makefile43
-rw-r--r--src/regress/lib/libssl/interop/server.c321
-rw-r--r--src/regress/lib/libssl/interop/session/Makefile46
-rw-r--r--src/regress/lib/libssl/interop/util.c145
-rw-r--r--src/regress/lib/libssl/interop/util.h23
-rw-r--r--src/regress/lib/libssl/interop/version/Makefile109
-rw-r--r--src/regress/lib/libssl/key_schedule/Makefile10
-rw-r--r--src/regress/lib/libssl/key_schedule/key_schedule.c317
-rw-r--r--src/regress/lib/libssl/openssl-ruby/Makefile87
-rw-r--r--src/regress/lib/libssl/pqueue/Makefile17
-rw-r--r--src/regress/lib/libssl/pqueue/expected.txt3
-rw-r--r--src/regress/lib/libssl/pqueue/pq_test.c118
-rw-r--r--src/regress/lib/libssl/quic/Makefile19
-rw-r--r--src/regress/lib/libssl/quic/quictest.c339
-rw-r--r--src/regress/lib/libssl/record/Makefile10
-rw-r--r--src/regress/lib/libssl/record/recordtest.c555
-rw-r--r--src/regress/lib/libssl/record_layer/Makefile10
-rw-r--r--src/regress/lib/libssl/record_layer/record_layer_test.c306
-rw-r--r--src/regress/lib/libssl/rust-openssl/Cargo.toml8
-rw-r--r--src/regress/lib/libssl/rust-openssl/Makefile58
-rw-r--r--src/regress/lib/libssl/rust-openssl/config6
-rw-r--r--src/regress/lib/libssl/server/Makefile18
-rw-r--r--src/regress/lib/libssl/server/servertest.c209
-rw-r--r--src/regress/lib/libssl/ssl/Makefile17
-rw-r--r--src/regress/lib/libssl/ssl/ssltest.c1528
-rw-r--r--src/regress/lib/libssl/ssl/testssl162
-rw-r--r--src/regress/lib/libssl/tls/Makefile18
-rw-r--r--src/regress/lib/libssl/tls/tlstest.c400
-rw-r--r--src/regress/lib/libssl/tlsext/Makefile10
-rw-r--r--src/regress/lib/libssl/tlsext/tlsexttest.c4613
-rw-r--r--src/regress/lib/libssl/tlsfuzzer/Makefile47
-rw-r--r--src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py921
-rw-r--r--src/regress/lib/libssl/tlslegacy/Makefile9
-rw-r--r--src/regress/lib/libssl/tlslegacy/tlslegacytest.c625
-rw-r--r--src/regress/lib/libssl/unit/Makefile21
-rw-r--r--src/regress/lib/libssl/unit/cipher_list.c231
-rw-r--r--src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c482
-rw-r--r--src/regress/lib/libssl/unit/ssl_methods.c267
-rw-r--r--src/regress/lib/libssl/unit/ssl_set_alpn_protos.c204
-rw-r--r--src/regress/lib/libssl/unit/ssl_verify_param.c99
-rw-r--r--src/regress/lib/libssl/unit/ssl_versions.c922
-rw-r--r--src/regress/lib/libssl/unit/tests.h44
-rw-r--r--src/regress/lib/libssl/unit/tls_ext_alpn.c442
-rw-r--r--src/regress/lib/libssl/unit/tls_prf.c251
-rw-r--r--src/regress/lib/libssl/verify/Makefile37
-rw-r--r--src/regress/lib/libssl/verify/create-libressl-test-certs.pl111
-rw-r--r--src/regress/lib/libssl/verify/verify.c373
114 files changed, 0 insertions, 23084 deletions
diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile
deleted file mode 100644
index b9e2afd2e0..0000000000
--- a/src/regress/lib/libssl/Makefile
+++ /dev/null
@@ -1,33 +0,0 @@
1# $OpenBSD: Makefile,v 1.53 2023/07/12 07:03:24 tb Exp $
2
3SUBDIR += api
4SUBDIR += asn1
5SUBDIR += buffer
6SUBDIR += bytestring
7SUBDIR += ciphers
8SUBDIR += client
9SUBDIR += dtls
10SUBDIR += exporter
11SUBDIR += handshake
12SUBDIR += pqueue
13SUBDIR += quic
14SUBDIR += record
15SUBDIR += record_layer
16SUBDIR += server
17SUBDIR += ssl
18SUBDIR += tls
19SUBDIR += tlsext
20SUBDIR += tlslegacy
21SUBDIR += key_schedule
22SUBDIR += unit
23SUBDIR += verify
24
25# Things that take a long time should go below here.
26SUBDIR += openssl-ruby
27SUBDIR += rust-openssl
28SUBDIR += tlsfuzzer
29SUBDIR += interop
30
31install:
32
33.include <bsd.subdir.mk>
diff --git a/src/regress/lib/libssl/Makefile.inc b/src/regress/lib/libssl/Makefile.inc
deleted file mode 100644
index cc8ad18394..0000000000
--- a/src/regress/lib/libssl/Makefile.inc
+++ /dev/null
@@ -1,4 +0,0 @@
1# Use this variable when the test needs internal symbols from libcrypto
2CRYPTO_INT= -Wl,-Bstatic -lcrypto -Wl,-Bdynamic
3# Use this variable when the test needs internal symbols from libssl
4SSL_INT= -Wl,-Bstatic -lssl -Wl,-Bdynamic
diff --git a/src/regress/lib/libssl/api/Makefile b/src/regress/lib/libssl/api/Makefile
deleted file mode 100644
index 7f745518eb..0000000000
--- a/src/regress/lib/libssl/api/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2023/04/14 12:38:30 tb Exp $
2
3PROG= apitest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8CFLAGS+= -DCERTSDIR=\"${.CURDIR}/../../libssl/certs\"
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/api/apitest.c b/src/regress/lib/libssl/api/apitest.c
deleted file mode 100644
index 9a58de9f83..0000000000
--- a/src/regress/lib/libssl/api/apitest.c
+++ /dev/null
@@ -1,374 +0,0 @@
1/* $OpenBSD: apitest.c,v 1.2 2023/04/14 12:38:30 tb Exp $ */
2/*
3 * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include <openssl/bio.h>
21#include <openssl/err.h>
22#include <openssl/ssl.h>
23
24#ifndef CERTSDIR
25#define CERTSDIR "."
26#endif
27
28const char *certs_path = CERTSDIR;
29
30int debug = 0;
31
32static int
33ssl_ctx_use_ca_file(SSL_CTX *ssl_ctx, const char *ca_file)
34{
35 char *ca_path = NULL;
36 int ret = 0;
37
38 if (asprintf(&ca_path, "%s/%s", certs_path, ca_file) == -1)
39 goto err;
40 if (!SSL_CTX_load_verify_locations(ssl_ctx, ca_path, NULL)) {
41 fprintf(stderr, "load_verify_locations(%s) failed\n", ca_path);
42 goto err;
43 }
44
45 ret = 1;
46
47 err:
48 free(ca_path);
49
50 return ret;
51}
52
53static int
54ssl_ctx_use_keypair(SSL_CTX *ssl_ctx, const char *chain_file,
55 const char *key_file)
56{
57 char *chain_path = NULL, *key_path = NULL;
58 int ret = 0;
59
60 if (asprintf(&chain_path, "%s/%s", certs_path, chain_file) == -1)
61 goto err;
62 if (SSL_CTX_use_certificate_chain_file(ssl_ctx, chain_path) != 1) {
63 fprintf(stderr, "FAIL: Failed to load certificates\n");
64 goto err;
65 }
66 if (asprintf(&key_path, "%s/%s", certs_path, key_file) == -1)
67 goto err;
68 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, key_path,
69 SSL_FILETYPE_PEM) != 1) {
70 fprintf(stderr, "FAIL: Failed to load private key\n");
71 goto err;
72 }
73
74 ret = 1;
75
76 err:
77 free(chain_path);
78 free(key_path);
79
80 return ret;
81}
82
83static SSL *
84tls_client(BIO *rbio, BIO *wbio)
85{
86 SSL_CTX *ssl_ctx = NULL;
87 SSL *ssl = NULL;
88
89 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
90 errx(1, "client context");
91
92 SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
93
94 if (!ssl_ctx_use_ca_file(ssl_ctx, "ca-root-rsa.pem"))
95 goto failure;
96 if (!ssl_ctx_use_keypair(ssl_ctx, "client1-rsa-chain.pem",
97 "client1-rsa.pem"))
98 goto failure;
99
100 if ((ssl = SSL_new(ssl_ctx)) == NULL)
101 errx(1, "client ssl");
102
103 BIO_up_ref(rbio);
104 BIO_up_ref(wbio);
105
106 SSL_set_bio(ssl, rbio, wbio);
107
108 failure:
109 SSL_CTX_free(ssl_ctx);
110
111 return ssl;
112}
113
114static SSL *
115tls_server(BIO *rbio, BIO *wbio)
116{
117 SSL_CTX *ssl_ctx = NULL;
118 SSL *ssl = NULL;
119
120 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
121 errx(1, "server context");
122
123 SSL_CTX_set_dh_auto(ssl_ctx, 2);
124
125 SSL_CTX_set_verify(ssl_ctx,
126 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
127
128 if (!ssl_ctx_use_ca_file(ssl_ctx, "ca-root-rsa.pem"))
129 goto failure;
130 if (!ssl_ctx_use_keypair(ssl_ctx, "server1-rsa-chain.pem",
131 "server1-rsa.pem"))
132 goto failure;
133
134 if ((ssl = SSL_new(ssl_ctx)) == NULL)
135 errx(1, "server ssl");
136
137 BIO_up_ref(rbio);
138 BIO_up_ref(wbio);
139
140 SSL_set_bio(ssl, rbio, wbio);
141
142 failure:
143 SSL_CTX_free(ssl_ctx);
144
145 return ssl;
146}
147
148static int
149ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret)
150{
151 int ssl_err;
152
153 ssl_err = SSL_get_error(ssl, ssl_ret);
154
155 if (ssl_err == SSL_ERROR_WANT_READ) {
156 return 1;
157 } else if (ssl_err == SSL_ERROR_WANT_WRITE) {
158 return 1;
159 } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
160 /* Yup, this is apparently a thing... */
161 } else {
162 fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
163 name, desc, ssl_err, errno);
164 ERR_print_errors_fp(stderr);
165 return 0;
166 }
167
168 return 1;
169}
170
171static int
172do_connect(SSL *ssl, const char *name, int *done)
173{
174 int ssl_ret;
175
176 if ((ssl_ret = SSL_connect(ssl)) == 1) {
177 fprintf(stderr, "INFO: %s connect done\n", name);
178 *done = 1;
179 return 1;
180 }
181
182 return ssl_error(ssl, name, "connect", ssl_ret);
183}
184
185static int
186do_accept(SSL *ssl, const char *name, int *done)
187{
188 int ssl_ret;
189
190 if ((ssl_ret = SSL_accept(ssl)) == 1) {
191 fprintf(stderr, "INFO: %s accept done\n", name);
192 *done = 1;
193 return 1;
194 }
195
196 return ssl_error(ssl, name, "accept", ssl_ret);
197}
198
199typedef int (*ssl_func)(SSL *ssl, const char *name, int *done);
200
201static int
202do_client_server_loop(SSL *client, ssl_func client_func, SSL *server,
203 ssl_func server_func)
204{
205 int client_done = 0, server_done = 0;
206 int i = 0;
207
208 do {
209 if (!client_done) {
210 if (debug)
211 fprintf(stderr, "DEBUG: client loop\n");
212 if (!client_func(client, "client", &client_done))
213 return 0;
214 }
215 if (!server_done) {
216 if (debug)
217 fprintf(stderr, "DEBUG: server loop\n");
218 if (!server_func(server, "server", &server_done))
219 return 0;
220 }
221 } while (i++ < 100 && (!client_done || !server_done));
222
223 if (!client_done || !server_done)
224 fprintf(stderr, "FAIL: gave up\n");
225
226 return client_done && server_done;
227}
228
229static int
230ssl_get_peer_cert_chain_test(uint16_t tls_version)
231{
232 STACK_OF(X509) *peer_chain;
233 X509 *peer_cert;
234 BIO *client_wbio = NULL, *server_wbio = NULL;
235 SSL *client = NULL, *server = NULL;
236 int failed = 1;
237
238 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL)
239 goto failure;
240 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0)
241 goto failure;
242
243 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL)
244 goto failure;
245 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0)
246 goto failure;
247
248 if ((client = tls_client(server_wbio, client_wbio)) == NULL)
249 goto failure;
250 if (tls_version != 0) {
251 if (!SSL_set_min_proto_version(client, tls_version))
252 goto failure;
253 if (!SSL_set_max_proto_version(client, tls_version))
254 goto failure;
255 }
256
257 if ((server = tls_server(client_wbio, server_wbio)) == NULL)
258 goto failure;
259 if (tls_version != 0) {
260 if (!SSL_set_min_proto_version(server, tls_version))
261 goto failure;
262 if (!SSL_set_max_proto_version(server, tls_version))
263 goto failure;
264 }
265
266 if (!do_client_server_loop(client, do_connect, server, do_accept)) {
267 fprintf(stderr, "FAIL: client and server handshake failed\n");
268 goto failure;
269 }
270
271 if (tls_version != 0) {
272 if (SSL_version(client) != tls_version) {
273 fprintf(stderr, "FAIL: client got TLS version %x, "
274 "want %x\n", SSL_version(client), tls_version);
275 goto failure;
276 }
277 if (SSL_version(server) != tls_version) {
278 fprintf(stderr, "FAIL: server got TLS version %x, "
279 "want %x\n", SSL_version(server), tls_version);
280 goto failure;
281 }
282 }
283
284 /*
285 * Due to the wonders of API inconsistency, SSL_get_peer_cert_chain()
286 * includes the peer's leaf certificate when called by the client,
287 * however it does not when called by the server. Futhermore, the
288 * certificate returned by SSL_get_peer_certificate() has already
289 * had its reference count incremented and must be freed, where as
290 * the certificates returned from SSL_get_peer_cert_chain() must
291 * not be freed... *sigh*
292 */
293 peer_cert = SSL_get_peer_certificate(client);
294 peer_chain = SSL_get_peer_cert_chain(client);
295 X509_free(peer_cert);
296
297 if (peer_cert == NULL) {
298 fprintf(stderr, "FAIL: client got no peer cert\n");
299 goto failure;
300 }
301 if (sk_X509_num(peer_chain) != 2) {
302 fprintf(stderr, "FAIL: client got peer cert chain with %d "
303 "certificates, want 2\n", sk_X509_num(peer_chain));
304 goto failure;
305 }
306 if (X509_cmp(peer_cert, sk_X509_value(peer_chain, 0)) != 0) {
307 fprintf(stderr, "FAIL: client got peer cert chain without peer "
308 "certificate\n");
309 goto failure;
310 }
311
312 peer_cert = SSL_get_peer_certificate(server);
313 peer_chain = SSL_get_peer_cert_chain(server);
314 X509_free(peer_cert);
315
316 if (peer_cert == NULL) {
317 fprintf(stderr, "FAIL: server got no peer cert\n");
318 goto failure;
319 }
320 if (sk_X509_num(peer_chain) != 1) {
321 fprintf(stderr, "FAIL: server got peer cert chain with %d "
322 "certificates, want 1\n", sk_X509_num(peer_chain));
323 goto failure;
324 }
325 if (X509_cmp(peer_cert, sk_X509_value(peer_chain, 0)) == 0) {
326 fprintf(stderr, "FAIL: server got peer cert chain with peer "
327 "certificate\n");
328 goto failure;
329 }
330
331 fprintf(stderr, "INFO: Done!\n");
332
333 failed = 0;
334
335 failure:
336 BIO_free(client_wbio);
337 BIO_free(server_wbio);
338
339 SSL_free(client);
340 SSL_free(server);
341
342 return failed;
343}
344
345static int
346ssl_get_peer_cert_chain_tests(void)
347{
348 int failed = 0;
349
350 fprintf(stderr, "\n== Testing SSL_get_peer_cert_chain()... ==\n");
351
352 failed |= ssl_get_peer_cert_chain_test(0);
353 failed |= ssl_get_peer_cert_chain_test(TLS1_3_VERSION);
354 failed |= ssl_get_peer_cert_chain_test(TLS1_2_VERSION);
355
356 return failed;
357}
358
359int
360main(int argc, char **argv)
361{
362 int failed = 0;
363
364 if (argc > 2) {
365 fprintf(stderr, "usage: %s [certspath]\n", argv[0]);
366 exit(1);
367 }
368 if (argc == 2)
369 certs_path = argv[1];
370
371 failed |= ssl_get_peer_cert_chain_tests();
372
373 return failed;
374}
diff --git a/src/regress/lib/libssl/asn1/Makefile b/src/regress/lib/libssl/asn1/Makefile
deleted file mode 100644
index 16fca9f6ca..0000000000
--- a/src/regress/lib/libssl/asn1/Makefile
+++ /dev/null
@@ -1,11 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2021/06/30 18:09:46 jsing Exp $
2
3PROG= asn1test
4LDADD= -lcrypto -lssl
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6
7WARNINGS= Yes
8CFLAGS+= -DLIBRESSL_INTERNAL -Werror
9CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
10
11.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/asn1/asn1test.c b/src/regress/lib/libssl/asn1/asn1test.c
deleted file mode 100644
index 6e9362b3e5..0000000000
--- a/src/regress/lib/libssl/asn1/asn1test.c
+++ /dev/null
@@ -1,478 +0,0 @@
1/* $OpenBSD: asn1test.c,v 1.12 2022/11/26 16:08:56 tb Exp $ */
2/*
3 * Copyright (c) 2014, 2016 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdlib.h>
20
21#include <openssl/bio.h>
22#include <openssl/err.h>
23#include <openssl/ssl.h>
24#include <openssl/tls1.h>
25
26#include "ssl_local.h"
27
28int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
29SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
30 long length);
31
32X509 *peer_cert;
33
34unsigned char *peer_cert_pem =
35 "-----BEGIN CERTIFICATE-----\n"
36 "MIIBcTCCARugAwIBAgIJAPYhaZJAvUuUMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV\n"
37 "BAoMCVRlc3QgUGVlcjAeFw0xNjEyMjYxNDQ3NDdaFw0yNjEyMjQxNDQ3NDdaMBQx\n"
38 "EjAQBgNVBAoMCVRlc3QgUGVlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCyhAdJ\n"
39 "wojHv/uKONh8MbmR2U2+VF1HQusnLfSfHPqkJfvDzLWJ41TG7QcXkx2rIJVtAFrO\n"
40 "U9yNdFYJLA/hsrbjAgMBAAGjUDBOMB0GA1UdDgQWBBS3bZOw7fvaortdsdE2TPMq\n"
41 "IRXFRzAfBgNVHSMEGDAWgBS3bZOw7fvaortdsdE2TPMqIRXFRzAMBgNVHRMEBTAD\n"
42 "AQH/MA0GCSqGSIb3DQEBBQUAA0EAHsxNS+rNUZbopeDMhVIviOfUmelDjJrT56Rc\n"
43 "VJoFN3Gc1cV8nQAHm9aJs71uksC+MN04Pzh0WqmYX9XXrnYPcg==\n"
44 "-----END CERTIFICATE-----\n";
45
46struct ssl_asn1_test {
47 SSL_SESSION session;
48 int peer_cert;
49 const unsigned char asn1[1024];
50 int asn1_len;
51};
52
53unsigned char tlsext_tick[] = {
54 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34,
55 0x2d, 0x30, 0x31, 0x36, 0x30, 0x3a, 0x20, 0x37,
56 0x74, 0x68, 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c,
57 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56,
58 0x45, 0x2d, 0x32, 0x30, 0x31, 0x30, 0x2d, 0x35,
59 0x32, 0x39, 0x38, 0x3a, 0x20, 0x38, 0x74, 0x68,
60 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32,
61 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d,
62 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30, 0x31, 0x39,
63 0x38, 0x3a, 0x20, 0x32, 0x31, 0x73, 0x74, 0x20,
64 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30,
65 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32,
66 0x30, 0x31, 0x34, 0x2d, 0x33, 0x34, 0x37, 0x30,
67 0x3a, 0x20, 0x33, 0x30, 0x74, 0x68, 0x20, 0x4d,
68 0x61, 0x79, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a,
69 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34,
70 0x2d, 0x30, 0x31, 0x39, 0x35, 0x3a, 0x20, 0x35,
71 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20,
72 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45,
73 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30, 0x32,
74 0x32, 0x31, 0x3a, 0x20, 0x35, 0x74, 0x68, 0x20,
75 0x4a, 0x75, 0x6e, 0x65, 0x20, 0x32, 0x30, 0x31,
76 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30,
77 0x31, 0x34, 0x2d, 0x30, 0x32, 0x32, 0x34, 0x3a,
78 0x20, 0x35, 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e,
79 0x65, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a,
80};
81
82struct ssl_asn1_test ssl_asn1_tests[] = {
83 {
84 .session = {
85 .cipher_id = 0x03000000L | 1,
86 .ssl_version = TLS1_2_VERSION,
87 },
88 .asn1 = {
89 0x30, 0x13, 0x02, 0x01, 0x01, 0x02, 0x02, 0x03,
90 0x03, 0x04, 0x02, 0x00, 0x01, 0x04, 0x00, 0x04,
91 0x00, 0xa4, 0x02, 0x04, 0x00,
92 },
93 .asn1_len = 21,
94 },
95 {
96 .session = {
97 .cipher_id = 0x03000000L | 1,
98 .ssl_version = TLS1_2_VERSION,
99 .master_key_length = 26,
100 .session_id = "0123456789",
101 .session_id_length = 10,
102 .sid_ctx = "abcdefghijklmnopqrstuvwxyz",
103 .sid_ctx_length = 26,
104 },
105 .asn1 = {
106 0x30, 0x51, 0x02, 0x01, 0x01, 0x02, 0x02, 0x03,
107 0x03, 0x04, 0x02, 0x00, 0x01, 0x04, 0x0a, 0x30,
108 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
109 0x39, 0x04, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00,
110 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
111 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
112 0x00, 0x00, 0x00, 0x00, 0x00, 0xa4, 0x1c, 0x04,
113 0x1a, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
114 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
115 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
116 0x78, 0x79, 0x7a,
117 },
118 .asn1_len = 83,
119 },
120 {
121 .session = {
122 .cipher_id = 0x03000000L | 1,
123 .ssl_version = TLS1_2_VERSION,
124 .master_key_length = 26,
125 .session_id = "0123456789",
126 .session_id_length = 10,
127 .sid_ctx = "abcdefghijklmnopqrstuvwxyz",
128 .sid_ctx_length = 26,
129 .time = 1405266069,
130 .timeout = 5,
131 .verify_result = 42,
132 .tlsext_hostname = "libressl.openbsd.org",
133 .tlsext_tick_lifetime_hint = 0x7abbccdd,
134 .tlsext_tick = tlsext_tick,
135 .tlsext_ticklen = sizeof(tlsext_tick),
136 },
137 .peer_cert = 1,
138 .asn1 = {
139 0x30, 0x82, 0x02, 0xd1, 0x02, 0x01, 0x01, 0x02,
140 0x02, 0x03, 0x03, 0x04, 0x02, 0x00, 0x01, 0x04,
141 0x0a, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36,
142 0x37, 0x38, 0x39, 0x04, 0x1a, 0x00, 0x00, 0x00,
143 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
144 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
145 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa1,
146 0x06, 0x02, 0x04, 0x53, 0xc2, 0xa8, 0x95, 0xa2,
147 0x03, 0x02, 0x01, 0x05, 0xa3, 0x82, 0x01, 0x75,
148 0x30, 0x82, 0x01, 0x71, 0x30, 0x82, 0x01, 0x1b,
149 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
150 0xf6, 0x21, 0x69, 0x92, 0x40, 0xbd, 0x4b, 0x94,
151 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
152 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30,
153 0x14, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55,
154 0x04, 0x0a, 0x0c, 0x09, 0x54, 0x65, 0x73, 0x74,
155 0x20, 0x50, 0x65, 0x65, 0x72, 0x30, 0x1e, 0x17,
156 0x0d, 0x31, 0x36, 0x31, 0x32, 0x32, 0x36, 0x31,
157 0x34, 0x34, 0x37, 0x34, 0x37, 0x5a, 0x17, 0x0d,
158 0x32, 0x36, 0x31, 0x32, 0x32, 0x34, 0x31, 0x34,
159 0x34, 0x37, 0x34, 0x37, 0x5a, 0x30, 0x14, 0x31,
160 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0a,
161 0x0c, 0x09, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50,
162 0x65, 0x65, 0x72, 0x30, 0x5c, 0x30, 0x0d, 0x06,
163 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
164 0x01, 0x01, 0x05, 0x00, 0x03, 0x4b, 0x00, 0x30,
165 0x48, 0x02, 0x41, 0x00, 0xb2, 0x84, 0x07, 0x49,
166 0xc2, 0x88, 0xc7, 0xbf, 0xfb, 0x8a, 0x38, 0xd8,
167 0x7c, 0x31, 0xb9, 0x91, 0xd9, 0x4d, 0xbe, 0x54,
168 0x5d, 0x47, 0x42, 0xeb, 0x27, 0x2d, 0xf4, 0x9f,
169 0x1c, 0xfa, 0xa4, 0x25, 0xfb, 0xc3, 0xcc, 0xb5,
170 0x89, 0xe3, 0x54, 0xc6, 0xed, 0x07, 0x17, 0x93,
171 0x1d, 0xab, 0x20, 0x95, 0x6d, 0x00, 0x5a, 0xce,
172 0x53, 0xdc, 0x8d, 0x74, 0x56, 0x09, 0x2c, 0x0f,
173 0xe1, 0xb2, 0xb6, 0xe3, 0x02, 0x03, 0x01, 0x00,
174 0x01, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06,
175 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
176 0xb7, 0x6d, 0x93, 0xb0, 0xed, 0xfb, 0xda, 0xa2,
177 0xbb, 0x5d, 0xb1, 0xd1, 0x36, 0x4c, 0xf3, 0x2a,
178 0x21, 0x15, 0xc5, 0x47, 0x30, 0x1f, 0x06, 0x03,
179 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,
180 0x14, 0xb7, 0x6d, 0x93, 0xb0, 0xed, 0xfb, 0xda,
181 0xa2, 0xbb, 0x5d, 0xb1, 0xd1, 0x36, 0x4c, 0xf3,
182 0x2a, 0x21, 0x15, 0xc5, 0x47, 0x30, 0x0c, 0x06,
183 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03,
184 0x01, 0x01, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a,
185 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
186 0x05, 0x00, 0x03, 0x41, 0x00, 0x1e, 0xcc, 0x4d,
187 0x4b, 0xea, 0xcd, 0x51, 0x96, 0xe8, 0xa5, 0xe0,
188 0xcc, 0x85, 0x52, 0x2f, 0x88, 0xe7, 0xd4, 0x99,
189 0xe9, 0x43, 0x8c, 0x9a, 0xd3, 0xe7, 0xa4, 0x5c,
190 0x54, 0x9a, 0x05, 0x37, 0x71, 0x9c, 0xd5, 0xc5,
191 0x7c, 0x9d, 0x00, 0x07, 0x9b, 0xd6, 0x89, 0xb3,
192 0xbd, 0x6e, 0x92, 0xc0, 0xbe, 0x30, 0xdd, 0x38,
193 0x3f, 0x38, 0x74, 0x5a, 0xa9, 0x98, 0x5f, 0xd5,
194 0xd7, 0xae, 0x76, 0x0f, 0x72, 0xa4, 0x1c, 0x04,
195 0x1a, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
196 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
197 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
198 0x78, 0x79, 0x7a, 0xa5, 0x03, 0x02, 0x01, 0x2a,
199 0xa6, 0x16, 0x04, 0x14, 0x6c, 0x69, 0x62, 0x72,
200 0x65, 0x73, 0x73, 0x6c, 0x2e, 0x6f, 0x70, 0x65,
201 0x6e, 0x62, 0x73, 0x64, 0x2e, 0x6f, 0x72, 0x67,
202 0xa9, 0x06, 0x02, 0x04, 0x7a, 0xbb, 0xcc, 0xdd,
203 0xaa, 0x81, 0xd2, 0x04, 0x81, 0xcf, 0x43, 0x56,
204 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30,
205 0x31, 0x36, 0x30, 0x3a, 0x20, 0x37, 0x74, 0x68,
206 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32,
207 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d,
208 0x32, 0x30, 0x31, 0x30, 0x2d, 0x35, 0x32, 0x39,
209 0x38, 0x3a, 0x20, 0x38, 0x74, 0x68, 0x20, 0x41,
210 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30, 0x31,
211 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30,
212 0x31, 0x34, 0x2d, 0x30, 0x31, 0x39, 0x38, 0x3a,
213 0x20, 0x32, 0x31, 0x73, 0x74, 0x20, 0x41, 0x70,
214 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30, 0x31, 0x34,
215 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31,
216 0x34, 0x2d, 0x33, 0x34, 0x37, 0x30, 0x3a, 0x20,
217 0x33, 0x30, 0x74, 0x68, 0x20, 0x4d, 0x61, 0x79,
218 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56,
219 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30,
220 0x31, 0x39, 0x35, 0x3a, 0x20, 0x35, 0x74, 0x68,
221 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20, 0x32, 0x30,
222 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32,
223 0x30, 0x31, 0x34, 0x2d, 0x30, 0x32, 0x32, 0x31,
224 0x3a, 0x20, 0x35, 0x74, 0x68, 0x20, 0x4a, 0x75,
225 0x6e, 0x65, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a,
226 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34,
227 0x2d, 0x30, 0x32, 0x32, 0x34, 0x3a, 0x20, 0x35,
228 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20,
229 0x32, 0x30, 0x31, 0x34, 0x0a,
230 },
231 .asn1_len = 725,
232 },
233 {
234 .session = {
235 .cipher_id = 0x03000000L | 1,
236 .ssl_version = TLS1_2_VERSION,
237 .timeout = -1,
238 },
239 .asn1 = {
240 0x0,
241 },
242 .asn1_len = -1,
243 },
244 {
245 .session = {
246 .cipher_id = 0x03000000L | 1,
247 .ssl_version = TLS1_2_VERSION,
248 .time = -1,
249 },
250 .asn1 = {
251 0x0,
252 },
253 .asn1_len = -1,
254 },
255};
256
257#define N_SSL_ASN1_TESTS \
258 (sizeof(ssl_asn1_tests) / sizeof(*ssl_asn1_tests))
259
260static int
261session_strcmp(const unsigned char *o1, const unsigned char *o2, size_t len)
262{
263 if (o1 == NULL && o2 == NULL)
264 return (0);
265 if (o1 == NULL || o2 == NULL)
266 return (1);
267 return memcmp(o1, o2, len);
268}
269
270static int
271session_cmp(SSL_SESSION *s1, SSL_SESSION *s2)
272{
273 /* Compare the ASN.1 encoded values from two sessions. */
274 if (s1->ssl_version != s2->ssl_version) {
275 fprintf(stderr, "ssl_version differs: %d != %d\n",
276 s1->ssl_version, s2->ssl_version);
277 return (1);
278 }
279 if (s1->cipher_id != s2->cipher_id) {
280 fprintf(stderr, "cipher_id differs: %ld != %ld\n",
281 s1->cipher_id, s2->cipher_id);
282 return (1);
283 }
284
285 if (s1->master_key_length != s2->master_key_length) {
286 fprintf(stderr, "master_key_length differs: %zu != %zu\n",
287 s1->master_key_length, s2->master_key_length);
288 return (1);
289 }
290 if (session_strcmp(s1->master_key, s2->master_key,
291 s1->master_key_length) != 0) {
292 fprintf(stderr, "master_key differs\n");
293 return (1);
294 }
295
296 if (s1->session_id_length != s2->session_id_length) {
297 fprintf(stderr, "session_id_length differs: %zu != %zu\n",
298 s1->session_id_length, s2->session_id_length);
299 return (1);
300 }
301 if (session_strcmp(s1->session_id, s2->session_id,
302 s1->session_id_length) != 0) {
303 fprintf(stderr, "session_id differs\n");
304 return (1);
305 }
306
307 if (s1->sid_ctx_length != s2->sid_ctx_length) {
308 fprintf(stderr, "sid_ctx_length differs: %zu != %zu\n",
309 s1->sid_ctx_length, s2->sid_ctx_length);
310 return (1);
311 }
312 if (session_strcmp(s1->sid_ctx, s2->sid_ctx,
313 s1->sid_ctx_length) != 0) {
314 fprintf(stderr, "sid_ctx differs\n");
315 return (1);
316 }
317
318 /* d2i_SSL_SESSION uses the current time if decoding a zero value. */
319 if ((s1->time != s2->time) && s1->time != 0 && s2->time != 0) {
320 fprintf(stderr, "time differs: %lld != %lld\n",
321 (long long)s1->time, (long long)s2->time);
322 return (1);
323 }
324 /* d2i_SSL_SESSION uses a timeout of 3 if decoding a zero value. */
325 if ((s1->timeout != s2->timeout) &&
326 s1->timeout != 3 && s2->timeout != 3) {
327 fprintf(stderr, "timeout differs: %ld != %ld\n",
328 s1->timeout, s2->timeout);
329 return (1);
330 }
331
332 /* Ensure that a certificate is or is not present in both. */
333 if ((s1->peer_cert != NULL || s2->peer_cert != NULL) &&
334 (s1->peer_cert == NULL || s2->peer_cert == NULL ||
335 X509_cmp(s1->peer_cert, s2->peer_cert) != 0)) {
336 fprintf(stderr, "peer_cert differs\n");
337 return (1);
338 }
339
340 if (s1->verify_result != s2->verify_result) {
341 fprintf(stderr, "verify_result differs: %ld != %ld\n",
342 s1->verify_result, s2->verify_result);
343 return (1);
344 }
345
346 if (session_strcmp(s1->tlsext_hostname, s2->tlsext_hostname,
347 (s1->tlsext_hostname ? strlen(s1->tlsext_hostname) : 0)) != 0) {
348 fprintf(stderr, "sid_ctx differs\n");
349 return (1);
350 }
351 if (s1->tlsext_tick_lifetime_hint != s2->tlsext_tick_lifetime_hint) {
352 fprintf(stderr, "tlsext_tick_lifetime_hint differs: "
353 "%u != %u\n", s1->tlsext_tick_lifetime_hint,
354 s2->tlsext_tick_lifetime_hint);
355 return (1);
356 }
357 if (s1->tlsext_ticklen != s2->tlsext_ticklen) {
358 fprintf(stderr, "tlsext_ticklen differs: %zu != %zu\n",
359 s1->tlsext_ticklen, s2->tlsext_ticklen);
360 return (1);
361 }
362 if (session_strcmp(s1->tlsext_tick, s2->tlsext_tick,
363 s1->tlsext_ticklen) != 0) {
364 fprintf(stderr, "tlsext_tick differs\n");
365 return (1);
366 }
367
368 return (0);
369}
370
371static int
372do_ssl_asn1_test(int test_no, struct ssl_asn1_test *sat)
373{
374 SSL_SESSION *sp = NULL;
375 unsigned char *ap, *asn1 = NULL;
376 const unsigned char *pp;
377 int i, len, rv = 1;
378
379 if (sat->peer_cert)
380 sat->session.peer_cert = peer_cert;
381
382 len = i2d_SSL_SESSION(&sat->session, NULL);
383 if (len != sat->asn1_len) {
384 fprintf(stderr, "FAIL: test %d returned ASN1 length %d, "
385 "want %d\n", test_no, len, sat->asn1_len);
386 goto failed;
387 }
388
389 /* See if the test is expected to fail... */
390 if (sat->asn1_len == -1)
391 return (0);
392
393 if ((asn1 = malloc(len)) == NULL)
394 errx(1, "failed to allocate memory");
395
396 ap = asn1;
397 len = i2d_SSL_SESSION(&sat->session, &ap);
398
399 /* Check the length again since the code path is different. */
400 if (len != sat->asn1_len) {
401 fprintf(stderr, "FAIL: test %d returned ASN1 length %d, "
402 "want %d\n", test_no, len, sat->asn1_len);
403 goto failed;
404 }
405 /* ap should now point at the end of the buffer. */
406 if (ap - asn1 != len) {
407 fprintf(stderr, "FAIL: test %d pointer increment does not "
408 "match length (%d != %d)\n", test_no, (int)(ap - asn1), len);
409 goto failed;
410 }
411
412 if (memcmp(asn1, &sat->asn1, len) != 0) {
413 fprintf(stderr, "FAIL: test %d - encoding differs:\n", test_no);
414 fprintf(stderr, "encoding:\n");
415 for (i = 1; i <= len; i++) {
416 fprintf(stderr, " 0x%02hhx,", asn1[i - 1]);
417 if (i % 8 == 0)
418 fprintf(stderr, "\n");
419 }
420 fprintf(stderr, "\n");
421 fprintf(stderr, "test data:\n");
422 for (i = 1; i <= sat->asn1_len; i++) {
423 fprintf(stderr, " 0x%02hhx,", sat->asn1[i - 1]);
424 if (i % 8 == 0)
425 fprintf(stderr, "\n");
426 }
427 fprintf(stderr, "\n");
428 goto failed;
429 }
430
431 pp = sat->asn1;
432
433 if ((sp = d2i_SSL_SESSION(NULL, &pp, sat->asn1_len)) == NULL) {
434 fprintf(stderr, "FAIL: test %d - decoding failed\n", test_no);
435 goto failed;
436 }
437
438 if (session_cmp(sp, &sat->session) != 0) {
439 fprintf(stderr, "FAIL: test %d - decoding differs\n", test_no);
440 goto failed;
441 }
442
443 rv = 0;
444
445 failed:
446 ERR_print_errors_fp(stderr);
447 SSL_SESSION_free(sp);
448 free(asn1);
449
450 return (rv);
451}
452
453int
454main(int argc, char **argv)
455{
456 BIO *bio = NULL;
457 int failed = 0;
458 size_t i;
459
460 SSL_library_init();
461 SSL_load_error_strings();
462
463 bio = BIO_new_mem_buf(peer_cert_pem, -1);
464 if (bio == NULL)
465 errx(1, "failed to create bio");
466
467 peer_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
468 if (peer_cert == NULL)
469 errx(1, "failed to read peer cert");
470
471 for (i = 0; i < N_SSL_ASN1_TESTS; i++)
472 failed += do_ssl_asn1_test(i, &ssl_asn1_tests[i]);
473
474 X509_free(peer_cert);
475 BIO_free(bio);
476
477 return (failed);
478}
diff --git a/src/regress/lib/libssl/buffer/Makefile b/src/regress/lib/libssl/buffer/Makefile
deleted file mode 100644
index 64ed46fa90..0000000000
--- a/src/regress/lib/libssl/buffer/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2019/01/17 06:46:10 jsing Exp $
2
3PROG= buffertest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/buffer/buffertest.c b/src/regress/lib/libssl/buffer/buffertest.c
deleted file mode 100644
index 3dfad7c44f..0000000000
--- a/src/regress/lib/libssl/buffer/buffertest.c
+++ /dev/null
@@ -1,364 +0,0 @@
1/* $OpenBSD: buffertest.c,v 1.6 2022/07/22 19:34:55 jsing Exp $ */
2/*
3 * Copyright (c) 2019, 2022 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdio.h>
20#include <stdlib.h>
21#include <string.h>
22
23#include "tls_internal.h"
24
25uint8_t testdata[] = {
26 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
27 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
28};
29
30struct read_state {
31 uint8_t *buf;
32 size_t len;
33 size_t offset;
34};
35
36static ssize_t
37read_cb(void *buf, size_t buflen, void *cb_arg)
38{
39 struct read_state *rs = cb_arg;
40 ssize_t n;
41
42 if (rs->offset > rs->len)
43 return TLS_IO_EOF;
44
45 if ((size_t)(n = buflen) > (rs->len - rs->offset))
46 n = rs->len - rs->offset;
47
48 if (n == 0)
49 return TLS_IO_WANT_POLLIN;
50
51 memcpy(buf, &rs->buf[rs->offset], n);
52 rs->offset += n;
53
54 return n;
55}
56
57struct extend_test {
58 size_t extend_len;
59 size_t read_len;
60 ssize_t want_ret;
61};
62
63const struct extend_test extend_tests[] = {
64 {
65 .extend_len = 4,
66 .read_len = 0,
67 .want_ret = TLS_IO_WANT_POLLIN,
68 },
69 {
70 .extend_len = 4,
71 .read_len = 8,
72 .want_ret = 4,
73 },
74 {
75 .extend_len = 12,
76 .read_len = 8,
77 .want_ret = TLS_IO_WANT_POLLIN,
78 },
79 {
80 .extend_len = 12,
81 .read_len = 10,
82 .want_ret = TLS_IO_WANT_POLLIN,
83 },
84 {
85 .extend_len = 12,
86 .read_len = 12,
87 .want_ret = 12,
88 },
89 {
90 .extend_len = 16,
91 .read_len = 16,
92 .want_ret = 16,
93 },
94 {
95 .extend_len = 20,
96 .read_len = 1,
97 .want_ret = TLS_IO_EOF,
98 },
99};
100
101#define N_EXTEND_TESTS (sizeof(extend_tests) / sizeof(extend_tests[0]))
102
103static int
104tls_buffer_extend_test(void)
105{
106 const struct extend_test *et;
107 struct tls_buffer *buf;
108 struct read_state rs;
109 uint8_t *data = NULL;
110 size_t i, data_len;
111 ssize_t ret;
112 CBS cbs;
113 int failed = 1;
114
115 rs.buf = testdata;
116 rs.offset = 0;
117
118 if ((buf = tls_buffer_new(0)) == NULL)
119 errx(1, "tls_buffer_new");
120
121 for (i = 0; i < N_EXTEND_TESTS; i++) {
122 et = &extend_tests[i];
123 rs.len = et->read_len;
124
125 ret = tls_buffer_extend(buf, et->extend_len, read_cb, &rs);
126 if (ret != extend_tests[i].want_ret) {
127 fprintf(stderr, "FAIL: Test %zd - extend returned %zd, "
128 "want %zd\n", i, ret, et->want_ret);
129 goto failed;
130 }
131
132 if (!tls_buffer_data(buf, &cbs)) {
133 fprintf(stderr, "FAIL: Test %zd - failed to get data\n",
134 i);
135 goto failed;
136 }
137
138 if (!CBS_mem_equal(&cbs, testdata, CBS_len(&cbs))) {
139 fprintf(stderr, "FAIL: Test %zd - extend buffer "
140 "mismatch", i);
141 goto failed;
142 }
143 }
144
145 if (!tls_buffer_finish(buf, &data, &data_len)) {
146 fprintf(stderr, "FAIL: failed to finish\n");
147 goto failed;
148 }
149
150 tls_buffer_free(buf);
151 buf = NULL;
152
153 if (data_len != sizeof(testdata)) {
154 fprintf(stderr, "FAIL: got data length %zu, want %zu\n",
155 data_len, sizeof(testdata));
156 goto failed;
157 }
158 if (memcmp(data, testdata, data_len) != 0) {
159 fprintf(stderr, "FAIL: data mismatch\n");
160 goto failed;
161 }
162
163 failed = 0;
164
165 failed:
166 tls_buffer_free(buf);
167 free(data);
168
169 return failed;
170}
171
172struct read_write_test {
173 uint8_t pattern;
174 size_t read;
175 size_t write;
176 size_t append;
177 ssize_t want;
178};
179
180const struct read_write_test read_write_tests[] = {
181 {
182 .read = 2048,
183 .want = TLS_IO_WANT_POLLIN,
184 },
185 {
186 .pattern = 0xdb,
187 .write = 2048,
188 .want = 2048,
189 },
190 {
191 .pattern = 0xbd,
192 .append = 2048,
193 .want = 1,
194 },
195 {
196 .pattern = 0xdb,
197 .read = 2048,
198 .want = 2048,
199 },
200 {
201 .pattern = 0xfe,
202 .append = 1024,
203 .want = 1,
204 },
205 {
206 .pattern = 0xbd,
207 .read = 1000,
208 .want = 1000,
209 },
210 {
211 .pattern = 0xbd,
212 .read = 1048,
213 .want = 1048,
214 },
215 {
216 .pattern = 0xdb,
217 .write = 2048,
218 .want = 2048,
219 },
220 {
221 .pattern = 0xbd,
222 .append = 1024,
223 .want = 1,
224 },
225 {
226 .pattern = 0xee,
227 .append = 4096,
228 .want = 1,
229 },
230 {
231 .pattern = 0xfe,
232 .append = 1,
233 .want = 0,
234 },
235 {
236 .pattern = 0xfe,
237 .write = 1,
238 .want = TLS_IO_FAILURE,
239 },
240 {
241 .pattern = 0xfe,
242 .read = 1024,
243 .want = 1024,
244 },
245 {
246 .pattern = 0xdb,
247 .read = 2048,
248 .want = 2048,
249 },
250 {
251 .pattern = 0xbd,
252 .read = 1024,
253 .want = 1024,
254 },
255 {
256 .pattern = 0xee,
257 .read = 1024,
258 .want = 1024,
259 },
260 {
261 .pattern = 0xee,
262 .read = 4096,
263 .want = 3072,
264 },
265 {
266 .read = 2048,
267 .want = TLS_IO_WANT_POLLIN,
268 },
269};
270
271#define N_READ_WRITE_TESTS (sizeof(read_write_tests) / sizeof(read_write_tests[0]))
272
273static int
274tls_buffer_read_write_test(void)
275{
276 const struct read_write_test *rwt;
277 struct tls_buffer *buf = NULL;
278 uint8_t *rbuf = NULL, *wbuf = NULL;
279 ssize_t n;
280 size_t i;
281 int ret;
282 int failed = 1;
283
284 if ((buf = tls_buffer_new(0)) == NULL)
285 errx(1, "tls_buffer_new");
286
287 tls_buffer_set_capacity_limit(buf, 8192);
288
289 for (i = 0; i < N_READ_WRITE_TESTS; i++) {
290 rwt = &read_write_tests[i];
291
292 if (rwt->append > 0) {
293 free(wbuf);
294 if ((wbuf = malloc(rwt->append)) == NULL)
295 errx(1, "malloc");
296 memset(wbuf, rwt->pattern, rwt->append);
297 if ((ret = tls_buffer_append(buf, wbuf, rwt->append)) !=
298 rwt->want) {
299 fprintf(stderr, "FAIL: test %zu - "
300 "tls_buffer_append() = %d, want %zu\n",
301 i, ret, rwt->want);
302 goto failed;
303 }
304 }
305
306 if (rwt->write > 0) {
307 free(wbuf);
308 if ((wbuf = malloc(rwt->write)) == NULL)
309 errx(1, "malloc");
310 memset(wbuf, rwt->pattern, rwt->write);
311 if ((n = tls_buffer_write(buf, wbuf, rwt->write)) !=
312 rwt->want) {
313 fprintf(stderr, "FAIL: test %zu - "
314 "tls_buffer_write() = %zi, want %zu\n",
315 i, n, rwt->want);
316 goto failed;
317 }
318 }
319
320 if (rwt->read > 0) {
321 free(rbuf);
322 if ((rbuf = calloc(1, rwt->read)) == NULL)
323 errx(1, "malloc");
324 if ((n = tls_buffer_read(buf, rbuf, rwt->read)) !=
325 rwt->want) {
326 fprintf(stderr, "FAIL: test %zu - "
327 "tls_buffer_read() = %zi, want %zu\n",
328 i, n, rwt->want);
329 goto failed;
330 }
331 if (rwt->want > 0) {
332 free(wbuf);
333 if ((wbuf = malloc(rwt->want)) == NULL)
334 errx(1, "malloc");
335 memset(wbuf, rwt->pattern, rwt->want);
336 if (memcmp(rbuf, wbuf, rwt->want) != 0) {
337 fprintf(stderr, "FAIL: test %zu - "
338 "read byte mismatch\n", i);
339 goto failed;
340 }
341 }
342 }
343 }
344
345 failed = 0;
346
347 failed:
348 tls_buffer_free(buf);
349 free(rbuf);
350 free(wbuf);
351
352 return failed;
353}
354
355int
356main(int argc, char **argv)
357{
358 int failed = 0;
359
360 failed |= tls_buffer_extend_test();
361 failed |= tls_buffer_read_write_test();
362
363 return failed;
364}
diff --git a/src/regress/lib/libssl/bytestring/Makefile b/src/regress/lib/libssl/bytestring/Makefile
deleted file mode 100644
index 91b3fea902..0000000000
--- a/src/regress/lib/libssl/bytestring/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.6 2022/06/29 15:06:18 tb Exp $
2
3PROG= bytestringtest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/bytestring/bytestringtest.c b/src/regress/lib/libssl/bytestring/bytestringtest.c
deleted file mode 100644
index 36f45c4bdc..0000000000
--- a/src/regress/lib/libssl/bytestring/bytestringtest.c
+++ /dev/null
@@ -1,968 +0,0 @@
1/* $OpenBSD: bytestringtest.c,v 1.17 2023/01/01 17:43:04 miod Exp $ */
2/*
3 * Copyright (c) 2014, Google Inc.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
12 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
14 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
15 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
16
17#include <stdio.h>
18#include <stdlib.h>
19#include <string.h>
20
21#include <openssl/crypto.h>
22
23#include "bytestring.h"
24
25/* This is from <openssl/base.h> in boringssl */
26#define OPENSSL_U64(x) x##ULL
27
28#define PRINT_ERROR printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
29 __LINE__)
30
31#define CHECK(a) do { \
32 if (!(a)) { \
33 PRINT_ERROR; \
34 return 0; \
35 } \
36} while (0)
37
38#define CHECK_GOTO(a) do { \
39 if (!(a)) { \
40 PRINT_ERROR; \
41 goto err; \
42 } \
43} while (0)
44
45static int
46test_skip(void)
47{
48 static const uint8_t kData[] = {1, 2, 3};
49 CBS data;
50
51 CBS_init(&data, kData, sizeof(kData));
52
53 CHECK(CBS_len(&data) == 3);
54 CHECK(CBS_skip(&data, 1));
55 CHECK(CBS_len(&data) == 2);
56 CHECK(CBS_skip(&data, 2));
57 CHECK(CBS_len(&data) == 0);
58 CHECK(!CBS_skip(&data, 1));
59
60 return 1;
61}
62
63static int
64test_get_u(void)
65{
66 static const uint8_t kData[] = {
67 1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
68 11, 12, 13, 14, 15, 16, 17, 18, 19, 20,
69 };
70 uint8_t u8;
71 uint16_t u16;
72 uint32_t u32;
73 uint64_t u64;
74 CBS data;
75
76 CBS_init(&data, kData, sizeof(kData));
77
78 CHECK(CBS_get_u8(&data, &u8));
79 CHECK(u8 == 1);
80 CHECK(CBS_get_u16(&data, &u16));
81 CHECK(u16 == 0x203);
82 CHECK(CBS_get_u24(&data, &u32));
83 CHECK(u32 == 0x40506);
84 CHECK(CBS_get_u32(&data, &u32));
85 CHECK(u32 == 0x708090a);
86 CHECK(CBS_get_u64(&data, &u64));
87 CHECK(u64 == 0x0b0c0d0e0f101112ULL);
88 CHECK(CBS_get_last_u8(&data, &u8));
89 CHECK(u8 == 20);
90 CHECK(CBS_get_last_u8(&data, &u8));
91 CHECK(u8 == 19);
92 CHECK(!CBS_get_u8(&data, &u8));
93 CHECK(!CBS_get_last_u8(&data, &u8));
94
95 return 1;
96}
97
98static int
99test_get_prefixed(void)
100{
101 static const uint8_t kData[] = {1, 2, 0, 2, 3, 4, 0, 0, 3, 3, 2, 1};
102 uint8_t u8;
103 uint16_t u16;
104 uint32_t u32;
105 CBS data, prefixed;
106
107 CBS_init(&data, kData, sizeof(kData));
108
109 CHECK(CBS_get_u8_length_prefixed(&data, &prefixed));
110 CHECK(CBS_len(&prefixed) == 1);
111 CHECK(CBS_get_u8(&prefixed, &u8));
112 CHECK(u8 == 2);
113 CHECK(CBS_get_u16_length_prefixed(&data, &prefixed));
114 CHECK(CBS_len(&prefixed) == 2);
115 CHECK(CBS_get_u16(&prefixed, &u16));
116 CHECK(u16 == 0x304);
117 CHECK(CBS_get_u24_length_prefixed(&data, &prefixed));
118 CHECK(CBS_len(&prefixed) == 3);
119 CHECK(CBS_get_u24(&prefixed, &u32));
120 CHECK(u32 == 0x30201);
121
122 return 1;
123}
124
125static int
126test_get_prefixed_bad(void)
127{
128 static const uint8_t kData1[] = {2, 1};
129 static const uint8_t kData2[] = {0, 2, 1};
130 static const uint8_t kData3[] = {0, 0, 2, 1};
131 CBS data, prefixed;
132
133 CBS_init(&data, kData1, sizeof(kData1));
134 CHECK(!CBS_get_u8_length_prefixed(&data, &prefixed));
135
136 CBS_init(&data, kData2, sizeof(kData2));
137 CHECK(!CBS_get_u16_length_prefixed(&data, &prefixed));
138
139 CBS_init(&data, kData3, sizeof(kData3));
140 CHECK(!CBS_get_u24_length_prefixed(&data, &prefixed));
141
142 return 1;
143}
144
145static int
146test_peek_u(void)
147{
148 static const uint8_t kData[] = {
149 1, 2, 3, 4, 5, 6, 7, 8, 9,
150 };
151 uint8_t u8;
152 uint16_t u16;
153 uint32_t u32;
154 CBS data;
155
156 CBS_init(&data, kData, sizeof(kData));
157
158 CHECK(CBS_peek_u8(&data, &u8));
159 CHECK(u8 == 1);
160 CHECK(CBS_peek_u16(&data, &u16));
161 CHECK(u16 == 0x102);
162 CHECK(CBS_peek_u24(&data, &u32));
163 CHECK(u32 == 0x10203);
164 CHECK(CBS_peek_u32(&data, &u32));
165 CHECK(u32 == 0x1020304);
166 CHECK(CBS_get_u32(&data, &u32));
167 CHECK(u32 == 0x1020304);
168 CHECK(CBS_peek_last_u8(&data, &u8));
169 CHECK(u8 == 9);
170 CHECK(CBS_peek_u32(&data, &u32));
171 CHECK(u32 == 0x5060708);
172 CHECK(CBS_get_u32(&data, &u32));
173 CHECK(u32 == 0x5060708);
174 CHECK(CBS_get_u8(&data, &u8));
175 CHECK(u8 == 9);
176 CHECK(!CBS_get_u8(&data, &u8));
177
178 return 1;
179}
180
181static int
182test_get_asn1(void)
183{
184 static const uint8_t kData1[] = {0x30, 2, 1, 2};
185 static const uint8_t kData2[] = {0x30, 3, 1, 2};
186 static const uint8_t kData3[] = {0x30, 0x80};
187 static const uint8_t kData4[] = {0x30, 0x81, 1, 1};
188 static const uint8_t kData5[4 + 0x80] = {0x30, 0x82, 0, 0x80};
189 static const uint8_t kData6[] = {0xa1, 3, 0x4, 1, 1};
190 static const uint8_t kData7[] = {0xa1, 3, 0x4, 2, 1};
191 static const uint8_t kData8[] = {0xa1, 3, 0x2, 1, 1};
192 static const uint8_t kData9[] = {0xa1, 3, 0x2, 1, 0xff};
193
194 CBS data, contents;
195 int present;
196 uint64_t value;
197
198 CBS_init(&data, kData1, sizeof(kData1));
199
200 CHECK(!CBS_peek_asn1_tag(&data, 0x1));
201 CHECK(CBS_peek_asn1_tag(&data, 0x30));
202
203 CHECK(CBS_get_asn1(&data, &contents, 0x30));
204 CHECK(CBS_len(&contents) == 2);
205 CHECK(memcmp(CBS_data(&contents), "\x01\x02", 2) == 0);
206
207 CBS_init(&data, kData2, sizeof(kData2));
208 /* data is truncated */
209 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
210
211 CBS_init(&data, kData3, sizeof(kData3));
212 /* zero byte length of length */
213 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
214
215 CBS_init(&data, kData4, sizeof(kData4));
216 /* long form mistakenly used. */
217 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
218
219 CBS_init(&data, kData5, sizeof(kData5));
220 /* length takes too many bytes. */
221 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
222
223 CBS_init(&data, kData1, sizeof(kData1));
224 /* wrong tag. */
225 CHECK(!CBS_get_asn1(&data, &contents, 0x31));
226
227 CBS_init(&data, NULL, 0);
228 /* peek at empty data. */
229 CHECK(!CBS_peek_asn1_tag(&data, 0x30));
230
231 CBS_init(&data, NULL, 0);
232 /* optional elements at empty data. */
233 CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa0));
234 CHECK(!present);
235 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present,
236 0xa0));
237 CHECK(!present);
238 CHECK(CBS_len(&contents) == 0);
239 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, NULL, 0xa0));
240 CHECK(CBS_len(&contents) == 0);
241 CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa0, 42));
242 CHECK(value == 42);
243
244 CBS_init(&data, kData6, sizeof(kData6));
245 /* optional element. */
246 CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa0));
247 CHECK(!present);
248 CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa1));
249 CHECK(present);
250 CHECK(CBS_len(&contents) == 3);
251 CHECK(memcmp(CBS_data(&contents), "\x04\x01\x01", 3) == 0);
252
253 CBS_init(&data, kData6, sizeof(kData6));
254 /* optional octet string. */
255 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present,
256 0xa0));
257 CHECK(!present);
258 CHECK(CBS_len(&contents) == 0);
259 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present,
260 0xa1));
261 CHECK(present);
262 CHECK(CBS_len(&contents) == 1);
263 CHECK(CBS_data(&contents)[0] == 1);
264
265 CBS_init(&data, kData7, sizeof(kData7));
266 /* invalid optional octet string. */
267 CHECK(!CBS_get_optional_asn1_octet_string(&data, &contents, &present,
268 0xa1));
269
270 CBS_init(&data, kData8, sizeof(kData8));
271 /* optional octet string. */
272 CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa0, 42));
273 CHECK(value == 42);
274 CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa1, 42));
275 CHECK(value == 1);
276
277 CBS_init(&data, kData9, sizeof(kData9));
278 /* invalid optional integer. */
279 CHECK(!CBS_get_optional_asn1_uint64(&data, &value, 0xa1, 42));
280
281 return 1;
282}
283
284static int
285test_get_optional_asn1_bool(void)
286{
287 CBS data;
288 int val;
289
290 static const uint8_t kTrue[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0xff};
291 static const uint8_t kFalse[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x00};
292 static const uint8_t kInvalid[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x01};
293
294 CBS_init(&data, NULL, 0);
295 val = 2;
296 CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0));
297 CHECK(val == 0);
298
299 CBS_init(&data, kTrue, sizeof(kTrue));
300 val = 2;
301 CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0));
302 CHECK(val == 1);
303
304 CBS_init(&data, kFalse, sizeof(kFalse));
305 val = 2;
306 CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 1));
307 CHECK(val == 0);
308
309 CBS_init(&data, kInvalid, sizeof(kInvalid));
310 CHECK(!CBS_get_optional_asn1_bool(&data, &val, 0x0a, 1));
311
312 return 1;
313}
314
315static int
316test_cbb_basic(void)
317{
318 static const uint8_t kExpected[] = {
319 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12,
320 13, 14, 15, 16, 17, 18, 19, 20,
321 };
322 uint8_t *buf = NULL;
323 size_t buf_len;
324 int ret = 0;
325 CBB cbb;
326
327 CHECK(CBB_init(&cbb, 100));
328
329 CBB_cleanup(&cbb);
330
331 CHECK(CBB_init(&cbb, 0));
332 CHECK_GOTO(CBB_add_u8(&cbb, 1));
333 CHECK_GOTO(CBB_add_u16(&cbb, 0x203));
334 CHECK_GOTO(CBB_add_u24(&cbb, 0x40506));
335 CHECK_GOTO(CBB_add_u32(&cbb, 0x708090a));
336 CHECK_GOTO(CBB_add_bytes(&cbb, (const uint8_t*) "\x0b\x0c", 2));
337 CHECK_GOTO(CBB_add_u64(&cbb, 0xd0e0f1011121314LL));
338 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
339
340 ret = (buf_len == sizeof(kExpected)
341 && memcmp(buf, kExpected, buf_len) == 0);
342
343 if (0) {
344err:
345 CBB_cleanup(&cbb);
346 }
347 free(buf);
348 return ret;
349}
350
351static int
352test_cbb_add_space(void)
353{
354 static const uint8_t kExpected[] = {1, 2, 0, 0, 0, 0, 7, 8};
355 uint8_t *buf = NULL;
356 size_t buf_len;
357 uint8_t *data;
358 int ret = 0;
359 CBB cbb;
360
361 CHECK(CBB_init(&cbb, 100));
362
363 CHECK_GOTO(CBB_add_u16(&cbb, 0x102));
364 CHECK_GOTO(CBB_add_space(&cbb, &data, 4));
365 CHECK_GOTO(CBB_add_u16(&cbb, 0x708));
366 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
367
368 ret |= (buf_len == sizeof(kExpected)
369 && memcmp(buf, kExpected, buf_len) == 0);
370
371 memset(buf, 0xa5, buf_len);
372 CHECK(CBB_init_fixed(&cbb, buf, buf_len));
373
374 CHECK_GOTO(CBB_add_u16(&cbb, 0x102));
375 CHECK_GOTO(CBB_add_space(&cbb, &data, 4));
376 CHECK_GOTO(CBB_add_u16(&cbb, 0x708));
377 CHECK_GOTO(CBB_finish(&cbb, NULL, NULL));
378
379 ret |= (buf_len == sizeof(kExpected)
380 && memcmp(buf, kExpected, buf_len) == 0);
381
382 if (0) {
383err:
384 CBB_cleanup(&cbb);
385 }
386 free(buf);
387 return ret;
388}
389
390static int
391test_cbb_fixed(void)
392{
393 CBB cbb;
394 uint8_t buf[1];
395 uint8_t *out_buf = NULL;
396 size_t out_size;
397 int ret = 0;
398
399 CHECK(CBB_init_fixed(&cbb, NULL, 0));
400 CHECK_GOTO(!CBB_add_u8(&cbb, 1));
401 CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size));
402 CHECK(out_buf == NULL && out_size == 0);
403
404 CHECK(CBB_init_fixed(&cbb, buf, 1));
405 CHECK_GOTO(CBB_add_u8(&cbb, 1));
406 CHECK_GOTO(!CBB_add_u8(&cbb, 2));
407 CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size));
408
409 ret = (out_buf == buf && out_size == 1 && buf[0] == 1);
410
411 if (0) {
412err:
413 CBB_cleanup(&cbb);
414 }
415
416 return ret;
417}
418
419static int
420test_cbb_finish_child(void)
421{
422 CBB cbb, child;
423 uint8_t *out_buf = NULL;
424 size_t out_size;
425 int ret = 0;
426
427 CHECK(CBB_init(&cbb, 16));
428 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &child));
429 CHECK_GOTO(!CBB_finish(&child, &out_buf, &out_size));
430 CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size));
431
432 ret = (out_size == 1 && out_buf[0] == 0);
433
434err:
435 free(out_buf);
436 return ret;
437}
438
439static int
440test_cbb_prefixed(void)
441{
442 static const uint8_t kExpected[] = {0, 1, 1, 0, 2, 2, 3, 0, 0, 3,
443 4, 5, 6, 5, 4, 1, 0, 1, 2};
444 CBB cbb, contents, inner_contents, inner_inner_contents;
445 uint8_t *buf = NULL;
446 size_t buf_len;
447 int ret = 0;
448
449 CHECK(CBB_init(&cbb, 0));
450 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
451 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
452 CHECK_GOTO(CBB_add_u8(&contents, 1));
453 CHECK_GOTO(CBB_add_u16_length_prefixed(&cbb, &contents));
454 CHECK_GOTO(CBB_add_u16(&contents, 0x203));
455 CHECK_GOTO(CBB_add_u24_length_prefixed(&cbb, &contents));
456 CHECK_GOTO(CBB_add_u24(&contents, 0x40506));
457 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
458 CHECK_GOTO(CBB_add_u8_length_prefixed(&contents, &inner_contents));
459 CHECK_GOTO(CBB_add_u8(&inner_contents, 1));
460 CHECK_GOTO(CBB_add_u16_length_prefixed(&inner_contents,
461 &inner_inner_contents));
462 CHECK_GOTO(CBB_add_u8(&inner_inner_contents, 2));
463 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
464
465 ret = (buf_len == sizeof(kExpected)
466 && memcmp(buf, kExpected, buf_len) == 0);
467
468 if (0) {
469err:
470 CBB_cleanup(&cbb);
471 }
472 free(buf);
473 return ret;
474}
475
476static int
477test_cbb_discard_child(void)
478{
479 static const uint8_t kExpected[] = {
480 0xaa,
481 0,
482 1, 0xbb,
483 0, 2, 0xcc, 0xcc,
484 0, 0, 3, 0xdd, 0xdd, 0xdd,
485 1, 0xff,
486 };
487 CBB cbb, contents, inner_contents, inner_inner_contents;
488 uint8_t *buf = NULL;
489 size_t buf_len;
490 int ret = 0;
491
492 CHECK(CBB_init(&cbb, 0));
493 CHECK_GOTO(CBB_add_u8(&cbb, 0xaa));
494
495 // Discarding |cbb|'s children preserves the byte written.
496 CBB_discard_child(&cbb);
497
498 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
499 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
500 CHECK_GOTO(CBB_add_u8(&contents, 0xbb));
501 CHECK_GOTO(CBB_add_u16_length_prefixed(&cbb, &contents));
502 CHECK_GOTO(CBB_add_u16(&contents, 0xcccc));
503 CHECK_GOTO(CBB_add_u24_length_prefixed(&cbb, &contents));
504 CHECK_GOTO(CBB_add_u24(&contents, 0xdddddd));
505 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
506 CHECK_GOTO(CBB_add_u8(&contents, 0xff));
507 CHECK_GOTO(CBB_add_u8_length_prefixed(&contents, &inner_contents));
508 CHECK_GOTO(CBB_add_u8(&inner_contents, 0x42));
509 CHECK_GOTO(CBB_add_u16_length_prefixed(&inner_contents,
510 &inner_inner_contents));
511 CHECK_GOTO(CBB_add_u8(&inner_inner_contents, 0x99));
512
513 // Discard everything from |inner_contents| down.
514 CBB_discard_child(&contents);
515
516 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
517
518 ret = (buf_len == sizeof(kExpected)
519 && memcmp(buf, kExpected, buf_len) == 0);
520
521 if (0) {
522err:
523 CBB_cleanup(&cbb);
524 }
525 free(buf);
526 return ret;
527}
528
529static int
530test_cbb_misuse(void)
531{
532 CBB cbb, child, contents;
533 uint8_t *buf = NULL;
534 size_t buf_len;
535 int ret = 0;
536
537 CHECK(CBB_init(&cbb, 0));
538 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &child));
539 CHECK_GOTO(CBB_add_u8(&child, 1));
540 CHECK_GOTO(CBB_add_u8(&cbb, 2));
541
542 /*
543 * Since we wrote to |cbb|, |child| is now invalid and attempts to write
544 * to it should fail.
545 */
546 CHECK_GOTO(!CBB_add_u8(&child, 1));
547 CHECK_GOTO(!CBB_add_u16(&child, 1));
548 CHECK_GOTO(!CBB_add_u24(&child, 1));
549 CHECK_GOTO(!CBB_add_u8_length_prefixed(&child, &contents));
550 CHECK_GOTO(!CBB_add_u16_length_prefixed(&child, &contents));
551 CHECK_GOTO(!CBB_add_asn1(&child, &contents, 1));
552 CHECK_GOTO(!CBB_add_bytes(&child, (const uint8_t*) "a", 1));
553 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
554
555 ret = (buf_len == 3 && memcmp(buf, "\x01\x01\x02", 3) == 0);
556
557 if (0) {
558err:
559 CBB_cleanup(&cbb);
560 }
561 free(buf);
562 return ret;
563}
564
565static int
566test_cbb_asn1(void)
567{
568 static const uint8_t kExpected[] = {0x30, 3, 1, 2, 3};
569 uint8_t *buf = NULL, *test_data = NULL;
570 size_t buf_len;
571 CBB cbb, contents, inner_contents;
572 int ret = 0;
573 int alloc = 0;
574
575 CHECK_GOTO(CBB_init(&cbb, 0));
576 alloc = 1;
577 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
578 CHECK_GOTO(CBB_add_bytes(&contents, (const uint8_t*) "\x01\x02\x03",
579 3));
580 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
581 alloc = 0;
582
583 CHECK_GOTO(buf_len == sizeof(kExpected));
584 CHECK_GOTO(memcmp(buf, kExpected, buf_len) == 0);
585
586 free(buf);
587 buf = NULL;
588
589 CHECK_GOTO(((test_data = malloc(100000)) != NULL));
590 memset(test_data, 0x42, 100000);
591
592 CHECK_GOTO(CBB_init(&cbb, 0));
593 alloc = 1;
594 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
595 CHECK_GOTO(CBB_add_bytes(&contents, test_data, 130));
596 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
597 alloc = 0;
598
599 CHECK_GOTO(buf_len == 3 + 130);
600 CHECK_GOTO(memcmp(buf, "\x30\x81\x82", 3) == 0);
601 CHECK_GOTO(memcmp(buf + 3, test_data, 130) == 0);
602
603 free(buf);
604 buf = NULL;
605
606 CHECK_GOTO(CBB_init(&cbb, 0));
607 alloc = 1;
608 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
609 CHECK_GOTO(CBB_add_bytes(&contents, test_data, 1000));
610 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
611 alloc = 0;
612
613 CHECK_GOTO(buf_len == 4 + 1000);
614 CHECK_GOTO(memcmp(buf, "\x30\x82\x03\xe8", 4) == 0);
615 CHECK_GOTO(!memcmp(buf + 4, test_data, 1000));
616
617 free(buf);
618 buf = NULL;
619
620 CHECK_GOTO(CBB_init(&cbb, 0));
621 alloc = 1;
622 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
623 CHECK_GOTO(CBB_add_asn1(&contents, &inner_contents, 0x30));
624 CHECK_GOTO(CBB_add_bytes(&inner_contents, test_data, 100000));
625 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
626 alloc = 0;
627
628 CHECK_GOTO(buf_len == 5 + 5 + 100000);
629 CHECK_GOTO(memcmp(buf, "\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0", 10)
630 == 0);
631 CHECK_GOTO(!memcmp(buf + 10, test_data, 100000));
632
633 ret = 1;
634
635 if (0) {
636err:
637 if (alloc)
638 CBB_cleanup(&cbb);
639 }
640 free(buf);
641 free(test_data);
642 return ret;
643}
644
645static int
646do_indefinite_convert(const char *name, const uint8_t *definite_expected,
647 size_t definite_len, const uint8_t *indefinite, size_t indefinite_len)
648{
649 CBS in;
650 uint8_t *out = NULL;
651 size_t out_len;
652 int ret = 0;
653
654 CBS_init(&in, indefinite, indefinite_len);
655
656 CHECK_GOTO(CBS_asn1_indefinite_to_definite(&in, &out, &out_len));
657
658 if (out == NULL) {
659
660 if (indefinite_len != definite_len ||
661 memcmp(definite_expected, indefinite, indefinite_len) != 0) {
662 PRINT_ERROR;
663 goto err;
664 }
665
666 return 1;
667 }
668
669 if (out_len != definite_len ||
670 memcmp(out, definite_expected, definite_len) != 0) {
671 PRINT_ERROR;
672 goto err;
673 }
674
675 ret = 1;
676err:
677 free(out);
678 return ret;
679}
680
681static int
682test_indefinite_convert(void)
683{
684 static const uint8_t kSimpleBER[] = {0x01, 0x01, 0x00};
685
686 /* kIndefBER contains a SEQUENCE with an indefinite length. */
687 static const uint8_t kIndefBER[] = {0x30, 0x80, 0x01, 0x01, 0x02, 0x00,
688 0x00};
689 static const uint8_t kIndefDER[] = {0x30, 0x03, 0x01, 0x01, 0x02};
690
691 /*
692 * kOctetStringBER contains an indefinite length OCTETSTRING with two
693 * parts. These parts need to be concatenated in DER form.
694 */
695 static const uint8_t kOctetStringBER[] = {0x24, 0x80, 0x04, 0x02, 0,
696 1, 0x04, 0x02, 2, 3, 0x00, 0x00};
697 static const uint8_t kOctetStringDER[] = {0x04, 0x04, 0, 1, 2, 3};
698
699 /*
700 * kNSSBER is part of a PKCS#12 message generated by NSS that uses
701 * indefinite length elements extensively.
702 */
703 static const uint8_t kNSSBER[] = {
704 0x30, 0x80, 0x02, 0x01, 0x03, 0x30, 0x80, 0x06, 0x09, 0x2a, 0x86,
705 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x80, 0x24, 0x80,
706 0x04, 0x04, 0x01, 0x02, 0x03, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00,
707 0x00, 0x30, 0x39, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e,
708 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x84, 0x98, 0xfc, 0x66,
709 0x33, 0xee, 0xba, 0xe7, 0x90, 0xc1, 0xb6, 0xe8, 0x8f, 0xfe, 0x1d,
710 0xc5, 0xa5, 0x97, 0x93, 0x3e, 0x04, 0x10, 0x38, 0x62, 0xc6, 0x44,
711 0x12, 0xd5, 0x30, 0x00, 0xf8, 0xf2, 0x1b, 0xf0, 0x6e, 0x10, 0x9b,
712 0xb8, 0x02, 0x02, 0x07, 0xd0, 0x00, 0x00,
713 };
714
715 static const uint8_t kNSSDER[] = {
716 0x30, 0x53, 0x02, 0x01, 0x03, 0x30, 0x13, 0x06, 0x09, 0x2a, 0x86,
717 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x06, 0x04, 0x04,
718 0x01, 0x02, 0x03, 0x04, 0x30, 0x39, 0x30, 0x21, 0x30, 0x09, 0x06,
719 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x84,
720 0x98, 0xfc, 0x66, 0x33, 0xee, 0xba, 0xe7, 0x90, 0xc1, 0xb6, 0xe8,
721 0x8f, 0xfe, 0x1d, 0xc5, 0xa5, 0x97, 0x93, 0x3e, 0x04, 0x10, 0x38,
722 0x62, 0xc6, 0x44, 0x12, 0xd5, 0x30, 0x00, 0xf8, 0xf2, 0x1b, 0xf0,
723 0x6e, 0x10, 0x9b, 0xb8, 0x02, 0x02, 0x07, 0xd0,
724 };
725
726 CHECK(do_indefinite_convert("kSimpleBER", kSimpleBER, sizeof(kSimpleBER),
727 kSimpleBER, sizeof(kSimpleBER)));
728 CHECK(do_indefinite_convert("kIndefBER", kIndefDER, sizeof(kIndefDER),
729 kIndefBER, sizeof(kIndefBER)));
730 CHECK(do_indefinite_convert("kOctetStringBER", kOctetStringDER,
731 sizeof(kOctetStringDER), kOctetStringBER,
732 sizeof(kOctetStringBER)));
733 CHECK(do_indefinite_convert("kNSSBER", kNSSDER, sizeof(kNSSDER), kNSSBER,
734 sizeof(kNSSBER)));
735
736 return 1;
737}
738
739typedef struct {
740 uint64_t value;
741 const char *encoding;
742 size_t encoding_len;
743} ASN1_UINT64_TEST;
744
745static const ASN1_UINT64_TEST kAsn1Uint64Tests[] = {
746 {0, "\x02\x01\x00", 3},
747 {1, "\x02\x01\x01", 3},
748 {127, "\x02\x01\x7f", 3},
749 {128, "\x02\x02\x00\x80", 4},
750 {0xdeadbeef, "\x02\x05\x00\xde\xad\xbe\xef", 7},
751 {OPENSSL_U64(0x0102030405060708),
752 "\x02\x08\x01\x02\x03\x04\x05\x06\x07\x08", 10},
753 {OPENSSL_U64(0xffffffffffffffff),
754 "\x02\x09\x00\xff\xff\xff\xff\xff\xff\xff\xff", 11},
755};
756
757typedef struct {
758 const char *encoding;
759 size_t encoding_len;
760} ASN1_INVALID_UINT64_TEST;
761
762static const ASN1_INVALID_UINT64_TEST kAsn1InvalidUint64Tests[] = {
763 /* Bad tag. */
764 {"\x03\x01\x00", 3},
765 /* Empty contents. */
766 {"\x02\x00", 2},
767 /* Negative number. */
768 {"\x02\x01\x80", 3},
769 /* Overflow. */
770 {"\x02\x09\x01\x00\x00\x00\x00\x00\x00\x00\x00", 11},
771 /* Leading zeros. */
772 {"\x02\x02\x00\x01", 4},
773};
774
775static int
776test_asn1_uint64(void)
777{
778 CBB cbb;
779 uint8_t *out = NULL;
780 size_t i;
781 int ret = 0;
782 int alloc = 0;
783
784 for (i = 0; i < sizeof(kAsn1Uint64Tests) / sizeof(kAsn1Uint64Tests[0]);
785 i++) {
786 const ASN1_UINT64_TEST *test = &kAsn1Uint64Tests[i];
787 CBS cbs;
788 uint64_t value;
789 size_t len;
790
791 CBS_init(&cbs, (const uint8_t *)test->encoding,
792 test->encoding_len);
793
794 CHECK(CBS_get_asn1_uint64(&cbs, &value));
795 CHECK(CBS_len(&cbs) == 0);
796 CHECK(value == test->value);
797
798 CHECK(CBB_init(&cbb, 0));
799 alloc = 1;
800 CHECK_GOTO(CBB_add_asn1_uint64(&cbb, test->value));
801 CHECK_GOTO(CBB_finish(&cbb, &out, &len));
802 alloc = 0;
803
804 CHECK_GOTO(len == test->encoding_len);
805 CHECK_GOTO(memcmp(out, test->encoding, len) == 0);
806 free(out);
807 out = NULL;
808 }
809
810 for (i = 0; i < sizeof(kAsn1InvalidUint64Tests)
811 / sizeof(kAsn1InvalidUint64Tests[0]); i++) {
812 const ASN1_INVALID_UINT64_TEST *test =
813 &kAsn1InvalidUint64Tests[i];
814 CBS cbs;
815 uint64_t value;
816
817 CBS_init(&cbs, (const uint8_t *)test->encoding,
818 test->encoding_len);
819 CHECK(!CBS_get_asn1_uint64(&cbs, &value));
820 }
821
822 ret = 1;
823
824 if (0) {
825err:
826 if (alloc)
827 CBB_cleanup(&cbb);
828 }
829 free(out);
830
831 return ret;
832}
833
834static int
835test_offset(void)
836{
837 uint8_t v;
838 static const uint8_t input[] = {1, 2, 3, 4, 5};
839 CBS data;
840
841 CBS_init(&data, input, sizeof(input));
842 CHECK(sizeof(input) == 5);
843 CHECK(CBS_len(&data) == 5);
844 CHECK(CBS_offset(&data) == 0);
845 CHECK(CBS_get_u8(&data, &v));
846 CHECK(v == 1);
847 CHECK(CBS_len(&data) == 4);
848 CHECK(CBS_offset(&data) == 1);
849 CHECK(CBS_skip(&data, 2));
850 CHECK(CBS_len(&data) == 2);
851 CHECK(CBS_offset(&data) == 3);
852 CHECK(CBS_get_u8(&data, &v));
853 CHECK(v == 4);
854 CHECK(CBS_get_u8(&data, &v));
855 CHECK(v == 5);
856 CHECK(CBS_len(&data) == 0);
857 CHECK(CBS_offset(&data) == 5);
858 CHECK(!CBS_skip(&data, 1));
859
860 CBS_init(&data, input, sizeof(input));
861 CHECK(CBS_skip(&data, 2));
862 CHECK(CBS_len(&data) == 3);
863 CHECK(CBS_offset(&data) == 2);
864 CHECK(CBS_skip(&data, 3));
865 CHECK(CBS_len(&data) == 0);
866 CHECK(CBS_offset(&data) == 5);
867 CHECK(!CBS_get_u8(&data, &v));
868
869 return 1;
870}
871
872static int
873test_write_bytes(void)
874{
875 int ret = 0;
876 uint8_t v;
877 size_t len;
878 static const uint8_t input[] = {'f', 'o', 'o', 'b', 'a', 'r'};
879 CBS data;
880 uint8_t *tmp = NULL;
881
882 CHECK_GOTO((tmp = malloc(sizeof(input))) != NULL);
883 memset(tmp, 100, sizeof(input));
884
885 CBS_init(&data, input, sizeof(input));
886 CHECK_GOTO(CBS_len(&data) == 6);
887 CHECK_GOTO(CBS_offset(&data) == 0);
888 CHECK_GOTO(CBS_get_u8(&data, &v));
889 CHECK_GOTO(v == 102 /* f */);
890 CHECK_GOTO(CBS_skip(&data, 1));
891 CHECK_GOTO(!CBS_skip(&data, 15));
892 CHECK_GOTO(CBS_write_bytes(&data, tmp, sizeof(input), &len));
893 CHECK_GOTO(len == 4);
894 CHECK_GOTO(memcmp(input + 2, tmp, len) == 0);
895 CHECK_GOTO(tmp[4] == 100 && tmp[5] == 100);
896
897 ret = 1;
898
899err:
900 free(tmp);
901 return ret;
902}
903
904static int
905test_cbs_dup(void)
906{
907 CBS data, check;
908 static const uint8_t input[] = {'f', 'o', 'o', 'b', 'a', 'r'};
909
910 CBS_init(&data, input, sizeof(input));
911 CHECK(CBS_len(&data) == 6);
912 CBS_dup(&data, &check);
913 CHECK(CBS_len(&check) == 6);
914 CHECK(CBS_data(&data) == CBS_data(&check));
915 CHECK(CBS_skip(&data, 1));
916 CHECK(CBS_len(&data) == 5);
917 CHECK(CBS_len(&check) == 6);
918 CHECK(CBS_data(&data) == CBS_data(&check) + 1);
919 CHECK(CBS_skip(&check, 1));
920 CHECK(CBS_len(&data) == 5);
921 CHECK(CBS_len(&check) == 5);
922 CHECK(CBS_data(&data) == CBS_data(&check));
923 CHECK(CBS_offset(&data) == 1);
924 CHECK(CBS_offset(&check) == 1);
925
926 CBS_init(&data, input, sizeof(input));
927 CHECK(CBS_skip(&data, 5));
928 CBS_dup(&data, &check);
929 CHECK(CBS_len(&data) == 1);
930 CHECK(CBS_len(&check) == 1);
931 CHECK(CBS_data(&data) == input + 5);
932 CHECK(CBS_data(&data) == CBS_data(&check));
933 CHECK(CBS_offset(&data) == 5);
934 CHECK(CBS_offset(&check) == 5);
935
936 return 1;
937}
938
939int
940main(void)
941{
942 int failed = 0;
943
944 failed |= !test_skip();
945 failed |= !test_get_u();
946 failed |= !test_get_prefixed();
947 failed |= !test_get_prefixed_bad();
948 failed |= !test_peek_u();
949 failed |= !test_get_asn1();
950 failed |= !test_cbb_basic();
951 failed |= !test_cbb_add_space();
952 failed |= !test_cbb_fixed();
953 failed |= !test_cbb_finish_child();
954 failed |= !test_cbb_discard_child();
955 failed |= !test_cbb_misuse();
956 failed |= !test_cbb_prefixed();
957 failed |= !test_cbb_asn1();
958 failed |= !test_indefinite_convert();
959 failed |= !test_asn1_uint64();
960 failed |= !test_get_optional_asn1_bool();
961 failed |= !test_offset();
962 failed |= !test_write_bytes();
963 failed |= !test_cbs_dup();
964
965 if (!failed)
966 printf("PASS\n");
967 return failed;
968}
diff --git a/src/regress/lib/libssl/certs/ca-int-ecdsa.crl b/src/regress/lib/libssl/certs/ca-int-ecdsa.crl
deleted file mode 100644
index b904de3ef0..0000000000
--- a/src/regress/lib/libssl/certs/ca-int-ecdsa.crl
+++ /dev/null
@@ -1,8 +0,0 @@
1-----BEGIN X509 CRL-----
2MIHuMIGUMAoGCCqGSM49BAMCMC4xLDAqBgNVBAMMI0xpYnJlU1NMIFRlc3QgSW50
3ZXJtZWRpYXRlIENBIEVDRFNBFw0yMTEyMjcxNDQwNDBaFw0yMjAxMjYxNDQwNDBa
4MDgwGgIJAOVssaaTYoH5Fw0yMTEyMjcxNDQwNDBaMBoCCQDlbLGmk2KB+xcNMjEx
5MjI3MTQ0MDQwWjAKBggqhkjOPQQDAgNJADBGAiEA9FWkenCgh+6Rz0/nuS7DaiUR
6J5imCs0Wx6TiG3YUL3oCIQDfTT+54eKAEFXeYN2oToZtHbTHh5YUici5GA/PDmOG
7Ig==
8-----END X509 CRL-----
diff --git a/src/regress/lib/libssl/certs/ca-int-ecdsa.pem b/src/regress/lib/libssl/certs/ca-int-ecdsa.pem
deleted file mode 100644
index fa1db8638a..0000000000
--- a/src/regress/lib/libssl/certs/ca-int-ecdsa.pem
+++ /dev/null
@@ -1,13 +0,0 @@
1subject= CN = LibreSSL Test Intermediate CA ECDSA
2issuer= CN = LibreSSL Test Root CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
5TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
6MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
7dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
8LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
97/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
10BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
11HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
12VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
13-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/ca-int-rsa.crl b/src/regress/lib/libssl/certs/ca-int-rsa.crl
deleted file mode 100644
index 481886ae57..0000000000
--- a/src/regress/lib/libssl/certs/ca-int-rsa.crl
+++ /dev/null
@@ -1,11 +0,0 @@
1-----BEGIN X509 CRL-----
2MIIBrDCBlTANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0
3IEludGVybWVkaWF0ZSBDQSBSU0EXDTIxMTIyNzE0NDAzOFoXDTIyMDEyNjE0NDAz
4OFowODAaAgkA5WyxppNigfQXDTIxMTIyNzE0NDAzN1owGgIJAOVssaaTYoH2Fw0y
5MTEyMjcxNDQwMzhaMA0GCSqGSIb3DQEBCwUAA4IBAQCGMtlhTlaOK7fK2OHXgoAf
6lDr1FQfqfNo5ZNE2+VqOvjYfgwdOgfxIsIuUoNp9/NhzO3e4KNe6P/33axwIsy7o
7RofbGYFSlHIYPEf1LyvH8z5mT2L2LAQAi+p+QMFizH6KNc74Oftygyi1bcJlN3CJ
8dP9LyvACdJSna7dEh7Snu2hy8tEDAO/RxUrryOZca0+5I4aaD8QCdFwdicDQ8U1s
9gTJ5w1gxkEWKv/J/AjCjRAVoAjE2/sUC1PPOJnZy7b0sS2Fv7zV7UAWSzO0KEYv+
10vav3UekGIgw0A5PDdWmUqCxE7aK71iy4EmlzMyVNULVcF1qX6qBQT5OpXr0Eo6WR
11-----END X509 CRL-----
diff --git a/src/regress/lib/libssl/certs/ca-int-rsa.pem b/src/regress/lib/libssl/certs/ca-int-rsa.pem
deleted file mode 100644
index b457ad6f9a..0000000000
--- a/src/regress/lib/libssl/certs/ca-int-rsa.pem
+++ /dev/null
@@ -1,22 +0,0 @@
1subject= CN = LibreSSL Test Intermediate CA RSA
2issuer= CN = LibreSSL Test Root CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
5BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
6MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
7aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
8I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
9wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
10OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
11XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
125jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
13IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
14A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
15BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
16BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
17jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
18kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
19gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
207Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
21ZgJtfcNeVMglYQ==
22-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/ca-root-ecdsa.pem b/src/regress/lib/libssl/certs/ca-root-ecdsa.pem
deleted file mode 100644
index c7862da58a..0000000000
--- a/src/regress/lib/libssl/certs/ca-root-ecdsa.pem
+++ /dev/null
@@ -1,13 +0,0 @@
1subject= CN = LibreSSL Test Root CA ECDSA
2issuer= CN = LibreSSL Test Root CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBpjCCAUygAwIBAgIJALqTupYRbYuwMAoGCCqGSM49BAMCMCYxJDAiBgNVBAMM
5G0xpYnJlU1NMIFRlc3QgUm9vdCBDQSBFQ0RTQTAeFw0yMTEyMjcxNDQwNDBaFw0z
6MTEyMjUxNDQwNDBaMCYxJDAiBgNVBAMMG0xpYnJlU1NMIFRlc3QgUm9vdCBDQSBF
7Q0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIxQjA3Gp+4irgwEumPY1/EG
8lVy6/olnAc+4elWkj0SqqdjfWanQqO8wHFY0qICKq8lHKhcyw2v9oyOsNVXZj8Kj
9YzBhMB0GA1UdDgQWBBS2+Rq3hR1xQSKm3ov88GAQVgfoDDAfBgNVHSMEGDAWgBS2
10+Rq3hR1xQSKm3ov88GAQVgfoDDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
11AwIBBjAKBggqhkjOPQQDAgNIADBFAiAqAN8RFQOAIXeJcxCHUCN1n3sUBuYF/XkS
12VnTsAEU/kwIhANNk/xjGq9O2YeLEFT1InoltVlwM5P8oa7krPnPbFnwY
13-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/ca-root-rsa.pem b/src/regress/lib/libssl/certs/ca-root-rsa.pem
deleted file mode 100644
index daf3407a93..0000000000
--- a/src/regress/lib/libssl/certs/ca-root-rsa.pem
+++ /dev/null
@@ -1,22 +0,0 @@
1subject= CN = LibreSSL Test Root CA RSA
2issuer= CN = LibreSSL Test Root CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDLjCCAhagAwIBAgIJAIuM+uV8F+LtMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
5BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
6MzExMjI1MTQ0MDM3WjAkMSIwIAYDVQQDDBlMaWJyZVNTTCBUZXN0IFJvb3QgQ0Eg
7UlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvrj8h5JmJ+7V33R
8wloqhM0nLvmidkmk1sqJaOi0GNXoMLnaut90+2TnRiFDbsblzAjTijQC6PEfaJTB
9AEFBgNSQKdhVruYTL5HHhw/XHTjxqftizvJj1FsZh2n6gkTG/QOgbaDMCx+yFF88
10wro7Br32TZF+BuDuyzVcSPJUajYT+C9bWSq9jX8Fhvl5M3IOG7olg3gAMmU+E8SY
11TaKhoJ7KGLHDEQP9NJknJusV8T72lY/TzacVDDOxEUxpuYtJ1Kayytflhs1065Ua
12PkiIReoFnhK/tRAgyxz3bc6HDDmTz4FpyGPcAsSRtEbn1n1417hzH4Neq5eioVmx
13hX1HTwIDAQABo2MwYTAdBgNVHQ4EFgQUPkv8e/SsNCqlESgB8ojoXY//FdEwHwYD
14VR0jBBgwFoAUPkv8e/SsNCqlESgB8ojoXY//FdEwDwYDVR0TAQH/BAUwAwEB/zAO
15BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAEYi6O+l7SS14myiZydm
16eP0hS8+ABWz/xqzu81W5Uxo7XD3sNfz5hkhA3S2FrBg5xpDScAzsM9Og6VRuQA7/
17StWLc2gLvLI6cZNdOCOH/O4K6IYRGR0kXG7WA4MpBiDrPXZKXI3WcUNyTHM36Un4
18ZATRkO+xMLKFpnxHCkY5U9kp8xX5boNxtQsGkWfuG+fm7GVBaQapnvN+WRY4QXKQ
19jF10CFUcIUNGG81XTEhQwpcP0b0ruZK6JBah4VG7lUHbJ6/WoYiGYXCToK09ohIX
20PuWiVTiT9LH90U58No3NfinQPbE55mJju+YNNqLU4Wk3ub5rYpp0WFmo6T9kXL/z
21fO8=
22-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/ca.pem b/src/regress/lib/libssl/certs/ca.pem
deleted file mode 100644
index 07f9b3fddb..0000000000
--- a/src/regress/lib/libssl/certs/ca.pem
+++ /dev/null
@@ -1,45 +0,0 @@
1-----BEGIN CERTIFICATE-----
2MIIDtjCCAp6gAwIBAgIJAJz/hGfwYXLrMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
3BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
4VElORyBQVVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBD
5QTAeFw0xNDA1MjQxNDQ1MTFaFw0yNDA1MjExNDQ1MTFaMGgxCzAJBgNVBAYTAlVL
6MRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVTVElORyBQ
7VVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBDQTCCASIw
8DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANMaarigKGOra5Mc/LrhOkcmHzDs
9vkYL7dfaaht8fLBKRTYwzSBvO9x54koTWjq7HkbaxkYAg3HnDTkNCyzkGKNdM89H
10q/PtGIFFlceQIOat3Kjd05Iw3PtLEWTDjT6FMA9Mkjk/XbpmycqRIwNKtgICoFsG
11juIpc4P31kxK7i3ri+JnlyvVmRZjJxrheJB0qHGXilrOVDPOliDn//jXbcyzXemu
12R8KgAeQM4IIs9jYHJOgHrTItIpwa9wNTEp9KCGkO6xr20NkKyDp6XRyd+hmnUB7r
1377WTptvKPFFTjTDFqEtcif9U2kVkCfn2mSRO8noCbVH++fuR8LMWlD99gt8CAwEA
14AaNjMGEwHQYDVR0OBBYEFIwZD9dCMXcFBuHTsZ/rOft4cTpFMB8GA1UdIwQYMBaA
15FIwZD9dCMXcFBuHTsZ/rOft4cTpFMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
16BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCPfqm4KbYtXEB8aP1RdUH2BkPSjyau
17WQLMGfKNF/zkUQue0REgdJ4wVR06NTTlOCsfHC6b68vgz2QFC1mM8ZANgDiyr4M1
186gjvP0eZQVxokJ3EMzjDMFRHIiFrZZAFr7aGq8dxoruuehovqyehuJRakAe0oNUb
194ZTKrGuTKh9Mwti9721XNFByjeTFL2dlH6ulz7qyfI+lrTi+pNsUchuVYE8a1TP3
20OEiG6whsyPU1YoTlemC1mvW0ixtj8Tcem0KyotCUyOmJlwyWj0bA43sCI6z/OVqJ
21tVvwgfqrOeVNk9nN2JslCsttnwstwqUfDoEXFoScej2CT0QezFGPTN21
22-----END CERTIFICATE-----
23-----BEGIN CERTIFICATE-----
24MIIDvjCCAqagAwIBAgIJAPrXr2k7uM/OMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
25BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
26VElORyBQVVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBD
27QTAeFw0xNDA1MjQxNDQ1MTFaFw0yNDA1MDExNDQ1MTFaMHAxCzAJBgNVBAYTAlVL
28MRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVTVElORyBQ
29VVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJtZWRpYXRl
30IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsErw75CmLYD6pkrG
31W/YhAl/K8L5wJYxDjqu2FghxjD8K308W3EHq4uBxEwR1OHXaM1+6ZZw7/r2I37VL
32IdurBEAIEUdbzx0so74FPawgz5EW2CTqoJnK8F71/vo5Kj1VPwW46CxwxUR3cfvJ
33GNXND2ip0TcyTSPLROXOyQakcVfIGJmdSa1wHKi+c2gMA4emADudZUOYLrg80gr2
34ldePm07ynbVsKKzCcStw8MdmoW9Qt3fLnPJn2TFUUBNWj+4kvL+88edWCVQXKNds
35ysD/CDrH4W/hjyPDStVsM6XpiNU0+L2ZY6fcj3OP8d0goOx45xotMn9m8hNkCGsr
36VXx9IwIDAQABo2MwYTAdBgNVHQ4EFgQUNsNsiOeV/rC97M4+PYarIYGH2towHwYD
37VR0jBBgwFoAUjBkP10IxdwUG4dOxn+s5+3hxOkUwDwYDVR0TAQH/BAUwAwEB/zAO
38BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAAIwwR8jyFN6qYGIRAKi
39ahyeHd26hNPC4RiCvjz6dytuvDUqfMTUZcjBy6Ez1Wsfs1/PC8u3IDpOTwZSz72K
40ACQzPpmXREWkO5nx8I+W+94yJsbklhsTxDlZj3X2oJCQ7qO4hdIpYESWfMchYra9
415e55SMBXeGDp+uRILt+6UfOXCGaXaoYqyrzQROJAiGy1x96A/5sU6ZU3KdKN1JLM
42XTZ268ihubCMRVScHnpYUjRDoGrhnQM7007ybVfRUGNXDs+ENqjGfyxc5ScR+Un4
43UQtOd4zD2g9wrdXvlDiqxci6W7IOEPVP6qHG2GIh+T2zpO3GOAuZCe5cjLiCDATs
44hNw=
45-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client.pem b/src/regress/lib/libssl/certs/client.pem
deleted file mode 100644
index ce4bf49ce6..0000000000
--- a/src/regress/lib/libssl/certs/client.pem
+++ /dev/null
@@ -1,51 +0,0 @@
1subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Client Cert
2issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
3-----BEGIN CERTIFICATE-----
4MIIDpTCCAo2gAwIBAgIJAPYm3GvOr5eTMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
5BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
6VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
7ZWRpYXRlIENBMB4XDTE0MDUyNDE0NDUxMVoXDTI0MDQwMTE0NDUxMVowZDELMAkG
8A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
9RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgQ2xpZW50IENlcnQw
10ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ranbHRLcLVqN+0BzcZpY
11+yOLqxzDWT1LD9eW1stC4NzXX9/DCtSIVyN7YIHdGLrIPr64IDdXXaMRzgZ2rOKs
12lmHCAiFpO/ja99gGCJRxH0xwQatqAULfJVHeUhs7OEGOZc2nWifjqKvGfNTilP7D
13nwi69ipQFq9oS19FmhwVHk2wg7KZGHI1qDyG04UrfCZMRitvS9+UVhPpIPjuiBi2
14x3/FZIpL5gXJvvFK6xHY63oq2asyzBATntBgnP4qJFWWcvRx24wF1PnZabxuVoL2
15bPnQ/KvONDrw3IdqkKhYNTul7jEcu3OlcZIMw+7DiaKJLAzKb/bBF5gm/pwW6As9
16AgMBAAGjTjBMMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCwGCWCGSAGG
17+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0B
18AQUFAAOCAQEAJzA4KTjkjXGSC4He63yX9Br0DneGBzjAwc1H6f72uqnCs8m7jgkE
19PQJFdTzQUKh97QPUuayZ2gl8XHagg+iWGy60Kw37gQ0+lumCN2sllvifhHU9R03H
20bWtS4kue+yQjMbrzf3zWygMDgwvFOUAIgBpH9qGc+CdNu97INTYd0Mvz51vLlxRn
21sC5aBYCWaZFnw3lWYxf9eVFRy9U+DkYFqX0LpmbDtcKP7AZGE6ZwSzaim+Cnoz1u
22Cgn+QmpFXgJKMFIZ82iSZISn+JkCCGxctZX1lMvai4Wi8Y0HxW9FTFZ6KBNwwE4B
23zjbN/ehBkgLlW/DWfi44DvwUHmuU6QP3cw==
24-----END CERTIFICATE-----
25-----BEGIN RSA PRIVATE KEY-----
26MIIEpQIBAAKCAQEAtK2p2x0S3C1ajftAc3GaWPsji6scw1k9Sw/XltbLQuDc11/f
27wwrUiFcje2CB3Ri6yD6+uCA3V12jEc4GdqzirJZhwgIhaTv42vfYBgiUcR9McEGr
28agFC3yVR3lIbOzhBjmXNp1on46irxnzU4pT+w58IuvYqUBavaEtfRZocFR5NsIOy
29mRhyNag8htOFK3wmTEYrb0vflFYT6SD47ogYtsd/xWSKS+YFyb7xSusR2Ot6Ktmr
30MswQE57QYJz+KiRVlnL0cduMBdT52Wm8blaC9mz50PyrzjQ68NyHapCoWDU7pe4x
31HLtzpXGSDMPuw4miiSwMym/2wReYJv6cFugLPQIDAQABAoIBAAZOyc9MhIwLSU4L
32p4RgQvM4UVVe8/Id+3XTZ8NsXExJbWxXfIhiqGjaIfL8u4vsgRjcl+v1s/jo2/iT
33KMab4o4D8gXD7UavQVDjtjb/ta79WL3SjRl2Uc9YjjMkyq6WmDNQeo2NKDdafCTB
341uzSJtLNipB8Z53ELPuHJhxX9QMHrMnuha49riQgXZ7buP9iQrHJFhImBjSzbxJx
35L+TI6rkyLSf9Wi0Pd3L27Ob3QWNfNRYNSeTE+08eSRChkur5W0RuXAcuAICdQlCl
36LBvWO/LmmvbzCqiDcgy/TliSb6CGGwgiNG7LJZmlkYNj8laGwalNlYZs3UrVv6NO
37Br2loAECgYEA2kvCvPGj0Dg/6g7WhXDvAkEbcaL1tSeCxBbNH+6HS2UWMWvyTtCn
38/bbD519QIdkvayy1QjEf32GV/UjUVmlULMLBcDy0DGjtL3+XpIhLKWDNxN1v1/ai
391oz23ZJCOgnk6K4qtFtlRS1XtynjA+rBetvYvLP9SKeFrnpzCgaA2r0CgYEA0+KX
401ACXDTNH5ySX3kMjSS9xdINf+OOw4CvPHFwbtc9aqk2HePlEsBTz5I/W3rKwXva3
41NqZ/bRqVVeZB/hHKFywgdUQk2Uc5z/S7Lw70/w1HubNTXGU06Ngb6zOFAo/o/TwZ
42zTP1BMIKSOB6PAZPS3l+aLO4FRIRotfFhgRHOoECgYEAmiZbqt8cJaJDB/5YYDzC
43mp3tSk6gIb936Q6M5VqkMYp9pIKsxhk0N8aDCnTU+kIK6SzWBpr3/d9Ecmqmfyq7
445SvWO3KyVf0WWK9KH0abhOm2BKm2HBQvI0DB5u8sUx2/hsvOnjPYDISbZ11t0MtK
45u35Zy89yMYcSsIYJjG/ROCUCgYEAgI2P9G5PNxEP5OtMwOsW84Y3Xat/hPAQFlI+
46HES+AzbFGWJkeT8zL2nm95tVkFP1sggZ7Kxjz3w7cpx7GX0NkbWSE9O+T51pNASV
47tN1sQ3p5M+/a+cnlqgfEGJVvc7iAcXQPa3LEi5h2yPR49QYXAgG6cifn3dDSpmwn
48SUI7PQECgYEApGCIIpSRPLAEHTGmP87RBL1smurhwmy2s/pghkvUkWehtxg0sGHh
49kuaqDWcskogv+QC0sVdytiLSz8G0DwcEcsHK1Fkyb8A+ayiw6jWJDo2m9+IF4Fww
501Te6jFPYDESnbhq7+TLGgHGhtwcu5cnb4vSuYXGXKupZGzoLOBbv1Zw=
51-----END RSA PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client1-ecdsa-chain.pem b/src/regress/lib/libssl/certs/client1-ecdsa-chain.pem
deleted file mode 100644
index 7a6883db94..0000000000
--- a/src/regress/lib/libssl/certs/client1-ecdsa-chain.pem
+++ /dev/null
@@ -1,27 +0,0 @@
1subject= CN = LibreSSL Test Client 1 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBrTCCAVKgAwIBAgIJAOVssaaTYoH6MAoGCCqGSM49BAMCMC4xLDAqBgNVBAMM
5I0xpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTIxMTIyNzE0
6NDA0MFoXDTMxMTIyNTE0NDA0MFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBD
7bGllbnQgMSBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMnRxZ9SVIjF
8eygaoub4qyo/tQlHXpQ2U66mhwKhchXD02w3viqOW0qklPSRhwV4nFKsdkVTogCg
9Y8AJokxKDU6jYDBeMB0GA1UdDgQWBBTikUU9S7ASdWw7fhaYVdDqUAyH+DAfBgNV
10HSMEGDAWgBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1Ud
11DwEB/wQEAwIHgDAKBggqhkjOPQQDAgNJADBGAiEA+Aal+cjgT+pknsmAPbivSHY+
129clFV0Ree1c+nPbBz8cCIQCZDS2G/X8QthK7hZwV2mYhwvd6M/8kwet4u39qJYx8
13eA==
14-----END CERTIFICATE-----
15subject= CN = LibreSSL Test Intermediate CA ECDSA
16issuer= CN = LibreSSL Test Root CA ECDSA
17-----BEGIN CERTIFICATE-----
18MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
19TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
20MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
21dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
22LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
237/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
24BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
25HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
26VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
27-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client1-ecdsa.pem b/src/regress/lib/libssl/certs/client1-ecdsa.pem
deleted file mode 100644
index 7d1b2cfc00..0000000000
--- a/src/regress/lib/libssl/certs/client1-ecdsa.pem
+++ /dev/null
@@ -1,19 +0,0 @@
1subject= CN = LibreSSL Test Client 1 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBrTCCAVKgAwIBAgIJAOVssaaTYoH6MAoGCCqGSM49BAMCMC4xLDAqBgNVBAMM
5I0xpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTIxMTIyNzE0
6NDA0MFoXDTMxMTIyNTE0NDA0MFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBD
7bGllbnQgMSBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMnRxZ9SVIjF
8eygaoub4qyo/tQlHXpQ2U66mhwKhchXD02w3viqOW0qklPSRhwV4nFKsdkVTogCg
9Y8AJokxKDU6jYDBeMB0GA1UdDgQWBBTikUU9S7ASdWw7fhaYVdDqUAyH+DAfBgNV
10HSMEGDAWgBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1Ud
11DwEB/wQEAwIHgDAKBggqhkjOPQQDAgNJADBGAiEA+Aal+cjgT+pknsmAPbivSHY+
129clFV0Ree1c+nPbBz8cCIQCZDS2G/X8QthK7hZwV2mYhwvd6M/8kwet4u39qJYx8
13eA==
14-----END CERTIFICATE-----
15-----BEGIN PRIVATE KEY-----
16MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQghOgzNmZV/rLf5+I5
17pnOXJ3N6W8QE5biANh/RVNNmNImhRANCAATJ0cWfUlSIxXsoGqLm+KsqP7UJR16U
18NlOupocCoXIVw9NsN74qjltKpJT0kYcFeJxSrHZFU6IAoGPACaJMSg1O
19-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client1-rsa-chain.pem b/src/regress/lib/libssl/certs/client1-rsa-chain.pem
deleted file mode 100644
index e5267eb346..0000000000
--- a/src/regress/lib/libssl/certs/client1-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Client 1 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH1MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzhaFw0zMTEyMjUxNDQwMzhaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7Q2xpZW50IDEgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyct5
8l3L4GIzbFPszUioY0/+W9IGnQqOlBtFJQSzJtM96/UcJ/9MEkz08UUaf07CTYWy/
9Qbwl3DizPV9yymiae64oe9RBc2Hh/Z88473Q6UZvPrdoexoVb159tTdvF8IDfIER
10HEB2VAtssFvszERa04ndpDqS8tHfBcLGUCu2kZQ0FSCKbNSDLLwoQmyNgnWo8PDY
11XshJGdABaTmnhpkrhJq2zeYiUResoWo8z08iVn7vLgjRNTi9mtXr5eC4L0DfEuZB
12exaC8frQXH2rXKvojFrFwJ67QLwCOiUKbGlUQBeKS6iahgDL/dRprHqbNZFI7in4
13QiokqixjfzYSmALFqwIDAQABo2AwXjAdBgNVHQ4EFgQUNRNEZs+zkqBu6va5XyGv
14UfzSKZQwHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBACmIu0ppKw1T
16hzGAoyjxK0y1ffbIDvObcwAMtXSHprMNhkdk7jyQBiXpx4ngEg1LhalUUDkp9Yt1
17qUVjyM4cphJL7ni3N/SyoUtuYWY4s8mqIhloT5adaUJ24kHJ2eFzNBLDuno5wen4
18dXKevTZPNqkkNohbVHrrFewsqS8CYw+rfiNerOJYZzSMbueWK5Pck0od05STZlAE
19/B2zesXgd3ZmRKM8jrlZS6gan1FaJOzwErccP7jWnrOeW9uLysRg0ww26/H8Q9xS
20dm0L8IXjzmE/yodk/nrt9G72mJnUITt4uHW/1ibMi4+iUR0Ff4oeqrBHQAbRawMK
21XKRzXhtI9sI=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client1-rsa.pem b/src/regress/lib/libssl/certs/client1-rsa.pem
deleted file mode 100644
index 7e0c47cc46..0000000000
--- a/src/regress/lib/libssl/certs/client1-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Client 1 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH1MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzhaFw0zMTEyMjUxNDQwMzhaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7Q2xpZW50IDEgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyct5
8l3L4GIzbFPszUioY0/+W9IGnQqOlBtFJQSzJtM96/UcJ/9MEkz08UUaf07CTYWy/
9Qbwl3DizPV9yymiae64oe9RBc2Hh/Z88473Q6UZvPrdoexoVb159tTdvF8IDfIER
10HEB2VAtssFvszERa04ndpDqS8tHfBcLGUCu2kZQ0FSCKbNSDLLwoQmyNgnWo8PDY
11XshJGdABaTmnhpkrhJq2zeYiUResoWo8z08iVn7vLgjRNTi9mtXr5eC4L0DfEuZB
12exaC8frQXH2rXKvojFrFwJ67QLwCOiUKbGlUQBeKS6iahgDL/dRprHqbNZFI7in4
13QiokqixjfzYSmALFqwIDAQABo2AwXjAdBgNVHQ4EFgQUNRNEZs+zkqBu6va5XyGv
14UfzSKZQwHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBACmIu0ppKw1T
16hzGAoyjxK0y1ffbIDvObcwAMtXSHprMNhkdk7jyQBiXpx4ngEg1LhalUUDkp9Yt1
17qUVjyM4cphJL7ni3N/SyoUtuYWY4s8mqIhloT5adaUJ24kHJ2eFzNBLDuno5wen4
18dXKevTZPNqkkNohbVHrrFewsqS8CYw+rfiNerOJYZzSMbueWK5Pck0od05STZlAE
19/B2zesXgd3ZmRKM8jrlZS6gan1FaJOzwErccP7jWnrOeW9uLysRg0ww26/H8Q9xS
20dm0L8IXjzmE/yodk/nrt9G72mJnUITt4uHW/1ibMi4+iUR0Ff4oeqrBHQAbRawMK
21XKRzXhtI9sI=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDJy3mXcvgYjNsU
25+zNSKhjT/5b0gadCo6UG0UlBLMm0z3r9Rwn/0wSTPTxRRp/TsJNhbL9BvCXcOLM9
26X3LKaJp7rih71EFzYeH9nzzjvdDpRm8+t2h7GhVvXn21N28XwgN8gREcQHZUC2yw
27W+zMRFrTid2kOpLy0d8FwsZQK7aRlDQVIIps1IMsvChCbI2Cdajw8NheyEkZ0AFp
28OaeGmSuEmrbN5iJRF6yhajzPTyJWfu8uCNE1OL2a1evl4LgvQN8S5kF7FoLx+tBc
29fatcq+iMWsXAnrtAvAI6JQpsaVRAF4pLqJqGAMv91Gmseps1kUjuKfhCKiSqLGN/
30NhKYAsWrAgMBAAECggEAahMtnXDv/We9mi/Z8Gz0lCwcm/azh5IiI41MJph2hzcx
31fYYkOXghRYzA8jBfv5VoQ6Q4fUN722Fqxu4vlzqZSj5oRX9z0EU52GomRcj30kgW
32Hi+nGl7BucM/7Uxwd1qjHoVyCxnPmapPvfz0YwPjgqNMARJRQJcV1x9lw6rW03rW
33qvoQKwnQ5vZRYldFnvYXRM0VUu8GdruaidWJ2Ra6FUFbEH+I77oIIoyWgXniq9jq
34h0VJNRVCLwV4rFzmMkOAz1yxvJ+4UG9/wHYsZVhJDkyos1FVf0klKipKTS7Z87Em
35aFlZ01JrM//kS/qdgohllCU8Xt1uVtvsYmJY9T6IEQKBgQD1IJzdopCI+BL7PfWf
36qSpyUOgp+8J50CnIJ42ZdBWDhPZSbBqWmqbgBlnXEyPwkKVOhHde6td9DtxRVOiE
37Zfy0gpUp4xWUxFdMKyW0+JmsmXiUJKIck6LxqfYDZUTzD2wp1/AhLGJ2M/J5e4IP
38umr6IQ4BbDfKGp2NiHEQElCmdwKBgQDSvtOy71EhewJQ9slazR+10skSBbc5Ks9W
39cy1fZKcnNB/dPenak5i8Gr04nPhhNvgAwmtDGb9hH1mwjHCUz/TaoPsbTKvtTN2N
40MxFzQEsE9F803ULOvFOppe5YEy/M2OaDLHVil1bMwbrg3pGKD4TUfy5cE2NfCDi3
41JwlKk6uDbQKBgQCLAQ9zb7hes66v4pbjD18OrGq7RBUoVq8a3bMijf2VM1UrsDnz
42pYd0CqXvnN8IkD3tpJi8rpe8Ry0QwgGI8vy2sEY+FpQqZJzMiLs9QKyEgBMsjwmP
43Avmn6SWlD0xmORyxLc7yQOUk+phJ44wBt0jqxsvWarPIXAd0NydGYdxySQKBgAWo
44B4iS8cuDQLGpngfo34QCz1DDhIJtSrlYSAx6aB4eQQiwI7mxInVSBmghlm0Ni6SB
45k11usHtL2x1o95CW8Ex566N08FxjJsMmbr54KEtOv8tscOGZnmk8QeRtR2gpHi7B
46H7lwtGy0em6UqrVY60jEzRq9jno7f0IzMwWkZwMVAoGAL9mQ8xVIaDNyhK477NvD
47ZF2AWrHHLXDeTfwdI+HTCUdeDC208kgTx4Z/AX1cN7KQtWZfKIW0bWtCDnKsIwbK
48zheDR2AjuDEbT9HWLtYgQvx5/fEc/yxJqtQk+n4CTrDY+rNeow51kziBKWFnu8Je
49m38SJSK7uNLz5ZWNgj3XIUE=
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client2-ecdsa-chain.pem b/src/regress/lib/libssl/certs/client2-ecdsa-chain.pem
deleted file mode 100644
index 0cba867b7f..0000000000
--- a/src/regress/lib/libssl/certs/client2-ecdsa-chain.pem
+++ /dev/null
@@ -1,26 +0,0 @@
1subject= CN = LibreSSL Test Client 2 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBpjCCAUygAwIBAgIDEAACMAoGCCqGSM49BAMCMC4xLDAqBgNVBAMMI0xpYnJl
5U1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTEwMDEwMTAwMDAwMFoX
6DTIwMDEwMTAwMDAwMFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBDbGllbnQg
7MiBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABL7oVxdDfyspO7ozwbv+
82QKCXR8Z1+JWKj6lLmAkN6GY/gXPYcCAtXOWRoVt5yg4YrH0eOJalah7yGjAeHLq
9EHijYDBeMB0GA1UdDgQWBBRO8eCtJ/+3xfn+3qY31gP3Ch5JvDAfBgNVHSMEGDAW
10gBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
11AwIHgDAKBggqhkjOPQQDAgNIADBFAiEA10kcAL7I/Y0KVNryJGrfVa1er0uiUXxS
122GmnKWFCQKECID9PY+LK4+DNvxyn4ld47AGJZjdolx6mwLFHK8RvtLo9
13-----END CERTIFICATE-----
14subject= CN = LibreSSL Test Intermediate CA ECDSA
15issuer= CN = LibreSSL Test Root CA ECDSA
16-----BEGIN CERTIFICATE-----
17MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
18TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
19MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
20dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
21LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
227/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
23BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
24HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
25VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
26-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client2-ecdsa.pem b/src/regress/lib/libssl/certs/client2-ecdsa.pem
deleted file mode 100644
index f0576e6eb1..0000000000
--- a/src/regress/lib/libssl/certs/client2-ecdsa.pem
+++ /dev/null
@@ -1,18 +0,0 @@
1subject= CN = LibreSSL Test Client 2 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBpjCCAUygAwIBAgIDEAACMAoGCCqGSM49BAMCMC4xLDAqBgNVBAMMI0xpYnJl
5U1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTEwMDEwMTAwMDAwMFoX
6DTIwMDEwMTAwMDAwMFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBDbGllbnQg
7MiBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABL7oVxdDfyspO7ozwbv+
82QKCXR8Z1+JWKj6lLmAkN6GY/gXPYcCAtXOWRoVt5yg4YrH0eOJalah7yGjAeHLq
9EHijYDBeMB0GA1UdDgQWBBRO8eCtJ/+3xfn+3qY31gP3Ch5JvDAfBgNVHSMEGDAW
10gBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
11AwIHgDAKBggqhkjOPQQDAgNIADBFAiEA10kcAL7I/Y0KVNryJGrfVa1er0uiUXxS
122GmnKWFCQKECID9PY+LK4+DNvxyn4ld47AGJZjdolx6mwLFHK8RvtLo9
13-----END CERTIFICATE-----
14-----BEGIN PRIVATE KEY-----
15MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgGJcFF0AYtzYr190f
16tXnGfakMTr5zk0UO1nAfVSLMW2OhRANCAAS+6FcXQ38rKTu6M8G7/tkCgl0fGdfi
17Vio+pS5gJDehmP4Fz2HAgLVzlkaFbecoOGKx9HjiWpWoe8howHhy6hB4
18-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client2-rsa-chain.pem b/src/regress/lib/libssl/certs/client2-rsa-chain.pem
deleted file mode 100644
index bc09c2e059..0000000000
--- a/src/regress/lib/libssl/certs/client2-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Client 2 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDLjCCAhagAwIBAgIDEAACMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNVBAMMIUxp
5YnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0xMDAxMDEwMDAwMDBa
6Fw0yMDAxMDEwMDAwMDBaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3QgQ2xpZW50
7IDIgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TPjTtVn4l/2
83g+XVWUMpxZWu1G3GJ1TY14loqG2lLcyFwHfbxPgjdeUYUXgKw2v3LKdK1xlwohi
97adKmf8ZsqgWYd+SWtvzyoEEEvWQVj5bbs2+EI9CTP4L96lqsiBYZoHxCI+TG3pY
106JOZQT2wmJEL0zeK9cmUXoaV6fQOcEtSmp6m8XWLEEyUZvVHG3OX+7FtcV0snDfz
11XrnvpRpu4zolbCC6jysufU46VoJNrrKdPlDu4PbF8PKrJl7jOSULaYHqugIeniMV
12V9enkg9t0Bb8bW5sW8/c4vwS52dlRNLHXkwGE7u9+XEVOGDJ+a01eRjVOxQwqptn
13qrWTF++D0QIDAQABo2AwXjAdBgNVHQ4EFgQUmUxF57QtRFh9JBPTMx5rUvRjj+4w
14HwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/BAIwADAO
15BgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAMAvLchG7tWtNXPK3+Ie
16u+htMMPhgJCsHhEC0ssZezD3BfYHaJh7ayQwI1KWKrQOwu9z+oOGWQjoVmhBzoi2
17hmvH9vT4GFVnM5agf68USNLxQvlQiShfnqPZiy3EduwY0q+uNvvNYlHeLTp/Au7F
18SesJqWoaMr3130n8QqiO8myNjUj3GVrmBBpFogU5qxQAHkcy2AbpkATjRtfG4Jn2
19DWXR9Yd56KuvmkpdVkw+DScOXbIgXmHyutJ7qDbm6lwXLD3U5ulvbSxXW/MhJpb9
2072UjtpQbhMzcyQwCvNrKnST+QqKMisAdkOOhCdEYTj8flpCbMA5bqwBRX+t+AMeD
214lY=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client2-rsa.pem b/src/regress/lib/libssl/certs/client2-rsa.pem
deleted file mode 100644
index b4431ce674..0000000000
--- a/src/regress/lib/libssl/certs/client2-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Client 2 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDLjCCAhagAwIBAgIDEAACMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNVBAMMIUxp
5YnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0xMDAxMDEwMDAwMDBa
6Fw0yMDAxMDEwMDAwMDBaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3QgQ2xpZW50
7IDIgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TPjTtVn4l/2
83g+XVWUMpxZWu1G3GJ1TY14loqG2lLcyFwHfbxPgjdeUYUXgKw2v3LKdK1xlwohi
97adKmf8ZsqgWYd+SWtvzyoEEEvWQVj5bbs2+EI9CTP4L96lqsiBYZoHxCI+TG3pY
106JOZQT2wmJEL0zeK9cmUXoaV6fQOcEtSmp6m8XWLEEyUZvVHG3OX+7FtcV0snDfz
11XrnvpRpu4zolbCC6jysufU46VoJNrrKdPlDu4PbF8PKrJl7jOSULaYHqugIeniMV
12V9enkg9t0Bb8bW5sW8/c4vwS52dlRNLHXkwGE7u9+XEVOGDJ+a01eRjVOxQwqptn
13qrWTF++D0QIDAQABo2AwXjAdBgNVHQ4EFgQUmUxF57QtRFh9JBPTMx5rUvRjj+4w
14HwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/BAIwADAO
15BgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAMAvLchG7tWtNXPK3+Ie
16u+htMMPhgJCsHhEC0ssZezD3BfYHaJh7ayQwI1KWKrQOwu9z+oOGWQjoVmhBzoi2
17hmvH9vT4GFVnM5agf68USNLxQvlQiShfnqPZiy3EduwY0q+uNvvNYlHeLTp/Au7F
18SesJqWoaMr3130n8QqiO8myNjUj3GVrmBBpFogU5qxQAHkcy2AbpkATjRtfG4Jn2
19DWXR9Yd56KuvmkpdVkw+DScOXbIgXmHyutJ7qDbm6lwXLD3U5ulvbSxXW/MhJpb9
2072UjtpQbhMzcyQwCvNrKnST+QqKMisAdkOOhCdEYTj8flpCbMA5bqwBRX+t+AMeD
214lY=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDpM+NO1WfiX/be
25D5dVZQynFla7UbcYnVNjXiWiobaUtzIXAd9vE+CN15RhReArDa/csp0rXGXCiGLt
26p0qZ/xmyqBZh35Ja2/PKgQQS9ZBWPltuzb4Qj0JM/gv3qWqyIFhmgfEIj5Mbeljo
27k5lBPbCYkQvTN4r1yZRehpXp9A5wS1KanqbxdYsQTJRm9Ucbc5f7sW1xXSycN/Ne
28ue+lGm7jOiVsILqPKy59TjpWgk2usp0+UO7g9sXw8qsmXuM5JQtpgeq6Ah6eIxVX
2916eSD23QFvxtbmxbz9zi/BLnZ2VE0sdeTAYTu735cRU4YMn5rTV5GNU7FDCqm2eq
30tZMX74PRAgMBAAECggEAGghk06QXGLpFwLxU1H+XTf+8ZuTUX7cQXANiiCktTKS2
31vsLCwo+hfbQXKFS4lZXNkAGQcgq6gWDgSk9mkJJduAfzl7FxkRsEuBJ29fbbygTk
32CBaHpSmY6SdjBp6u/nuF4suWsLH2ZhbeXfg8H4BXenCWtVl59b4vBe5YRemswvQv
33DJzV9gVKDf7HnvcjUMBXNKNWk0cLlodKX6bRhpPbq/WNPAubA3z4Z0JZqnW9uuWa
34wTd7QPeKxVbQmz5Y5hifKMI4ML5i1+Fo6Xvcdt1TwfeHYy+iPNtB8fEu1VdH25DN
35iN5iiMOr7go8MOc4LxCZGsXqIDd6WYOg/DmCEsSiEQKBgQD78UT9ezhI7TLVmUdC
36eQd8+oi1qXykHXpMvobCJUrEulF6/iZSICcVVdH/DcvGRPv7A+90QZWGcY2Bzhtz
378C2XFLqLvSyHegSA4P57PbHjBOqowFAWntLTn/gSOb+nYKSM5XzOQq7RQctYX3EO
38jZb4GKhPOUwzy2Ugd9zNhqD8gwKBgQDs9VtAYvM2i3ylRLH/UdAu/E+oA05ydxT1
39dt4tK6R54KSZk+E/LM/k8D3p70tyiRbfky6DtGrGZSpyecCPdkNF0FJTRER1eDsb
40Au2uH6zP0nn2FUnQnL5fcIkVlclukf8pMox5fbFcoZjIWti9TURIdMTkaQVX9LKf
41Gme84UX2GwKBgQCqsJZuKbpDZjinkDZAKeFR4icW9KIWSkZekkKYbE2QpS6o5mEu
42CMyR3tfsNfuV84zITq0/lWNpd6tIg0wEK3enwQp1vA/cJWXBry2ab30CcoVNGSXp
43fWcWq22VY3yeOJKjRqNc1r671RigYeEl2/WpVoNJUWd4O9fivHJi6FBPYwKBgQDI
443B5y0K27gbex3C5J8A7ZlTTshYj8zGZuwEkK3yC30y2TpV/dDl5XgTHqV9aLixth
45f0CBkfCkpeK6UOxib2wNBM6UGJ0zOixX9D6HSABT1eVeLKN6ezOAcUMykdrCqG0z
46fc7HuT0b+TsqMp/gr1t/U8QGneNSsHCtH1PqLscAGwKBgFdecOiUhKezd6mReDYc
47cBKBN/2EBPNCSKlzuskSGoU/mC0H+2Mj1XX4fx5Wjvjp3hqKEVgs/L8Eth1KYfgF
48CaQzGAkavihH03L73to1Wj/K4XineBAKZLtXkdzWdB+kM8zkYJqmagh6h6BlXFun
49TJvYJYIK9U3kvhZtsD6w1slZ
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client3-ecdsa-chain.pem b/src/regress/lib/libssl/certs/client3-ecdsa-chain.pem
deleted file mode 100644
index a389943eeb..0000000000
--- a/src/regress/lib/libssl/certs/client3-ecdsa-chain.pem
+++ /dev/null
@@ -1,26 +0,0 @@
1subject= CN = LibreSSL Test Client 3 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqjCCAVGgAwIBAgIJAOVssaaTYoH7MAkGByqGSM49BAEwLjEsMCoGA1UEAwwj
5TGlicmVTU0wgVGVzdCBJbnRlcm1lZGlhdGUgQ0EgRUNEU0EwHhcNMjExMjI3MTQ0
6MDQwWhcNMzExMjI1MTQ0MDQwWjAnMSUwIwYDVQQDDBxMaWJyZVNTTCBUZXN0IENs
7aWVudCAzIEVDRFNBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqlNqEjPuPpw3
8HaWxXbWql6f9g2HPei7RGZRfEAeNrnWT+Y4okVoqcxjeLNBA6dNl3uALWbSmDu6a
9kmBSU1aY9KNgMF4wHQYDVR0OBBYEFKxGR7LhwxXUGYyxjqBrxi5RKHamMB8GA1Ud
10IwQYMBaAFBdWPW/8SlcSOULKAnKBq1AN5MIIMAwGA1UdEwEB/wQCMAAwDgYDVR0P
11AQH/BAQDAgeAMAkGByqGSM49BAEDSAAwRQIhAMFzwaCpvWiXD+zEZ/mUBdbMQq2W
12JLELD9Mv11NiBhi6AiAN/QNQjluNEUTkxCH6p9bQiOYCQ3DOnPTxrSly/RQOSQ==
13-----END CERTIFICATE-----
14subject= CN = LibreSSL Test Intermediate CA ECDSA
15issuer= CN = LibreSSL Test Root CA ECDSA
16-----BEGIN CERTIFICATE-----
17MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
18TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
19MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
20dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
21LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
227/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
23BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
24HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
25VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
26-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client3-ecdsa.pem b/src/regress/lib/libssl/certs/client3-ecdsa.pem
deleted file mode 100644
index f42528bfa2..0000000000
--- a/src/regress/lib/libssl/certs/client3-ecdsa.pem
+++ /dev/null
@@ -1,18 +0,0 @@
1subject= CN = LibreSSL Test Client 3 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqjCCAVGgAwIBAgIJAOVssaaTYoH7MAkGByqGSM49BAEwLjEsMCoGA1UEAwwj
5TGlicmVTU0wgVGVzdCBJbnRlcm1lZGlhdGUgQ0EgRUNEU0EwHhcNMjExMjI3MTQ0
6MDQwWhcNMzExMjI1MTQ0MDQwWjAnMSUwIwYDVQQDDBxMaWJyZVNTTCBUZXN0IENs
7aWVudCAzIEVDRFNBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqlNqEjPuPpw3
8HaWxXbWql6f9g2HPei7RGZRfEAeNrnWT+Y4okVoqcxjeLNBA6dNl3uALWbSmDu6a
9kmBSU1aY9KNgMF4wHQYDVR0OBBYEFKxGR7LhwxXUGYyxjqBrxi5RKHamMB8GA1Ud
10IwQYMBaAFBdWPW/8SlcSOULKAnKBq1AN5MIIMAwGA1UdEwEB/wQCMAAwDgYDVR0P
11AQH/BAQDAgeAMAkGByqGSM49BAEDSAAwRQIhAMFzwaCpvWiXD+zEZ/mUBdbMQq2W
12JLELD9Mv11NiBhi6AiAN/QNQjluNEUTkxCH6p9bQiOYCQ3DOnPTxrSly/RQOSQ==
13-----END CERTIFICATE-----
14-----BEGIN PRIVATE KEY-----
15MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfaMOzQZ+d1yL3ToI
16VPcHtdkIVhqatu/rDcJLuJcNnQehRANCAASqU2oSM+4+nDcdpbFdtaqXp/2DYc96
17LtEZlF8QB42udZP5jiiRWipzGN4s0EDp02Xe4AtZtKYO7pqSYFJTVpj0
18-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client3-rsa-chain.pem b/src/regress/lib/libssl/certs/client3-rsa-chain.pem
deleted file mode 100644
index 251344f934..0000000000
--- a/src/regress/lib/libssl/certs/client3-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Client 3 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH2MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzhaFw0zMTEyMjUxNDQwMzhaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7Q2xpZW50IDMgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1vW
8q3L63zPi8RJaJ07LsR05gCBYJ7FrnprqKbo7swLra3HE5WQFTxxOPkzBBnCUEaa2
9tqPtov34mrOmnYTQDBxpljx5u6AzjgMfwJZfh7CtGf893nbbP7T2f3pXAFBR0A32
10xmEvso5afyLNRvmxCsrdr2u73bETmBqFQFgGrhtBpTeGqsixgOegZzKHVF67ZjJi
11e+faM24GAtkOiPB7PfVgZFyTfe8HQsqqcMRVtjd7JxuN33k8cFIWqv5i8oqVLBME
12mLFM2WFIYNTsMtQ38eA7xieuuK6OPTp+cJKQY6jA3wUJOTRt9UE7pEjxOTumckfM
13u/ZE1+AODHkH97FptwIDAQABo2AwXjAdBgNVHQ4EFgQUz44RRa+P1oRBVI6lla3o
14VsVQq7swHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAFgL5955qwHN
16vFGnAKoHhoszX3qf2h8zc5HvFfnbvZbBbsuRFW1/QGfQPGWDq8YUlb6wu8NjLjSM
17qTSYd1CvWXO1s91kr3LM5k7+9x+whOgbzWjGiprloS9pXcZ+ljTunW4o7jE7pPjZ
18opk7W2WmD7/dEDg10x0yDZnKbzea5PMpp6kLqNjtENW4SETtcnwBdi/MZ09ApuUC
19E+XWK/uKmxbIJ7Rt/Vi5H3BE74w7souq7fMwGGk7NL8Fmha78VQApKvZV/Rsfrio
20D0vVU8djTlEJyXCeqFYU2eKWhc0bfiONIFJ6Wtg/1cR6Jn12+6X36J+wW1G3ibMu
21ey+V9oVpM2U=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client3-rsa.pem b/src/regress/lib/libssl/certs/client3-rsa.pem
deleted file mode 100644
index b825391c52..0000000000
--- a/src/regress/lib/libssl/certs/client3-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Client 3 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH2MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzhaFw0zMTEyMjUxNDQwMzhaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7Q2xpZW50IDMgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1vW
8q3L63zPi8RJaJ07LsR05gCBYJ7FrnprqKbo7swLra3HE5WQFTxxOPkzBBnCUEaa2
9tqPtov34mrOmnYTQDBxpljx5u6AzjgMfwJZfh7CtGf893nbbP7T2f3pXAFBR0A32
10xmEvso5afyLNRvmxCsrdr2u73bETmBqFQFgGrhtBpTeGqsixgOegZzKHVF67ZjJi
11e+faM24GAtkOiPB7PfVgZFyTfe8HQsqqcMRVtjd7JxuN33k8cFIWqv5i8oqVLBME
12mLFM2WFIYNTsMtQ38eA7xieuuK6OPTp+cJKQY6jA3wUJOTRt9UE7pEjxOTumckfM
13u/ZE1+AODHkH97FptwIDAQABo2AwXjAdBgNVHQ4EFgQUz44RRa+P1oRBVI6lla3o
14VsVQq7swHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAFgL5955qwHN
16vFGnAKoHhoszX3qf2h8zc5HvFfnbvZbBbsuRFW1/QGfQPGWDq8YUlb6wu8NjLjSM
17qTSYd1CvWXO1s91kr3LM5k7+9x+whOgbzWjGiprloS9pXcZ+ljTunW4o7jE7pPjZ
18opk7W2WmD7/dEDg10x0yDZnKbzea5PMpp6kLqNjtENW4SETtcnwBdi/MZ09ApuUC
19E+XWK/uKmxbIJ7Rt/Vi5H3BE74w7souq7fMwGGk7NL8Fmha78VQApKvZV/Rsfrio
20D0vVU8djTlEJyXCeqFYU2eKWhc0bfiONIFJ6Wtg/1cR6Jn12+6X36J+wW1G3ibMu
21ey+V9oVpM2U=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCnW9arcvrfM+Lx
25ElonTsuxHTmAIFgnsWuemuopujuzAutrccTlZAVPHE4+TMEGcJQRpra2o+2i/fia
26s6adhNAMHGmWPHm7oDOOAx/All+HsK0Z/z3edts/tPZ/elcAUFHQDfbGYS+yjlp/
27Is1G+bEKyt2va7vdsROYGoVAWAauG0GlN4aqyLGA56BnModUXrtmMmJ759ozbgYC
282Q6I8Hs99WBkXJN97wdCyqpwxFW2N3snG43feTxwUhaq/mLyipUsEwSYsUzZYUhg
291Owy1Dfx4DvGJ664ro49On5wkpBjqMDfBQk5NG31QTukSPE5O6ZyR8y79kTX4A4M
30eQf3sWm3AgMBAAECggEBAJV3HddtDsR8sHegbkegxaXeddYKDPEWMQkrTWoK2vpa
315ynEJ5a+p0cp/m8BWXqI3JSPEas36CmjLH3taCZR0QSf82SrigSZZLG19IupQJQM
32o+wN2pFuEQ1qbqMW/dBX61kmv3gYn+KV5BibWj3DDeyXlTjvvI6XcOps9QisFPs0
33BqPC7U4B3DaILeK+cLS9ONjXv4WgGi1LB8dpSR3HgT+qKs/bceCWGCcjfi3PQVJw
348Ahv8wce71rwIWxhnh6hcHq8iiGUj2CAtOA9E4qtxgQ5VkhR049pPQ0CkcrFBRT8
35wTDF5ffzSAbU9QRp/cL7k/eeEAiNQg0aL2GUHhmO/KECgYEA1PxATAFTzX6K4nM/
36yRU769vegTiblYjzUB5JL7baMUgSGgXrZ4UomtQQiYZSDhho8bDSEKM7cNzddMTo
37BFyKTvV4Won6LtF2R/JiFbUfDxhGS1+uoLXGciAFdB+NABLrmTQ0jp0N3y53UBmr
38jwMDz9BqXq+6QoM3lLUsL4V2j08CgYEAySiax4D3pkr3T6iTuEaLqW9vTV58vWUY
39sDstNA2YONYTPHUtFMpVfPgMmrraWHl3yNC2LB9W3SjJ+05oRYObUBI1oAg68u9z
40T2+jcxM3fN8HFwyFMm5gd3tygawdwGsvCjLPMJaHdtwlbg8lYfHyEl1hJRA+cnKg
41Y5hrfWtpJRkCgYEApWeBR4WAX4Z2tYZrcu5aqsEF+7TKn0bMLtxWWgfXS459AFi4
42iJyQ/CzU6vi1oNy0I37+pI0gDHZ6RcTlqv1zK/7WiPm+ob1p7lX+dn1CsaZYcRDN
43vWFtzBOyKIyYJAaNkV1Js7eknj6nyj0lTts4ipuBACfYru7Yq1RIDF/Jw2ECgYA9
44qTWwu+at0cL3ZwxI6076VA9BHxqLj8a+lpUnpJcprO1eleiIu/DyirKKZ4ZwomNG
45aju9UKn2xv8LCqDJ1iqwo7ROZtdzClVFX0oyBwz2OQNaXFsj91OYrH2QJCtGhVR5
46AtQh57KEi7zpfLkPyfNTD86sZstNl7d0cA9a9abYWQKBgQCPESj1LojjkEvGKtiD
479w+ZMaDf+mYK+RYQnjEthUMpAPI+mhm9cAl8mMJu3FaNgviOX9oB1/1XGl1Pj5od
48KWej9CF1ltoW/PcjsSTeeRFye5jvXn9BLr3w6iUl9pwyo4sVyLHgMzZpiQvGoRNy
49u80tjy6bVP3dGa5VHm36pENC4Q==
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/make-certs.sh b/src/regress/lib/libssl/certs/make-certs.sh
deleted file mode 100755
index c90b7c8ff3..0000000000
--- a/src/regress/lib/libssl/certs/make-certs.sh
+++ /dev/null
@@ -1,263 +0,0 @@
1#!/bin/ksh
2
3#
4# Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
5#
6# Permission to use, copy, modify, and distribute this software for any
7# purpose with or without fee is hereby granted, provided that the above
8# copyright notice and this permission notice appear in all copies.
9#
10# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17#
18
19set -e
20set -u
21set -x
22
23readonly SUBJECT="/CN=LibreSSL Test"
24
25readonly TMPDIR=$(mktemp -d)
26
27cleanup() {
28 rm -rf "${TMPDIR}"
29}
30
31trap cleanup EXIT INT
32
33reset() {
34 echo '100001' > ${TMPDIR}/certserial
35 cat /dev/null > ${TMPDIR}/certindex
36}
37
38setup() {
39 reset
40
41 cat > ${TMPDIR}/openssl.cnf <<EOF
42[ca]
43default_ca = test_ca
44
45[test_ca]
46new_certs_dir = ${TMPDIR}/
47database = ${TMPDIR}/certindex
48default_days = 365
49default_md = sha256
50policy = test_policy
51serial = ${TMPDIR}/certserial
52
53[test_policy]
54countryName = optional
55stateOrProvinceName = optional
56localityName = optional
57organizationName = optional
58organizationalUnitName = optional
59commonName = supplied
60emailAddress = optional
61
62[v3_ca_root]
63subjectKeyIdentifier = hash
64authorityKeyIdentifier = keyid:always,issuer
65basicConstraints = critical, CA:true
66keyUsage = critical, cRLSign, keyCertSign
67
68[v3_ca_int]
69subjectKeyIdentifier = hash
70authorityKeyIdentifier = keyid:always,issuer
71basicConstraints = critical, CA:true
72keyUsage = critical, cRLSign, keyCertSign
73
74[v3_other]
75subjectKeyIdentifier = hash
76authorityKeyIdentifier = keyid:always,issuer
77basicConstraints = critical, CA:false
78keyUsage = critical, digitalSignature
79
80[req]
81distinguished_name = req_distinguished_name
82
83[ req_distinguished_name ]
84EOF
85}
86
87key_type_to_args() {
88 local key_type=$1
89
90 alg=${key_type%:*}
91 param=${key_type#*:}
92
93 if [[ "${alg}" == "rsa" ]]; then
94 echo "-newkey ${key_type}";
95 elif [[ "${alg}" == "ec" ]]; then
96 echo "-newkey $alg -pkeyopt ec_paramgen_curve:${param}"
97 else
98 echo "Unknown key type ${key_type}" >&2
99 exit 1
100 fi
101}
102
103create_root() {
104 local name=$1 file=$2 key_type=$3
105
106 key_args=$(key_type_to_args "${key_type}")
107
108 openssl req -new -days 3650 -nodes ${key_args} -sha256 -x509 \
109 -subj "${SUBJECT} ${name}" -keyout "${TMPDIR}/${file}.key" \
110 -config ${TMPDIR}/openssl.cnf -extensions v3_ca_root \
111 -out "${TMPDIR}/${file}.crt"
112}
113
114create_intermediate() {
115 local name=$1 file=$2 issuer_file=$3 key_type=$4
116
117 key_args=$(key_type_to_args "${key_type}")
118
119 openssl req -new -days 3650 -nodes ${key_args} -sha256 \
120 -subj "${SUBJECT} ${name}" -keyout "${TMPDIR}/${file}.key" \
121 -out "${TMPDIR}/${file}.csr"
122 openssl x509 -req -days 3650 -CA "${TMPDIR}/${issuer_file}.crt" \
123 -CAkey "${TMPDIR}/${issuer_file}.key" -CAcreateserial \
124 -extfile ${TMPDIR}/openssl.cnf -extensions v3_ca_int \
125 -in "${TMPDIR}/${file}.csr" -out "${TMPDIR}/${file}.crt"
126}
127
128create_leaf() {
129 local name=$1 file=$2 issuer_file=$3 key_type=$4
130
131 key_args=$(key_type_to_args "${key_type}")
132
133 openssl req -new -days 3650 -nodes ${key_args} -sha256 \
134 -subj "${SUBJECT} ${name}" -keyout "${TMPDIR}/${file}.key" \
135 -out "${TMPDIR}/${file}.csr"
136 openssl x509 -req -days 3650 -CA "${TMPDIR}/${issuer_file}.crt" \
137 -CAkey "${TMPDIR}/${issuer_file}.key" -CAcreateserial -sha256 \
138 -extfile ${TMPDIR}/openssl.cnf -extensions v3_other \
139 -in "${TMPDIR}/${file}.csr" -out "${TMPDIR}/${file}.crt"
140}
141
142create_expired_leaf() {
143 local name=$1 file=$2 issuer_file=$3 key_type=$4
144
145 key_args=$(key_type_to_args "${key_type}")
146
147 openssl req -new -days 3650 -nodes ${key_args} -sha256 \
148 -subj "${SUBJECT} ${name}" -keyout "${TMPDIR}/${file}.key" \
149 -out "${TMPDIR}/${file}.csr"
150 openssl ca -batch -notext -cert "${TMPDIR}/${issuer_file}.crt" \
151 -keyfile "${TMPDIR}/${issuer_file}.key" \
152 -config ${TMPDIR}/openssl.cnf -extensions v3_other \
153 -startdate 20100101000000Z -enddate 20200101000000Z \
154 -in "${TMPDIR}/${file}.csr" -out "${TMPDIR}/${file}.crt"
155}
156
157create_revoked_leaf() {
158 local name=$1 file=$2 issuer_file=$3 key_type=$4
159
160 key_args=$(key_type_to_args "${key_type}")
161
162 openssl req -new -days 3650 -nodes ${key_args} -sha256 \
163 -subj "${SUBJECT} ${name}" -keyout "${TMPDIR}/${file}.key" \
164 -out "${TMPDIR}/${file}.csr"
165 openssl x509 -req -days 3650 -CA "${TMPDIR}/${issuer_file}.crt" \
166 -CAkey "${TMPDIR}/${issuer_file}.key" -CAcreateserial \
167 -extfile ${TMPDIR}/openssl.cnf -extensions v3_other \
168 -in "${TMPDIR}/${file}.csr" -out "${TMPDIR}/${file}.crt"
169 openssl ca -cert "${TMPDIR}/${issuer_file}.crt" \
170 -keyfile "${TMPDIR}/${issuer_file}.key" \
171 -config "${TMPDIR}/openssl.cnf" -extensions v3_other \
172 -revoke "${TMPDIR}/${file}.crt"
173 openssl ca -gencrl -cert "${TMPDIR}/${issuer_file}.crt" \
174 -keyfile "${TMPDIR}/${issuer_file}.key" \
175 -config "${TMPDIR}/openssl.cnf" -extensions v3_other \
176 -crldays 30 -out "${TMPDIR}/${issuer_file}.crl"
177}
178
179create_bundle() {
180 local bundle_file=$1
181 shift
182
183 mkdir -p $(dirname ${bundle_file})
184 cat /dev/null > ${bundle_file}
185
186 for _cert_file in $@; do
187 openssl x509 -nameopt oneline -subject -issuer \
188 -in "${TMPDIR}/${_cert_file}.crt" >> ${bundle_file}
189 done
190}
191
192create_bundle_with_key() {
193 local bundle_file=$1
194 shift
195
196 mkdir -p $(dirname ${bundle_file})
197 cat /dev/null > ${bundle_file}
198
199 for _cert_file in $@; do
200 openssl x509 -nameopt oneline -subject -issuer -noout \
201 -in "${TMPDIR}/${_cert_file}.crt" >> ${bundle_file}
202 done
203 for _cert_file in $@; do
204 cat "${TMPDIR}/${_cert_file}.crt" >> ${bundle_file}
205 done
206 for _key_file in $@; do
207 cat "${TMPDIR}/${_key_file}.key" >> ${bundle_file}
208 done
209}
210
211setup
212
213reset
214create_root "Root CA RSA" "ca-root-rsa" "rsa:2048"
215create_intermediate "Intermediate CA RSA" "ca-int-rsa" "ca-root-rsa" "rsa:2048"
216create_leaf "Server 1 RSA" "server-1-rsa" "ca-int-rsa" "rsa:2048"
217create_expired_leaf "Server 2 RSA" "server-2-rsa" "ca-int-rsa" "rsa:2048"
218create_revoked_leaf "Server 3 RSA" "server-3-rsa" "ca-int-rsa" "rsa:2048"
219create_leaf "Client 1 RSA" "client-1-rsa" "ca-int-rsa" "rsa:2048"
220create_expired_leaf "Client 2 RSA" "client-2-rsa" "ca-int-rsa" "rsa:2048"
221create_revoked_leaf "Client 3 RSA" "client-3-rsa" "ca-int-rsa" "rsa:2048"
222
223create_bundle "./ca-root-rsa.pem" "ca-root-rsa"
224create_bundle "./ca-int-rsa.pem" "ca-int-rsa"
225cp "${TMPDIR}/ca-int-rsa.crl" "./ca-int-rsa.crl"
226create_bundle_with_key "./server1-rsa.pem" "server-1-rsa"
227create_bundle "./server1-rsa-chain.pem" "server-1-rsa" "ca-int-rsa"
228create_bundle_with_key "./server2-rsa.pem" "server-2-rsa"
229create_bundle "./server2-rsa-chain.pem" "server-2-rsa" "ca-int-rsa"
230create_bundle_with_key "./server3-rsa.pem" "server-3-rsa"
231create_bundle "./server3-rsa-chain.pem" "server-3-rsa" "ca-int-rsa"
232create_bundle_with_key "./client1-rsa.pem" "client-1-rsa"
233create_bundle "./client1-rsa-chain.pem" "client-1-rsa" "ca-int-rsa"
234create_bundle_with_key "./client2-rsa.pem" "client-2-rsa"
235create_bundle "./client2-rsa-chain.pem" "client-2-rsa" "ca-int-rsa"
236create_bundle_with_key "./client3-rsa.pem" "client-3-rsa"
237create_bundle "./client3-rsa-chain.pem" "client-3-rsa" "ca-int-rsa"
238
239reset
240create_root "Root CA ECDSA" "ca-root-ecdsa" "ec:prime256v1"
241create_intermediate "Intermediate CA ECDSA" "ca-int-ecdsa" "ca-root-ecdsa" "ec:prime256v1"
242create_leaf "Server 1 ECDSA" "server-1-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
243create_expired_leaf "Server 2 ECDSA" "server-2-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
244create_revoked_leaf "Server 3 ECDSA" "server-3-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
245create_leaf "Client 1 ECDSA" "client-1-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
246create_expired_leaf "Client 2 ECDSA" "client-2-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
247create_revoked_leaf "Client 3 ECDSA" "client-3-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
248
249create_bundle "./ca-root-ecdsa.pem" "ca-root-ecdsa"
250create_bundle "./ca-int-ecdsa.pem" "ca-int-ecdsa"
251cp "${TMPDIR}/ca-int-ecdsa.crl" "./ca-int-ecdsa.crl"
252create_bundle_with_key "./server1-ecdsa.pem" "server-1-ecdsa"
253create_bundle "./server1-ecdsa-chain.pem" "server-1-ecdsa" "ca-int-ecdsa"
254create_bundle_with_key "./server2-ecdsa.pem" "server-2-ecdsa"
255create_bundle "./server2-ecdsa-chain.pem" "server-2-ecdsa" "ca-int-ecdsa"
256create_bundle_with_key "./server3-ecdsa.pem" "server-3-ecdsa"
257create_bundle "./server3-ecdsa-chain.pem" "server-3-ecdsa" "ca-int-ecdsa"
258create_bundle_with_key "./client1-ecdsa.pem" "client-1-ecdsa"
259create_bundle "./client1-ecdsa-chain.pem" "client-1-ecdsa" "ca-int-ecdsa"
260create_bundle_with_key "./client2-ecdsa.pem" "client-2-ecdsa"
261create_bundle "./client2-ecdsa-chain.pem" "client-2-ecdsa" "ca-int-ecdsa"
262create_bundle_with_key "./client3-ecdsa.pem" "client-3-ecdsa"
263create_bundle "./client3-ecdsa-chain.pem" "client-3-ecdsa" "ca-int-ecdsa"
diff --git a/src/regress/lib/libssl/certs/server.pem b/src/regress/lib/libssl/certs/server.pem
deleted file mode 100644
index 7412490f51..0000000000
--- a/src/regress/lib/libssl/certs/server.pem
+++ /dev/null
@@ -1,51 +0,0 @@
1subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert
2issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
3-----BEGIN CERTIFICATE-----
4MIIDpTCCAo2gAwIBAgIJAPYm3GvOr5eUMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
5BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
6VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
7ZWRpYXRlIENBMB4XDTE0MDUyNDE0NDUxMloXDTI0MDQwMTE0NDUxMlowZDELMAkG
8A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
9RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgU2VydmVyIENlcnQw
10ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzhPOSNtyyRspmeuUpxfNJ
11KCLTuf7g3uQ4zu4iHOmRO5TQci+HhVlLZrHF9XqFXcIP0y4pWDbMSGuiorUmzmfi
12R7bfSdI/+qIQt8KXRH6HNG1t8ou0VSvWId5TS5Dq/er5ODUr9OaaDva7EquHIcMv
13vPQGuI+OEAcnleVCy9HVEIySrO4P3CNIicnGkwwiAud05yUAq/gPXBC1hTtmlPD7
14TVcGVSEiJdvzqqlgv02qedGrkki6GY4S7GjZxrrf7Foc2EP+51LJzwLQx3/JfrCU
1541NEWAsu/Sl0tQabXESN+zJ1pDqoZ3uHMgpQjeGiE0olr+YcsSW/tJmiU9OiAr8R
16AgMBAAGjTjBMMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCwGCWCGSAGG
17+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0B
18AQUFAAOCAQEADfy8VrY5er5ebYLyiC1il5kVOuJHSf8aN5SciJz/VcifA1+Hl2Bu
19CfuizhP/kUdB9PTSj8ep9sL+5PBFl7CZJDO6Sxs5+qJe15XvLBP8UEdvc779plL6
20StUMJT0aU/MaqUZZCldC3G4CcbwzOzKSD5YzvxxIGspxBWRduZKKMOju/4aqK76p
21dwA/VGCve9mjft3LIrb0gSaPi5KmdGtpAjzW3H1+63DSqxCYb1oiPtUZBs4STwjh
22WPRmAEVR4RPCETM3Sth4C+bE0QMCGY12ctcbzhj7Xgo7LcSpqviq6JD8SPuU7ISL
23hy4NcnBBHJr9OV9WTLpmS9V9Vg6QmOpxQw==
24-----END CERTIFICATE-----
25-----BEGIN RSA PRIVATE KEY-----
26MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv
27h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL
28tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu
29D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI
30uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6
31qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn
32zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3
33r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D
34AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R
355s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm
36W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH
37674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg
38utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY
39BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX
404qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a
41WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8
42bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH
436ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex
444UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa
45WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g
46n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB
47JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+
48OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX
49xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK
50UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==
51-----END RSA PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server1-ecdsa-chain.pem b/src/regress/lib/libssl/certs/server1-ecdsa-chain.pem
deleted file mode 100644
index 46add4d11c..0000000000
--- a/src/regress/lib/libssl/certs/server1-ecdsa-chain.pem
+++ /dev/null
@@ -1,26 +0,0 @@
1subject= CN = LibreSSL Test Server 1 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqzCCAVKgAwIBAgIJAOVssaaTYoH4MAoGCCqGSM49BAMCMC4xLDAqBgNVBAMM
5I0xpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTIxMTIyNzE0
6NDA0MFoXDTMxMTIyNTE0NDA0MFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBT
7ZXJ2ZXIgMSBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLCfzrwjvJ6V
8m2Jog48gtuDNYupHd8TKOCVb6J7f1/U3Owwy2//ZVTvM+9uoIC8xxUJAmN0PC+9a
9+5TkRWiD1KWjYDBeMB0GA1UdDgQWBBTo776/p89eGJwMmJRNk4k+xGVRPTAfBgNV
10HSMEGDAWgBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1Ud
11DwEB/wQEAwIHgDAKBggqhkjOPQQDAgNHADBEAiAhHPaADQMcGea7iBRbKZWSHUAf
12fZSNIWF/nYASNBvKLgIgQXLiuWxt6/a7vxaZwgYXkhP1YfDSC5Kpktxr/3jHcAU=
13-----END CERTIFICATE-----
14subject= CN = LibreSSL Test Intermediate CA ECDSA
15issuer= CN = LibreSSL Test Root CA ECDSA
16-----BEGIN CERTIFICATE-----
17MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
18TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
19MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
20dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
21LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
227/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
23BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
24HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
25VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
26-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server1-ecdsa.pem b/src/regress/lib/libssl/certs/server1-ecdsa.pem
deleted file mode 100644
index 541fed6efe..0000000000
--- a/src/regress/lib/libssl/certs/server1-ecdsa.pem
+++ /dev/null
@@ -1,18 +0,0 @@
1subject= CN = LibreSSL Test Server 1 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqzCCAVKgAwIBAgIJAOVssaaTYoH4MAoGCCqGSM49BAMCMC4xLDAqBgNVBAMM
5I0xpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTIxMTIyNzE0
6NDA0MFoXDTMxMTIyNTE0NDA0MFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBT
7ZXJ2ZXIgMSBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLCfzrwjvJ6V
8m2Jog48gtuDNYupHd8TKOCVb6J7f1/U3Owwy2//ZVTvM+9uoIC8xxUJAmN0PC+9a
9+5TkRWiD1KWjYDBeMB0GA1UdDgQWBBTo776/p89eGJwMmJRNk4k+xGVRPTAfBgNV
10HSMEGDAWgBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1Ud
11DwEB/wQEAwIHgDAKBggqhkjOPQQDAgNHADBEAiAhHPaADQMcGea7iBRbKZWSHUAf
12fZSNIWF/nYASNBvKLgIgQXLiuWxt6/a7vxaZwgYXkhP1YfDSC5Kpktxr/3jHcAU=
13-----END CERTIFICATE-----
14-----BEGIN PRIVATE KEY-----
15MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgvh2q0Zzqn18tPux2
16csqpbWDtHGialpwtx/r/0ENHeKOhRANCAASwn868I7yelZtiaIOPILbgzWLqR3fE
17yjglW+ie39f1NzsMMtv/2VU7zPvbqCAvMcVCQJjdDwvvWvuU5EVog9Sl
18-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server1-rsa-chain.pem b/src/regress/lib/libssl/certs/server1-rsa-chain.pem
deleted file mode 100644
index 57dec7b5b4..0000000000
--- a/src/regress/lib/libssl/certs/server1-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Server 1 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoHzMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzdaFw0zMTEyMjUxNDQwMzdaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7U2VydmVyIDEgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvyt
8i0uA2qaFltVb8+PElYk84AnjY0WZDcGtKSMCAYTD857fO2V4S/wpJ9ZMt8kBKQ29
9D2Glkkhc/HPpb7wJcAUT++aZ/PbOtuzOHzdxheOolfZ6aw+qCSiVlcflKfMp7VPL
10swimqKpm6atl2aSqldKfmGzjhAAPiTXbzUjh9pbTfO8ykdn/6AqP7ju3+4sseMPL
11seNq1wstWRdiHm0P/BoJn4lwDe7QTSp1AxMqDTz5BiO+UjCW2oTsOFfo/hhslQf5
12qv7uPLrz/VWiEojQP5RzfcnVwplUgTvtaOkXxZeOH7VkKS1v8W506/h3RIKj0X8Y
13JDLuIPqSAPNLWGyH4wIDAQABo2AwXjAdBgNVHQ4EFgQUFJPGTfe+ULC/anJ4fCVz
14DXA0JI4wHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAGP5hYyAYzlj
16YCV24ApNPb+mNEMHu1SL1MgDXJOTWZMFOvuYcibtmcVIfwpM4+UpC7cRqPRjBEqm
17NdLbJi4jGzQDNOcI7OZCCx6oKvAhjMofpb42Iq4bDuBqlhHRXvYnO30y0yRbSGXt
18GvKvkNKOSXUnY1UtcBAN5szcyFk30xQK+f/2VqJguvjsTquFV+piqFyq91ICyIeQ
191gjTn1N2/SkmYpwZdyf0HqSjyqJ0FG4xiW6T0HmX1QI651Kux49vLel7ySxzGY+6
20axnPilTYx/7pkciGk5ckLdujpXsDPhC+E2hdoee494c5NvX/uibYhigLU/gHK/ZP
21YisY8ihnPl8=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server1-rsa.pem b/src/regress/lib/libssl/certs/server1-rsa.pem
deleted file mode 100644
index 12e9ac9ec9..0000000000
--- a/src/regress/lib/libssl/certs/server1-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Server 1 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoHzMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzdaFw0zMTEyMjUxNDQwMzdaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7U2VydmVyIDEgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvyt
8i0uA2qaFltVb8+PElYk84AnjY0WZDcGtKSMCAYTD857fO2V4S/wpJ9ZMt8kBKQ29
9D2Glkkhc/HPpb7wJcAUT++aZ/PbOtuzOHzdxheOolfZ6aw+qCSiVlcflKfMp7VPL
10swimqKpm6atl2aSqldKfmGzjhAAPiTXbzUjh9pbTfO8ykdn/6AqP7ju3+4sseMPL
11seNq1wstWRdiHm0P/BoJn4lwDe7QTSp1AxMqDTz5BiO+UjCW2oTsOFfo/hhslQf5
12qv7uPLrz/VWiEojQP5RzfcnVwplUgTvtaOkXxZeOH7VkKS1v8W506/h3RIKj0X8Y
13JDLuIPqSAPNLWGyH4wIDAQABo2AwXjAdBgNVHQ4EFgQUFJPGTfe+ULC/anJ4fCVz
14DXA0JI4wHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAGP5hYyAYzlj
16YCV24ApNPb+mNEMHu1SL1MgDXJOTWZMFOvuYcibtmcVIfwpM4+UpC7cRqPRjBEqm
17NdLbJi4jGzQDNOcI7OZCCx6oKvAhjMofpb42Iq4bDuBqlhHRXvYnO30y0yRbSGXt
18GvKvkNKOSXUnY1UtcBAN5szcyFk30xQK+f/2VqJguvjsTquFV+piqFyq91ICyIeQ
191gjTn1N2/SkmYpwZdyf0HqSjyqJ0FG4xiW6T0HmX1QI651Kux49vLel7ySxzGY+6
20axnPilTYx/7pkciGk5ckLdujpXsDPhC+E2hdoee494c5NvX/uibYhigLU/gHK/ZP
21YisY8ihnPl8=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCe/K2LS4DapoWW
251Vvz48SViTzgCeNjRZkNwa0pIwIBhMPznt87ZXhL/Ckn1ky3yQEpDb0PYaWSSFz8
26c+lvvAlwBRP75pn89s627M4fN3GF46iV9nprD6oJKJWVx+Up8yntU8uzCKaoqmbp
27q2XZpKqV0p+YbOOEAA+JNdvNSOH2ltN87zKR2f/oCo/uO7f7iyx4w8ux42rXCy1Z
28F2IebQ/8GgmfiXAN7tBNKnUDEyoNPPkGI75SMJbahOw4V+j+GGyVB/mq/u48uvP9
29VaISiNA/lHN9ydXCmVSBO+1o6RfFl44ftWQpLW/xbnTr+HdEgqPRfxgkMu4g+pIA
3080tYbIfjAgMBAAECggEBAJDm9PkW6KrfyLPPZA5mUl6EBWKgQInS/gsmsT7j9EkU
31C1A4RXcqJTkD6zKuw59h6NfU+LJTKgeoQm+o6WJ3/BYH2s3kwAZpn7/jFn4nFyWT
32d6yuR6baUPwl7CfmV3wjbtwqWmajhNoG7OMd3yc9SGhi3iibXcWKFJ7W4q04NxJ5
33txswRddLYMFUeJxPBdImlyibyUIWaYFid4O2kozTQWpyJld5SP4+YQObb6sBJuvN
34wR53eaRGb0OaUGppglGlWTahIADBjbhf0zd9YiUjvums/cjx2goHzQqt4rIj1Pid
35I3duu/kw7AsuRlvmhk02Cu4Ixr8hljbeo2L7UAP+4BkCgYEAzVq8Fqi/5IVdjl0H
36FwvS9NX3HFFzdixtI2p/jCQ721Kxpf73zvRpMG/YZL3vBt4sXT7WpJZZsKrYogL7
378s/dG7p/GpzSnvJKQfT6Ko+jnv24MEIoqMx+Smd+nJJJ0KzZRvrqzcF+wsicmKnN
38y/4t8T1DqSm4WxDyuy/uDozqCP0CgYEAxjJ9GJha40sHlY4sOTaJqapN6va/t70/
39iRj+Mt9Bm1O41PBgu+SMADGukrjL5DYp53QRGhyqb2PWmZsGYvftPZNq5b3pzKPo
408jiP9AxYDt/GLO3x/GppiywOxHD8CV19BDVqWcBkV1ATu2kkmokDbq+g94xnMBzN
41nURtfL5Hml8CgYAMeJIrnhvpOOAxoRypHaK2E7hqE9g7OP93wyPz0s9/xknbltxd
42ySIKOwCdPZuigyOWlhZa8HaJ8BYv4JaEbHM1F+JYL2XrGTPBRatbolWBdk8VPy9Q
438PpKcnaR86Bf999KHDreO/4CvkQkUUuaM9l+aQYO4+W6QhE7pPGEGLKt0QKBgCL2
44exzgm3/nF3JpfyGknkpA0bf2SUG3b8LWltkQizlEXqGpudbLbWsHWJ1nXghnCaNb
451Tx+/A3kVdIJB+pjhAVNwRjAFMNV0t0P300U9F/DV+lLHFoDx5SWdBBxQfTA+jHI
463nbwuoKwjJqN5LgiHWnkL4gby4QwQJFSpeHQiz8PAoGBAJaur4aFaSlgGAiKJX4/
47Om4AedImBgFsVKf44xx5pDwEcqLeEwRBxa0r5Sftqsrz+Ck60hR/MWCwJEBll5PV
48MJtOHBb2bINFhLOqV1WoSkSoKEhtMvFnLbWGBi5gYHC4+lYuyQqD/vu3sxe5IT9C
49PKgUgKV32Z7KBpDuFGtGmiDb
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server2-ecdsa-chain.pem b/src/regress/lib/libssl/certs/server2-ecdsa-chain.pem
deleted file mode 100644
index 494d2ea209..0000000000
--- a/src/regress/lib/libssl/certs/server2-ecdsa-chain.pem
+++ /dev/null
@@ -1,26 +0,0 @@
1subject= CN = LibreSSL Test Server 2 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBpjCCAUygAwIBAgIDEAABMAoGCCqGSM49BAMCMC4xLDAqBgNVBAMMI0xpYnJl
5U1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTEwMDEwMTAwMDAwMFoX
6DTIwMDEwMTAwMDAwMFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBTZXJ2ZXIg
7MiBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJOTftmDhBMSS23a+sRO
83Zr43RUwtdJvNfKhpHKRbBLIttBkbI1wWCgufMLCJXhL6pSpCeT/C9ioFks2JMg7
9CPCjYDBeMB0GA1UdDgQWBBSCtBk04EXYNjiFaaTcJumL0BFylTAfBgNVHSMEGDAW
10gBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
11AwIHgDAKBggqhkjOPQQDAgNIADBFAiEAqnQ+TRgMZRys3z3olZysrnP0d6XIdfgv
12XvlXRaM0s/QCIHdrTx/IPfJSvo0rDN08CJfbO0NBOc9PFsnDRUKsxJd4
13-----END CERTIFICATE-----
14subject= CN = LibreSSL Test Intermediate CA ECDSA
15issuer= CN = LibreSSL Test Root CA ECDSA
16-----BEGIN CERTIFICATE-----
17MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
18TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
19MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
20dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
21LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
227/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
23BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
24HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
25VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
26-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server2-ecdsa.pem b/src/regress/lib/libssl/certs/server2-ecdsa.pem
deleted file mode 100644
index 2f49df9931..0000000000
--- a/src/regress/lib/libssl/certs/server2-ecdsa.pem
+++ /dev/null
@@ -1,18 +0,0 @@
1subject= CN = LibreSSL Test Server 2 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBpjCCAUygAwIBAgIDEAABMAoGCCqGSM49BAMCMC4xLDAqBgNVBAMMI0xpYnJl
5U1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTEwMDEwMTAwMDAwMFoX
6DTIwMDEwMTAwMDAwMFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBTZXJ2ZXIg
7MiBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJOTftmDhBMSS23a+sRO
83Zr43RUwtdJvNfKhpHKRbBLIttBkbI1wWCgufMLCJXhL6pSpCeT/C9ioFks2JMg7
9CPCjYDBeMB0GA1UdDgQWBBSCtBk04EXYNjiFaaTcJumL0BFylTAfBgNVHSMEGDAW
10gBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
11AwIHgDAKBggqhkjOPQQDAgNIADBFAiEAqnQ+TRgMZRys3z3olZysrnP0d6XIdfgv
12XvlXRaM0s/QCIHdrTx/IPfJSvo0rDN08CJfbO0NBOc9PFsnDRUKsxJd4
13-----END CERTIFICATE-----
14-----BEGIN PRIVATE KEY-----
15MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgxkOt2jb6kQC1ZaUa
16MLSz0lyS0YQtqChoyAvJ7yQf3FahRANCAASTk37Zg4QTEktt2vrETt2a+N0VMLXS
17bzXyoaRykWwSyLbQZGyNcFgoLnzCwiV4S+qUqQnk/wvYqBZLNiTIOwjw
18-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server2-rsa-chain.pem b/src/regress/lib/libssl/certs/server2-rsa-chain.pem
deleted file mode 100644
index 5bb660f45e..0000000000
--- a/src/regress/lib/libssl/certs/server2-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Server 2 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDLjCCAhagAwIBAgIDEAABMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNVBAMMIUxp
5YnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0xMDAxMDEwMDAwMDBa
6Fw0yMDAxMDEwMDAwMDBaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3QgU2VydmVy
7IDIgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu08owc3HqHu2
8+92bKDs/VCVjkGMZSVOrdAXYEKf9WQ6cGxiowjJy391szSd5bW/Yf7hbNhctr29G
98oIj0wsMfz3lxuHDYISt8uAjbjqFiZTNfBeg7PVE9aDWXqaophcq4DT2ygv9O190
1009RxTJD6PdclUtQNYZHr3c7kP2AdeBWWVPAmKISDSEkjXqc0x9LEtm7UA/0WAtKM
11NUXUb/ZNBu90j7gRpjN6VyfaqJMdoDR31s7QXivL5hr4x0M0Y1ihN1/cHA5Qjb0s
126t8w6H2b0xtvJgO5N3ZUAVclAO3MsVRqr04aAyxcJ47qOkWPbh9OqaFyZFdl7L2r
13UTLloQNkcwIDAQABo2AwXjAdBgNVHQ4EFgQUrDgWmmX6bVZt4Z7SvCSXEfJMoZQw
14HwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/BAIwADAO
15BgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBANbQG/fAGsV+J+cmEIlg
169i5c44hpr3BAXn5QYMbV9OQ8M9Rq8cZx/EkwNlCfPnQph2PqN2tZNstBnlL90rNq
17pOj1Ee+ppemeJrHKFuEncytGHbgqjRLgi9n0vR5RF1I7dJvRlPugpf/FxeMC/7f2
18qDDfdMsvmu/+qWBMb+U5yPLXlibGr7nf7B3t9ZBtku5flP3OOmipIjFpLOmvu06Z
199fac0JHDRvBQCemvIbSIa8Sz6UVJ1hKTjaN+lqc7e5tgbovNqjgFiLx0lQrfBmg9
20tnNhoaEuwwyPNIVLUK3J1Q4lv/m9fX7BVmL5C56AexwtD/jupdXe2utjFx6YXrKG
21nxU=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server2-rsa.pem b/src/regress/lib/libssl/certs/server2-rsa.pem
deleted file mode 100644
index ed7389a430..0000000000
--- a/src/regress/lib/libssl/certs/server2-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Server 2 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDLjCCAhagAwIBAgIDEAABMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNVBAMMIUxp
5YnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0xMDAxMDEwMDAwMDBa
6Fw0yMDAxMDEwMDAwMDBaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3QgU2VydmVy
7IDIgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu08owc3HqHu2
8+92bKDs/VCVjkGMZSVOrdAXYEKf9WQ6cGxiowjJy391szSd5bW/Yf7hbNhctr29G
98oIj0wsMfz3lxuHDYISt8uAjbjqFiZTNfBeg7PVE9aDWXqaophcq4DT2ygv9O190
1009RxTJD6PdclUtQNYZHr3c7kP2AdeBWWVPAmKISDSEkjXqc0x9LEtm7UA/0WAtKM
11NUXUb/ZNBu90j7gRpjN6VyfaqJMdoDR31s7QXivL5hr4x0M0Y1ihN1/cHA5Qjb0s
126t8w6H2b0xtvJgO5N3ZUAVclAO3MsVRqr04aAyxcJ47qOkWPbh9OqaFyZFdl7L2r
13UTLloQNkcwIDAQABo2AwXjAdBgNVHQ4EFgQUrDgWmmX6bVZt4Z7SvCSXEfJMoZQw
14HwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/BAIwADAO
15BgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBANbQG/fAGsV+J+cmEIlg
169i5c44hpr3BAXn5QYMbV9OQ8M9Rq8cZx/EkwNlCfPnQph2PqN2tZNstBnlL90rNq
17pOj1Ee+ppemeJrHKFuEncytGHbgqjRLgi9n0vR5RF1I7dJvRlPugpf/FxeMC/7f2
18qDDfdMsvmu/+qWBMb+U5yPLXlibGr7nf7B3t9ZBtku5flP3OOmipIjFpLOmvu06Z
199fac0JHDRvBQCemvIbSIa8Sz6UVJ1hKTjaN+lqc7e5tgbovNqjgFiLx0lQrfBmg9
20tnNhoaEuwwyPNIVLUK3J1Q4lv/m9fX7BVmL5C56AexwtD/jupdXe2utjFx6YXrKG
21nxU=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7TyjBzceoe7b7
253ZsoOz9UJWOQYxlJU6t0BdgQp/1ZDpwbGKjCMnLf3WzNJ3ltb9h/uFs2Fy2vb0by
26giPTCwx/PeXG4cNghK3y4CNuOoWJlM18F6Ds9UT1oNZepqimFyrgNPbKC/07X3TT
271HFMkPo91yVS1A1hkevdzuQ/YB14FZZU8CYohINISSNepzTH0sS2btQD/RYC0ow1
28RdRv9k0G73SPuBGmM3pXJ9qokx2gNHfWztBeK8vmGvjHQzRjWKE3X9wcDlCNvSzq
293zDofZvTG28mA7k3dlQBVyUA7cyxVGqvThoDLFwnjuo6RY9uH06poXJkV2XsvatR
30MuWhA2RzAgMBAAECggEAc5ApQzkkv+xkPwzAl5fGQLI4tXKOvVDj7VdVsSEUDAgZ
31hBY4uGfLvBau8/wwzLY+yr4BeGPgieaLzT9BvwmIElEsHQJZOolhkQF8mpt8nB+0
32j6U8YjYI78rlt8v3LVIJ3/6NbKbs+96vA6qEpIql+dVtb6bpApO3BEiLRhaU1+ra
33pi5YbF56S3XlUFL6H46hpNTUxOqbb6toZ/2rr1nscu4jkQhL8u/KS5Uz1Y7RW3zd
34A3U4rbxXnM8SVZrRuWsN1DRL5CpAOdGGiVhew46vAxZU8iX6rODrRaRCp+Gbnoll
35x/ubMMrBrE4WpCY5orb41FPb4U6raY9ZZzTGPuC9YQKBgQDs0LrDy8kh3V7wsIwn
366vMT9MD2Olpl6zwSyQJ0C04u+hGNur3L6intg78TSRqZ7ZKK7CspPy9JCGTYztTG
37vFbXy2vahCFlI2G3lfZj2nS2D+UNSmo2pdpBtuk/iKj67pFAlaa8C3OQ8MXjldQn
383QPANsCo276t0E9SmFcbJYJVCwKBgQDKe7sfdg0tQr9xsBeDuSxRJQOrtWeTmXm6
39zcPKRX8avWr5Ag6w4/BX/RxGZkD4brV5LaK6Qsbwl8v8aNe8Hv4yBQFdW0IMP8mB
40v4kVaNEGxoJE4fnKk1wS22TQvX5fxWPGZhOWQ1sgIqp3Dzvky0nalK7Ru0gRA4gS
41Jl0a4Sp/OQKBgQCHwuW/B53n5yPdcij3XW87Go5g2nUmhqPq1QeuBSkuLzhO+yaB
42t12QB35MDRXN9u+S6u+XdtyhzskZrgE3aZOTpM/Q9vy6IX2MpNEaz4snMJeMdgPM
43DmrAT58KSEsviAMHdoOevCXlitK3tRZqP/89e2YZp9h5hrlizWjqbCd6nwKBgQCS
44XFWqLB7iNHlFqE+W+2a5UNQSbhHscue2y71WnF1/6qNEUuRjoJ++OksR6B/Wc8/h
45Q8d4c4RxrIfab75hUNXVOiD+ZlSbng/+JYDlZNqS1zKar+1rLJFFYCjDafXLLFcu
46teI6n31jASvO28gjXX6I7ShgmctB4ReeZvSt1UxuoQKBgHQ/0fA3owx9kDRA41Hu
47a+npibal0F2JOxn0xiwgW3JcH/EkcSIvUELm8Kjl3GBxf0y9Osu0uf3cSqW9K9+z
48CRpwZmFq+q3HFN6FYHYI6oVvPKIljDhmkvw9HyexXFLRKNs1z2b7Noz2H7ysE0cb
491sAZitEjace2/eAx/wWr2dq0
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server3-ecdsa-chain.pem b/src/regress/lib/libssl/certs/server3-ecdsa-chain.pem
deleted file mode 100644
index 03f3373d3b..0000000000
--- a/src/regress/lib/libssl/certs/server3-ecdsa-chain.pem
+++ /dev/null
@@ -1,26 +0,0 @@
1subject= CN = LibreSSL Test Server 3 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqjCCAVGgAwIBAgIJAOVssaaTYoH5MAkGByqGSM49BAEwLjEsMCoGA1UEAwwj
5TGlicmVTU0wgVGVzdCBJbnRlcm1lZGlhdGUgQ0EgRUNEU0EwHhcNMjExMjI3MTQ0
6MDQwWhcNMzExMjI1MTQ0MDQwWjAnMSUwIwYDVQQDDBxMaWJyZVNTTCBUZXN0IFNl
7cnZlciAzIEVDRFNBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0pRqRW+PDenx
8cp+5za1pFDdECxXPXZY7LUPoXxens1lPSM2diexVMdLw1kEbVkOZ50s1X32vQnTa
9TVpovmwna6NgMF4wHQYDVR0OBBYEFCXbw+Fdv+OWDOU163ujSYbdJZx3MB8GA1Ud
10IwQYMBaAFBdWPW/8SlcSOULKAnKBq1AN5MIIMAwGA1UdEwEB/wQCMAAwDgYDVR0P
11AQH/BAQDAgeAMAkGByqGSM49BAEDSAAwRQIhAMt01G90LOiCVRIcodKP1nsOg3oY
12kX8VHUPk9myD52KZAiBu32mh/fgaWsR/lbo2dyGJQHKkmHNt9Wy8hOQ9eGO91A==
13-----END CERTIFICATE-----
14subject= CN = LibreSSL Test Intermediate CA ECDSA
15issuer= CN = LibreSSL Test Root CA ECDSA
16-----BEGIN CERTIFICATE-----
17MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
18TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
19MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
20dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
21LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
227/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
23BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
24HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
25VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
26-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server3-ecdsa.pem b/src/regress/lib/libssl/certs/server3-ecdsa.pem
deleted file mode 100644
index 98950aabbf..0000000000
--- a/src/regress/lib/libssl/certs/server3-ecdsa.pem
+++ /dev/null
@@ -1,18 +0,0 @@
1subject= CN = LibreSSL Test Server 3 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqjCCAVGgAwIBAgIJAOVssaaTYoH5MAkGByqGSM49BAEwLjEsMCoGA1UEAwwj
5TGlicmVTU0wgVGVzdCBJbnRlcm1lZGlhdGUgQ0EgRUNEU0EwHhcNMjExMjI3MTQ0
6MDQwWhcNMzExMjI1MTQ0MDQwWjAnMSUwIwYDVQQDDBxMaWJyZVNTTCBUZXN0IFNl
7cnZlciAzIEVDRFNBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0pRqRW+PDenx
8cp+5za1pFDdECxXPXZY7LUPoXxens1lPSM2diexVMdLw1kEbVkOZ50s1X32vQnTa
9TVpovmwna6NgMF4wHQYDVR0OBBYEFCXbw+Fdv+OWDOU163ujSYbdJZx3MB8GA1Ud
10IwQYMBaAFBdWPW/8SlcSOULKAnKBq1AN5MIIMAwGA1UdEwEB/wQCMAAwDgYDVR0P
11AQH/BAQDAgeAMAkGByqGSM49BAEDSAAwRQIhAMt01G90LOiCVRIcodKP1nsOg3oY
12kX8VHUPk9myD52KZAiBu32mh/fgaWsR/lbo2dyGJQHKkmHNt9Wy8hOQ9eGO91A==
13-----END CERTIFICATE-----
14-----BEGIN PRIVATE KEY-----
15MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgTWRMClyUOn11mX5s
16hTTIQT+3BeauAjrTvKMy5RryWtyhRANCAATSlGpFb48N6fFyn7nNrWkUN0QLFc9d
17ljstQ+hfF6ezWU9IzZ2J7FUx0vDWQRtWQ5nnSzVffa9CdNpNWmi+bCdr
18-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server3-rsa-chain.pem b/src/regress/lib/libssl/certs/server3-rsa-chain.pem
deleted file mode 100644
index e40c982894..0000000000
--- a/src/regress/lib/libssl/certs/server3-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Server 3 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH0MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzdaFw0zMTEyMjUxNDQwMzdaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7U2VydmVyIDMgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqw4
8GSS7/WAR0VYbqFTltj9Cv17m+RuztM1jiJq+MU0Gscbx59NFPt8UFevNsMzWNmAK
9qkioEMVJxXzSUDBjXjLesDt/+VTjR46z16fje3MhGmWa8lDt7hpuHwDF80dg3rZa
10kVEcgKvd6LODTucgE7l07DzMb8qAdRp1SDXIFECO0wLJewkf2CihmNukTxQhI0d+
11XPZTYe3cyMelj8KpCXCXOVXKnXI+BWnYMHC1Op4S9z90xiVBNgQ+Vmg2K9NFifzT
12ZyKIWsERq80rp1s+JmxmzA/vBRlsbj/Ec0h2kF4IavGtHwvAvdvIPV7AG/dIxwlT
13VnHZkPDuLK0H396wmwIDAQABo2AwXjAdBgNVHQ4EFgQUSuP+QN+526Pxw/LGBTqP
14WJpWGvwwHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAFBJ0mO7dpSN
16euxoh2DJghVfqQB4ladEroDZJkJEDuDkY3SjC+WB/lJowBVPC2QkzjTZt/J4B0Om
176irtKUC8jQ7aqMBfESu/s//GEU4kwlvlJN/Z0nLOh1YEeCwbkavFDy/X62iZ9XvJ
18gjLVVzaXKWGrgdJedHx9Di04rU9jME5qfpXZI50u8grZccpUuTTqpZBiGjFRda2j
19nJhgPBrn9/ityYaOrif8taR+QM6AETvEpJWo+I/iQ7vATmxHuq6y+0Sza5j9wGH/
20begJs9H890AiwO2bbUi1ehNj7NHZHySWNJlzBerwOQv7Zo8j+kHBop82ABsb/Xet
21kgn7bdkfKoI=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server3-rsa.pem b/src/regress/lib/libssl/certs/server3-rsa.pem
deleted file mode 100644
index 256528ae35..0000000000
--- a/src/regress/lib/libssl/certs/server3-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Server 3 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH0MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzdaFw0zMTEyMjUxNDQwMzdaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7U2VydmVyIDMgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqw4
8GSS7/WAR0VYbqFTltj9Cv17m+RuztM1jiJq+MU0Gscbx59NFPt8UFevNsMzWNmAK
9qkioEMVJxXzSUDBjXjLesDt/+VTjR46z16fje3MhGmWa8lDt7hpuHwDF80dg3rZa
10kVEcgKvd6LODTucgE7l07DzMb8qAdRp1SDXIFECO0wLJewkf2CihmNukTxQhI0d+
11XPZTYe3cyMelj8KpCXCXOVXKnXI+BWnYMHC1Op4S9z90xiVBNgQ+Vmg2K9NFifzT
12ZyKIWsERq80rp1s+JmxmzA/vBRlsbj/Ec0h2kF4IavGtHwvAvdvIPV7AG/dIxwlT
13VnHZkPDuLK0H396wmwIDAQABo2AwXjAdBgNVHQ4EFgQUSuP+QN+526Pxw/LGBTqP
14WJpWGvwwHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAFBJ0mO7dpSN
16euxoh2DJghVfqQB4ladEroDZJkJEDuDkY3SjC+WB/lJowBVPC2QkzjTZt/J4B0Om
176irtKUC8jQ7aqMBfESu/s//GEU4kwlvlJN/Z0nLOh1YEeCwbkavFDy/X62iZ9XvJ
18gjLVVzaXKWGrgdJedHx9Di04rU9jME5qfpXZI50u8grZccpUuTTqpZBiGjFRda2j
19nJhgPBrn9/ityYaOrif8taR+QM6AETvEpJWo+I/iQ7vATmxHuq6y+0Sza5j9wGH/
20begJs9H890AiwO2bbUi1ehNj7NHZHySWNJlzBerwOQv7Zo8j+kHBop82ABsb/Xet
21kgn7bdkfKoI=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDKrDgZJLv9YBHR
25VhuoVOW2P0K/Xub5G7O0zWOImr4xTQaxxvHn00U+3xQV682wzNY2YAqqSKgQxUnF
26fNJQMGNeMt6wO3/5VONHjrPXp+N7cyEaZZryUO3uGm4fAMXzR2DetlqRURyAq93o
27s4NO5yATuXTsPMxvyoB1GnVINcgUQI7TAsl7CR/YKKGY26RPFCEjR35c9lNh7dzI
28x6WPwqkJcJc5Vcqdcj4FadgwcLU6nhL3P3TGJUE2BD5WaDYr00WJ/NNnIohawRGr
29zSunWz4mbGbMD+8FGWxuP8RzSHaQXghq8a0fC8C928g9XsAb90jHCVNWcdmQ8O4s
30rQff3rCbAgMBAAECggEAAoOiaoVvI5SGhA9KZosvElS0kkUuHlb+oraNjotE4r2u
314JO0Ooj/aelAiYkUUyYnXiNQ3o3qL9MSuDV1MnN3OBrvckY6rzAjZabaiklV5Bko
32hvhNtMXWPcbsKMxMqFjxVbHza6wS63G2XgWkEl2Bo10Am1Ghw51CfLFoVQ39vmqM
338xKqZBZRwRUNk/2ccNhG5crUOX9+wQJSVjZCTgevjCJVVsFX9NLsHsx7G1wtE580
34AuFb9JEe66QNrtpTbKQP61W8YiRKQHT5uAAL0X9o88d2rpjGAcpJ8214aGH5P1HH
35oUjL7mZceYuVeWvAMwLFFmPbPZuj3Ricgo1OIkKyyQKBgQDtNNXod5GzJyHOUrFR
36rijyHhS81sOeDOhTbc1Cx8eFNH/svGATAU01HqgFRZpeJPHsAVYwVizfyqp/CESk
37EFKTkMqRTat8Pkk+BtAGZD5fEBejl1fwRiBF9bTnk+u6q1WvBsQ0Bngf3v1CYGuq
38rvb57AvhkCsEMjWs1YplBLwdVwKBgQDauvNslanbFstrWVBJqxV1iEaWmN1Lr//C
39fwCFU8rH8VEvp+JJCICu7sE5Te+1TF/ASEs/bCrsW51YXjH30z3De1oFrjFVjwOU
40XFMqcaTCX5Fjxv739LmgGuO2MCrItmveQHYkpTzCl6/p/pI4I1QJN0S5a/FaBNcW
41x5tV2Ks4XQKBgHCCiBdsZ1pPbFR9moeAkQFOTU3InB5iRuwTf7F2Kue+oBK8wuEg
420+snMFDX08Flyq3DcIsaxMwdR8NbO5uJ9nDx03MaIQWcUYcvGgp+D6ttaZj5lwdr
43a7FjOrxAyCXRUKHlFrkKfH25eey66TabKKAgWv5RMGYcHqNs4ejKVyOfAoGALqUf
44tFBWYLqDtujdDljFwsLFCuieiL2HtVqQKd6sp+b2gUs0Ho8JokSYQDg2nlsjMEY6
45hdPzc2Q2Mdoknc0WptFvaTa0nqJZCRKHSc3ibPEkeDq/tPEjhNk3JmsvNI5ygnsM
46ttPmGTlv8l6vn/kouq5moYQ7fA78L4dxwOTr3qECgYBNuIf4vQq8WEkt0uSTJXom
47UQVZglJu61NVGzR//lyukQB7/HrdEMB+JYJfev0o1GxLx1RV8rTVaeDJkUJjwn/h
48qpqiLjJKF328oOuQdP3dH6AavH9r7gUOByOuxXgzZNbhtyNCrStAGOfX2xUxRZyZ
49l0+QtrqbPtB4VSfZ0j+imw==
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/ciphers/Makefile b/src/regress/lib/libssl/ciphers/Makefile
deleted file mode 100644
index 2575db4df4..0000000000
--- a/src/regress/lib/libssl/ciphers/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2020/09/13 16:51:30 jsing Exp $
2
3PROG= cipherstest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/ciphers/cipherstest.c b/src/regress/lib/libssl/ciphers/cipherstest.c
deleted file mode 100644
index c43939d4d5..0000000000
--- a/src/regress/lib/libssl/ciphers/cipherstest.c
+++ /dev/null
@@ -1,531 +0,0 @@
1/*
2 * Copyright (c) 2015, 2020 Joel Sing <jsing@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <openssl/ssl.h>
18
19#include <err.h>
20#include <stdio.h>
21#include <string.h>
22
23int ssl3_num_ciphers(void);
24const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
25
26int ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str);
27
28static inline int
29ssl_aes_is_accelerated(void)
30{
31#if defined(__i386__) || defined(__x86_64__)
32 return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
33#else
34 return (0);
35#endif
36}
37
38static int
39check_cipher_order(void)
40{
41 unsigned long id, prev_id = 0;
42 const SSL_CIPHER *cipher;
43 int num_ciphers;
44 int i;
45
46 num_ciphers = ssl3_num_ciphers();
47
48 for (i = 1; i <= num_ciphers; i++) {
49 /*
50 * For some reason, ssl3_get_cipher() returns ciphers in
51 * reverse order.
52 */
53 if ((cipher = ssl3_get_cipher(num_ciphers - i)) == NULL) {
54 fprintf(stderr, "FAIL: ssl3_get_cipher(%d) returned "
55 "NULL\n", i);
56 return 1;
57 }
58 if ((id = SSL_CIPHER_get_id(cipher)) <= prev_id) {
59 fprintf(stderr, "FAIL: ssl3_ciphers is not sorted by "
60 "id - cipher %d (%lx) <= cipher %d (%lx)\n",
61 i, id, i - 1, prev_id);
62 return 1;
63 }
64 prev_id = id;
65 }
66
67 return 0;
68}
69
70static int
71cipher_find_test(void)
72{
73 STACK_OF(SSL_CIPHER) *ciphers;
74 const SSL_CIPHER *cipher;
75 unsigned char buf[2];
76 SSL_CTX *ssl_ctx = NULL;
77 SSL *ssl = NULL;
78 int ret = 1;
79 int i;
80
81 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) {
82 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
83 goto failure;
84 }
85 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
86 fprintf(stderr, "SSL_new() returned NULL\n");
87 goto failure;
88 }
89 if (!SSL_set_cipher_list(ssl, "ALL")) {
90 fprintf(stderr, "SSL_set_cipher_list failed\n");
91 goto failure;
92 }
93
94 if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {
95 fprintf(stderr, "no ciphers\n");
96 goto failure;
97 }
98
99 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
100 uint16_t cipher_value;
101
102 cipher = sk_SSL_CIPHER_value(ciphers, i);
103 cipher_value = SSL_CIPHER_get_value(cipher);
104
105 buf[0] = cipher_value >> 8;
106 buf[1] = cipher_value & 0xff;
107
108 if ((cipher = SSL_CIPHER_find(ssl, buf)) == NULL) {
109 fprintf(stderr,
110 "SSL_CIPHER_find() returned NULL for %s\n",
111 SSL_CIPHER_get_name(cipher));
112 goto failure;
113 }
114
115 if (SSL_CIPHER_get_value(cipher) != cipher_value) {
116 fprintf(stderr,
117 "got cipher with value 0x%x, want 0x%x\n",
118 SSL_CIPHER_get_value(cipher), cipher_value);
119 goto failure;
120 }
121 }
122
123 ret = 0;
124
125 failure:
126 SSL_CTX_free(ssl_ctx);
127 SSL_free(ssl);
128
129 return (ret);
130}
131
132static int
133cipher_get_by_value_tests(void)
134{
135 STACK_OF(SSL_CIPHER) *ciphers;
136 const SSL_CIPHER *cipher;
137 SSL_CTX *ssl_ctx = NULL;
138 SSL *ssl = NULL;
139 unsigned long id;
140 uint16_t value;
141 int ret = 1;
142 int i;
143
144 if ((ssl_ctx = SSL_CTX_new(SSLv23_method())) == NULL) {
145 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
146 goto failure;
147 }
148 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
149 fprintf(stderr, "SSL_new() returned NULL\n");
150 goto failure;
151 }
152
153 if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {
154 fprintf(stderr, "no ciphers\n");
155 goto failure;
156 }
157
158 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
159 cipher = sk_SSL_CIPHER_value(ciphers, i);
160
161 id = SSL_CIPHER_get_id(cipher);
162 if (SSL_CIPHER_get_by_id(id) == NULL) {
163 fprintf(stderr, "SSL_CIPHER_get_by_id() failed "
164 "for %s (0x%lx)\n", SSL_CIPHER_get_name(cipher),
165 id);
166 goto failure;
167 }
168
169 value = SSL_CIPHER_get_value(cipher);
170 if (SSL_CIPHER_get_by_value(value) == NULL) {
171 fprintf(stderr, "SSL_CIPHER_get_by_value() failed "
172 "for %s (0x%04hx)\n", SSL_CIPHER_get_name(cipher),
173 value);
174 goto failure;
175 }
176 }
177
178 ret = 0;
179
180 failure:
181 SSL_CTX_free(ssl_ctx);
182 SSL_free(ssl);
183
184 return (ret);
185}
186
187struct parse_ciphersuites_test {
188 const char *str;
189 const int want;
190 const unsigned long cids[32];
191};
192
193struct parse_ciphersuites_test parse_ciphersuites_tests[] = {
194 {
195 /* LibreSSL names. */
196 .str = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256:AEAD-AES128-GCM-SHA256",
197 .want = 1,
198 .cids = {
199 TLS1_3_CK_AES_256_GCM_SHA384,
200 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
201 TLS1_3_CK_AES_128_GCM_SHA256,
202 },
203 },
204 {
205 /* OpenSSL names. */
206 .str = "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256",
207 .want = 1,
208 .cids = {
209 TLS1_3_CK_AES_256_GCM_SHA384,
210 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
211 TLS1_3_CK_AES_128_GCM_SHA256,
212 },
213 },
214 {
215 /* Different priority order. */
216 .str = "AEAD-AES128-GCM-SHA256:AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
217 .want = 1,
218 .cids = {
219 TLS1_3_CK_AES_128_GCM_SHA256,
220 TLS1_3_CK_AES_256_GCM_SHA384,
221 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
222 },
223 },
224 {
225 /* Known but unsupported names. */
226 .str = "AEAD-AES256-GCM-SHA384:AEAD-AES128-CCM-SHA256:AEAD-AES128-CCM-8-SHA256",
227 .want = 1,
228 .cids = {
229 TLS1_3_CK_AES_256_GCM_SHA384,
230 },
231 },
232 {
233 /* Empty string means no TLSv1.3 ciphersuites. */
234 .str = "",
235 .want = 1,
236 .cids = { 0 },
237 },
238 {
239 .str = "TLS_CHACHA20_POLY1305_SHA256:TLS_NOT_A_CIPHERSUITE",
240 .want = 0,
241 },
242 {
243 .str = "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256,TLS_AES_128_GCM_SHA256",
244 .want = 0,
245 },
246};
247
248#define N_PARSE_CIPHERSUITES_TESTS \
249 (sizeof(parse_ciphersuites_tests) / sizeof(*parse_ciphersuites_tests))
250
251static int
252parse_ciphersuites_test(void)
253{
254 struct parse_ciphersuites_test *pct;
255 STACK_OF(SSL_CIPHER) *ciphers = NULL;
256 SSL_CIPHER *cipher;
257 int failed = 1;
258 int j, ret;
259 size_t i;
260
261 for (i = 0; i < N_PARSE_CIPHERSUITES_TESTS; i++) {
262 pct = &parse_ciphersuites_tests[i];
263
264 ret = ssl_parse_ciphersuites(&ciphers, pct->str);
265 if (ret != pct->want) {
266 fprintf(stderr, "FAIL: test %zu - "
267 "ssl_parse_ciphersuites returned %d, want %d\n",
268 i, ret, pct->want);
269 goto failed;
270 }
271 if (ret == 0)
272 continue;
273
274 for (j = 0; j < sk_SSL_CIPHER_num(ciphers); j++) {
275 cipher = sk_SSL_CIPHER_value(ciphers, j);
276 if (SSL_CIPHER_get_id(cipher) == pct->cids[j])
277 continue;
278 fprintf(stderr, "FAIL: test %zu - got cipher %d with "
279 "id %lx, want %lx\n", i, j,
280 SSL_CIPHER_get_id(cipher), pct->cids[j]);
281 goto failed;
282 }
283 if (pct->cids[j] != 0) {
284 fprintf(stderr, "FAIL: test %zu - got %d ciphers, "
285 "expected more", i, sk_SSL_CIPHER_num(ciphers));
286 goto failed;
287 }
288 }
289
290 failed = 0;
291
292 failed:
293 sk_SSL_CIPHER_free(ciphers);
294
295 return failed;
296}
297
298struct cipher_set_test {
299 int ctx_ciphersuites_first;
300 const char *ctx_ciphersuites;
301 const char *ctx_rulestr;
302 int ssl_ciphersuites_first;
303 const char *ssl_ciphersuites;
304 const char *ssl_rulestr;
305 int cids_aes_accel_fixup;
306 unsigned long cids[32];
307};
308
309struct cipher_set_test cipher_set_tests[] = {
310 {
311 .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
312 .cids_aes_accel_fixup = 1,
313 .cids = {
314 TLS1_3_CK_AES_256_GCM_SHA384,
315 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
316 TLS1_3_CK_AES_128_GCM_SHA256,
317 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
318 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
319 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
320 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
321 },
322 },
323 {
324 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
325 .cids_aes_accel_fixup = 1,
326 .cids = {
327 TLS1_3_CK_AES_256_GCM_SHA384,
328 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
329 TLS1_3_CK_AES_128_GCM_SHA256,
330 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
331 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
332 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
333 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
334 },
335 },
336 {
337 .ctx_ciphersuites_first = 1,
338 .ctx_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
339 .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
340 .cids = {
341 TLS1_3_CK_AES_256_GCM_SHA384,
342 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
343 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
344 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
345 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
346 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
347 },
348 },
349 {
350 .ssl_ciphersuites_first = 1,
351 .ssl_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
352 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
353 .cids = {
354 TLS1_3_CK_AES_256_GCM_SHA384,
355 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
356 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
357 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
358 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
359 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
360 },
361 },
362 {
363 .ctx_ciphersuites_first = 0,
364 .ctx_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
365 .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
366 .cids = {
367 TLS1_3_CK_AES_256_GCM_SHA384,
368 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
369 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
370 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
371 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
372 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
373 },
374 },
375 {
376 .ssl_ciphersuites_first = 0,
377 .ssl_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
378 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
379 .cids = {
380 TLS1_3_CK_AES_256_GCM_SHA384,
381 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
382 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
383 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
384 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
385 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
386 },
387 },
388 {
389 .ssl_ciphersuites_first = 1,
390 .ssl_ciphersuites = "",
391 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
392 .cids = {
393 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
394 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
395 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
396 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
397 },
398 },
399 {
400 .ssl_ciphersuites_first = 0,
401 .ssl_ciphersuites = "",
402 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
403 .cids = {
404 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
405 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
406 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
407 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
408 },
409 },
410 {
411 .ctx_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
412 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
413 .cids = {
414 TLS1_3_CK_AES_256_GCM_SHA384,
415 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
416 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
417 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
418 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
419 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
420 },
421 },
422 {
423 .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
424 .ssl_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
425 .cids = {
426 TLS1_3_CK_AES_256_GCM_SHA384,
427 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
428 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
429 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
430 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
431 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
432 },
433 },
434};
435
436#define N_CIPHER_SET_TESTS \
437 (sizeof(cipher_set_tests) / sizeof(*cipher_set_tests))
438
439static int
440cipher_set_test(void)
441{
442 struct cipher_set_test *cst;
443 STACK_OF(SSL_CIPHER) *ciphers = NULL;
444 SSL_CIPHER *cipher;
445 SSL_CTX *ctx = NULL;
446 SSL *ssl = NULL;
447 int failed = 0;
448 size_t i;
449 int j;
450
451 for (i = 0; i < N_CIPHER_SET_TESTS; i++) {
452 cst = &cipher_set_tests[i];
453
454 if (!ssl_aes_is_accelerated() && cst->cids_aes_accel_fixup) {
455 cst->cids[0] = TLS1_3_CK_CHACHA20_POLY1305_SHA256;
456 cst->cids[1] = TLS1_3_CK_AES_256_GCM_SHA384;
457 }
458
459 if ((ctx = SSL_CTX_new(TLS_method())) == NULL)
460 errx(1, "SSL_CTX_new");
461
462 if (cst->ctx_ciphersuites_first && cst->ctx_ciphersuites != NULL) {
463 if (!SSL_CTX_set_ciphersuites(ctx, cst->ctx_ciphersuites))
464 errx(1, "SSL_CTX_set_ciphersuites");
465 }
466 if (cst->ctx_rulestr != NULL) {
467 if (!SSL_CTX_set_cipher_list(ctx, cst->ctx_rulestr))
468 errx(1, "SSL_CTX_set_cipher_list");
469 }
470 if (!cst->ctx_ciphersuites_first && cst->ctx_ciphersuites != NULL) {
471 if (!SSL_CTX_set_ciphersuites(ctx, cst->ctx_ciphersuites))
472 errx(1, "SSL_CTX_set_ciphersuites");
473 }
474
475 /* XXX - check SSL_CTX_get_ciphers(ctx) */
476
477 if ((ssl = SSL_new(ctx)) == NULL)
478 errx(1, "SSL_new");
479
480 if (cst->ssl_ciphersuites_first && cst->ssl_ciphersuites != NULL) {
481 if (!SSL_set_ciphersuites(ssl, cst->ssl_ciphersuites))
482 errx(1, "SSL_set_ciphersuites");
483 }
484 if (cst->ssl_rulestr != NULL) {
485 if (!SSL_set_cipher_list(ssl, cst->ssl_rulestr))
486 errx(1, "SSL_set_cipher_list");
487 }
488 if (!cst->ssl_ciphersuites_first && cst->ssl_ciphersuites != NULL) {
489 if (!SSL_set_ciphersuites(ssl, cst->ssl_ciphersuites))
490 errx(1, "SSL_set_ciphersuites");
491 }
492
493 ciphers = SSL_get_ciphers(ssl);
494
495 for (j = 0; j < sk_SSL_CIPHER_num(ciphers); j++) {
496 cipher = sk_SSL_CIPHER_value(ciphers, j);
497 if (SSL_CIPHER_get_id(cipher) == cst->cids[j])
498 continue;
499 fprintf(stderr, "FAIL: test %zu - got cipher %d with "
500 "id %lx, want %lx\n", i, j,
501 SSL_CIPHER_get_id(cipher), cst->cids[j]);
502 failed |= 1;
503 }
504 if (cst->cids[j] != 0) {
505 fprintf(stderr, "FAIL: test %zu - got %d ciphers, "
506 "expected more", i, sk_SSL_CIPHER_num(ciphers));
507 failed |= 1;
508 }
509
510 SSL_CTX_free(ctx);
511 SSL_free(ssl);
512 }
513
514 return failed;
515}
516
517int
518main(int argc, char **argv)
519{
520 int failed = 0;
521
522 failed |= check_cipher_order();
523
524 failed |= cipher_find_test();
525 failed |= cipher_get_by_value_tests();
526
527 failed |= parse_ciphersuites_test();
528 failed |= cipher_set_test();
529
530 return (failed);
531}
diff --git a/src/regress/lib/libssl/client/Makefile b/src/regress/lib/libssl/client/Makefile
deleted file mode 100644
index c8a05690a0..0000000000
--- a/src/regress/lib/libssl/client/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.4 2023/04/23 18:59:41 tb Exp $
2
3PROG= clienttest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c
deleted file mode 100644
index 8fb5a1da7f..0000000000
--- a/src/regress/lib/libssl/client/clienttest.c
+++ /dev/null
@@ -1,754 +0,0 @@
1/* $OpenBSD: clienttest.c,v 1.42 2023/07/11 17:03:44 tb Exp $ */
2/*
3 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include <openssl/dtls1.h>
21#include <openssl/ssl3.h>
22
23#include <err.h>
24#include <stdio.h>
25#include <string.h>
26
27#define DTLS_HM_OFFSET (DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH)
28#define DTLS_RANDOM_OFFSET (DTLS_HM_OFFSET + 2)
29#define DTLS_CIPHER_OFFSET (DTLS_HM_OFFSET + 38)
30
31#define SSL3_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH)
32#define SSL3_RANDOM_OFFSET (SSL3_HM_OFFSET + 2)
33#define SSL3_CIPHER_OFFSET (SSL3_HM_OFFSET + 37)
34
35#define TLS13_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH)
36#define TLS13_RANDOM_OFFSET (TLS13_HM_OFFSET + 2)
37#define TLS13_SESSION_OFFSET (TLS13_HM_OFFSET + 34)
38#define TLS13_CIPHER_OFFSET (TLS13_HM_OFFSET + 69)
39#define TLS13_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 188)
40#define TLS13_ONLY_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 98)
41
42#define TLS1_3_VERSION_ONLY (TLS1_3_VERSION | 0x10000)
43
44int tlsext_linearize_build_order(SSL *);
45
46static const uint8_t cipher_list_dtls1[] = {
47 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
48 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
49 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
50 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08,
51 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
52};
53
54static const uint8_t client_hello_dtls1[] = {
55 0x16, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00,
56 0x00, 0x00, 0x00, 0x00, 0x74, 0x01, 0x00, 0x00,
57 0x68, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
58 0x68, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00,
59 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
60 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
61 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
62 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x26, 0xc0,
63 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00,
64 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0,
65 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00,
66 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00,
67 0x16, 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00,
68 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
69 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00,
70 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00,
71 0x00,
72};
73
74static const uint8_t cipher_list_dtls12_aes[] = {
75 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24,
76 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b,
77 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa,
78 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
79 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
80 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
81 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
82 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
83 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
84 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
85 0x00, 0x0a, 0x00, 0xff
86};
87
88static const uint8_t cipher_list_dtls12_chacha[] = {
89 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30,
90 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
91 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
92 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
93 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
94 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
95 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
96 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
97 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
98 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
99 0x00, 0x0a, 0x00, 0xff,
100};
101
102static const uint8_t client_hello_dtls12[] = {
103 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00,
104 0x00, 0x00, 0x00, 0x00, 0xbe, 0x01, 0x00, 0x00,
105 0xb2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
106 0xb2, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00,
107 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
108 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
109 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
110 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x54, 0xc0,
111 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
112 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00,
113 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff,
114 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00,
115 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00,
116 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0,
117 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00,
118 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00,
119 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00,
120 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00,
121 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x34, 0x00,
122 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00,
123 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00,
124 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, 0x00, 0x00,
125 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08, 0x06, 0x06,
126 0x01, 0x06, 0x03, 0x08, 0x05, 0x05, 0x01, 0x05,
127 0x03, 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0x02,
128 0x01, 0x02, 0x03,
129};
130
131static const uint8_t cipher_list_tls10[] = {
132 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
133 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
134 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
135 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07,
136 0x00, 0x05, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
137 0x00, 0x0a, 0x00, 0xff,
138};
139
140static const uint8_t client_hello_tls10[] = {
141 0x16, 0x03, 0x01, 0x00, 0x71, 0x01, 0x00, 0x00,
142 0x6d, 0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
143 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
144 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
145 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
146 0x00, 0x00, 0x00, 0x00, 0x00, 0x2c, 0xc0, 0x14,
147 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88,
148 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13,
149 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f,
150 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
151 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
152 0x00, 0xff, 0x01, 0x00, 0x00, 0x18, 0x00, 0x0b,
153 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a,
154 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
155 0x00, 0x19, 0x00, 0x23, 0x00, 0x00,
156};
157
158static const uint8_t cipher_list_tls11[] = {
159 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
160 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
161 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
162 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07,
163 0x00, 0x05, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
164 0x00, 0x0a, 0x00, 0xff,
165};
166
167static const uint8_t client_hello_tls11[] = {
168 0x16, 0x03, 0x01, 0x00, 0x71, 0x01, 0x00, 0x00,
169 0x6d, 0x03, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00,
170 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
171 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
172 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
173 0x00, 0x00, 0x00, 0x00, 0x00, 0x2c, 0xc0, 0x14,
174 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88,
175 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13,
176 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f,
177 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
178 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
179 0x00, 0xff, 0x01, 0x00, 0x00, 0x18, 0x00, 0x0b,
180 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a,
181 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
182 0x00, 0x19, 0x00, 0x23, 0x00, 0x00,
183};
184
185static const uint8_t cipher_list_tls12_aes[] = {
186 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24,
187 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b,
188 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa,
189 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
190 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
191 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
192 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
193 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
194 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
195 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
196 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
197 0x00, 0xff,
198};
199
200static const uint8_t cipher_list_tls12_chacha[] = {
201 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30,
202 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
203 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
204 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
205 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
206 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
207 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
208 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
209 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
210 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
211 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
212 0x00, 0xff,
213};
214
215static const uint8_t client_hello_tls12[] = {
216 0x16, 0x03, 0x03, 0x00, 0xbb, 0x01, 0x00, 0x00,
217 0xb7, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
218 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
219 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
220 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
221 0x00, 0x00, 0x00, 0x00, 0x00, 0x5a, 0xc0, 0x30,
222 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
223 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
224 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85,
225 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
226 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
227 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
228 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
229 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
230 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
231 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12,
232 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
233 0x01, 0x00, 0x00, 0x34, 0x00, 0x0b, 0x00, 0x02,
234 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08,
235 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19,
236 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18,
237 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03,
238 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04,
239 0x04, 0x01, 0x04, 0x03, 0x02, 0x01, 0x02, 0x03,
240};
241
242static const uint8_t cipher_list_tls13_aes[] = {
243 0x13, 0x02, 0x13, 0x03, 0x13, 0x01, 0xc0, 0x30,
244 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
245 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
246 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85,
247 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
248 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
249 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
250 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
251 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
252 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
253 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12,
254 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
255};
256
257static const uint8_t cipher_list_tls13_chacha[] = {
258 0x13, 0x03, 0x13, 0x02, 0x13, 0x01, 0xcc, 0xa9,
259 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c,
260 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a,
261 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85,
262 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
263 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
264 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
265 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
266 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
267 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
268 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12,
269 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
270};
271
272static const uint8_t client_hello_tls13[] = {
273 0x16, 0x03, 0x03, 0x01, 0x14, 0x01, 0x00, 0x01,
274 0x10, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
275 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
276 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
277 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
278 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
279 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
280 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
281 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
282 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x13, 0x03,
283 0x13, 0x02, 0x13, 0x01, 0xcc, 0xa9, 0xcc, 0xa8,
284 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28,
285 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f,
286 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85, 0x00, 0xc4,
287 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, 0x00, 0x3d,
288 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, 0xc0, 0x2f,
289 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x13,
290 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67, 0x00, 0x33,
291 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c, 0x00, 0x3c,
292 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, 0xc0, 0x11,
293 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12, 0xc0, 0x08,
294 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00,
295 0x00, 0x67, 0x00, 0x2b, 0x00, 0x05, 0x04, 0x03,
296 0x04, 0x03, 0x03, 0x00, 0x33, 0x00, 0x26, 0x00,
297 0x24, 0x00, 0x1d, 0x00, 0x20, 0x00, 0x00, 0x00,
298 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
299 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
300 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
301 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00,
302 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00,
303 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00,
304 0x19, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00,
305 0x18, 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, 0x06,
306 0x03, 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 0x08,
307 0x04, 0x04, 0x01, 0x04, 0x03, 0x02, 0x01, 0x02,
308 0x03,
309};
310
311static const uint8_t cipher_list_tls13_only_aes[] = {
312 0x13, 0x02, 0x13, 0x03, 0x13, 0x01,
313};
314
315static const uint8_t cipher_list_tls13_only_chacha[] = {
316 0x13, 0x03, 0x13, 0x02, 0x13, 0x01,
317};
318
319static const uint8_t client_hello_tls13_only[] = {
320 0x16, 0x03, 0x03, 0x00, 0xb6, 0x01, 0x00, 0x00,
321 0xb2, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
322 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
323 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
324 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
325 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
326 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
327 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
328 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
329 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x13, 0x03,
330 0x13, 0x02, 0x13, 0x01, 0x00, 0xff, 0x01, 0x00,
331 0x00, 0x61, 0x00, 0x2b, 0x00, 0x03, 0x02, 0x03,
332 0x04, 0x00, 0x33, 0x00, 0x26, 0x00, 0x24, 0x00,
333 0x1d, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00,
334 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
335 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
336 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
337 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01,
338 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00,
339 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00,
340 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x14, 0x00,
341 0x12, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08,
342 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04,
343 0x01, 0x04, 0x03,
344};
345
346struct client_hello_test {
347 const char *desc;
348 const int protocol;
349 const size_t random_start;
350 const size_t session_start;
351 const size_t key_share_start;
352 const SSL_METHOD *(*ssl_method)(void);
353 const long ssl_options;
354 int connect_fails;
355};
356
357static const struct client_hello_test client_hello_tests[] = {
358 {
359 .desc = "DTLSv1 client method",
360 .protocol = DTLS1_VERSION,
361 .random_start = DTLS_RANDOM_OFFSET,
362 .ssl_method = DTLSv1_client_method,
363 .connect_fails = 1,
364 },
365 {
366 .desc = "DTLSv1.2 client method",
367 .protocol = DTLS1_2_VERSION,
368 .random_start = DTLS_RANDOM_OFFSET,
369 .ssl_method = DTLSv1_2_client_method,
370 },
371 {
372 .desc = "DTLS client method",
373 .protocol = DTLS1_2_VERSION,
374 .random_start = DTLS_RANDOM_OFFSET,
375 .ssl_method = DTLS_client_method,
376 },
377 {
378 .desc = "DTLS client method (no DTLSv1.2)",
379 .protocol = DTLS1_VERSION,
380 .random_start = DTLS_RANDOM_OFFSET,
381 .ssl_method = DTLS_client_method,
382 .ssl_options = SSL_OP_NO_DTLSv1_2,
383 .connect_fails = 1,
384 },
385 {
386 .desc = "DTLS client method (no DTLSv1.0)",
387 .protocol = DTLS1_2_VERSION,
388 .random_start = DTLS_RANDOM_OFFSET,
389 .ssl_method = DTLS_client_method,
390 .ssl_options = SSL_OP_NO_DTLSv1,
391 },
392 {
393 .desc = "TLSv1 client method",
394 .protocol = TLS1_VERSION,
395 .random_start = SSL3_RANDOM_OFFSET,
396 .ssl_method = TLSv1_client_method,
397 .connect_fails = 1,
398 },
399 {
400 .desc = "TLSv1_1 client method",
401 .protocol = TLS1_1_VERSION,
402 .random_start = SSL3_RANDOM_OFFSET,
403 .ssl_method = TLSv1_1_client_method,
404 .connect_fails = 1,
405 },
406 {
407 .desc = "TLSv1_2 client method",
408 .protocol = TLS1_2_VERSION,
409 .random_start = SSL3_RANDOM_OFFSET,
410 .ssl_method = TLSv1_2_client_method,
411 },
412 {
413 .desc = "SSLv23 default",
414 .protocol = TLS1_3_VERSION,
415 .random_start = TLS13_RANDOM_OFFSET,
416 .session_start = TLS13_SESSION_OFFSET,
417 .key_share_start = TLS13_KEY_SHARE_OFFSET,
418 .ssl_method = SSLv23_client_method,
419 .ssl_options = 0,
420 },
421 {
422 .desc = "SSLv23 default (no TLSv1.3)",
423 .protocol = TLS1_2_VERSION,
424 .random_start = SSL3_RANDOM_OFFSET,
425 .ssl_method = SSLv23_client_method,
426 .ssl_options = SSL_OP_NO_TLSv1_3,
427 },
428 {
429 .desc = "SSLv23 (no TLSv1.2)",
430 .protocol = TLS1_3_VERSION_ONLY,
431 .random_start = TLS13_RANDOM_OFFSET,
432 .session_start = TLS13_SESSION_OFFSET,
433 .key_share_start = TLS13_ONLY_KEY_SHARE_OFFSET,
434 .ssl_method = SSLv23_client_method,
435 .ssl_options = SSL_OP_NO_TLSv1_2,
436 },
437 {
438 .desc = "SSLv23 (no TLSv1.1)",
439 .protocol = TLS1_3_VERSION,
440 .random_start = TLS13_RANDOM_OFFSET,
441 .session_start = TLS13_SESSION_OFFSET,
442 .key_share_start = TLS13_KEY_SHARE_OFFSET,
443 .ssl_method = SSLv23_client_method,
444 .ssl_options = SSL_OP_NO_TLSv1_1,
445 },
446 {
447 .desc = "TLS default",
448 .protocol = TLS1_3_VERSION,
449 .random_start = TLS13_RANDOM_OFFSET,
450 .session_start = TLS13_SESSION_OFFSET,
451 .key_share_start = TLS13_KEY_SHARE_OFFSET,
452 .ssl_method = TLS_client_method,
453 .ssl_options = 0,
454 },
455 {
456 .desc = "TLS (no TLSv1.3)",
457 .protocol = TLS1_2_VERSION,
458 .random_start = SSL3_RANDOM_OFFSET,
459 .ssl_method = TLS_client_method,
460 .ssl_options = SSL_OP_NO_TLSv1_3,
461 },
462 {
463 .desc = "TLS (no TLSv1.2)",
464 .protocol = TLS1_3_VERSION_ONLY,
465 .random_start = TLS13_RANDOM_OFFSET,
466 .session_start = TLS13_SESSION_OFFSET,
467 .key_share_start = TLS13_ONLY_KEY_SHARE_OFFSET,
468 .ssl_method = TLS_client_method,
469 .ssl_options = SSL_OP_NO_TLSv1_2,
470 },
471 {
472 .desc = "TLS (no TLSv1.1)",
473 .protocol = TLS1_3_VERSION,
474 .random_start = TLS13_RANDOM_OFFSET,
475 .session_start = TLS13_SESSION_OFFSET,
476 .key_share_start = TLS13_KEY_SHARE_OFFSET,
477 .ssl_method = TLS_client_method,
478 .ssl_options = SSL_OP_NO_TLSv1_1,
479 },
480#if 0
481 /* XXX - build client hello with explicit versions extension. */
482 {
483 .desc = "TLS (no TLSv1.0, no TLSv1.1)",
484 .protocol = TLS1_3_VERSION,
485 .random_start = TLS13_RANDOM_OFFSET,
486 .session_start = TLS13_SESSION_OFFSET,
487 .key_share_start = TLS13_KEY_SHARE_OFFSET,
488 .ssl_method = TLS_client_method,
489 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
490 },
491#endif
492 {
493 .desc = "TLS (no TLSv1.0, no TLSv1.1, no TLSv1.2)",
494 .protocol = TLS1_3_VERSION_ONLY,
495 .random_start = TLS13_RANDOM_OFFSET,
496 .session_start = TLS13_SESSION_OFFSET,
497 .key_share_start = TLS13_ONLY_KEY_SHARE_OFFSET,
498 .ssl_method = TLS_client_method,
499 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
500 },
501};
502
503#define N_CLIENT_HELLO_TESTS \
504 (sizeof(client_hello_tests) / sizeof(*client_hello_tests))
505
506static void
507hexdump(const uint8_t *buf, size_t len, const uint8_t *compare)
508{
509 const char *mark = "";
510 size_t i;
511
512 for (i = 1; i <= len; i++) {
513 if (compare != NULL)
514 mark = (buf[i - 1] != compare[i - 1]) ? "*" : " ";
515 fprintf(stderr, " %s0x%02hhx,%s", mark, buf[i - 1],
516 i % 8 && i != len ? "" : "\n");
517 }
518 fprintf(stderr, "\n");
519}
520
521static inline int
522ssl_aes_is_accelerated(void)
523{
524#if defined(__i386__) || defined(__x86_64__)
525 return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
526#else
527 return (0);
528#endif
529}
530
531static int
532make_client_hello(int protocol, char **out, size_t *outlen)
533{
534 size_t client_hello_len, cipher_list_len, cipher_list_offset;
535 const uint8_t *client_hello, *cipher_list;
536 char *p;
537
538 *out = NULL;
539 *outlen = 0;
540
541 switch (protocol) {
542 case DTLS1_VERSION:
543 client_hello = client_hello_dtls1;
544 client_hello_len = sizeof(client_hello_dtls1);
545 cipher_list = cipher_list_dtls1;
546 cipher_list_len = sizeof(cipher_list_dtls1);
547 cipher_list_offset = DTLS_CIPHER_OFFSET;
548 break;
549
550 case DTLS1_2_VERSION:
551 client_hello = client_hello_dtls12;
552 client_hello_len = sizeof(client_hello_dtls12);
553 cipher_list = cipher_list_dtls12_chacha;
554 cipher_list_len = sizeof(cipher_list_dtls12_chacha);
555 if (ssl_aes_is_accelerated()) {
556 cipher_list = cipher_list_dtls12_aes;
557 cipher_list_len = sizeof(cipher_list_dtls12_aes);
558 }
559 cipher_list_offset = DTLS_CIPHER_OFFSET;
560 break;
561
562 case TLS1_VERSION:
563 client_hello = client_hello_tls10;
564 client_hello_len = sizeof(client_hello_tls10);
565 cipher_list = cipher_list_tls10;
566 cipher_list_len = sizeof(cipher_list_tls10);
567 cipher_list_offset = SSL3_CIPHER_OFFSET;
568 break;
569
570 case TLS1_1_VERSION:
571 client_hello = client_hello_tls11;
572 client_hello_len = sizeof(client_hello_tls11);
573 cipher_list = cipher_list_tls11;
574 cipher_list_len = sizeof(cipher_list_tls11);
575 cipher_list_offset = SSL3_CIPHER_OFFSET;
576 break;
577
578 case TLS1_2_VERSION:
579 client_hello = client_hello_tls12;
580 client_hello_len = sizeof(client_hello_tls12);
581 cipher_list = cipher_list_tls12_chacha;
582 cipher_list_len = sizeof(cipher_list_tls12_chacha);
583 if (ssl_aes_is_accelerated()) {
584 cipher_list = cipher_list_tls12_aes;
585 cipher_list_len = sizeof(cipher_list_tls12_aes);
586 }
587 cipher_list_offset = SSL3_CIPHER_OFFSET;
588 break;
589
590 case TLS1_3_VERSION:
591 client_hello = client_hello_tls13;
592 client_hello_len = sizeof(client_hello_tls13);
593 cipher_list = cipher_list_tls13_chacha;
594 cipher_list_len = sizeof(cipher_list_tls13_chacha);
595 if (ssl_aes_is_accelerated()) {
596 cipher_list = cipher_list_tls13_aes;
597 cipher_list_len = sizeof(cipher_list_tls13_aes);
598 }
599 cipher_list_offset = TLS13_CIPHER_OFFSET;
600 break;
601
602 case TLS1_3_VERSION_ONLY:
603 client_hello = client_hello_tls13_only;
604 client_hello_len = sizeof(client_hello_tls13_only);
605 cipher_list = cipher_list_tls13_only_chacha;
606 cipher_list_len = sizeof(cipher_list_tls13_only_chacha);
607 if (ssl_aes_is_accelerated()) {
608 cipher_list = cipher_list_tls13_only_aes;
609 cipher_list_len = sizeof(cipher_list_tls13_only_aes);
610 }
611 cipher_list_offset = TLS13_CIPHER_OFFSET;
612 break;
613
614 default:
615 return (-1);
616 }
617
618 if ((p = malloc(client_hello_len)) == NULL)
619 return (-1);
620
621 memcpy(p, client_hello, client_hello_len);
622 memcpy(p + cipher_list_offset, cipher_list, cipher_list_len);
623
624 *out = p;
625 *outlen = client_hello_len;
626
627 return (0);
628}
629
630static int
631client_hello_test(int testno, const struct client_hello_test *cht)
632{
633 BIO *rbio = NULL, *wbio = NULL;
634 SSL_CTX *ssl_ctx = NULL;
635 SSL *ssl = NULL;
636 char *client_hello = NULL;
637 size_t client_hello_len;
638 size_t session_len;
639 char *wbuf, rbuf[1];
640 int ret = 1;
641 long len;
642
643 fprintf(stderr, "Test %d - %s\n", testno, cht->desc);
644
645 /* Providing a small buf causes *_get_server_hello() to return. */
646 if ((rbio = BIO_new_mem_buf(rbuf, sizeof(rbuf))) == NULL) {
647 fprintf(stderr, "Failed to setup rbio\n");
648 goto failure;
649 }
650 if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
651 fprintf(stderr, "Failed to setup wbio\n");
652 goto failure;
653 }
654
655 if ((ssl_ctx = SSL_CTX_new(cht->ssl_method())) == NULL) {
656 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
657 goto failure;
658 }
659
660 SSL_CTX_set_options(ssl_ctx, cht->ssl_options);
661
662 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
663 fprintf(stderr, "SSL_new() returned NULL\n");
664 goto failure;
665 }
666
667 if (!tlsext_linearize_build_order(ssl)) {
668 fprintf(stderr, "failed to linearize build order");
669 goto failure;
670 }
671
672 BIO_up_ref(rbio);
673 BIO_up_ref(wbio);
674 SSL_set_bio(ssl, rbio, wbio);
675
676 if (SSL_connect(ssl) != 0) {
677 if (cht->connect_fails)
678 goto done;
679 fprintf(stderr, "SSL_connect() returned non-zero\n");
680 goto failure;
681 }
682
683 len = BIO_get_mem_data(wbio, &wbuf);
684
685 if (make_client_hello(cht->protocol, &client_hello,
686 &client_hello_len) != 0)
687 errx(1, "failed to make client hello");
688
689 if ((size_t)len != client_hello_len) {
690 fprintf(stderr, "FAIL: test returned ClientHello length %ld, "
691 "want %zu\n", len, client_hello_len);
692 fprintf(stderr, "received:\n");
693 hexdump(wbuf, len, NULL);
694 fprintf(stderr, "test data:\n");
695 hexdump(client_hello, client_hello_len, NULL);
696 fprintf(stderr, "\n");
697 goto failure;
698 }
699
700 /* We expect the client random to differ. */
701 if (memcmp(&client_hello[cht->random_start], &wbuf[cht->random_start],
702 SSL3_RANDOM_SIZE) == 0) {
703 fprintf(stderr, "FAIL: ClientHello has zeroed random\n");
704 goto failure;
705 }
706
707 memset(&wbuf[cht->random_start], 0, SSL3_RANDOM_SIZE);
708
709 if (cht->session_start > 0) {
710 session_len = wbuf[cht->session_start];
711 if (session_len > 0)
712 memset(&wbuf[cht->session_start + 1], 0, session_len);
713 }
714 if (cht->key_share_start > 0)
715 memset(&wbuf[cht->key_share_start], 0, 32);
716
717 if (memcmp(client_hello, wbuf, client_hello_len) != 0) {
718 fprintf(stderr, "FAIL: ClientHello differs:\n");
719 fprintf(stderr, "received:\n");
720 hexdump(wbuf, len, client_hello);
721 fprintf(stderr, "test data:\n");
722 hexdump(client_hello, client_hello_len, wbuf);
723 fprintf(stderr, "\n");
724 goto failure;
725 }
726
727 done:
728 ret = 0;
729
730 failure:
731 SSL_CTX_free(ssl_ctx);
732 SSL_free(ssl);
733
734 BIO_free(rbio);
735 BIO_free(wbio);
736
737 free(client_hello);
738
739 return (ret);
740}
741
742int
743main(int argc, char **argv)
744{
745 int failed = 0;
746 size_t i;
747
748 SSL_library_init();
749
750 for (i = 0; i < N_CLIENT_HELLO_TESTS; i++)
751 failed |= client_hello_test(i, &client_hello_tests[i]);
752
753 return (failed);
754}
diff --git a/src/regress/lib/libssl/dtls/Makefile b/src/regress/lib/libssl/dtls/Makefile
deleted file mode 100644
index 438cd5c7ff..0000000000
--- a/src/regress/lib/libssl/dtls/Makefile
+++ /dev/null
@@ -1,20 +0,0 @@
1# $OpenBSD: Makefile,v 1.3 2022/01/07 09:07:00 tb Exp $
2
3PROG= dtlstest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libcrypto/bio
9CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
10
11REGRESS_TARGETS= \
12 regress-dtlstest
13
14regress-dtlstest: ${PROG}
15 ./dtlstest \
16 ${.CURDIR}/../../libssl/certs/server.pem \
17 ${.CURDIR}/../../libssl/certs/server.pem \
18 ${.CURDIR}/../../libssl/certs/ca.pem
19
20.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/dtls/dtlstest.c b/src/regress/lib/libssl/dtls/dtlstest.c
deleted file mode 100644
index a749bcf0ed..0000000000
--- a/src/regress/lib/libssl/dtls/dtlstest.c
+++ /dev/null
@@ -1,1077 +0,0 @@
1/* $OpenBSD: dtlstest.c,v 1.18 2022/11/26 16:08:56 tb Exp $ */
2/*
3 * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <netinet/in.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <limits.h>
23#include <poll.h>
24#include <unistd.h>
25
26#include <openssl/bio.h>
27#include <openssl/err.h>
28#include <openssl/ssl.h>
29
30#include "bio_local.h"
31#include "ssl_local.h"
32
33const char *server_ca_file;
34const char *server_cert_file;
35const char *server_key_file;
36
37char dtls_cookie[32];
38
39int debug = 0;
40
41void tls12_record_layer_set_initial_epoch(struct tls12_record_layer *rl,
42 uint16_t epoch);
43
44static void
45hexdump(const unsigned char *buf, size_t len)
46{
47 size_t i;
48
49 for (i = 1; i <= len; i++)
50 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
51
52 if (len % 8)
53 fprintf(stderr, "\n");
54}
55
56#define BIO_C_DELAY_COUNT 1000
57#define BIO_C_DELAY_FLUSH 1001
58#define BIO_C_DELAY_PACKET 1002
59#define BIO_C_DROP_PACKET 1003
60#define BIO_C_DROP_RANDOM 1004
61
62struct bio_packet_monkey_ctx {
63 unsigned int delay_count;
64 unsigned int delay_mask;
65 unsigned int drop_rand;
66 unsigned int drop_mask;
67 uint8_t *delayed_msg;
68 size_t delayed_msg_len;
69};
70
71static int
72bio_packet_monkey_new(BIO *bio)
73{
74 struct bio_packet_monkey_ctx *ctx;
75
76 if ((ctx = calloc(1, sizeof(*ctx))) == NULL)
77 return 0;
78
79 bio->flags = 0;
80 bio->init = 1;
81 bio->num = 0;
82 bio->ptr = ctx;
83
84 return 1;
85}
86
87static int
88bio_packet_monkey_free(BIO *bio)
89{
90 struct bio_packet_monkey_ctx *ctx;
91
92 if (bio == NULL)
93 return 1;
94
95 ctx = bio->ptr;
96 free(ctx->delayed_msg);
97 free(ctx);
98
99 return 1;
100}
101
102static int
103bio_packet_monkey_delay_flush(BIO *bio)
104{
105 struct bio_packet_monkey_ctx *ctx = bio->ptr;
106
107 if (ctx->delayed_msg == NULL)
108 return 1;
109
110 if (debug)
111 fprintf(stderr, "DEBUG: flushing delayed packet...\n");
112 if (debug > 1)
113 hexdump(ctx->delayed_msg, ctx->delayed_msg_len);
114
115 BIO_write(bio->next_bio, ctx->delayed_msg, ctx->delayed_msg_len);
116
117 free(ctx->delayed_msg);
118 ctx->delayed_msg = NULL;
119
120 return BIO_ctrl(bio->next_bio, BIO_CTRL_FLUSH, 0, NULL);
121}
122
123static long
124bio_packet_monkey_ctrl(BIO *bio, int cmd, long num, void *ptr)
125{
126 struct bio_packet_monkey_ctx *ctx;
127
128 ctx = bio->ptr;
129
130 switch (cmd) {
131 case BIO_C_DELAY_COUNT:
132 if (num < 1 || num > 31)
133 return 0;
134 ctx->delay_count = num;
135 return 1;
136
137 case BIO_C_DELAY_FLUSH:
138 return bio_packet_monkey_delay_flush(bio);
139
140 case BIO_C_DELAY_PACKET:
141 if (num < 1 || num > 31)
142 return 0;
143 ctx->delay_mask |= 1 << ((unsigned int)num - 1);
144 return 1;
145
146 case BIO_C_DROP_PACKET:
147 if (num < 1 || num > 31)
148 return 0;
149 ctx->drop_mask |= 1 << ((unsigned int)num - 1);
150 return 1;
151
152 case BIO_C_DROP_RANDOM:
153 if (num < 0 || (size_t)num > UINT_MAX)
154 return 0;
155 ctx->drop_rand = (unsigned int)num;
156 return 1;
157 }
158
159 if (bio->next_bio == NULL)
160 return 0;
161
162 return BIO_ctrl(bio->next_bio, cmd, num, ptr);
163}
164
165static int
166bio_packet_monkey_read(BIO *bio, char *out, int out_len)
167{
168 struct bio_packet_monkey_ctx *ctx = bio->ptr;
169 int ret;
170
171 if (ctx == NULL || bio->next_bio == NULL)
172 return 0;
173
174 ret = BIO_read(bio->next_bio, out, out_len);
175
176 if (ret > 0) {
177 if (debug)
178 fprintf(stderr, "DEBUG: read packet...\n");
179 if (debug > 1)
180 hexdump(out, ret);
181 }
182
183 BIO_clear_retry_flags(bio);
184 if (ret <= 0 && BIO_should_retry(bio->next_bio))
185 BIO_set_retry_read(bio);
186
187 return ret;
188}
189
190static int
191bio_packet_monkey_write(BIO *bio, const char *in, int in_len)
192{
193 struct bio_packet_monkey_ctx *ctx = bio->ptr;
194 const char *label = "writing";
195 int delay = 0, drop = 0;
196 int ret;
197
198 if (ctx == NULL || bio->next_bio == NULL)
199 return 0;
200
201 if (ctx->delayed_msg != NULL && ctx->delay_count > 0)
202 ctx->delay_count--;
203
204 if (ctx->delayed_msg != NULL && ctx->delay_count == 0) {
205 if (debug)
206 fprintf(stderr, "DEBUG: writing delayed packet...\n");
207 if (debug > 1)
208 hexdump(ctx->delayed_msg, ctx->delayed_msg_len);
209
210 ret = BIO_write(bio->next_bio, ctx->delayed_msg,
211 ctx->delayed_msg_len);
212
213 BIO_clear_retry_flags(bio);
214 if (ret <= 0 && BIO_should_retry(bio->next_bio)) {
215 BIO_set_retry_write(bio);
216 return (ret);
217 }
218
219 free(ctx->delayed_msg);
220 ctx->delayed_msg = NULL;
221 }
222
223 if (ctx->delay_mask > 0) {
224 delay = ctx->delay_mask & 1;
225 ctx->delay_mask >>= 1;
226 }
227 if (ctx->drop_rand > 0) {
228 drop = arc4random_uniform(ctx->drop_rand) == 0;
229 } else if (ctx->drop_mask > 0) {
230 drop = ctx->drop_mask & 1;
231 ctx->drop_mask >>= 1;
232 }
233
234 if (delay)
235 label = "delaying";
236 if (drop)
237 label = "dropping";
238 if (debug)
239 fprintf(stderr, "DEBUG: %s packet...\n", label);
240 if (debug > 1)
241 hexdump(in, in_len);
242
243 if (drop)
244 return in_len;
245
246 if (delay) {
247 if (ctx->delayed_msg != NULL)
248 return 0;
249 if ((ctx->delayed_msg = calloc(1, in_len)) == NULL)
250 return 0;
251 memcpy(ctx->delayed_msg, in, in_len);
252 ctx->delayed_msg_len = in_len;
253 return in_len;
254 }
255
256 ret = BIO_write(bio->next_bio, in, in_len);
257
258 BIO_clear_retry_flags(bio);
259 if (ret <= 0 && BIO_should_retry(bio->next_bio))
260 BIO_set_retry_write(bio);
261
262 return ret;
263}
264
265static int
266bio_packet_monkey_puts(BIO *bio, const char *str)
267{
268 return bio_packet_monkey_write(bio, str, strlen(str));
269}
270
271static const BIO_METHOD bio_packet_monkey = {
272 .type = BIO_TYPE_BUFFER,
273 .name = "packet monkey",
274 .bread = bio_packet_monkey_read,
275 .bwrite = bio_packet_monkey_write,
276 .bputs = bio_packet_monkey_puts,
277 .ctrl = bio_packet_monkey_ctrl,
278 .create = bio_packet_monkey_new,
279 .destroy = bio_packet_monkey_free
280};
281
282static const BIO_METHOD *
283BIO_f_packet_monkey(void)
284{
285 return &bio_packet_monkey;
286}
287
288static BIO *
289BIO_new_packet_monkey(void)
290{
291 return BIO_new(BIO_f_packet_monkey());
292}
293
294static int
295BIO_packet_monkey_delay(BIO *bio, int num, int count)
296{
297 if (!BIO_ctrl(bio, BIO_C_DELAY_COUNT, count, NULL))
298 return 0;
299
300 return BIO_ctrl(bio, BIO_C_DELAY_PACKET, num, NULL);
301}
302
303static int
304BIO_packet_monkey_delay_flush(BIO *bio)
305{
306 return BIO_ctrl(bio, BIO_C_DELAY_FLUSH, 0, NULL);
307}
308
309static int
310BIO_packet_monkey_drop(BIO *bio, int num)
311{
312 return BIO_ctrl(bio, BIO_C_DROP_PACKET, num, NULL);
313}
314
315#if 0
316static int
317BIO_packet_monkey_drop_random(BIO *bio, int num)
318{
319 return BIO_ctrl(bio, BIO_C_DROP_RANDOM, num, NULL);
320}
321#endif
322
323static int
324datagram_pair(int *client_sock, int *server_sock,
325 struct sockaddr_in *server_sin)
326{
327 struct sockaddr_in sin;
328 socklen_t sock_len;
329 int cs = -1, ss = -1;
330
331 memset(&sin, 0, sizeof(sin));
332 sin.sin_family = AF_INET;
333 sin.sin_port = 0;
334 sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
335
336 if ((ss = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
337 err(1, "server socket");
338 if (bind(ss, (struct sockaddr *)&sin, sizeof(sin)) == -1)
339 err(1, "server bind");
340 sock_len = sizeof(sin);
341 if (getsockname(ss, (struct sockaddr *)&sin, &sock_len) == -1)
342 err(1, "server getsockname");
343
344 if ((cs = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
345 err(1, "client socket");
346 if (connect(cs, (struct sockaddr *)&sin, sizeof(sin)) == -1)
347 err(1, "client connect");
348
349 *client_sock = cs;
350 *server_sock = ss;
351 memcpy(server_sin, &sin, sizeof(sin));
352
353 return 1;
354}
355
356static int
357poll_timeout(SSL *client, SSL *server)
358{
359 int client_timeout = 0, server_timeout = 0;
360 struct timeval timeout;
361
362 if (DTLSv1_get_timeout(client, &timeout))
363 client_timeout = timeout.tv_sec * 1000 + timeout.tv_usec / 1000;
364
365 if (DTLSv1_get_timeout(server, &timeout))
366 server_timeout = timeout.tv_sec * 1000 + timeout.tv_usec / 1000;
367
368 if (client_timeout < 10)
369 client_timeout = 10;
370 if (server_timeout < 10)
371 server_timeout = 10;
372
373 /* XXX */
374 if (client_timeout <= 0)
375 return server_timeout;
376 if (client_timeout > 0 && server_timeout <= 0)
377 return client_timeout;
378 if (client_timeout < server_timeout)
379 return client_timeout;
380
381 return server_timeout;
382}
383
384static int
385dtls_cookie_generate(SSL *ssl, unsigned char *cookie,
386 unsigned int *cookie_len)
387{
388 arc4random_buf(dtls_cookie, sizeof(dtls_cookie));
389 memcpy(cookie, dtls_cookie, sizeof(dtls_cookie));
390 *cookie_len = sizeof(dtls_cookie);
391
392 return 1;
393}
394
395static int
396dtls_cookie_verify(SSL *ssl, const unsigned char *cookie,
397 unsigned int cookie_len)
398{
399 return cookie_len == sizeof(dtls_cookie) &&
400 memcmp(cookie, dtls_cookie, sizeof(dtls_cookie)) == 0;
401}
402
403static void
404dtls_info_callback(const SSL *ssl, int type, int val)
405{
406 /*
407 * Squeals ahead... remove the bbio from the info callback, so we can
408 * drop specific messages. Ideally this would be an option for the SSL.
409 */
410 if (ssl->wbio == ssl->bbio)
411 ((SSL *)ssl)->wbio = BIO_pop(ssl->wbio);
412}
413
414static SSL *
415dtls_client(int sock, struct sockaddr_in *server_sin, long mtu)
416{
417 SSL_CTX *ssl_ctx = NULL;
418 SSL *ssl = NULL;
419 BIO *bio = NULL;
420
421 if ((bio = BIO_new_dgram(sock, BIO_NOCLOSE)) == NULL)
422 errx(1, "client bio");
423 if (!BIO_socket_nbio(sock, 1))
424 errx(1, "client nbio");
425 if (!BIO_ctrl_set_connected(bio, 1, server_sin))
426 errx(1, "client set connected");
427
428 if ((ssl_ctx = SSL_CTX_new(DTLS_method())) == NULL)
429 errx(1, "client context");
430
431 if ((ssl = SSL_new(ssl_ctx)) == NULL)
432 errx(1, "client ssl");
433
434 SSL_set_bio(ssl, bio, bio);
435 bio = NULL;
436
437 if (mtu > 0) {
438 SSL_set_options(ssl, SSL_OP_NO_QUERY_MTU);
439 SSL_set_mtu(ssl, mtu);
440 }
441
442 SSL_CTX_free(ssl_ctx);
443 BIO_free(bio);
444
445 return ssl;
446}
447
448static SSL *
449dtls_server(int sock, long options, long mtu)
450{
451 SSL_CTX *ssl_ctx = NULL;
452 SSL *ssl = NULL;
453 BIO *bio = NULL;
454
455 if ((bio = BIO_new_dgram(sock, BIO_NOCLOSE)) == NULL)
456 errx(1, "server bio");
457 if (!BIO_socket_nbio(sock, 1))
458 errx(1, "server nbio");
459
460 if ((ssl_ctx = SSL_CTX_new(DTLS_method())) == NULL)
461 errx(1, "server context");
462
463 SSL_CTX_set_cookie_generate_cb(ssl_ctx, dtls_cookie_generate);
464 SSL_CTX_set_cookie_verify_cb(ssl_ctx, dtls_cookie_verify);
465 SSL_CTX_set_dh_auto(ssl_ctx, 2);
466 SSL_CTX_set_options(ssl_ctx, options);
467
468 if (SSL_CTX_use_certificate_chain_file(ssl_ctx, server_cert_file) != 1) {
469 fprintf(stderr, "FAIL: Failed to load server certificate");
470 goto failure;
471 }
472 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
473 SSL_FILETYPE_PEM) != 1) {
474 fprintf(stderr, "FAIL: Failed to load server private key");
475 goto failure;
476 }
477
478 if ((ssl = SSL_new(ssl_ctx)) == NULL)
479 errx(1, "server ssl");
480
481 if (SSL_use_certificate_chain_file(ssl, server_cert_file) != 1) {
482 fprintf(stderr, "FAIL: Failed to load server certificate");
483 goto failure;
484 }
485 SSL_set_bio(ssl, bio, bio);
486 bio = NULL;
487
488 if (mtu > 0) {
489 SSL_set_options(ssl, SSL_OP_NO_QUERY_MTU);
490 SSL_set_mtu(ssl, mtu);
491 }
492
493 failure:
494 SSL_CTX_free(ssl_ctx);
495 BIO_free(bio);
496
497 return ssl;
498}
499
500static int
501ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret,
502 short *events)
503{
504 int ssl_err;
505
506 ssl_err = SSL_get_error(ssl, ssl_ret);
507
508 if (ssl_err == SSL_ERROR_WANT_READ) {
509 *events = POLLIN;
510 } else if (ssl_err == SSL_ERROR_WANT_WRITE) {
511 *events = POLLOUT;
512 } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
513 /* Yup, this is apparently a thing... */
514 } else {
515 fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
516 name, desc, ssl_err, errno);
517 ERR_print_errors_fp(stderr);
518 return 0;
519 }
520
521 return 1;
522}
523
524static int
525do_connect(SSL *ssl, const char *name, int *done, short *events)
526{
527 int ssl_ret;
528
529 if ((ssl_ret = SSL_connect(ssl)) != 1)
530 return ssl_error(ssl, name, "connect", ssl_ret, events);
531
532 fprintf(stderr, "INFO: %s connect done\n", name);
533 *done = 1;
534
535 return 1;
536}
537
538static int
539do_connect_read(SSL *ssl, const char *name, int *done, short *events)
540{
541 uint8_t buf[2048];
542 int ssl_ret;
543 int i;
544
545 if ((ssl_ret = SSL_connect(ssl)) != 1)
546 return ssl_error(ssl, name, "connect", ssl_ret, events);
547
548 fprintf(stderr, "INFO: %s connect done\n", name);
549 *done = 1;
550
551 for (i = 0; i < 3; i++) {
552 fprintf(stderr, "INFO: %s reading after connect\n", name);
553 if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) != 3) {
554 fprintf(stderr, "ERROR: %s read failed\n", name);
555 return 0;
556 }
557 }
558
559 return 1;
560}
561
562static int
563do_connect_shutdown(SSL *ssl, const char *name, int *done, short *events)
564{
565 uint8_t buf[2048];
566 int ssl_ret;
567
568 if ((ssl_ret = SSL_connect(ssl)) != 1)
569 return ssl_error(ssl, name, "connect", ssl_ret, events);
570
571 fprintf(stderr, "INFO: %s connect done\n", name);
572 *done = 1;
573
574 ssl_ret = SSL_read(ssl, buf, sizeof(buf));
575 if (SSL_get_error(ssl, ssl_ret) != SSL_ERROR_ZERO_RETURN) {
576 fprintf(stderr, "FAIL: %s did not receive close-notify\n", name);
577 return 0;
578 }
579
580 fprintf(stderr, "INFO: %s received close-notify\n", name);
581
582 return 1;
583}
584
585static int
586do_accept(SSL *ssl, const char *name, int *done, short *events)
587{
588 int ssl_ret;
589
590 if ((ssl_ret = SSL_accept(ssl)) != 1)
591 return ssl_error(ssl, name, "accept", ssl_ret, events);
592
593 fprintf(stderr, "INFO: %s accept done\n", name);
594 *done = 1;
595
596 return 1;
597}
598
599static int
600do_accept_write(SSL *ssl, const char *name, int *done, short *events)
601{
602 int ssl_ret;
603 BIO *bio;
604 int i;
605
606 if ((ssl_ret = SSL_accept(ssl)) != 1)
607 return ssl_error(ssl, name, "accept", ssl_ret, events);
608
609 fprintf(stderr, "INFO: %s accept done\n", name);
610
611 for (i = 0; i < 3; i++) {
612 fprintf(stderr, "INFO: %s writing after accept\n", name);
613 if ((ssl_ret = SSL_write(ssl, "abc", 3)) != 3) {
614 fprintf(stderr, "ERROR: %s write failed\n", name);
615 return 0;
616 }
617 }
618
619 if ((bio = SSL_get_wbio(ssl)) == NULL)
620 errx(1, "SSL has NULL bio");
621
622 /* Flush any delayed packets. */
623 BIO_packet_monkey_delay_flush(bio);
624
625 *done = 1;
626 return 1;
627}
628
629static int
630do_accept_shutdown(SSL *ssl, const char *name, int *done, short *events)
631{
632 int ssl_ret;
633 BIO *bio;
634
635 if ((ssl_ret = SSL_accept(ssl)) != 1)
636 return ssl_error(ssl, name, "accept", ssl_ret, events);
637
638 fprintf(stderr, "INFO: %s accept done\n", name);
639
640 SSL_shutdown(ssl);
641
642 if ((bio = SSL_get_wbio(ssl)) == NULL)
643 errx(1, "SSL has NULL bio");
644
645 /* Flush any delayed packets. */
646 BIO_packet_monkey_delay_flush(bio);
647
648 *done = 1;
649 return 1;
650}
651
652static int
653do_read(SSL *ssl, const char *name, int *done, short *events)
654{
655 uint8_t buf[512];
656 int ssl_ret;
657
658 if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) > 0) {
659 fprintf(stderr, "INFO: %s read done\n", name);
660 if (debug > 1)
661 hexdump(buf, ssl_ret);
662 *done = 1;
663 return 1;
664 }
665
666 return ssl_error(ssl, name, "read", ssl_ret, events);
667}
668
669static int
670do_write(SSL *ssl, const char *name, int *done, short *events)
671{
672 const uint8_t buf[] = "Hello, World!\n";
673 int ssl_ret;
674
675 if ((ssl_ret = SSL_write(ssl, buf, sizeof(buf))) > 0) {
676 fprintf(stderr, "INFO: %s write done\n", name);
677 *done = 1;
678 return 1;
679 }
680
681 return ssl_error(ssl, name, "write", ssl_ret, events);
682}
683
684static int
685do_shutdown(SSL *ssl, const char *name, int *done, short *events)
686{
687 int ssl_ret;
688
689 ssl_ret = SSL_shutdown(ssl);
690 if (ssl_ret == 1) {
691 fprintf(stderr, "INFO: %s shutdown done\n", name);
692 *done = 1;
693 return 1;
694 }
695 return ssl_error(ssl, name, "shutdown", ssl_ret, events);
696}
697
698typedef int (ssl_func)(SSL *ssl, const char *name, int *done, short *events);
699
700static int
701do_client_server_loop(SSL *client, ssl_func *client_func, SSL *server,
702 ssl_func *server_func, struct pollfd pfd[2])
703{
704 int client_done = 0, server_done = 0;
705 int i = 0;
706
707 pfd[0].revents = POLLIN;
708 pfd[1].revents = POLLIN;
709
710 do {
711 if (!client_done) {
712 if (debug)
713 fprintf(stderr, "DEBUG: client loop\n");
714 if (DTLSv1_handle_timeout(client) > 0)
715 fprintf(stderr, "INFO: client timeout\n");
716 if (!client_func(client, "client", &client_done,
717 &pfd[0].events))
718 return 0;
719 if (client_done)
720 pfd[0].events = 0;
721 }
722 if (!server_done) {
723 if (debug)
724 fprintf(stderr, "DEBUG: server loop\n");
725 if (DTLSv1_handle_timeout(server) > 0)
726 fprintf(stderr, "INFO: server timeout\n");
727 if (!server_func(server, "server", &server_done,
728 &pfd[1].events))
729 return 0;
730 if (server_done)
731 pfd[1].events = 0;
732 }
733 if (poll(pfd, 2, poll_timeout(client, server)) == -1)
734 err(1, "poll");
735
736 } while (i++ < 100 && (!client_done || !server_done));
737
738 if (!client_done || !server_done)
739 fprintf(stderr, "FAIL: gave up\n");
740
741 return client_done && server_done;
742}
743
744#define MAX_PACKET_DELAYS 32
745#define MAX_PACKET_DROPS 32
746
747struct dtls_delay {
748 uint8_t packet;
749 uint8_t count;
750};
751
752struct dtls_test {
753 const unsigned char *desc;
754 long mtu;
755 long ssl_options;
756 int client_bbio_off;
757 int server_bbio_off;
758 uint16_t initial_epoch;
759 int write_after_accept;
760 int shutdown_after_accept;
761 struct dtls_delay client_delays[MAX_PACKET_DELAYS];
762 struct dtls_delay server_delays[MAX_PACKET_DELAYS];
763 uint8_t client_drops[MAX_PACKET_DROPS];
764 uint8_t server_drops[MAX_PACKET_DROPS];
765};
766
767static const struct dtls_test dtls_tests[] = {
768 {
769 .desc = "DTLS without cookies",
770 .ssl_options = 0,
771 },
772 {
773 .desc = "DTLS without cookies (initial epoch 0xfffe)",
774 .ssl_options = 0,
775 .initial_epoch = 0xfffe,
776 },
777 {
778 .desc = "DTLS without cookies (initial epoch 0xffff)",
779 .ssl_options = 0,
780 .initial_epoch = 0xffff,
781 },
782 {
783 .desc = "DTLS with cookies",
784 .ssl_options = SSL_OP_COOKIE_EXCHANGE,
785 },
786 {
787 .desc = "DTLS with low MTU",
788 .mtu = 256,
789 .ssl_options = 0,
790 },
791 {
792 .desc = "DTLS with low MTU and cookies",
793 .mtu = 256,
794 .ssl_options = SSL_OP_COOKIE_EXCHANGE,
795 },
796 {
797 .desc = "DTLS with dropped server response",
798 .ssl_options = 0,
799 .server_drops = { 1 },
800 },
801 {
802 .desc = "DTLS with two dropped server responses",
803 .ssl_options = 0,
804 .server_drops = { 1, 2 },
805 },
806 {
807 .desc = "DTLS with dropped ServerHello",
808 .ssl_options = SSL_OP_NO_TICKET,
809 .server_bbio_off = 1,
810 .server_drops = { 1 },
811 },
812 {
813 .desc = "DTLS with dropped server Certificate",
814 .ssl_options = SSL_OP_NO_TICKET,
815 .server_bbio_off = 1,
816 .server_drops = { 2 },
817 },
818 {
819 .desc = "DTLS with dropped ServerKeyExchange",
820 .ssl_options = SSL_OP_NO_TICKET,
821 .server_bbio_off = 1,
822 .server_drops = { 3 },
823 },
824 {
825 .desc = "DTLS with dropped ServerHelloDone",
826 .ssl_options = SSL_OP_NO_TICKET,
827 .server_bbio_off = 1,
828 .server_drops = { 4 },
829 },
830#if 0
831 /*
832 * These two result in the server accept completing and the
833 * client looping on a timeout. Presumably the server should not
834 * complete until the client Finished is received... this due to
835 * a flaw in the DTLSv1.0 specification, which is addressed in
836 * DTLSv1.2 (see references to "last flight" in RFC 6347 section
837 * 4.2.4). Our DTLS server code still needs to support this.
838 */
839 {
840 .desc = "DTLS with dropped server CCS",
841 .ssl_options = 0,
842 .server_bbio_off = 1,
843 .server_drops = { 5 },
844 },
845 {
846 .desc = "DTLS with dropped server Finished",
847 .ssl_options = 0,
848 .server_bbio_off = 1,
849 .server_drops = { 6 },
850 },
851#endif
852 {
853 .desc = "DTLS with dropped ClientKeyExchange",
854 .ssl_options = 0,
855 .client_bbio_off = 1,
856 .client_drops = { 2 },
857 },
858 {
859 .desc = "DTLS with dropped client CCS",
860 .ssl_options = 0,
861 .client_bbio_off = 1,
862 .client_drops = { 3 },
863 },
864 {
865 .desc = "DTLS with dropped client Finished",
866 .ssl_options = 0,
867 .client_bbio_off = 1,
868 .client_drops = { 4 },
869 },
870 {
871 /* Send CCS after client Finished. */
872 .desc = "DTLS with delayed client CCS",
873 .ssl_options = 0,
874 .client_bbio_off = 1,
875 .client_delays = { { 3, 2 } },
876 },
877 {
878 /*
879 * Send CCS after server Finished - note app data will be
880 * dropped if we send the CCS after app data.
881 */
882 .desc = "DTLS with delayed server CCS",
883 .ssl_options = SSL_OP_NO_TICKET,
884 .server_bbio_off = 1,
885 .server_delays = { { 5, 2 } },
886 .write_after_accept = 1,
887 },
888 {
889 .desc = "DTLS with delayed server CCS (initial epoch 0xfffe)",
890 .ssl_options = SSL_OP_NO_TICKET,
891 .server_bbio_off = 1,
892 .initial_epoch = 0xfffe,
893 .server_delays = { { 5, 2 } },
894 .write_after_accept = 1,
895 },
896 {
897 .desc = "DTLS with delayed server CCS (initial epoch 0xffff)",
898 .ssl_options = SSL_OP_NO_TICKET,
899 .server_bbio_off = 1,
900 .initial_epoch = 0xffff,
901 .server_delays = { { 5, 2 } },
902 .write_after_accept = 1,
903 },
904 {
905 /* Send Finished after app data - this is currently buffered. */
906 .desc = "DTLS with delayed server Finished",
907 .ssl_options = SSL_OP_NO_TICKET,
908 .server_bbio_off = 1,
909 .server_delays = { { 6, 3 } },
910 .write_after_accept = 1,
911 },
912 {
913 /* Send CCS after server finished and close-notify. */
914 .desc = "DTLS with delayed server CCS (close-notify)",
915 .ssl_options = SSL_OP_NO_TICKET,
916 .server_bbio_off = 1,
917 .server_delays = { { 5, 3 } },
918 .shutdown_after_accept = 1,
919 },
920};
921
922#define N_DTLS_TESTS (sizeof(dtls_tests) / sizeof(*dtls_tests))
923
924static void
925dtlstest_packet_monkey(SSL *ssl, const struct dtls_delay delays[],
926 const uint8_t drops[])
927{
928 BIO *bio_monkey;
929 BIO *bio;
930 int i;
931
932 if ((bio_monkey = BIO_new_packet_monkey()) == NULL)
933 errx(1, "packet monkey");
934
935 for (i = 0; i < MAX_PACKET_DELAYS; i++) {
936 if (delays[i].packet == 0)
937 break;
938 if (!BIO_packet_monkey_delay(bio_monkey, delays[i].packet,
939 delays[i].count))
940 errx(1, "delay failure");
941 }
942
943 for (i = 0; i < MAX_PACKET_DROPS; i++) {
944 if (drops[i] == 0)
945 break;
946 if (!BIO_packet_monkey_drop(bio_monkey, drops[i]))
947 errx(1, "drop failure");
948 }
949
950 if ((bio = SSL_get_wbio(ssl)) == NULL)
951 errx(1, "SSL has NULL bio");
952
953 BIO_up_ref(bio);
954 bio = BIO_push(bio_monkey, bio);
955
956 SSL_set_bio(ssl, bio, bio);
957}
958
959static int
960dtlstest(const struct dtls_test *dt)
961{
962 SSL *client = NULL, *server = NULL;
963 ssl_func *connect_func, *accept_func;
964 struct sockaddr_in server_sin;
965 struct pollfd pfd[2];
966 int client_sock = -1;
967 int server_sock = -1;
968 int failed = 1;
969
970 fprintf(stderr, "\n== Testing %s... ==\n", dt->desc);
971
972 if (!datagram_pair(&client_sock, &server_sock, &server_sin))
973 goto failure;
974
975 if ((client = dtls_client(client_sock, &server_sin, dt->mtu)) == NULL)
976 goto failure;
977
978 if ((server = dtls_server(server_sock, dt->ssl_options, dt->mtu)) == NULL)
979 goto failure;
980
981 tls12_record_layer_set_initial_epoch(client->rl, dt->initial_epoch);
982 tls12_record_layer_set_initial_epoch(server->rl, dt->initial_epoch);
983
984 if (dt->client_bbio_off)
985 SSL_set_info_callback(client, dtls_info_callback);
986 if (dt->server_bbio_off)
987 SSL_set_info_callback(server, dtls_info_callback);
988
989 dtlstest_packet_monkey(client, dt->client_delays, dt->client_drops);
990 dtlstest_packet_monkey(server, dt->server_delays, dt->server_drops);
991
992 pfd[0].fd = client_sock;
993 pfd[0].events = POLLOUT;
994 pfd[1].fd = server_sock;
995 pfd[1].events = POLLIN;
996
997 accept_func = do_accept;
998 connect_func = do_connect;
999
1000 if (dt->write_after_accept) {
1001 accept_func = do_accept_write;
1002 connect_func = do_connect_read;
1003 } else if (dt->shutdown_after_accept) {
1004 accept_func = do_accept_shutdown;
1005 connect_func = do_connect_shutdown;
1006 }
1007
1008 if (!do_client_server_loop(client, connect_func, server, accept_func, pfd)) {
1009 fprintf(stderr, "FAIL: client and server handshake failed\n");
1010 goto failure;
1011 }
1012
1013 if (dt->write_after_accept || dt->shutdown_after_accept)
1014 goto done;
1015
1016 pfd[0].events = POLLIN;
1017 pfd[1].events = POLLOUT;
1018
1019 if (!do_client_server_loop(client, do_read, server, do_write, pfd)) {
1020 fprintf(stderr, "FAIL: client read and server write I/O failed\n");
1021 goto failure;
1022 }
1023
1024 pfd[0].events = POLLOUT;
1025 pfd[1].events = POLLIN;
1026
1027 if (!do_client_server_loop(client, do_write, server, do_read, pfd)) {
1028 fprintf(stderr, "FAIL: client write and server read I/O failed\n");
1029 goto failure;
1030 }
1031
1032 pfd[0].events = POLLOUT;
1033 pfd[1].events = POLLOUT;
1034
1035 if (!do_client_server_loop(client, do_shutdown, server, do_shutdown, pfd)) {
1036 fprintf(stderr, "FAIL: client and server shutdown failed\n");
1037 goto failure;
1038 }
1039
1040 done:
1041 fprintf(stderr, "INFO: Done!\n");
1042
1043 failed = 0;
1044
1045 failure:
1046 if (client_sock != -1)
1047 close(client_sock);
1048 if (server_sock != -1)
1049 close(server_sock);
1050
1051 SSL_free(client);
1052 SSL_free(server);
1053
1054 return failed;
1055}
1056
1057int
1058main(int argc, char **argv)
1059{
1060 int failed = 0;
1061 size_t i;
1062
1063 if (argc != 4) {
1064 fprintf(stderr, "usage: %s keyfile certfile cafile\n",
1065 argv[0]);
1066 exit(1);
1067 }
1068
1069 server_key_file = argv[1];
1070 server_cert_file = argv[2];
1071 server_ca_file = argv[3];
1072
1073 for (i = 0; i < N_DTLS_TESTS; i++)
1074 failed |= dtlstest(&dtls_tests[i]);
1075
1076 return failed;
1077}
diff --git a/src/regress/lib/libssl/exporter/Makefile b/src/regress/lib/libssl/exporter/Makefile
deleted file mode 100644
index caeffabb13..0000000000
--- a/src/regress/lib/libssl/exporter/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2022/11/05 21:58:24 jsing Exp $
2
3PROG= exportertest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/exporter/exportertest.c b/src/regress/lib/libssl/exporter/exportertest.c
deleted file mode 100644
index 252fcb062e..0000000000
--- a/src/regress/lib/libssl/exporter/exportertest.c
+++ /dev/null
@@ -1,664 +0,0 @@
1/* $OpenBSD: exportertest.c,v 1.3 2023/04/14 14:23:05 tb Exp $ */
2/*
3 * Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/err.h>
19#include <openssl/ssl.h>
20
21#include <err.h>
22#include <stdio.h>
23#include <string.h>
24
25#include "ssl_local.h"
26
27static void
28hexdump(const unsigned char *buf, size_t len)
29{
30 size_t i;
31
32 for (i = 1; i <= len; i++)
33 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
34
35 fprintf(stderr, "\n");
36}
37
38struct exporter_test {
39 uint16_t tls_version;
40 unsigned int cipher_id;
41 const uint8_t *label;
42 size_t label_len;
43 const uint8_t context_value[64];
44 size_t context_value_len;
45 int use_context;
46 const uint8_t client_random[SSL3_RANDOM_SIZE];
47 const uint8_t server_random[SSL3_RANDOM_SIZE];
48 const uint8_t master_key[SSL_MAX_MASTER_KEY_LENGTH];
49 const uint8_t shared_key[64];
50 size_t shared_key_len;
51 const uint8_t export[64];
52 size_t export_len;
53 int want_error;
54};
55
56static const struct exporter_test exporter_tests[] = {
57 {
58 /* Valid export, no context - 32 bytes. */
59 .tls_version = TLS1_2_VERSION,
60 .cipher_id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
61 .label = "EXPERIMENTAL testing",
62 .label_len = 20,
63 .use_context = 0,
64 .client_random = {
65 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
66 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
67 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
68 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
69 },
70 .server_random = {
71 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
72 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
73 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
74 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
75 },
76 .master_key = {
77 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
78 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
79 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
80 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
81 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
82 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
83 },
84 .export = {
85 0x14, 0x08, 0x00, 0x9e, 0x6a, 0x67, 0x75, 0x4c,
86 0xc4, 0xf3, 0x51, 0x57, 0x2f, 0x75, 0x0b, 0xf8,
87 0x16, 0xfa, 0x61, 0x74, 0xd2, 0x12, 0x8f, 0x78,
88 0x77, 0xf9, 0x8a, 0x3e, 0x58, 0x70, 0xf3, 0xd8,
89 },
90 .export_len = 32,
91 },
92 {
93 /* Valid export, no context - 32 bytes. */
94 .tls_version = TLS1_3_VERSION,
95 .label = "EXPERIMENTAL testing",
96 .label_len = 20,
97 .use_context = 0,
98 .shared_key = {
99 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
100 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
101 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
102 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
103 },
104 .shared_key_len = 32,
105 .export = {
106 0x69, 0xf4, 0xac, 0xec, 0x80, 0x67, 0xac, 0x5c,
107 0xa6, 0x24, 0x47, 0xb1, 0x0f, 0xc8, 0xa1, 0x13,
108 0x3b, 0x91, 0x33, 0x82, 0x97, 0x0a, 0xc0, 0xbf,
109 0xac, 0x6d, 0x6b, 0x34, 0x20, 0xd3, 0x3a, 0x02,
110 },
111 .export_len = 32,
112 },
113 {
114 /* Valid export, no context - 64 bytes. */
115 .tls_version = TLS1_2_VERSION,
116 .cipher_id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
117 .label = "EXPERIMENTAL testing",
118 .label_len = 20,
119 .use_context = 0,
120 .client_random = {
121 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
122 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
123 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
124 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
125 },
126 .server_random = {
127 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
128 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
129 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
130 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
131 },
132 .master_key = {
133 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
134 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
135 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
136 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
137 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
138 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
139 },
140 .export = {
141 0x14, 0x08, 0x00, 0x9e, 0x6a, 0x67, 0x75, 0x4c,
142 0xc4, 0xf3, 0x51, 0x57, 0x2f, 0x75, 0x0b, 0xf8,
143 0x16, 0xfa, 0x61, 0x74, 0xd2, 0x12, 0x8f, 0x78,
144 0x77, 0xf9, 0x8a, 0x3e, 0x58, 0x70, 0xf3, 0xd8,
145 0xe8, 0xd2, 0xb7, 0xcd, 0xbc, 0x37, 0xdf, 0x16,
146 0x12, 0xf1, 0xe8, 0xb2, 0x62, 0x79, 0x91, 0x45,
147 0x77, 0xe0, 0x68, 0x6d, 0xd5, 0x31, 0x54, 0x55,
148 0x22, 0x63, 0xc0, 0x36, 0x31, 0x07, 0xda, 0x33,
149 },
150 .export_len = 64,
151 },
152 {
153 /* Valid export, no context - 64 bytes. */
154 .tls_version = TLS1_3_VERSION,
155 .label = "EXPERIMENTAL testing",
156 .label_len = 20,
157 .use_context = 0,
158 .shared_key = {
159 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
160 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
161 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
162 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
163 },
164 .shared_key_len = 32,
165 .export = {
166 0x77, 0x15, 0xe2, 0x07, 0x65, 0x64, 0x3b, 0x14,
167 0x38, 0xcb, 0x73, 0x93, 0xda, 0x70, 0xfa, 0x86,
168 0x2c, 0x34, 0xcc, 0x94, 0x52, 0xc2, 0xd3, 0xb4,
169 0x59, 0x2c, 0xc8, 0x05, 0x70, 0xfe, 0x48, 0x61,
170 0xd3, 0xea, 0x57, 0x66, 0xa9, 0x66, 0x2f, 0x4a,
171 0x35, 0xc9, 0x88, 0x86, 0x28, 0x52, 0xe3, 0x64,
172 0x5e, 0xf9, 0x28, 0x53, 0x8a, 0x3a, 0x92, 0x92,
173 0x40, 0x8c, 0x89, 0x17, 0x59, 0xd0, 0xd0, 0x82,
174 },
175 .export_len = 64,
176 },
177 {
178 /* Valid export, zero length context - 32 bytes. */
179 .tls_version = TLS1_2_VERSION,
180 .cipher_id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
181 .label = "EXPERIMENTAL testing",
182 .label_len = 20,
183 .context_value_len = 0,
184 .use_context = 1,
185 .client_random = {
186 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
187 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
188 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
189 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
190 },
191 .server_random = {
192 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
193 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
194 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
195 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
196 },
197 .master_key = {
198 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
199 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
200 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
201 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
202 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
203 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
204 },
205 .export = {
206 0xdb, 0xc9, 0xdf, 0x7c, 0x04, 0x39, 0xdd, 0x23,
207 0xc3, 0x68, 0xdc, 0xf3, 0x04, 0xcf, 0x4c, 0x4d,
208 0x86, 0x5b, 0xe6, 0x48, 0xc5, 0x6d, 0xe5, 0x1e,
209 0xea, 0xc5, 0xe4, 0x00, 0x27, 0x72, 0xda, 0xb6,
210 },
211 .export_len = 32,
212 },
213 {
214 /* Valid export, zero length context - 32 bytes. */
215 .tls_version = TLS1_3_VERSION,
216 .label = "EXPERIMENTAL testing",
217 .label_len = 20,
218 .context_value_len = 0,
219 .use_context = 1,
220 .shared_key = {
221 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
222 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
223 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
224 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
225 },
226 .shared_key_len = 32,
227 .export = {
228 0x69, 0xf4, 0xac, 0xec, 0x80, 0x67, 0xac, 0x5c,
229 0xa6, 0x24, 0x47, 0xb1, 0x0f, 0xc8, 0xa1, 0x13,
230 0x3b, 0x91, 0x33, 0x82, 0x97, 0x0a, 0xc0, 0xbf,
231 0xac, 0x6d, 0x6b, 0x34, 0x20, 0xd3, 0x3a, 0x02,
232 },
233 .export_len = 32,
234 },
235 {
236 /* Valid export, with context value - 32 bytes. */
237 .tls_version = TLS1_2_VERSION,
238 .cipher_id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
239 .label = "EXPERIMENTAL testing",
240 .label_len = 20,
241 .context_value = {
242 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
243 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0,
244 },
245 .context_value_len = 16,
246 .use_context = 1,
247 .client_random = {
248 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
249 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
250 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
251 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
252 },
253 .server_random = {
254 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
255 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
256 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
257 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
258 },
259 .master_key = {
260 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
261 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
262 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
263 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
264 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
265 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
266 },
267 .export = {
268 0x0e, 0xb4, 0xd1, 0x3a, 0x0e, 0x24, 0xab, 0x0d,
269 0x4c, 0x48, 0x35, 0x25, 0xf6, 0x4d, 0xa2, 0x9b,
270 0xaa, 0x1d, 0xbc, 0x54, 0x7e, 0xb0, 0x3c, 0x4b,
271 0x07, 0x04, 0x9c, 0x7c, 0x06, 0xa7, 0xea, 0x70,
272 },
273 .export_len = 32,
274 },
275 {
276 /* Valid export, with context value - 32 bytes. */
277 .tls_version = TLS1_3_VERSION,
278 .label = "EXPERIMENTAL testing",
279 .label_len = 20,
280 .context_value = {
281 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
282 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0,
283 },
284 .context_value_len = 16,
285 .use_context = 1,
286 .shared_key = {
287 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
288 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
289 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
290 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
291 },
292 .shared_key_len = 32,
293 .export = {
294 0x34, 0xb8, 0x00, 0x6a, 0xb2, 0x62, 0xab, 0xea,
295 0xc7, 0x2b, 0x15, 0xa0, 0x85, 0xda, 0xaa, 0xa5,
296 0x12, 0x85, 0xbf, 0x4a, 0xa4, 0x71, 0x42, 0xc8,
297 0xd4, 0xa6, 0x66, 0x18, 0xc6, 0xc9, 0x26, 0x6f,
298 },
299 .export_len = 32,
300 },
301 {
302 /* Valid export, with different label - 32 bytes. */
303 .tls_version = TLS1_2_VERSION,
304 .cipher_id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
305 .label = "EXPERIMENTAL more testing",
306 .label_len = 20,
307 .context_value = {
308 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
309 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0,
310 },
311 .context_value_len = 16,
312 .use_context = 1,
313 .client_random = {
314 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
315 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
316 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
317 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
318 },
319 .server_random = {
320 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
321 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
322 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
323 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
324 },
325 .master_key = {
326 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
327 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
328 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
329 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
330 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
331 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
332 },
333 .export = {
334 0xb0, 0xb6, 0x45, 0xdd, 0x30, 0x76, 0xf0, 0x57,
335 0x22, 0x31, 0xbb, 0x8d, 0xe1, 0xf9, 0xe3, 0xed,
336 0xae, 0x74, 0x6f, 0x40, 0x94, 0xf6, 0xc2, 0xfc,
337 0x21, 0xff, 0xf7, 0x00, 0x86, 0x54, 0xb6, 0x06,
338 },
339 .export_len = 32,
340 },
341 {
342 /* Valid export, with different label - 32 bytes. */
343 .tls_version = TLS1_3_VERSION,
344 .label = "EXPERIMENTAL more testing",
345 .label_len = 20,
346 .context_value = {
347 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8,
348 0xf7, 0xf6, 0xf5, 0xf4, 0xf3, 0xf2, 0xf1, 0xf0,
349 },
350 .context_value_len = 16,
351 .use_context = 1,
352 .shared_key = {
353 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
354 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
355 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
356 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
357 },
358 .shared_key_len = 32,
359 .export = {
360 0x18, 0x4e, 0x65, 0x3c, 0x91, 0x5d, 0x6a, 0xc3,
361 0x25, 0x38, 0xbe, 0x6e, 0xca, 0x12, 0x54, 0x76,
362 0x5a, 0x84, 0xf7, 0x19, 0x44, 0x78, 0xec, 0xc0,
363 0x83, 0xf6, 0x22, 0xb8, 0x86, 0x31, 0xe9, 0x2e,
364 },
365 .export_len = 32,
366 },
367 {
368 /* Invalid - illegal label. */
369 .tls_version = TLS1_2_VERSION,
370 .cipher_id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
371 .label = TLS_MD_CLIENT_FINISH_CONST,
372 .label_len = TLS_MD_CLIENT_FINISH_CONST_SIZE,
373 .use_context = 0,
374 .client_random = {
375 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
376 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
377 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
378 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
379 },
380 .server_random = {
381 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
382 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
383 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
384 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
385 },
386 .master_key = {
387 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
388 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
389 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
390 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
391 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
392 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
393 },
394 .export_len = 32,
395 .want_error = SSL_R_TLS_ILLEGAL_EXPORTER_LABEL,
396 },
397 {
398 /* Invalid - illegal label. */
399 .tls_version = TLS1_2_VERSION,
400 .cipher_id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
401 .label = TLS_MD_SERVER_FINISH_CONST,
402 .label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
403 .use_context = 0,
404 .client_random = {
405 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
406 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
407 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
408 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
409 },
410 .server_random = {
411 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
412 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
413 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
414 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
415 },
416 .master_key = {
417 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
418 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
419 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
420 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
421 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
422 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
423 },
424 .export_len = 32,
425 .want_error = SSL_R_TLS_ILLEGAL_EXPORTER_LABEL,
426 },
427 {
428 /* Invalid - illegal label. */
429 .tls_version = TLS1_2_VERSION,
430 .cipher_id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
431 .label = TLS_MD_KEY_EXPANSION_CONST,
432 .label_len = TLS_MD_KEY_EXPANSION_CONST_SIZE,
433 .use_context = 0,
434 .client_random = {
435 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
436 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
437 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
438 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
439 },
440 .server_random = {
441 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
442 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
443 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
444 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
445 },
446 .master_key = {
447 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
448 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
449 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
450 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
451 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
452 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
453 },
454 .export_len = 32,
455 .want_error = SSL_R_TLS_ILLEGAL_EXPORTER_LABEL,
456 },
457 {
458 /* Invalid - illegal label. */
459 .tls_version = TLS1_2_VERSION,
460 .cipher_id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
461 .label = TLS_MD_MASTER_SECRET_CONST,
462 .label_len = TLS_MD_MASTER_SECRET_CONST_SIZE,
463 .use_context = 0,
464 .client_random = {
465 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
466 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
467 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
468 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
469 },
470 .server_random = {
471 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
472 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
473 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
474 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
475 },
476 .master_key = {
477 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
478 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
479 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
480 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
481 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
482 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
483 },
484 .export_len = 32,
485 .want_error = SSL_R_TLS_ILLEGAL_EXPORTER_LABEL,
486 },
487 {
488 /* Invalid - illegal label, split over label and seed. */
489 .tls_version = TLS1_2_VERSION,
490 .cipher_id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
491 .label = "master ",
492 .label_len = 7,
493 .use_context = 0,
494 .client_random = {
495 's', 'e', 'c', 'r', 'e', 't', 0x06, 0x07,
496 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
497 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
498 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
499 },
500 .server_random = {
501 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
502 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
503 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
504 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
505 },
506 .master_key = {
507 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
508 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
509 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
510 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
511 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
512 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
513 },
514 .export = {
515 0x40, 0x70, 0xba, 0xfa, 0xba, 0x44, 0x74, 0x93,
516 0xa2, 0x43, 0x18, 0x07, 0xa4, 0x4f, 0x3f, 0xda,
517 0x88, 0x7b, 0x0e, 0x79, 0x70, 0xcf, 0xdb, 0x91,
518 0xfc, 0x3f, 0x96, 0x78, 0x6b, 0x50, 0xe3, 0xa6,
519 },
520 .export_len = 32,
521 .want_error = SSL_R_TLS_ILLEGAL_EXPORTER_LABEL,
522 },
523};
524
525#define N_EXPORTER_TESTS (sizeof(exporter_tests) / sizeof(exporter_tests[0]))
526
527static int
528exporter_test(size_t test_no, const struct exporter_test *et)
529{
530 struct tls13_secret tls13_context = { .data = "", .len = 0 };
531 struct tls13_ctx *tls13_ctx;
532 struct tls13_secrets *tls13_secrets;
533 SSL_SESSION *ssl_session = NULL;
534 SSL_CTX *ssl_ctx = NULL;
535 SSL *ssl = NULL;
536 uint8_t export[256];
537 int err, ret;
538 int failed = 1;
539
540 memset(export, 0, sizeof(export));
541
542 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) {
543 fprintf(stderr, "FAIL: SSL_CTX_new\n");
544 goto failure;
545 }
546 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
547 fprintf(stderr, "FAIL: SSL_new\n");
548 goto failure;
549 }
550 if ((ssl_session = SSL_SESSION_new()) == NULL) {
551 fprintf(stderr, "FAIL: SSL_SESSION_new\n");
552 goto failure;
553 }
554
555 ssl_session->ssl_version = et->tls_version;
556
557 if (!SSL_set_session(ssl, ssl_session)) {
558 fprintf(stderr, "FAIL: SSL_set_session\n");
559 goto failure;
560 }
561
562 memcpy(ssl_session->master_key, et->master_key,
563 sizeof(ssl_session->master_key));
564 memcpy(ssl->s3->client_random, et->client_random,
565 sizeof(ssl->s3->client_random));
566 memcpy(ssl->s3->server_random, et->server_random,
567 sizeof(ssl->s3->server_random));
568
569 if (et->tls_version >= TLS1_3_VERSION) {
570 if ((tls13_ctx = tls13_ctx_new(TLS13_HS_CLIENT, ssl)) == NULL) {
571 fprintf(stderr, "FAIL: tls13_ctx_new\n");
572 goto failure;
573 }
574 ssl->tls13 = tls13_ctx;
575
576 if ((tls13_secrets = tls13_secrets_create(EVP_sha384(),
577 0)) == NULL) {
578 fprintf(stderr, "FAIL: tls13_secrets_create\n");
579 goto failure;
580 }
581 ssl->s3->hs.tls13.secrets = tls13_secrets;
582
583 if (!tls13_derive_early_secrets(tls13_secrets,
584 tls13_secrets->zeros.data, tls13_secrets->zeros.len,
585 &tls13_context)) {
586 fprintf(stderr, "FAIL: tls13_derive_early_secrets\n");
587 goto failure;
588 }
589 if (!tls13_derive_handshake_secrets(tls13_secrets, et->shared_key,
590 et->shared_key_len, &tls13_context)) {
591 fprintf(stderr, "FAIL: tls13_derive_handshake_secrets\n");
592 goto failure;
593 }
594 if (!tls13_derive_application_secrets(tls13_secrets,
595 &tls13_context)) {
596 fprintf(stderr, "FAIL: tls13_derive_early_secrets\n");
597 goto failure;
598 }
599
600 tls13_ctx->handshake_completed = 1;
601 }
602
603 ssl->s3->hs.state = SSL_ST_OK;
604 ssl->s3->hs.negotiated_tls_version = et->tls_version;
605 ssl->s3->hs.cipher = SSL_CIPHER_get_by_id(et->cipher_id);
606
607 ret = SSL_export_keying_material(ssl, export, et->export_len, et->label,
608 et->label_len, et->context_value, et->context_value_len,
609 et->use_context);
610
611 if (et->want_error != 0) {
612 if (ret) {
613 fprintf(stderr, "FAIL: test %zu - "
614 "SSL_export_keying_material() succeeded, want "
615 "error\n", test_no);
616 goto failure;
617 }
618
619 err = ERR_peek_error();
620 if (ERR_GET_REASON(err) != et->want_error) {
621 fprintf(stderr, "FAIL: %zu - got error reason %d, "
622 "want %d\n", test_no, ERR_GET_REASON(err),
623 et->want_error);
624 goto failure;
625 }
626 } else {
627 if (!ret) {
628 fprintf(stderr, "FAIL: test %zu - "
629 "SSL_export_keying_material() failed\n", test_no);
630 ERR_print_errors_fp(stderr);
631 goto failure;
632 }
633
634 if (memcmp(et->export, export, et->export_len) != 0) {
635 fprintf(stderr, "FAIL: test %zu\n", test_no);
636 fprintf(stderr, "Got export:\n");
637 hexdump(export, et->export_len);
638 fprintf(stderr, "Want export:\n");
639 hexdump(et->export, et->export_len);
640 goto failure;
641 }
642 }
643
644 failed = 0;
645
646 failure:
647 SSL_SESSION_free(ssl_session);
648 SSL_CTX_free(ssl_ctx);
649 SSL_free(ssl);
650
651 return failed;
652}
653
654int
655main(int argc, char **argv)
656{
657 int failed = 0;
658 size_t i;
659
660 for (i = 0; i < N_EXPORTER_TESTS; i++)
661 failed |= exporter_test(i, &exporter_tests[i]);
662
663 return (failed);
664}
diff --git a/src/regress/lib/libssl/handshake/Makefile b/src/regress/lib/libssl/handshake/Makefile
deleted file mode 100644
index 77e128929f..0000000000
--- a/src/regress/lib/libssl/handshake/Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
1# $OpenBSD: Makefile,v 1.10 2022/12/02 01:09:04 tb Exp $
2
3PROGS += handshake_table
4PROGS += valid_handshakes_terminate
5
6LDADD = ${SSL_INT} -lcrypto
7DPADD = ${LIBCRYPTO} ${LIBSSL}
8WARNINGS = Yes
9CFLAGS += -DLIBRESSL_INTERNAL -Wundef -Werror
10CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
11
12print: handshake_table
13 @./handshake_table -C
14
15handshake.gv: handshake_table
16 ./handshake_table -g > $@.tmp
17 mv $@.tmp $@
18
19CLEANFILES += handshake.gv
20
21.for _FMT in png ps svg
22handshake.${_FMT}: handshake.gv
23 @if [ ! -x /usr/local/bin/dot ]; then \
24 echo "pkg_add graphviz to generate png"; \
25 false; \
26 fi
27 dot -T${_FMT} handshake.gv -o $@
28
29CLEANFILES += handshake.${_FMT}
30.endfor
31
32.PHONY: print
33
34.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/handshake/handshake_table.c b/src/regress/lib/libssl/handshake/handshake_table.c
deleted file mode 100644
index 8ebed9a73e..0000000000
--- a/src/regress/lib/libssl/handshake/handshake_table.c
+++ /dev/null
@@ -1,550 +0,0 @@
1/* $OpenBSD: handshake_table.c,v 1.18 2022/12/01 13:49:12 tb Exp $ */
2/*
3 * Copyright (c) 2019 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdint.h>
20#include <stdio.h>
21#include <stdlib.h>
22#include <unistd.h>
23
24#include "tls13_handshake.h"
25
26#define MAX_FLAGS (UINT8_MAX + 1)
27
28/*
29 * From RFC 8446:
30 *
31 * Appendix A. State Machine
32 *
33 * This appendix provides a summary of the legal state transitions for
34 * the client and server handshakes. State names (in all capitals,
35 * e.g., START) have no formal meaning but are provided for ease of
36 * comprehension. Actions which are taken only in certain circumstances
37 * are indicated in []. The notation "K_{send,recv} = foo" means "set
38 * the send/recv key to the given key".
39 *
40 * A.1. Client
41 *
42 * START <----+
43 * Send ClientHello | | Recv HelloRetryRequest
44 * [K_send = early data] | |
45 * v |
46 * / WAIT_SH ----+
47 * | | Recv ServerHello
48 * | | K_recv = handshake
49 * Can | V
50 * send | WAIT_EE
51 * early | | Recv EncryptedExtensions
52 * data | +--------+--------+
53 * | Using | | Using certificate
54 * | PSK | v
55 * | | WAIT_CERT_CR
56 * | | Recv | | Recv CertificateRequest
57 * | | Certificate | v
58 * | | | WAIT_CERT
59 * | | | | Recv Certificate
60 * | | v v
61 * | | WAIT_CV
62 * | | | Recv CertificateVerify
63 * | +> WAIT_FINISHED <+
64 * | | Recv Finished
65 * \ | [Send EndOfEarlyData]
66 * | K_send = handshake
67 * | [Send Certificate [+ CertificateVerify]]
68 * Can send | Send Finished
69 * app data --> | K_send = K_recv = application
70 * after here v
71 * CONNECTED
72 *
73 * Note that with the transitions as shown above, clients may send
74 * alerts that derive from post-ServerHello messages in the clear or
75 * with the early data keys. If clients need to send such alerts, they
76 * SHOULD first rekey to the handshake keys if possible.
77 *
78 */
79
80struct child {
81 enum tls13_message_type mt;
82 uint8_t flag;
83 uint8_t forced;
84 uint8_t illegal;
85};
86
87static struct child stateinfo[][TLS13_NUM_MESSAGE_TYPES] = {
88 [CLIENT_HELLO] = {
89 {
90 .mt = SERVER_HELLO_RETRY_REQUEST,
91 },
92 {
93 .mt = SERVER_HELLO,
94 .flag = WITHOUT_HRR,
95 },
96 },
97 [SERVER_HELLO_RETRY_REQUEST] = {
98 {
99 .mt = CLIENT_HELLO_RETRY,
100 },
101 },
102 [CLIENT_HELLO_RETRY] = {
103 {
104 .mt = SERVER_HELLO,
105 },
106 },
107 [SERVER_HELLO] = {
108 {
109 .mt = SERVER_ENCRYPTED_EXTENSIONS,
110 },
111 },
112 [SERVER_ENCRYPTED_EXTENSIONS] = {
113 {
114 .mt = SERVER_CERTIFICATE_REQUEST,
115 },
116 { .mt = SERVER_CERTIFICATE,
117 .flag = WITHOUT_CR,
118 },
119 {
120 .mt = SERVER_FINISHED,
121 .flag = WITH_PSK,
122 },
123 },
124 [SERVER_CERTIFICATE_REQUEST] = {
125 {
126 .mt = SERVER_CERTIFICATE,
127 },
128 },
129 [SERVER_CERTIFICATE] = {
130 {
131 .mt = SERVER_CERTIFICATE_VERIFY,
132 },
133 },
134 [SERVER_CERTIFICATE_VERIFY] = {
135 {
136 .mt = SERVER_FINISHED,
137 },
138 },
139 [SERVER_FINISHED] = {
140 {
141 .mt = CLIENT_FINISHED,
142 .forced = WITHOUT_CR | WITH_PSK,
143 },
144 {
145 .mt = CLIENT_CERTIFICATE,
146 .illegal = WITHOUT_CR | WITH_PSK,
147 },
148 },
149 [CLIENT_CERTIFICATE] = {
150 {
151 .mt = CLIENT_FINISHED,
152 },
153 {
154 .mt = CLIENT_CERTIFICATE_VERIFY,
155 .flag = WITH_CCV,
156 },
157 },
158 [CLIENT_CERTIFICATE_VERIFY] = {
159 {
160 .mt = CLIENT_FINISHED,
161 },
162 },
163 [CLIENT_FINISHED] = {
164 {
165 .mt = APPLICATION_DATA,
166 },
167 },
168 [APPLICATION_DATA] = {
169 {
170 .mt = 0,
171 },
172 },
173};
174
175const size_t stateinfo_count = sizeof(stateinfo) / sizeof(stateinfo[0]);
176
177void build_table(enum tls13_message_type
178 table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES],
179 struct child current, struct child end,
180 struct child path[], uint8_t flags, unsigned int depth);
181size_t count_handshakes(void);
182void edge(enum tls13_message_type start,
183 enum tls13_message_type end, uint8_t flag);
184const char *flag2str(uint8_t flag);
185void flag_label(uint8_t flag);
186void forced_edges(enum tls13_message_type start,
187 enum tls13_message_type end, uint8_t forced);
188int generate_graphics(void);
189void fprint_entry(FILE *stream,
190 enum tls13_message_type path[TLS13_NUM_MESSAGE_TYPES],
191 uint8_t flags);
192void fprint_flags(FILE *stream, uint8_t flags);
193const char *mt2str(enum tls13_message_type mt);
194void usage(void);
195int verify_table(enum tls13_message_type
196 table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES], int print);
197
198const char *
199flag2str(uint8_t flag)
200{
201 const char *ret;
202
203 if (flag & (flag - 1))
204 errx(1, "more than one bit is set");
205
206 switch (flag) {
207 case INITIAL:
208 ret = "INITIAL";
209 break;
210 case NEGOTIATED:
211 ret = "NEGOTIATED";
212 break;
213 case WITHOUT_CR:
214 ret = "WITHOUT_CR";
215 break;
216 case WITHOUT_HRR:
217 ret = "WITHOUT_HRR";
218 break;
219 case WITH_PSK:
220 ret = "WITH_PSK";
221 break;
222 case WITH_CCV:
223 ret = "WITH_CCV";
224 break;
225 case WITH_0RTT:
226 ret = "WITH_0RTT";
227 break;
228 default:
229 ret = "UNKNOWN";
230 }
231
232 return ret;
233}
234
235const char *
236mt2str(enum tls13_message_type mt)
237{
238 const char *ret;
239
240 switch (mt) {
241 case INVALID:
242 ret = "INVALID";
243 break;
244 case CLIENT_HELLO:
245 ret = "CLIENT_HELLO";
246 break;
247 case CLIENT_HELLO_RETRY:
248 ret = "CLIENT_HELLO_RETRY";
249 break;
250 case CLIENT_END_OF_EARLY_DATA:
251 ret = "CLIENT_END_OF_EARLY_DATA";
252 break;
253 case CLIENT_CERTIFICATE:
254 ret = "CLIENT_CERTIFICATE";
255 break;
256 case CLIENT_CERTIFICATE_VERIFY:
257 ret = "CLIENT_CERTIFICATE_VERIFY";
258 break;
259 case CLIENT_FINISHED:
260 ret = "CLIENT_FINISHED";
261 break;
262 case SERVER_HELLO:
263 ret = "SERVER_HELLO";
264 break;
265 case SERVER_HELLO_RETRY_REQUEST:
266 ret = "SERVER_HELLO_RETRY_REQUEST";
267 break;
268 case SERVER_ENCRYPTED_EXTENSIONS:
269 ret = "SERVER_ENCRYPTED_EXTENSIONS";
270 break;
271 case SERVER_CERTIFICATE:
272 ret = "SERVER_CERTIFICATE";
273 break;
274 case SERVER_CERTIFICATE_VERIFY:
275 ret = "SERVER_CERTIFICATE_VERIFY";
276 break;
277 case SERVER_CERTIFICATE_REQUEST:
278 ret = "SERVER_CERTIFICATE_REQUEST";
279 break;
280 case SERVER_FINISHED:
281 ret = "SERVER_FINISHED";
282 break;
283 case APPLICATION_DATA:
284 ret = "APPLICATION_DATA";
285 break;
286 case TLS13_NUM_MESSAGE_TYPES:
287 ret = "TLS13_NUM_MESSAGE_TYPES";
288 break;
289 default:
290 ret = "UNKNOWN";
291 break;
292 }
293
294 return ret;
295}
296
297void
298fprint_flags(FILE *stream, uint8_t flags)
299{
300 int first = 1, i;
301
302 if (flags == 0) {
303 fprintf(stream, "%s", flag2str(flags));
304 return;
305 }
306
307 for (i = 0; i < 8; i++) {
308 uint8_t set = flags & (1U << i);
309
310 if (set) {
311 fprintf(stream, "%s%s", first ? "" : " | ",
312 flag2str(set));
313 first = 0;
314 }
315 }
316}
317
318void
319fprint_entry(FILE *stream,
320 enum tls13_message_type path[TLS13_NUM_MESSAGE_TYPES], uint8_t flags)
321{
322 int i;
323
324 fprintf(stream, "\t[");
325 fprint_flags(stream, flags);
326 fprintf(stream, "] = {\n");
327
328 for (i = 0; i < TLS13_NUM_MESSAGE_TYPES; i++) {
329 if (path[i] == 0)
330 break;
331 fprintf(stream, "\t\t%s,\n", mt2str(path[i]));
332 }
333 fprintf(stream, "\t},\n");
334}
335
336void
337edge(enum tls13_message_type start, enum tls13_message_type end,
338 uint8_t flag)
339{
340 printf("\t%s -> %s", mt2str(start), mt2str(end));
341 flag_label(flag);
342 printf(";\n");
343}
344
345void
346flag_label(uint8_t flag)
347{
348 if (flag)
349 printf(" [label=\"%s\"]", flag2str(flag));
350}
351
352void
353forced_edges(enum tls13_message_type start, enum tls13_message_type end,
354 uint8_t forced)
355{
356 uint8_t forced_flag, i;
357
358 if (forced == 0)
359 return;
360
361 for (i = 0; i < 8; i++) {
362 forced_flag = forced & (1U << i);
363 if (forced_flag)
364 edge(start, end, forced_flag);
365 }
366}
367
368int
369generate_graphics(void)
370{
371 enum tls13_message_type start, end;
372 unsigned int child;
373 uint8_t flag;
374 uint8_t forced;
375
376 printf("digraph G {\n");
377 printf("\t%s [shape=box];\n", mt2str(CLIENT_HELLO));
378 printf("\t%s [shape=box];\n", mt2str(APPLICATION_DATA));
379
380 for (start = CLIENT_HELLO; start < APPLICATION_DATA; start++) {
381 for (child = 0; stateinfo[start][child].mt != 0; child++) {
382 end = stateinfo[start][child].mt;
383 flag = stateinfo[start][child].flag;
384 forced = stateinfo[start][child].forced;
385
386 if (forced == 0)
387 edge(start, end, flag);
388 else
389 forced_edges(start, end, forced);
390 }
391 }
392
393 printf("}\n");
394 return 0;
395}
396
397extern enum tls13_message_type handshakes[][TLS13_NUM_MESSAGE_TYPES];
398extern size_t handshake_count;
399
400size_t
401count_handshakes(void)
402{
403 size_t ret = 0, i;
404
405 for (i = 0; i < handshake_count; i++) {
406 if (handshakes[i][0] != INVALID)
407 ret++;
408 }
409
410 return ret;
411}
412
413void
414build_table(enum tls13_message_type table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES],
415 struct child current, struct child end, struct child path[], uint8_t flags,
416 unsigned int depth)
417{
418 unsigned int i;
419
420 if (depth >= TLS13_NUM_MESSAGE_TYPES - 1)
421 errx(1, "recursed too deeply");
422
423 /* Record current node. */
424 path[depth++] = current;
425 flags |= current.flag;
426
427 /* If we haven't reached the end, recurse over the children. */
428 if (current.mt != end.mt) {
429 for (i = 0; stateinfo[current.mt][i].mt != 0; i++) {
430 struct child child = stateinfo[current.mt][i];
431 int forced = stateinfo[current.mt][i].forced;
432 int illegal = stateinfo[current.mt][i].illegal;
433
434 if ((forced == 0 || (forced & flags)) &&
435 (illegal == 0 || !(illegal & flags)))
436 build_table(table, child, end, path, flags,
437 depth);
438 }
439 return;
440 }
441
442 if (flags == 0)
443 errx(1, "path does not set flags");
444
445 if (table[flags][0] != 0)
446 errx(1, "path traversed twice");
447
448 for (i = 0; i < depth; i++)
449 table[flags][i] = path[i].mt;
450}
451
452int
453verify_table(enum tls13_message_type table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES],
454 int print)
455{
456 int success = 1, i;
457 size_t num_valid, num_found = 0;
458 uint8_t flags = 0;
459
460 do {
461 if (table[flags][0] == 0)
462 continue;
463
464 num_found++;
465
466 for (i = 0; i < TLS13_NUM_MESSAGE_TYPES; i++) {
467 if (table[flags][i] != handshakes[flags][i]) {
468 fprintf(stderr,
469 "incorrect entry %d of handshake ", i);
470 fprint_flags(stderr, flags);
471 fprintf(stderr, "\n");
472 success = 0;
473 }
474 }
475
476 if (print)
477 fprint_entry(stdout, table[flags], flags);
478 } while(++flags != 0);
479
480 num_valid = count_handshakes();
481 if (num_valid != num_found) {
482 fprintf(stderr,
483 "incorrect number of handshakes: want %zu, got %zu.\n",
484 num_valid, num_found);
485 success = 0;
486 }
487
488 return success;
489}
490
491void
492usage(void)
493{
494 fprintf(stderr, "usage: handshake_table [-C | -g]\n");
495 exit(1);
496}
497
498int
499main(int argc, char *argv[])
500{
501 static enum tls13_message_type
502 hs_table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES] = {
503 [INITIAL] = {
504 CLIENT_HELLO,
505 SERVER_HELLO_RETRY_REQUEST,
506 CLIENT_HELLO_RETRY,
507 SERVER_HELLO,
508 },
509 };
510 struct child start = {
511 .mt = CLIENT_HELLO,
512 };
513 struct child end = {
514 .mt = APPLICATION_DATA,
515 };
516 struct child path[TLS13_NUM_MESSAGE_TYPES] = {{0}};
517 uint8_t flags = NEGOTIATED;
518 unsigned int depth = 0;
519 int ch, graphviz = 0, print = 0;
520
521 while ((ch = getopt(argc, argv, "Cg")) != -1) {
522 switch (ch) {
523 case 'C':
524 print = 1;
525 break;
526 case 'g':
527 graphviz = 1;
528 break;
529 default:
530 usage();
531 }
532 }
533 argc -= optind;
534 argv += optind;
535
536 if (argc != 0)
537 usage();
538
539 if (graphviz && print)
540 usage();
541
542 if (graphviz)
543 return generate_graphics();
544
545 build_table(hs_table, start, end, path, flags, depth);
546 if (!verify_table(hs_table, print))
547 return 1;
548
549 return 0;
550}
diff --git a/src/regress/lib/libssl/handshake/valid_handshakes_terminate.c b/src/regress/lib/libssl/handshake/valid_handshakes_terminate.c
deleted file mode 100644
index 286b860a7d..0000000000
--- a/src/regress/lib/libssl/handshake/valid_handshakes_terminate.c
+++ /dev/null
@@ -1,54 +0,0 @@
1/* $OpenBSD: valid_handshakes_terminate.c,v 1.4 2022/12/01 13:49:12 tb Exp $ */
2/*
3 * Copyright (c) 2019 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdio.h>
20
21#include "tls13_handshake.c"
22
23int
24main(int argc, char *argv[])
25{
26 size_t i, j;
27 int terminates;
28 int fail = 0;
29
30 for (i = 1; i < handshake_count; i++) {
31 enum tls13_message_type mt = handshakes[i][0];
32
33 if (mt == INVALID)
34 continue;
35
36 terminates = 0;
37
38 for (j = 0; j < TLS13_NUM_MESSAGE_TYPES; j++) {
39 mt = handshakes[i][j];
40 if (state_machine[mt].handshake_complete) {
41 terminates = 1;
42 break;
43 }
44 }
45
46 if (!terminates) {
47 fail = 1;
48 printf("FAIL: handshake_complete never true in "
49 "handshake %zu\n", i);
50 }
51 }
52
53 return fail;
54}
diff --git a/src/regress/lib/libssl/interop/LICENSE b/src/regress/lib/libssl/interop/LICENSE
deleted file mode 100644
index 838e7f45cc..0000000000
--- a/src/regress/lib/libssl/interop/LICENSE
+++ /dev/null
@@ -1,15 +0,0 @@
1/*
2 * Copyright (c) 2018-2019 Alexander Bluhm <bluhm@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
diff --git a/src/regress/lib/libssl/interop/Makefile b/src/regress/lib/libssl/interop/Makefile
deleted file mode 100644
index 72dc87b5c2..0000000000
--- a/src/regress/lib/libssl/interop/Makefile
+++ /dev/null
@@ -1,19 +0,0 @@
1# $OpenBSD: Makefile,v 1.17 2023/02/01 14:39:09 tb Exp $
2
3SUBDIR = libressl openssl11 openssl30
4
5# the above binaries must have been built before we can continue
6SUBDIR += netcat
7SUBDIR += session
8SUBDIR += botan
9
10# What is below takes a long time.
11# setting REGRESS_SKIP_SLOW to "yes" in mk.conf
12# will skip the tests that do not test libressl
13# but do things like test openssl11 to openssl30
14SUBDIR += version
15SUBDIR += cipher
16# This takes a really long time.
17SUBDIR += cert
18
19.include <bsd.subdir.mk>
diff --git a/src/regress/lib/libssl/interop/Makefile.inc b/src/regress/lib/libssl/interop/Makefile.inc
deleted file mode 100644
index ed5fe26147..0000000000
--- a/src/regress/lib/libssl/interop/Makefile.inc
+++ /dev/null
@@ -1,90 +0,0 @@
1# $OpenBSD: Makefile.inc,v 1.8 2020/12/17 00:51:11 bluhm Exp $
2
3.PATH: ${.CURDIR}/..
4
5SRCS_client ?= client.c util.c
6SRCS_server ?= server.c util.c
7WARNINGS = yes
8CLEANFILES += *.out *.fstat
9
10.for p in ${PROGS}
11ldd-$p.out: $p
12 # programs must be linked with correct libraries
13 LD_LIBRARY_PATH=${LD_LIBRARY_PATH} ldd $p >$@
14.endfor
15
16client-self.out server-self.out: run-self-client-server
17
18run-self-client-server: client server 127.0.0.1.crt
19 # check that tls client and server work together
20 LD_LIBRARY_PATH=${LD_LIBRARY_PATH} \
21 ./server >server-self.out \
22 127.0.0.1 0
23 LD_LIBRARY_PATH=${LD_LIBRARY_PATH} \
24 ./client >client-self.out \
25 `sed -n 's/listen sock: //p' server-self.out`
26 # check that the client run successfully to the end
27 grep -q '^success$$' client-self.out
28 # client must have read server greeting
29 grep -q '^<<< greeting$$' client-self.out
30 # check that the server child run successfully to the end
31 grep -q '^success$$' server-self.out
32 # server must have read client hello
33 grep -q '^<<< hello$$' server-self.out
34
35# create certificates for TLS
36
37CLEANFILES += 127.0.0.1.{crt,key} \
38 ca.{crt,key,srl} fake-ca.{crt,key} \
39 {client,server}.{req,crt,key} \
40 {dsa,ec,gost,rsa}.{key,req,crt} \
41 dh.param
42
43127.0.0.1.crt:
44 openssl req -batch -new \
45 -subj /L=OpenBSD/O=tls-regress/OU=server/CN=${@:R}/ \
46 -nodes -newkey rsa -keyout ${@:R}.key -x509 -out $@
47
48ca.crt fake-ca.crt:
49 openssl req -batch -new \
50 -subj /L=OpenBSD/O=tls-regress/OU=ca/CN=root/ \
51 -nodes -newkey rsa -keyout ${@:R}.key -x509 -out $@
52
53client.req server.req:
54 openssl req -batch -new \
55 -subj /L=OpenBSD/O=tls-regress/OU=${@:R}/CN=localhost/ \
56 -nodes -newkey rsa -keyout ${@:R}.key -out $@
57
58client.crt server.crt: ca.crt ${@:R}.req
59 openssl x509 -CAcreateserial -CAkey ca.key -CA ca.crt \
60 -req -in ${@:R}.req -out $@
61
62dh.param:
63 openssl dhparam -out $@ 1024
64
65dsa.key:
66 openssl dsaparam -genkey -out $@ 2048
67
68ec.key:
69 openssl ecparam -genkey -name secp256r1 -out $@
70
71gost.key:
72 openssl genpkey -algorithm gost2001 \
73 -pkeyopt paramset:A -pkeyopt dgst:md_gost94 -out $@
74
75rsa.key:
76 openssl genrsa -out $@ 2048
77
78dsa.req ec.req rsa.req: ${@:R}.key
79 openssl req -batch -new \
80 -subj /L=OpenBSD/O=tls-regress/OU=${@:R}/CN=localhost/ \
81 -nodes -key ${@:R}.key -out $@
82
83gost.req: ${@:R}.key
84 openssl req -batch -new -md_gost94 \
85 -subj /L=OpenBSD/O=tls-regress/OU=${@:R}/CN=localhost/ \
86 -nodes -key ${@:R}.key -out $@
87
88dsa.crt ec.crt gost.crt rsa.crt: ca.crt ${@:R}.req
89 openssl x509 -CAcreateserial -CAkey ca.key -CA ca.crt \
90 -req -in ${@:R}.req -out $@
diff --git a/src/regress/lib/libssl/interop/README b/src/regress/lib/libssl/interop/README
deleted file mode 100644
index 091e63f6fc..0000000000
--- a/src/regress/lib/libssl/interop/README
+++ /dev/null
@@ -1,18 +0,0 @@
1Test TLS interoperability between LibreSSL and OpenSSL.
2
3Implement simple SSL client and server in C. Create six binaries
4by linking them with LibreSSL or OpenSSL 1.1 or OpenSSL 3.0. This
5way API compatibility is tested.
6
7To self test each SSL library, connect client with server. Check
8that the highest available TLS version is selected. LibreSSL TLS
91.3 check has to be enabled when the feature becomes available.
10
11Connect and accept with netcat to test protocol compatibility with
12libtls. Test TLS session reuse multiple times with different library
13combinations. The cert subdir is testing all combinations of
14certificate validation. Having the three libraries, client and
15server certificates, missing or invalid CA or certificates, and
16enforcing peer certificate results in 1944 test cases. The cipher
17test establishes connections between implementations for each
18supported cipher.
diff --git a/src/regress/lib/libssl/interop/botan/Makefile b/src/regress/lib/libssl/interop/botan/Makefile
deleted file mode 100644
index 23f8a07bf4..0000000000
--- a/src/regress/lib/libssl/interop/botan/Makefile
+++ /dev/null
@@ -1,84 +0,0 @@
1# $OpenBSD: Makefile,v 1.6 2023/02/01 15:58:20 tb Exp $
2
3.include <bsd.own.mk>
4
5.if ! exists(/usr/local/bin/botan)
6regress:
7 # install botan2 from ports for interop tests
8 @echo 'Run "pkg_add botan2" to run tests against Botan 2'
9 @echo SKIPPED
10.elif (${COMPILER_VERSION:L} != "clang" && ! exists(/usr/local/bin/eg++))
11regress:
12 # on gcc-archs install g++ from ports for botan2 interop tests
13 @echo 'Run "pkg_add g++" to run tests against Botan 2 on GCC architectures'
14 @echo SKIPPED
15.else
16
17# C++11
18.if ${COMPILER_VERSION:L} != "clang" && ${CXX} == "c++"
19CXX = /usr/local/bin/eg++
20.endif
21
22LIBRARIES = libressl
23.if exists(/usr/local/bin/eopenssl11)
24LIBRARIES += openssl11
25.endif
26.if exists(/usr/local/bin/eopenssl30)
27LIBRARIES += openssl30
28.endif
29
30PROGS = client
31SRCS_client = client.cpp
32CXXFLAGS = -I/usr/local/include/botan-2 -Wall
33LDFLAGS = -L/usr/local/lib
34LDADD = -lbotan-2
35DPADD = /usr/local/lib/libbotan-2.a
36
37.for lib in ${LIBRARIES}
38
39REGRESS_TARGETS += run-client-botan-server-${lib}
40
41run-client-botan-server-${lib}: client server.crt
42 LD_LIBRARY_PATH=/usr/local/lib/e${lib} \
43 ../${lib}/server >server-${lib}.out \
44 -c server.crt -k server.key \
45 127.0.0.1 0
46 ./client >client-botan.out \
47 -C ca.crt \
48 127.0.0.1 \
49 `sed -n 's/listen sock: 127.0.0.1 //p' server-${lib}.out`
50 # check that the server child run successfully to the end
51 grep -q '^success$$' server-${lib}.out || \
52 { sleep 1; grep -q '^success$$' server-${lib}.out; }
53 # server must have read client hello
54 grep -q '^<<< hello$$' server-${lib}.out
55 # check that the client run successfully to the end
56 grep -q '^success$$' client-botan.out
57 # client must have read server greeting
58 grep -q '^<<< greeting$$' client-botan.out
59 # currently botan supports TLS 1.2, adapt later
60 grep -q ' Protocol *: TLSv1.2$$' server-${lib}.out
61
62.endfor
63
64server.key ca.key:
65 /usr/local/bin/botan keygen >$@.tmp
66 mv $@.tmp $@
67
68ca.crt: ${@:R}.key
69 /usr/local/bin/botan gen_self_signed ${@:R}.key ${@:R} >$@.tmp \
70 --organization=tls-regress --ca
71 mv $@.tmp $@
72
73server.req: ${@:R}.key
74 /usr/local/bin/botan gen_pkcs10 ${@:R}.key localhost >$@.tmp \
75 --organization=tls-regress --dns=127.0.0.1
76 mv $@.tmp $@
77
78server.crt: ca.crt ${@:R}.req
79 /usr/local/bin/botan sign_cert ca.crt ca.key ${@:R}.req >$@.tmp
80 mv $@.tmp $@
81
82.endif # exists(/usr/local/bin/botan)
83
84.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/botan/client.cpp b/src/regress/lib/libssl/interop/botan/client.cpp
deleted file mode 100644
index 2352d7bba2..0000000000
--- a/src/regress/lib/libssl/interop/botan/client.cpp
+++ /dev/null
@@ -1,228 +0,0 @@
1/* $OpenBSD: client.cpp,v 1.1 2020/09/15 01:45:16 bluhm Exp $ */
2/*
3 * Copyright (c) 2019-2020 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <sys/types.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <netdb.h>
23#include <unistd.h>
24
25#include <botan/tls_client.h>
26#include <botan/tls_callbacks.h>
27#include <botan/tls_session_manager.h>
28#include <botan/tls_policy.h>
29#include <botan/auto_rng.h>
30#include <botan/certstor.h>
31
32#include <iostream>
33#include <string>
34using namespace std;
35
36class Callbacks : public Botan::TLS::Callbacks {
37public:
38 Callbacks(int socket) :
39 m_socket(socket)
40 {}
41
42 void print_sockname()
43 {
44 struct sockaddr_storage ss;
45 char host[NI_MAXHOST], port[NI_MAXSERV];
46 socklen_t slen;
47
48 slen = sizeof(ss);
49 if (getsockname(m_socket, (struct sockaddr *)&ss, &slen) == -1)
50 err(1, "getsockname");
51 if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host,
52 sizeof(host), port, sizeof(port),
53 NI_NUMERICHOST | NI_NUMERICSERV))
54 errx(1, "getnameinfo");
55 cout <<"sock: " <<host <<" " <<port <<endl <<flush;
56 }
57
58 void print_peername()
59 {
60 struct sockaddr_storage ss;
61 char host[NI_MAXHOST], port[NI_MAXSERV];
62 socklen_t slen;
63
64 slen = sizeof(ss);
65 if (getpeername(m_socket, (struct sockaddr *)&ss, &slen) == -1)
66 err(1, "getpeername");
67 if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host,
68 sizeof(host), port, sizeof(port),
69 NI_NUMERICHOST | NI_NUMERICSERV))
70 errx(1, "getnameinfo");
71 cout <<"peer: " <<host <<" " <<port <<endl <<flush;
72 }
73
74 void tls_emit_data(const uint8_t data[], size_t size) override
75 {
76 size_t off = 0, len = size;
77
78 while (len > 0) {
79 ssize_t n;
80
81 n = send(m_socket, data + off, len, 0);
82 if (n < 0)
83 err(1, "send");
84 off += n;
85 len -= n;
86 }
87 }
88
89 void tls_record_received(uint64_t seq_no, const uint8_t data[],
90 size_t size) override
91 {
92 cout <<"<<< " <<string((const char *)data, size) <<flush;
93
94 string str("hello\n");
95 cout <<">>> " <<str <<flush;
96 m_channel->send(str);
97 m_channel->close();
98 }
99
100 void tls_alert(Botan::TLS::Alert alert) override
101 {
102 errx(1, "alert: %s", alert.type_string().c_str());
103 }
104
105 bool tls_session_established(const Botan::TLS::Session& session)
106 override
107 {
108 cout <<"established" <<endl <<flush;
109 return false;
110 }
111
112 void set_channel(Botan::TLS::Channel &channel) {
113 m_channel = &channel;
114 }
115
116protected:
117 int m_socket = -1;
118 Botan::TLS::Channel *m_channel = nullptr;
119};
120
121class Credentials : public Botan::Credentials_Manager {
122public:
123 std::vector<Botan::Certificate_Store*> trusted_certificate_authorities(
124 const std::string &type, const std::string &context)
125 override
126 {
127 std::vector<Botan::Certificate_Store*> cs { &m_ca };
128 return cs;
129 }
130
131 void add_certificate_file(const std::string &file) {
132 Botan::X509_Certificate cert(file);
133 m_ca.add_certificate(cert);
134 }
135private:
136 Botan::Certificate_Store_In_Memory m_ca;
137};
138
139class Policy : public Botan::TLS::Strict_Policy {
140public:
141 bool require_cert_revocation_info() const override {
142 return false;
143 }
144};
145
146void __dead
147usage(void)
148{
149 fprintf(stderr, "usage: client [-C CA] host port\n");
150 exit(2);
151}
152
153int
154main(int argc, char *argv[])
155{
156 struct addrinfo hints, *res;
157 int ch, s, error;
158 char buf[256];
159 char *cafile = NULL;
160 char *host, *port;
161
162 while ((ch = getopt(argc, argv, "C:")) != -1) {
163 switch (ch) {
164 case 'C':
165 cafile = optarg;
166 break;
167 default:
168 usage();
169 }
170 }
171 argc -= optind;
172 argv += optind;
173 if (argc == 2) {
174 host = argv[0];
175 port = argv[1];
176 } else {
177 usage();
178 }
179
180 memset(&hints, 0, sizeof(hints));
181 hints.ai_family = AF_INET;
182 hints.ai_socktype = SOCK_STREAM;
183 error = getaddrinfo(host, port, &hints, &res);
184 if (error)
185 errx(1, "getaddrinfo: %s", gai_strerror(error));
186 if (res == NULL)
187 errx(1, "getaddrinfo empty");
188 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
189 if (s == -1)
190 err(1, "socket");
191 if (connect(s, res->ai_addr, res->ai_addrlen) == -1)
192 err(1, "connect");
193 freeaddrinfo(res);
194
195 {
196 Callbacks callbacks(s);
197 Botan::AutoSeeded_RNG rng;
198 Botan::TLS::Session_Manager_In_Memory session_mgr(rng);
199 Credentials creds;
200 if (cafile != NULL)
201 creds.add_certificate_file(cafile);
202 Policy policy;
203
204 callbacks.print_sockname();
205 callbacks.print_peername();
206 Botan::TLS::Client client(callbacks, session_mgr, creds,
207 policy, rng);
208 callbacks.set_channel(client);
209
210 while (!client.is_closed()) {
211 ssize_t n;
212
213 n = recv(s, buf, sizeof(buf), 0);
214 if (n < 0)
215 err(1, "recv");
216 if (n == 0)
217 errx(1, "eof");
218 client.received_data((uint8_t *)&buf, n);
219 }
220 }
221
222 if (close(s) == -1)
223 err(1, "close");
224
225 cout <<"success" <<endl;
226
227 return 0;
228}
diff --git a/src/regress/lib/libssl/interop/cert/Makefile b/src/regress/lib/libssl/interop/cert/Makefile
deleted file mode 100644
index 47f4422d6e..0000000000
--- a/src/regress/lib/libssl/interop/cert/Makefile
+++ /dev/null
@@ -1,98 +0,0 @@
1# $OpenBSD: Makefile,v 1.10 2023/04/19 15:34:23 tb Exp $
2
3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.1 or 3.0. Create client and server certificates
5# that are signed by a CA and not signed by a fake CA. Try all
6# combinations with, without, and with wrong CA for client and server
7# and check the result of certificate verification.
8
9LIBRARIES = libressl
10.if exists(/usr/local/bin/eopenssl11)
11LIBRARIES += openssl11
12.endif
13.if exists(/usr/local/bin/eopenssl30)
14LIBRARIES += openssl30
15.endif
16
17.for cca in noca ca fakeca
18.for sca in noca ca fakeca
19.for ccert in nocert cert
20.for scert in nocert cert
21.for cv in noverify verify
22.for sv in noverify verify certverify
23
24# remember when certificate verification should fail
25.if (("${cv}" == verify && "${cca}" == ca && "${scert}" == cert) || \
26 "${cv}" == noverify) && \
27 (("${sv}" == verify && "${ccert}" == nocert) || \
28 ("${sv}" == verify && "${sca}" == ca && "${ccert}" == cert) || \
29 ("${sv}" == certverify && "${sca}" == ca && "${ccert}" == cert) || \
30 "${sv}" == noverify)
31FAIL_${cca}_${sca}_${ccert}_${scert}_${cv}_${sv} =
32.else
33FAIL_${cca}_${sca}_${ccert}_${scert}_${cv}_${sv} = !
34.endif
35
36.for clib in ${LIBRARIES}
37.for slib in ${LIBRARIES}
38
39.if ("${clib}" == "libressl" || "${slib}" == "libressl")
40REGRESS_TARGETS += run-cert-client-${clib}-${cca}-${ccert}-${cv}-server-${slib}-${sca}-${scert}-${sv}
41.else
42# Don't use REGRESS_SLOW_TARGETS since its handling in bsd.regress.mk is slow.
43SLOW_TARGETS += run-cert-client-${clib}-${cca}-${ccert}-${cv}-server-${slib}-${sca}-${scert}-${sv}
44.endif
45
46run-cert-client-${clib}-${cca}-${ccert}-${cv}-server-${slib}-${sca}-${scert}-${sv}: \
47 127.0.0.1.crt ca.crt fake-ca.crt client.crt server.crt \
48 ../${clib}/client ../${slib}/server
49 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
50 ../${slib}/server >${@:S/^run/server/}.out \
51 ${sca:S/^noca//:S/^fakeca/-C fake-ca.crt/:S/^ca/-C ca.crt/} \
52 ${scert:S/^nocert//:S/^cert/-c server.crt -k server.key/} \
53 ${sv:S/^noverify//:S/^verify/-v/:S/^certverify/-vv/} \
54 127.0.0.1 0
55 ${FAIL_${cca}_${sca}_${ccert}_${scert}_${cv}_${sv}} \
56 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
57 ../${clib}/client >${@:S/^run/client/}.out \
58 ${cca:S/^noca//:S/^fakeca/-C fake-ca.crt/:S/^ca/-C ca.crt/} \
59 ${ccert:S/^nocert//:S/^cert/-c server.crt -k server.key/} \
60 ${cv:S/^noverify//:S/^verify/-v/} \
61 `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
62.if empty(${FAIL_${cca}_${sca}_${ccert}_${scert}_${cv}_${sv}})
63 grep '^success$$' ${@:S/^run/server/}.out || \
64 { sleep 1; grep '^success$$' ${@:S/^run/server/}.out; }
65 grep '^success$$' ${@:S/^run/client/}.out
66.elif ! ("${sv}" == certverify && "${ccert}" == nocert) || \
67 ("${cv}" == verify && "${scert}" != cert)
68 grep '^verify: fail' ${@:S/^run/client/}.out ${@:S/^run/server/}.out
69.endif
70
71.endfor
72.endfor
73.endfor
74.endfor
75.endfor
76.endfor
77.endfor
78.endfor
79
80.include <bsd.own.mk>
81REGRESS_SKIP_SLOW ?= no
82.if ${REGRESS_SKIP_SLOW:L} != "yes"
83REGRESS_TARGETS += ${SLOW_TARGETS}
84.endif
85
86REGRESS_TARGETS += run-bob
87run-bob:
88 @echo Bob, be happy! Tests finished.
89
90# argument list too long for a single rm *
91
92clean: _SUBDIRUSE
93 rm -f client-*.out
94 rm -f server-*.out
95 rm -f a.out [Ee]rrs mklog *.core y.tab.h \
96 ${PROG} ${PROGS} ${OBJS} ${_LEXINTM} ${_YACCINTM} ${CLEANFILES}
97
98.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/cipher/Makefile b/src/regress/lib/libssl/interop/cipher/Makefile
deleted file mode 100644
index 85d927a92d..0000000000
--- a/src/regress/lib/libssl/interop/cipher/Makefile
+++ /dev/null
@@ -1,172 +0,0 @@
1# $OpenBSD: Makefile,v 1.12 2023/04/19 15:34:23 tb Exp $
2
3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.1 or 3.0. Create lists of supported ciphers
5# and pin client and server to one of the ciphers. Use server
6# certificate with compatible type. Check that client and server
7# have used correct cipher by grepping in their session print out.
8
9run-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl \
10run-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl \
11client-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl.out \
12client-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl.out \
13server-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl.out \
14server-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl.out \
15check-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl \
16check-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl:
17 # gost does not work with libressl TLS 1.3 right now
18 @echo DISABLED
19
20LIBRARIES = libressl
21.if exists(/usr/local/bin/eopenssl11)
22LIBRARIES += openssl11
23.endif
24.if exists(/usr/local/bin/eopenssl30)
25LIBRARIES += openssl30
26.endif
27
28CLEANFILES = *.tmp *.ciphers ciphers.mk
29
30.for clib in ${LIBRARIES}
31client-${clib}.ciphers:
32 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
33 ../${clib}/client -l ALL -L >$@.tmp
34 sed -n 's/^cipher //p' <$@.tmp | sort -u >$@
35 rm $@.tmp
36.endfor
37.for slib in ${LIBRARIES}
38server-${slib}.ciphers: 127.0.0.1.crt dsa.crt ec.crt rsa.crt
39 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
40 ../${slib}/server -l ALL -L >$@.tmp
41 sed -n 's/^cipher //p' <$@.tmp | sort -u >$@
42 rm $@.tmp
43.endfor
44
45.for clib in ${LIBRARIES}
46.for slib in ${LIBRARIES}
47ciphers.mk: client-${clib}-server-${slib}.ciphers
48client-${clib}-server-${slib}.ciphers: \
49 client-${clib}.ciphers server-${slib}.ciphers client-libressl.ciphers
50 # get ciphers shared between client and server
51 sort client-${clib}.ciphers server-${slib}.ciphers >$@.tmp
52 uniq -d <$@.tmp >$@
53 # we are only interested in ciphers supported by libressl
54 sort $@ client-libressl.ciphers >$@.tmp
55. if "${clib}" == "openssl11" || "${slib}" == "openssl11" || \
56 "${clib}" == "openssl30" || "${slib}" == "openssl30"
57 # OpenSSL's SSL_CTX_set_cipher_list doesn't accept TLSv1.3 ciphers
58 sed -i '/^TLS_/d' $@.tmp
59. endif
60 uniq -d <$@.tmp >$@
61 rm $@.tmp
62.endfor
63.endfor
64
65ciphers.mk:
66 rm -f $@ $@.tmp
67.for clib in ${LIBRARIES}
68.for slib in ${LIBRARIES}
69 echo 'CIPHERS_${clib}_${slib} =' >>$@.tmp \
70 `cat client-${clib}-server-${slib}.ciphers`
71.endfor
72.endfor
73 mv $@.tmp $@
74
75# hack to convert generated lists into usable make variables
76.if exists(ciphers.mk)
77.include "ciphers.mk"
78.else
79regress: ciphers.mk
80 ${MAKE} -C ${.CURDIR} regress
81.endif
82
83LEVEL_libressl =
84LEVEL_openssl11 = ,@SECLEVEL=0
85LEVEL_openssl30 = ,@SECLEVEL=0
86
87.for clib in ${LIBRARIES}
88.for slib in ${LIBRARIES}
89.for cipher in ${CIPHERS_${clib}_${slib}}
90
91.if "${cipher:M*-DSS-*}" != ""
92TYPE_${cipher} = dsa
93.elif "${cipher:M*-ECDSA-*}" != ""
94TYPE_${cipher} = ec
95.elif "${cipher:M*-GOST89-*}" != ""
96TYPE_${cipher} = gost
97.elif "${cipher:M*-RSA-*}" != ""
98TYPE_${cipher} = rsa
99.else
100TYPE_${cipher} = 127.0.0.1
101.endif
102
103DHPARAM_${cipher}_${slib} =
104
105.if ("${clib}" == "libressl" || "${slib}" == "libressl")
106REGRESS_TARGETS += run-cipher-${cipher}-client-${clib}-server-${slib}
107.else
108# Don't use REGRESS_SLOW_TARGETS since its handling in bsd.regress.mk is slow.
109SLOW_TARGETS += run-cipher-${cipher}-client-${clib}-server-${slib}
110.endif
111run-cipher-${cipher}-client-${clib}-server-${slib} \
112client-cipher-${cipher}-client-${clib}-server-${slib}.out \
113server-cipher-${cipher}-client-${clib}-server-${slib}.out: dh.param \
114 127.0.0.1.crt ${TYPE_${cipher}}.crt ../${clib}/client ../${slib}/server
115 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
116 ../${slib}/server >${@:S/^run/server/}.out \
117 -c ${TYPE_${cipher}}.crt -k ${TYPE_${cipher}}.key \
118 -l ${cipher}${LEVEL_${slib}} ${DHPARAM_${cipher}_${slib}} \
119 127.0.0.1 0
120 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
121 ../${clib}/client >${@:S/^run/client/}.out \
122 -l ${cipher}${LEVEL_${clib}} \
123 `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
124 grep -q '^success$$' ${@:S/^run/server/}.out || \
125 { sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; }
126 grep -q '^success$$' ${@:S/^run/client/}.out
127
128.if ("${clib}" == "libressl" || "${slib}" == "libressl")
129REGRESS_TARGETS += check-cipher-${cipher}-client-${clib}-server-${slib}
130.else
131# Don't use REGRESS_SLOW_TARGETS since its handling in bsd.regress.mk is slow.
132SLOW_TARGETS += check-cipher-${cipher}-client-${clib}-server-${slib}
133.endif
134check-cipher-${cipher}-client-${clib}-server-${slib}: \
135 client-cipher-${cipher}-client-${clib}-server-${slib}.out \
136 server-cipher-${cipher}-client-${clib}-server-${slib}.out
137.if "${cipher:C/TLS_(AES.*_GCM|CHACHA.*_POLY.*)_SHA.*/TLS1_3/}" != TLS1_3
138 # client and server 1.3 capable, not TLS 1.3 cipher
139. if "${clib}" == "libressl"
140 # libressl client may prefer chacha-poly if aes-ni is not supported
141 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/client/}.out
142. else
143 # openssl 1.1 generic client cipher
144 grep -q ' Cipher *: TLS_AES_256_GCM_SHA384$$' ${@:S/^check/client/}.out
145. endif
146. if "${clib}" == "libressl"
147 # libressl client may prefer chacha-poly if aes-ni is not supported
148. if "${slib}" == "openssl11" || "${slib}" == "openssl30"
149 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out
150. else
151 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out
152. endif
153. else
154 # generic server cipher
155 grep -q ' Cipher *: TLS_AES_256_GCM_SHA384$$' ${@:S/^check/server/}.out
156. endif
157.else
158 grep -q ' Cipher *: ${cipher}$$' ${@:S/^check/client/}.out
159 grep -q ' Cipher *: ${cipher}$$' ${@:S/^check/server/}.out
160.endif
161
162.endfor
163.endfor
164.endfor
165
166.include <bsd.own.mk>
167REGRESS_SKIP_SLOW ?= no
168.if ${REGRESS_SKIP_SLOW:L} != "yes"
169REGRESS_TARGETS += ${SLOW_TARGETS}
170.endif
171
172.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/client.c b/src/regress/lib/libssl/interop/client.c
deleted file mode 100644
index 31a960381e..0000000000
--- a/src/regress/lib/libssl/interop/client.c
+++ /dev/null
@@ -1,285 +0,0 @@
1/* $OpenBSD: client.c,v 1.11 2022/07/07 13:12:57 tb Exp $ */
2/*
3 * Copyright (c) 2018-2019 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <sys/types.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <netdb.h>
23#include <stdio.h>
24#include <string.h>
25#include <unistd.h>
26
27#include <openssl/err.h>
28#include <openssl/ssl.h>
29
30#include "util.h"
31
32void __dead usage(void);
33
34void __dead
35usage(void)
36{
37 fprintf(stderr, "usage: client [-Lsv] [-C CA] [-c crt -k key] "
38 "[-l ciphers] [-V version] host port\n");
39 exit(2);
40}
41
42int
43main(int argc, char *argv[])
44{
45 const SSL_METHOD *method;
46 SSL_CTX *ctx;
47 SSL *ssl;
48 BIO *bio;
49 SSL_SESSION *session = NULL;
50 int ch, error, listciphers = 0, sessionreuse = 0, verify = 0;
51 int version = 0;
52 char buf[256];
53 char *ca = NULL, *crt = NULL, *key = NULL, *ciphers = NULL;
54 char *host_port, *host = "127.0.0.1", *port = "0";
55
56 while ((ch = getopt(argc, argv, "C:c:k:Ll:p:sV:v")) != -1) {
57 switch (ch) {
58 case 'C':
59 ca = optarg;
60 break;
61 case 'c':
62 crt = optarg;
63 break;
64 case 'k':
65 key = optarg;
66 break;
67 case 'L':
68 listciphers = 1;
69 break;
70 case 'l':
71 ciphers = optarg;
72 break;
73 case 's':
74 /* multiple reueses are possible */
75 sessionreuse++;
76 break;
77 case 'V':
78 if (strcmp(optarg, "TLS1") == 0) {
79 version = TLS1_VERSION;
80 } else if (strcmp(optarg, "TLS1_1") == 0) {
81 version = TLS1_1_VERSION;
82 } else if (strcmp(optarg, "TLS1_2") == 0) {
83 version = TLS1_2_VERSION;
84#ifdef TLS1_3_VERSION
85 } else if (strcmp(optarg, "TLS1_3") == 0) {
86 version = TLS1_3_VERSION;
87#endif
88 } else {
89 errx(1, "unknown protocol version: %s", optarg);
90 }
91 break;
92 case 'v':
93 verify = 1;
94 break;
95 default:
96 usage();
97 }
98 }
99 argc -= optind;
100 argv += optind;
101 if (argc == 2) {
102 host = argv[0];
103 port = argv[1];
104 } else if (!listciphers) {
105 usage();
106 }
107 if (asprintf(&host_port, strchr(host, ':') ? "[%s]:%s" : "%s:%s",
108 host, port) == -1)
109 err(1, "asprintf host port");
110 if ((crt == NULL && key != NULL) || (crt != NULL && key == NULL))
111 errx(1, "certificate and private key must be used together");
112
113 SSL_library_init();
114 SSL_load_error_strings();
115 print_version();
116
117 /* setup method and context */
118#if OPENSSL_VERSION_NUMBER >= 0x1010000f
119 method = TLS_client_method();
120 if (method == NULL)
121 err_ssl(1, "TLS_client_method");
122#else
123 switch (version) {
124 case TLS1_VERSION:
125 method = TLSv1_client_method();
126 break;
127 case TLS1_1_VERSION:
128 method = TLSv1_1_client_method();
129 break;
130 case TLS1_2_VERSION:
131 method = TLSv1_2_client_method();
132 break;
133#ifdef TLS1_3_VERSION
134 case TLS1_3_VERSION:
135 err(1, "TLS1_3 not supported");
136#endif
137 default:
138 method = SSLv23_client_method();
139 break;
140 }
141 if (method == NULL)
142 err_ssl(1, "SSLv23_client_method");
143#endif
144 ctx = SSL_CTX_new(method);
145 if (ctx == NULL)
146 err_ssl(1, "SSL_CTX_new");
147
148#if OPENSSL_VERSION_NUMBER >= 0x1010000f
149 if (version) {
150 if (SSL_CTX_set_min_proto_version(ctx, version) != 1)
151 err_ssl(1, "SSL_CTX_set_min_proto_version");
152 if (SSL_CTX_set_max_proto_version(ctx, version) != 1)
153 err_ssl(1, "SSL_CTX_set_max_proto_version");
154 }
155#endif
156
157 /* load client certificate */
158 if (crt != NULL) {
159 if (SSL_CTX_use_certificate_file(ctx, crt,
160 SSL_FILETYPE_PEM) <= 0)
161 err_ssl(1, "SSL_CTX_use_certificate_file");
162 if (SSL_CTX_use_PrivateKey_file(ctx, key,
163 SSL_FILETYPE_PEM) <= 0)
164 err_ssl(1, "SSL_CTX_use_PrivateKey_file");
165 if (SSL_CTX_check_private_key(ctx) <= 0)
166 err_ssl(1, "SSL_CTX_check_private_key");
167 }
168
169 /* verify server certificate */
170 if (ca != NULL) {
171 if (SSL_CTX_load_verify_locations(ctx, ca, NULL) <= 0)
172 err_ssl(1, "SSL_CTX_load_verify_locations");
173 }
174 SSL_CTX_set_verify(ctx, verify ? SSL_VERIFY_PEER : SSL_VERIFY_NONE,
175 verify_callback);
176
177 if (sessionreuse) {
178 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT);
179 }
180
181 if (ciphers) {
182 if (SSL_CTX_set_cipher_list(ctx, ciphers) <= 0)
183 err_ssl(1, "SSL_CTX_set_cipher_list");
184 }
185
186 if (listciphers) {
187 STACK_OF(SSL_CIPHER) *supported_ciphers;
188
189#if OPENSSL_VERSION_NUMBER < 0x1010000f
190#define SSL_get1_supported_ciphers SSL_get_ciphers
191#endif
192 ssl = SSL_new(ctx);
193 if (ssl == NULL)
194 err_ssl(1, "SSL_new");
195 supported_ciphers = SSL_get1_supported_ciphers(ssl);
196 if (supported_ciphers == NULL)
197 err_ssl(1, "SSL_get1_supported_ciphers");
198 print_ciphers(supported_ciphers);
199
200#if OPENSSL_VERSION_NUMBER >= 0x1010000f
201 sk_SSL_CIPHER_free(supported_ciphers);
202#endif
203 return 0;
204 }
205
206 do {
207 /* setup bio for socket operations */
208 bio = BIO_new_connect(host_port);
209 if (bio == NULL)
210 err_ssl(1, "BIO_new_connect");
211
212 /* connect */
213 if (BIO_do_connect(bio) <= 0)
214 err_ssl(1, "BIO_do_connect");
215 printf("connect ");
216 print_sockname(bio);
217 printf("connect ");
218 print_peername(bio);
219
220 /* do ssl client handshake */
221 ssl = SSL_new(ctx);
222 if (ssl == NULL)
223 err_ssl(1, "SSL_new");
224 SSL_set_bio(ssl, bio, bio);
225 /* resuse session if possible */
226 if (session != NULL) {
227 if (SSL_set_session(ssl, session) <= 0)
228 err_ssl(1, "SSL_set_session");
229 }
230 if ((error = SSL_connect(ssl)) <= 0)
231 err_ssl(1, "SSL_connect %d", error);
232 printf("session %d: %s\n", sessionreuse,
233 SSL_session_reused(ssl) ? "reuse" : "new");
234 if (fflush(stdout) != 0)
235 err(1, "fflush stdout");
236
237 /* print session statistics */
238 if (sessionreuse) {
239 session = SSL_get1_session(ssl);
240 if (session == NULL)
241 err_ssl(1, "SSL1_get_session");
242 } else {
243 session = SSL_get_session(ssl);
244 if (session == NULL)
245 err_ssl(1, "SSL_get_session");
246 }
247 if (SSL_SESSION_print_fp(stdout, session) <= 0)
248 err_ssl(1, "SSL_SESSION_print_fp");
249
250 /* read server greeting and write client hello over TLS */
251 if ((error = SSL_read(ssl, buf, 9)) <= 0)
252 err_ssl(1, "SSL_read %d", error);
253 if (error != 9)
254 errx(1, "read not 9 bytes greeting: %d", error);
255 buf[9] = '\0';
256 printf("<<< %s", buf);
257 if (fflush(stdout) != 0)
258 err(1, "fflush stdout");
259 strlcpy(buf, "hello\n", sizeof(buf));
260 printf(">>> %s", buf);
261 if (fflush(stdout) != 0)
262 err(1, "fflush stdout");
263 if ((error = SSL_write(ssl, buf, 6)) <= 0)
264 err_ssl(1, "SSL_write %d", error);
265 if (error != 6)
266 errx(1, "write not 6 bytes hello: %d", error);
267
268 /* shutdown connection */
269 if ((error = SSL_shutdown(ssl)) < 0)
270 err_ssl(1, "SSL_shutdown unidirectional %d", error);
271 if (error <= 0) {
272 if ((error = SSL_shutdown(ssl)) <= 0)
273 err_ssl(1, "SSL_shutdown bidirectional %d",
274 error);
275 }
276
277 SSL_free(ssl);
278 } while (sessionreuse--);
279
280 SSL_CTX_free(ctx);
281
282 printf("success\n");
283
284 return 0;
285}
diff --git a/src/regress/lib/libssl/interop/libressl/Makefile b/src/regress/lib/libssl/interop/libressl/Makefile
deleted file mode 100644
index d8e20ca122..0000000000
--- a/src/regress/lib/libssl/interop/libressl/Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
1# $OpenBSD: Makefile,v 1.9 2020/12/25 10:50:08 tb Exp $
2
3PROGS = client server
4CFLAGS += -DLIBRESSL_HAS_TLS1_3
5CPPFLAGS +=
6LDFLAGS +=
7LDADD += -lssl -lcrypto
8DPADD += ${LIBSSL} ${LIBCRYPTO}
9LD_LIBRARY_PATH =
10REGRESS_TARGETS = run-self-client-server
11.for p in ${PROGS}
12REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
13.endfor
14
15.for p in ${PROGS}
16
17run-ldd-$p: ldd-$p.out
18 # check that $p is linked with LibreSSL
19 grep -q /usr/lib/libcrypto.so ldd-$p.out
20 grep -q /usr/lib/libssl.so ldd-$p.out
21 # check that $p is not linked with OpenSSL
22 ! grep /usr/local/lib/ ldd-$p.out
23
24run-version-$p: $p-self.out
25 # check that runtime version is LibreSSL
26 grep 'SSLEAY_VERSION: LibreSSL' $p-self.out
27
28run-protocol-$p: $p-self.out
29 # check that LibreSSL protocol version is TLS 1.3
30 grep 'Protocol *: TLSv1.3' $p-self.out
31
32.endfor
33
34.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/netcat/Makefile b/src/regress/lib/libssl/interop/netcat/Makefile
deleted file mode 100644
index 9cf10417af..0000000000
--- a/src/regress/lib/libssl/interop/netcat/Makefile
+++ /dev/null
@@ -1,84 +0,0 @@
1# $OpenBSD: Makefile,v 1.6 2023/02/01 15:38:57 tb Exp $
2
3LIBRARIES = libressl
4.if exists(/usr/local/bin/eopenssl11)
5LIBRARIES += openssl11
6.endif
7.if exists(/usr/local/bin/eopenssl30)
8LIBRARIES += openssl30
9.endif
10
11# run netcat server and connect with test client
12
13.for clib in ${LIBRARIES}
14
15REGRESS_TARGETS += run-netcat-client-${clib}-server-nc
16REGRESS_TARGETS += run-protocol-client-${clib}
17
18run-netcat-client-${clib}-server-nc: ../${clib}/client 127.0.0.1.crt
19 echo "greeting" | \
20 nc >${@:S/^run/server/}.out \
21 -l -c -C 127.0.0.1.crt -K 127.0.0.1.key \
22 127.0.0.1 0 & \
23 for i in `jot 1000`; do fstat -p $$! >netcat.fstat; \
24 grep -q ' stream tcp .*:[1-9][0-9]*$$' netcat.fstat && \
25 exit 0; done; exit 1
26 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
27 ../${clib}/client >${@:S/^run/client/}.out \
28 `sed -n 's/.* stream tcp .*:/127.0.0.1 /p' netcat.fstat`
29 # check that the client run successfully to the end
30 grep -q '^success$$' ${@:S/^run/client/}.out
31 # client must have read server greeting
32 grep -q '^<<< greeting$$' ${@:S/^run/client/}.out
33 # netstat server must have read client hello
34 grep -q '^hello$$' ${@:S/^run/server/}.out
35
36.endfor
37
38# run test server and connect with netcat client
39
40.for slib in ${LIBRARIES}
41
42REGRESS_TARGETS += run-netcat-client-nc-server-${slib}
43
44run-netcat-client-nc-server-${slib}: ../${slib}/server 127.0.0.1.crt
45 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
46 ../${slib}/server >${@:S/^run/server/}.out \
47 127.0.0.1 0
48 echo "hello" | \
49 nc >${@:S/^run/client/}.out \
50 -c -R 127.0.0.1.crt \
51 `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
52 # check that the server child run successfully to the end
53 grep -q '^success$$' ${@:S/^run/server/}.out || \
54 { sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; }
55 # server must have read client hello
56 grep -q '^<<< hello$$' ${@:S/^run/server/}.out
57 # client must have read server greeting
58 grep -q '^greeting$$' ${@:S/^run/client/}.out
59
60.endfor
61
62# check the TLS protocol version in client and server logs
63
64.for clib in ${LIBRARIES}
65
66REGRESS_TARGETS += run-protocol-client-${clib}
67
68run-protocol-client-${clib}: client-netcat-client-${clib}-server-nc.out
69 # check that LibTLS protocol version is TLS 1.2 or TLS 1.3
70 grep 'Protocol *: TLSv1.[23]' client-netcat-client-${clib}-server-nc.out
71
72.endfor
73
74.for slib in ${LIBRARIES}
75
76REGRESS_TARGETS += run-protocol-server-${slib}
77
78run-protocol-server-${slib}: server-netcat-client-nc-server-${slib}.out
79 # check that LibTLS protocol version is TLS 1.2 or TLS 1.3
80 grep 'Protocol *: TLSv1.[23]' server-netcat-client-nc-server-${slib}.out
81
82.endfor
83
84.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/openssl11/Makefile b/src/regress/lib/libssl/interop/openssl11/Makefile
deleted file mode 100644
index 27e7354925..0000000000
--- a/src/regress/lib/libssl/interop/openssl11/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
1# $OpenBSD: Makefile,v 1.8 2021/12/02 17:10:53 kn Exp $
2
3.if ! exists(/usr/local/bin/eopenssl11)
4regress:
5 # install openssl-1.1 from ports for interop tests
6 @echo 'Run "pkg_add openssl--%1.1" to run tests against OpenSSL 1.1'
7 @echo SKIPPED
8.else
9
10PROGS = client server
11CPPFLAGS = -I /usr/local/include/eopenssl11
12LDFLAGS = -L /usr/local/lib/eopenssl11
13LDADD = -lssl -lcrypto
14DPADD = /usr/local/lib/eopenssl11/libssl.a \
15 /usr/local/lib/eopenssl11/libcrypto.a
16LD_LIBRARY_PATH = /usr/local/lib/eopenssl11
17REGRESS_TARGETS = run-self-client-server
18.for p in ${PROGS}
19REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
20.endfor
21
22.for p in ${PROGS}
23
24run-ldd-$p: ldd-$p.out
25 # check that $p is linked with OpenSSL 1.1
26 grep -q /usr/local/lib/eopenssl11/libcrypto.so ldd-$p.out
27 grep -q /usr/local/lib/eopenssl11/libssl.so ldd-$p.out
28 # check that $p is not linked with LibreSSL
29 ! grep -v libc.so ldd-$p.out | grep /usr/lib/
30
31run-version-$p: $p-self.out
32 # check that runtime version is OpenSSL 1.1
33 grep 'SSLEAY_VERSION: OpenSSL 1.1' $p-self.out
34
35run-protocol-$p: $p-self.out
36 # check that OpenSSL 1.1 protocol version is TLS 1.3
37 grep 'Protocol *: TLSv1.3' $p-self.out
38
39.endfor
40
41.endif # exists(/usr/local/bin/eopenssl11)
42
43.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/openssl30/Makefile b/src/regress/lib/libssl/interop/openssl30/Makefile
deleted file mode 100644
index d667d1b17e..0000000000
--- a/src/regress/lib/libssl/interop/openssl30/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2023/01/27 08:28:36 tb Exp $
2
3.if ! exists(/usr/local/bin/eopenssl30)
4regress:
5 # install openssl-3.0 from ports for interop tests
6 @echo 'Run "pkg_add openssl--%3.0" to run tests against OpenSSL 3.0'
7 @echo SKIPPED
8.else
9
10PROGS = client server
11CPPFLAGS = -I /usr/local/include/eopenssl30
12LDFLAGS = -L /usr/local/lib/eopenssl30
13LDADD = -lssl -lcrypto
14DPADD = /usr/local/lib/eopenssl30/libssl.a \
15 /usr/local/lib/eopenssl30/libcrypto.a
16LD_LIBRARY_PATH = /usr/local/lib/eopenssl30
17REGRESS_TARGETS = run-self-client-server
18.for p in ${PROGS}
19REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
20.endfor
21
22.for p in ${PROGS}
23
24run-ldd-$p: ldd-$p.out
25 # check that $p is linked with OpenSSL 3.0
26 grep -q /usr/local/lib/eopenssl30/libcrypto.so ldd-$p.out
27 grep -q /usr/local/lib/eopenssl30/libssl.so ldd-$p.out
28 # check that $p is not linked with LibreSSL
29 ! grep -v libc.so ldd-$p.out | grep /usr/lib/
30
31run-version-$p: $p-self.out
32 # check that runtime version is OpenSSL 3.0
33 grep 'SSLEAY_VERSION: OpenSSL 3.0' $p-self.out
34
35run-protocol-$p: $p-self.out
36 # check that OpenSSL 3.0 protocol version is TLS 1.3
37 grep 'Protocol *: TLSv1.3' $p-self.out
38
39.endfor
40
41.endif # exists(/usr/local/bin/eopenssl30)
42
43.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/server.c b/src/regress/lib/libssl/interop/server.c
deleted file mode 100644
index a634adb43b..0000000000
--- a/src/regress/lib/libssl/interop/server.c
+++ /dev/null
@@ -1,321 +0,0 @@
1/* $OpenBSD: server.c,v 1.12 2023/02/01 14:39:09 tb Exp $ */
2/*
3 * Copyright (c) 2018-2019 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <sys/types.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <netdb.h>
23#include <stdio.h>
24#include <stdlib.h>
25#include <string.h>
26#include <unistd.h>
27
28#include <openssl/err.h>
29#include <openssl/ssl.h>
30
31#include "util.h"
32
33void __dead usage(void);
34
35void __dead
36usage(void)
37{
38 fprintf(stderr, "usage: server [-Lsvv] [-C CA] [-c crt -k key] "
39 "[-l ciphers] [-p dhparam] [-V version] [host port]\n");
40 exit(2);
41}
42
43int
44main(int argc, char *argv[])
45{
46 const SSL_METHOD *method;
47 SSL_CTX *ctx;
48 SSL *ssl;
49 BIO *abio, *cbio;
50 SSL_SESSION *session;
51 int ch, error, listciphers = 0, sessionreuse = 0, verify = 0;
52 int version = 0;
53 char buf[256], *dhparam = NULL;
54 char *ca = NULL, *crt = NULL, *key = NULL, *ciphers = NULL;
55 char *host_port, *host = "127.0.0.1", *port = "0";
56
57 while ((ch = getopt(argc, argv, "C:c:k:Ll:p:sV:v")) != -1) {
58 switch (ch) {
59 case 'C':
60 ca = optarg;
61 break;
62 case 'c':
63 crt = optarg;
64 break;
65 case 'k':
66 key = optarg;
67 break;
68 case 'L':
69 listciphers = 1;
70 break;
71 case 'l':
72 ciphers = optarg;
73 break;
74 case 'p':
75 dhparam = optarg;
76 break;
77 case 's':
78 /* multiple reueses are possible */
79 sessionreuse++;
80 break;
81 case 'V':
82 if (strcmp(optarg, "TLS1") == 0) {
83 version = TLS1_VERSION;
84 } else if (strcmp(optarg, "TLS1_1") == 0) {
85 version = TLS1_1_VERSION;
86 } else if (strcmp(optarg, "TLS1_2") == 0) {
87 version = TLS1_2_VERSION;
88 } else if (strcmp(optarg, "TLS1_3") == 0) {
89 version = TLS1_3_VERSION;
90 } else {
91 errx(1, "unknown protocol version: %s", optarg);
92 }
93 break;
94 case 'v':
95 /* use twice to force client cert */
96 verify++;
97 break;
98 default:
99 usage();
100 }
101 }
102 argc -= optind;
103 argv += optind;
104 if (argc == 2) {
105 host = argv[0];
106 port = argv[1];
107 } else if (argc != 0 && !listciphers) {
108 usage();
109 }
110 if (asprintf(&host_port, strchr(host, ':') ? "[%s]:%s" : "%s:%s",
111 host, port) == -1)
112 err(1, "asprintf host port");
113 if ((crt == NULL && key != NULL) || (crt != NULL && key == NULL))
114 errx(1, "certificate and private key must be used together");
115 if (crt == NULL && asprintf(&crt, "%s.crt", host) == -1)
116 err(1, "asprintf crt");
117 if (key == NULL && asprintf(&key, "%s.key", host) == -1)
118 err(1, "asprintf key");
119
120 SSL_library_init();
121 SSL_load_error_strings();
122 print_version();
123
124 /* setup method and context */
125#if OPENSSL_VERSION_NUMBER >= 0x1010000f
126 method = TLS_server_method();
127 if (method == NULL)
128 err_ssl(1, "TLS_server_method");
129#else
130 switch (version) {
131 case TLS1_VERSION:
132 method = TLSv1_server_method();
133 break;
134 case TLS1_1_VERSION:
135 method = TLSv1_1_server_method();
136 break;
137 case TLS1_2_VERSION:
138 method = TLSv1_2_server_method();
139 break;
140#ifdef TLS1_3_VERSION
141 case TLS1_3_VERSION:
142 err(1, "TLS1_3 not supported");
143#endif
144 default:
145 method = SSLv23_server_method();
146 break;
147 }
148 if (method == NULL)
149 err_ssl(1, "SSLv23_server_method");
150#endif
151 ctx = SSL_CTX_new(method);
152 if (ctx == NULL)
153 err_ssl(1, "SSL_CTX_new");
154
155#if OPENSSL_VERSION_NUMBER >= 0x1010000f
156 if (version) {
157 if (SSL_CTX_set_min_proto_version(ctx, version) != 1)
158 err_ssl(1, "SSL_CTX_set_min_proto_version");
159 if (SSL_CTX_set_max_proto_version(ctx, version) != 1)
160 err_ssl(1, "SSL_CTX_set_max_proto_version");
161 }
162#endif
163
164#if OPENSSL_VERSION_NUMBER >= 0x10100000
165 /* needed to use DHE cipher with libressl */
166 if (SSL_CTX_set_dh_auto(ctx, 1) <= 0)
167 err_ssl(1, "SSL_CTX_set_dh_auto");
168#endif
169 /* needed to use ADH, EDH, DHE cipher with openssl */
170 if (dhparam != NULL) {
171 DH *dh;
172 FILE *file;
173
174 file = fopen(dhparam, "r");
175 if (file == NULL)
176 err(1, "fopen %s", dhparam);
177 dh = PEM_read_DHparams(file, NULL, NULL, NULL);
178 if (dh == NULL)
179 err_ssl(1, "PEM_read_DHparams");
180 if (SSL_CTX_set_tmp_dh(ctx, dh) <= 0)
181 err_ssl(1, "SSL_CTX_set_tmp_dh");
182 fclose(file);
183 }
184
185 /* load server certificate */
186 if (SSL_CTX_use_certificate_file(ctx, crt, SSL_FILETYPE_PEM) <= 0)
187 err_ssl(1, "SSL_CTX_use_certificate_file");
188 if (SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM) <= 0)
189 err_ssl(1, "SSL_CTX_use_PrivateKey_file");
190 if (SSL_CTX_check_private_key(ctx) <= 0)
191 err_ssl(1, "SSL_CTX_check_private_key");
192
193 /* request client certificate and verify it */
194 if (ca != NULL) {
195 STACK_OF(X509_NAME) *x509stack;
196
197 x509stack = SSL_load_client_CA_file(ca);
198 if (x509stack == NULL)
199 err_ssl(1, "SSL_load_client_CA_file");
200 SSL_CTX_set_client_CA_list(ctx, x509stack);
201 if (SSL_CTX_load_verify_locations(ctx, ca, NULL) <= 0)
202 err_ssl(1, "SSL_CTX_load_verify_locations");
203 }
204 SSL_CTX_set_verify(ctx,
205 verify == 0 ? SSL_VERIFY_NONE :
206 verify == 1 ? SSL_VERIFY_PEER :
207 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
208 verify_callback);
209
210 if (sessionreuse) {
211 uint32_t context;
212
213 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER);
214 context = arc4random();
215 if (SSL_CTX_set_session_id_context(ctx,
216 (unsigned char *)&context, sizeof(context)) <= 0)
217 err_ssl(1, "SSL_CTX_set_session_id_context");
218 }
219
220 if (ciphers) {
221 if (SSL_CTX_set_cipher_list(ctx, ciphers) <= 0)
222 err_ssl(1, "SSL_CTX_set_cipher_list");
223 }
224
225 if (listciphers) {
226 STACK_OF(SSL_CIPHER) *supported_ciphers;
227
228 ssl = SSL_new(ctx);
229 if (ssl == NULL)
230 err_ssl(1, "SSL_new");
231 supported_ciphers = SSL_get1_supported_ciphers(ssl);
232 if (supported_ciphers == NULL)
233 err_ssl(1, "SSL_get1_supported_ciphers");
234 print_ciphers(supported_ciphers);
235
236 sk_SSL_CIPHER_free(supported_ciphers);
237 return 0;
238 }
239
240 /* setup bio for socket operations */
241 abio = BIO_new_accept(host_port);
242 if (abio == NULL)
243 err_ssl(1, "BIO_new_accept");
244
245 /* bind, listen */
246 if (BIO_do_accept(abio) <= 0)
247 err_ssl(1, "BIO_do_accept setup");
248 printf("listen ");
249 print_sockname(abio);
250
251 /* fork to background and set timeout */
252 if (daemon(1, 1) == -1)
253 err(1, "daemon");
254 alarm(10);
255
256 do {
257 /* accept connection */
258 if (BIO_do_accept(abio) <= 0)
259 err_ssl(1, "BIO_do_accept wait");
260 cbio = BIO_pop(abio);
261 printf("accept ");
262 print_sockname(cbio);
263 printf("accept ");
264 print_peername(cbio);
265
266 /* do ssl server handshake */
267 ssl = SSL_new(ctx);
268 if (ssl == NULL)
269 err_ssl(1, "SSL_new");
270 SSL_set_bio(ssl, cbio, cbio);
271 if ((error = SSL_accept(ssl)) <= 0)
272 err_ssl(1, "SSL_accept %d", error);
273 printf("session %d: %s\n", sessionreuse,
274 SSL_session_reused(ssl) ? "reuse" : "new");
275 if (fflush(stdout) != 0)
276 err(1, "fflush stdout");
277
278
279 /* print session statistics */
280 session = SSL_get_session(ssl);
281 if (session == NULL)
282 err_ssl(1, "SSL_get_session");
283 if (SSL_SESSION_print_fp(stdout, session) <= 0)
284 err_ssl(1, "SSL_SESSION_print_fp");
285
286 /* write server greeting and read client hello over TLS */
287 strlcpy(buf, "greeting\n", sizeof(buf));
288 printf(">>> %s", buf);
289 if (fflush(stdout) != 0)
290 err(1, "fflush stdout");
291 if ((error = SSL_write(ssl, buf, 9)) <= 0)
292 err_ssl(1, "SSL_write %d", error);
293 if (error != 9)
294 errx(1, "write not 9 bytes greeting: %d", error);
295 if ((error = SSL_read(ssl, buf, 6)) <= 0)
296 err_ssl(1, "SSL_read %d", error);
297 if (error != 6)
298 errx(1, "read not 6 bytes hello: %d", error);
299 buf[6] = '\0';
300 printf("<<< %s", buf);
301 if (fflush(stdout) != 0)
302 err(1, "fflush stdout");
303
304 /* shutdown connection */
305 if ((error = SSL_shutdown(ssl)) < 0)
306 err_ssl(1, "SSL_shutdown unidirectional %d", error);
307 if (error <= 0) {
308 if ((error = SSL_shutdown(ssl)) <= 0)
309 err_ssl(1, "SSL_shutdown bidirectional %d",
310 error);
311 }
312
313 SSL_free(ssl);
314 } while (sessionreuse--);
315
316 SSL_CTX_free(ctx);
317
318 printf("success\n");
319
320 return 0;
321}
diff --git a/src/regress/lib/libssl/interop/session/Makefile b/src/regress/lib/libssl/interop/session/Makefile
deleted file mode 100644
index f5858eaba0..0000000000
--- a/src/regress/lib/libssl/interop/session/Makefile
+++ /dev/null
@@ -1,46 +0,0 @@
1# $OpenBSD: Makefile,v 1.8 2023/02/01 16:03:47 tb Exp $
2
3LIBRARIES = libressl
4.if exists(/usr/local/bin/eopenssl11)
5LIBRARIES += openssl11
6.endif
7.if exists(/usr/local/bin/eopenssl30)
8#LIBRARIES += openssl30
9.endif
10
11run-session-client-libressl-server-libressl \
12run-session-client-libressl-server-openssl11 \
13run-session-client-openssl11-server-libressl \
14run-session-client-openssl11-server-openssl11:
15 # TLS 1.3 needs some extra setup for session reuse
16 @echo DISABLED
17
18.for clib in ${LIBRARIES}
19.for slib in ${LIBRARIES}
20
21REGRESS_TARGETS += run-session-client-${clib}-server-${slib}
22
23run-session-client-${clib}-server-${slib}: \
24 127.0.0.1.crt ../${clib}/client ../${slib}/server
25 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
26 ../${slib}/server >${@:S/^run/server/}.out \
27 -ss \
28 127.0.0.1 0
29 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
30 ../${clib}/client >${@:S/^run/client/}.out \
31 -ss \
32 `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
33 grep '^success$$' ${@:S/^run/server/}.out || \
34 { sleep 1; grep '^success$$' ${@:S/^run/server/}.out; }
35 grep '^success$$' ${@:S/^run/client/}.out
36 grep '^session 2: new$$' ${@:S/^run/server/}.out
37 grep '^session 2: new$$' ${@:S/^run/client/}.out
38 grep '^session 1: reuse$$' ${@:S/^run/server/}.out
39 grep '^session 1: reuse$$' ${@:S/^run/client/}.out
40 grep '^session 0: reuse$$' ${@:S/^run/server/}.out
41 grep '^session 0: reuse$$' ${@:S/^run/client/}.out
42
43.endfor
44.endfor
45
46.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/util.c b/src/regress/lib/libssl/interop/util.c
deleted file mode 100644
index 5190e81828..0000000000
--- a/src/regress/lib/libssl/interop/util.c
+++ /dev/null
@@ -1,145 +0,0 @@
1/* $OpenBSD: util.c,v 1.3 2018/11/09 06:30:41 bluhm Exp $ */
2/*
3 * Copyright (c) 2018 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <sys/types.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <netdb.h>
23#include <stdio.h>
24
25#include <openssl/err.h>
26#include <openssl/ssl.h>
27#include <openssl/opensslv.h>
28#include <openssl/crypto.h>
29
30#include "util.h"
31
32void
33print_version(void)
34{
35#ifdef OPENSSL_VERSION_NUMBER
36 printf("OPENSSL_VERSION_NUMBER: %#08lx\n", OPENSSL_VERSION_NUMBER);
37#endif
38#ifdef LIBRESSL_VERSION_NUMBER
39 printf("LIBRESSL_VERSION_NUMBER: %#08lx\n", LIBRESSL_VERSION_NUMBER);
40#endif
41#ifdef LIBRESSL_VERSION_TEXT
42 printf("LIBRESSL_VERSION_TEXT: %s\n", LIBRESSL_VERSION_TEXT);
43#endif
44#if OPENSSL_VERSION_NUMBER >= 0x1010000f
45 printf("OpenSSL_version_num: %#08lx\n", OpenSSL_version_num());
46 printf("OpenSSL_version OPENSSL_VERSION: %s\n",
47 OpenSSL_version(OPENSSL_VERSION));
48 printf("OpenSSL_version OPENSSL_CFLAGS: %s\n",
49 OpenSSL_version(OPENSSL_CFLAGS));
50 printf("OpenSSL_version OPENSSL_BUILT_ON: %s\n",
51 OpenSSL_version(OPENSSL_BUILT_ON));
52 printf("OpenSSL_version OPENSSL_PLATFORM: %s\n",
53 OpenSSL_version(OPENSSL_PLATFORM));
54 printf("OpenSSL_version OPENSSL_DIR: %s\n",
55 OpenSSL_version(OPENSSL_DIR));
56 printf("OpenSSL_version OPENSSL_ENGINES_DIR: %s\n",
57 OpenSSL_version(OPENSSL_ENGINES_DIR));
58#endif
59 printf("SSLeay: %#08lx\n", SSLeay());
60 printf("SSLeay_version SSLEAY_VERSION: %s\n",
61 SSLeay_version(SSLEAY_VERSION));
62 printf("SSLeay_version SSLEAY_CFLAGS: %s\n",
63 SSLeay_version(SSLEAY_CFLAGS));
64 printf("SSLeay_version SSLEAY_BUILT_ON: %s\n",
65 SSLeay_version(SSLEAY_BUILT_ON));
66 printf("SSLeay_version SSLEAY_PLATFORM: %s\n",
67 SSLeay_version(SSLEAY_PLATFORM));
68 printf("SSLeay_version SSLEAY_DIR: %s\n",
69 SSLeay_version(SSLEAY_DIR));
70}
71
72void
73print_ciphers(STACK_OF(SSL_CIPHER) *cstack)
74{
75 const SSL_CIPHER *cipher;
76 int i;
77
78 for (i = 0; (cipher = sk_SSL_CIPHER_value(cstack, i)) != NULL; i++)
79 printf("cipher %s\n", SSL_CIPHER_get_name(cipher));
80 if (fflush(stdout) != 0)
81 err(1, "fflush stdout");
82}
83
84void
85print_sockname(BIO *bio)
86{
87 struct sockaddr_storage ss;
88 socklen_t slen;
89 char host[NI_MAXHOST], port[NI_MAXSERV];
90 int fd;
91
92 if (BIO_get_fd(bio, &fd) <= 0)
93 err_ssl(1, "BIO_get_fd");
94 slen = sizeof(ss);
95 if (getsockname(fd, (struct sockaddr *)&ss, &slen) == -1)
96 err(1, "getsockname");
97 if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host,
98 sizeof(host), port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV))
99 errx(1, "getnameinfo");
100 printf("sock: %s %s\n", host, port);
101 if (fflush(stdout) != 0)
102 err(1, "fflush stdout");
103}
104
105void
106print_peername(BIO *bio)
107{
108 struct sockaddr_storage ss;
109 socklen_t slen;
110 char host[NI_MAXHOST], port[NI_MAXSERV];
111 int fd;
112
113 if (BIO_get_fd(bio, &fd) <= 0)
114 err_ssl(1, "BIO_get_fd");
115 slen = sizeof(ss);
116 if (getpeername(fd, (struct sockaddr *)&ss, &slen) == -1)
117 err(1, "getpeername");
118 if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host,
119 sizeof(host), port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV))
120 errx(1, "getnameinfo");
121 printf("peer: %s %s\n", host, port);
122 if (fflush(stdout) != 0)
123 err(1, "fflush stdout");
124}
125
126void
127err_ssl(int eval, const char *fmt, ...)
128{
129 va_list ap;
130
131 ERR_print_errors_fp(stderr);
132 va_start(ap, fmt);
133 verrx(eval, fmt, ap);
134 va_end(ap);
135}
136
137int
138verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
139{
140 printf("verify: %s\n", preverify_ok ? "pass" : "fail");
141 if (fflush(stdout) != 0)
142 err(1, "fflush stdout");
143
144 return preverify_ok;
145}
diff --git a/src/regress/lib/libssl/interop/util.h b/src/regress/lib/libssl/interop/util.h
deleted file mode 100644
index 7414a037d7..0000000000
--- a/src/regress/lib/libssl/interop/util.h
+++ /dev/null
@@ -1,23 +0,0 @@
1/* $OpenBSD: util.h,v 1.3 2018/11/09 06:30:41 bluhm Exp $ */
2/*
3 * Copyright (c) 2018 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18void print_version(void);
19void print_ciphers(STACK_OF(SSL_CIPHER) *);
20void print_sockname(BIO *);
21void print_peername(BIO *);
22void err_ssl(int, const char *, ...);
23int verify_callback(int, X509_STORE_CTX *);
diff --git a/src/regress/lib/libssl/interop/version/Makefile b/src/regress/lib/libssl/interop/version/Makefile
deleted file mode 100644
index c4f7705d63..0000000000
--- a/src/regress/lib/libssl/interop/version/Makefile
+++ /dev/null
@@ -1,109 +0,0 @@
1# $OpenBSD: Makefile,v 1.7 2023/07/02 17:21:32 beck Exp $
2
3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.1 or openssl 3.0. Pin client or server to a fixed TLS
5# version number. Incompatible versions must fail. Check that client
6# and server have used correct version by grepping in their session
7# print out.
8
9LIBRARIES = libressl
10.if exists(/usr/local/bin/eopenssl11)
11LIBRARIES += openssl11
12.endif
13.if exists(/usr/local/bin/eopenssl30)
14LIBRARIES += openssl30
15.endif
16
17VERSIONS = any TLS1_2 TLS1_3
18
19.for cver in ${VERSIONS}
20.for sver in ${VERSIONS}
21
22.if "${cver}" == any || "${sver}" == any || "${cver}" == "${sver}"
23FAIL_${cver}_${sver} =
24.else
25FAIL_${cver}_${sver} = !
26.endif
27
28.for clib in ${LIBRARIES}
29.for slib in ${LIBRARIES}
30
31.if ("${cver}" != TLS1_3 && "${sver}" != TLS1_3) && \
32 (("${clib}" != openssl30 && "${slib}" != openssl30) || \
33 (("${cver}" != any && "${sver}" != any) && \
34 ("${cver}" != TLS1 && "${sver}" != TLS1) && \
35 ("${cver}" != TLS1_1 && "${sver}" != TLS1_1)))
36
37.if ("${clib}" == "libressl" || "${slib}" == "libressl")
38REGRESS_TARGETS += run-version-client-${clib}-${cver}-server-${slib}-${sver}
39.else
40# Don't use REGRESS_SLOW_TARGETS since its handling in bsd.regress.mk is slow.
41SLOW_TARGETS += run-version-client-${clib}-${cver}-server-${slib}-${sver}
42.endif
43
44run-version-client-${clib}-${cver}-server-${slib}-${sver} \
45client-version-client-${clib}-${cver}-server-${slib}-${sver}.out \
46server-version-client-${clib}-${cver}-server-${slib}-${sver}.out: \
47 127.0.0.1.crt ../${clib}/client ../${slib}/server
48 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
49 ../${slib}/server >${@:S/^run/server/}.out \
50 -c 127.0.0.1.crt -k 127.0.0.1.key \
51 ${sver:Nany:S/^/-V /} \
52 127.0.0.1 0
53 ${FAIL_${cver}_${sver}} \
54 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
55 ../${clib}/client >${@:S/^run/client/}.out \
56 ${cver:Nany:S/^/-V /} \
57 `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
58.if empty(${FAIL_${cver}_${sver}})
59 grep -q '^success$$' ${@:S/^run/server/}.out || \
60 { sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; }
61 grep -q '^success$$' ${@:S/^run/client/}.out
62.endif
63
64.if empty(${FAIL_${cver}_${sver}})
65
66.if ("${clib}" == "libressl" || "${slib}" == "libressl")
67REGRESS_TARGETS += check-version-client-${clib}-${cver}-server-${slib}-${sver}
68.else
69# Don't use REGRESS_SLOW_TARGETS since its handling in bsd.regress.mk is slow.
70SLOW_TARGETS += check-version-client-${clib}-${cver}-server-${slib}-${sver}
71.endif
72
73check-version-client-${clib}-${cver}-server-${slib}-${sver}: \
74 client-version-client-${clib}-${cver}-server-${slib}-${sver}.out \
75 server-version-client-${clib}-${cver}-server-${slib}-${sver}.out
76 @grep ' Protocol *: ' ${@:S/^check/client/}.out
77 @grep ' Protocol *: ' ${@:S/^check/server/}.out
78.if "${cver}" == any
79.if "${sver}" == any
80 grep -q ' Protocol *: TLSv1.3$$' ${@:S/^check/client/}.out
81 grep -q ' Protocol *: TLSv1.3$$' ${@:S/^check/server/}.out
82.else
83 grep -q ' Protocol *: ${sver:S/TLS/TLSv/:S/_/./}$$' \
84 ${@:S/^check/client/}.out
85 grep -q ' Protocol *: ${sver:S/TLS/TLSv/:S/_/./}$$' \
86 ${@:S/^check/server/}.out
87.endif
88.else
89 grep -q ' Protocol *: ${cver:S/TLS/TLSv/:S/_/./}$$' \
90 ${@:S/^check/client/}.out
91 grep -q ' Protocol *: ${cver:S/TLS/TLSv/:S/_/./}$$' \
92 ${@:S/^check/server/}.out
93.endif
94.endif
95
96.endif
97
98.endfor
99.endfor
100.endfor
101.endfor
102
103.include <bsd.own.mk>
104REGRESS_SKIP_SLOW ?= no
105.if ${REGRESS_SKIP_SLOW:L} != "yes"
106REGRESS_TARGETS += ${SLOW_TARGETS}
107.endif
108
109.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/key_schedule/Makefile b/src/regress/lib/libssl/key_schedule/Makefile
deleted file mode 100644
index a8f23a27c5..0000000000
--- a/src/regress/lib/libssl/key_schedule/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2022/06/29 15:06:18 tb Exp $
2
3PROG= key_schedule
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/key_schedule/key_schedule.c b/src/regress/lib/libssl/key_schedule/key_schedule.c
deleted file mode 100644
index f937d042c4..0000000000
--- a/src/regress/lib/libssl/key_schedule/key_schedule.c
+++ /dev/null
@@ -1,317 +0,0 @@
1/* $OpenBSD: key_schedule.c,v 1.10 2022/11/26 16:08:56 tb Exp $ */
2/*
3 * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include "ssl_local.h"
21
22#include "bytestring.h"
23#include "ssl_tlsext.h"
24#include "tls13_internal.h"
25
26static int failures = 0;
27
28static void
29hexdump(const unsigned char *buf, size_t len)
30{
31 size_t i;
32
33 for (i = 1; i <= len; i++)
34 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
35
36 fprintf(stderr, "\n");
37}
38
39static void
40compare_data(const uint8_t *recv, size_t recv_len, const uint8_t *expect,
41 size_t expect_len)
42{
43 fprintf(stderr, "received:\n");
44 hexdump(recv, recv_len);
45
46 fprintf(stderr, "test data:\n");
47 hexdump(expect, expect_len);
48}
49
50#define FAIL(msg, ...) \
51do { \
52 fprintf(stderr, "[%s:%d] FAIL: ", __FILE__, __LINE__); \
53 fprintf(stderr, msg, ##__VA_ARGS__); \
54 failures++; \
55} while(0)
56
57/* Hashes and secrets from test vector */
58
59uint8_t chello[] = {
60 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14,
61 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24,
62 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
63 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55
64};
65const struct tls13_secret chello_hash = {
66 .data = chello,
67 .len = 32,
68};
69
70uint8_t cshello [] = {
71 0x86, 0x0c, 0x06, 0xed, 0xc0, 0x78, 0x58, 0xee,
72 0x8e, 0x78, 0xf0, 0xe7, 0x42, 0x8c, 0x58, 0xed,
73 0xd6, 0xb4, 0x3f, 0x2c, 0xa3, 0xe6, 0xe9, 0x5f,
74 0x02, 0xed, 0x06, 0x3c, 0xf0, 0xe1, 0xca, 0xd8
75};
76
77const struct tls13_secret cshello_hash = {
78 .data = cshello,
79 .len = 32,
80};
81
82const uint8_t ecdhe [] = {
83 0x8b, 0xd4, 0x05, 0x4f, 0xb5, 0x5b, 0x9d, 0x63,
84 0xfd, 0xfb, 0xac, 0xf9, 0xf0, 0x4b, 0x9f, 0x0d,
85 0x35, 0xe6, 0xd6, 0x3f, 0x53, 0x75, 0x63, 0xef,
86 0xd4, 0x62, 0x72, 0x90, 0x0f, 0x89, 0x49, 0x2d
87};
88
89uint8_t csfhello [] = {
90 0x96, 0x08, 0x10, 0x2a, 0x0f, 0x1c, 0xcc, 0x6d,
91 0xb6, 0x25, 0x0b, 0x7b, 0x7e, 0x41, 0x7b, 0x1a,
92 0x00, 0x0e, 0xaa, 0xda, 0x3d, 0xaa, 0xe4, 0x77,
93 0x7a, 0x76, 0x86, 0xc9, 0xff, 0x83, 0xdf, 0x13
94};
95
96const struct tls13_secret csfhello_hash = {
97 .data = csfhello,
98 .len = 32,
99};
100
101
102/* Expected Values */
103
104uint8_t expected_extracted_early[] = {
105 0x33, 0xad, 0x0a, 0x1c, 0x60, 0x7e, 0xc0, 0x3b,
106 0x09, 0xe6, 0xcd, 0x98, 0x93, 0x68, 0x0c, 0xe2,
107 0x10, 0xad, 0xf3, 0x00, 0xaa, 0x1f, 0x26, 0x60,
108 0xe1, 0xb2, 0x2e, 0x10, 0xf1, 0x70, 0xf9, 0x2a
109};
110uint8_t expected_derived_early[] = {
111 0x6f, 0x26, 0x15, 0xa1, 0x08, 0xc7, 0x02, 0xc5,
112 0x67, 0x8f, 0x54, 0xfc, 0x9d, 0xba, 0xb6, 0x97,
113 0x16, 0xc0, 0x76, 0x18, 0x9c, 0x48, 0x25, 0x0c,
114 0xeb, 0xea, 0xc3, 0x57, 0x6c, 0x36, 0x11, 0xba
115};
116uint8_t expected_extracted_handshake[] = {
117 0x1d, 0xc8, 0x26, 0xe9, 0x36, 0x06, 0xaa, 0x6f,
118 0xdc, 0x0a, 0xad, 0xc1, 0x2f, 0x74, 0x1b, 0x01,
119 0x04, 0x6a, 0xa6, 0xb9, 0x9f, 0x69, 0x1e, 0xd2,
120 0x21, 0xa9, 0xf0, 0xca, 0x04, 0x3f, 0xbe, 0xac
121};
122uint8_t expected_client_handshake_traffic[] = {
123 0xb3, 0xed, 0xdb, 0x12, 0x6e, 0x06, 0x7f, 0x35,
124 0xa7, 0x80, 0xb3, 0xab, 0xf4, 0x5e, 0x2d, 0x8f,
125 0x3b, 0x1a, 0x95, 0x07, 0x38, 0xf5, 0x2e, 0x96,
126 0x00, 0x74, 0x6a, 0x0e, 0x27, 0xa5, 0x5a, 0x21
127};
128
129uint8_t expected_server_handshake_traffic[] = {
130 0xb6, 0x7b, 0x7d, 0x69, 0x0c, 0xc1, 0x6c, 0x4e,
131 0x75, 0xe5, 0x42, 0x13, 0xcb, 0x2d, 0x37, 0xb4,
132 0xe9, 0xc9, 0x12, 0xbc, 0xde, 0xd9, 0x10, 0x5d,
133 0x42, 0xbe, 0xfd, 0x59, 0xd3, 0x91, 0xad, 0x38
134};
135
136uint8_t expected_derived_handshake[] = {
137 0x43, 0xde, 0x77, 0xe0, 0xc7, 0x77, 0x13, 0x85,
138 0x9a, 0x94, 0x4d, 0xb9, 0xdb, 0x25, 0x90, 0xb5,
139 0x31, 0x90, 0xa6, 0x5b, 0x3e, 0xe2, 0xe4, 0xf1,
140 0x2d, 0xd7, 0xa0, 0xbb, 0x7c, 0xe2, 0x54, 0xb4
141};
142
143uint8_t expected_extracted_master[] = {
144 0x18, 0xdf, 0x06, 0x84, 0x3d, 0x13, 0xa0, 0x8b,
145 0xf2, 0xa4, 0x49, 0x84, 0x4c, 0x5f, 0x8a, 0x47,
146 0x80, 0x01, 0xbc, 0x4d, 0x4c, 0x62, 0x79, 0x84,
147 0xd5, 0xa4, 0x1d, 0xa8, 0xd0, 0x40, 0x29, 0x19
148};
149
150uint8_t expected_server_application_traffic[] = {
151 0xa1, 0x1a, 0xf9, 0xf0, 0x55, 0x31, 0xf8, 0x56,
152 0xad, 0x47, 0x11, 0x6b, 0x45, 0xa9, 0x50, 0x32,
153 0x82, 0x04, 0xb4, 0xf4, 0x4b, 0xfb, 0x6b, 0x3a,
154 0x4b, 0x4f, 0x1f, 0x3f, 0xcb, 0x63, 0x16, 0x43
155};
156
157uint8_t expected_server_application_traffic_updated[] = {
158 0x51, 0x92, 0x1b, 0x8a, 0xa3, 0x00, 0x19, 0x76,
159 0xeb, 0x40, 0x1d, 0x0a, 0x43, 0x19, 0xa8, 0x51,
160 0x64, 0x16, 0xa6, 0xc5, 0x60, 0x01, 0xa3, 0x57,
161 0xe5, 0xd1, 0x62, 0x03, 0x1e, 0x84, 0xf9, 0x16,
162};
163
164uint8_t expected_client_application_traffic[] = {
165 0x9e, 0x40, 0x64, 0x6c, 0xe7, 0x9a, 0x7f, 0x9d,
166 0xc0, 0x5a, 0xf8, 0x88, 0x9b, 0xce, 0x65, 0x52,
167 0x87, 0x5a, 0xfa, 0x0b, 0x06, 0xdf, 0x00, 0x87,
168 0xf7, 0x92, 0xeb, 0xb7, 0xc1, 0x75, 0x04, 0xa5,
169};
170
171uint8_t expected_client_application_traffic_updated[] = {
172 0xfc, 0xdf, 0xcc, 0x72, 0x72, 0x5a, 0xae, 0xe4,
173 0x8b, 0xf6, 0x4e, 0x4f, 0xd8, 0xb7, 0x49, 0xcd,
174 0xbd, 0xba, 0xb3, 0x9d, 0x90, 0xda, 0x0b, 0x26,
175 0xe2, 0x24, 0x5c, 0xa6, 0xea, 0x16, 0x72, 0x07,
176};
177
178uint8_t expected_exporter_master[] = {
179 0xfe, 0x22, 0xf8, 0x81, 0x17, 0x6e, 0xda, 0x18,
180 0xeb, 0x8f, 0x44, 0x52, 0x9e, 0x67, 0x92, 0xc5,
181 0x0c, 0x9a, 0x3f, 0x89, 0x45, 0x2f, 0x68, 0xd8,
182 0xae, 0x31, 0x1b, 0x43, 0x09, 0xd3, 0xcf, 0x50
183};
184
185int
186main (int argc, char **argv)
187{
188 struct tls13_secrets *secrets;
189
190 if ((secrets = tls13_secrets_create(EVP_sha256(), 0)) == NULL)
191 errx(1,"failed to create secrets\n");
192
193 secrets->insecure = 1; /* don't explicit_bzero when done */
194
195 if (tls13_derive_handshake_secrets(secrets, ecdhe, 32, &cshello_hash))
196 FAIL("derive_handshake_secrets worked when it shouldn't\n");
197 if (tls13_derive_application_secrets(secrets,
198 &chello_hash))
199 FAIL("derive_application_secrets worked when it shouldn't\n");
200
201 if (!tls13_derive_early_secrets(secrets,
202 secrets->zeros.data, secrets->zeros.len, &chello_hash))
203 FAIL("derive_early_secrets failed\n");
204 if (tls13_derive_early_secrets(secrets,
205 secrets->zeros.data, secrets->zeros.len, &chello_hash))
206 FAIL("derive_early_secrets worked when it shouldn't(2)\n");
207
208 if (!tls13_derive_handshake_secrets(secrets, ecdhe, 32, &cshello_hash))
209 FAIL("derive_handshake_secrets failed\n");
210 if (tls13_derive_handshake_secrets(secrets, ecdhe, 32, &cshello_hash))
211 FAIL("derive_handshake_secrets worked when it shouldn't(2)\n");
212
213 /* XXX fix hash here once test vector sorted */
214 if (!tls13_derive_application_secrets(secrets, &csfhello_hash))
215 FAIL("derive_application_secrets failed\n");
216 if (tls13_derive_application_secrets(secrets, &csfhello_hash))
217 FAIL("derive_application_secrets worked when it "
218 "shouldn't(2)\n");
219
220 fprintf(stderr, "extracted_early:\n");
221 compare_data(secrets->extracted_early.data, 32,
222 expected_extracted_early, 32);
223 if (memcmp(secrets->extracted_early.data,
224 expected_extracted_early, 32) != 0)
225 FAIL("extracted_early does not match\n");
226
227 fprintf(stderr, "derived_early:\n");
228 compare_data(secrets->derived_early.data, 32,
229 expected_derived_early, 32);
230 if (memcmp(secrets->derived_early.data,
231 expected_derived_early, 32) != 0)
232 FAIL("derived_early does not match\n");
233
234 fprintf(stderr, "extracted_handshake:\n");
235 compare_data(secrets->extracted_handshake.data, 32,
236 expected_extracted_handshake, 32);
237 if (memcmp(secrets->extracted_handshake.data,
238 expected_extracted_handshake, 32) != 0)
239 FAIL("extracted_handshake does not match\n");
240
241 fprintf(stderr, "client_handshake_traffic:\n");
242 compare_data(secrets->client_handshake_traffic.data, 32,
243 expected_client_handshake_traffic, 32);
244 if (memcmp(secrets->client_handshake_traffic.data,
245 expected_client_handshake_traffic, 32) != 0)
246 FAIL("client_handshake_traffic does not match\n");
247
248 fprintf(stderr, "server_handshake_traffic:\n");
249 compare_data(secrets->server_handshake_traffic.data, 32,
250 expected_server_handshake_traffic, 32);
251 if (memcmp(secrets->server_handshake_traffic.data,
252 expected_server_handshake_traffic, 32) != 0)
253 FAIL("server_handshake_traffic does not match\n");
254
255 fprintf(stderr, "derived_early:\n");
256 compare_data(secrets->derived_early.data, 32,
257 expected_derived_early, 32);
258 if (memcmp(secrets->derived_early.data,
259 expected_derived_early, 32) != 0)
260 FAIL("derived_early does not match\n");
261
262 fprintf(stderr, "derived_handshake:\n");
263 compare_data(secrets->derived_handshake.data, 32,
264 expected_derived_handshake, 32);
265 if (memcmp(secrets->derived_handshake.data,
266 expected_derived_handshake, 32) != 0)
267 FAIL("derived_handshake does not match\n");
268
269 fprintf(stderr, "extracted_master:\n");
270 compare_data(secrets->extracted_master.data, 32,
271 expected_extracted_master, 32);
272 if (memcmp(secrets->extracted_master.data,
273 expected_extracted_master, 32) != 0)
274 FAIL("extracted_master does not match\n");
275
276 fprintf(stderr, "server_application_traffic:\n");
277 compare_data(secrets->server_application_traffic.data, 32,
278 expected_server_application_traffic, 32);
279 if (memcmp(secrets->server_application_traffic.data,
280 expected_server_application_traffic, 32) != 0)
281 FAIL("server_application_traffic does not match\n");
282
283 fprintf(stderr, "client_application_traffic:\n");
284 compare_data(secrets->client_application_traffic.data, 32,
285 expected_client_application_traffic, 32);
286 if (memcmp(secrets->client_application_traffic.data,
287 expected_client_application_traffic, 32) != 0)
288 FAIL("server_application_traffic does not match\n");
289
290 fprintf(stderr, "exporter_master:\n");
291 compare_data(secrets->exporter_master.data, 32,
292 expected_exporter_master, 32);
293 if (memcmp(secrets->exporter_master.data,
294 expected_exporter_master, 32) != 0)
295 FAIL("exporter_master does not match\n");
296
297 tls13_update_server_traffic_secret(secrets);
298 fprintf(stderr, "server_application_traffic after update:\n");
299 compare_data(secrets->server_application_traffic.data, 32,
300 expected_server_application_traffic_updated, 32);
301 if (memcmp(secrets->server_application_traffic.data,
302 expected_server_application_traffic_updated, 32) != 0)
303 FAIL("server_application_traffic does not match after update\n");
304
305
306 tls13_update_client_traffic_secret(secrets);
307 fprintf(stderr, "client_application_traffic after update:\n");
308 compare_data(secrets->client_application_traffic.data, 32,
309 expected_client_application_traffic_updated, 32);
310 if (memcmp(secrets->client_application_traffic.data,
311 expected_client_application_traffic_updated, 32) != 0)
312 FAIL("client_application_traffic does not match after update\n");
313
314 tls13_secrets_destroy(secrets);
315
316 return failures;
317}
diff --git a/src/regress/lib/libssl/openssl-ruby/Makefile b/src/regress/lib/libssl/openssl-ruby/Makefile
deleted file mode 100644
index ac925b8e0b..0000000000
--- a/src/regress/lib/libssl/openssl-ruby/Makefile
+++ /dev/null
@@ -1,87 +0,0 @@
1# $OpenBSD: Makefile,v 1.10 2023/06/04 11:33:45 tb Exp $
2
3OPENSSL_RUBY_TESTS = /usr/local/share/openssl-ruby-tests
4.if exists(/usr/local/bin/ruby31)
5RUBY_BINREV = 31
6.else
7RUBY_BINREV = 32
8.endif
9RUBY = ruby${RUBY_BINREV}
10
11# We work in a subdirectory of obj/ since extconf.rb generates a Makefile whose
12# name can't be customized in $PWD. An obj/Makefile in turn confuses either make
13# or bsd.*.mk. This hurts when things are in an unexpected state after a signal.
14BUILDDIR = build
15
16.if !exists(${OPENSSL_RUBY_TESTS})
17regress:
18 @echo package openssl-ruby-tests is required for this regress
19 @echo SKIPPED
20.else
21
22REGRESS_TARGETS += openssl-ruby-test
23
24openssl-ruby-test: retest
25
26_BUILDDIR_COOKIE = .builddir
27_BUILD_COOKIE = .build
28_TEST_COOKIE = .test
29
30${_BUILDDIR_COOKIE}:
31 mkdir -p ${BUILDDIR}
32 touch $@
33
34${_BUILD_COOKIE}: ${_BUILDDIR_COOKIE}
35 cd ${BUILDDIR} && \
36 ${RUBY} ${OPENSSL_RUBY_TESTS}/ext/openssl/extconf.rb && \
37 make;
38 touch $@
39
40OPENSSL_RUBY_TESTSRC = ${OPENSSL_RUBY_TESTS}/test/openssl/test_*.rb
41${_TEST_COOKIE}: ${_BUILD_COOKIE} ${_BUILDDIR_COOKIE}
42 cd ${BUILDDIR} && \
43 env SKIP_EXPECTED_FAILURES=true ${RUBY} -I. \
44 -I${OPENSSL_RUBY_TESTS}/test/openssl \
45 -I${OPENSSL_RUBY_TESTS}/lib \
46 -e 'Dir["${OPENSSL_RUBY_TESTSRC}"].each{|f| require f}' \
47 -- --no-use-color --no-show-detail-immediately
48 touch $@
49
50build: ${_BUILD_COOKIE}
51test: ${_TEST_COOKIE}
52
53_MAKE = cd ${.CURDIR} && exec ${.MAKE}
54
55rebuild:
56 rm -f ${_BUILD_COOKIE}
57 ${_MAKE} build
58
59retest:
60 rm -f ${_TEST_COOKIE}
61 ${_MAKE} test
62
63.for _t in test_client_ca
64REGRESS_TARGETS += ${_t}
65REGRESS_EXPECTED_FAILURES += ${_t}
66${_t}: ${_BUILD_COOKIE}
67 cd ${BUILDDIR} && \
68 ${RUBY} -I. -I${OPENSSL_RUBY_TESTS}/test/openssl \
69 -I${OPENSSL_RUBY_TESTS}/lib \
70 ${OPENSSL_RUBY_TESTS}/test/openssl/test_ssl.rb \
71 -n ${_t}
72.endfor
73
74CLEANFILES += ${_BUILD_COOKIE} ${_TEST_COOKIE} ${_BUILDDIR_COOKIE}
75
76. if make(clean) || make(cleandir)
77. if exists(${BUILDDIR})
78.BEGIN:
79 rm -r ${BUILDDIR}
80. endif
81. endif
82
83.PHONY: build rebuild test retest
84
85.endif
86
87.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/pqueue/Makefile b/src/regress/lib/libssl/pqueue/Makefile
deleted file mode 100644
index 48c2cb7e61..0000000000
--- a/src/regress/lib/libssl/pqueue/Makefile
+++ /dev/null
@@ -1,17 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2016/11/04 19:45:12 jsing Exp $
2
3PROG= pq_test
4SRC= ${.CURDIR}/../../../../lib/libssl
5CFLAGS+= -I${SRC}
6
7LDADD= ${SSL_INT} -lcrypto
8DPADD= ${LIBSSL} ${LIBCRYPTO}
9WARNINGS= Yes
10CFLAGS+= -DLIBRESSL_INTERNAL -Werror
11
12REGRESS_TARGETS= regress-pq_test
13
14regress-pq_test: ${PROG}
15 ${.OBJDIR}/pq_test | cmp -s ${.CURDIR}/expected.txt /dev/stdin
16
17.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/pqueue/expected.txt b/src/regress/lib/libssl/pqueue/expected.txt
deleted file mode 100644
index c59d6cd838..0000000000
--- a/src/regress/lib/libssl/pqueue/expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
1item 6966726167696c69
2item 7374696365787069
3item 737570657263616c
diff --git a/src/regress/lib/libssl/pqueue/pq_test.c b/src/regress/lib/libssl/pqueue/pq_test.c
deleted file mode 100644
index a078ba5366..0000000000
--- a/src/regress/lib/libssl/pqueue/pq_test.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* crypto/pqueue/pq_test.c */
2/*
3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
5 */
6/* ====================================================================
7 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * openssl-core@OpenSSL.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include "pqueue.h"
63
64/* remember to change expected.txt if you change these values */
65unsigned char prio1[8] = "supercal";
66unsigned char prio2[8] = "ifragili";
67unsigned char prio3[8] = "sticexpi";
68
69static void
70pqueue_print(pqueue pq)
71{
72 pitem *iter, *item;
73
74 iter = pqueue_iterator(pq);
75 for (item = pqueue_next(&iter); item != NULL;
76 item = pqueue_next(&iter)) {
77 printf("item\t%02x%02x%02x%02x%02x%02x%02x%02x\n",
78 item->priority[0], item->priority[1],
79 item->priority[2], item->priority[3],
80 item->priority[4], item->priority[5],
81 item->priority[6], item->priority[7]);
82 }
83}
84
85int
86main(void)
87{
88 pitem *item;
89 pqueue pq;
90
91 pq = pqueue_new();
92
93 item = pitem_new(prio3, NULL);
94 pqueue_insert(pq, item);
95
96 item = pitem_new(prio1, NULL);
97 pqueue_insert(pq, item);
98
99 item = pitem_new(prio2, NULL);
100 pqueue_insert(pq, item);
101
102 item = pqueue_find(pq, prio1);
103 fprintf(stderr, "found %p\n", item->priority);
104
105 item = pqueue_find(pq, prio2);
106 fprintf(stderr, "found %p\n", item->priority);
107
108 item = pqueue_find(pq, prio3);
109 fprintf(stderr, "found %p\n", item ? item->priority: 0);
110
111 pqueue_print(pq);
112
113 for (item = pqueue_pop(pq); item != NULL; item = pqueue_pop(pq))
114 pitem_free(item);
115
116 pqueue_free(pq);
117 return 0;
118}
diff --git a/src/regress/lib/libssl/quic/Makefile b/src/regress/lib/libssl/quic/Makefile
deleted file mode 100644
index a348b2df47..0000000000
--- a/src/regress/lib/libssl/quic/Makefile
+++ /dev/null
@@ -1,19 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2022/10/02 16:40:56 jsing Exp $
2
3PROG= quictest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6
7WARNINGS= Yes
8CFLAGS+= -DLIBRESSL_INTERNAL -Werror
9
10REGRESS_TARGETS= \
11 regress-quictest
12
13regress-quictest: ${PROG}
14 ./quictest \
15 ${.CURDIR}/../../libssl/certs/server.pem \
16 ${.CURDIR}/../../libssl/certs/server.pem \
17 ${.CURDIR}/../../libssl/certs/ca.pem
18
19.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/quic/quictest.c b/src/regress/lib/libssl/quic/quictest.c
deleted file mode 100644
index cdd4b2387c..0000000000
--- a/src/regress/lib/libssl/quic/quictest.c
+++ /dev/null
@@ -1,339 +0,0 @@
1/* $OpenBSD: quictest.c,v 1.1 2022/08/27 09:16:29 jsing Exp $ */
2/*
3 * Copyright (c) 2020, 2021, 2022 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include <openssl/bio.h>
21#include <openssl/err.h>
22#include <openssl/ssl.h>
23
24const char *server_ca_file;
25const char *server_cert_file;
26const char *server_key_file;
27
28int debug = 0;
29
30static void
31hexdump(const unsigned char *buf, size_t len)
32{
33 size_t i;
34
35 for (i = 1; i <= len; i++)
36 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
37
38 if (len % 8)
39 fprintf(stderr, "\n");
40}
41
42struct quic_data {
43 enum ssl_encryption_level_t rlevel;
44 enum ssl_encryption_level_t wlevel;
45 BIO *rbio;
46 BIO *wbio;
47};
48
49static int
50quic_set_read_secret(SSL *ssl, enum ssl_encryption_level_t level,
51 const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len)
52{
53 struct quic_data *qd = SSL_get_app_data(ssl);
54
55 qd->rlevel = level;
56
57 return 1;
58}
59
60static int
61quic_set_write_secret(SSL *ssl, enum ssl_encryption_level_t level,
62 const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len)
63{
64 struct quic_data *qd = SSL_get_app_data(ssl);
65
66 qd->wlevel = level;
67
68 return 1;
69}
70
71static int
72quic_read_handshake_data(SSL *ssl)
73{
74 struct quic_data *qd = SSL_get_app_data(ssl);
75 uint8_t buf[2048];
76 int ret;
77
78 if ((ret = BIO_read(qd->rbio, buf, sizeof(buf))) > 0) {
79 if (debug > 1) {
80 fprintf(stderr, "== quic_read_handshake_data ==\n");
81 hexdump(buf, ret);
82 }
83 if (!SSL_provide_quic_data(ssl, qd->rlevel, buf, ret))
84 return -1;
85 }
86
87 return 1;
88}
89
90static int
91quic_add_handshake_data(SSL *ssl, enum ssl_encryption_level_t level,
92 const uint8_t *data, size_t len)
93{
94 struct quic_data *qd = SSL_get_app_data(ssl);
95 int ret;
96
97 if (debug > 1) {
98 fprintf(stderr, "== quic_add_handshake_data\n");
99 hexdump(data, len);
100 }
101
102 if ((ret = BIO_write(qd->wbio, data, len)) <= 0)
103 return 0;
104
105 return (size_t)ret == len;
106}
107
108static int
109quic_flush_flight(SSL *ssl)
110{
111 return 1;
112}
113
114static int
115quic_send_alert(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert)
116{
117 return 1;
118}
119
120const SSL_QUIC_METHOD quic_method = {
121 .set_read_secret = quic_set_read_secret,
122 .set_write_secret = quic_set_write_secret,
123 .add_handshake_data = quic_add_handshake_data,
124 .flush_flight = quic_flush_flight,
125 .send_alert = quic_send_alert,
126};
127
128static SSL *
129quic_client(struct quic_data *data)
130{
131 SSL_CTX *ssl_ctx = NULL;
132 SSL *ssl = NULL;
133
134 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
135 errx(1, "client context");
136
137 if (!SSL_CTX_set_quic_method(ssl_ctx, &quic_method)) {
138 fprintf(stderr, "FAIL: Failed to set QUIC method\n");
139 goto failure;
140 }
141
142 if ((ssl = SSL_new(ssl_ctx)) == NULL)
143 errx(1, "client ssl");
144
145 SSL_set_connect_state(ssl);
146 SSL_set_app_data(ssl, data);
147
148 failure:
149 SSL_CTX_free(ssl_ctx);
150
151 return ssl;
152}
153
154static SSL *
155quic_server(struct quic_data *data)
156{
157 SSL_CTX *ssl_ctx = NULL;
158 SSL *ssl = NULL;
159
160 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
161 errx(1, "server context");
162
163 SSL_CTX_set_dh_auto(ssl_ctx, 2);
164
165 if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
166 SSL_FILETYPE_PEM) != 1) {
167 fprintf(stderr, "FAIL: Failed to load server certificate\n");
168 goto failure;
169 }
170 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
171 SSL_FILETYPE_PEM) != 1) {
172 fprintf(stderr, "FAIL: Failed to load server private key\n");
173 goto failure;
174 }
175
176 if (!SSL_CTX_set_quic_method(ssl_ctx, &quic_method)) {
177 fprintf(stderr, "FAIL: Failed to set QUIC method\n");
178 goto failure;
179 }
180
181 if ((ssl = SSL_new(ssl_ctx)) == NULL)
182 errx(1, "server ssl");
183
184 SSL_set_accept_state(ssl);
185 SSL_set_app_data(ssl, data);
186
187 failure:
188 SSL_CTX_free(ssl_ctx);
189
190 return ssl;
191}
192
193static int
194ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret)
195{
196 int ssl_err;
197
198 ssl_err = SSL_get_error(ssl, ssl_ret);
199
200 if (ssl_err == SSL_ERROR_WANT_READ) {
201 if (quic_read_handshake_data(ssl) < 0)
202 return 0;
203 return 1;
204 } else if (ssl_err == SSL_ERROR_WANT_WRITE) {
205 return 1;
206 } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
207 /* Yup, this is apparently a thing... */
208 } else {
209 fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
210 name, desc, ssl_err, errno);
211 ERR_print_errors_fp(stderr);
212 return 0;
213 }
214
215 return 1;
216}
217
218static int
219do_handshake(SSL *ssl, const char *name, int *done)
220{
221 int ssl_ret;
222
223 if ((ssl_ret = SSL_do_handshake(ssl)) == 1) {
224 fprintf(stderr, "INFO: %s handshake done\n", name);
225 *done = 1;
226 return 1;
227 }
228
229 return ssl_error(ssl, name, "handshake", ssl_ret);
230}
231
232typedef int (*ssl_func)(SSL *ssl, const char *name, int *done);
233
234static int
235do_client_server_loop(SSL *client, ssl_func client_func, SSL *server,
236 ssl_func server_func)
237{
238 int client_done = 0, server_done = 0;
239 int i = 0;
240
241 do {
242 if (!client_done) {
243 if (debug)
244 fprintf(stderr, "DEBUG: client loop\n");
245 if (!client_func(client, "client", &client_done))
246 return 0;
247 }
248 if (!server_done) {
249 if (debug)
250 fprintf(stderr, "DEBUG: server loop\n");
251 if (!server_func(server, "server", &server_done))
252 return 0;
253 }
254 } while (i++ < 100 && (!client_done || !server_done));
255
256 if (!client_done || !server_done)
257 fprintf(stderr, "FAIL: gave up\n");
258
259 return client_done && server_done;
260}
261
262static int
263quictest(void)
264{
265 struct quic_data *client_data = NULL, *server_data = NULL;
266 BIO *client_wbio = NULL, *server_wbio = NULL;
267 SSL *client = NULL, *server = NULL;
268 int failed = 1;
269
270 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL)
271 goto failure;
272 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0)
273 goto failure;
274
275 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL)
276 goto failure;
277 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0)
278 goto failure;
279
280 if ((client_data = calloc(1, sizeof(*client_data))) == NULL)
281 goto failure;
282
283 client_data->rbio = server_wbio;
284 client_data->wbio = client_wbio;
285
286 if ((client = quic_client(client_data)) == NULL)
287 goto failure;
288
289 if ((server_data = calloc(1, sizeof(*server_data))) == NULL)
290 goto failure;
291
292 server_data->rbio = client_wbio;
293 server_data->wbio = server_wbio;
294
295 if ((server = quic_server(server_data)) == NULL)
296 goto failure;
297
298 if (!do_client_server_loop(client, do_handshake, server, do_handshake)) {
299 fprintf(stderr, "FAIL: client and server handshake failed\n");
300 ERR_print_errors_fp(stderr);
301 goto failure;
302 }
303
304 fprintf(stderr, "INFO: Done!\n");
305
306 failed = 0;
307
308 failure:
309 BIO_free(client_wbio);
310 BIO_free(server_wbio);
311
312 free(client_data);
313 free(server_data);
314
315 SSL_free(client);
316 SSL_free(server);
317
318 return failed;
319}
320
321int
322main(int argc, char **argv)
323{
324 int failed = 0;
325
326 if (argc != 4) {
327 fprintf(stderr, "usage: %s keyfile certfile cafile\n",
328 argv[0]);
329 exit(1);
330 }
331
332 server_key_file = argv[1];
333 server_cert_file = argv[2];
334 server_ca_file = argv[3];
335
336 failed |= quictest();
337
338 return failed;
339}
diff --git a/src/regress/lib/libssl/record/Makefile b/src/regress/lib/libssl/record/Makefile
deleted file mode 100644
index f0e2bc52a8..0000000000
--- a/src/regress/lib/libssl/record/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2019/01/19 02:57:04 jsing Exp $
2
3PROG= recordtest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/record/recordtest.c b/src/regress/lib/libssl/record/recordtest.c
deleted file mode 100644
index de9bfd6935..0000000000
--- a/src/regress/lib/libssl/record/recordtest.c
+++ /dev/null
@@ -1,555 +0,0 @@
1/* $OpenBSD: recordtest.c,v 1.5 2022/06/10 22:00:15 tb Exp $ */
2/*
3 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <string.h>
20
21#include <openssl/ssl.h>
22
23#include "tls13_internal.h"
24#include "tls13_record.h"
25
26/* Valid record. */
27static uint8_t test_record_1[] = {
28 0x16, 0x03, 0x03, 0x00, 0x7a, 0x02, 0x00, 0x00,
29 0x76, 0x03, 0x03, 0x14, 0xae, 0x2b, 0x6d, 0x58,
30 0xe9, 0x79, 0x9d, 0xd4, 0x90, 0x52, 0x90, 0x13,
31 0x1c, 0x08, 0xaa, 0x3f, 0x5b, 0xfb, 0x64, 0xfe,
32 0x9a, 0xca, 0x73, 0x6d, 0x87, 0x8d, 0x8b, 0x3b,
33 0x70, 0x14, 0xa3, 0x20, 0xd7, 0x50, 0xa4, 0xe5,
34 0x17, 0x42, 0x5d, 0xce, 0xe6, 0xfe, 0x1b, 0x59,
35 0x27, 0x6b, 0xff, 0xc8, 0x40, 0xc7, 0xac, 0x16,
36 0x32, 0xe6, 0x5b, 0xd2, 0xd9, 0xd4, 0xb5, 0x3f,
37 0x8f, 0x74, 0x6e, 0x7d, 0x13, 0x02, 0x00, 0x00,
38 0x2e, 0x00, 0x33, 0x00, 0x24, 0x00, 0x1d, 0x00,
39 0x20, 0x72, 0xb0, 0xaf, 0x7f, 0xf5, 0x89, 0x0f,
40 0xcd, 0x6e, 0x45, 0xb1, 0x51, 0xa0, 0xbd, 0x1e,
41 0xee, 0x7e, 0xf1, 0xa5, 0xc5, 0xc6, 0x7e, 0x5f,
42 0x6a, 0xca, 0xc9, 0xe4, 0xae, 0xb9, 0x50, 0x76,
43 0x0a, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04,
44};
45
46/* Truncated record. */
47static uint8_t test_record_2[] = {
48 0x17, 0x03, 0x03, 0x41, 0x00, 0x02, 0x00, 0x00,
49};
50
51/* Oversized and truncated record. */
52static uint8_t test_record_3[] = {
53 0x17, 0x03, 0x03, 0x41, 0x01, 0x02, 0x00, 0x00,
54};
55
56static void
57hexdump(const unsigned char *buf, size_t len)
58{
59 size_t i;
60
61 for (i = 1; i <= len; i++)
62 fprintf(stderr, " 0x%02x,%s", buf[i - 1], i % 8 ? "" : "\n");
63 if (len % 8 != 0)
64 fprintf(stderr, "\n");
65}
66
67struct rw_state {
68 uint8_t *buf;
69 size_t len;
70 size_t offset;
71 uint8_t eof;
72};
73
74static ssize_t
75read_cb(void *buf, size_t buflen, void *cb_arg)
76{
77 struct rw_state *rs = cb_arg;
78 ssize_t n;
79
80 if (rs->eof)
81 return TLS13_IO_EOF;
82
83 if ((size_t)(n = buflen) > (rs->len - rs->offset))
84 n = rs->len - rs->offset;
85
86 if (n == 0)
87 return TLS13_IO_WANT_POLLIN;
88
89 memcpy(buf, &rs->buf[rs->offset], n);
90 rs->offset += n;
91
92 return n;
93}
94
95static ssize_t
96write_cb(const void *buf, size_t buflen, void *cb_arg)
97{
98 struct rw_state *ws = cb_arg;
99 ssize_t n;
100
101 if (ws->eof)
102 return TLS13_IO_EOF;
103
104 if ((size_t)(n = buflen) > (ws->len - ws->offset))
105 n = ws->len - ws->offset;
106
107 if (n == 0)
108 return TLS13_IO_WANT_POLLOUT;
109
110 memcpy(&ws->buf[ws->offset], buf, n);
111 ws->offset += n;
112
113 return n;
114}
115
116struct record_test {
117 size_t rw_len;
118 int eof;
119 ssize_t want_ret;
120};
121
122struct record_recv_test {
123 uint8_t *read_buf;
124 struct record_test rt[10];
125 uint8_t want_content_type;
126 uint8_t *want_data;
127 size_t want_len;
128};
129
130struct record_recv_test record_recv_tests[] = {
131 {
132 .read_buf = test_record_1,
133 .rt = {
134 {
135 .rw_len = sizeof(test_record_1),
136 .want_ret = sizeof(test_record_1),
137 },
138 },
139 .want_content_type = SSL3_RT_HANDSHAKE,
140 .want_data = test_record_1,
141 .want_len = sizeof(test_record_1),
142 },
143 {
144 .read_buf = test_record_1,
145 .rt = {
146 {
147 .rw_len = 0,
148 .want_ret = TLS13_IO_WANT_POLLIN,
149 },
150 {
151 .rw_len = sizeof(test_record_1),
152 .want_ret = sizeof(test_record_1),
153 },
154 },
155 .want_content_type = SSL3_RT_HANDSHAKE,
156 .want_data = test_record_1,
157 .want_len = sizeof(test_record_1),
158 },
159 {
160 .read_buf = test_record_1,
161 .rt = {
162 {
163 .rw_len = 0,
164 .want_ret = TLS13_IO_WANT_POLLIN,
165 },
166 {
167 .rw_len = 5,
168 .want_ret = TLS13_IO_WANT_POLLIN,
169 },
170 {
171 .rw_len = sizeof(test_record_1),
172 .want_ret = sizeof(test_record_1),
173 },
174 },
175 .want_content_type = SSL3_RT_HANDSHAKE,
176 .want_data = test_record_1,
177 .want_len = sizeof(test_record_1),
178 },
179 {
180 .read_buf = test_record_1,
181 .rt = {
182 {
183 .rw_len = 0,
184 .want_ret = TLS13_IO_WANT_POLLIN,
185 },
186 {
187 .rw_len = 2,
188 .want_ret = TLS13_IO_WANT_POLLIN,
189 },
190 {
191 .rw_len = 6,
192 .want_ret = TLS13_IO_WANT_POLLIN,
193 },
194 {
195 .rw_len = sizeof(test_record_1),
196 .want_ret = sizeof(test_record_1),
197 },
198 },
199 .want_content_type = SSL3_RT_HANDSHAKE,
200 .want_data = test_record_1,
201 .want_len = sizeof(test_record_1),
202 },
203 {
204 .read_buf = test_record_1,
205 .rt = {
206 {
207 .rw_len = 4,
208 .want_ret = TLS13_IO_WANT_POLLIN,
209 },
210 {
211 .eof = 1,
212 .want_ret = TLS13_IO_EOF,
213 },
214 },
215 },
216 {
217 .read_buf = test_record_1,
218 .rt = {
219 {
220 .eof = 1,
221 .want_ret = TLS13_IO_EOF,
222 },
223 },
224 },
225 {
226 .read_buf = test_record_2,
227 .rt = {
228 {
229 .rw_len = sizeof(test_record_2),
230 .want_ret = TLS13_IO_WANT_POLLIN,
231 },
232 {
233 .eof = 1,
234 .want_ret = TLS13_IO_EOF,
235 },
236 },
237 .want_content_type = SSL3_RT_APPLICATION_DATA,
238 },
239 {
240 .read_buf = test_record_3,
241 .rt = {
242 {
243 .rw_len = sizeof(test_record_3),
244 .want_ret = TLS13_IO_RECORD_OVERFLOW,
245 },
246 },
247 },
248};
249
250#define N_RECORD_RECV_TESTS (sizeof(record_recv_tests) / sizeof(record_recv_tests[0]))
251
252struct record_send_test {
253 uint8_t *data;
254 size_t data_len;
255 struct record_test rt[10];
256 uint8_t *want_data;
257 size_t want_len;
258};
259
260struct record_send_test record_send_tests[] = {
261 {
262 .data = test_record_1,
263 .data_len = sizeof(test_record_1),
264 .rt = {
265 {
266 .rw_len = sizeof(test_record_1),
267 .want_ret = sizeof(test_record_1),
268 },
269 },
270 .want_data = test_record_1,
271 .want_len = sizeof(test_record_1),
272 },
273 {
274 .data = test_record_1,
275 .data_len = sizeof(test_record_1),
276 .rt = {
277 {
278 .rw_len = 0,
279 .want_ret = TLS13_IO_WANT_POLLOUT,
280 },
281 {
282 .rw_len = sizeof(test_record_1),
283 .want_ret = sizeof(test_record_1),
284 },
285 },
286 .want_data = test_record_1,
287 .want_len = sizeof(test_record_1),
288 },
289 {
290 .data = test_record_1,
291 .data_len = sizeof(test_record_1),
292 .rt = {
293 {
294 .rw_len = 0,
295 .want_ret = TLS13_IO_WANT_POLLOUT,
296 },
297 {
298 .rw_len = 5,
299 .want_ret = TLS13_IO_WANT_POLLOUT,
300 },
301 {
302 .rw_len = sizeof(test_record_1),
303 .want_ret = sizeof(test_record_1),
304 },
305 },
306 .want_data = test_record_1,
307 .want_len = sizeof(test_record_1),
308 },
309 {
310 .data = test_record_1,
311 .data_len = sizeof(test_record_1),
312 .rt = {
313 {
314 .rw_len = 0,
315 .want_ret = TLS13_IO_WANT_POLLOUT,
316 },
317 {
318 .rw_len = 2,
319 .want_ret = TLS13_IO_WANT_POLLOUT,
320 },
321 {
322 .rw_len = 6,
323 .want_ret = TLS13_IO_WANT_POLLOUT,
324 },
325 {
326 .rw_len = sizeof(test_record_1),
327 .want_ret = sizeof(test_record_1),
328 },
329 },
330 .want_data = test_record_1,
331 .want_len = sizeof(test_record_1),
332 },
333 {
334 .data = test_record_1,
335 .data_len = sizeof(test_record_1),
336 .rt = {
337 {
338 .rw_len = 4,
339 .want_ret = TLS13_IO_WANT_POLLOUT,
340 },
341 {
342 .eof = 1,
343 .want_ret = TLS13_IO_EOF,
344 },
345 },
346 .want_data = test_record_1,
347 .want_len = 4,
348 },
349 {
350 .data = test_record_1,
351 .data_len = sizeof(test_record_1),
352 .rt = {
353 {
354 .rw_len = 0,
355 .want_ret = TLS13_IO_WANT_POLLOUT,
356 },
357 {
358 .eof = 1,
359 .want_ret = TLS13_IO_EOF,
360 },
361 },
362 .want_data = NULL,
363 .want_len = 0,
364 },
365};
366
367#define N_RECORD_SEND_TESTS (sizeof(record_send_tests) / sizeof(record_send_tests[0]))
368
369static int
370test_record_recv(size_t test_no, struct record_recv_test *rrt)
371{
372 struct tls13_record *rec;
373 struct rw_state rs;
374 int failed = 1;
375 ssize_t ret;
376 size_t i;
377 CBS cbs;
378
379 rs.buf = rrt->read_buf;
380 rs.offset = 0;
381
382 if ((rec = tls13_record_new()) == NULL)
383 errx(1, "tls13_record_new");
384
385 for (i = 0; rrt->rt[i].rw_len != 0 || rrt->rt[i].want_ret != 0; i++) {
386 rs.eof = rrt->rt[i].eof;
387 rs.len = rrt->rt[i].rw_len;
388
389 ret = tls13_record_recv(rec, read_cb, &rs);
390 if (ret != rrt->rt[i].want_ret) {
391 fprintf(stderr, "FAIL: Test %zu/%zu - tls_record_recv "
392 "returned %zd, want %zd\n", test_no, i, ret,
393 rrt->rt[i].want_ret);
394 goto failure;
395 }
396 }
397
398 if (tls13_record_content_type(rec) != rrt->want_content_type) {
399 fprintf(stderr, "FAIL: Test %zu - got content type %u, "
400 "want %u\n", test_no, tls13_record_content_type(rec),
401 rrt->want_content_type);
402 goto failure;
403 }
404
405 tls13_record_data(rec, &cbs);
406 if (rrt->want_data == NULL) {
407 if (CBS_data(&cbs) != NULL || CBS_len(&cbs) != 0) {
408 fprintf(stderr, "FAIL: Test %zu - got CBS with data, "
409 "want NULL\n", test_no);
410 goto failure;
411 }
412 goto done;
413 }
414 if (!CBS_mem_equal(&cbs, rrt->want_data, rrt->want_len)) {
415 fprintf(stderr, "FAIL: Test %zu - data mismatch\n", test_no);
416 fprintf(stderr, "Got record data:\n");
417 hexdump(CBS_data(&cbs), CBS_len(&cbs));
418 fprintf(stderr, "Want record data:\n");
419 hexdump(rrt->want_data, rrt->want_len);
420 goto failure;
421 }
422
423 if (!tls13_record_header(rec, &cbs)) {
424 fprintf(stderr, "FAIL: Test %zu - fail to get record "
425 "header", test_no);
426 goto failure;
427 }
428 if (!CBS_mem_equal(&cbs, rrt->want_data, TLS13_RECORD_HEADER_LEN)) {
429 fprintf(stderr, "FAIL: Test %zu - header mismatch\n", test_no);
430 fprintf(stderr, "Got record header:\n");
431 hexdump(CBS_data(&cbs), CBS_len(&cbs));
432 fprintf(stderr, "Want record header:\n");
433 hexdump(rrt->want_data, rrt->want_len);
434 goto failure;
435 }
436
437 if (!tls13_record_content(rec, &cbs)) {
438 fprintf(stderr, "FAIL: Test %zu - fail to get record "
439 "content", test_no);
440 goto failure;
441 }
442 if (!CBS_mem_equal(&cbs, rrt->want_data + TLS13_RECORD_HEADER_LEN,
443 rrt->want_len - TLS13_RECORD_HEADER_LEN)) {
444 fprintf(stderr, "FAIL: Test %zu - content mismatch\n", test_no);
445 fprintf(stderr, "Got record content:\n");
446 hexdump(CBS_data(&cbs), CBS_len(&cbs));
447 fprintf(stderr, "Want record content:\n");
448 hexdump(rrt->want_data, rrt->want_len);
449 goto failure;
450 }
451
452 done:
453 failed = 0;
454
455 failure:
456 tls13_record_free(rec);
457
458 return failed;
459}
460
461static int
462test_record_send(size_t test_no, struct record_send_test *rst)
463{
464 uint8_t *data = NULL;
465 struct tls13_record *rec;
466 struct rw_state ws;
467 int failed = 1;
468 ssize_t ret;
469 size_t i;
470
471 if ((ws.buf = malloc(TLS13_RECORD_MAX_LEN)) == NULL)
472 errx(1, "malloc");
473
474 ws.offset = 0;
475
476 if ((rec = tls13_record_new()) == NULL)
477 errx(1, "tls13_record_new");
478
479 if ((data = malloc(rst->data_len)) == NULL)
480 errx(1, "malloc");
481 memcpy(data, rst->data, rst->data_len);
482
483 if (!tls13_record_set_data(rec, data, rst->data_len)) {
484 fprintf(stderr, "FAIL: Test %zu - failed to set record data\n",
485 test_no);
486 goto failure;
487 }
488 data = NULL;
489
490 for (i = 0; rst->rt[i].rw_len != 0 || rst->rt[i].want_ret != 0; i++) {
491 ws.eof = rst->rt[i].eof;
492 ws.len = rst->rt[i].rw_len;
493
494 ret = tls13_record_send(rec, write_cb, &ws);
495 if (ret != rst->rt[i].want_ret) {
496 fprintf(stderr, "FAIL: Test %zu/%zu - tls_record_send "
497 "returned %zd, want %zd\n", test_no, i, ret,
498 rst->rt[i].want_ret);
499 goto failure;
500 }
501 }
502
503 if (rst->want_data != NULL &&
504 memcmp(ws.buf, rst->want_data, rst->want_len) != 0) {
505 fprintf(stderr, "FAIL: Test %zu - content mismatch\n", test_no);
506 fprintf(stderr, "Got record data:\n");
507 hexdump(rst->data, rst->data_len);
508 fprintf(stderr, "Want record data:\n");
509 hexdump(rst->want_data, rst->want_len);
510 goto failure;
511 }
512
513 failed = 0;
514
515 failure:
516 tls13_record_free(rec);
517 free(ws.buf);
518
519 return failed;
520}
521
522static int
523test_recv_records(void)
524{
525 int failed = 0;
526 size_t i;
527
528 for (i = 0; i < N_RECORD_RECV_TESTS; i++)
529 failed |= test_record_recv(i, &record_recv_tests[i]);
530
531 return failed;
532}
533
534static int
535test_send_records(void)
536{
537 int failed = 0;
538 size_t i;
539
540 for (i = 0; i < N_RECORD_SEND_TESTS; i++)
541 failed |= test_record_send(i, &record_send_tests[i]);
542
543 return failed;
544}
545
546int
547main(int argc, char **argv)
548{
549 int failed = 0;
550
551 failed |= test_recv_records();
552 failed |= test_send_records();
553
554 return failed;
555}
diff --git a/src/regress/lib/libssl/record_layer/Makefile b/src/regress/lib/libssl/record_layer/Makefile
deleted file mode 100644
index 66c48dd769..0000000000
--- a/src/regress/lib/libssl/record_layer/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2020/03/13 16:04:31 jsing Exp $
2
3PROG= record_layer_test
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/record_layer/record_layer_test.c b/src/regress/lib/libssl/record_layer/record_layer_test.c
deleted file mode 100644
index 2db0c10f83..0000000000
--- a/src/regress/lib/libssl/record_layer/record_layer_test.c
+++ /dev/null
@@ -1,306 +0,0 @@
1/* $OpenBSD: record_layer_test.c,v 1.6 2022/11/26 16:08:56 tb Exp $ */
2/*
3 * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <string.h>
20
21#include "ssl_local.h"
22#include "tls13_internal.h"
23#include "tls13_record.h"
24
25int tls12_record_layer_inc_seq_num(struct tls12_record_layer *rl,
26 uint8_t *seq_num);
27int tls13_record_layer_inc_seq_num(uint8_t *seq_num);
28
29static void
30hexdump(const unsigned char *buf, size_t len)
31{
32 size_t i;
33
34 for (i = 1; i <= len; i++)
35 fprintf(stderr, " 0x%02x,%s", buf[i - 1], i % 8 ? "" : "\n");
36 if (len % 8 != 0)
37 fprintf(stderr, "\n");
38}
39
40struct seq_num_test {
41 uint8_t seq_num[TLS13_RECORD_SEQ_NUM_LEN];
42 uint8_t want_num[TLS13_RECORD_SEQ_NUM_LEN];
43 int want;
44};
45
46struct seq_num_test seq_num_dtls_tests[] = {
47 {
48 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
49 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
50 .want = 1,
51 },
52 {
53 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
54 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02},
55 .want = 1,
56 },
57 {
58 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfe},
59 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
60 .want = 1,
61 },
62 {
63 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
64 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00},
65 .want = 1,
66 },
67 {
68 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00},
69 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01},
70 .want = 1,
71 },
72 {
73 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xff},
74 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00},
75 .want = 1,
76 },
77 {
78 .seq_num = {0xab, 0xcd, 0xef, 0x00, 0xfe, 0xff, 0xff, 0xff},
79 .want_num = {0xab, 0xcd, 0xef, 0x00, 0xff, 0x00, 0x00, 0x00},
80 .want = 1,
81 },
82 {
83 .seq_num = {0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
84 .want_num = {0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
85 .want = 0,
86 },
87 {
88 .seq_num = {0x01, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff},
89 .want_num = {0x01, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00},
90 .want = 1,
91 },
92 {
93 .seq_num = {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe},
94 .want_num = {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
95 .want = 1,
96 },
97 {
98 .seq_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
99 .want_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
100 .want = 1,
101 },
102 {
103 .seq_num = {0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
104 .want_num = {0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
105 .want = 0,
106 },
107 {
108 .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe},
109 .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
110 .want = 1,
111 },
112 {
113 .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
114 .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
115 .want = 0,
116 },
117};
118
119#define N_SEQ_NUM_DTLS_TESTS \
120 (sizeof(seq_num_dtls_tests) / sizeof(seq_num_dtls_tests[0]))
121
122struct seq_num_test seq_num_tls_tests[] = {
123 {
124 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
125 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
126 .want = 1,
127 },
128 {
129 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
130 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02},
131 .want = 1,
132 },
133 {
134 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfe},
135 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
136 .want = 1,
137 },
138 {
139 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
140 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00},
141 .want = 1,
142 },
143 {
144 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00},
145 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01},
146 .want = 1,
147 },
148 {
149 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xff},
150 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00},
151 .want = 1,
152 },
153 {
154 .seq_num = {0xab, 0xcd, 0xef, 0x00, 0xfe, 0xff, 0xff, 0xff},
155 .want_num = {0xab, 0xcd, 0xef, 0x00, 0xff, 0x00, 0x00, 0x00},
156 .want = 1,
157 },
158 {
159 .seq_num = {0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
160 .want_num = {0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
161 .want = 1,
162 },
163 {
164 .seq_num = {0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
165 .want_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
166 .want = 1,
167 },
168 {
169 .seq_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
170 .want_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
171 .want = 1,
172 },
173 {
174 .seq_num = {0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
175 .want_num = {0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
176 .want = 1,
177 },
178 {
179 .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe},
180 .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
181 .want = 1,
182 },
183 {
184 .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
185 .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
186 .want = 0,
187 },
188};
189
190#define N_SEQ_NUM_TLS_TESTS \
191 (sizeof(seq_num_tls_tests) / sizeof(seq_num_tls_tests[0]))
192
193#ifndef TLS12_RECORD_SEQ_NUM_LEN
194#define TLS12_RECORD_SEQ_NUM_LEN 8
195#endif
196
197static int
198do_seq_num_test_tls12(size_t test_no, int dtls, struct seq_num_test *snt)
199{
200 uint8_t seq_num[TLS12_RECORD_SEQ_NUM_LEN];
201 struct tls12_record_layer *rl;
202 int failed = 1;
203 int ret;
204
205 if ((rl = tls12_record_layer_new()) == NULL)
206 errx(1, "tls12_record_layer_new");
207
208 if (dtls)
209 tls12_record_layer_set_version(rl, DTLS1_2_VERSION);
210
211 memcpy(seq_num, snt->seq_num, sizeof(seq_num));
212
213 if ((ret = tls12_record_layer_inc_seq_num(rl, seq_num)) != snt->want) {
214 fprintf(stderr, "FAIL: Test %zu - got return %d, want %d\n",
215 test_no, ret, snt->want);
216 goto failure;
217 }
218
219 if (memcmp(seq_num, snt->want_num, sizeof(seq_num)) != 0) {
220 fprintf(stderr, "FAIL: Test %zu - got sequence number:\n",
221 test_no);
222 hexdump(seq_num, sizeof(seq_num));
223 fprintf(stderr, "want:\n");
224 hexdump(snt->want_num, sizeof(snt->want_num));
225 goto failure;
226 }
227
228 failed = 0;
229
230 failure:
231 tls12_record_layer_free(rl);
232
233 return failed;
234}
235
236static int
237test_seq_num_tls12(void)
238{
239 int failed = 0;
240 size_t i;
241
242 fprintf(stderr, "Running TLSv1.2 sequence number tests...\n");
243 for (i = 0; i < N_SEQ_NUM_TLS_TESTS; i++)
244 failed |= do_seq_num_test_tls12(i, 0, &seq_num_tls_tests[i]);
245
246 fprintf(stderr, "Running DTLSv1.2 sequence number tests...\n");
247 for (i = 0; i < N_SEQ_NUM_DTLS_TESTS; i++)
248 failed |= do_seq_num_test_tls12(i, 1, &seq_num_dtls_tests[i]);
249
250 return failed;
251}
252
253static int
254do_seq_num_test_tls13(size_t test_no, struct seq_num_test *snt)
255{
256 uint8_t seq_num[TLS13_RECORD_SEQ_NUM_LEN];
257 int failed = 1;
258 int ret;
259
260 memcpy(seq_num, snt->seq_num, sizeof(seq_num));
261
262 if ((ret = tls13_record_layer_inc_seq_num(seq_num)) != snt->want) {
263 fprintf(stderr, "FAIL: Test %zu - got return %d, want %d\n",
264 test_no, ret, snt->want);
265 goto failure;
266 }
267
268 if (memcmp(seq_num, snt->want_num, sizeof(seq_num)) != 0) {
269 fprintf(stderr, "FAIL: Test %zu - got sequence number:\n",
270 test_no);
271 hexdump(seq_num, sizeof(seq_num));
272 fprintf(stderr, "want:\n");
273 hexdump(snt->want_num, sizeof(snt->want_num));
274 goto failure;
275 }
276
277 failed = 0;
278
279 failure:
280 return failed;
281}
282
283static int
284test_seq_num_tls13(void)
285{
286 int failed = 0;
287 size_t i;
288
289 fprintf(stderr, "Running TLSv1.3 sequence number tests...\n");
290
291 for (i = 0; i < N_SEQ_NUM_TLS_TESTS; i++)
292 failed |= do_seq_num_test_tls13(i, &seq_num_tls_tests[i]);
293
294 return failed;
295}
296
297int
298main(int argc, char **argv)
299{
300 int failed = 0;
301
302 failed |= test_seq_num_tls12();
303 failed |= test_seq_num_tls13();
304
305 return failed;
306}
diff --git a/src/regress/lib/libssl/rust-openssl/Cargo.toml b/src/regress/lib/libssl/rust-openssl/Cargo.toml
deleted file mode 100644
index c33c3475a7..0000000000
--- a/src/regress/lib/libssl/rust-openssl/Cargo.toml
+++ /dev/null
@@ -1,8 +0,0 @@
1[workspace]
2members = [
3 "openssl",
4 "openssl-errors",
5 "openssl-macros",
6 "openssl-sys",
7 "systest",
8]
diff --git a/src/regress/lib/libssl/rust-openssl/Makefile b/src/regress/lib/libssl/rust-openssl/Makefile
deleted file mode 100644
index a243995f20..0000000000
--- a/src/regress/lib/libssl/rust-openssl/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
1# $OpenBSD: Makefile,v 1.4 2022/12/05 14:43:06 tb Exp $
2
3RUST_OPENSSL_TESTS = /usr/local/share/rust-openssl-tests
4CARGO = /usr/local/bin/cargo
5
6.if !exists(${RUST_OPENSSL_TESTS}) || !exists(${CARGO})
7regress:
8 @echo packages rust-openssl-tests and rust are required for this regress
9 @echo SKIPPED
10.else
11
12REGRESS_TARGETS += rust-openssl-test
13
14WORKSPACE_LINKS = openssl openssl-errors openssl-macros openssl-sys systest
15
16_WORKSPACE_COOKIE = .workspace
17
18${_WORKSPACE_COOKIE}:
19. if ${.CURDIR} != ${.OBJDIR}
20 cp ${.CURDIR}/Cargo.toml ${.OBJDIR}/
21. endif
22 mkdir -p .cargo
23 cp ${.CURDIR}/config .cargo/
24 cd ${.OBJDIR} && ln -sf ${WORKSPACE_LINKS:S,^,${RUST_OPENSSL_TESTS}/,} .
25 touch $@
26
27CLEANFILES += Cargo.lock
28
29. if ${.CURDIR} != ${.OBJDIR}
30CLEANFILES += Cargo.toml
31. endif
32
33# Force use of base-clang on sparc64 since the build with base-gcc fails with:
34# error occurred: Command "cc" "-O0" "-ffunction-sections" "-fdata-sections" [...]
35# did not execute successfully (status code exit status: 1).
36. if "${MACHINE_ARCH}" == sparc64
37CARGO_CC=/usr/bin/clang
38. else
39CARGO_CC=cc
40. endif
41
42rust-openssl-test: ${_WORKSPACE_COOKIE}
43 cd ${.OBJDIR} && env CC=${CARGO_CC} \
44 cargo test --offline --color=never -- --color=never
45
46CLEANFILES += ${_WORKSPACE_COOKIE} ${WORKSPACE_LINKS}
47
48. if make(clean) || make(cleandir)
49. if exists(.cargo) || exists(target)
50.BEGIN:
51 rm -rf .cargo
52 rm -rf target
53. endif
54. endif
55
56.endif
57
58.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/rust-openssl/config b/src/regress/lib/libssl/rust-openssl/config
deleted file mode 100644
index a47474744d..0000000000
--- a/src/regress/lib/libssl/rust-openssl/config
+++ /dev/null
@@ -1,6 +0,0 @@
1[net]
2 offline = true
3[source.modcargo]
4 directory = '/usr/local/share/rust-openssl-tests/modcargo-crates'
5[source.crates-io]
6 replace-with = 'modcargo'
diff --git a/src/regress/lib/libssl/server/Makefile b/src/regress/lib/libssl/server/Makefile
deleted file mode 100644
index 0621a5f243..0000000000
--- a/src/regress/lib/libssl/server/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2020/05/11 18:18:21 jsing Exp $
2
3PROG= servertest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9REGRESS_TARGETS= \
10 regress-servertest
11
12regress-servertest: ${PROG}
13 ./servertest \
14 ${.CURDIR}/../../libssl/certs/server.pem \
15 ${.CURDIR}/../../libssl/certs/server.pem \
16 ${.CURDIR}/../../libssl/certs/ca.pem
17
18.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/server/servertest.c b/src/regress/lib/libssl/server/servertest.c
deleted file mode 100644
index d572d14520..0000000000
--- a/src/regress/lib/libssl/server/servertest.c
+++ /dev/null
@@ -1,209 +0,0 @@
1/* $OpenBSD: servertest.c,v 1.9 2023/07/11 11:52:35 tb Exp $ */
2/*
3 * Copyright (c) 2015, 2016, 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include <openssl/err.h>
21#include <openssl/dtls1.h>
22#include <openssl/ssl3.h>
23
24#include <err.h>
25#include <stdio.h>
26#include <string.h>
27
28const SSL_METHOD *tls_legacy_method(void);
29
30char *server_ca_file;
31char *server_cert_file;
32char *server_key_file;
33
34static unsigned char sslv2_client_hello_tls10[] = {
35 0x80, 0x6a, 0x01, 0x03, 0x01, 0x00, 0x51, 0x00,
36 0x00, 0x00, 0x10, 0x00, 0x00, 0x39, 0x00, 0x00,
37 0x38, 0x00, 0x00, 0x35, 0x00, 0x00, 0x16, 0x00,
38 0x00, 0x13, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x33,
39 0x00, 0x00, 0x32, 0x00, 0x00, 0x2f, 0x00, 0x00,
40 0x07, 0x00, 0x00, 0x66, 0x00, 0x00, 0x05, 0x00,
41 0x00, 0x04, 0x00, 0x00, 0x63, 0x00, 0x00, 0x62,
42 0x00, 0x00, 0x61, 0x00, 0x00, 0x15, 0x00, 0x00,
43 0x12, 0x00, 0x00, 0x09, 0x00, 0x00, 0x65, 0x00,
44 0x00, 0x64, 0x00, 0x00, 0x60, 0x00, 0x00, 0x14,
45 0x00, 0x00, 0x11, 0x00, 0x00, 0x08, 0x00, 0x00,
46 0x06, 0x00, 0x00, 0x03, 0xdd, 0xb6, 0x59, 0x26,
47 0x46, 0xe6, 0x79, 0x77, 0xf4, 0xec, 0x42, 0x76,
48 0xc8, 0x73, 0xad, 0x9c,
49};
50
51static unsigned char sslv2_client_hello_tls12[] = {
52 0x80, 0xcb, 0x01, 0x03, 0x03, 0x00, 0xa2, 0x00,
53 0x00, 0x00, 0x20, 0x00, 0x00, 0xa5, 0x00, 0x00,
54 0xa3, 0x00, 0x00, 0xa1, 0x00, 0x00, 0x9f, 0x00,
55 0x00, 0x6b, 0x00, 0x00, 0x6a, 0x00, 0x00, 0x69,
56 0x00, 0x00, 0x68, 0x00, 0x00, 0x39, 0x00, 0x00,
57 0x38, 0x00, 0x00, 0x37, 0x00, 0x00, 0x36, 0x00,
58 0x00, 0x88, 0x00, 0x00, 0x87, 0x00, 0x00, 0x86,
59 0x00, 0x00, 0x85, 0x00, 0x00, 0x9d, 0x00, 0x00,
60 0x3d, 0x00, 0x00, 0x35, 0x00, 0x00, 0x84, 0x00,
61 0x00, 0xa4, 0x00, 0x00, 0xa2, 0x00, 0x00, 0xa0,
62 0x00, 0x00, 0x9e, 0x00, 0x00, 0x67, 0x00, 0x00,
63 0x40, 0x00, 0x00, 0x3f, 0x00, 0x00, 0x3e, 0x00,
64 0x00, 0x33, 0x00, 0x00, 0x32, 0x00, 0x00, 0x31,
65 0x00, 0x00, 0x30, 0x00, 0x00, 0x9a, 0x00, 0x00,
66 0x99, 0x00, 0x00, 0x98, 0x00, 0x00, 0x97, 0x00,
67 0x00, 0x45, 0x00, 0x00, 0x44, 0x00, 0x00, 0x43,
68 0x00, 0x00, 0x42, 0x00, 0x00, 0x9c, 0x00, 0x00,
69 0x3c, 0x00, 0x00, 0x2f, 0x00, 0x00, 0x96, 0x00,
70 0x00, 0x41, 0x00, 0x00, 0x07, 0x00, 0x00, 0x05,
71 0x00, 0x00, 0x04, 0x00, 0x00, 0x16, 0x00, 0x00,
72 0x13, 0x00, 0x00, 0x10, 0x00, 0x00, 0x0d, 0x00,
73 0x00, 0x0a, 0x00, 0x00, 0xff, 0x1d, 0xfd, 0x90,
74 0x03, 0x61, 0x3c, 0x5a, 0x22, 0x83, 0xed, 0x11,
75 0x85, 0xf4, 0xea, 0x36, 0x59, 0xd9, 0x1b, 0x27,
76 0x22, 0x01, 0x14, 0x07, 0x66, 0xb2, 0x24, 0xf5,
77 0x4e, 0x7d, 0x9d, 0x9c, 0x52,
78};
79
80struct server_hello_test {
81 const unsigned char *desc;
82 unsigned char *client_hello;
83 const size_t client_hello_len;
84 const SSL_METHOD *(*ssl_method)(void);
85 const long ssl_clear_options;
86 const long ssl_set_options;
87 int accept_fails;
88};
89
90static struct server_hello_test server_hello_tests[] = {
91 {
92 .desc = "TLSv1.0 in SSLv2 record",
93 .client_hello = sslv2_client_hello_tls10,
94 .client_hello_len = sizeof(sslv2_client_hello_tls10),
95 .ssl_method = tls_legacy_method,
96 .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
97 .ssl_set_options = 0,
98 .accept_fails = 1,
99 },
100 {
101 .desc = "TLSv1.2 in SSLv2 record",
102 .client_hello = sslv2_client_hello_tls12,
103 .client_hello_len = sizeof(sslv2_client_hello_tls12),
104 .ssl_method = tls_legacy_method,
105 .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
106 .ssl_set_options = 0,
107 .accept_fails = 1,
108 },
109};
110
111#define N_SERVER_HELLO_TESTS \
112 (sizeof(server_hello_tests) / sizeof(*server_hello_tests))
113
114static int
115server_hello_test(int testno, struct server_hello_test *sht)
116{
117 BIO *rbio = NULL, *wbio = NULL;
118 SSL_CTX *ssl_ctx = NULL;
119 SSL *ssl = NULL;
120 int ret = 1;
121
122 fprintf(stderr, "Test %d - %s\n", testno, sht->desc);
123
124 if ((rbio = BIO_new_mem_buf(sht->client_hello,
125 sht->client_hello_len)) == NULL) {
126 fprintf(stderr, "Failed to setup rbio\n");
127 goto failure;
128 }
129 if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
130 fprintf(stderr, "Failed to setup wbio\n");
131 goto failure;
132 }
133
134 if ((ssl_ctx = SSL_CTX_new(sht->ssl_method())) == NULL) {
135 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
136 goto failure;
137 }
138
139 if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
140 SSL_FILETYPE_PEM) != 1) {
141 fprintf(stderr, "Failed to load server certificate");
142 goto failure;
143 }
144 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
145 SSL_FILETYPE_PEM) != 1) {
146 fprintf(stderr, "Failed to load server private key");
147 goto failure;
148 }
149
150 SSL_CTX_set_dh_auto(ssl_ctx, 1);
151 SSL_CTX_set_ecdh_auto(ssl_ctx, 1);
152
153 SSL_CTX_clear_options(ssl_ctx, sht->ssl_clear_options);
154 SSL_CTX_set_options(ssl_ctx, sht->ssl_set_options);
155
156 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
157 fprintf(stderr, "SSL_new() returned NULL\n");
158 goto failure;
159 }
160
161 BIO_up_ref(rbio);
162 BIO_up_ref(wbio);
163 SSL_set_bio(ssl, rbio, wbio);
164
165 if (SSL_accept(ssl) != 0) {
166 if (sht->accept_fails)
167 goto done;
168 fprintf(stderr, "SSL_accept() returned non-zero\n");
169 ERR_print_errors_fp(stderr);
170 goto failure;
171 }
172
173 done:
174 ret = 0;
175
176 failure:
177 SSL_CTX_free(ssl_ctx);
178 SSL_free(ssl);
179
180 BIO_free(rbio);
181 BIO_free(wbio);
182
183 return (ret);
184}
185
186int
187main(int argc, char **argv)
188{
189 int failed = 0;
190 size_t i;
191
192 if (argc != 4) {
193 fprintf(stderr, "usage: %s keyfile certfile cafile\n",
194 argv[0]);
195 exit(1);
196 }
197
198 server_key_file = argv[1];
199 server_cert_file = argv[2];
200 server_ca_file = argv[3];
201
202 SSL_library_init();
203 SSL_load_error_strings();
204
205 for (i = 0; i < N_SERVER_HELLO_TESTS; i++)
206 failed |= server_hello_test(i, &server_hello_tests[i]);
207
208 return (failed);
209}
diff --git a/src/regress/lib/libssl/ssl/Makefile b/src/regress/lib/libssl/ssl/Makefile
deleted file mode 100644
index 91abaae85e..0000000000
--- a/src/regress/lib/libssl/ssl/Makefile
+++ /dev/null
@@ -1,17 +0,0 @@
1# $OpenBSD: Makefile,v 1.5 2022/07/07 11:40:17 tb Exp $
2
3PROG= ssltest
4LDADD= -lcrypto -lssl
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10REGRESS_TARGETS=regress-ssltest
11
12regress-ssltest: ${PROG}
13 sh ${.CURDIR}/testssl \
14 ${.CURDIR}/../certs/server1-rsa.pem ${.CURDIR}/../certs/server1-rsa-chain.pem \
15 ${.CURDIR}/../certs/ca-root-rsa.pem
16
17.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/ssl/ssltest.c b/src/regress/lib/libssl/ssl/ssltest.c
deleted file mode 100644
index f3966e5054..0000000000
--- a/src/regress/lib/libssl/ssl/ssltest.c
+++ /dev/null
@@ -1,1528 +0,0 @@
1/* $OpenBSD: ssltest.c,v 1.41 2023/07/04 08:47:01 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#define _BSD_SOURCE 1 /* Or gethostname won't be declared properly
144 on Linux and GNU platforms. */
145#include <sys/types.h>
146#include <sys/socket.h>
147
148#include <netinet/in.h>
149
150#include <assert.h>
151#include <errno.h>
152#include <limits.h>
153#include <netdb.h>
154#include <stdio.h>
155#include <stdlib.h>
156#include <string.h>
157#include <time.h>
158#include <unistd.h>
159
160#include <openssl/opensslconf.h>
161#include <openssl/bio.h>
162#include <openssl/crypto.h>
163#include <openssl/evp.h>
164#include <openssl/x509.h>
165#include <openssl/x509v3.h>
166#include <openssl/ssl.h>
167#ifndef OPENSSL_NO_ENGINE
168#include <openssl/engine.h>
169#endif
170#include <openssl/err.h>
171#include <openssl/rand.h>
172#include <openssl/rsa.h>
173#include <openssl/dsa.h>
174#include <openssl/dh.h>
175#include <openssl/bn.h>
176
177#include "ssl_local.h"
178
179#define TEST_SERVER_CERT "../apps/server.pem"
180#define TEST_CLIENT_CERT "../apps/client.pem"
181
182static int verify_callback(int ok, X509_STORE_CTX *ctx);
183static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
184
185static DH *get_dh1024(void);
186static DH *get_dh1024dsa(void);
187
188static BIO *bio_err = NULL;
189static BIO *bio_stdout = NULL;
190
191static const char *alpn_client;
192static const char *alpn_server;
193static const char *alpn_expected;
194static unsigned char *alpn_selected;
195
196/*
197 * next_protos_parse parses a comma separated list of strings into a string
198 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
199 * outlen: (output) set to the length of the resulting buffer on success.
200 * err: (maybe NULL) on failure, an error message line is written to this BIO.
201 * in: a NUL terminated string like "abc,def,ghi"
202 *
203 * returns: a malloced buffer or NULL on failure.
204 */
205static unsigned char *
206next_protos_parse(unsigned short *outlen, const char *in)
207{
208 size_t i, len, start = 0;
209 unsigned char *out;
210
211 len = strlen(in);
212 if (len >= 65535)
213 return (NULL);
214
215 if ((out = malloc(strlen(in) + 1)) == NULL)
216 return (NULL);
217
218 for (i = 0; i <= len; ++i) {
219 if (i == len || in[i] == ',') {
220 if (i - start > 255) {
221 free(out);
222 return (NULL);
223 }
224 out[start] = i - start;
225 start = i + 1;
226 } else
227 out[i+1] = in[i];
228 }
229 *outlen = len + 1;
230 return (out);
231}
232
233static int
234cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen,
235 const unsigned char *in, unsigned int inlen, void *arg)
236{
237 unsigned char *protos;
238 unsigned short protos_len;
239
240 if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) {
241 fprintf(stderr,
242 "failed to parser ALPN server protocol string: %s\n",
243 alpn_server);
244 abort();
245 }
246
247 if (SSL_select_next_proto((unsigned char **)out, outlen, protos,
248 protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) {
249 free(protos);
250 return (SSL_TLSEXT_ERR_NOACK);
251 }
252
253 /*
254 * Make a copy of the selected protocol which will be freed in
255 * verify_alpn.
256 */
257 free(alpn_selected);
258 if ((alpn_selected = malloc(*outlen)) == NULL) {
259 fprintf(stderr, "malloc failed\n");
260 abort();
261 }
262 memcpy(alpn_selected, *out, *outlen);
263 *out = alpn_selected;
264 free(protos);
265
266 return (SSL_TLSEXT_ERR_OK);
267}
268
269static int
270verify_alpn(SSL *client, SSL *server)
271{
272 const unsigned char *client_proto, *server_proto;
273 unsigned int client_proto_len = 0, server_proto_len = 0;
274
275 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
276 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
277
278 free(alpn_selected);
279 alpn_selected = NULL;
280
281 if (client_proto_len != server_proto_len ||
282 memcmp(client_proto, server_proto, client_proto_len) != 0) {
283 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
284 goto err;
285 }
286
287 if (client_proto_len > 0 && alpn_expected == NULL) {
288 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
289 goto err;
290 }
291
292 if (alpn_expected != NULL &&
293 (client_proto_len != strlen(alpn_expected) ||
294 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
295 BIO_printf(bio_stdout, "ALPN selected protocols not equal to "
296 "expected protocol: %s\n", alpn_expected);
297 goto err;
298 }
299
300 return (0);
301
302err:
303 BIO_printf(bio_stdout, "ALPN results: client: '");
304 BIO_write(bio_stdout, client_proto, client_proto_len);
305 BIO_printf(bio_stdout, "', server: '");
306 BIO_write(bio_stdout, server_proto, server_proto_len);
307 BIO_printf(bio_stdout, "'\n");
308 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
309 alpn_client, alpn_server);
310
311 return (-1);
312}
313
314static char *cipher = NULL;
315static int verbose = 0;
316static int debug = 0;
317
318int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
319 clock_t *c_time);
320int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
321
322static void
323sv_usage(void)
324{
325 fprintf(stderr, "usage: ssltest [args ...]\n");
326 fprintf(stderr, "\n");
327 fprintf(stderr, " -server_auth - check server certificate\n");
328 fprintf(stderr, " -client_auth - do client authentication\n");
329 fprintf(stderr, " -proxy - allow proxy certificates\n");
330 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
331 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n");
332 fprintf(stderr, " -v - more output\n");
333 fprintf(stderr, " -d - debug output\n");
334 fprintf(stderr, " -reuse - use session-id reuse\n");
335 fprintf(stderr, " -num <val> - number of connections to perform\n");
336 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n");
337 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
338 fprintf(stderr, " -no_dhe - disable DHE\n");
339 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
340 fprintf(stderr, " -dtls1_2 - use DTLSv1.2\n");
341 fprintf(stderr, " -tls1 - use TLSv1\n");
342 fprintf(stderr, " -tls1_2 - use TLSv1.2\n");
343 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
344 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
345 fprintf(stderr, " -cert arg - Server certificate file\n");
346 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n");
347 fprintf(stderr, " -c_cert arg - Client certificate file\n");
348 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n");
349 fprintf(stderr, " -cipher arg - The cipher list\n");
350 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
351 fprintf(stderr, " -f - Test even cases that can't work\n");
352 fprintf(stderr, " -time - measure processor time used by client and server\n");
353 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \
354 " Use \"openssl ecparam -list_curves\" for all names\n" \
355 " (default is sect163r2).\n");
356 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
357 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
358 fprintf(stderr, " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
359}
360
361static void
362print_details(SSL *c_ssl, const char *prefix)
363{
364 const SSL_CIPHER *ciph;
365 X509 *cert = NULL;
366 EVP_PKEY *pkey;
367
368 ciph = SSL_get_current_cipher(c_ssl);
369 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
370 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph),
371 SSL_CIPHER_get_name(ciph));
372
373 if ((cert = SSL_get_peer_certificate(c_ssl)) == NULL)
374 goto out;
375 if ((pkey = X509_get0_pubkey(cert)) == NULL)
376 goto out;
377 if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) {
378 RSA *rsa;
379
380 if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL)
381 goto out;
382
383 BIO_printf(bio_stdout, ", %d bit RSA", RSA_bits(rsa));
384 } else if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) {
385 DSA *dsa;
386 const BIGNUM *p;
387
388 if ((dsa = EVP_PKEY_get0_DSA(pkey)) == NULL)
389 goto out;
390
391 DSA_get0_pqg(dsa, &p, NULL, NULL);
392
393 BIO_printf(bio_stdout, ", %d bit DSA", BN_num_bits(p));
394 }
395
396 out:
397 /*
398 * The SSL API does not allow us to look at temporary RSA/DH keys,
399 * otherwise we should print their lengths too
400 */
401 BIO_printf(bio_stdout, "\n");
402
403 X509_free(cert);
404}
405
406int
407main(int argc, char *argv[])
408{
409 char *CApath = NULL, *CAfile = NULL;
410 int badop = 0;
411 int bio_pair = 0;
412 int force = 0;
413 int tls1 = 0, tls1_2 = 0, dtls1_2 = 0, ret = 1;
414 int client_auth = 0;
415 int server_auth = 0, i;
416 char *app_verify_arg = "Test Callback Argument";
417 char *server_cert = TEST_SERVER_CERT;
418 char *server_key = NULL;
419 char *client_cert = TEST_CLIENT_CERT;
420 char *client_key = NULL;
421 char *named_curve = NULL;
422 SSL_CTX *s_ctx = NULL;
423 SSL_CTX *c_ctx = NULL;
424 const SSL_METHOD *meth = NULL;
425 SSL *c_ssl, *s_ssl;
426 int number = 1, reuse = 0;
427 int seclevel = 0;
428 long bytes = 256L;
429 DH *dh;
430 int dhe1024dsa = 0;
431 EC_KEY *ecdh = NULL;
432 int no_dhe = 0;
433 int no_ecdhe = 0;
434 int print_time = 0;
435 clock_t s_time = 0, c_time = 0;
436
437 verbose = 0;
438 debug = 0;
439 cipher = 0;
440
441 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT);
442
443 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT);
444
445 argc--;
446 argv++;
447
448 while (argc >= 1) {
449 if (!strcmp(*argv, "-F")) {
450 fprintf(stderr, "not compiled with FIPS support, so exiting without running.\n");
451 exit(0);
452 } else if (strcmp(*argv, "-server_auth") == 0)
453 server_auth = 1;
454 else if (strcmp(*argv, "-client_auth") == 0)
455 client_auth = 1;
456 else if (strcmp(*argv, "-v") == 0)
457 verbose = 1;
458 else if (strcmp(*argv, "-d") == 0)
459 debug = 1;
460 else if (strcmp(*argv, "-reuse") == 0)
461 reuse = 1;
462 else if (strcmp(*argv, "-dhe1024dsa") == 0) {
463 dhe1024dsa = 1;
464 } else if (strcmp(*argv, "-no_dhe") == 0)
465 no_dhe = 1;
466 else if (strcmp(*argv, "-no_ecdhe") == 0)
467 no_ecdhe = 1;
468 else if (strcmp(*argv, "-dtls1_2") == 0)
469 dtls1_2 = 1;
470 else if (strcmp(*argv, "-tls1") == 0)
471 tls1 = 1;
472 else if (strcmp(*argv, "-tls1_2") == 0)
473 tls1_2 = 1;
474 else if (strncmp(*argv, "-num", 4) == 0) {
475 if (--argc < 1)
476 goto bad;
477 number = atoi(*(++argv));
478 if (number == 0)
479 number = 1;
480 } else if (strncmp(*argv, "-seclevel", 9) == 0) {
481 if (--argc < 1)
482 goto bad;
483 seclevel = atoi(*(++argv));
484 } else if (strcmp(*argv, "-bytes") == 0) {
485 if (--argc < 1)
486 goto bad;
487 bytes = atol(*(++argv));
488 if (bytes == 0L)
489 bytes = 1L;
490 i = strlen(argv[0]);
491 if (argv[0][i - 1] == 'k')
492 bytes*=1024L;
493 if (argv[0][i - 1] == 'm')
494 bytes*=1024L*1024L;
495 } else if (strcmp(*argv, "-cert") == 0) {
496 if (--argc < 1)
497 goto bad;
498 server_cert= *(++argv);
499 } else if (strcmp(*argv, "-s_cert") == 0) {
500 if (--argc < 1)
501 goto bad;
502 server_cert= *(++argv);
503 } else if (strcmp(*argv, "-key") == 0) {
504 if (--argc < 1)
505 goto bad;
506 server_key= *(++argv);
507 } else if (strcmp(*argv, "-s_key") == 0) {
508 if (--argc < 1)
509 goto bad;
510 server_key= *(++argv);
511 } else if (strcmp(*argv, "-c_cert") == 0) {
512 if (--argc < 1)
513 goto bad;
514 client_cert= *(++argv);
515 } else if (strcmp(*argv, "-c_key") == 0) {
516 if (--argc < 1)
517 goto bad;
518 client_key= *(++argv);
519 } else if (strcmp(*argv, "-cipher") == 0) {
520 if (--argc < 1)
521 goto bad;
522 cipher= *(++argv);
523 } else if (strcmp(*argv, "-CApath") == 0) {
524 if (--argc < 1)
525 goto bad;
526 CApath= *(++argv);
527 } else if (strcmp(*argv, "-CAfile") == 0) {
528 if (--argc < 1)
529 goto bad;
530 CAfile= *(++argv);
531 } else if (strcmp(*argv, "-bio_pair") == 0) {
532 bio_pair = 1;
533 } else if (strcmp(*argv, "-f") == 0) {
534 force = 1;
535 } else if (strcmp(*argv, "-time") == 0) {
536 print_time = 1;
537 } else if (strcmp(*argv, "-named_curve") == 0) {
538 if (--argc < 1)
539 goto bad;
540 named_curve = *(++argv);
541 } else if (strcmp(*argv, "-app_verify") == 0) {
542 ;
543 } else if (strcmp(*argv, "-alpn_client") == 0) {
544 if (--argc < 1)
545 goto bad;
546 alpn_client = *(++argv);
547 } else if (strcmp(*argv, "-alpn_server") == 0) {
548 if (--argc < 1)
549 goto bad;
550 alpn_server = *(++argv);
551 } else if (strcmp(*argv, "-alpn_expected") == 0) {
552 if (--argc < 1)
553 goto bad;
554 alpn_expected = *(++argv);
555 } else {
556 fprintf(stderr, "unknown option %s\n", *argv);
557 badop = 1;
558 break;
559 }
560 argc--;
561 argv++;
562 }
563 if (badop) {
564bad:
565 sv_usage();
566 goto end;
567 }
568
569 if (!dtls1_2 && !tls1 && !tls1_2 && number > 1 && !reuse && !force) {
570 fprintf(stderr,
571 "This case cannot work. Use -f to perform "
572 "the test anyway (and\n-d to see what happens), "
573 "or add one of -dtls1, -tls1, -tls1_2, -reuse\n"
574 "to avoid protocol mismatch.\n");
575 exit(1);
576 }
577
578 if (print_time) {
579 if (!bio_pair) {
580 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
581 bio_pair = 1;
582 }
583 if (number < 50 && !force)
584 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
585 }
586
587/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
588
589 SSL_library_init();
590 SSL_load_error_strings();
591
592 if (dtls1_2)
593 meth = DTLSv1_2_method();
594 else if (tls1)
595 meth = TLSv1_method();
596 else if (tls1_2)
597 meth = TLSv1_2_method();
598 else
599 meth = TLS_method();
600
601 c_ctx = SSL_CTX_new(meth);
602 s_ctx = SSL_CTX_new(meth);
603 if ((c_ctx == NULL) || (s_ctx == NULL)) {
604 ERR_print_errors(bio_err);
605 goto end;
606 }
607
608 SSL_CTX_set_security_level(c_ctx, seclevel);
609 SSL_CTX_set_security_level(s_ctx, seclevel);
610
611 if (cipher != NULL) {
612 SSL_CTX_set_cipher_list(c_ctx, cipher);
613 SSL_CTX_set_cipher_list(s_ctx, cipher);
614 }
615
616 if (!no_dhe) {
617 if (dhe1024dsa) {
618 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
619 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
620 dh = get_dh1024dsa();
621 } else
622 dh = get_dh1024();
623 SSL_CTX_set_tmp_dh(s_ctx, dh);
624 DH_free(dh);
625 }
626
627 if (!no_ecdhe) {
628 int nid;
629
630 if (named_curve != NULL) {
631 nid = OBJ_sn2nid(named_curve);
632 if (nid == 0) {
633 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
634 goto end;
635 }
636 } else
637 nid = NID_X9_62_prime256v1;
638
639 ecdh = EC_KEY_new_by_curve_name(nid);
640 if (ecdh == NULL) {
641 BIO_printf(bio_err, "unable to create curve\n");
642 goto end;
643 }
644
645 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
646 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
647 EC_KEY_free(ecdh);
648 }
649
650 if (!SSL_CTX_use_certificate_chain_file(s_ctx, server_cert)) {
651 ERR_print_errors(bio_err);
652 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
653 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) {
654 ERR_print_errors(bio_err);
655 goto end;
656 }
657
658 if (client_auth) {
659 SSL_CTX_use_certificate_chain_file(c_ctx, client_cert);
660 SSL_CTX_use_PrivateKey_file(c_ctx,
661 (client_key ? client_key : client_cert),
662 SSL_FILETYPE_PEM);
663 }
664
665 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
666 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
667 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
668 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
669 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
670 ERR_print_errors(bio_err);
671 /* goto end; */
672 }
673
674 if (client_auth) {
675 BIO_printf(bio_err, "client authentication\n");
676 SSL_CTX_set_verify(s_ctx,
677 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
678 verify_callback);
679 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
680 app_verify_arg);
681 }
682 if (server_auth) {
683 BIO_printf(bio_err, "server authentication\n");
684 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER,
685 verify_callback);
686 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
687 app_verify_arg);
688 }
689
690 {
691 int session_id_context = 0;
692 SSL_CTX_set_session_id_context(s_ctx,
693 (void *)&session_id_context, sizeof(session_id_context));
694 }
695
696 if (alpn_server != NULL)
697 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
698
699 if (alpn_client != NULL) {
700 unsigned short alpn_len;
701 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
702
703 if (alpn == NULL) {
704 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
705 goto end;
706 }
707 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
708 free(alpn);
709 }
710
711 c_ssl = SSL_new(c_ctx);
712 s_ssl = SSL_new(s_ctx);
713
714 for (i = 0; i < number; i++) {
715 if (!reuse)
716 SSL_set_session(c_ssl, NULL);
717 if (bio_pair)
718 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time,
719 &c_time);
720 else
721 ret = doit(s_ssl, c_ssl, bytes);
722 }
723
724 if (!verbose) {
725 print_details(c_ssl, "");
726 }
727 if ((number > 1) || (bytes > 1L))
728 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",
729 number, bytes);
730 if (print_time) {
731#ifdef CLOCKS_PER_SEC
732 /* "To determine the time in seconds, the value returned
733 * by the clock function should be divided by the value
734 * of the macro CLOCKS_PER_SEC."
735 * -- ISO/IEC 9899 */
736 BIO_printf(bio_stdout,
737 "Approximate total server time: %6.2f s\n"
738 "Approximate total client time: %6.2f s\n",
739 (double)s_time/CLOCKS_PER_SEC,
740 (double)c_time/CLOCKS_PER_SEC);
741#else
742 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
743 * -- cc on NeXTstep/OpenStep */
744 BIO_printf(bio_stdout,
745 "Approximate total server time: %6.2f units\n"
746 "Approximate total client time: %6.2f units\n",
747 (double)s_time,
748 (double)c_time);
749#endif
750 }
751
752 SSL_free(s_ssl);
753 SSL_free(c_ssl);
754
755end:
756 SSL_CTX_free(s_ctx);
757 SSL_CTX_free(c_ctx);
758 BIO_free(bio_stdout);
759
760#ifndef OPENSSL_NO_ENGINE
761 ENGINE_cleanup();
762#endif
763 CRYPTO_cleanup_all_ex_data();
764 ERR_free_strings();
765 ERR_remove_thread_state(NULL);
766 EVP_cleanup();
767 CRYPTO_mem_leaks(bio_err);
768 BIO_free(bio_err);
769
770 exit(ret);
771 return ret;
772}
773
774int
775doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time,
776 clock_t *c_time)
777{
778 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
779 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
780 BIO *server = NULL, *server_io = NULL;
781 BIO *client = NULL, *client_io = NULL;
782 int ret = 1;
783
784 size_t bufsiz = 256; /* small buffer for testing */
785
786 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
787 goto err;
788 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
789 goto err;
790
791 s_ssl_bio = BIO_new(BIO_f_ssl());
792 if (!s_ssl_bio)
793 goto err;
794
795 c_ssl_bio = BIO_new(BIO_f_ssl());
796 if (!c_ssl_bio)
797 goto err;
798
799 SSL_set_connect_state(c_ssl);
800 SSL_set_bio(c_ssl, client, client);
801 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
802
803 SSL_set_accept_state(s_ssl);
804 SSL_set_bio(s_ssl, server, server);
805 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
806
807 do {
808 /* c_ssl_bio: SSL filter BIO
809 *
810 * client: pseudo-I/O for SSL library
811 *
812 * client_io: client's SSL communication; usually to be
813 * relayed over some I/O facility, but in this
814 * test program, we're the server, too:
815 *
816 * server_io: server's SSL communication
817 *
818 * server: pseudo-I/O for SSL library
819 *
820 * s_ssl_bio: SSL filter BIO
821 *
822 * The client and the server each employ a "BIO pair":
823 * client + client_io, server + server_io.
824 * BIO pairs are symmetric. A BIO pair behaves similar
825 * to a non-blocking socketpair (but both endpoints must
826 * be handled by the same thread).
827 * [Here we could connect client and server to the ends
828 * of a single BIO pair, but then this code would be less
829 * suitable as an example for BIO pairs in general.]
830 *
831 * Useful functions for querying the state of BIO pair endpoints:
832 *
833 * BIO_ctrl_pending(bio) number of bytes we can read now
834 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
835 * other side's read attempt
836 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
837 *
838 * ..._read_request is never more than ..._write_guarantee;
839 * it depends on the application which one you should use.
840 */
841
842 /* We have non-blocking behaviour throughout this test program, but
843 * can be sure that there is *some* progress in each iteration; so
844 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
845 * -- we just try everything in each iteration
846 */
847
848 {
849 /* CLIENT */
850
851 char cbuf[1024*8];
852 int i, r;
853 clock_t c_clock = clock();
854
855 memset(cbuf, 0, sizeof(cbuf));
856
857 if (debug)
858 if (SSL_in_init(c_ssl))
859 printf("client waiting in SSL_connect - %s\n",
860 SSL_state_string_long(c_ssl));
861
862 if (cw_num > 0) {
863 /* Write to server. */
864
865 if (cw_num > (long)sizeof cbuf)
866 i = sizeof cbuf;
867 else
868 i = (int)cw_num;
869 r = BIO_write(c_ssl_bio, cbuf, i);
870 if (r < 0) {
871 if (!BIO_should_retry(c_ssl_bio)) {
872 fprintf(stderr, "ERROR in CLIENT\n");
873 goto err;
874 }
875 /* BIO_should_retry(...) can just be ignored here.
876 * The library expects us to call BIO_write with
877 * the same arguments again, and that's what we will
878 * do in the next iteration. */
879 } else if (r == 0) {
880 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
881 goto err;
882 } else {
883 if (debug)
884 printf("client wrote %d\n", r);
885 cw_num -= r;
886
887 }
888 }
889
890 if (cr_num > 0) {
891 /* Read from server. */
892
893 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
894 if (r < 0) {
895 if (!BIO_should_retry(c_ssl_bio)) {
896 fprintf(stderr, "ERROR in CLIENT\n");
897 goto err;
898 }
899 /* Again, "BIO_should_retry" can be ignored. */
900 } else if (r == 0) {
901 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
902 goto err;
903 } else {
904 if (debug)
905 printf("client read %d\n", r);
906 cr_num -= r;
907 }
908 }
909
910 /* c_time and s_time increments will typically be very small
911 * (depending on machine speed and clock tick intervals),
912 * but sampling over a large number of connections should
913 * result in fairly accurate figures. We cannot guarantee
914 * a lot, however -- if each connection lasts for exactly
915 * one clock tick, it will be counted only for the client
916 * or only for the server or even not at all.
917 */
918 *c_time += (clock() - c_clock);
919 }
920
921 {
922 /* SERVER */
923
924 char sbuf[1024*8];
925 int i, r;
926 clock_t s_clock = clock();
927
928 memset(sbuf, 0, sizeof(sbuf));
929
930 if (debug)
931 if (SSL_in_init(s_ssl))
932 printf("server waiting in SSL_accept - %s\n",
933 SSL_state_string_long(s_ssl));
934
935 if (sw_num > 0) {
936 /* Write to client. */
937
938 if (sw_num > (long)sizeof sbuf)
939 i = sizeof sbuf;
940 else
941 i = (int)sw_num;
942 r = BIO_write(s_ssl_bio, sbuf, i);
943 if (r < 0) {
944 if (!BIO_should_retry(s_ssl_bio)) {
945 fprintf(stderr, "ERROR in SERVER\n");
946 goto err;
947 }
948 /* Ignore "BIO_should_retry". */
949 } else if (r == 0) {
950 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
951 goto err;
952 } else {
953 if (debug)
954 printf("server wrote %d\n", r);
955 sw_num -= r;
956
957 }
958 }
959
960 if (sr_num > 0) {
961 /* Read from client. */
962
963 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
964 if (r < 0) {
965 if (!BIO_should_retry(s_ssl_bio)) {
966 fprintf(stderr, "ERROR in SERVER\n");
967 goto err;
968 }
969 /* blah, blah */
970 } else if (r == 0) {
971 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
972 goto err;
973 } else {
974 if (debug)
975 printf("server read %d\n", r);
976 sr_num -= r;
977 }
978 }
979
980 *s_time += (clock() - s_clock);
981 }
982
983 {
984 /* "I/O" BETWEEN CLIENT AND SERVER. */
985
986 size_t r1, r2;
987 BIO *io1 = server_io, *io2 = client_io;
988 /* we use the non-copying interface for io1
989 * and the standard BIO_write/BIO_read interface for io2
990 */
991
992 static int prev_progress = 1;
993 int progress = 0;
994
995 /* io1 to io2 */
996 do {
997 size_t num;
998 int r;
999
1000 r1 = BIO_ctrl_pending(io1);
1001 r2 = BIO_ctrl_get_write_guarantee(io2);
1002
1003 num = r1;
1004 if (r2 < num)
1005 num = r2;
1006 if (num) {
1007 char *dataptr;
1008
1009 if (INT_MAX < num) /* yeah, right */
1010 num = INT_MAX;
1011
1012 r = BIO_nread(io1, &dataptr, (int)num);
1013 assert(r > 0);
1014 assert(r <= (int)num);
1015 /* possibly r < num (non-contiguous data) */
1016 num = r;
1017 r = BIO_write(io2, dataptr, (int)num);
1018 if (r != (int)num) /* can't happen */
1019 {
1020 fprintf(stderr, "ERROR: BIO_write could not write "
1021 "BIO_ctrl_get_write_guarantee() bytes");
1022 goto err;
1023 }
1024 progress = 1;
1025
1026 if (debug)
1027 printf((io1 == client_io) ?
1028 "C->S relaying: %d bytes\n" :
1029 "S->C relaying: %d bytes\n",
1030 (int)num);
1031 }
1032 } while (r1 && r2);
1033
1034 /* io2 to io1 */
1035 {
1036 size_t num;
1037 int r;
1038
1039 r1 = BIO_ctrl_pending(io2);
1040 r2 = BIO_ctrl_get_read_request(io1);
1041 /* here we could use ..._get_write_guarantee instead of
1042 * ..._get_read_request, but by using the latter
1043 * we test restartability of the SSL implementation
1044 * more thoroughly */
1045 num = r1;
1046 if (r2 < num)
1047 num = r2;
1048 if (num) {
1049 char *dataptr;
1050
1051 if (INT_MAX < num)
1052 num = INT_MAX;
1053
1054 if (num > 1)
1055 --num; /* test restartability even more thoroughly */
1056
1057 r = BIO_nwrite0(io1, &dataptr);
1058 assert(r > 0);
1059 if (r < (int)num)
1060 num = r;
1061 r = BIO_read(io2, dataptr, (int)num);
1062 if (r != (int)num) /* can't happen */
1063 {
1064 fprintf(stderr, "ERROR: BIO_read could not read "
1065 "BIO_ctrl_pending() bytes");
1066 goto err;
1067 }
1068 progress = 1;
1069 r = BIO_nwrite(io1, &dataptr, (int)num);
1070 if (r != (int)num) /* can't happen */
1071 {
1072 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
1073 "BIO_nwrite0() bytes");
1074 goto err;
1075 }
1076
1077 if (debug)
1078 printf((io2 == client_io) ?
1079 "C->S relaying: %d bytes\n" :
1080 "S->C relaying: %d bytes\n",
1081 (int)num);
1082 }
1083 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
1084
1085 if (!progress && !prev_progress) {
1086 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
1087 fprintf(stderr, "ERROR: got stuck\n");
1088 goto err;
1089 }
1090 }
1091 prev_progress = progress;
1092 }
1093 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
1094
1095 if (verbose)
1096 print_details(c_ssl, "DONE via BIO pair: ");
1097
1098 if (verify_alpn(c_ssl, s_ssl) < 0) {
1099 ret = 1;
1100 goto err;
1101 }
1102
1103 ret = 0;
1104
1105err:
1106 ERR_print_errors(bio_err);
1107
1108 BIO_free(server);
1109 BIO_free(server_io);
1110 BIO_free(client);
1111 BIO_free(client_io);
1112 BIO_free(s_ssl_bio);
1113 BIO_free(c_ssl_bio);
1114
1115 return ret;
1116}
1117
1118
1119#define W_READ 1
1120#define W_WRITE 2
1121#define C_DONE 1
1122#define S_DONE 2
1123
1124int
1125doit(SSL *s_ssl, SSL *c_ssl, long count)
1126{
1127 char cbuf[1024*8], sbuf[1024*8];
1128 long cw_num = count, cr_num = count;
1129 long sw_num = count, sr_num = count;
1130 int ret = 1;
1131 BIO *c_to_s = NULL;
1132 BIO *s_to_c = NULL;
1133 BIO *c_bio = NULL;
1134 BIO *s_bio = NULL;
1135 int c_r, c_w, s_r, s_w;
1136 int i, j;
1137 int done = 0;
1138 int c_write, s_write;
1139 int do_server = 0, do_client = 0;
1140
1141 memset(cbuf, 0, sizeof(cbuf));
1142 memset(sbuf, 0, sizeof(sbuf));
1143
1144 c_to_s = BIO_new(BIO_s_mem());
1145 s_to_c = BIO_new(BIO_s_mem());
1146 if ((s_to_c == NULL) || (c_to_s == NULL)) {
1147 ERR_print_errors(bio_err);
1148 goto err;
1149 }
1150
1151 c_bio = BIO_new(BIO_f_ssl());
1152 s_bio = BIO_new(BIO_f_ssl());
1153 if ((c_bio == NULL) || (s_bio == NULL)) {
1154 ERR_print_errors(bio_err);
1155 goto err;
1156 }
1157
1158 SSL_set_connect_state(c_ssl);
1159 SSL_set_bio(c_ssl, s_to_c, c_to_s);
1160 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
1161
1162 SSL_set_accept_state(s_ssl);
1163 SSL_set_bio(s_ssl, c_to_s, s_to_c);
1164 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
1165
1166 c_r = 0;
1167 s_r = 1;
1168 c_w = 1;
1169 s_w = 0;
1170 c_write = 1, s_write = 0;
1171
1172 /* We can always do writes */
1173 for (;;) {
1174 do_server = 0;
1175 do_client = 0;
1176
1177 i = (int)BIO_pending(s_bio);
1178 if ((i && s_r) || s_w)
1179 do_server = 1;
1180
1181 i = (int)BIO_pending(c_bio);
1182 if ((i && c_r) || c_w)
1183 do_client = 1;
1184
1185 if (do_server && debug) {
1186 if (SSL_in_init(s_ssl))
1187 printf("server waiting in SSL_accept - %s\n",
1188 SSL_state_string_long(s_ssl));
1189 }
1190
1191 if (do_client && debug) {
1192 if (SSL_in_init(c_ssl))
1193 printf("client waiting in SSL_connect - %s\n",
1194 SSL_state_string_long(c_ssl));
1195 }
1196
1197 if (!do_client && !do_server) {
1198 fprintf(stdout, "ERROR in STARTUP\n");
1199 ERR_print_errors(bio_err);
1200 goto err;
1201 }
1202
1203 if (do_client && !(done & C_DONE)) {
1204 if (c_write) {
1205 j = (cw_num > (long)sizeof(cbuf)) ?
1206 (int)sizeof(cbuf) : (int)cw_num;
1207 i = BIO_write(c_bio, cbuf, j);
1208 if (i < 0) {
1209 c_r = 0;
1210 c_w = 0;
1211 if (BIO_should_retry(c_bio)) {
1212 if (BIO_should_read(c_bio))
1213 c_r = 1;
1214 if (BIO_should_write(c_bio))
1215 c_w = 1;
1216 } else {
1217 fprintf(stderr, "ERROR in CLIENT\n");
1218 ERR_print_errors(bio_err);
1219 goto err;
1220 }
1221 } else if (i == 0) {
1222 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1223 goto err;
1224 } else {
1225 if (debug)
1226 printf("client wrote %d\n", i);
1227 /* ok */
1228 s_r = 1;
1229 c_write = 0;
1230 cw_num -= i;
1231 }
1232 } else {
1233 i = BIO_read(c_bio, cbuf, sizeof(cbuf));
1234 if (i < 0) {
1235 c_r = 0;
1236 c_w = 0;
1237 if (BIO_should_retry(c_bio)) {
1238 if (BIO_should_read(c_bio))
1239 c_r = 1;
1240 if (BIO_should_write(c_bio))
1241 c_w = 1;
1242 } else {
1243 fprintf(stderr, "ERROR in CLIENT\n");
1244 ERR_print_errors(bio_err);
1245 goto err;
1246 }
1247 } else if (i == 0) {
1248 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1249 goto err;
1250 } else {
1251 if (debug)
1252 printf("client read %d\n", i);
1253 cr_num -= i;
1254 if (sw_num > 0) {
1255 s_write = 1;
1256 s_w = 1;
1257 }
1258 if (cr_num <= 0) {
1259 s_write = 1;
1260 s_w = 1;
1261 done = S_DONE|C_DONE;
1262 }
1263 }
1264 }
1265 }
1266
1267 if (do_server && !(done & S_DONE)) {
1268 if (!s_write) {
1269 i = BIO_read(s_bio, sbuf, sizeof(cbuf));
1270 if (i < 0) {
1271 s_r = 0;
1272 s_w = 0;
1273 if (BIO_should_retry(s_bio)) {
1274 if (BIO_should_read(s_bio))
1275 s_r = 1;
1276 if (BIO_should_write(s_bio))
1277 s_w = 1;
1278 } else {
1279 fprintf(stderr, "ERROR in SERVER\n");
1280 ERR_print_errors(bio_err);
1281 goto err;
1282 }
1283 } else if (i == 0) {
1284 ERR_print_errors(bio_err);
1285 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n");
1286 goto err;
1287 } else {
1288 if (debug)
1289 printf("server read %d\n", i);
1290 sr_num -= i;
1291 if (cw_num > 0) {
1292 c_write = 1;
1293 c_w = 1;
1294 }
1295 if (sr_num <= 0) {
1296 s_write = 1;
1297 s_w = 1;
1298 c_write = 0;
1299 }
1300 }
1301 } else {
1302 j = (sw_num > (long)sizeof(sbuf)) ?
1303 (int)sizeof(sbuf) : (int)sw_num;
1304 i = BIO_write(s_bio, sbuf, j);
1305 if (i < 0) {
1306 s_r = 0;
1307 s_w = 0;
1308 if (BIO_should_retry(s_bio)) {
1309 if (BIO_should_read(s_bio))
1310 s_r = 1;
1311 if (BIO_should_write(s_bio))
1312 s_w = 1;
1313 } else {
1314 fprintf(stderr, "ERROR in SERVER\n");
1315 ERR_print_errors(bio_err);
1316 goto err;
1317 }
1318 } else if (i == 0) {
1319 ERR_print_errors(bio_err);
1320 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n");
1321 goto err;
1322 } else {
1323 if (debug)
1324 printf("server wrote %d\n", i);
1325 sw_num -= i;
1326 s_write = 0;
1327 c_r = 1;
1328 if (sw_num <= 0)
1329 done |= S_DONE;
1330 }
1331 }
1332 }
1333
1334 if ((done & S_DONE) && (done & C_DONE))
1335 break;
1336 }
1337
1338 if (verbose)
1339 print_details(c_ssl, "DONE: ");
1340
1341 if (verify_alpn(c_ssl, s_ssl) < 0) {
1342 ret = 1;
1343 goto err;
1344 }
1345
1346 ret = 0;
1347err:
1348 /* We have to set the BIO's to NULL otherwise they will be
1349 * free()ed twice. Once when th s_ssl is SSL_free()ed and
1350 * again when c_ssl is SSL_free()ed.
1351 * This is a hack required because s_ssl and c_ssl are sharing the same
1352 * BIO structure and SSL_set_bio() and SSL_free() automatically
1353 * BIO_free non NULL entries.
1354 * You should not normally do this or be required to do this */
1355 if (s_ssl != NULL) {
1356 s_ssl->rbio = NULL;
1357 s_ssl->wbio = NULL;
1358 }
1359 if (c_ssl != NULL) {
1360 c_ssl->rbio = NULL;
1361 c_ssl->wbio = NULL;
1362 }
1363
1364 BIO_free(c_to_s);
1365 BIO_free(s_to_c);
1366 BIO_free_all(c_bio);
1367 BIO_free_all(s_bio);
1368
1369 return (ret);
1370}
1371
1372static int
1373verify_callback(int ok, X509_STORE_CTX *ctx)
1374{
1375 X509 *xs;
1376 char *s, buf[256];
1377 int error, error_depth;
1378
1379 xs = X509_STORE_CTX_get_current_cert(ctx);
1380 s = X509_NAME_oneline(X509_get_subject_name(xs), buf, sizeof buf);
1381 error = X509_STORE_CTX_get_error(ctx);
1382 error_depth = X509_STORE_CTX_get_error_depth(ctx);
1383 if (s != NULL) {
1384 if (ok)
1385 fprintf(stderr, "depth=%d %s\n", error_depth, buf);
1386 else {
1387 fprintf(stderr, "depth=%d error=%d %s\n", error_depth,
1388 error, buf);
1389 }
1390 }
1391
1392 if (ok == 0) {
1393 fprintf(stderr, "Error string: %s\n",
1394 X509_verify_cert_error_string(error));
1395 switch (error) {
1396 case X509_V_ERR_CERT_NOT_YET_VALID:
1397 case X509_V_ERR_CERT_HAS_EXPIRED:
1398 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
1399 fprintf(stderr, " ... ignored.\n");
1400 ok = 1;
1401 }
1402 }
1403
1404 return (ok);
1405}
1406
1407static int
1408app_verify_callback(X509_STORE_CTX *ctx, void *arg)
1409{
1410 X509 *xs;
1411 char *s = NULL, buf[256];
1412 const char *cb_arg = arg;
1413
1414 xs = X509_STORE_CTX_get0_cert(ctx);
1415 fprintf(stderr, "In app_verify_callback, allowing cert. ");
1416 fprintf(stderr, "Arg is: %s\n", cb_arg);
1417 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
1418 (void *)ctx, (void *)xs);
1419 if (xs)
1420 s = X509_NAME_oneline(X509_get_subject_name(xs), buf, 256);
1421 if (s != NULL) {
1422 fprintf(stderr, "cert depth=%d %s\n",
1423 X509_STORE_CTX_get_error_depth(ctx), buf);
1424 }
1425
1426 return 1;
1427}
1428
1429/* These DH parameters have been generated as follows:
1430 * $ openssl dhparam -C -noout 1024
1431 * $ openssl dhparam -C -noout -dsaparam 1024
1432 * (The second function has been renamed to avoid name conflicts.)
1433 */
1434static DH *
1435get_dh1024(void)
1436{
1437 static unsigned char dh1024_p[] = {
1438 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A,
1439 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2,
1440 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0,
1441 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2,
1442 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C,
1443 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8,
1444 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52,
1445 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1,
1446 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1,
1447 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB,
1448 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
1449 };
1450 static unsigned char dh1024_g[] = {
1451 0x02,
1452 };
1453 DH *dh;
1454 BIGNUM *dh_p = NULL, *dh_g = NULL;
1455
1456 if ((dh = DH_new()) == NULL)
1457 return NULL;
1458
1459 dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
1460 dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
1461 if (dh_p == NULL || dh_g == NULL)
1462 goto err;
1463
1464 if (!DH_set0_pqg(dh, dh_p, NULL, dh_g))
1465 goto err;
1466
1467 return dh;
1468
1469 err:
1470 BN_free(dh_p);
1471 BN_free(dh_g);
1472 DH_free(dh);
1473 return NULL;
1474}
1475
1476static DH *
1477get_dh1024dsa(void)
1478{
1479 static unsigned char dh1024_p[] = {
1480 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00,
1481 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19,
1482 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2,
1483 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55,
1484 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC,
1485 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97,
1486 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D,
1487 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB,
1488 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6,
1489 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E,
1490 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
1491 };
1492 static unsigned char dh1024_g[] = {
1493 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05,
1494 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3,
1495 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9,
1496 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C,
1497 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65,
1498 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60,
1499 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6,
1500 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7,
1501 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1,
1502 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60,
1503 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
1504 };
1505 DH *dh;
1506 BIGNUM *dh_p = NULL, *dh_g = NULL;
1507
1508 if ((dh = DH_new()) == NULL)
1509 return NULL;
1510
1511 dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
1512 dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
1513 if (dh_p == NULL || dh_g == NULL)
1514 goto err;
1515
1516 if (!DH_set0_pqg(dh, dh_p, NULL, dh_g))
1517 goto err;
1518
1519 DH_set_length(dh, 160);
1520
1521 return dh;
1522
1523 err:
1524 BN_free(dh_p);
1525 BN_free(dh_g);
1526 DH_free(dh);
1527 return NULL;
1528}
diff --git a/src/regress/lib/libssl/ssl/testssl b/src/regress/lib/libssl/ssl/testssl
deleted file mode 100644
index 70db1752b7..0000000000
--- a/src/regress/lib/libssl/ssl/testssl
+++ /dev/null
@@ -1,162 +0,0 @@
1#!/bin/sh
2
3key="$1"
4cert="$2"
5CA="-CAfile $3"
6ssltest="${4-./ssltest} -key $key -cert $cert -c_key $key -c_cert $cert"
7openssl=${5-openssl}
8extra="$6"
9
10$openssl version || exit 1
11
12if $openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
13 dsa_cert=YES
14else
15 dsa_cert=NO
16fi
17
18#############################################################################
19
20echo test sslv2/sslv3
21$ssltest $extra || exit 1
22
23echo test sslv2/sslv3 with server authentication
24$ssltest -server_auth $CA $extra || exit 1
25
26echo test sslv2/sslv3 with client authentication
27$ssltest -client_auth $CA $extra || exit 1
28
29echo test sslv2/sslv3 with both client and server authentication
30$ssltest -server_auth -client_auth $CA $extra || exit 1
31
32echo test sslv2/sslv3 via BIO pair
33$ssltest $extra || exit 1
34
35if [ $dsa_cert = NO ]; then
36 echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
37 $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
38fi
39
40echo test sslv2/sslv3 with 1024bit DHE via BIO pair
41$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
42
43echo test sslv2/sslv3 with server authentication
44$ssltest -bio_pair -server_auth $CA $extra || exit 1
45
46echo test sslv2/sslv3 with client authentication via BIO pair
47$ssltest -bio_pair -client_auth $CA $extra || exit 1
48
49echo test sslv2/sslv3 with both client and server authentication via BIO pair
50$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
51
52echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
53$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
54
55echo "Testing ciphersuites"
56for protocol in SSLv3 TLSv1.2; do
57 echo "Testing ciphersuites for $protocol"
58 for cipher in `$openssl ciphers -v "$protocol+aRSA" |
59 awk "/ $protocol / { print \\$1 }"`; do
60 echo "Testing $cipher"
61 $ssltest -cipher $cipher -tls1_2
62 if [ $? -ne 0 ] ; then
63 echo "Failed $cipher"
64 exit 1
65 fi
66 done
67done
68for protocol in TLSv1.3; do
69 echo "Testing ciphersuites for $protocol at security level 2"
70 for cipher in `$openssl ciphers -v "$protocol" |
71 awk "/ $protocol / { print \\$1 }"`; do
72 echo "Testing $cipher"
73 $ssltest -cipher $cipher -seclevel 2
74 if [ $? -ne 0 ] ; then
75 echo "Failed $cipher"
76 exit 1
77 fi
78 done
79done
80for protocol in TLSv1.3; do
81 echo "Testing ciphersuites for $protocol at security level 3"
82 for cipher in `$openssl ciphers -v "$protocol" |
83 awk "/ $protocol / { print \\$1 }"`; do
84 echo "Testing $cipher"
85 $ssltest -cipher $cipher -seclevel 3
86 if [ $? -eq 0 ] ; then
87 echo "Failed $cipher should not have succeeded"
88 exit 1
89 fi
90 done
91done
92
93#############################################################################
94
95if $openssl no-dh; then
96 echo skipping anonymous DH tests
97else
98 echo skipping tls1 tests.
99fi
100
101#if $openssl no-rsa; then
102# echo skipping RSA tests
103#else
104# echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
105# ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
106#
107# if $openssl no-dh; then
108# echo skipping RSA+DHE tests
109# else
110# echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
111# ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
112# fi
113#fi
114
115#
116# DTLS tests
117#
118
119$ssltest -dtls1_2 $extra || exit 1
120
121echo test dtlsv1_2 with server authentication
122$ssltest -dtls1_2 -server_auth $CA $extra || exit 1
123
124echo test dtlsv1_2 with client authentication
125$ssltest -dtls1_2 -client_auth $CA $extra || exit 1
126
127echo test dtlsv1_2 with both client and server authentication
128$ssltest -dtls1_2 -server_auth -client_auth $CA $extra || exit 1
129
130echo "Testing DTLS ciphersuites"
131for protocol in SSLv3; do
132 echo "Testing ciphersuites for $protocol"
133 for cipher in `$openssl ciphers -v "RSA+$protocol" |
134 awk "/ $protocol / { print \\$1 }" |
135 grep -v RC4`; do
136 echo "Testing $cipher"
137 $ssltest -cipher $cipher -dtls1_2
138 if [ $? -ne 0 ] ; then
139 echo "Failed $cipher"
140 exit 1
141 fi
142 done
143done
144
145#
146# ALPN tests
147#
148echo "Testing ALPN..."
149$ssltest -bio_pair -alpn_client foo -alpn_server bar || exit 1
150$ssltest -bio_pair -alpn_client foo -alpn_server foo \
151 -alpn_expected foo || exit 1
152$ssltest -bio_pair -alpn_client foo,bar -alpn_server foo \
153 -alpn_expected foo || exit 1
154$ssltest -bio_pair -alpn_client bar,foo -alpn_server foo \
155 -alpn_expected foo || exit 1
156$ssltest -bio_pair -alpn_client bar,foo -alpn_server foo,bar \
157 -alpn_expected foo || exit 1
158$ssltest -bio_pair -alpn_client bar,foo -alpn_server bar,foo \
159 -alpn_expected bar || exit 1
160$ssltest -bio_pair -alpn_client foo,bar -alpn_server bar,foo \
161 -alpn_expected bar || exit 1
162$ssltest -bio_pair -alpn_client baz -alpn_server bar,foo || exit 1
diff --git a/src/regress/lib/libssl/tls/Makefile b/src/regress/lib/libssl/tls/Makefile
deleted file mode 100644
index a22cdcdeb2..0000000000
--- a/src/regress/lib/libssl/tls/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2021/10/23 14:34:10 jsing Exp $
2
3PROG= tlstest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9REGRESS_TARGETS= \
10 regress-tlstest
11
12regress-tlstest: ${PROG}
13 ./tlstest \
14 ${.CURDIR}/../../libssl/certs/server.pem \
15 ${.CURDIR}/../../libssl/certs/server.pem \
16 ${.CURDIR}/../../libssl/certs/ca.pem
17
18.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/tls/tlstest.c b/src/regress/lib/libssl/tls/tlstest.c
deleted file mode 100644
index 8154e7576c..0000000000
--- a/src/regress/lib/libssl/tls/tlstest.c
+++ /dev/null
@@ -1,400 +0,0 @@
1/* $OpenBSD: tlstest.c,v 1.2 2023/07/02 17:21:33 beck Exp $ */
2/*
3 * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include <openssl/bio.h>
21#include <openssl/err.h>
22#include <openssl/ssl.h>
23
24const char *server_ca_file;
25const char *server_cert_file;
26const char *server_key_file;
27
28int debug = 0;
29
30static void
31hexdump(const unsigned char *buf, size_t len)
32{
33 size_t i;
34
35 for (i = 1; i <= len; i++)
36 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
37
38 if (len % 8)
39 fprintf(stderr, "\n");
40}
41
42static SSL *
43tls_client(BIO *rbio, BIO *wbio)
44{
45 SSL_CTX *ssl_ctx = NULL;
46 SSL *ssl = NULL;
47
48 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
49 errx(1, "client context");
50
51 if ((ssl = SSL_new(ssl_ctx)) == NULL)
52 errx(1, "client ssl");
53
54 BIO_up_ref(rbio);
55 BIO_up_ref(wbio);
56
57 SSL_set_bio(ssl, rbio, wbio);
58
59 SSL_CTX_free(ssl_ctx);
60
61 return ssl;
62}
63
64static SSL *
65tls_server(BIO *rbio, BIO *wbio)
66{
67 SSL_CTX *ssl_ctx = NULL;
68 SSL *ssl = NULL;
69
70 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
71 errx(1, "server context");
72
73 SSL_CTX_set_dh_auto(ssl_ctx, 2);
74
75 if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
76 SSL_FILETYPE_PEM) != 1) {
77 fprintf(stderr, "FAIL: Failed to load server certificate");
78 goto failure;
79 }
80 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
81 SSL_FILETYPE_PEM) != 1) {
82 fprintf(stderr, "FAIL: Failed to load server private key");
83 goto failure;
84 }
85
86 if ((ssl = SSL_new(ssl_ctx)) == NULL)
87 errx(1, "server ssl");
88
89 BIO_up_ref(rbio);
90 BIO_up_ref(wbio);
91
92 SSL_set_bio(ssl, rbio, wbio);
93
94 failure:
95 SSL_CTX_free(ssl_ctx);
96
97 return ssl;
98}
99
100static int
101ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret)
102{
103 int ssl_err;
104
105 ssl_err = SSL_get_error(ssl, ssl_ret);
106
107 if (ssl_err == SSL_ERROR_WANT_READ) {
108 return 1;
109 } else if (ssl_err == SSL_ERROR_WANT_WRITE) {
110 return 1;
111 } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
112 /* Yup, this is apparently a thing... */
113 } else {
114 fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
115 name, desc, ssl_err, errno);
116 ERR_print_errors_fp(stderr);
117 return 0;
118 }
119
120 return 1;
121}
122
123static int
124do_connect(SSL *ssl, const char *name, int *done)
125{
126 int ssl_ret;
127
128 if ((ssl_ret = SSL_connect(ssl)) == 1) {
129 fprintf(stderr, "INFO: %s connect done\n", name);
130 *done = 1;
131 return 1;
132 }
133
134 return ssl_error(ssl, name, "connect", ssl_ret);
135}
136
137static int
138do_accept(SSL *ssl, const char *name, int *done)
139{
140 int ssl_ret;
141
142 if ((ssl_ret = SSL_accept(ssl)) == 1) {
143 fprintf(stderr, "INFO: %s accept done\n", name);
144 *done = 1;
145 return 1;
146 }
147
148 return ssl_error(ssl, name, "accept", ssl_ret);
149}
150
151static int
152do_read(SSL *ssl, const char *name, int *done)
153{
154 uint8_t buf[512];
155 int ssl_ret;
156
157 if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) > 0) {
158 fprintf(stderr, "INFO: %s read done\n", name);
159 if (debug > 1)
160 hexdump(buf, ssl_ret);
161 *done = 1;
162 return 1;
163 }
164
165 return ssl_error(ssl, name, "read", ssl_ret);
166}
167
168static int
169do_write(SSL *ssl, const char *name, int *done)
170{
171 const uint8_t buf[] = "Hello, World!\n";
172 int ssl_ret;
173
174 if ((ssl_ret = SSL_write(ssl, buf, sizeof(buf))) > 0) {
175 fprintf(stderr, "INFO: %s write done\n", name);
176 *done = 1;
177 return 1;
178 }
179
180 return ssl_error(ssl, name, "write", ssl_ret);
181}
182
183static int
184do_shutdown(SSL *ssl, const char *name, int *done)
185{
186 int ssl_ret;
187
188 ssl_ret = SSL_shutdown(ssl);
189 if (ssl_ret == 1) {
190 fprintf(stderr, "INFO: %s shutdown done\n", name);
191 *done = 1;
192 return 1;
193 }
194 return ssl_error(ssl, name, "shutdown", ssl_ret);
195}
196
197typedef int (*ssl_func)(SSL *ssl, const char *name, int *done);
198
199static int
200do_client_server_loop(SSL *client, ssl_func client_func, SSL *server,
201 ssl_func server_func)
202{
203 int client_done = 0, server_done = 0;
204 int i = 0;
205
206 do {
207 if (!client_done) {
208 if (debug)
209 fprintf(stderr, "DEBUG: client loop\n");
210 if (!client_func(client, "client", &client_done))
211 return 0;
212 }
213 if (!server_done) {
214 if (debug)
215 fprintf(stderr, "DEBUG: server loop\n");
216 if (!server_func(server, "server", &server_done))
217 return 0;
218 }
219 } while (i++ < 100 && (!client_done || !server_done));
220
221 if (!client_done || !server_done)
222 fprintf(stderr, "FAIL: gave up\n");
223
224 return client_done && server_done;
225}
226
227struct tls_test {
228 const unsigned char *desc;
229 const SSL_METHOD *(*client_method)(void);
230 uint16_t client_min_version;
231 uint16_t client_max_version;
232 const char *client_ciphers;
233 const SSL_METHOD *(*server_method)(void);
234 uint16_t server_min_version;
235 uint16_t server_max_version;
236 const char *server_ciphers;
237};
238
239static const struct tls_test tls_tests[] = {
240 {
241 .desc = "Default client and server",
242 },
243 {
244 .desc = "Default client and TLSv1.2 server",
245 .server_max_version = TLS1_2_VERSION,
246 },
247 {
248 .desc = "Default client and default server with ECDHE KEX",
249 .server_ciphers = "ECDHE-RSA-AES128-SHA",
250 },
251 {
252 .desc = "Default client and TLSv1.2 server with ECDHE KEX",
253 .server_max_version = TLS1_2_VERSION,
254 .server_ciphers = "ECDHE-RSA-AES128-SHA",
255 },
256 {
257 .desc = "Default client and default server with DHE KEX",
258 .server_ciphers = "DHE-RSA-AES128-SHA",
259 },
260 {
261 .desc = "Default client and TLSv1.2 server with DHE KEX",
262 .server_max_version = TLS1_2_VERSION,
263 .server_ciphers = "DHE-RSA-AES128-SHA",
264 },
265 {
266 .desc = "Default client and default server with RSA KEX",
267 .server_ciphers = "AES128-SHA",
268 },
269 {
270 .desc = "Default client and TLSv1.2 server with RSA KEX",
271 .server_max_version = TLS1_2_VERSION,
272 .server_ciphers = "AES128-SHA",
273 },
274 {
275 .desc = "TLSv1.2 client and default server",
276 .client_max_version = TLS1_2_VERSION,
277 },
278 {
279 .desc = "TLSv1.2 client and default server with ECDHE KEX",
280 .client_max_version = TLS1_2_VERSION,
281 .client_ciphers = "ECDHE-RSA-AES128-SHA",
282 },
283 {
284 .desc = "TLSv1.2 client and default server with DHE KEX",
285 .server_max_version = TLS1_2_VERSION,
286 .client_ciphers = "DHE-RSA-AES128-SHA",
287 },
288 {
289 .desc = "TLSv1.2 client and default server with RSA KEX",
290 .client_max_version = TLS1_2_VERSION,
291 .client_ciphers = "AES128-SHA",
292 },
293};
294
295#define N_TLS_TESTS (sizeof(tls_tests) / sizeof(*tls_tests))
296
297static int
298tlstest(const struct tls_test *tt)
299{
300 BIO *client_wbio = NULL, *server_wbio = NULL;
301 SSL *client = NULL, *server = NULL;
302 int failed = 1;
303
304 fprintf(stderr, "\n== Testing %s... ==\n", tt->desc);
305
306 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL)
307 goto failure;
308 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0)
309 goto failure;
310
311 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL)
312 goto failure;
313 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0)
314 goto failure;
315
316 if ((client = tls_client(server_wbio, client_wbio)) == NULL)
317 goto failure;
318 if (tt->client_min_version != 0) {
319 if (!SSL_set_min_proto_version(client, tt->client_min_version))
320 goto failure;
321 }
322 if (tt->client_max_version != 0) {
323 if (!SSL_set_max_proto_version(client, tt->client_max_version))
324 goto failure;
325 }
326 if (tt->client_ciphers != NULL) {
327 if (!SSL_set_cipher_list(client, tt->client_ciphers))
328 goto failure;
329 }
330
331 if ((server = tls_server(client_wbio, server_wbio)) == NULL)
332 goto failure;
333 if (tt->server_min_version != 0) {
334 if (!SSL_set_min_proto_version(server, tt->server_min_version))
335 goto failure;
336 }
337 if (tt->server_max_version != 0) {
338 if (!SSL_set_max_proto_version(server, tt->server_max_version))
339 goto failure;
340 }
341 if (tt->server_ciphers != NULL) {
342 if (!SSL_set_cipher_list(server, tt->server_ciphers))
343 goto failure;
344 }
345
346 if (!do_client_server_loop(client, do_connect, server, do_accept)) {
347 fprintf(stderr, "FAIL: client and server handshake failed\n");
348 goto failure;
349 }
350
351 if (!do_client_server_loop(client, do_write, server, do_read)) {
352 fprintf(stderr, "FAIL: client write and server read I/O failed\n");
353 goto failure;
354 }
355
356 if (!do_client_server_loop(client, do_read, server, do_write)) {
357 fprintf(stderr, "FAIL: client read and server write I/O failed\n");
358 goto failure;
359 }
360
361 if (!do_client_server_loop(client, do_shutdown, server, do_shutdown)) {
362 fprintf(stderr, "FAIL: client and server shutdown failed\n");
363 goto failure;
364 }
365
366 fprintf(stderr, "INFO: Done!\n");
367
368 failed = 0;
369
370 failure:
371 BIO_free(client_wbio);
372 BIO_free(server_wbio);
373
374 SSL_free(client);
375 SSL_free(server);
376
377 return failed;
378}
379
380int
381main(int argc, char **argv)
382{
383 int failed = 0;
384 size_t i;
385
386 if (argc != 4) {
387 fprintf(stderr, "usage: %s keyfile certfile cafile\n",
388 argv[0]);
389 exit(1);
390 }
391
392 server_key_file = argv[1];
393 server_cert_file = argv[2];
394 server_ca_file = argv[3];
395
396 for (i = 0; i < N_TLS_TESTS; i++)
397 failed |= tlstest(&tls_tests[i]);
398
399 return failed;
400}
diff --git a/src/regress/lib/libssl/tlsext/Makefile b/src/regress/lib/libssl/tlsext/Makefile
deleted file mode 100644
index 9ff441697f..0000000000
--- a/src/regress/lib/libssl/tlsext/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2022/06/29 15:06:18 tb Exp $
2
3PROG= tlsexttest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c
deleted file mode 100644
index e4da328c67..0000000000
--- a/src/regress/lib/libssl/tlsext/tlsexttest.c
+++ /dev/null
@@ -1,4613 +0,0 @@
1/* $OpenBSD: tlsexttest.c,v 1.82 2023/07/05 17:30:14 tb Exp $ */
2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
5 * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
6 * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
7 *
8 * Permission to use, copy, modify, and distribute this software for any
9 * purpose with or without fee is hereby granted, provided that the above
10 * copyright notice and this permission notice appear in all copies.
11 *
12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 */
20
21#include <err.h>
22
23#include <openssl/tls1.h>
24
25#include "ssl_local.h"
26
27#include "bytestring.h"
28#include "ssl_tlsext.h"
29
30struct tls_extension_funcs {
31 int (*needs)(SSL *s, uint16_t msg_type);
32 int (*build)(SSL *s, uint16_t msg_type, CBB *cbb);
33 int (*parse)(SSL *s, uint16_t msg_type, CBS *cbs, int *alert);
34};
35
36uint16_t tls_extension_type(const struct tls_extension *);
37const struct tls_extension *tls_extension_find(uint16_t, size_t *);
38const struct tls_extension_funcs *tlsext_funcs(const struct tls_extension *,
39 int);
40int tlsext_linearize_build_order(SSL *);
41
42static int
43tls_extension_funcs(int type, const struct tls_extension_funcs **client_funcs,
44 const struct tls_extension_funcs **server_funcs)
45{
46 const struct tls_extension *ext;
47 size_t idx;
48
49 if ((ext = tls_extension_find(type, &idx)) == NULL)
50 return 0;
51
52 if ((*client_funcs = tlsext_funcs(ext, 0)) == NULL)
53 return 0;
54
55 if ((*server_funcs = tlsext_funcs(ext, 1)) == NULL)
56 return 0;
57
58 return 1;
59}
60
61static void
62hexdump(const unsigned char *buf, size_t len)
63{
64 size_t i;
65
66 for (i = 1; i <= len; i++)
67 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
68
69 fprintf(stderr, "\n");
70}
71
72static void
73hexdump2(const uint16_t *buf, size_t len)
74{
75 size_t i;
76
77 for (i = 1; i <= len / 2; i++)
78 fprintf(stderr, " 0x%04hx,%s", buf[i - 1], i % 8 ? "" : "\n");
79
80 fprintf(stderr, "\n");
81}
82
83static void
84compare_data(const uint8_t *recv, size_t recv_len, const uint8_t *expect,
85 size_t expect_len)
86{
87 fprintf(stderr, "received:\n");
88 hexdump(recv, recv_len);
89
90 fprintf(stderr, "test data:\n");
91 hexdump(expect, expect_len);
92}
93
94static void
95compare_data2(const uint16_t *recv, size_t recv_len, const uint16_t *expect,
96 size_t expect_len)
97{
98 fprintf(stderr, "received:\n");
99 hexdump2(recv, recv_len);
100
101 fprintf(stderr, "test data:\n");
102 hexdump2(expect, expect_len);
103}
104
105#define FAIL(msg, ...) \
106do { \
107 fprintf(stderr, "[%s:%d] FAIL: ", __FILE__, __LINE__); \
108 fprintf(stderr, msg, ##__VA_ARGS__); \
109} while(0)
110
111/*
112 * Supported Application-Layer Protocol Negotiation - RFC 7301
113 *
114 * There are already extensive unit tests for this so this just
115 * tests the state info.
116 */
117
118const uint8_t tlsext_alpn_multiple_protos_val[] = {
119 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
120 0x08, /* len */
121 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
122 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
123 0x09, /* len */
124 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
125};
126
127const uint8_t tlsext_alpn_multiple_protos[] = {
128 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
129 0x00, 0x13, /* len of all names */
130 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
131 0x08, /* len */
132 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
133 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
134 0x09, /* len */
135 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
136};
137
138const uint8_t tlsext_alpn_single_proto_val[] = {
139 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
140 0x08, /* len */
141 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31
142};
143
144const uint8_t tlsext_alpn_single_proto_name[] = {
145 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* 'http/1.1' */
146};
147
148const uint8_t tlsext_alpn_single_proto[] = {
149 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
150 0x00, 0x09, /* len of all names */
151 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
152 0x08, /* len */
153 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31
154};
155
156#define TLSEXT_TYPE_alpn TLSEXT_TYPE_application_layer_protocol_negotiation
157
158static int
159test_tlsext_alpn_client(void)
160{
161 SSL_CTX *ssl_ctx = NULL;
162 SSL *ssl = NULL;
163 const struct tls_extension_funcs *client_funcs;
164 const struct tls_extension_funcs *server_funcs;
165 uint8_t *data = NULL;
166 CBB cbb;
167 CBS cbs;
168 int failure, alert;
169 size_t dlen;
170
171 failure = 1;
172
173 if (!CBB_init(&cbb, 0))
174 errx(1, "Failed to create CBB");
175
176 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
177 errx(1, "failed to create SSL_CTX");
178 if ((ssl = SSL_new(ssl_ctx)) == NULL)
179 errx(1, "failed to create SSL");
180
181 if (!tls_extension_funcs(TLSEXT_TYPE_alpn, &client_funcs, &server_funcs))
182 errx(1, "failed to fetch ALPN funcs");
183
184 /* By default, we don't need this */
185 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
186 FAIL("client should not need ALPN by default\n");
187 goto err;
188 }
189
190 /*
191 * Prereqs:
192 * 1) Set s->alpn_client_proto_list
193 * - Using SSL_set_alpn_protos()
194 * 2) We have not finished or renegotiated.
195 * - s->s3->tmp.finish_md_len == 0
196 */
197 if (SSL_set_alpn_protos(ssl, tlsext_alpn_single_proto_val,
198 sizeof(tlsext_alpn_single_proto_val)) != 0) {
199 FAIL("should be able to set ALPN to http/1.1\n");
200 goto err;
201 }
202 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
203 FAIL("client should need ALPN by default\n");
204 goto err;
205 }
206
207 /* Make sure we can build the client with a single proto. */
208
209 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
210 FAIL("client failed to build ALPN\n");
211 goto err;
212 }
213 if (!CBB_finish(&cbb, &data, &dlen))
214 errx(1, "failed to finish CBB");
215
216 if (dlen != sizeof(tlsext_alpn_single_proto)) {
217 FAIL("got client ALPN with length %zu, "
218 "want length %zu\n", dlen,
219 sizeof(tlsext_alpn_single_proto));
220 compare_data(data, dlen, tlsext_alpn_single_proto,
221 sizeof(tlsext_alpn_single_proto));
222 goto err;
223 }
224 if (memcmp(data, tlsext_alpn_single_proto, dlen) != 0) {
225 FAIL("client ALPN differs:\n");
226 compare_data(data, dlen, tlsext_alpn_single_proto,
227 sizeof(tlsext_alpn_single_proto));
228 goto err;
229 }
230
231 CBB_cleanup(&cbb);
232 if (!CBB_init(&cbb, 0))
233 errx(1, "Failed to create CBB");
234 free(data);
235 data = NULL;
236
237 /* Make sure we can parse the single proto. */
238
239 CBS_init(&cbs, tlsext_alpn_single_proto,
240 sizeof(tlsext_alpn_single_proto));
241 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
242 FAIL("failed to parse ALPN\n");
243 goto err;
244 }
245 if (CBS_len(&cbs) != 0) {
246 FAIL("extension data remaining\n");
247 goto err;
248 }
249
250 if (ssl->alpn_client_proto_list_len !=
251 sizeof(tlsext_alpn_single_proto_val)) {
252 FAIL("got client ALPN with length %zu, "
253 "want length %zu\n", dlen,
254 sizeof(tlsext_alpn_single_proto_val));
255 compare_data(ssl->alpn_client_proto_list,
256 ssl->alpn_client_proto_list_len,
257 tlsext_alpn_single_proto_val,
258 sizeof(tlsext_alpn_single_proto_val));
259 goto err;
260 }
261 if (memcmp(ssl->alpn_client_proto_list,
262 tlsext_alpn_single_proto_val,
263 sizeof(tlsext_alpn_single_proto_val)) != 0) {
264 FAIL("client ALPN differs:\n");
265 compare_data(data, dlen, tlsext_alpn_single_proto_val,
266 sizeof(tlsext_alpn_single_proto_val));
267 goto err;
268 }
269
270 /* Make sure we can build the clienthello with multiple entries. */
271
272 if (SSL_set_alpn_protos(ssl, tlsext_alpn_multiple_protos_val,
273 sizeof(tlsext_alpn_multiple_protos_val)) != 0) {
274 FAIL("should be able to set ALPN to http/1.1\n");
275 goto err;
276 }
277 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
278 FAIL("client should need ALPN by now\n");
279 goto err;
280 }
281
282 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
283 FAIL("client failed to build ALPN\n");
284 goto err;
285 }
286 if (!CBB_finish(&cbb, &data, &dlen))
287 errx(1, "failed to finish CBB");
288
289 if (dlen != sizeof(tlsext_alpn_multiple_protos)) {
290 FAIL("got client ALPN with length %zu, "
291 "want length %zu\n", dlen,
292 sizeof(tlsext_alpn_multiple_protos));
293 compare_data(data, dlen, tlsext_alpn_multiple_protos,
294 sizeof(tlsext_alpn_multiple_protos));
295 goto err;
296 }
297 if (memcmp(data, tlsext_alpn_multiple_protos, dlen) != 0) {
298 FAIL("client ALPN differs:\n");
299 compare_data(data, dlen, tlsext_alpn_multiple_protos,
300 sizeof(tlsext_alpn_multiple_protos));
301 goto err;
302 }
303
304 /* Make sure we can parse multiple protos */
305
306 CBS_init(&cbs, tlsext_alpn_multiple_protos,
307 sizeof(tlsext_alpn_multiple_protos));
308 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
309 FAIL("failed to parse ALPN\n");
310 goto err;
311 }
312 if (CBS_len(&cbs) != 0) {
313 FAIL("extension data remaining\n");
314 goto err;
315 }
316
317 if (ssl->alpn_client_proto_list_len !=
318 sizeof(tlsext_alpn_multiple_protos_val)) {
319 FAIL("got client ALPN with length %zu, "
320 "want length %zu\n", dlen,
321 sizeof(tlsext_alpn_multiple_protos_val));
322 compare_data(ssl->alpn_client_proto_list,
323 ssl->alpn_client_proto_list_len,
324 tlsext_alpn_multiple_protos_val,
325 sizeof(tlsext_alpn_multiple_protos_val));
326 goto err;
327 }
328 if (memcmp(ssl->alpn_client_proto_list,
329 tlsext_alpn_multiple_protos_val,
330 sizeof(tlsext_alpn_multiple_protos_val)) != 0) {
331 FAIL("client ALPN differs:\n");
332 compare_data(data, dlen, tlsext_alpn_multiple_protos_val,
333 sizeof(tlsext_alpn_multiple_protos_val));
334 goto err;
335 }
336
337 /* Make sure we can remove the list and avoid ALPN */
338
339 free(ssl->alpn_client_proto_list);
340 ssl->alpn_client_proto_list = NULL;
341 ssl->alpn_client_proto_list_len = 0;
342
343 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
344 FAIL("client should need ALPN by default\n");
345 goto err;
346 }
347
348 failure = 0;
349
350 err:
351 CBB_cleanup(&cbb);
352 SSL_CTX_free(ssl_ctx);
353 SSL_free(ssl);
354 free(data);
355
356 return (failure);
357}
358
359static int
360test_tlsext_alpn_server(void)
361{
362 SSL_CTX *ssl_ctx = NULL;
363 SSL *ssl = NULL;
364 const struct tls_extension_funcs *client_funcs;
365 const struct tls_extension_funcs *server_funcs;
366 uint8_t *data = NULL;
367 CBB cbb;
368 CBS cbs;
369 int failure, alert;
370 size_t dlen;
371
372 failure = 1;
373
374 if (!CBB_init(&cbb, 0))
375 errx(1, "Failed to create CBB");
376
377 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
378 errx(1, "failed to create SSL_CTX");
379 if ((ssl = SSL_new(ssl_ctx)) == NULL)
380 errx(1, "failed to create SSL");
381
382 if (!tls_extension_funcs(TLSEXT_TYPE_alpn, &client_funcs, &server_funcs))
383 errx(1, "failed to fetch ALPN funcs");
384
385 /* By default, ALPN isn't needed. */
386 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
387 FAIL("server should not need ALPN by default\n");
388 goto err;
389 }
390
391 /*
392 * The server has a single ALPN selection which is set by
393 * SSL_CTX_set_alpn_select_cb() and calls SSL_select_next_proto().
394 *
395 * This will be a plain name and separate length.
396 */
397 if ((ssl->s3->alpn_selected = malloc(sizeof(tlsext_alpn_single_proto_name))) == NULL) {
398 errx(1, "failed to malloc");
399 }
400 memcpy(ssl->s3->alpn_selected, tlsext_alpn_single_proto_name,
401 sizeof(tlsext_alpn_single_proto_name));
402 ssl->s3->alpn_selected_len = sizeof(tlsext_alpn_single_proto_name);
403
404 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
405 FAIL("server should need ALPN after a protocol is selected\n");
406 goto err;
407 }
408
409 /* Make sure we can build a server with one protocol */
410
411 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
412 FAIL("server should be able to build a response\n");
413 goto err;
414 }
415 if (!CBB_finish(&cbb, &data, &dlen))
416 errx(1, "failed to finish CBB");
417
418 if (dlen != sizeof(tlsext_alpn_single_proto)) {
419 FAIL("got client ALPN with length %zu, "
420 "want length %zu\n", dlen,
421 sizeof(tlsext_alpn_single_proto));
422 compare_data(data, dlen, tlsext_alpn_single_proto,
423 sizeof(tlsext_alpn_single_proto));
424 goto err;
425 }
426 if (memcmp(data, tlsext_alpn_single_proto, dlen) != 0) {
427 FAIL("client ALPN differs:\n");
428 compare_data(data, dlen, tlsext_alpn_single_proto,
429 sizeof(tlsext_alpn_single_proto));
430 goto err;
431 }
432
433 CBB_cleanup(&cbb);
434 if (!CBB_init(&cbb, 0))
435 errx(1, "Failed to create CBB");
436 free(data);
437 data = NULL;
438
439 /* Make sure we can parse the single proto. */
440
441 CBS_init(&cbs, tlsext_alpn_single_proto,
442 sizeof(tlsext_alpn_single_proto));
443
444 /* Shouldn't be able to parse without requesting */
445 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
446 FAIL("Should only parse server if we requested it\n");
447 goto err;
448 }
449
450 /* Should be able to parse once requested. */
451 if (SSL_set_alpn_protos(ssl, tlsext_alpn_single_proto_val,
452 sizeof(tlsext_alpn_single_proto_val)) != 0) {
453 FAIL("should be able to set ALPN to http/1.1\n");
454 goto err;
455 }
456 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
457 FAIL("Should be able to parse server when we request it\n");
458 goto err;
459 }
460 if (CBS_len(&cbs) != 0) {
461 FAIL("extension data remaining\n");
462 goto err;
463 }
464
465 if (ssl->s3->alpn_selected_len !=
466 sizeof(tlsext_alpn_single_proto_name)) {
467 FAIL("got server ALPN with length %zu, "
468 "want length %zu\n", dlen,
469 sizeof(tlsext_alpn_single_proto_name));
470 compare_data(ssl->s3->alpn_selected,
471 ssl->s3->alpn_selected_len,
472 tlsext_alpn_single_proto_name,
473 sizeof(tlsext_alpn_single_proto_name));
474 goto err;
475 }
476 if (memcmp(ssl->s3->alpn_selected,
477 tlsext_alpn_single_proto_name,
478 sizeof(tlsext_alpn_single_proto_name)) != 0) {
479 FAIL("server ALPN differs:\n");
480 compare_data(ssl->s3->alpn_selected,
481 ssl->s3->alpn_selected_len,
482 tlsext_alpn_single_proto_name,
483 sizeof(tlsext_alpn_single_proto_name));
484 goto err;
485 }
486
487 /*
488 * We should NOT be able to build a server with multiple
489 * protocol names. However, the existing code did not check for this
490 * case because it is passed in as an encoded value.
491 */
492
493 /* Make sure we can remove the list and avoid ALPN */
494
495 free(ssl->s3->alpn_selected);
496 ssl->s3->alpn_selected = NULL;
497 ssl->s3->alpn_selected_len = 0;
498
499 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
500 FAIL("server should not need ALPN by default\n");
501 goto err;
502 }
503
504 failure = 0;
505
506 err:
507 CBB_cleanup(&cbb);
508 SSL_CTX_free(ssl_ctx);
509 SSL_free(ssl);
510 free(data);
511
512 return (failure);
513
514}
515
516/*
517 * Supported Elliptic Curves - RFC 4492 section 5.1.1.
518 *
519 * This extension is only used by the client.
520 */
521
522static const uint8_t tlsext_supportedgroups_client_default[] = {
523 0x00, 0x08,
524 0x00, 0x1d, /* X25519 (29) */
525 0x00, 0x17, /* secp256r1 (23) */
526 0x00, 0x18, /* secp384r1 (24) */
527 0x00, 0x19, /* secp521r1 (25) */
528};
529
530static const uint16_t tlsext_supportedgroups_client_secp384r1_val[] = {
531 0x0018 /* tls1_ec_nid2group_id(NID_secp384r1) */
532};
533static const uint8_t tlsext_supportedgroups_client_secp384r1[] = {
534 0x00, 0x02,
535 0x00, 0x18 /* secp384r1 (24) */
536};
537
538/* Example from RFC 4492 section 5.1.1 */
539static const uint16_t tlsext_supportedgroups_client_nistp192and224_val[] = {
540 0x0013, /* tls1_ec_nid2group_id(NID_X9_62_prime192v1) */
541 0x0015 /* tls1_ec_nid2group_id(NID_secp224r1) */
542};
543static const uint8_t tlsext_supportedgroups_client_nistp192and224[] = {
544 0x00, 0x04,
545 0x00, 0x13, /* secp192r1 aka NIST P-192 */
546 0x00, 0x15 /* secp224r1 aka NIST P-224 */
547};
548
549static int
550test_tlsext_supportedgroups_client(void)
551{
552 unsigned char *data = NULL;
553 SSL_CTX *ssl_ctx = NULL;
554 SSL *ssl = NULL;
555 const struct tls_extension_funcs *client_funcs;
556 const struct tls_extension_funcs *server_funcs;
557 size_t dlen;
558 int failure, alert;
559 CBB cbb;
560 CBS cbs;
561
562 failure = 1;
563
564 if (!CBB_init(&cbb, 0))
565 errx(1, "failed to create CBB");
566
567 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
568 errx(1, "failed to create SSL_CTX");
569 if ((ssl = SSL_new(ssl_ctx)) == NULL)
570 errx(1, "failed to create SSL");
571
572 if (!tls_extension_funcs(TLSEXT_TYPE_supported_groups, &client_funcs,
573 &server_funcs))
574 errx(1, "failed to fetch supported groups funcs");
575
576 /*
577 * Default ciphers include EC so we need it by default.
578 */
579 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
580 FAIL("client should need Ellipticcurves for default "
581 "ciphers\n");
582 goto err;
583 }
584
585 /*
586 * Exclude cipher suites so we can test not including it.
587 */
588 if (!SSL_set_cipher_list(ssl, "TLSv1.2:!ECDHE:!ECDSA")) {
589 FAIL("client should be able to set cipher list\n");
590 goto err;
591 }
592 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
593 FAIL("client should not need Ellipticcurves\n");
594 goto err;
595 }
596
597 /*
598 * Use libtls default for the rest of the testing
599 */
600 if (!SSL_set_cipher_list(ssl, "TLSv1.2+AEAD+ECDHE")) {
601 FAIL("client should be able to set cipher list\n");
602 goto err;
603 }
604 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
605 FAIL("client should need Ellipticcurves\n");
606 goto err;
607 }
608
609 /*
610 * Test with a session secp384r1. The default is used instead.
611 */
612 if ((ssl->session = SSL_SESSION_new()) == NULL)
613 errx(1, "failed to create session");
614
615 if ((ssl->session->tlsext_supportedgroups = malloc(sizeof(uint16_t)))
616 == NULL) {
617 FAIL("client could not malloc\n");
618 goto err;
619 }
620 if (!tls1_ec_nid2group_id(NID_secp384r1,
621 &ssl->session->tlsext_supportedgroups[0]))
622 goto err;
623 ssl->session->tlsext_supportedgroups_length = 1;
624
625 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
626 FAIL("client should need Ellipticcurves\n");
627 goto err;
628 }
629
630 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
631 FAIL("client failed to build Ellipticcurves\n");
632 goto err;
633 }
634
635 if (!CBB_finish(&cbb, &data, &dlen))
636 errx(1, "failed to finish CBB");
637
638 if (dlen != sizeof(tlsext_supportedgroups_client_default)) {
639 FAIL("got client Ellipticcurves with length %zu, "
640 "want length %zu\n", dlen,
641 sizeof(tlsext_supportedgroups_client_default));
642 compare_data(data, dlen, tlsext_supportedgroups_client_default,
643 sizeof(tlsext_supportedgroups_client_default));
644 goto err;
645 }
646
647 if (memcmp(data, tlsext_supportedgroups_client_default, dlen) != 0) {
648 FAIL("client Ellipticcurves differs:\n");
649 compare_data(data, dlen, tlsext_supportedgroups_client_default,
650 sizeof(tlsext_supportedgroups_client_default));
651 goto err;
652 }
653
654 /*
655 * Test parsing secp384r1
656 */
657 CBB_cleanup(&cbb);
658 if (!CBB_init(&cbb, 0))
659 errx(1, "Failed to create CBB");
660 free(data);
661 data = NULL;
662
663 SSL_SESSION_free(ssl->session);
664 if ((ssl->session = SSL_SESSION_new()) == NULL)
665 errx(1, "failed to create session");
666
667 CBS_init(&cbs, tlsext_supportedgroups_client_secp384r1,
668 sizeof(tlsext_supportedgroups_client_secp384r1));
669 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
670 FAIL("failed to parse client Ellipticcurves\n");
671 goto err;
672 }
673 if (CBS_len(&cbs) != 0) {
674 FAIL("extension data remaining\n");
675 goto err;
676 }
677
678 if (ssl->session->tlsext_supportedgroups_length !=
679 sizeof(tlsext_supportedgroups_client_secp384r1_val) / sizeof(uint16_t)) {
680 FAIL("no tlsext_ellipticcurves from client "
681 "Ellipticcurves\n");
682 goto err;
683 }
684
685 if (memcmp(ssl->session->tlsext_supportedgroups,
686 tlsext_supportedgroups_client_secp384r1_val,
687 sizeof(tlsext_supportedgroups_client_secp384r1_val)) != 0) {
688 FAIL("client had an incorrect Ellipticcurves "
689 "entry\n");
690 compare_data2(ssl->session->tlsext_supportedgroups,
691 ssl->session->tlsext_supportedgroups_length * 2,
692 tlsext_supportedgroups_client_secp384r1_val,
693 sizeof(tlsext_supportedgroups_client_secp384r1_val));
694 goto err;
695 }
696
697 /*
698 * Use a custom order.
699 */
700 CBB_cleanup(&cbb);
701 if (!CBB_init(&cbb, 0))
702 errx(1, "Failed to create CBB");
703
704 SSL_SESSION_free(ssl->session);
705 if ((ssl->session = SSL_SESSION_new()) == NULL)
706 errx(1, "failed to create session");
707
708 if ((ssl->tlsext_supportedgroups = malloc(sizeof(uint16_t) * 2)) == NULL) {
709 FAIL("client could not malloc\n");
710 goto err;
711 }
712 if (!tls1_ec_nid2group_id(NID_X9_62_prime192v1,
713 &ssl->tlsext_supportedgroups[0]))
714 goto err;
715 if (!tls1_ec_nid2group_id(NID_secp224r1,
716 &ssl->tlsext_supportedgroups[1]))
717 goto err;
718 ssl->tlsext_supportedgroups_length = 2;
719
720 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
721 FAIL("client should need Ellipticcurves\n");
722 goto err;
723 }
724
725 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
726 FAIL("client failed to build Ellipticcurves\n");
727 goto err;
728 }
729
730 if (!CBB_finish(&cbb, &data, &dlen))
731 errx(1, "failed to finish CBB");
732
733 if (dlen != sizeof(tlsext_supportedgroups_client_nistp192and224)) {
734 FAIL("got client Ellipticcurves with length %zu, "
735 "want length %zu\n", dlen,
736 sizeof(tlsext_supportedgroups_client_nistp192and224));
737 fprintf(stderr, "received:\n");
738 hexdump(data, dlen);
739 fprintf(stderr, "test data:\n");
740 hexdump(tlsext_supportedgroups_client_nistp192and224,
741 sizeof(tlsext_supportedgroups_client_nistp192and224));
742 goto err;
743 }
744
745 if (memcmp(data, tlsext_supportedgroups_client_nistp192and224, dlen) != 0) {
746 FAIL("client Ellipticcurves differs:\n");
747 fprintf(stderr, "received:\n");
748 hexdump(data, dlen);
749 fprintf(stderr, "test data:\n");
750 hexdump(tlsext_supportedgroups_client_nistp192and224,
751 sizeof(tlsext_supportedgroups_client_nistp192and224));
752 goto err;
753 }
754
755 /*
756 * Parse non-default curves to session.
757 */
758 CBB_cleanup(&cbb);
759 if (!CBB_init(&cbb, 0))
760 errx(1, "Failed to create CBB");
761 free(data);
762 data = NULL;
763
764 SSL_SESSION_free(ssl->session);
765 if ((ssl->session = SSL_SESSION_new()) == NULL)
766 errx(1, "failed to create session");
767
768 /* Reset back to the default list. */
769 free(ssl->tlsext_supportedgroups);
770 ssl->tlsext_supportedgroups = NULL;
771 ssl->tlsext_supportedgroups_length = 0;
772
773 CBS_init(&cbs, tlsext_supportedgroups_client_nistp192and224,
774 sizeof(tlsext_supportedgroups_client_nistp192and224));
775 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
776 FAIL("failed to parse client Ellipticcurves\n");
777 goto err;
778 }
779 if (CBS_len(&cbs) != 0) {
780 FAIL("extension data remaining\n");
781 goto err;
782 }
783
784 if (ssl->session->tlsext_supportedgroups_length !=
785 sizeof(tlsext_supportedgroups_client_nistp192and224_val) / sizeof(uint16_t)) {
786 FAIL("no tlsext_ellipticcurves from client Ellipticcurves\n");
787 goto err;
788 }
789
790 if (memcmp(ssl->session->tlsext_supportedgroups,
791 tlsext_supportedgroups_client_nistp192and224_val,
792 sizeof(tlsext_supportedgroups_client_nistp192and224_val)) != 0) {
793 FAIL("client had an incorrect Ellipticcurves entry\n");
794 compare_data2(ssl->session->tlsext_supportedgroups,
795 ssl->session->tlsext_supportedgroups_length * 2,
796 tlsext_supportedgroups_client_nistp192and224_val,
797 sizeof(tlsext_supportedgroups_client_nistp192and224_val));
798 goto err;
799 }
800
801 failure = 0;
802
803 err:
804 CBB_cleanup(&cbb);
805 SSL_CTX_free(ssl_ctx);
806 SSL_free(ssl);
807 free(data);
808
809 return (failure);
810}
811
812
813/* elliptic_curves is only used by the client so this doesn't test much. */
814static int
815test_tlsext_supportedgroups_server(void)
816{
817 SSL_CTX *ssl_ctx = NULL;
818 SSL *ssl = NULL;
819 const struct tls_extension_funcs *client_funcs;
820 const struct tls_extension_funcs *server_funcs;
821 int failure;
822
823 failure = 1;
824
825 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
826 errx(1, "failed to create SSL_CTX");
827 if ((ssl = SSL_new(ssl_ctx)) == NULL)
828 errx(1, "failed to create SSL");
829
830 if (!tls_extension_funcs(TLSEXT_TYPE_supported_groups, &client_funcs,
831 &server_funcs))
832 errx(1, "failed to fetch supported groups funcs");
833
834 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
835 FAIL("server should not need elliptic_curves\n");
836 goto err;
837 }
838
839 if ((ssl->session = SSL_SESSION_new()) == NULL)
840 errx(1, "failed to create session");
841
842 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
843 FAIL("server should not need elliptic_curves\n");
844 goto err;
845 }
846
847 failure = 0;
848
849 err:
850 SSL_CTX_free(ssl_ctx);
851 SSL_free(ssl);
852
853 return (failure);
854
855}
856
857/*
858 * Supported Point Formats - RFC 4492 section 5.1.2.
859 *
860 * Examples are from the RFC. Both client and server have the same build and
861 * parse but the needs differ.
862 */
863
864static const uint8_t tlsext_ecpf_hello_uncompressed_val[] = {
865 TLSEXT_ECPOINTFORMAT_uncompressed
866};
867static const uint8_t tlsext_ecpf_hello_uncompressed[] = {
868 0x01,
869 0x00 /* TLSEXT_ECPOINTFORMAT_uncompressed */
870};
871
872static const uint8_t tlsext_ecpf_hello_prime[] = {
873 0x01,
874 0x01 /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime */
875};
876
877static const uint8_t tlsext_ecpf_hello_prefer_order_val[] = {
878 TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime,
879 TLSEXT_ECPOINTFORMAT_uncompressed,
880 TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2
881};
882static const uint8_t tlsext_ecpf_hello_prefer_order[] = {
883 0x03,
884 0x01, /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime */
885 0x00, /* TLSEXT_ECPOINTFORMAT_uncompressed */
886 0x02 /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 */
887};
888
889static int
890test_tlsext_ecpf_client(void)
891{
892 uint8_t *data = NULL;
893 SSL_CTX *ssl_ctx = NULL;
894 SSL *ssl = NULL;
895 const struct tls_extension_funcs *client_funcs;
896 const struct tls_extension_funcs *server_funcs;
897 size_t dlen;
898 int failure, alert;
899 CBB cbb;
900 CBS cbs;
901
902 failure = 1;
903
904 if (!CBB_init(&cbb, 0))
905 errx(1, "Failed to create CBB");
906
907 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
908 errx(1, "failed to create SSL_CTX");
909 if ((ssl = SSL_new(ssl_ctx)) == NULL)
910 errx(1, "failed to create SSL");
911
912 if (!tls_extension_funcs(TLSEXT_TYPE_ec_point_formats, &client_funcs,
913 &server_funcs))
914 errx(1, "failed to fetch ecpf funcs");
915
916 /*
917 * Default ciphers include EC so we need it by default.
918 */
919 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
920 FAIL("client should need ECPointFormats for default "
921 "ciphers\n");
922 goto err;
923 }
924
925 /*
926 * Exclude EC cipher suites so we can test not including it.
927 */
928 if (!SSL_set_cipher_list(ssl, "ALL:!ECDHE:!ECDH")) {
929 FAIL("client should be able to set cipher list\n");
930 goto err;
931 }
932 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
933 FAIL("client should not need ECPointFormats\n");
934 goto err;
935 }
936
937 /*
938 * Use libtls default for the rest of the testing
939 */
940 if (!SSL_set_cipher_list(ssl, "TLSv1.2+AEAD+ECDHE")) {
941 FAIL("client should be able to set cipher list\n");
942 goto err;
943 }
944 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
945 FAIL("client should need ECPointFormats\n");
946 goto err;
947 }
948
949 /*
950 * The default ECPointFormats should only have uncompressed
951 */
952 if ((ssl->session = SSL_SESSION_new()) == NULL)
953 errx(1, "failed to create session");
954
955 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
956 FAIL("client failed to build ECPointFormats\n");
957 goto err;
958 }
959
960 if (!CBB_finish(&cbb, &data, &dlen))
961 errx(1, "failed to finish CBB");
962
963 if (dlen != sizeof(tlsext_ecpf_hello_uncompressed)) {
964 FAIL("got client ECPointFormats with length %zu, "
965 "want length %zu\n", dlen,
966 sizeof(tlsext_ecpf_hello_uncompressed));
967 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
968 sizeof(tlsext_ecpf_hello_uncompressed));
969 goto err;
970 }
971
972 if (memcmp(data, tlsext_ecpf_hello_uncompressed, dlen) != 0) {
973 FAIL("client ECPointFormats differs:\n");
974 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
975 sizeof(tlsext_ecpf_hello_uncompressed));
976 goto err;
977 }
978
979 /*
980 * Make sure we can parse the default.
981 */
982 CBB_cleanup(&cbb);
983 if (!CBB_init(&cbb, 0))
984 errx(1, "Failed to create CBB");
985 free(data);
986 data = NULL;
987
988 SSL_SESSION_free(ssl->session);
989 if ((ssl->session = SSL_SESSION_new()) == NULL)
990 errx(1, "failed to create session");
991
992 CBS_init(&cbs, tlsext_ecpf_hello_uncompressed,
993 sizeof(tlsext_ecpf_hello_uncompressed));
994 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
995 FAIL("failed to parse client ECPointFormats\n");
996 goto err;
997 }
998 if (CBS_len(&cbs) != 0) {
999 FAIL("extension data remaining\n");
1000 goto err;
1001 }
1002
1003 if (ssl->session->tlsext_ecpointformatlist_length !=
1004 sizeof(tlsext_ecpf_hello_uncompressed_val)) {
1005 FAIL("no tlsext_ecpointformats from client "
1006 "ECPointFormats\n");
1007 goto err;
1008 }
1009
1010 if (memcmp(ssl->session->tlsext_ecpointformatlist,
1011 tlsext_ecpf_hello_uncompressed_val,
1012 sizeof(tlsext_ecpf_hello_uncompressed_val)) != 0) {
1013 FAIL("client had an incorrect ECPointFormats entry\n");
1014 goto err;
1015 }
1016
1017 /*
1018 * Test with a custom order.
1019 */
1020 CBB_cleanup(&cbb);
1021 if (!CBB_init(&cbb, 0))
1022 errx(1, "Failed to create CBB");
1023 free(data);
1024 data = NULL;
1025
1026 SSL_SESSION_free(ssl->session);
1027 if ((ssl->session = SSL_SESSION_new()) == NULL)
1028 errx(1, "failed to create session");
1029
1030 if ((ssl->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) {
1031 FAIL("client could not malloc\n");
1032 goto err;
1033 }
1034 ssl->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
1035 ssl->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed;
1036 ssl->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
1037 ssl->tlsext_ecpointformatlist_length = 3;
1038
1039 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1040 FAIL("client should need ECPointFormats with a custom "
1041 "format\n");
1042 goto err;
1043 }
1044
1045 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
1046 FAIL("client failed to build ECPointFormats\n");
1047 goto err;
1048 }
1049
1050 if (!CBB_finish(&cbb, &data, &dlen))
1051 errx(1, "failed to finish CBB");
1052
1053 if (dlen != sizeof(tlsext_ecpf_hello_prefer_order)) {
1054 FAIL("got client ECPointFormats with length %zu, "
1055 "want length %zu\n", dlen,
1056 sizeof(tlsext_ecpf_hello_prefer_order));
1057 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
1058 sizeof(tlsext_ecpf_hello_prefer_order));
1059 goto err;
1060 }
1061
1062 if (memcmp(data, tlsext_ecpf_hello_prefer_order, dlen) != 0) {
1063 FAIL("client ECPointFormats differs:\n");
1064 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
1065 sizeof(tlsext_ecpf_hello_prefer_order));
1066 goto err;
1067 }
1068
1069 /*
1070 * Make sure that we can parse this custom order.
1071 */
1072 CBB_cleanup(&cbb);
1073 if (!CBB_init(&cbb, 0))
1074 errx(1, "Failed to create CBB");
1075 free(data);
1076 data = NULL;
1077
1078 SSL_SESSION_free(ssl->session);
1079 if ((ssl->session = SSL_SESSION_new()) == NULL)
1080 errx(1, "failed to create session");
1081
1082 /* Reset the custom list so we go back to the default uncompressed. */
1083 free(ssl->tlsext_ecpointformatlist);
1084 ssl->tlsext_ecpointformatlist = NULL;
1085 ssl->tlsext_ecpointformatlist_length = 0;
1086
1087 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order,
1088 sizeof(tlsext_ecpf_hello_prefer_order));
1089 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1090 FAIL("failed to parse client ECPointFormats\n");
1091 goto err;
1092 }
1093 if (CBS_len(&cbs) != 0) {
1094 FAIL("extension data remaining\n");
1095 goto err;
1096 }
1097
1098 if (ssl->session->tlsext_ecpointformatlist_length !=
1099 sizeof(tlsext_ecpf_hello_prefer_order_val)) {
1100 FAIL("no tlsext_ecpointformats from client "
1101 "ECPointFormats\n");
1102 goto err;
1103 }
1104
1105 if (memcmp(ssl->session->tlsext_ecpointformatlist,
1106 tlsext_ecpf_hello_prefer_order_val,
1107 sizeof(tlsext_ecpf_hello_prefer_order_val)) != 0) {
1108 FAIL("client had an incorrect ECPointFormats entry\n");
1109 goto err;
1110 }
1111
1112
1113 failure = 0;
1114
1115 err:
1116 CBB_cleanup(&cbb);
1117 SSL_CTX_free(ssl_ctx);
1118 SSL_free(ssl);
1119 free(data);
1120
1121 return (failure);
1122}
1123
1124static int
1125test_tlsext_ecpf_server(void)
1126{
1127 uint8_t *data = NULL;
1128 SSL_CTX *ssl_ctx = NULL;
1129 SSL *ssl = NULL;
1130 const struct tls_extension_funcs *client_funcs;
1131 const struct tls_extension_funcs *server_funcs;
1132 size_t dlen;
1133 int failure, alert;
1134 CBB cbb;
1135 CBS cbs;
1136
1137 failure = 1;
1138
1139 if (!CBB_init(&cbb, 0))
1140 errx(1, "Failed to create CBB");
1141
1142 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1143 errx(1, "failed to create SSL_CTX");
1144 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1145 errx(1, "failed to create SSL");
1146
1147 if (!tls_extension_funcs(TLSEXT_TYPE_ec_point_formats, &client_funcs,
1148 &server_funcs))
1149 errx(1, "failed to fetch ecpf funcs");
1150
1151 if ((ssl->session = SSL_SESSION_new()) == NULL)
1152 errx(1, "failed to create session");
1153
1154 /* Setup the state so we can call needs. */
1155 if ((ssl->s3->hs.cipher =
1156 ssl3_get_cipher_by_id(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305))
1157 == NULL) {
1158 FAIL("server cannot find cipher\n");
1159 goto err;
1160 }
1161 if ((ssl->session->tlsext_ecpointformatlist = malloc(sizeof(uint8_t)))
1162 == NULL) {
1163 FAIL("server could not malloc\n");
1164 goto err;
1165 }
1166 ssl->session->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
1167 ssl->session->tlsext_ecpointformatlist_length = 1;
1168
1169 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1170 FAIL("server should need ECPointFormats now\n");
1171 goto err;
1172 }
1173
1174 /*
1175 * The server will ignore the session list and use either a custom
1176 * list or the default (uncompressed).
1177 */
1178 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
1179 FAIL("server failed to build ECPointFormats\n");
1180 goto err;
1181 }
1182
1183 if (!CBB_finish(&cbb, &data, &dlen))
1184 errx(1, "failed to finish CBB");
1185
1186 if (dlen != sizeof(tlsext_ecpf_hello_uncompressed)) {
1187 FAIL("got server ECPointFormats with length %zu, "
1188 "want length %zu\n", dlen,
1189 sizeof(tlsext_ecpf_hello_uncompressed));
1190 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
1191 sizeof(tlsext_ecpf_hello_uncompressed));
1192 goto err;
1193 }
1194
1195 if (memcmp(data, tlsext_ecpf_hello_uncompressed, dlen) != 0) {
1196 FAIL("server ECPointFormats differs:\n");
1197 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
1198 sizeof(tlsext_ecpf_hello_uncompressed));
1199 goto err;
1200 }
1201
1202 /*
1203 * Cannot parse a non-default list without at least uncompressed.
1204 */
1205 CBB_cleanup(&cbb);
1206 if (!CBB_init(&cbb, 0))
1207 errx(1, "Failed to create CBB");
1208 free(data);
1209 data = NULL;
1210
1211 SSL_SESSION_free(ssl->session);
1212 if ((ssl->session = SSL_SESSION_new()) == NULL)
1213 errx(1, "failed to create session");
1214
1215 CBS_init(&cbs, tlsext_ecpf_hello_prime,
1216 sizeof(tlsext_ecpf_hello_prime));
1217 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1218 FAIL("must include uncompressed in server ECPointFormats\n");
1219 goto err;
1220 }
1221 if (CBS_len(&cbs) != 0) {
1222 FAIL("extension data remaining\n");
1223 goto err;
1224 }
1225
1226 /*
1227 * Test with a custom order that replaces the default uncompressed.
1228 */
1229 CBB_cleanup(&cbb);
1230 if (!CBB_init(&cbb, 0))
1231 errx(1, "Failed to create CBB");
1232 free(data);
1233 data = NULL;
1234
1235 SSL_SESSION_free(ssl->session);
1236 if ((ssl->session = SSL_SESSION_new()) == NULL)
1237 errx(1, "failed to create session");
1238
1239 /* Add a session list even though it will be ignored. */
1240 if ((ssl->session->tlsext_ecpointformatlist = malloc(sizeof(uint8_t)))
1241 == NULL) {
1242 FAIL("server could not malloc\n");
1243 goto err;
1244 }
1245 ssl->session->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
1246 ssl->session->tlsext_ecpointformatlist_length = 1;
1247
1248 /* Replace the default list with a custom one. */
1249 if ((ssl->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) {
1250 FAIL("server could not malloc\n");
1251 goto err;
1252 }
1253 ssl->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
1254 ssl->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed;
1255 ssl->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
1256 ssl->tlsext_ecpointformatlist_length = 3;
1257
1258 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1259 FAIL("server should need ECPointFormats\n");
1260 goto err;
1261 }
1262
1263 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
1264 FAIL("server failed to build ECPointFormats\n");
1265 goto err;
1266 }
1267
1268 if (!CBB_finish(&cbb, &data, &dlen))
1269 errx(1, "failed to finish CBB");
1270
1271 if (dlen != sizeof(tlsext_ecpf_hello_prefer_order)) {
1272 FAIL("got server ECPointFormats with length %zu, "
1273 "want length %zu\n", dlen,
1274 sizeof(tlsext_ecpf_hello_prefer_order));
1275 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
1276 sizeof(tlsext_ecpf_hello_prefer_order));
1277 goto err;
1278 }
1279
1280 if (memcmp(data, tlsext_ecpf_hello_prefer_order, dlen) != 0) {
1281 FAIL("server ECPointFormats differs:\n");
1282 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
1283 sizeof(tlsext_ecpf_hello_prefer_order));
1284 goto err;
1285 }
1286
1287 /*
1288 * Should be able to parse the custom list into a session list.
1289 */
1290 CBB_cleanup(&cbb);
1291 if (!CBB_init(&cbb, 0))
1292 errx(1, "Failed to create CBB");
1293 free(data);
1294 data = NULL;
1295
1296 SSL_SESSION_free(ssl->session);
1297 if ((ssl->session = SSL_SESSION_new()) == NULL)
1298 errx(1, "failed to create session");
1299
1300 /* Reset back to the default (uncompressed) */
1301 free(ssl->tlsext_ecpointformatlist);
1302 ssl->tlsext_ecpointformatlist = NULL;
1303 ssl->tlsext_ecpointformatlist_length = 0;
1304
1305 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order,
1306 sizeof(tlsext_ecpf_hello_prefer_order));
1307 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1308 FAIL("failed to parse server ECPointFormats\n");
1309 goto err;
1310 }
1311 if (CBS_len(&cbs) != 0) {
1312 FAIL("extension data remaining\n");
1313 goto err;
1314 }
1315
1316 if (ssl->session->tlsext_ecpointformatlist_length !=
1317 sizeof(tlsext_ecpf_hello_prefer_order_val)) {
1318 FAIL("no tlsext_ecpointformats from server "
1319 "ECPointFormats\n");
1320 goto err;
1321 }
1322
1323 if (memcmp(ssl->session->tlsext_ecpointformatlist,
1324 tlsext_ecpf_hello_prefer_order_val,
1325 sizeof(tlsext_ecpf_hello_prefer_order_val)) != 0) {
1326 FAIL("server had an incorrect ECPointFormats entry\n");
1327 goto err;
1328 }
1329
1330 failure = 0;
1331
1332 err:
1333 CBB_cleanup(&cbb);
1334 SSL_CTX_free(ssl_ctx);
1335 SSL_free(ssl);
1336 free(data);
1337
1338 return (failure);
1339}
1340
1341/*
1342 * Renegotiation Indication - RFC 5746.
1343 */
1344
1345static const unsigned char tlsext_ri_prev_client[] = {
1346 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
1347 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
1348};
1349
1350static const unsigned char tlsext_ri_prev_server[] = {
1351 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88,
1352 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00,
1353};
1354
1355static const unsigned char tlsext_ri_client[] = {
1356 0x10,
1357 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
1358 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
1359};
1360
1361static const unsigned char tlsext_ri_server[] = {
1362 0x20,
1363 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
1364 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
1365 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88,
1366 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00,
1367};
1368
1369static int
1370test_tlsext_ri_client(void)
1371{
1372 unsigned char *data = NULL;
1373 SSL_CTX *ssl_ctx = NULL;
1374 SSL *ssl = NULL;
1375 const struct tls_extension_funcs *client_funcs;
1376 const struct tls_extension_funcs *server_funcs;
1377 int failure;
1378 size_t dlen;
1379 int alert;
1380 CBB cbb;
1381 CBS cbs;
1382
1383 failure = 1;
1384
1385 if (!CBB_init(&cbb, 0))
1386 errx(1, "Failed to create CBB");
1387
1388 if ((ssl_ctx = SSL_CTX_new(TLSv1_2_client_method())) == NULL)
1389 errx(1, "failed to create SSL_CTX");
1390 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1391 errx(1, "failed to create SSL");
1392
1393 if (!tls_extension_funcs(TLSEXT_TYPE_renegotiate, &client_funcs,
1394 &server_funcs))
1395 errx(1, "failed to fetch ri funcs");
1396
1397 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1398 FAIL("client should not need RI\n");
1399 goto err;
1400 }
1401
1402 if (!SSL_renegotiate(ssl)) {
1403 FAIL("client failed to set renegotiate\n");
1404 goto err;
1405 }
1406
1407 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1408 FAIL("client should need RI\n");
1409 goto err;
1410 }
1411
1412 memcpy(ssl->s3->previous_client_finished, tlsext_ri_prev_client,
1413 sizeof(tlsext_ri_prev_client));
1414 ssl->s3->previous_client_finished_len = sizeof(tlsext_ri_prev_client);
1415
1416 ssl->s3->renegotiate_seen = 0;
1417
1418 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
1419 FAIL("client failed to build RI\n");
1420 goto err;
1421 }
1422
1423 if (!CBB_finish(&cbb, &data, &dlen))
1424 errx(1, "failed to finish CBB");
1425
1426 if (dlen != sizeof(tlsext_ri_client)) {
1427 FAIL("got client RI with length %zu, "
1428 "want length %zu\n", dlen, sizeof(tlsext_ri_client));
1429 goto err;
1430 }
1431
1432 if (memcmp(data, tlsext_ri_client, dlen) != 0) {
1433 FAIL("client RI differs:\n");
1434 fprintf(stderr, "received:\n");
1435 hexdump(data, dlen);
1436 fprintf(stderr, "test data:\n");
1437 hexdump(tlsext_ri_client, sizeof(tlsext_ri_client));
1438 goto err;
1439 }
1440
1441 CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client));
1442 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1443 FAIL("failed to parse client RI\n");
1444 goto err;
1445 }
1446 if (CBS_len(&cbs) != 0) {
1447 FAIL("extension data remaining\n");
1448 goto err;
1449 }
1450
1451 if (ssl->s3->renegotiate_seen != 1) {
1452 FAIL("renegotiate seen not set\n");
1453 goto err;
1454 }
1455 if (ssl->s3->send_connection_binding != 1) {
1456 FAIL("send connection binding not set\n");
1457 goto err;
1458 }
1459
1460 memset(ssl->s3->previous_client_finished, 0,
1461 sizeof(ssl->s3->previous_client_finished));
1462
1463 ssl->s3->renegotiate_seen = 0;
1464
1465 CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client));
1466 if (server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1467 FAIL("parsed invalid client RI\n");
1468 goto err;
1469 }
1470
1471 if (ssl->s3->renegotiate_seen == 1) {
1472 FAIL("renegotiate seen set\n");
1473 goto err;
1474 }
1475
1476 failure = 0;
1477
1478 err:
1479 CBB_cleanup(&cbb);
1480 SSL_CTX_free(ssl_ctx);
1481 SSL_free(ssl);
1482 free(data);
1483
1484 return (failure);
1485}
1486
1487static int
1488test_tlsext_ri_server(void)
1489{
1490 unsigned char *data = NULL;
1491 SSL_CTX *ssl_ctx = NULL;
1492 SSL *ssl = NULL;
1493 const struct tls_extension_funcs *client_funcs;
1494 const struct tls_extension_funcs *server_funcs;
1495 int failure;
1496 size_t dlen;
1497 int alert;
1498 CBB cbb;
1499 CBS cbs;
1500
1501 failure = 1;
1502
1503 if (!CBB_init(&cbb, 0))
1504 errx(1, "Failed to create CBB");
1505
1506 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1507 errx(1, "failed to create SSL_CTX");
1508 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1509 errx(1, "failed to create SSL");
1510
1511 if (!tls_extension_funcs(TLSEXT_TYPE_renegotiate, &client_funcs,
1512 &server_funcs))
1513 errx(1, "failed to fetch ri funcs");
1514
1515 ssl->version = TLS1_2_VERSION;
1516 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1517 FAIL("server should not need RI\n");
1518 goto err;
1519 }
1520
1521 ssl->s3->send_connection_binding = 1;
1522
1523 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1524 FAIL("server should need RI\n");
1525 goto err;
1526 }
1527
1528 memcpy(ssl->s3->previous_client_finished, tlsext_ri_prev_client,
1529 sizeof(tlsext_ri_prev_client));
1530 ssl->s3->previous_client_finished_len = sizeof(tlsext_ri_prev_client);
1531
1532 memcpy(ssl->s3->previous_server_finished, tlsext_ri_prev_server,
1533 sizeof(tlsext_ri_prev_server));
1534 ssl->s3->previous_server_finished_len = sizeof(tlsext_ri_prev_server);
1535
1536 ssl->s3->renegotiate_seen = 0;
1537
1538 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
1539 FAIL("server failed to build RI\n");
1540 goto err;
1541 }
1542
1543 if (!CBB_finish(&cbb, &data, &dlen))
1544 errx(1, "failed to finish CBB");
1545
1546 if (dlen != sizeof(tlsext_ri_server)) {
1547 FAIL("got server RI with length %zu, "
1548 "want length %zu\n", dlen, sizeof(tlsext_ri_server));
1549 goto err;
1550 }
1551
1552 if (memcmp(data, tlsext_ri_server, dlen) != 0) {
1553 FAIL("server RI differs:\n");
1554 fprintf(stderr, "received:\n");
1555 hexdump(data, dlen);
1556 fprintf(stderr, "test data:\n");
1557 hexdump(tlsext_ri_server, sizeof(tlsext_ri_server));
1558 goto err;
1559 }
1560
1561 CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server));
1562 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1563 FAIL("failed to parse server RI\n");
1564 goto err;
1565 }
1566 if (CBS_len(&cbs) != 0) {
1567 FAIL("extension data remaining\n");
1568 goto err;
1569 }
1570
1571 if (ssl->s3->renegotiate_seen != 1) {
1572 FAIL("renegotiate seen not set\n");
1573 goto err;
1574 }
1575 if (ssl->s3->send_connection_binding != 1) {
1576 FAIL("send connection binding not set\n");
1577 goto err;
1578 }
1579
1580 memset(ssl->s3->previous_client_finished, 0,
1581 sizeof(ssl->s3->previous_client_finished));
1582 memset(ssl->s3->previous_server_finished, 0,
1583 sizeof(ssl->s3->previous_server_finished));
1584
1585 ssl->s3->renegotiate_seen = 0;
1586
1587 CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server));
1588 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1589 FAIL("parsed invalid server RI\n");
1590 goto err;
1591 }
1592
1593 if (ssl->s3->renegotiate_seen == 1) {
1594 FAIL("renegotiate seen set\n");
1595 goto err;
1596 }
1597
1598 failure = 0;
1599
1600 err:
1601 CBB_cleanup(&cbb);
1602 SSL_CTX_free(ssl_ctx);
1603 SSL_free(ssl);
1604 free(data);
1605
1606 return (failure);
1607}
1608
1609/*
1610 * Signature Algorithms - RFC 5246 section 7.4.1.4.1.
1611 */
1612
1613static const unsigned char tlsext_sigalgs_client[] = {
1614 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03,
1615 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04,
1616 0x04, 0x01, 0x04, 0x03, 0x02, 0x01, 0x02, 0x03,
1617};
1618
1619static int
1620test_tlsext_sigalgs_client(void)
1621{
1622 unsigned char *data = NULL;
1623 SSL_CTX *ssl_ctx = NULL;
1624 SSL *ssl = NULL;
1625 const struct tls_extension_funcs *client_funcs;
1626 const struct tls_extension_funcs *server_funcs;
1627 int failure;
1628 size_t dlen;
1629 int alert;
1630 CBB cbb;
1631 CBS cbs;
1632
1633 failure = 1;
1634
1635 if (!CBB_init(&cbb, 0))
1636 errx(1, "Failed to create CBB");
1637
1638 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
1639 errx(1, "failed to create SSL_CTX");
1640 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1641 errx(1, "failed to create SSL");
1642
1643 if (!tls_extension_funcs(TLSEXT_TYPE_signature_algorithms,
1644 &client_funcs, &server_funcs))
1645 errx(1, "failed to fetch sigalgs funcs");
1646
1647 ssl->s3->hs.our_max_tls_version = TLS1_1_VERSION;
1648
1649 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1650 FAIL("client should not need sigalgs\n");
1651 goto done;
1652 }
1653
1654 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
1655
1656 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1657 FAIL("client should need sigalgs\n");
1658 goto done;
1659 }
1660
1661 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
1662 FAIL("client failed to build sigalgs\n");
1663 goto done;
1664 }
1665
1666 if (!CBB_finish(&cbb, &data, &dlen))
1667 errx(1, "failed to finish CBB");
1668
1669 if (dlen != sizeof(tlsext_sigalgs_client)) {
1670 FAIL("got client sigalgs length %zu, "
1671 "want length %zu\n", dlen, sizeof(tlsext_sigalgs_client));
1672 goto done;
1673 }
1674
1675 if (memcmp(data, tlsext_sigalgs_client, dlen) != 0) {
1676 FAIL("client SNI differs:\n");
1677 fprintf(stderr, "received:\n");
1678 hexdump(data, dlen);
1679 fprintf(stderr, "test data:\n");
1680 hexdump(tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client));
1681 goto done;
1682 }
1683
1684 CBS_init(&cbs, tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client));
1685 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1686 FAIL("failed to parse client SNI\n");
1687 goto done;
1688 }
1689 if (CBS_len(&cbs) != 0) {
1690 FAIL("extension data remaining\n");
1691 goto done;
1692 }
1693
1694 failure = 0;
1695
1696 done:
1697 CBB_cleanup(&cbb);
1698 SSL_CTX_free(ssl_ctx);
1699 SSL_free(ssl);
1700 free(data);
1701
1702 return (failure);
1703}
1704
1705#if 0
1706static int
1707test_tlsext_sigalgs_server(void)
1708{
1709 unsigned char *data = NULL;
1710 SSL_CTX *ssl_ctx = NULL;
1711 SSL *ssl = NULL;
1712 const struct tls_extension_funcs *client_funcs;
1713 const struct tls_extension_funcs *server_funcs;
1714 int failure;
1715 size_t dlen;
1716 int alert;
1717 CBB cbb;
1718 CBS cbs;
1719
1720 failure = 1;
1721
1722 if (!CBB_init(&cbb, 0))
1723 errx(1, "Failed to create CBB");
1724
1725 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1726 errx(1, "failed to create SSL_CTX");
1727 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1728 errx(1, "failed to create SSL");
1729
1730 if (!tls_extension_funcs(TLSEXT_TYPE_server_name, &client_funcs,
1731 &server_funcs))
1732 errx(1, "failed to fetch sigalgs funcs");
1733
1734 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1735 FAIL("server should not need sigalgs\n");
1736 goto done;
1737 }
1738
1739 if (server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
1740 FAIL("server should not build sigalgs\n");
1741 goto done;
1742 }
1743
1744 if (!CBB_finish(&cbb, &data, &dlen))
1745 errx(1, "failed to finish CBB");
1746
1747 CBS_init(&cbs, tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client));
1748 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1749 FAIL("server should not parse sigalgs\n");
1750 goto done;
1751 }
1752
1753 failure = 0;
1754
1755 done:
1756 CBB_cleanup(&cbb);
1757 SSL_CTX_free(ssl_ctx);
1758 SSL_free(ssl);
1759 free(data);
1760
1761 return (failure);
1762}
1763#endif
1764
1765/*
1766 * Server Name Indication - RFC 6066 section 3.
1767 */
1768
1769#define TEST_SNI_SERVERNAME "www.libressl.org"
1770
1771static const unsigned char tlsext_sni_client[] = {
1772 0x00, 0x13, 0x00, 0x00, 0x10, 0x77, 0x77, 0x77,
1773 0x2e, 0x6c, 0x69, 0x62, 0x72, 0x65, 0x73, 0x73,
1774 0x6c, 0x2e, 0x6f, 0x72, 0x67,
1775};
1776
1777/* An empty array is an incomplete type and sizeof() is undefined. */
1778static const unsigned char tlsext_sni_server[] = {
1779 0x00,
1780};
1781static size_t tlsext_sni_server_len = 0;
1782
1783static int
1784test_tlsext_sni_client(void)
1785{
1786 unsigned char *data = NULL;
1787 SSL_CTX *ssl_ctx = NULL;
1788 SSL *ssl = NULL;
1789 const struct tls_extension_funcs *client_funcs;
1790 const struct tls_extension_funcs *server_funcs;
1791 int failure;
1792 size_t dlen;
1793 int alert;
1794 CBB cbb;
1795 CBS cbs;
1796
1797 failure = 1;
1798
1799 if (!CBB_init(&cbb, 0))
1800 errx(1, "Failed to create CBB");
1801
1802 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
1803 errx(1, "failed to create SSL_CTX");
1804 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1805 errx(1, "failed to create SSL");
1806
1807 if (!tls_extension_funcs(TLSEXT_TYPE_server_name, &client_funcs,
1808 &server_funcs))
1809 errx(1, "failed to fetch sni funcs");
1810
1811 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1812 FAIL("client should not need SNI\n");
1813 goto err;
1814 }
1815
1816 if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) {
1817 FAIL("client failed to set server name\n");
1818 goto err;
1819 }
1820
1821 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1822 FAIL("client should need SNI\n");
1823 goto err;
1824 }
1825
1826 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
1827 FAIL("client failed to build SNI\n");
1828 goto err;
1829 }
1830
1831 if (!CBB_finish(&cbb, &data, &dlen)) {
1832 FAIL("failed to finish CBB");
1833 goto err;
1834 }
1835
1836 if (dlen != sizeof(tlsext_sni_client)) {
1837 FAIL("got client SNI with length %zu, "
1838 "want length %zu\n", dlen, sizeof(tlsext_sni_client));
1839 goto err;
1840 }
1841
1842 if (memcmp(data, tlsext_sni_client, dlen) != 0) {
1843 FAIL("client SNI differs:\n");
1844 fprintf(stderr, "received:\n");
1845 hexdump(data, dlen);
1846 fprintf(stderr, "test data:\n");
1847 hexdump(tlsext_sni_client, sizeof(tlsext_sni_client));
1848 goto err;
1849 }
1850
1851 /*
1852 * SSL_set_tlsext_host_name() may be called with a NULL host name to
1853 * disable SNI.
1854 */
1855 if (!SSL_set_tlsext_host_name(ssl, NULL)) {
1856 FAIL("cannot set host name to NULL");
1857 goto err;
1858 }
1859
1860 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1861 FAIL("client should not need SNI\n");
1862 goto err;
1863 }
1864
1865 if ((ssl->session = SSL_SESSION_new()) == NULL) {
1866 FAIL("failed to create session");
1867 goto err;
1868 }
1869
1870 ssl->hit = 0;
1871
1872 CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client));
1873 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1874 FAIL("failed to parse client SNI\n");
1875 goto err;
1876 }
1877 if (CBS_len(&cbs) != 0) {
1878 FAIL("extension data remaining\n");
1879 goto err;
1880 }
1881
1882 if (ssl->session->tlsext_hostname == NULL) {
1883 FAIL("no tlsext_hostname from client SNI\n");
1884 goto err;
1885 }
1886
1887 if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) ||
1888 strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME,
1889 strlen(TEST_SNI_SERVERNAME)) != 0) {
1890 FAIL("got tlsext_hostname `%s', want `%s'\n",
1891 ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME);
1892 goto err;
1893 }
1894
1895 ssl->hit = 1;
1896
1897 free(ssl->session->tlsext_hostname);
1898 if ((ssl->session->tlsext_hostname = strdup("notthesame.libressl.org")) ==
1899 NULL) {
1900 FAIL("failed to strdup tlsext_hostname");
1901 goto err;
1902 }
1903
1904 CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client));
1905 if (server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1906 FAIL("parsed client with mismatched SNI\n");
1907 goto err;
1908 }
1909
1910 failure = 0;
1911
1912 err:
1913 CBB_cleanup(&cbb);
1914 SSL_CTX_free(ssl_ctx);
1915 SSL_free(ssl);
1916 free(data);
1917
1918 return (failure);
1919}
1920
1921static int
1922test_tlsext_sni_server(void)
1923{
1924 unsigned char *data = NULL;
1925 SSL_CTX *ssl_ctx = NULL;
1926 SSL *ssl = NULL;
1927 const struct tls_extension_funcs *client_funcs;
1928 const struct tls_extension_funcs *server_funcs;
1929 int failure;
1930 size_t dlen;
1931 int alert;
1932 CBB cbb;
1933 CBS cbs;
1934
1935 failure = 1;
1936
1937 if (!CBB_init(&cbb, 0))
1938 errx(1, "Failed to create CBB");
1939
1940 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1941 errx(1, "failed to create SSL_CTX");
1942 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1943 errx(1, "failed to create SSL");
1944
1945 if (!tls_extension_funcs(TLSEXT_TYPE_server_name, &client_funcs,
1946 &server_funcs))
1947 errx(1, "failed to fetch sni funcs");
1948
1949 if ((ssl->session = SSL_SESSION_new()) == NULL)
1950 errx(1, "failed to create session");
1951
1952 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1953 FAIL("server should not need SNI\n");
1954 goto err;
1955 }
1956
1957 if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) {
1958 FAIL("client failed to set server name\n");
1959 goto err;
1960 }
1961
1962 if ((ssl->session->tlsext_hostname = strdup(TEST_SNI_SERVERNAME)) ==
1963 NULL)
1964 errx(1, "failed to strdup tlsext_hostname");
1965
1966 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1967 FAIL("server should need SNI\n");
1968 goto err;
1969 }
1970
1971 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
1972 FAIL("server failed to build SNI\n");
1973 goto err;
1974 }
1975
1976 if (!CBB_finish(&cbb, &data, &dlen))
1977 errx(1, "failed to finish CBB");
1978
1979 if (dlen != tlsext_sni_server_len) {
1980 FAIL("got server SNI with length %zu, "
1981 "want length %zu\n", dlen, tlsext_sni_server_len);
1982 goto err;
1983 }
1984
1985 if (memcmp(data, tlsext_sni_server, dlen) != 0) {
1986 FAIL("server SNI differs:\n");
1987 fprintf(stderr, "received:\n");
1988 hexdump(data, dlen);
1989 fprintf(stderr, "test data:\n");
1990 hexdump(tlsext_sni_server, tlsext_sni_server_len);
1991 goto err;
1992 }
1993
1994 free(ssl->session->tlsext_hostname);
1995 ssl->session->tlsext_hostname = NULL;
1996
1997 CBS_init(&cbs, tlsext_sni_server, tlsext_sni_server_len);
1998 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1999 FAIL("failed to parse server SNI\n");
2000 goto err;
2001 }
2002 if (CBS_len(&cbs) != 0) {
2003 FAIL("extension data remaining\n");
2004 goto err;
2005 }
2006
2007 if (ssl->session->tlsext_hostname == NULL) {
2008 FAIL("no tlsext_hostname after server SNI\n");
2009 goto err;
2010 }
2011
2012 if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) ||
2013 strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME,
2014 strlen(TEST_SNI_SERVERNAME)) != 0) {
2015 FAIL("got tlsext_hostname `%s', want `%s'\n",
2016 ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME);
2017 goto err;
2018 }
2019
2020 failure = 0;
2021
2022 err:
2023 CBB_cleanup(&cbb);
2024 SSL_CTX_free(ssl_ctx);
2025 SSL_free(ssl);
2026 free(data);
2027
2028 return (failure);
2029}
2030
2031
2032/*
2033 * QUIC transport parameters extension - RFC 90210 :)
2034 */
2035
2036static const unsigned char tlsext_quic_transport_data[] = {
2037 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
2038 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
2039};
2040
2041static int
2042test_tlsext_quic_transport_parameters_client(void)
2043{
2044 const SSL_QUIC_METHOD quic_method;
2045 unsigned char *data = NULL;
2046 SSL_CTX *ssl_ctx = NULL;
2047 SSL *ssl = NULL;
2048 const struct tls_extension_funcs *client_funcs;
2049 const struct tls_extension_funcs *server_funcs;
2050 int failure;
2051 size_t dlen;
2052 CBB cbb;
2053 CBS cbs;
2054 int alert;
2055 const uint8_t *out_bytes;
2056 size_t out_bytes_len;
2057
2058 failure = 1;
2059
2060 if (!CBB_init(&cbb, 0))
2061 errx(1, "Failed to create CBB");
2062
2063 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
2064 errx(1, "failed to create SSL_CTX");
2065 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2066 errx(1, "failed to create SSL");
2067
2068 if (!tls_extension_funcs(TLSEXT_TYPE_quic_transport_parameters,
2069 &client_funcs, &server_funcs))
2070 errx(1, "failed to fetch quic transport parameter funcs");
2071
2072 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2073 FAIL("client should not need QUIC\n");
2074 goto err;
2075 }
2076
2077 if (!SSL_set_quic_transport_params(ssl,
2078 tlsext_quic_transport_data, sizeof(tlsext_quic_transport_data))) {
2079 FAIL("client failed to set QUIC parametes\n");
2080 goto err;
2081 }
2082
2083 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2084 FAIL("client should not need QUIC\n");
2085 goto err;
2086 }
2087
2088 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
2089 ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
2090
2091 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2092 FAIL("client should not need QUIC\n");
2093 goto err;
2094 }
2095
2096 ssl->quic_method = &quic_method;
2097
2098 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2099 FAIL("client should need QUIC\n");
2100 goto err;
2101 }
2102
2103 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2104 FAIL("client failed to build QUIC\n");
2105 goto err;
2106 }
2107
2108 if (!CBB_finish(&cbb, &data, &dlen)) {
2109 FAIL("failed to finish CBB");
2110 goto err;
2111 }
2112
2113 if (dlen != sizeof(tlsext_quic_transport_data)) {
2114 FAIL("got client QUIC with length %zu, "
2115 "want length %zu\n", dlen,
2116 sizeof(tlsext_quic_transport_data));
2117 goto err;
2118 }
2119
2120 if (memcmp(data, tlsext_quic_transport_data, dlen) != 0) {
2121 FAIL("client QUIC differs:\n");
2122 fprintf(stderr, "received:\n");
2123 hexdump(data, dlen);
2124 fprintf(stderr, "test data:\n");
2125 hexdump(tlsext_quic_transport_data,
2126 sizeof(tlsext_quic_transport_data));
2127 goto err;
2128 }
2129
2130 CBS_init(&cbs, tlsext_quic_transport_data,
2131 sizeof(tlsext_quic_transport_data));
2132
2133 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
2134 FAIL("server_parse of QUIC from server failed\n");
2135 goto err;
2136 }
2137 if (CBS_len(&cbs) != 0) {
2138 FAIL("extension data remaining\n");
2139 goto err;
2140 }
2141
2142 SSL_get_peer_quic_transport_params(ssl, &out_bytes, &out_bytes_len);
2143
2144 if (out_bytes_len != sizeof(tlsext_quic_transport_data)) {
2145 FAIL("server_parse QUIC length differs, got %zu want %zu\n",
2146 out_bytes_len,
2147 sizeof(tlsext_quic_transport_data));
2148 goto err;
2149 }
2150
2151 if (memcmp(out_bytes, tlsext_quic_transport_data,
2152 out_bytes_len) != 0) {
2153 FAIL("server_parse QUIC differs from sent:\n");
2154 fprintf(stderr, "received:\n");
2155 hexdump(data, dlen);
2156 fprintf(stderr, "test data:\n");
2157 hexdump(tlsext_quic_transport_data,
2158 sizeof(tlsext_quic_transport_data));
2159 goto err;
2160 }
2161
2162 failure = 0;
2163
2164 err:
2165 CBB_cleanup(&cbb);
2166 SSL_CTX_free(ssl_ctx);
2167 SSL_free(ssl);
2168 free(data);
2169
2170 return (failure);
2171}
2172
2173static int
2174test_tlsext_quic_transport_parameters_server(void)
2175{
2176 const SSL_QUIC_METHOD quic_method;
2177 unsigned char *data = NULL;
2178 SSL_CTX *ssl_ctx = NULL;
2179 SSL *ssl = NULL;
2180 const struct tls_extension_funcs *client_funcs;
2181 const struct tls_extension_funcs *server_funcs;
2182 int failure;
2183 size_t dlen;
2184 int alert;
2185 CBB cbb;
2186 CBS cbs;
2187 const uint8_t *out_bytes;
2188 size_t out_bytes_len;
2189
2190 failure = 1;
2191
2192 if (!CBB_init(&cbb, 0))
2193 errx(1, "Failed to create CBB");
2194
2195 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
2196 errx(1, "failed to create SSL_CTX");
2197 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2198 errx(1, "failed to create SSL");
2199
2200 if (!tls_extension_funcs(TLSEXT_TYPE_quic_transport_parameters,
2201 &client_funcs, &server_funcs))
2202 errx(1, "failed to fetch quic transport parameter funcs");
2203
2204 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2205 FAIL("server should not need QUIC\n");
2206 goto err;
2207 }
2208
2209 if (!SSL_set_quic_transport_params(ssl,
2210 tlsext_quic_transport_data, sizeof(tlsext_quic_transport_data))) {
2211 FAIL("server failed to set QUIC parametes\n");
2212 goto err;
2213 }
2214
2215 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_EE)) {
2216 FAIL("server should not need QUIC\n");
2217 goto err;
2218 }
2219
2220 ssl->quic_method = &quic_method;
2221
2222 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_EE)) {
2223 FAIL("server should need QUIC\n");
2224 goto err;
2225 }
2226
2227 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_EE, &cbb)) {
2228 FAIL("server failed to build QUIC\n");
2229 goto err;
2230 }
2231
2232 if (!CBB_finish(&cbb, &data, &dlen))
2233 errx(1, "failed to finish CBB");
2234
2235 if (dlen != sizeof(tlsext_quic_transport_data)) {
2236 FAIL("got server QUIC with length %zu, want length %zu\n",
2237 dlen, sizeof(tlsext_quic_transport_data));
2238 goto err;
2239 }
2240
2241 if (memcmp(data, tlsext_quic_transport_data, dlen) != 0) {
2242 FAIL("saved server QUIC differs:\n");
2243 fprintf(stderr, "received:\n");
2244 hexdump(data, dlen);
2245 fprintf(stderr, "test data:\n");
2246 hexdump(tlsext_quic_transport_data,
2247 sizeof(tlsext_quic_transport_data));
2248 goto err;
2249 }
2250
2251 CBS_init(&cbs, tlsext_quic_transport_data,
2252 sizeof(tlsext_quic_transport_data));
2253
2254 ssl->quic_method = NULL;
2255
2256 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_EE, &cbs, &alert)) {
2257 FAIL("QUIC parse should have failed!\n");
2258 goto err;
2259 }
2260
2261 ssl->quic_method = &quic_method;
2262
2263 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
2264 FAIL("client_parse of QUIC from server failed\n");
2265 goto err;
2266 }
2267 if (CBS_len(&cbs) != 0) {
2268 FAIL("extension data remaining\n");
2269 goto err;
2270 }
2271
2272 SSL_get_peer_quic_transport_params(ssl, &out_bytes, &out_bytes_len);
2273
2274 if (out_bytes_len != sizeof(tlsext_quic_transport_data)) {
2275 FAIL("client QUIC length differs, got %zu want %zu\n",
2276 out_bytes_len,
2277 sizeof(tlsext_quic_transport_data));
2278 goto err;
2279 }
2280
2281 if (memcmp(out_bytes, tlsext_quic_transport_data, out_bytes_len) != 0) {
2282 FAIL("client QUIC differs from sent:\n");
2283 fprintf(stderr, "received:\n");
2284 hexdump(data, dlen);
2285 fprintf(stderr, "test data:\n");
2286 hexdump(tlsext_quic_transport_data,
2287 sizeof(tlsext_quic_transport_data));
2288 goto err;
2289 }
2290
2291 failure = 0;
2292
2293 err:
2294 CBB_cleanup(&cbb);
2295 SSL_CTX_free(ssl_ctx);
2296 SSL_free(ssl);
2297 free(data);
2298
2299 return (failure);
2300}
2301
2302static const unsigned char tls_ocsp_client_default[] = {
2303 0x01, 0x00, 0x00, 0x00, 0x00
2304};
2305
2306static int
2307test_tlsext_ocsp_client(void)
2308{
2309 unsigned char *data = NULL;
2310 SSL_CTX *ssl_ctx = NULL;
2311 SSL *ssl = NULL;
2312 const struct tls_extension_funcs *client_funcs;
2313 const struct tls_extension_funcs *server_funcs;
2314 size_t dlen;
2315 int failure;
2316 int alert;
2317 CBB cbb;
2318 CBS cbs;
2319
2320 failure = 1;
2321
2322 if (!CBB_init(&cbb, 0))
2323 errx(1, "Failed to create CBB");
2324
2325 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
2326 errx(1, "failed to create SSL_CTX");
2327 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2328 errx(1, "failed to create SSL");
2329
2330 if (!tls_extension_funcs(TLSEXT_TYPE_status_request, &client_funcs,
2331 &server_funcs))
2332 errx(1, "failed to fetch ocsp funcs");
2333
2334 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2335 FAIL("client should not need TLSEXT_TYPE_status_request\n");
2336 goto err;
2337 }
2338 SSL_set_tlsext_status_type(ssl, TLSEXT_STATUSTYPE_ocsp);
2339
2340 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2341 FAIL("client should need TLSEXT_TYPE_status_request\n");
2342 goto err;
2343 }
2344 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2345 FAIL("client failed to build SNI\n");
2346 goto err;
2347 }
2348 if (!CBB_finish(&cbb, &data, &dlen))
2349 errx(1, "failed to finish CBB");
2350
2351 if (dlen != sizeof(tls_ocsp_client_default)) {
2352 FAIL("got TLSEXT_TYPE_status_request client with length %zu, "
2353 "want length %zu\n", dlen,
2354 sizeof(tls_ocsp_client_default));
2355 goto err;
2356 }
2357 if (memcmp(data, tls_ocsp_client_default, dlen) != 0) {
2358 FAIL("TLSEXT_TYPE_status_request client differs:\n");
2359 fprintf(stderr, "received:\n");
2360 hexdump(data, dlen);
2361 fprintf(stderr, "test data:\n");
2362 hexdump(tls_ocsp_client_default,
2363 sizeof(tls_ocsp_client_default));
2364 goto err;
2365 }
2366 CBS_init(&cbs, tls_ocsp_client_default,
2367 sizeof(tls_ocsp_client_default));
2368 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
2369 FAIL("failed to parse TLSEXT_TYPE_status_request client\n");
2370 goto err;
2371 }
2372 if (CBS_len(&cbs) != 0) {
2373 FAIL("extension data remaining\n");
2374 goto err;
2375 }
2376
2377 failure = 0;
2378
2379 err:
2380 CBB_cleanup(&cbb);
2381 SSL_CTX_free(ssl_ctx);
2382 SSL_free(ssl);
2383 free(data);
2384
2385 return (failure);
2386}
2387
2388static int
2389test_tlsext_ocsp_server(void)
2390{
2391 unsigned char *data = NULL;
2392 SSL_CTX *ssl_ctx = NULL;
2393 SSL *ssl = NULL;
2394 const struct tls_extension_funcs *client_funcs;
2395 const struct tls_extension_funcs *server_funcs;
2396 size_t dlen;
2397 int failure;
2398 CBB cbb;
2399
2400 failure = 1;
2401
2402 if (!CBB_init(&cbb, 0))
2403 errx(1, "Failed to create CBB");
2404
2405 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
2406 errx(1, "failed to create SSL_CTX");
2407 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2408 errx(1, "failed to create SSL");
2409
2410 if (!tls_extension_funcs(TLSEXT_TYPE_status_request, &client_funcs,
2411 &server_funcs))
2412 errx(1, "failed to fetch ocsp funcs");
2413
2414 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2415 FAIL("server should not need TLSEXT_TYPE_status_request\n");
2416 goto err;
2417 }
2418
2419 ssl->tlsext_status_expected = 1;
2420
2421 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2422 FAIL("server should need TLSEXT_TYPE_status_request\n");
2423 goto err;
2424 }
2425 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
2426 FAIL("server failed to build TLSEXT_TYPE_status_request\n");
2427 goto err;
2428 }
2429
2430 if (!CBB_finish(&cbb, &data, &dlen))
2431 errx(1, "failed to finish CBB");
2432
2433 failure = 0;
2434
2435 err:
2436 CBB_cleanup(&cbb);
2437 SSL_CTX_free(ssl_ctx);
2438 SSL_free(ssl);
2439 free(data);
2440
2441 return (failure);
2442}
2443
2444/*
2445 * Session ticket - RFC 5077 since no known implementations use 4507.
2446 *
2447 * Session tickets can be length 0 (special case) to 2^16-1.
2448 *
2449 * The state is encrypted by the server so it is opaque to the client.
2450 */
2451static uint8_t tlsext_sessionticket_hello_min[1];
2452static uint8_t tlsext_sessionticket_hello_max[65535];
2453
2454static int
2455test_tlsext_sessionticket_client(void)
2456{
2457 unsigned char *data = NULL;
2458 SSL_CTX *ssl_ctx = NULL;
2459 SSL *ssl = NULL;
2460 const struct tls_extension_funcs *client_funcs;
2461 const struct tls_extension_funcs *server_funcs;
2462 int failure;
2463 CBB cbb;
2464 size_t dlen;
2465 uint8_t dummy[1234];
2466
2467 failure = 1;
2468
2469 if (!CBB_init(&cbb, 0))
2470 errx(1, "Failed to create CBB");
2471
2472 /* Create fake session tickets with random data. */
2473 arc4random_buf(tlsext_sessionticket_hello_min,
2474 sizeof(tlsext_sessionticket_hello_min));
2475 arc4random_buf(tlsext_sessionticket_hello_max,
2476 sizeof(tlsext_sessionticket_hello_max));
2477
2478 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
2479 errx(1, "failed to create SSL_CTX");
2480 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2481 errx(1, "failed to create SSL");
2482
2483 if (!tls_extension_funcs(TLSEXT_TYPE_session_ticket, &client_funcs,
2484 &server_funcs))
2485 errx(1, "failed to fetch session ticket funcs");
2486
2487 /* Should need a ticket by default. */
2488 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2489 FAIL("client should need Sessionticket for default "
2490 "ciphers\n");
2491 goto err;
2492 }
2493
2494 /* Test disabling tickets. */
2495 if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) {
2496 FAIL("Cannot disable tickets in the TLS connection\n");
2497 goto err;
2498 }
2499 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2500 FAIL("client should not need SessionTicket if it was disabled\n");
2501 goto err;
2502 }
2503
2504 /* Test re-enabling tickets. */
2505 if ((SSL_clear_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) != 0) {
2506 FAIL("Cannot re-enable tickets in the TLS connection\n");
2507 goto err;
2508 }
2509 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2510 FAIL("client should need SessionTicket if it was disabled\n");
2511 goto err;
2512 }
2513
2514 /* Since we don't have a session, we should build an empty ticket. */
2515 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2516 FAIL("Cannot build a ticket\n");
2517 goto err;
2518 }
2519 if (!CBB_finish(&cbb, &data, &dlen)) {
2520 FAIL("Cannot finish CBB\n");
2521 goto err;
2522 }
2523 if (dlen != 0) {
2524 FAIL("Expected 0 length but found %zu\n", dlen);
2525 goto err;
2526 }
2527
2528 CBB_cleanup(&cbb);
2529 if (!CBB_init(&cbb, 0))
2530 errx(1, "Failed to create CBB");
2531 free(data);
2532 data = NULL;
2533
2534 /* With a new session (but no ticket), we should still have 0 length */
2535 if ((ssl->session = SSL_SESSION_new()) == NULL)
2536 errx(1, "failed to create session");
2537 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2538 FAIL("Should still want a session ticket with a new session\n");
2539 goto err;
2540 }
2541 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2542 FAIL("Cannot build a ticket\n");
2543 goto err;
2544 }
2545 if (!CBB_finish(&cbb, &data, &dlen)) {
2546 FAIL("Cannot finish CBB\n");
2547 goto err;
2548 }
2549 if (dlen != 0) {
2550 FAIL("Expected 0 length but found %zu\n", dlen);
2551 goto err;
2552 }
2553
2554 CBB_cleanup(&cbb);
2555 if (!CBB_init(&cbb, 0))
2556 errx(1, "Failed to create CBB");
2557 free(data);
2558 data = NULL;
2559
2560 /* With a new session (and ticket), we should use that ticket */
2561 SSL_SESSION_free(ssl->session);
2562 if ((ssl->session = SSL_SESSION_new()) == NULL)
2563 errx(1, "failed to create session");
2564
2565 arc4random_buf(&dummy, sizeof(dummy));
2566 if ((ssl->session->tlsext_tick = malloc(sizeof(dummy))) == NULL) {
2567 errx(1, "failed to malloc");
2568 }
2569 memcpy(ssl->session->tlsext_tick, dummy, sizeof(dummy));
2570 ssl->session->tlsext_ticklen = sizeof(dummy);
2571
2572 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2573 FAIL("Should still want a session ticket with a new session\n");
2574 goto err;
2575 }
2576 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2577 FAIL("Cannot build a ticket\n");
2578 goto err;
2579 }
2580 if (!CBB_finish(&cbb, &data, &dlen)) {
2581 FAIL("Cannot finish CBB\n");
2582 goto err;
2583 }
2584 if (dlen != sizeof(dummy)) {
2585 FAIL("Expected %zu length but found %zu\n", sizeof(dummy), dlen);
2586 goto err;
2587 }
2588 if (memcmp(data, dummy, dlen) != 0) {
2589 FAIL("server SNI differs:\n");
2590 compare_data(data, dlen,
2591 dummy, sizeof(dummy));
2592 goto err;
2593 }
2594
2595 CBB_cleanup(&cbb);
2596 if (!CBB_init(&cbb, 0))
2597 errx(1, "Failed to create CBB");
2598 free(data);
2599 data = NULL;
2600 free(ssl->session->tlsext_tick);
2601 ssl->session->tlsext_tick = NULL;
2602 ssl->session->tlsext_ticklen = 0;
2603
2604 /*
2605 * Send in NULL to disable session tickets at runtime without going
2606 * through SSL_set_options().
2607 */
2608 if (!SSL_set_session_ticket_ext(ssl, NULL, 0)) {
2609 FAIL("Could not set a NULL custom ticket\n");
2610 goto err;
2611 }
2612 /* Should not need a ticket in this case */
2613 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2614 FAIL("Should not want to use session tickets with a NULL custom\n");
2615 goto err;
2616 }
2617
2618 /*
2619 * If you want to remove the tlsext_session_ticket behavior, you have
2620 * to do it manually.
2621 */
2622 free(ssl->tlsext_session_ticket);
2623 ssl->tlsext_session_ticket = NULL;
2624
2625 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2626 FAIL("Should need a session ticket again when the custom one is removed\n");
2627 goto err;
2628 }
2629
2630 /* Test a custom session ticket (not recommended in practice) */
2631 if (!SSL_set_session_ticket_ext(ssl, tlsext_sessionticket_hello_max,
2632 sizeof(tlsext_sessionticket_hello_max))) {
2633 FAIL("Should be able to set a custom ticket\n");
2634 goto err;
2635 }
2636 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2637 FAIL("Should need a session ticket again when the custom one is not empty\n");
2638 goto err;
2639 }
2640 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2641 FAIL("Cannot build a ticket with a max length random payload\n");
2642 goto err;
2643 }
2644 if (!CBB_finish(&cbb, &data, &dlen)) {
2645 FAIL("Cannot finish CBB\n");
2646 goto err;
2647 }
2648 if (dlen != sizeof(tlsext_sessionticket_hello_max)) {
2649 FAIL("Expected %zu length but found %zu\n",
2650 sizeof(tlsext_sessionticket_hello_max), dlen);
2651 goto err;
2652 }
2653 if (memcmp(data, tlsext_sessionticket_hello_max,
2654 sizeof(tlsext_sessionticket_hello_max)) != 0) {
2655 FAIL("Expected to get what we passed in\n");
2656 compare_data(data, dlen,
2657 tlsext_sessionticket_hello_max,
2658 sizeof(tlsext_sessionticket_hello_max));
2659 goto err;
2660 }
2661
2662 failure = 0;
2663
2664 err:
2665 CBB_cleanup(&cbb);
2666 SSL_CTX_free(ssl_ctx);
2667 SSL_free(ssl);
2668 free(data);
2669
2670 return (failure);
2671}
2672
2673
2674static int
2675test_tlsext_sessionticket_server(void)
2676{
2677 SSL_CTX *ssl_ctx = NULL;
2678 SSL *ssl = NULL;
2679 const struct tls_extension_funcs *client_funcs;
2680 const struct tls_extension_funcs *server_funcs;
2681 int failure;
2682 uint8_t *data = NULL;
2683 size_t dlen;
2684 CBB cbb;
2685
2686 failure = 1;
2687
2688 if (!CBB_init(&cbb, 0))
2689 errx(1, "Failed to create CBB");
2690
2691 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
2692 errx(1, "failed to create SSL_CTX");
2693 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2694 errx(1, "failed to create SSL");
2695
2696 if (!tls_extension_funcs(TLSEXT_TYPE_session_ticket, &client_funcs,
2697 &server_funcs))
2698 errx(1, "failed to fetch session ticket funcs");
2699
2700 /*
2701 * By default, should not need a session ticket since the ticket
2702 * is not yet expected.
2703 */
2704 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2705 FAIL("server should not need SessionTicket by default\n");
2706 goto err;
2707 }
2708
2709 /* Test disabling tickets. */
2710 if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) {
2711 FAIL("Cannot disable tickets in the TLS connection\n");
2712 goto err;
2713 }
2714 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2715 FAIL("server should not need SessionTicket if it was disabled\n");
2716 goto err;
2717 }
2718
2719 /* Test re-enabling tickets. */
2720 if ((SSL_clear_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) != 0) {
2721 FAIL("Cannot re-enable tickets in the TLS connection\n");
2722 goto err;
2723 }
2724 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2725 FAIL("server should not need SessionTicket yet\n");
2726 goto err;
2727 }
2728
2729 /* Set expected to require it. */
2730 ssl->tlsext_ticket_expected = 1;
2731 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2732 FAIL("server should now be required for SessionTicket\n");
2733 goto err;
2734 }
2735
2736 /* server hello's session ticket should always be 0 length payload. */
2737 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
2738 FAIL("Cannot build a ticket with a max length random payload\n");
2739 goto err;
2740 }
2741 if (!CBB_finish(&cbb, &data, &dlen)) {
2742 FAIL("Cannot finish CBB\n");
2743 goto err;
2744 }
2745 if (dlen != 0) {
2746 FAIL("Expected 0 length but found %zu\n", dlen);
2747 goto err;
2748 }
2749
2750 failure = 0;
2751
2752 err:
2753 CBB_cleanup(&cbb);
2754 SSL_CTX_free(ssl_ctx);
2755 SSL_free(ssl);
2756 free(data);
2757
2758 return (failure);
2759}
2760
2761#ifndef OPENSSL_NO_SRTP
2762/*
2763 * Supported Secure Real-time Transport Protocol (RFC 5764 section 4.1.1)
2764 */
2765
2766/* Colon separated string values */
2767const char *tlsext_srtp_single_profile = "SRTP_AES128_CM_SHA1_80";
2768const char *tlsext_srtp_multiple_profiles = "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32";
2769
2770const char *tlsext_srtp_aes128cmsha80 = "SRTP_AES128_CM_SHA1_80";
2771const char *tlsext_srtp_aes128cmsha32 = "SRTP_AES128_CM_SHA1_32";
2772
2773const uint8_t tlsext_srtp_single[] = {
2774 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2775 0x00, 0x02, /* len */
2776 0x00, 0x01, /* SRTP_AES128_CM_SHA1_80 */
2777 0x00 /* opaque srtp_mki<0..255> */
2778};
2779
2780const uint8_t tlsext_srtp_multiple[] = {
2781 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2782 0x00, 0x04, /* len */
2783 0x00, 0x01, /* SRTP_AES128_CM_SHA1_80 */
2784 0x00, 0x02, /* SRTP_AES128_CM_SHA1_32 */
2785 0x00 /* opaque srtp_mki<0..255> */
2786};
2787
2788const uint8_t tlsext_srtp_multiple_invalid[] = {
2789 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2790 0x00, 0x04, /* len */
2791 0x00, 0x08, /* arbitrary value not found in known profiles */
2792 0x00, 0x09, /* arbitrary value not found in known profiles */
2793 0x00 /* opaque srtp_mki<0..255> */
2794};
2795
2796const uint8_t tlsext_srtp_single_invalid[] = {
2797 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2798 0x00, 0x02, /* len */
2799 0x00, 0x08, /* arbitrary value not found in known profiles */
2800 0x00 /* opaque srtp_mki<0..255> */
2801};
2802
2803const uint8_t tlsext_srtp_multiple_one_valid[] = {
2804 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2805 0x00, 0x04, /* len */
2806 0x00, 0x08, /* arbitrary value not found in known profiles */
2807 0x00, 0x02, /* SRTP_AES128_CM_SHA1_32 */
2808 0x00 /* opaque srtp_mki<0..255> */
2809};
2810
2811static int
2812test_tlsext_srtp_client(void)
2813{
2814 SRTP_PROTECTION_PROFILE *prof;
2815 SSL_CTX *ssl_ctx = NULL;
2816 SSL *ssl = NULL;
2817 const struct tls_extension_funcs *client_funcs;
2818 const struct tls_extension_funcs *server_funcs;
2819 uint8_t *data = NULL;
2820 CBB cbb;
2821 CBS cbs;
2822 int failure, alert;
2823 size_t dlen;
2824
2825 failure = 1;
2826
2827 if (!CBB_init(&cbb, 0))
2828 errx(1, "Failed to create CBB");
2829
2830 /* SRTP is for DTLS */
2831 if ((ssl_ctx = SSL_CTX_new(DTLSv1_client_method())) == NULL)
2832 errx(1, "failed to create SSL_CTX");
2833 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2834 errx(1, "failed to create SSL");
2835
2836 if (!tls_extension_funcs(TLSEXT_TYPE_use_srtp, &client_funcs,
2837 &server_funcs))
2838 errx(1, "failed to fetch srtp funcs");
2839
2840 /* By default, we don't need this */
2841 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2842 FAIL("client should not need SRTP by default\n");
2843 goto err;
2844 }
2845
2846 if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_single_profile) != 0) {
2847 FAIL("should be able to set a single SRTP\n");
2848 goto err;
2849 }
2850 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2851 FAIL("client should need SRTP\n");
2852 goto err;
2853 }
2854
2855 /* Make sure we can build the client with a single profile. */
2856
2857 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2858 FAIL("client failed to build SRTP\n");
2859 goto err;
2860 }
2861 if (!CBB_finish(&cbb, &data, &dlen))
2862 errx(1, "failed to finish CBB");
2863
2864 if (dlen != sizeof(tlsext_srtp_single)) {
2865 FAIL("got client SRTP with length %zu, "
2866 "want length %zu\n", dlen,
2867 sizeof(tlsext_srtp_single));
2868 compare_data(data, dlen, tlsext_srtp_single,
2869 sizeof(tlsext_srtp_single));
2870 goto err;
2871 }
2872 if (memcmp(data, tlsext_srtp_single, dlen) != 0) {
2873 FAIL("client SRTP differs:\n");
2874 compare_data(data, dlen, tlsext_srtp_single,
2875 sizeof(tlsext_srtp_single));
2876 goto err;
2877 }
2878
2879 CBB_cleanup(&cbb);
2880 if (!CBB_init(&cbb, 0))
2881 errx(1, "Failed to create CBB");
2882 free(data);
2883 data = NULL;
2884
2885 /* Make sure we can parse the single profile. */
2886
2887 if (SSL_get_selected_srtp_profile(ssl) != NULL) {
2888 FAIL("SRTP profile should not be set yet\n");
2889 goto err;
2890 }
2891
2892 CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single));
2893 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
2894 FAIL("failed to parse SRTP\n");
2895 goto err;
2896 }
2897 if (CBS_len(&cbs) != 0) {
2898 FAIL("extension data remaining\n");
2899 goto err;
2900 }
2901
2902 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
2903 FAIL("SRTP profile should be set now\n");
2904 goto err;
2905 }
2906 if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) {
2907 FAIL("SRTP profile was not set properly\n");
2908 goto err;
2909 }
2910
2911 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2912 FAIL("should send server extension when profile selected\n");
2913 goto err;
2914 }
2915
2916 /* Make sure we can build the clienthello with multiple entries. */
2917
2918 if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_multiple_profiles) != 0) {
2919 FAIL("should be able to set SRTP to multiple profiles\n");
2920 goto err;
2921 }
2922 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2923 FAIL("client should need SRTP by now\n");
2924 goto err;
2925 }
2926
2927 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2928 FAIL("client failed to build SRTP\n");
2929 goto err;
2930 }
2931 if (!CBB_finish(&cbb, &data, &dlen))
2932 errx(1, "failed to finish CBB");
2933
2934 if (dlen != sizeof(tlsext_srtp_multiple)) {
2935 FAIL("got client SRTP with length %zu, "
2936 "want length %zu\n", dlen,
2937 sizeof(tlsext_srtp_multiple));
2938 compare_data(data, dlen, tlsext_srtp_multiple,
2939 sizeof(tlsext_srtp_multiple));
2940 goto err;
2941 }
2942 if (memcmp(data, tlsext_srtp_multiple, dlen) != 0) {
2943 FAIL("client SRTP differs:\n");
2944 compare_data(data, dlen, tlsext_srtp_multiple,
2945 sizeof(tlsext_srtp_multiple));
2946 goto err;
2947 }
2948
2949 CBB_cleanup(&cbb);
2950 if (!CBB_init(&cbb, 0))
2951 errx(1, "Failed to create CBB");
2952 free(data);
2953 data = NULL;
2954
2955 /* Make sure we can parse multiple profiles (selects server preferred) */
2956
2957 ssl->srtp_profile = NULL;
2958
2959 CBS_init(&cbs, tlsext_srtp_multiple,
2960 sizeof(tlsext_srtp_multiple));
2961 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
2962 FAIL("failed to parse SRTP\n");
2963 goto err;
2964 }
2965 if (CBS_len(&cbs) != 0) {
2966 FAIL("extension data remaining\n");
2967 goto err;
2968 }
2969
2970 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
2971 FAIL("SRTP profile should be set now\n");
2972 goto err;
2973 }
2974 if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) {
2975 FAIL("SRTP profile was not set properly\n");
2976 goto err;
2977 }
2978
2979 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2980 FAIL("should send server extension when profile selected\n");
2981 goto err;
2982 }
2983
2984 /*
2985 * Make sure we can parse the clienthello with multiple entries
2986 * where one is unknown.
2987 */
2988 ssl->srtp_profile = NULL;
2989
2990 CBS_init(&cbs, tlsext_srtp_multiple_one_valid,
2991 sizeof(tlsext_srtp_multiple_one_valid));
2992 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
2993 FAIL("failed to parse SRTP\n");
2994 goto err;
2995 }
2996 if (CBS_len(&cbs) != 0) {
2997 FAIL("extension data remaining\n");
2998 goto err;
2999 }
3000
3001 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
3002 FAIL("SRTP profile should be set now\n");
3003 goto err;
3004 }
3005 if (strcmp(prof->name, tlsext_srtp_aes128cmsha32) != 0) {
3006 FAIL("SRTP profile was not set properly\n");
3007 goto err;
3008 }
3009
3010 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3011 FAIL("should send server extension when profile selected\n");
3012 goto err;
3013 }
3014
3015 /* Make sure we fall back to negotiated when none work. */
3016
3017 ssl->srtp_profile = NULL;
3018
3019 CBS_init(&cbs, tlsext_srtp_multiple_invalid,
3020 sizeof(tlsext_srtp_multiple_invalid));
3021 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3022 FAIL("should be able to fall back to negotiated\n");
3023 goto err;
3024 }
3025 if (CBS_len(&cbs) != 0) {
3026 FAIL("extension data remaining\n");
3027 goto err;
3028 }
3029
3030 /* If we fallback, the server should NOT send the extension. */
3031 if (SSL_get_selected_srtp_profile(ssl) != NULL) {
3032 FAIL("should not have selected a profile when none found\n");
3033 goto err;
3034 }
3035 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3036 FAIL("should not send server tlsext when no profile found\n");
3037 goto err;
3038 }
3039
3040 failure = 0;
3041
3042 err:
3043 CBB_cleanup(&cbb);
3044 SSL_CTX_free(ssl_ctx);
3045 SSL_free(ssl);
3046 free(data);
3047
3048 return (failure);
3049}
3050
3051static int
3052test_tlsext_srtp_server(void)
3053{
3054 const SRTP_PROTECTION_PROFILE *prof;
3055 SSL_CTX *ssl_ctx = NULL;
3056 SSL *ssl = NULL;
3057 const struct tls_extension_funcs *client_funcs;
3058 const struct tls_extension_funcs *server_funcs;
3059 uint8_t *data = NULL;
3060 CBB cbb;
3061 CBS cbs;
3062 int failure, alert;
3063 size_t dlen;
3064
3065 failure = 1;
3066
3067 if (!CBB_init(&cbb, 0))
3068 errx(1, "Failed to create CBB");
3069
3070 /* SRTP is for DTLS */
3071 if ((ssl_ctx = SSL_CTX_new(DTLSv1_client_method())) == NULL)
3072 errx(1, "failed to create SSL_CTX");
3073 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3074 errx(1, "failed to create SSL");
3075
3076 if (!tls_extension_funcs(TLSEXT_TYPE_use_srtp, &client_funcs,
3077 &server_funcs))
3078 errx(1, "failed to fetch srtp funcs");
3079
3080 /* By default, we don't need this */
3081 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3082 FAIL("server should not need SRTP by default\n");
3083 goto err;
3084 }
3085
3086 if (srtp_find_profile_by_name(tlsext_srtp_aes128cmsha80, &prof,
3087 strlen(tlsext_srtp_aes128cmsha80))) {
3088 FAIL("should be able to find the given profile\n");
3089 goto err;
3090 }
3091 ssl->srtp_profile = prof;
3092 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3093 FAIL("server should need SRTP by now\n");
3094 goto err;
3095 }
3096
3097 /* Make sure we can build the server with a single profile. */
3098
3099 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3100 FAIL("server failed to build SRTP\n");
3101 goto err;
3102 }
3103 if (!CBB_finish(&cbb, &data, &dlen))
3104 errx(1, "failed to finish CBB");
3105
3106 if (dlen != sizeof(tlsext_srtp_single)) {
3107 FAIL("got server SRTP with length %zu, "
3108 "want length %zu\n", dlen,
3109 sizeof(tlsext_srtp_single));
3110 compare_data(data, dlen, tlsext_srtp_single,
3111 sizeof(tlsext_srtp_single));
3112 goto err;
3113 }
3114 if (memcmp(data, tlsext_srtp_single, dlen) != 0) {
3115 FAIL("server SRTP differs:\n");
3116 compare_data(data, dlen, tlsext_srtp_single,
3117 sizeof(tlsext_srtp_single));
3118 goto err;
3119 }
3120
3121 CBB_cleanup(&cbb);
3122 if (!CBB_init(&cbb, 0))
3123 errx(1, "Failed to create CBB");
3124 free(data);
3125 data = NULL;
3126
3127 /* Make sure we can parse the single profile. */
3128 ssl->srtp_profile = NULL;
3129
3130 if (SSL_get_selected_srtp_profile(ssl) != NULL) {
3131 FAIL("SRTP profile should not be set yet\n");
3132 goto err;
3133 }
3134
3135 /* Setup the environment as if a client sent a list of profiles. */
3136 if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_multiple_profiles) != 0) {
3137 FAIL("should be able to set multiple profiles in SRTP\n");
3138 goto err;
3139 }
3140
3141 CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single));
3142 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3143 FAIL("failed to parse SRTP\n");
3144 goto err;
3145 }
3146 if (CBS_len(&cbs) != 0) {
3147 FAIL("extension data remaining\n");
3148 goto err;
3149 }
3150
3151 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
3152 FAIL("SRTP profile should be set now\n");
3153 goto err;
3154 }
3155 if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) {
3156 FAIL("SRTP profile was not set properly\n");
3157 goto err;
3158 }
3159
3160 /* Make sure we cannot parse multiple profiles */
3161 ssl->srtp_profile = NULL;
3162
3163 CBS_init(&cbs, tlsext_srtp_multiple,
3164 sizeof(tlsext_srtp_multiple));
3165 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3166 FAIL("should not find multiple entries from the server\n");
3167 goto err;
3168 }
3169
3170 /* Make sure we cannot parse a server with unknown profile */
3171 ssl->srtp_profile = NULL;
3172
3173 CBS_init(&cbs, tlsext_srtp_single_invalid,
3174 sizeof(tlsext_srtp_single_invalid));
3175 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3176 FAIL("should not be able to parse this\n");
3177 goto err;
3178 }
3179
3180 failure = 0;
3181
3182 err:
3183 CBB_cleanup(&cbb);
3184 SSL_CTX_free(ssl_ctx);
3185 SSL_free(ssl);
3186 free(data);
3187
3188 return (failure);
3189}
3190#endif /* OPENSSL_NO_SRTP */
3191
3192static const unsigned char tlsext_clienthello_default[] = {
3193 0x00, 0x34, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00,
3194 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d,
3195 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23,
3196 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16,
3197 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08, 0x05,
3198 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01,
3199 0x04, 0x03, 0x02, 0x01, 0x02, 0x03,
3200};
3201
3202/* An empty array is an incomplete type and sizeof() is undefined. */
3203static const unsigned char tlsext_clienthello_disabled[] = {
3204 0x00,
3205};
3206static size_t tlsext_clienthello_disabled_len = 0;
3207
3208static int
3209test_tlsext_clienthello_build(void)
3210{
3211 unsigned char *data = NULL;
3212 SSL_CTX *ssl_ctx = NULL;
3213 SSL *ssl = NULL;
3214 const struct tls_extension_funcs *client_funcs;
3215 const struct tls_extension_funcs *server_funcs;
3216 size_t dlen;
3217 int failure;
3218 CBB cbb;
3219
3220 failure = 1;
3221
3222 if (!CBB_init(&cbb, 0))
3223 errx(1, "failed to create CBB");
3224
3225 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) {
3226 FAIL("failed to create SSL_CTX");
3227 goto err;
3228 }
3229
3230 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
3231 FAIL("failed to create SSL");
3232 goto err;
3233 }
3234
3235 if (!tlsext_linearize_build_order(ssl)) {
3236 FAIL("failed to linearize build order");
3237 goto err;
3238 }
3239
3240 if (!tls_extension_funcs(TLSEXT_TYPE_supported_versions, &client_funcs,
3241 &server_funcs))
3242 errx(1, "failed to fetch supported versions funcs");
3243
3244 ssl->s3->hs.our_min_tls_version = TLS1_VERSION;
3245 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
3246
3247 if (!tlsext_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
3248 FAIL("failed to build clienthello extensions\n");
3249 goto err;
3250 }
3251 if (!CBB_finish(&cbb, &data, &dlen)) {
3252 FAIL("failed to finish CBB");
3253 goto err;
3254 }
3255
3256 if (dlen != sizeof(tlsext_clienthello_default)) {
3257 FAIL("got clienthello extensions with length %zu, "
3258 "want length %zu\n", dlen,
3259 sizeof(tlsext_clienthello_default));
3260 compare_data(data, dlen, tlsext_clienthello_default,
3261 sizeof(tlsext_clienthello_default));
3262 goto err;
3263 }
3264 if (memcmp(data, tlsext_clienthello_default, dlen) != 0) {
3265 FAIL("clienthello extensions differs:\n");
3266 compare_data(data, dlen, tlsext_clienthello_default,
3267 sizeof(tlsext_clienthello_default));
3268 goto err;
3269 }
3270
3271 free(data);
3272 data = NULL;
3273 CBB_cleanup(&cbb);
3274 if (!CBB_init(&cbb, 0))
3275 errx(1, "Failed to create CBB");
3276
3277 /* Switch to TLSv1.1, disable EC ciphers and session tickets. */
3278 ssl->s3->hs.our_max_tls_version = TLS1_1_VERSION;
3279 if (!SSL_set_cipher_list(ssl, "TLSv1.2:!ECDHE:!ECDSA")) {
3280 FAIL("failed to set cipher list\n");
3281 goto err;
3282 }
3283 if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) {
3284 FAIL("failed to disable session tickets\n");
3285 goto err;
3286 }
3287
3288 if (!tlsext_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
3289 FAIL("failed to build clienthello extensions\n");
3290 goto err;
3291 }
3292 if (!CBB_finish(&cbb, &data, &dlen)) {
3293 FAIL("failed to finish CBB");
3294 goto err;
3295 }
3296
3297 if (dlen != tlsext_clienthello_disabled_len) {
3298 FAIL("got clienthello extensions with length %zu, "
3299 "want length %zu\n", dlen,
3300 tlsext_clienthello_disabled_len);
3301 compare_data(data, dlen, tlsext_clienthello_disabled,
3302 tlsext_clienthello_disabled_len);
3303 goto err;
3304 }
3305 if (memcmp(data, tlsext_clienthello_disabled, dlen) != 0) {
3306 FAIL("clienthello extensions differs:\n");
3307 compare_data(data, dlen, tlsext_clienthello_disabled,
3308 tlsext_clienthello_disabled_len);
3309 goto err;
3310 }
3311
3312 failure = 0;
3313
3314 err:
3315 CBB_cleanup(&cbb);
3316 SSL_CTX_free(ssl_ctx);
3317 SSL_free(ssl);
3318 free(data);
3319
3320 return (failure);
3321}
3322
3323unsigned char tlsext_serverhello_default[] = {
3324 0x00, 0x06, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04,
3325};
3326
3327unsigned char tlsext_serverhello_enabled[] = {
3328 0x00, 0x10, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04,
3329 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23,
3330 0x00, 0x00,
3331};
3332
3333static int
3334test_tlsext_serverhello_build(void)
3335{
3336 unsigned char *data = NULL;
3337 SSL_CTX *ssl_ctx = NULL;
3338 SSL *ssl = NULL;
3339 size_t dlen;
3340 int failure;
3341 CBB cbb;
3342
3343 failure = 1;
3344
3345 if (!CBB_init(&cbb, 0))
3346 errx(1, "failed to create CBB");
3347
3348 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) {
3349 FAIL("failed to create SSL_CTX");
3350 goto err;
3351 }
3352 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
3353 FAIL("failed to create SSL");
3354 goto err;
3355 }
3356 if (!tlsext_linearize_build_order(ssl)) {
3357 FAIL("failed to linearize build order");
3358 goto err;
3359 }
3360 if ((ssl->session = SSL_SESSION_new()) == NULL) {
3361 FAIL("failed to create session");
3362 goto err;
3363 }
3364
3365 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3366 ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
3367 ssl->s3->hs.cipher =
3368 ssl3_get_cipher_by_id(TLS1_CK_RSA_WITH_AES_128_SHA256);
3369
3370 if (!tlsext_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3371 FAIL("failed to build serverhello extensions\n");
3372 goto err;
3373 }
3374 if (!CBB_finish(&cbb, &data, &dlen)) {
3375 FAIL("failed to finish CBB");
3376 goto err;
3377 }
3378
3379 if (dlen != sizeof(tlsext_serverhello_default)) {
3380 FAIL("got serverhello extensions with length %zu, "
3381 "want length %zu\n", dlen,
3382 sizeof(tlsext_serverhello_default));
3383 compare_data(data, dlen, tlsext_serverhello_default,
3384 sizeof(tlsext_serverhello_default));
3385 goto err;
3386 }
3387 if (memcmp(data, tlsext_serverhello_default, dlen) != 0) {
3388 FAIL("serverhello extensions differs:\n");
3389 compare_data(data, dlen, tlsext_serverhello_default,
3390 sizeof(tlsext_serverhello_default));
3391 goto err;
3392 }
3393
3394 CBB_cleanup(&cbb);
3395 free(data);
3396 data = NULL;
3397 if (!CBB_init(&cbb, 0))
3398 errx(1, "Failed to create CBB");
3399
3400 /* Turn a few things on so we get extensions... */
3401 ssl->s3->send_connection_binding = 1;
3402 ssl->s3->hs.cipher =
3403 ssl3_get_cipher_by_id(TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256);
3404 ssl->tlsext_status_expected = 1;
3405 ssl->tlsext_ticket_expected = 1;
3406 if ((ssl->session->tlsext_ecpointformatlist = malloc(1)) == NULL) {
3407 FAIL("malloc failed");
3408 goto err;
3409 }
3410 ssl->session->tlsext_ecpointformatlist_length = 1;
3411 ssl->session->tlsext_ecpointformatlist[0] =
3412 TLSEXT_ECPOINTFORMAT_uncompressed;
3413
3414 if (!tlsext_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3415 FAIL("failed to build serverhello extensions\n");
3416 goto err;
3417 }
3418 if (!CBB_finish(&cbb, &data, &dlen)) {
3419 FAIL("failed to finish CBB");
3420 goto err;
3421 }
3422
3423 if (dlen != sizeof(tlsext_serverhello_enabled)) {
3424 FAIL("got serverhello extensions with length %zu, "
3425 "want length %zu\n", dlen,
3426 sizeof(tlsext_serverhello_enabled));
3427 compare_data(data, dlen, tlsext_serverhello_enabled,
3428 sizeof(tlsext_serverhello_enabled));
3429 goto err;
3430 }
3431 if (memcmp(data, tlsext_serverhello_enabled, dlen) != 0) {
3432 FAIL("serverhello extensions differs:\n");
3433 compare_data(data, dlen, tlsext_serverhello_enabled,
3434 sizeof(tlsext_serverhello_enabled));
3435 goto err;
3436 }
3437
3438 failure = 0;
3439
3440 err:
3441 CBB_cleanup(&cbb);
3442 SSL_CTX_free(ssl_ctx);
3443 SSL_free(ssl);
3444 free(data);
3445
3446 return (failure);
3447}
3448
3449const unsigned char tlsext_versions_client[] = {
3450 0x08, 0x03, 0x04, 0x03, 0x03, 0x03,
3451 0x02, 0x03, 0x01,
3452};
3453
3454const unsigned char tlsext_versions_server[] = {
3455 0x03, 0x04,
3456};
3457
3458static int
3459test_tlsext_versions_client(void)
3460{
3461 unsigned char *data = NULL;
3462 SSL_CTX *ssl_ctx = NULL;
3463 SSL *ssl = NULL;
3464 const struct tls_extension_funcs *client_funcs;
3465 const struct tls_extension_funcs *server_funcs;
3466 int failure;
3467 size_t dlen;
3468 int alert;
3469 CBB cbb;
3470 CBS cbs;
3471
3472 failure = 1;
3473
3474 if (!CBB_init(&cbb, 0))
3475 errx(1, "Failed to create CBB");
3476
3477 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3478 errx(1, "failed to create SSL_CTX");
3479 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3480 errx(1, "failed to create SSL");
3481
3482 if (!tls_extension_funcs(TLSEXT_TYPE_supported_versions, &client_funcs,
3483 &server_funcs))
3484 errx(1, "failed to fetch supported versions funcs");
3485
3486 ssl->s3->hs.our_max_tls_version = TLS1_1_VERSION;
3487
3488 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3489 FAIL("client should not need versions\n");
3490 goto done;
3491 }
3492
3493 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
3494
3495 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3496 FAIL("client should not need versions\n");
3497 goto done;
3498 }
3499
3500 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3501
3502 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3503 FAIL("client should need versions\n");
3504 goto done;
3505 }
3506
3507 ssl->s3->hs.our_min_tls_version = TLS1_VERSION;
3508 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3509
3510 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
3511 FAIL("client should have built versions\n");
3512 goto done;
3513 }
3514
3515 if (!CBB_finish(&cbb, &data, &dlen)) {
3516 FAIL("failed to finish CBB\n");
3517 goto done;
3518 }
3519
3520 if (dlen != sizeof(tlsext_versions_client)) {
3521 FAIL("got versions with length %zu, "
3522 "want length %zu\n", dlen, sizeof(tlsext_versions_client));
3523 goto done;
3524 }
3525
3526 CBS_init(&cbs, data, dlen);
3527 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3528 FAIL("failed to parse client versions\n");
3529 goto done;
3530 }
3531 if (CBS_len(&cbs) != 0) {
3532 FAIL("extension data remaining\n");
3533 goto done;
3534 }
3535
3536 failure = 0;
3537
3538 done:
3539 CBB_cleanup(&cbb);
3540 SSL_CTX_free(ssl_ctx);
3541 SSL_free(ssl);
3542 free(data);
3543
3544 return (failure);
3545}
3546
3547static int
3548test_tlsext_versions_server(void)
3549{
3550 unsigned char *data = NULL;
3551 SSL_CTX *ssl_ctx = NULL;
3552 SSL *ssl = NULL;
3553 const struct tls_extension_funcs *client_funcs;
3554 const struct tls_extension_funcs *server_funcs;
3555 int failure;
3556 size_t dlen;
3557 int alert;
3558 CBB cbb;
3559 CBS cbs;
3560
3561 failure = 1;
3562
3563 if (!CBB_init(&cbb, 0))
3564 errx(1, "Failed to create CBB");
3565
3566 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3567 errx(1, "failed to create SSL_CTX");
3568 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3569 errx(1, "failed to create SSL");
3570
3571 if (!tls_extension_funcs(TLSEXT_TYPE_supported_versions, &client_funcs,
3572 &server_funcs))
3573 errx(1, "failed to fetch supported versions funcs");
3574
3575 ssl->s3->hs.negotiated_tls_version = TLS1_2_VERSION;
3576
3577 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3578 FAIL("server should not need versions\n");
3579 goto done;
3580 }
3581
3582 ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
3583
3584 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3585 FAIL("server should need versions\n");
3586 goto done;
3587 }
3588
3589 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3590 FAIL("server should have built versions\n");
3591 goto done;
3592 }
3593
3594 if (!CBB_finish(&cbb, &data, &dlen)) {
3595 FAIL("failed to finish CBB\n");
3596 goto done;
3597 }
3598
3599 if (dlen != sizeof(tlsext_versions_server)) {
3600 FAIL("got versions with length %zu, "
3601 "want length %zu\n", dlen, sizeof(tlsext_versions_server));
3602 goto done;
3603 }
3604
3605 CBS_init(&cbs, data, dlen);
3606 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3607 FAIL("failed to parse client versions\n");
3608 goto done;
3609 }
3610 if (CBS_len(&cbs) != 0) {
3611 FAIL("extension data remaining\n");
3612 goto done;
3613 }
3614
3615 failure = 0;
3616
3617 done:
3618 CBB_cleanup(&cbb);
3619 SSL_CTX_free(ssl_ctx);
3620 SSL_free(ssl);
3621 free(data);
3622
3623 return (failure);
3624}
3625
3626const unsigned char tlsext_keyshare_client[] = {
3627 0x00, 0x24, 0x00, 0x1d, 0x00, 0x20, 0xba, 0x83,
3628 0x2e, 0x4a, 0x18, 0xbe, 0x96, 0xd2, 0x71, 0x70,
3629 0x18, 0x04, 0xf9, 0x9d, 0x76, 0x98, 0xef, 0xe8,
3630 0x4f, 0x8b, 0x85, 0x41, 0xa4, 0xd9, 0x61, 0x57,
3631 0xad, 0x5b, 0xa4, 0xe9, 0x8b, 0x6b,
3632};
3633
3634const unsigned char tlsext_keyshare_server[] = {
3635 0x00, 0x1d, 0x00, 0x20, 0xe5, 0xe8, 0x5a, 0xb9,
3636 0x7e, 0x12, 0x62, 0xe3, 0xd8, 0x7f, 0x6e, 0x3c,
3637 0xec, 0xa6, 0x8b, 0x99, 0x45, 0x77, 0x8e, 0x11,
3638 0xb3, 0xb9, 0x12, 0xb6, 0xbe, 0x35, 0xca, 0x51,
3639 0x76, 0x1e, 0xe8, 0x22
3640};
3641
3642static int
3643test_tlsext_keyshare_client(void)
3644{
3645 unsigned char *data = NULL;
3646 SSL_CTX *ssl_ctx = NULL;
3647 SSL *ssl = NULL;
3648 const struct tls_extension_funcs *client_funcs;
3649 const struct tls_extension_funcs *server_funcs;
3650 int failure;
3651 size_t dlen;
3652 int alert;
3653 CBB cbb;
3654 CBS cbs;
3655
3656 failure = 1;
3657
3658 if (!CBB_init(&cbb, 0))
3659 errx(1, "Failed to create CBB");
3660
3661 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3662 errx(1, "failed to create SSL_CTX");
3663 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3664 errx(1, "failed to create SSL");
3665
3666 if (!tls_extension_funcs(TLSEXT_TYPE_key_share, &client_funcs,
3667 &server_funcs))
3668 errx(1, "failed to fetch keyshare funcs");
3669
3670 if ((ssl->s3->hs.key_share =
3671 tls_key_share_new_nid(NID_X25519)) == NULL)
3672 errx(1, "failed to create key share");
3673 if (!tls_key_share_generate(ssl->s3->hs.key_share))
3674 errx(1, "failed to generate key share");
3675
3676 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
3677 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3678 FAIL("client should not need keyshare\n");
3679 goto done;
3680 }
3681
3682 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3683 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3684 FAIL("client should need keyshare\n");
3685 goto done;
3686 }
3687
3688 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3689 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
3690 FAIL("client should have built keyshare\n");
3691 goto done;
3692 }
3693
3694 if (!CBB_finish(&cbb, &data, &dlen)) {
3695 FAIL("failed to finish CBB\n");
3696 goto done;
3697 }
3698
3699 if (dlen != sizeof(tlsext_keyshare_client)) {
3700 FAIL("got client keyshare with length %zu, "
3701 "want length %zu\n", dlen, (size_t) sizeof(tlsext_keyshare_client));
3702 goto done;
3703 }
3704
3705 (ssl)->version = TLS1_3_VERSION;
3706 CBS_init(&cbs, data, dlen);
3707
3708 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3709 FAIL("failed to parse client keyshare\n");
3710 goto done;
3711 }
3712
3713 if (CBS_len(&cbs) != 0) {
3714 FAIL("extension data remaining\n");
3715 goto done;
3716 }
3717
3718 failure = 0;
3719
3720 done:
3721 CBB_cleanup(&cbb);
3722 SSL_CTX_free(ssl_ctx);
3723 SSL_free(ssl);
3724 free(data);
3725
3726 return (failure);
3727}
3728
3729static const uint8_t bogokey[] = {
3730 0xe5, 0xe8, 0x5a, 0xb9, 0x7e, 0x12, 0x62, 0xe3,
3731 0xd8, 0x7f, 0x6e, 0x3c, 0xec, 0xa6, 0x8b, 0x99,
3732 0x45, 0x77, 0x8e, 0x11, 0xb3, 0xb9, 0x12, 0xb6,
3733 0xbe, 0x35, 0xca, 0x51, 0x76, 0x1e, 0xe8, 0x22,
3734};
3735
3736static int
3737test_tlsext_keyshare_server(void)
3738{
3739 unsigned char *data = NULL;
3740 SSL_CTX *ssl_ctx = NULL;
3741 SSL *ssl = NULL;
3742 const struct tls_extension_funcs *client_funcs;
3743 const struct tls_extension_funcs *server_funcs;
3744 int decode_error;
3745 int failure;
3746 size_t dlen, idx;
3747 int alert;
3748 CBB cbb;
3749 CBS cbs;
3750
3751 failure = 1;
3752
3753 if (!CBB_init(&cbb, 0))
3754 errx(1, "Failed to create CBB");
3755
3756 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3757 errx(1, "failed to create SSL_CTX");
3758 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3759 errx(1, "failed to create SSL");
3760
3761 if (!tls_extension_funcs(TLSEXT_TYPE_key_share, &client_funcs,
3762 &server_funcs))
3763 errx(1, "failed to fetch keyshare funcs");
3764
3765 ssl->s3->hs.negotiated_tls_version = TLS1_2_VERSION;
3766 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3767 FAIL("server should not need keyshare\n");
3768 goto done;
3769 }
3770
3771 ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
3772 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3773 FAIL("client should not need keyshare\n");
3774 goto done;
3775 }
3776
3777 if (tls_extension_find(TLSEXT_TYPE_key_share, &idx) == NULL) {
3778 FAIL("failed to find keyshare extension\n");
3779 goto done;
3780 }
3781 ssl->s3->hs.extensions_seen |= (1 << idx);
3782
3783 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3784 FAIL("server should need keyshare\n");
3785 goto done;
3786 }
3787
3788 if (server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3789 FAIL("server should not have built a keyshare response\n");
3790 goto done;
3791 }
3792
3793 if ((ssl->s3->hs.key_share =
3794 tls_key_share_new_nid(NID_X25519)) == NULL) {
3795 FAIL("failed to create key share");
3796 goto done;
3797 }
3798
3799 if (!tls_key_share_generate(ssl->s3->hs.key_share)) {
3800 FAIL("failed to generate key share");
3801 goto done;
3802 }
3803
3804 CBS_init(&cbs, bogokey, sizeof(bogokey));
3805
3806 if (!tls_key_share_peer_public(ssl->s3->hs.key_share, &cbs,
3807 &decode_error, NULL)) {
3808 FAIL("failed to load peer public key\n");
3809 goto done;
3810 }
3811
3812 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3813 FAIL("server should be able to build a keyshare response\n");
3814 goto done;
3815 }
3816
3817 if (!CBB_finish(&cbb, &data, &dlen)) {
3818 FAIL("failed to finish CBB\n");
3819 goto done;
3820 }
3821
3822 if (dlen != sizeof(tlsext_keyshare_server)) {
3823 FAIL("got server keyshare with length %zu, "
3824 "want length %zu\n", dlen, sizeof(tlsext_keyshare_server));
3825 goto done;
3826 }
3827
3828 tls_key_share_free(ssl->s3->hs.key_share);
3829
3830 if ((ssl->s3->hs.key_share =
3831 tls_key_share_new_nid(NID_X25519)) == NULL) {
3832 FAIL("failed to create key share");
3833 goto done;
3834 }
3835 if (!tls_key_share_generate(ssl->s3->hs.key_share)) {
3836 FAIL("failed to generate key share");
3837 goto done;
3838 }
3839
3840 CBS_init(&cbs, data, dlen);
3841
3842 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3843 FAIL("failed to parse server keyshare\n");
3844 goto done;
3845 }
3846
3847 if (CBS_len(&cbs) != 0) {
3848 FAIL("extension data remaining\n");
3849 goto done;
3850 }
3851
3852 failure = 0;
3853
3854done:
3855 CBB_cleanup(&cbb);
3856 SSL_CTX_free(ssl_ctx);
3857 SSL_free(ssl);
3858 free(data);
3859
3860 return (failure);
3861}
3862
3863/* One day I hope to be the only Muppet in this codebase */
3864const uint8_t cookie[] = "\n"
3865 " (o)(o) \n"
3866 " m' 'm \n"
3867 " M -****- M \n"
3868 " 'm m' \n"
3869 " m''''''''''m \n"
3870 " M M BB \n";
3871
3872static int
3873test_tlsext_cookie_client(void)
3874{
3875 unsigned char *data = NULL;
3876 SSL_CTX *ssl_ctx = NULL;
3877 SSL *ssl = NULL;
3878 const struct tls_extension_funcs *client_funcs;
3879 const struct tls_extension_funcs *server_funcs;
3880 int failure;
3881 size_t dlen;
3882 int alert;
3883 CBB cbb;
3884 CBS cbs;
3885
3886 failure = 1;
3887
3888 if (!CBB_init(&cbb, 0))
3889 errx(1, "Failed to create CBB");
3890
3891 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3892 errx(1, "failed to create SSL_CTX");
3893 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3894 errx(1, "failed to create SSL");
3895
3896 if (!tls_extension_funcs(TLSEXT_TYPE_cookie, &client_funcs,
3897 &server_funcs))
3898 errx(1, "failed to fetch cookie funcs");
3899
3900 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
3901 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3902 FAIL("client should not need cookie\n");
3903 goto done;
3904 }
3905
3906
3907 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3908 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3909 FAIL("client should not need cookie\n");
3910 goto done;
3911 }
3912
3913 /* Normally would be set by receiving a server cookie in an HRR */
3914 ssl->s3->hs.tls13.cookie = strdup(cookie);
3915 ssl->s3->hs.tls13.cookie_len = strlen(cookie);
3916
3917 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3918 FAIL("client should need cookie\n");
3919 goto done;
3920 }
3921
3922 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
3923 FAIL("client should have built a cookie response\n");
3924 goto done;
3925 }
3926
3927 if (!CBB_finish(&cbb, &data, &dlen)) {
3928 FAIL("failed to finish CBB\n");
3929 goto done;
3930 }
3931
3932 if (dlen != strlen(cookie) + sizeof(uint16_t)) {
3933 FAIL("got cookie with length %zu, "
3934 "want length %zu\n", dlen, strlen(cookie) +
3935 sizeof(uint16_t));
3936 goto done;
3937 }
3938
3939 CBS_init(&cbs, data, dlen);
3940
3941 /* Checks cookie against what's in the hs.tls13 */
3942 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3943 FAIL("failed to parse client cookie\n");
3944 goto done;
3945 }
3946
3947 if (CBS_len(&cbs) != 0) {
3948 FAIL("extension data remaining\n");
3949 goto done;
3950 }
3951
3952 failure = 0;
3953
3954 done:
3955 CBB_cleanup(&cbb);
3956 SSL_CTX_free(ssl_ctx);
3957 SSL_free(ssl);
3958 free(data);
3959
3960 return (failure);
3961}
3962
3963static int
3964test_tlsext_cookie_server(void)
3965{
3966 unsigned char *data = NULL;
3967 SSL_CTX *ssl_ctx = NULL;
3968 SSL *ssl = NULL;
3969 const struct tls_extension_funcs *client_funcs;
3970 const struct tls_extension_funcs *server_funcs;
3971 int failure;
3972 size_t dlen;
3973 int alert;
3974 CBB cbb;
3975 CBS cbs;
3976
3977 failure = 1;
3978
3979 if (!CBB_init(&cbb, 0))
3980 errx(1, "Failed to create CBB");
3981
3982 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3983 errx(1, "failed to create SSL_CTX");
3984 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3985 errx(1, "failed to create SSL");
3986
3987 if (!tls_extension_funcs(TLSEXT_TYPE_cookie, &client_funcs,
3988 &server_funcs))
3989 errx(1, "failed to fetch cookie funcs");
3990
3991 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
3992 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3993 FAIL("server should not need cookie\n");
3994 goto done;
3995 }
3996
3997 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3998 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3999 FAIL("server should not need cookie\n");
4000 goto done;
4001 }
4002
4003 /* Normally would be set by server before sending HRR */
4004 ssl->s3->hs.tls13.cookie = strdup(cookie);
4005 ssl->s3->hs.tls13.cookie_len = strlen(cookie);
4006
4007 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_HRR)) {
4008 FAIL("server should need cookie\n");
4009 goto done;
4010 }
4011
4012 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_HRR, &cbb)) {
4013 FAIL("server should have built a cookie response\n");
4014 goto done;
4015 }
4016
4017 if (!CBB_finish(&cbb, &data, &dlen)) {
4018 FAIL("failed to finish CBB\n");
4019 goto done;
4020 }
4021
4022 if (dlen != strlen(cookie) + sizeof(uint16_t)) {
4023 FAIL("got cookie with length %zu, "
4024 "want length %zu\n", dlen, strlen(cookie) +
4025 sizeof(uint16_t));
4026 goto done;
4027 }
4028
4029 CBS_init(&cbs, data, dlen);
4030
4031 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
4032 FAIL("client should not have parsed server cookie\n");
4033 goto done;
4034 }
4035
4036 freezero(ssl->s3->hs.tls13.cookie, ssl->s3->hs.tls13.cookie_len);
4037 ssl->s3->hs.tls13.cookie = NULL;
4038 ssl->s3->hs.tls13.cookie_len = 0;
4039
4040 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
4041 FAIL("failed to parse server cookie\n");
4042 goto done;
4043 }
4044
4045 if (memcmp(cookie, ssl->s3->hs.tls13.cookie,
4046 ssl->s3->hs.tls13.cookie_len) != 0) {
4047 FAIL("parsed server cookie does not match sent cookie\n");
4048 goto done;
4049 }
4050
4051 if (CBS_len(&cbs) != 0) {
4052 FAIL("extension data remaining\n");
4053 goto done;
4054 }
4055
4056 failure = 0;
4057
4058done:
4059 CBB_cleanup(&cbb);
4060 SSL_CTX_free(ssl_ctx);
4061 SSL_free(ssl);
4062 free(data);
4063
4064 return (failure);
4065}
4066
4067const uint8_t tlsext_default_psk_modes[] = {
4068 0x01, 0x01,
4069};
4070
4071const uint8_t tlsext_psk_only_mode[] = {
4072 0x01, 0x00,
4073};
4074
4075const uint8_t tlsext_psk_both_modes[] = {
4076 0x02, 0x00, 0x01,
4077};
4078
4079static int
4080test_tlsext_psk_modes_client(void)
4081{
4082 SSL_CTX *ssl_ctx = NULL;
4083 SSL *ssl = NULL;
4084 const struct tls_extension_funcs *client_funcs;
4085 const struct tls_extension_funcs *server_funcs;
4086 int failure;
4087 uint8_t *data = NULL;
4088 size_t dlen;
4089 CBB cbb;
4090 CBS cbs;
4091 int alert;
4092
4093 failure = 1;
4094
4095 if (!CBB_init(&cbb, 0))
4096 errx(1, "Failed to create CBB");
4097
4098 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
4099 errx(1, "failed to create SSL_CTX");
4100 if ((ssl = SSL_new(ssl_ctx)) == NULL)
4101 errx(1, "failed to create SSL");
4102
4103 if (!tls_extension_funcs(TLSEXT_TYPE_psk_kex_modes, &client_funcs,
4104 &server_funcs))
4105 errx(1, "failed to fetch psk funcs");
4106
4107 /* Disabled by default. */
4108 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
4109 FAIL("client should not need psk kex modes by default\n");
4110 goto err;
4111 }
4112
4113 /*
4114 * Prerequisites: use_psk_dhe_ke flag is set and
4115 * our_max_tls_version >= TLSv1.3.
4116 */
4117
4118 ssl->s3->hs.tls13.use_psk_dhe_ke = 1;
4119 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
4120
4121 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
4122 FAIL("client should not need psk kex modes with TLSv1.2\n");
4123 goto err;
4124 }
4125
4126 ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
4127 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
4128
4129 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
4130 FAIL("client should not need psk kex modes without "
4131 "use_psk_dhe_ke\n");
4132 goto err;
4133 }
4134
4135 ssl->s3->hs.tls13.use_psk_dhe_ke = 1;
4136 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
4137
4138 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
4139 FAIL("client should need psk kex modes with TLSv1.3\n");
4140 goto err;
4141 }
4142
4143 /* Make sure we can build psk modes with DHE key establishment. */
4144
4145 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
4146 FAIL("client failed to build psk kex modes\n");
4147 goto err;
4148 }
4149
4150 if (!CBB_finish(&cbb, &data, &dlen))
4151 errx(1, "failed to finish psk kex CBB");
4152
4153 if (dlen != sizeof(tlsext_default_psk_modes)) {
4154 FAIL("got client psk kex modes with length %zu, "
4155 "want length %zu\n", dlen,
4156 sizeof(tlsext_default_psk_modes));
4157 compare_data(data, dlen, tlsext_default_psk_modes,
4158 sizeof(tlsext_default_psk_modes));
4159 goto err;
4160 }
4161 if (memcmp(data, tlsext_default_psk_modes, dlen) != 0) {
4162 FAIL("client psk kex modes differ:\n");
4163 compare_data(data, dlen, tlsext_default_psk_modes,
4164 sizeof(tlsext_default_psk_modes));
4165 goto err;
4166 }
4167
4168 CBB_cleanup(&cbb);
4169 free(data);
4170 data = NULL;
4171
4172 /*
4173 * Make sure we can parse the default psk modes and that use_psk_dhe_ke
4174 * is set after parsing.
4175 */
4176
4177 ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
4178
4179 CBS_init(&cbs, tlsext_default_psk_modes,
4180 sizeof(tlsext_default_psk_modes));
4181 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
4182 FAIL("failed to parse psk kex modes\n");
4183 goto err;
4184 }
4185 if (CBS_len(&cbs) != 0) {
4186 FAIL("extension data remaining\n");
4187 goto err;
4188 }
4189
4190 if (ssl->s3->hs.tls13.use_psk_dhe_ke != 1) {
4191 FAIL("should have set use_psk_dhe_ke\n");
4192 goto err;
4193 }
4194
4195 /*
4196 * Make sure we can parse the psk-only mode and that use_psk_dhe_ke
4197 * is still not set after parsing.
4198 */
4199
4200 ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
4201
4202 CBS_init(&cbs, tlsext_psk_only_mode, sizeof(tlsext_psk_only_mode));
4203 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
4204 FAIL("failed to parse psk kex modes\n");
4205 goto err;
4206 }
4207 if (CBS_len(&cbs) != 0) {
4208 FAIL("extension data remaining\n");
4209 goto err;
4210 }
4211
4212 if (ssl->s3->hs.tls13.use_psk_dhe_ke != 0) {
4213 FAIL("should not have set use_psk_dhe_ke\n");
4214 goto err;
4215 }
4216
4217 /*
4218 * Make sure we can parse the extension indicating both modes and that
4219 * use_psk_dhe_ke is set after parsing.
4220 */
4221
4222 ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
4223
4224 CBS_init(&cbs, tlsext_psk_both_modes, sizeof(tlsext_psk_both_modes));
4225 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
4226 FAIL("failed to parse psk kex modes\n");
4227 goto err;
4228 }
4229 if (CBS_len(&cbs) != 0) {
4230 FAIL("extension data remaining\n");
4231 goto err;
4232 }
4233
4234 if (ssl->s3->hs.tls13.use_psk_dhe_ke != 1) {
4235 FAIL("should have set use_psk_dhe_ke\n");
4236 goto err;
4237 }
4238
4239 failure = 0;
4240
4241 err:
4242 CBB_cleanup(&cbb);
4243 SSL_CTX_free(ssl_ctx);
4244 SSL_free(ssl);
4245 free(data);
4246
4247 return failure;
4248}
4249
4250static int
4251test_tlsext_psk_modes_server(void)
4252{
4253 SSL_CTX *ssl_ctx = NULL;
4254 SSL *ssl = NULL;
4255 const struct tls_extension_funcs *client_funcs;
4256 const struct tls_extension_funcs *server_funcs;
4257 int failure;
4258
4259 failure = 1;
4260
4261 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
4262 errx(1, "failed to create SSL_CTX");
4263 if ((ssl = SSL_new(ssl_ctx)) == NULL)
4264 errx(1, "failed to create SSL");
4265
4266 if (!tls_extension_funcs(TLSEXT_TYPE_psk_kex_modes, &client_funcs,
4267 &server_funcs))
4268 errx(1, "failed to fetch psk funcs");
4269
4270 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
4271 FAIL("server should not need psk kex modes\n");
4272 goto err;
4273 }
4274
4275 failure = 0;
4276
4277 err:
4278 SSL_CTX_free(ssl_ctx);
4279 SSL_free(ssl);
4280
4281 return failure;
4282}
4283
4284struct tls_sni_test {
4285 const char *hostname;
4286 int is_ip;
4287 int valid;
4288};
4289
4290static const struct tls_sni_test tls_sni_tests[] = {
4291 {
4292 .hostname = "openbsd.org",
4293 .valid = 1,
4294 },
4295 {
4296 .hostname = "op3nbsd.org",
4297 .valid = 1,
4298 },
4299 {
4300 .hostname = "org",
4301 .valid = 1,
4302 },
4303 {
4304 .hostname = "3openbsd.com",
4305 .valid = 1,
4306 },
4307 {
4308 .hostname = "3-0penb-d.c-m",
4309 .valid = 1,
4310 },
4311 {
4312 .hostname = "a",
4313 .valid = 1,
4314 },
4315 {
4316 .hostname =
4317 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com",
4318 .valid = 1,
4319 },
4320 {
4321 .hostname =
4322 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4323 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4324 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4325 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
4326 .valid = 1,
4327 },
4328 {
4329 .hostname = "openbsd.org.",
4330 .valid = 0,
4331 },
4332 {
4333 .hostname = "openbsd..org",
4334 .valid = 0,
4335 },
4336 {
4337 .hostname = "openbsd.org-",
4338 .valid = 0,
4339 },
4340 {
4341 .hostname =
4342 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com",
4343 .valid = 0,
4344 },
4345 {
4346 .hostname =
4347 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4348 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4349 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4350 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.a",
4351 .valid = 0,
4352 },
4353 {
4354 .hostname = "-p3nbsd.org",
4355 .valid = 0,
4356 },
4357 {
4358 .hostname = "openbs-.org",
4359 .valid = 0,
4360 },
4361 {
4362 .hostname = "openbsd\n.org",
4363 .valid = 0,
4364 },
4365 {
4366 .hostname = "open_bsd.org",
4367 .valid = 0,
4368 },
4369 {
4370 .hostname = "open\178bsd.org",
4371 .valid = 0,
4372 },
4373 {
4374 .hostname = "open\255bsd.org",
4375 .valid = 0,
4376 },
4377 {
4378 .hostname = "dead::beef",
4379 .is_ip = 1,
4380 .valid = 0,
4381 },
4382 {
4383 .hostname = "192.168.0.1",
4384 .is_ip = 1,
4385 .valid = 0,
4386 },
4387};
4388
4389#define N_TLS_SNI_TESTS (sizeof(tls_sni_tests) / sizeof(*tls_sni_tests))
4390
4391static int
4392test_tlsext_is_valid_hostname(const struct tls_sni_test *tst)
4393{
4394 int failure;
4395 int is_ip;
4396 CBS cbs;
4397
4398 failure = 1;
4399
4400 CBS_init(&cbs, tst->hostname, strlen(tst->hostname));
4401 if (tlsext_sni_is_valid_hostname(&cbs, &is_ip) != tst->valid) {
4402 if (tst->valid) {
4403 FAIL("Valid hostname '%s' rejected\n",
4404 tst->hostname);
4405 } else {
4406 FAIL("Invalid hostname '%s' accepted\n",
4407 tst->hostname);
4408 }
4409 goto done;
4410 }
4411 if (tst->is_ip != is_ip) {
4412 if (tst->is_ip) {
4413 FAIL("Hostname '%s' is an IP literal but not "
4414 "identified as one\n", tst->hostname);
4415 } else {
4416 FAIL("Hostname '%s' is not an IP literal but is "
4417 "identified as one\n", tst->hostname);
4418 }
4419 goto done;
4420 }
4421
4422 if (tst->valid) {
4423 CBS_init(&cbs, tst->hostname,
4424 strlen(tst->hostname) + 1);
4425 if (tlsext_sni_is_valid_hostname(&cbs, &is_ip)) {
4426 FAIL("hostname with NUL byte accepted\n");
4427 goto done;
4428 }
4429 }
4430
4431 failure = 0;
4432
4433 done:
4434
4435 return failure;
4436}
4437
4438static int
4439test_tlsext_valid_hostnames(void)
4440{
4441 const struct tls_sni_test *tst;
4442 int failure = 0;
4443 size_t i;
4444
4445 for (i = 0; i < N_TLS_SNI_TESTS; i++) {
4446 tst = &tls_sni_tests[i];
4447 failure |= test_tlsext_is_valid_hostname(tst);
4448 }
4449
4450 return failure;
4451}
4452
4453#define N_TLSEXT_RANDOMIZATION_TESTS 1000
4454
4455static int
4456test_tlsext_check_extension_order(SSL *ssl)
4457{
4458 const struct tls_extension *ext;
4459 uint16_t type;
4460 size_t alpn_idx, sni_idx;
4461 size_t i;
4462
4463 if (ssl->tlsext_build_order_len == 0) {
4464 FAIL("Unexpected zero build order length");
4465 return 1;
4466 }
4467
4468 ext = ssl->tlsext_build_order[ssl->tlsext_build_order_len - 1];
4469 if ((type = tls_extension_type(ext)) != TLSEXT_TYPE_psk) {
4470 FAIL("last extension is %u, want %u\n", type, TLSEXT_TYPE_psk);
4471 return 1;
4472 }
4473
4474 if (ssl->server)
4475 return 0;
4476
4477 alpn_idx = sni_idx = ssl->tlsext_build_order_len;
4478 for (i = 0; i < ssl->tlsext_build_order_len; i++) {
4479 ext = ssl->tlsext_build_order[i];
4480 if (tls_extension_type(ext) == TLSEXT_TYPE_alpn)
4481 alpn_idx = i;
4482 if (tls_extension_type(ext) == TLSEXT_TYPE_server_name)
4483 sni_idx = i;
4484 }
4485
4486 if (alpn_idx == ssl->tlsext_build_order_len) {
4487 FAIL("could not find alpn extension\n");
4488 return 1;
4489 }
4490
4491 if (sni_idx == ssl->tlsext_build_order_len) {
4492 FAIL("could not find alpn extension\n");
4493 return 1;
4494 }
4495
4496 if (sni_idx >= alpn_idx) {
4497 FAIL("sni does not precede alpn: %zu >= %zu\n",
4498 sni_idx, alpn_idx);
4499 return 1;
4500 }
4501
4502 return 0;
4503}
4504
4505static int
4506test_tlsext_randomized_extensions(SSL *ssl)
4507{
4508 size_t i;
4509 int failed = 0;
4510
4511 for (i = 0; i < N_TLSEXT_RANDOMIZATION_TESTS; i++) {
4512 if (!tlsext_randomize_build_order(ssl))
4513 errx(1, "failed to randomize extensions");
4514 failed |= test_tlsext_check_extension_order(ssl);
4515 }
4516
4517 return failed;
4518}
4519
4520static int
4521test_tlsext_extension_order(void)
4522{
4523 SSL_CTX *ssl_ctx = NULL;
4524 SSL *ssl = NULL;
4525 int failure;
4526
4527 failure = 0;
4528
4529 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
4530 errx(1, "failed to create SSL_CTX");
4531 if ((ssl = SSL_new(ssl_ctx)) == NULL)
4532 errx(1, "failed to create SSL");
4533
4534 failure |= test_tlsext_randomized_extensions(ssl);
4535
4536 SSL_CTX_free(ssl_ctx);
4537 SSL_free(ssl);
4538
4539 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
4540 errx(1, "failed to create SSL_CTX");
4541 if ((ssl = SSL_new(ssl_ctx)) == NULL)
4542 errx(1, "failed to create SSL");
4543
4544 failure |= test_tlsext_randomized_extensions(ssl);
4545
4546 SSL_CTX_free(ssl_ctx);
4547 SSL_free(ssl);
4548
4549 return failure;
4550}
4551
4552int
4553main(int argc, char **argv)
4554{
4555 int failed = 0;
4556
4557 SSL_library_init();
4558 SSL_load_error_strings();
4559
4560 failed |= test_tlsext_alpn_client();
4561 failed |= test_tlsext_alpn_server();
4562
4563 failed |= test_tlsext_supportedgroups_client();
4564 failed |= test_tlsext_supportedgroups_server();
4565
4566 failed |= test_tlsext_ecpf_client();
4567 failed |= test_tlsext_ecpf_server();
4568
4569 failed |= test_tlsext_ri_client();
4570 failed |= test_tlsext_ri_server();
4571
4572 failed |= test_tlsext_sigalgs_client();
4573
4574 failed |= test_tlsext_sni_client();
4575 failed |= test_tlsext_sni_server();
4576
4577 failed |= test_tlsext_ocsp_client();
4578 failed |= test_tlsext_ocsp_server();
4579
4580 failed |= test_tlsext_sessionticket_client();
4581 failed |= test_tlsext_sessionticket_server();
4582
4583 failed |= test_tlsext_versions_client();
4584 failed |= test_tlsext_versions_server();
4585
4586 failed |= test_tlsext_keyshare_client();
4587 failed |= test_tlsext_keyshare_server();
4588
4589 failed |= test_tlsext_cookie_client();
4590 failed |= test_tlsext_cookie_server();
4591
4592#ifndef OPENSSL_NO_SRTP
4593 failed |= test_tlsext_srtp_client();
4594 failed |= test_tlsext_srtp_server();
4595#else
4596 fprintf(stderr, "Skipping SRTP tests due to OPENSSL_NO_SRTP\n");
4597#endif
4598
4599 failed |= test_tlsext_psk_modes_client();
4600 failed |= test_tlsext_psk_modes_server();
4601
4602 failed |= test_tlsext_clienthello_build();
4603 failed |= test_tlsext_serverhello_build();
4604
4605 failed |= test_tlsext_valid_hostnames();
4606
4607 failed |= test_tlsext_quic_transport_parameters_client();
4608 failed |= test_tlsext_quic_transport_parameters_server();
4609
4610 failed |= test_tlsext_extension_order();
4611
4612 return (failed);
4613}
diff --git a/src/regress/lib/libssl/tlsfuzzer/Makefile b/src/regress/lib/libssl/tlsfuzzer/Makefile
deleted file mode 100644
index b57b44daa7..0000000000
--- a/src/regress/lib/libssl/tlsfuzzer/Makefile
+++ /dev/null
@@ -1,47 +0,0 @@
1# $OpenBSD: Makefile,v 1.6 2022/07/18 09:17:44 tb Exp $
2
3.if !exists(/usr/local/share/tlsfuzzer)
4regress:
5 @echo package py3-tlsfuzzer is required for this regress
6 @echo SKIPPED
7.else
8
9REGRESS_TARGETS=regress-tlsfuzzer
10
11localhost.key localhost.crt:
12 openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt \
13 -subj /CN=localhost -nodes -batch
14
15certs: localhost.key localhost.crt
16
17CLEANFILES += localhost.key localhost.crt
18
19PORT ?= 4433
20SLOW = -s
21TIMING = # -t
22VERBOSE = # -v
23
24regress-tlsfuzzer: certs
25 python3 ${.CURDIR}/tlsfuzzer.py ${SLOW} ${TIMING} ${VERBOSE}
26
27failing: certs
28 python3 ${.CURDIR}/tlsfuzzer.py -f ${SLOW} ${TIMING} ${VERBOSE}
29
30
31port: certs
32 python3 ${.CURDIR}/tlsfuzzer.py ${SLOW} ${TIMING} ${VERBOSE} -p ${PORT}
33
34list:
35 @python3 ${.CURDIR}/tlsfuzzer.py -l
36
37list-failing:
38 @python3 ${.CURDIR}/tlsfuzzer.py -l -f
39
40missing:
41 @python3 ${.CURDIR}/tlsfuzzer.py -m
42
43.PHONY: all certs failing list list-failing missing port
44
45.endif
46
47.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py b/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py
deleted file mode 100644
index aa7e384e1f..0000000000
--- a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py
+++ /dev/null
@@ -1,921 +0,0 @@
1# $OpenBSD: tlsfuzzer.py,v 1.50 2023/07/02 17:21:33 beck Exp $
2#
3# Copyright (c) 2020 Theo Buehler <tb@openbsd.org>
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16
17import getopt
18import os
19import subprocess
20import sys
21from timeit import default_timer as timer
22
23tlsfuzzer_scriptdir = "/usr/local/share/tlsfuzzer/scripts/"
24
25class Test:
26 """
27 Represents a tlsfuzzer test script.
28 name: the script's name
29 args: arguments to feed to the script
30 tls12_args: override args for a TLSv1.2 server
31 tls13_args: override args for a TLSv1.3 server
32
33 XXX Add client cert support.
34 """
35 def __init__(self, name="", args=[], tls12_args=[], tls13_args=[]):
36 self.name = name
37 self.tls12_args = args
38 self.tls13_args = args
39 if tls12_args:
40 self.tls12_args = tls12_args
41 if tls13_args:
42 self.tls13_args = tls13_args
43
44 def args(self, has_tls1_3: True):
45 if has_tls1_3:
46 return self.tls13_args
47 else:
48 return self.tls12_args
49
50 def __repr__(self):
51 return "<Test: %s tls12_args: %s tls13_args: %s>" % (
52 self.name, self.tls12_args, self.tls13_args
53 )
54
55class TestGroup:
56 """ A group of Test objects to be run by TestRunner."""
57 def __init__(self, title="Tests", tests=[]):
58 self.title = title
59 self.tests = tests
60
61 def __iter__(self):
62 return iter(self.tests)
63
64# argument to pass to several tests
65tls13_unsupported_ciphers = [
66 "-e", "TLS 1.3 with ffdhe2048",
67 "-e", "TLS 1.3 with ffdhe3072",
68 "-e", "TLS 1.3 with x448",
69]
70
71def substitute_alert(want, got):
72 return f"Expected alert description \"{want}\" " \
73 + f"does not match received \"{got}\""
74
75# test-tls13-finished.py has 70 failing tests that expect a "decode_error"
76# instead of the "decrypt_error" sent by tls13_server_finished_recv().
77# Both alerts appear to be reasonable in this context, so work around this
78# in the test instead of the library.
79def generate_test_tls13_finished_args():
80 assertion = substitute_alert("decode_error", "decrypt_error");
81 paddings = [
82 ("TLS_AES_128_GCM_SHA256", 0, 1),
83 ("TLS_AES_128_GCM_SHA256", 0, 2),
84 ("TLS_AES_128_GCM_SHA256", 0, 4),
85 ("TLS_AES_128_GCM_SHA256", 0, 8),
86 ("TLS_AES_128_GCM_SHA256", 0, 16),
87 ("TLS_AES_128_GCM_SHA256", 0, 32),
88 ("TLS_AES_128_GCM_SHA256", 0, 48),
89 ("TLS_AES_128_GCM_SHA256", 0, 2**14-4-32),
90 ("TLS_AES_128_GCM_SHA256", 0, 0x20000),
91 ("TLS_AES_128_GCM_SHA256", 0, 0x30000),
92 ("TLS_AES_128_GCM_SHA256", 1, 0),
93 ("TLS_AES_128_GCM_SHA256", 2, 0),
94 ("TLS_AES_128_GCM_SHA256", 4, 0),
95 ("TLS_AES_128_GCM_SHA256", 8, 0),
96 ("TLS_AES_128_GCM_SHA256", 16, 0),
97 ("TLS_AES_128_GCM_SHA256", 32, 0),
98 ("TLS_AES_128_GCM_SHA256", 48, 0),
99 ("TLS_AES_128_GCM_SHA256", 2**14-4-32, 0),
100 ("TLS_AES_128_GCM_SHA256", 12, 0),
101 ("TLS_AES_128_GCM_SHA256", 1, 1),
102 ("TLS_AES_128_GCM_SHA256", 8, 8),
103 ("TLS_AES_256_GCM_SHA384", 0, 1),
104 ("TLS_AES_256_GCM_SHA384", 0, 2),
105 ("TLS_AES_256_GCM_SHA384", 0, 4),
106 ("TLS_AES_256_GCM_SHA384", 0, 8),
107 ("TLS_AES_256_GCM_SHA384", 0, 16),
108 ("TLS_AES_256_GCM_SHA384", 0, 32),
109 ("TLS_AES_256_GCM_SHA384", 0, 48),
110 ("TLS_AES_256_GCM_SHA384", 0, 2**14-4-48),
111 ("TLS_AES_256_GCM_SHA384", 0, 0x20000),
112 ("TLS_AES_256_GCM_SHA384", 0, 0x30000),
113 ("TLS_AES_256_GCM_SHA384", 0, 12),
114 ("TLS_AES_256_GCM_SHA384", 1, 0),
115 ("TLS_AES_256_GCM_SHA384", 2, 0),
116 ("TLS_AES_256_GCM_SHA384", 4, 0),
117 ("TLS_AES_256_GCM_SHA384", 8, 0),
118 ("TLS_AES_256_GCM_SHA384", 16, 0),
119 ("TLS_AES_256_GCM_SHA384", 32, 0),
120 ("TLS_AES_256_GCM_SHA384", 48, 0),
121 ("TLS_AES_256_GCM_SHA384", 2**14-4-48, 0),
122 ("TLS_AES_256_GCM_SHA384", 1, 1),
123 ("TLS_AES_256_GCM_SHA384", 8, 8),
124 ]
125 truncations = [
126 ("TLS_AES_128_GCM_SHA256", 0, -1),
127 ("TLS_AES_128_GCM_SHA256", 0, -2),
128 ("TLS_AES_128_GCM_SHA256", 0, -4),
129 ("TLS_AES_128_GCM_SHA256", 0, -8),
130 ("TLS_AES_128_GCM_SHA256", 0, -16),
131 ("TLS_AES_128_GCM_SHA256", 0, -32),
132 ("TLS_AES_128_GCM_SHA256", 0, 12),
133 ("TLS_AES_128_GCM_SHA256", 1, None),
134 ("TLS_AES_128_GCM_SHA256", 2, None),
135 ("TLS_AES_128_GCM_SHA256", 4, None),
136 ("TLS_AES_128_GCM_SHA256", 8, None),
137 ("TLS_AES_128_GCM_SHA256", 16, None),
138 ("TLS_AES_128_GCM_SHA256", 32, None),
139 ("TLS_AES_256_GCM_SHA384", 0, -1),
140 ("TLS_AES_256_GCM_SHA384", 0, -2),
141 ("TLS_AES_256_GCM_SHA384", 0, -4),
142 ("TLS_AES_256_GCM_SHA384", 0, -8),
143 ("TLS_AES_256_GCM_SHA384", 0, -16),
144 ("TLS_AES_256_GCM_SHA384", 0, -32),
145 ("TLS_AES_256_GCM_SHA384", 0, 12),
146 ("TLS_AES_256_GCM_SHA384", 1, None),
147 ("TLS_AES_256_GCM_SHA384", 2, None),
148 ("TLS_AES_256_GCM_SHA384", 4, None),
149 ("TLS_AES_256_GCM_SHA384", 8, None),
150 ("TLS_AES_256_GCM_SHA384", 16, None),
151 ("TLS_AES_256_GCM_SHA384", 32, None),
152 ]
153
154 args = [
155 "-x", "empty - cipher TLS_AES_128_GCM_SHA256", "-X", assertion,
156 "-x", "empty - cipher TLS_AES_256_GCM_SHA384", "-X", assertion,
157 ]
158 padding_fmt = "padding - cipher %s, pad_byte 0, pad_left %d, pad_right %d"
159 for padding in paddings:
160 args += ["-x", padding_fmt % padding, "-X", assertion]
161 truncation_fmt = "truncation - cipher %s, start %d, end %s"
162 for truncation in truncations:
163 args += ["-x", truncation_fmt % truncation, "-X", assertion]
164 return args
165
166tls13_tests = TestGroup("TLSv1.3 tests", [
167 Test("test-tls13-ccs.py"),
168 Test("test-tls13-conversation.py"),
169 Test("test-tls13-count-tickets.py"),
170 Test("test-tls13-empty-alert.py"),
171 Test("test-tls13-finished.py", generate_test_tls13_finished_args()),
172 Test("test-tls13-finished-plaintext.py"),
173 Test("test-tls13-hrr.py"),
174 Test("test-tls13-keyshare-omitted.py"),
175 Test("test-tls13-legacy-version.py"),
176 Test("test-tls13-nociphers.py"),
177 Test("test-tls13-record-padding.py"),
178 # Exclude QUIC transport parameters
179 Test("test-tls13-shuffled-extentions.py", [ "--exc", "57" ]),
180 Test("test-tls13-zero-content-type.py"),
181
182 # The skipped tests fail due to a bug in BIO_gets() which masks the retry
183 # signalled from an SSL_read() failure. Testing with httpd(8) shows we're
184 # handling these corner cases correctly since tls13_record_layer.c -r1.47.
185 Test("test-tls13-zero-length-data.py", [
186 "-e", "zero-length app data",
187 "-e", "zero-length app data with large padding",
188 "-e", "zero-length app data with padding",
189 ]),
190
191 # We don't currently handle NSTs
192 Test("test-tls13-connection-abort.py", ["-e", "After NewSessionTicket"]),
193])
194
195# Tests that take a lot of time (> ~30s on an x280)
196tls13_slow_tests = TestGroup("slow TLSv1.3 tests", [
197 # XXX: Investigate the occasional message
198 # "Got shared secret with 1 most significant bytes equal to zero."
199 Test("test-tls13-dhe-shared-secret-padding.py", tls13_unsupported_ciphers),
200
201 Test("test-tls13-invalid-ciphers.py"),
202 Test("test-tls13-serverhello-random.py", tls13_unsupported_ciphers),
203
204 # Mark two tests cases as xfail for now. The tests expect an arguably
205 # correct decode_error while we send a decrypt_error (like fizz/boring).
206 Test("test-tls13-record-layer-limits.py", [
207 "-x", "max size payload (2**14) of Finished msg, with 16348 bytes of left padding, cipher TLS_AES_128_GCM_SHA256",
208 "-X", substitute_alert("decode_error", "decrypt_error"),
209 "-x", "max size payload (2**14) of Finished msg, with 16348 bytes of left padding, cipher TLS_CHACHA20_POLY1305_SHA256",
210 "-X", substitute_alert("decode_error", "decrypt_error"),
211 ]),
212 # We don't accept an empty ECPF extension since it must advertise the
213 # uncompressed point format. Exclude this extension type from the test.
214 # Also exclude QUIC transport parameters.
215 Test(
216 "test-tls13-large-number-of-extensions.py",
217 tls13_args = ["--exc", "11", "--exc", "57"],
218 ),
219])
220
221tls13_extra_cert_tests = TestGroup("TLSv1.3 certificate tests", [
222 # need to set up client certs to run these
223 Test("test-tls13-certificate-request.py"),
224 Test("test-tls13-certificate-verify.py"),
225 Test("test-tls13-ecdsa-in-certificate-verify.py"),
226 Test("test-tls13-eddsa-in-certificate-verify.py"),
227
228 # Test expects the server to have installed three certificates:
229 # with P-256, P-384 and P-521 curve. Also SHA1+ECDSA is verified
230 # to not work.
231 Test("test-tls13-ecdsa-support.py"),
232])
233
234tls13_failing_tests = TestGroup("failing TLSv1.3 tests", [
235 # Some tests fail because we fail later than the scripts expect us to.
236 # With X25519, we accept weak peer public keys and fail when we actually
237 # compute the keyshare. Other tests seem to indicate that we could be
238 # stricter about what keyshares we accept.
239 Test("test-tls13-crfg-curves.py", [
240 '-e', 'all zero x448 key share',
241 '-e', 'empty x448 key share',
242 '-e', 'sanity x448 with compression ansiX962_compressed_char2',
243 '-e', 'sanity x448 with compression ansiX962_compressed_prime',
244 '-e', 'sanity x448 with compression uncompressed',
245 '-e', 'too big x448 key share',
246 '-e', 'too small x448 key share',
247 '-e', 'x448 key share of "1"',
248 ]),
249 Test("test-tls13-ecdhe-curves.py", [
250 '-e', 'sanity - x448',
251 '-e', 'x448 - key share from other curve',
252 '-e', 'x448 - point at infinity',
253 '-e', 'x448 - right 0-padded key_share',
254 '-e', 'x448 - right-truncated key_share',
255 ]),
256
257 # The test sends records with protocol version 0x0300 instead of 0x0303
258 # and currently fails with OpenSSL and LibreSSL for this reason.
259 # We have the logic corresponding to NSS's fix for CVE-2020-25648
260 # https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361
261 # so should not be affected by this issue.
262 Test("test-tls13-multiple-ccs-messages.py"),
263
264 # https://github.com/openssl/openssl/issues/8369
265 Test("test-tls13-obsolete-curves.py"),
266
267 # 3 failing rsa_pss_pss tests
268 Test("test-tls13-rsa-signatures.py"),
269
270 # The failing tests all expect an ri extension. What's up with that?
271 Test("test-tls13-version-negotiation.py"),
272])
273
274tls13_slow_failing_tests = TestGroup("slow, failing TLSv1.3 tests", [
275 # Other test failures bugs in keyshare/tlsext negotiation?
276 Test("test-tls13-unrecognised-groups.py"), # unexpected closure
277
278 # 5 occasional failures:
279 # 'app data split, conversation with KeyUpdate msg'
280 # 'fragmented keyupdate msg'
281 # 'multiple KeyUpdate messages'
282 # 'post-handshake KeyUpdate msg with update_not_request'
283 # 'post-handshake KeyUpdate msg with update_request'
284 Test("test-tls13-keyupdate.py"),
285
286 Test("test-tls13-symetric-ciphers.py"), # unexpected message from peer
287
288 # 6 tests fail: 'rsa_pkcs1_{md5,sha{1,224,256,384,512}} signature'
289 # We send server hello, but the test expects handshake_failure
290 Test("test-tls13-pkcs-signature.py"),
291 # 8 tests fail: 'tls13 signature rsa_pss_{pss,rsae}_sha{256,384,512}
292 Test("test-tls13-rsapss-signatures.py"),
293])
294
295tls13_unsupported_tests = TestGroup("TLSv1.3 tests for unsupported features", [
296 # Tests for features we don't support
297 Test("test-tls13-0rtt-garbage.py"),
298 Test("test-tls13-ffdhe-groups.py"),
299 Test("test-tls13-ffdhe-sanity.py"),
300 Test("test-tls13-psk_dhe_ke.py"),
301 Test("test-tls13-psk_ke.py"),
302
303 # need server to react to HTTP GET for /keyupdate
304 Test("test-tls13-keyupdate-from-server.py"),
305
306 # needs an echo server
307 Test("test-tls13-lengths.py"),
308
309 # Weird test: tests servers that don't support 1.3
310 Test("test-tls13-non-support.py"),
311
312 # broken test script
313 # UnboundLocalError: local variable 'cert' referenced before assignment
314 Test("test-tls13-post-handshake-auth.py"),
315
316 # ExpectNewSessionTicket
317 Test("test-tls13-session-resumption.py"),
318
319 # Server must be configured to support only rsa_pss_rsae_sha512
320 Test("test-tls13-signature-algorithms.py"),
321])
322
323tls12_exclude_legacy_protocols = [
324 # all these have BIO_read timeouts against TLSv1.3
325 "-e", "Protocol (3, 0)",
326 "-e", "Protocol (3, 1)",
327 "-e", "Protocol (3, 2)",
328 "-e", "Protocol (3, 0) in SSLv2 compatible ClientHello",
329 # the following only fail with TLSv1.3
330 "-e", "Protocol (3, 1) in SSLv2 compatible ClientHello",
331 "-e", "Protocol (3, 2) in SSLv2 compatible ClientHello",
332 "-e", "Protocol (3, 3) in SSLv2 compatible ClientHello",
333 "-e", "Protocol (3, 1) with x448 group",
334 "-e", "Protocol (3, 2) with x448 group",
335 "-e", "Protocol (3, 3) with x448 group",
336 # These don't work without TLSv1.0 and TLSv1.1
337 "-e", "Protocol (3, 1) with secp256r1 group",
338 "-e", "Protocol (3, 1) with secp384r1 group",
339 "-e", "Protocol (3, 1) with secp521r1 group",
340 "-e", "Protocol (3, 1) with x25519 group",
341 "-e", "Protocol (3, 2) with secp256r1 group",
342 "-e", "Protocol (3, 2) with secp384r1 group",
343 "-e", "Protocol (3, 2) with secp521r1 group",
344 "-e", "Protocol (3, 2) with x25519 group",
345]
346
347tls12_tests = TestGroup("TLSv1.2 tests", [
348 # Tests that pass as they are.
349 Test("test-aes-gcm-nonces.py"),
350 Test("test-connection-abort.py"),
351 Test("test-conversation.py"),
352 Test("test-cve-2016-2107.py"),
353 Test("test-cve-2016-6309.py"),
354 Test("test-dhe-rsa-key-exchange.py"),
355 Test("test-dhe-rsa-key-exchange-with-bad-messages.py"),
356 Test("test-early-application-data.py"),
357 Test("test-empty-extensions.py"),
358 Test("test-extensions.py"),
359 Test("test-fuzzed-MAC.py"),
360 Test("test-fuzzed-ciphertext.py"),
361 Test("test-fuzzed-finished.py"),
362 Test("test-fuzzed-padding.py"),
363 Test("test-fuzzed-plaintext.py"), # fails once in a while
364 Test("test-hello-request-by-client.py"),
365 Test("test-invalid-cipher-suites.py"),
366 Test("test-invalid-content-type.py"),
367 Test("test-invalid-session-id.py"),
368 Test("test-invalid-version.py"),
369 Test("test-lucky13.py"),
370 Test("test-message-skipping.py"),
371 Test("test-no-heartbeat.py"),
372 Test("test-record-layer-fragmentation.py"),
373 Test("test-sessionID-resumption.py"),
374 Test("test-sslv2-connection.py"),
375 Test("test-truncating-of-finished.py"),
376 Test("test-truncating-of-kRSA-client-key-exchange.py"),
377 Test("test-unsupported-curve-fallback.py"),
378 Test("test-version-numbers.py"),
379 Test("test-zero-length-data.py"),
380
381 # Tests that need tweaking for unsupported features and ciphers.
382 Test(
383 "test-atypical-padding.py", [
384 "-e", "sanity - encrypt then MAC",
385 "-e", "2^14 bytes of AppData with 256 bytes of padding (SHA1 + Encrypt then MAC)",
386 ]
387 ),
388 Test(
389 "test-dhe-rsa-key-exchange-signatures.py", [
390 "-e", "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA sha224 signature",
391 "-e", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 sha224 signature",
392 "-e", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA sha224 signature",
393 "-e", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 sha224 signature",
394 "-e", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA sha224 signature",
395 ]
396 ),
397 Test("test-dhe-key-share-random.py", tls12_exclude_legacy_protocols),
398 Test("test-export-ciphers-rejected.py", ["--min-ver", "TLSv1.2"]),
399 Test(
400 "test-downgrade-protection.py",
401 tls12_args = ["--server-max-protocol", "TLSv1.2"],
402 tls13_args = [
403 "--server-max-protocol", "TLSv1.3",
404 "-e", "TLS 1.3 downgrade check for Protocol (3, 1)",
405 "-e", "TLS 1.3 downgrade check for Protocol (3, 2)",
406 ]
407 ),
408 Test(
409 "test-fallback-scsv.py",
410 tls13_args = [
411 "--tls-1.3",
412 "-e", "FALLBACK - hello TLSv1.1 - pos 0",
413 "-e", "FALLBACK - hello TLSv1.1 - pos 1",
414 "-e", "FALLBACK - hello TLSv1.1 - pos 2",
415 "-e", "FALLBACK - record TLSv1.1 hello TLSv1.1 - pos 0",
416 "-e", "FALLBACK - record TLSv1.1 hello TLSv1.1 - pos 1",
417 "-e", "FALLBACK - record TLSv1.1 hello TLSv1.1 - pos 2",
418 "-e", "record TLSv1.1 hello TLSv1.1",
419 "-e", "sanity - TLSv1.1",
420 ]
421 ),
422
423 Test("test-invalid-compression-methods.py", [
424 "-x", "invalid compression methods",
425 "-X", substitute_alert("illegal_parameter", "decode_error"),
426 "-x", "only deflate compression method",
427 "-X", substitute_alert("illegal_parameter", "decode_error"),
428 ]),
429
430 # Skip extended_master_secret test. Since we don't support this
431 # extension, we don't notice that it was dropped.
432 Test("test-renegotiation-changed-clienthello.py", [
433 "-e", "drop extended_master_secret in renegotiation",
434 ]),
435
436 # Without --sig-algs-drop-ok, two tests fail since we do not currently
437 # implement the signature_algorithms_cert extension (although we MUST).
438 Test("test-sig-algs-renegotiation-resumption.py", ["--sig-algs-drop-ok"]),
439
440 Test("test-serverhello-random.py", args = tls12_exclude_legacy_protocols),
441
442 Test("test-chacha20.py", [ "-e", "Chacha20 in TLS1.1" ]),
443])
444
445tls12_slow_tests = TestGroup("slow TLSv1.2 tests", [
446 Test("test-cve-2016-7054.py"),
447 Test("test-dhe-no-shared-secret-padding.py", tls12_exclude_legacy_protocols),
448 Test("test-ecdhe-padded-shared-secret.py", tls12_exclude_legacy_protocols),
449 Test("test-ecdhe-rsa-key-share-random.py", tls12_exclude_legacy_protocols),
450 # Start at extension number 58 to avoid QUIC transport parameters (57)
451 Test("test-large-hello.py", [ "-m", "58" ]),
452])
453
454tls12_failing_tests = TestGroup("failing TLSv1.2 tests", [
455 # no shared cipher
456 Test("test-aesccm.py"),
457 # need server to set up alpn
458 Test("test-alpn-negotiation.py"),
459 # Failing on TLS_RSA_WITH_AES_128_CBC_SHA because server does not support it.
460 Test("test-bleichenbacher-timing-pregenerate.py"),
461 # many tests fail due to unexpected server_name extension
462 Test("test-bleichenbacher-workaround.py"),
463
464 # need client key and cert plus extra server setup
465 Test("test-certificate-malformed.py"),
466 Test("test-certificate-request.py"),
467 Test("test-certificate-verify-malformed-sig.py"),
468 Test("test-certificate-verify-malformed.py"),
469 Test("test-certificate-verify.py"),
470 Test("test-ecdsa-in-certificate-verify.py"),
471 Test("test-eddsa-in-certificate-verify.py"),
472 Test("test-renegotiation-disabled-client-cert.py"),
473 Test("test-rsa-pss-sigs-on-certificate-verify.py"),
474 Test("test-rsa-sigs-on-certificate-verify.py"),
475
476 # test doesn't expect session ticket
477 Test("test-client-compatibility.py"),
478 # abrupt closure
479 Test("test-client-hello-max-size.py"),
480 # unknown signature algorithms
481 Test("test-clienthello-md5.py"),
482
483 # Tests expect an illegal_parameter or a decode_error alert. Should be
484 # added to ssl3_get_client_key_exchange on kex function failure.
485 Test("test-ecdhe-rsa-key-exchange-with-bad-messages.py"),
486
487 # We send a handshake_failure due to no shared ciphers while the
488 # test expects to succeed.
489 Test("test-ecdhe-rsa-key-exchange.py"),
490
491 # no shared cipher
492 Test("test-ecdsa-sig-flexibility.py"),
493
494 # Tests expect SH but we send unexpected_message or handshake_failure
495 # 'Application data inside Client Hello'
496 # 'Application data inside Client Key Exchange'
497 # 'Application data inside Finished'
498 Test("test-interleaved-application-data-and-fragmented-handshakes-in-renegotiation.py"),
499 # Tests expect SH but we send handshake_failure
500 # 'Application data before Change Cipher Spec'
501 # 'Application data before Client Key Exchange'
502 # 'Application data before Finished'
503 Test("test-interleaved-application-data-in-renegotiation.py"),
504
505 # broken test script
506 # TypeError: '<' not supported between instances of 'int' and 'NoneType'
507 Test("test-invalid-client-hello-w-record-overflow.py"),
508
509 # Lots of failures. abrupt closure
510 Test("test-invalid-client-hello.py"),
511
512 # abrupt closure
513 # 'encrypted premaster set to all zero (n)' n in 256 384 512
514 Test("test-invalid-rsa-key-exchange-messages.py"),
515
516 # test expects illegal_parameter, we send unrecognized_name (which seems
517 # correct according to rfc 6066?)
518 Test("test-invalid-server-name-extension-resumption.py"),
519 # let through some server names without sending an alert
520 # again illegal_parameter vs unrecognized_name
521 Test("test-invalid-server-name-extension.py"),
522
523 # 14 pass
524 # 7 fail
525 # 'n extensions', n in 4095, 4096, 4097, 8191, 8192, 8193, 16383,
526 Test("test-large-number-of-extensions.py"),
527
528 # 4 failures:
529 # 'insecure (legacy) renegotiation with GET after 2nd handshake'
530 # 'insecure (legacy) renegotiation with incomplete GET'
531 # 'secure renegotiation with GET after 2nd handshake'
532 # 'secure renegotiation with incomplete GET'
533 Test("test-legacy-renegotiation.py"),
534
535 # 1 failure (timeout): we don't send the unexpected_message alert
536 # 'duplicate change cipher spec after Finished'
537 Test("test-message-duplication.py"),
538
539 # server should send status_request
540 Test("test-ocsp-stapling.py"),
541
542 # unexpected closure
543 Test("test-openssl-3712.py"),
544
545 # failed: 3 (expect an alert, we send AD)
546 # 'try insecure (legacy) renegotiation with incomplete GET'
547 # 'try secure renegotiation with GET after 2nd CH'
548 # 'try secure renegotiation with incomplete GET'
549 Test("test-renegotiation-disabled.py"),
550
551 # 'resumption of safe session with NULL cipher'
552 # 'resumption with cipher from old CH but not selected by server'
553 Test("test-resumption-with-wrong-ciphers.py"),
554
555 # 5 failures:
556 # 'empty sigalgs'
557 # 'only undefined sigalgs'
558 # 'rsa_pss_pss_sha256 only'
559 # 'rsa_pss_pss_sha384 only'
560 # 'rsa_pss_pss_sha512 only'
561 Test("test-sig-algs.py"),
562
563 # 13 failures:
564 # 'duplicated n non-rsa schemes' for n in 202 2342 8119 23741 32744
565 # 'empty list of signature methods'
566 # 'tolerance n RSA or ECDSA methods' for n in 215 2355 8132 23754
567 # 'tolerance 32758 methods with sig_alg_cert'
568 # 'tolerance max 32744 number of methods with sig_alg_cert'
569 # 'tolerance max (32760) number of methods'
570 Test("test-signature-algorithms.py"),
571
572 # times out
573 Test("test-ssl-death-alert.py"),
574
575 # 17 pass, 13 fail. padding and truncation
576 Test("test-truncating-of-client-hello.py"),
577
578 # x448 tests need disabling plus x25519 corner cases need sorting out
579 Test("test-x25519.py"),
580
581 # Needs TLS 1.0 or 1.1
582 Test("test-TLSv1_2-rejected-without-TLSv1_2.py"),
583])
584
585tls12_unsupported_tests = TestGroup("TLSv1.2 for unsupported features", [
586 # protocol_version
587 Test("test-SSLv3-padding.py"),
588 # we don't do RSA key exchanges
589 Test("test-bleichenbacher-timing.py"),
590 # no encrypt-then-mac
591 Test("test-encrypt-then-mac-renegotiation.py"),
592 Test("test-encrypt-then-mac.py"),
593 # no EME support
594 Test("test-extended-master-secret-extension-with-client-cert.py"),
595 Test("test-extended-master-secret-extension.py"),
596 # no ffdhe
597 Test("test-ffdhe-expected-params.py"),
598 Test("test-ffdhe-negotiation.py"),
599 # record_size_limit/max_fragment_length extension (RFC 8449)
600 Test("test-record-size-limit.py"),
601 # expects the server to send the heartbeat extension
602 Test("test-heartbeat.py"),
603 # needs an echo server
604 Test("test-lengths.py"),
605])
606
607# These tests take a ton of time to fail against an 1.3 server,
608# so don't run them against 1.3 pending further investigation.
609legacy_tests = TestGroup("Legacy protocol tests", [
610 Test("test-sslv2-force-cipher-3des.py"),
611 Test("test-sslv2-force-cipher-non3des.py"),
612 Test("test-sslv2-force-cipher.py"),
613 Test("test-sslv2-force-export-cipher.py"),
614 Test("test-sslv2hello-protocol.py"),
615])
616
617all_groups = [
618 tls13_tests,
619 tls13_slow_tests,
620 tls13_extra_cert_tests,
621 tls13_failing_tests,
622 tls13_slow_failing_tests,
623 tls13_unsupported_tests,
624 tls12_tests,
625 tls12_slow_tests,
626 tls12_failing_tests,
627 tls12_unsupported_tests,
628 legacy_tests,
629]
630
631failing_groups = [
632 tls13_failing_tests,
633 tls13_slow_failing_tests,
634 tls12_failing_tests,
635]
636
637class TestRunner:
638 """ Runs the given tests troups against a server and displays stats. """
639
640 def __init__(
641 self, timing=False, verbose=False, host="localhost", port=4433,
642 use_tls1_3=True, dry_run=False, tests=[], scriptdir=tlsfuzzer_scriptdir,
643 ):
644 self.tests = []
645
646 self.dryrun = dry_run
647 self.use_tls1_3 = use_tls1_3
648 self.host = host
649 self.port = str(port)
650 self.scriptdir = scriptdir
651
652 self.stats = []
653 self.failed = []
654 self.missing = []
655
656 self.timing = timing
657 self.verbose = verbose
658
659 def add(self, title="tests", tests=[]):
660 # tests.sort(key=lambda test: test.name)
661 self.tests.append(TestGroup(title, tests))
662
663 def add_group(self, group):
664 self.tests.append(group)
665
666 def run_script(self, test):
667 script = test.name
668 args = ["-h"] + [self.host] + ["-p"] + [self.port] + test.args(self.use_tls1_3)
669
670 if self.dryrun:
671 if not self.verbose:
672 args = []
673 print(script , end=' ' if args else '')
674 print(' '.join([f"\"{arg}\"" for arg in args]))
675 return
676
677 if self.verbose:
678 print(script)
679 else:
680 print(f"{script[:68]:<72}", end=" ", flush=True)
681 start = timer()
682 scriptpath = os.path.join(self.scriptdir, script)
683 if not os.path.exists(scriptpath):
684 self.missing.append(script)
685 print("MISSING")
686 return
687 test = subprocess.run(
688 ["python3", scriptpath] + args,
689 capture_output=not self.verbose,
690 text=True,
691 )
692 end = timer()
693 self.stats.append((script, end - start))
694 if test.returncode == 0:
695 print("OK")
696 return
697 print("FAILED")
698 self.failed.append(script)
699
700 if self.verbose:
701 return
702
703 print('\n'.join(test.stdout.split("Test end\n", 1)[1:]), end="")
704
705 def run(self):
706 for group in self:
707 print(f"Running {group.title} ...")
708 for test in group:
709 self.run_script(test)
710 return not self.failed
711
712 def __iter__(self):
713 return iter(self.tests)
714
715 def __del__(self):
716 if self.timing and self.stats:
717 total = 0.0
718 for (script, time) in self.stats:
719 print(f"{round(time, 2):6.2f} {script}")
720 total += time
721 print(f"{round(total, 2):6.2f} total")
722
723 if self.failed:
724 print("Failed tests:")
725 print('\n'.join(self.failed))
726
727 if self.missing:
728 print("Missing tests (outdated package?):")
729 print('\n'.join(self.missing))
730
731class TlsServer:
732 """ Spawns an s_server listening on localhost:port if necessary. """
733
734 def __init__(self, host="localhost", port=4433):
735 self.spawn = True
736 # Check whether a server is already listening on localhost:port
737 self.spawn = subprocess.run(
738 ["nc", "-c", "-z", "-T", "noverify", host, str(port)],
739 stderr=subprocess.DEVNULL,
740 ).returncode != 0
741
742 if self.spawn:
743 self.server = subprocess.Popen(
744 [
745 "openssl",
746 "s_server",
747 "-accept",
748 str(port),
749 "-groups",
750 "X25519:P-256:P-521:P-384",
751 "-key",
752 "localhost.key",
753 "-cert",
754 "localhost.crt",
755 "-www",
756 ],
757 stdout=subprocess.DEVNULL,
758 stderr=subprocess.PIPE,
759 text=True,
760 )
761
762 # Check whether the server talks TLSv1.3
763 self.has_tls1_3 = True or subprocess.run(
764 [
765 "nc",
766 "-c",
767 "-z",
768 "-T",
769 "noverify",
770 "-T",
771 "protocols=TLSv1.3",
772 "localhost",
773 str(port),
774 ],
775 stderr=subprocess.DEVNULL,
776 ).returncode == 0
777
778 self.check()
779
780 def check(self):
781 if self.spawn and self.server.poll() is not None:
782 print(self.server.stderr.read())
783 raise RuntimeError(
784 f"openssl s_server died. Return code: {self.server.returncode}."
785 )
786 if self.spawn:
787 self.server.stderr.detach()
788
789 def __del__(self):
790 if self.spawn:
791 self.server.terminate()
792
793# Extract the arguments we pass to script
794def defaultargs(script, has_tls1_3):
795 return next(
796 (test for group in all_groups for test in group if test.name == script),
797 Test()
798 ).args(has_tls1_3)
799
800def list_or_missing(missing=True):
801 tests = [test.name for group in all_groups for test in group]
802
803 if missing:
804 scripts = {
805 f for f in os.listdir(tlsfuzzer_scriptdir) if f != "__pycache__"
806 }
807 missing = scripts - set(tests)
808 if missing:
809 print('\n'.join(sorted(missing)))
810 exit(0)
811
812 tests.sort()
813 print('\n'.join(tests))
814 exit(0)
815
816def usage():
817 print("Usage: python3 tlsfuzzer.py [-flmnstv] [-p port] [script [test...]]")
818 print(" --help help")
819 print(" -f run failing tests")
820 print(" -l list tests")
821 print(" -m list new tests after package update")
822 print(" -n do not run tests, but list the ones that would be run")
823 print(" -p port connect to this port - defaults to 4433")
824 print(" -s run slow tests")
825 print(" -t show timing stats at end")
826 print(" -v verbose output")
827 exit(0)
828
829def main():
830 failing = False
831 list = False
832 missing = False
833 dryrun = False
834 host = "localhost"
835 port = 4433
836 slow = False
837 timing = False
838 verbose = False
839
840 argv = sys.argv[1:]
841 opts, args = getopt.getopt(argv, "fh:lmnp:stv", ["help"])
842 for opt, arg in opts:
843 if opt == '--help':
844 usage()
845 elif opt == '-f':
846 failing = True
847 elif opt == '-h':
848 host = arg
849 elif opt == '-l':
850 list = True
851 elif opt == '-m':
852 missing = True
853 elif opt == '-n':
854 dryrun = True
855 elif opt == '-p':
856 port = int(arg)
857 elif opt == '-s':
858 slow = True
859 elif opt == '-t':
860 timing = True
861 elif opt == '-v':
862 verbose = True
863 else:
864 raise ValueError(f"Unknown option: {opt}")
865
866 if not os.path.exists(tlsfuzzer_scriptdir):
867 print("package py3-tlsfuzzer is required for this regress")
868 exit(1)
869
870 if list and failing:
871 failing = [test.name for group in failing_groups for test in group]
872 failing.sort()
873 print('\n'.join(failing))
874 exit(0)
875
876 if list or missing:
877 list_or_missing(missing)
878
879 tls_server = TlsServer(host, port)
880
881 tests = TestRunner(timing, verbose, host, port, tls_server.has_tls1_3, dryrun)
882
883 if args:
884 (dir, script) = os.path.split(args[0])
885 if dir and not dir == '.':
886 tests.scriptdir = dir
887
888 testargs = defaultargs(script, tls_server.has_tls1_3)
889
890 tests.verbose = True
891 tests.add("test from command line", [Test(script, testargs + args[1:])])
892
893 exit(not tests.run())
894
895 if failing:
896 if tls_server.has_tls1_3:
897 tests.add_group(tls13_failing_tests)
898 if slow:
899 tests.add_group(tls13_slow_failing_tests)
900 tests.add_group(tls12_failing_tests)
901
902 if tls_server.has_tls1_3:
903 tests.add_group(tls13_tests)
904 if slow:
905 tests.add_group(tls13_slow_tests)
906 else:
907 tests.add_group(legacy_tests)
908
909 tests.add_group(tls12_tests)
910 if slow:
911 tests.add_group(tls12_slow_tests)
912
913 success = tests.run()
914 del tests
915
916 if not success:
917 print("FAILED")
918 exit(1)
919
920if __name__ == "__main__":
921 main()
diff --git a/src/regress/lib/libssl/tlslegacy/Makefile b/src/regress/lib/libssl/tlslegacy/Makefile
deleted file mode 100644
index c39981f0b8..0000000000
--- a/src/regress/lib/libssl/tlslegacy/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2020/10/07 07:52:17 jsing Exp $
2
3PROG= tlslegacytest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/tlslegacy/tlslegacytest.c b/src/regress/lib/libssl/tlslegacy/tlslegacytest.c
deleted file mode 100644
index 59429d716a..0000000000
--- a/src/regress/lib/libssl/tlslegacy/tlslegacytest.c
+++ /dev/null
@@ -1,625 +0,0 @@
1/* $OpenBSD: tlslegacytest.c,v 1.7 2022/10/02 16:39:39 jsing Exp $ */
2/*
3 * Copyright (c) 2015, 2016, 2017, 2020 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include <err.h>
21#include <stdio.h>
22#include <string.h>
23
24/* openssl.org:443 */
25static uint8_t tls12_server_response[] = {
26 0x16, 0x03, 0x03, 0x00, 0x3d, 0x02, 0x00, 0x00,
27 0x39, 0x03, 0x03, 0x62, 0x0c, 0x8a, 0x7e, 0x29,
28 0x60, 0xcb, 0x08, 0xd1, 0xb4, 0x95, 0x68, 0x76,
29 0xea, 0x4e, 0x0c, 0x94, 0xf2, 0x42, 0x3d, 0xd1,
30 0x7a, 0xc2, 0xfe, 0x6c, 0xb3, 0xe6, 0x12, 0x8a,
31 0x33, 0x02, 0x92, 0x00, 0xc0, 0x30, 0x00, 0x00,
32 0x11, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x0b,
33 0x00, 0x04, 0x03, 0x00, 0x01, 0x02, 0x00, 0x23,
34 0x00, 0x00,
35};
36
37/*
38 * outlook.office365.com:587 with starttls - this server response includes
39 * multiple handshake messages contained in a single TLS record.
40 */
41static uint8_t tls12_server_response_with_cert[] = {
42 0x16, 0x03, 0x03, 0x0f, 0x2b, 0x02, 0x00, 0x00,
43 0x4d, 0x03, 0x03, 0x5f, 0x7c, 0x69, 0x42, 0xe1,
44 0x19, 0xf0, 0x22, 0xfb, 0x71, 0x9a, 0xf1, 0x63,
45 0x34, 0xbb, 0x61, 0x46, 0xea, 0x5f, 0x0b, 0x5e,
46 0xb1, 0x4e, 0x37, 0x96, 0x67, 0xff, 0x83, 0xea,
47 0x0e, 0x16, 0x85, 0x20, 0x3a, 0x1b, 0x00, 0x00,
48 0x17, 0xe9, 0xac, 0xca, 0x19, 0x61, 0xaf, 0x70,
49 0x28, 0x3b, 0x18, 0xaa, 0x6c, 0xa0, 0x0f, 0x78,
50 0xd0, 0x83, 0xfc, 0x5d, 0x78, 0xf9, 0x6d, 0xdb,
51 0x16, 0x21, 0x15, 0xa2, 0xc0, 0x30, 0x00, 0x00,
52 0x05, 0xff, 0x01, 0x00, 0x01, 0x00, 0x0b, 0x00,
53 0x0d, 0x47, 0x00, 0x0d, 0x44, 0x00, 0x08, 0xaf,
54 0x30, 0x82, 0x08, 0xab, 0x30, 0x82, 0x07, 0x93,
55 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0c, 0x6d,
56 0xea, 0x0b, 0xe1, 0x97, 0x27, 0x60, 0xa1, 0x59,
57 0xb1, 0x85, 0x60, 0x30, 0x0d, 0x06, 0x09, 0x2a,
58 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
59 0x05, 0x00, 0x30, 0x66, 0x31, 0x0b, 0x30, 0x09,
60 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x42,
61 0x45, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,
62 0x04, 0x0a, 0x13, 0x10, 0x47, 0x6c, 0x6f, 0x62,
63 0x61, 0x6c, 0x53, 0x69, 0x67, 0x6e, 0x20, 0x6e,
64 0x76, 0x2d, 0x73, 0x61, 0x31, 0x3c, 0x30, 0x3a,
65 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x33, 0x47,
66 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x53, 0x69, 0x67,
67 0x6e, 0x20, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69,
68 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x56,
69 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f,
70 0x6e, 0x20, 0x43, 0x41, 0x20, 0x2d, 0x20, 0x53,
71 0x48, 0x41, 0x32, 0x35, 0x36, 0x20, 0x2d, 0x20,
72 0x47, 0x33, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x30,
73 0x30, 0x38, 0x31, 0x33, 0x32, 0x33, 0x31, 0x38,
74 0x34, 0x39, 0x5a, 0x17, 0x0d, 0x32, 0x32, 0x30,
75 0x38, 0x31, 0x34, 0x32, 0x33, 0x31, 0x38, 0x34,
76 0x39, 0x5a, 0x30, 0x6a, 0x31, 0x0b, 0x30, 0x09,
77 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
78 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
79 0x04, 0x08, 0x13, 0x0a, 0x57, 0x61, 0x73, 0x68,
80 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10,
81 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13,
82 0x07, 0x52, 0x65, 0x64, 0x6d, 0x6f, 0x6e, 0x64,
83 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04,
84 0x0a, 0x13, 0x15, 0x4d, 0x69, 0x63, 0x72, 0x6f,
85 0x73, 0x6f, 0x66, 0x74, 0x20, 0x43, 0x6f, 0x72,
86 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
87 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04,
88 0x03, 0x13, 0x0b, 0x6f, 0x75, 0x74, 0x6c, 0x6f,
89 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82,
90 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
91 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
92 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82,
93 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc9,
94 0x20, 0x3f, 0x57, 0xb9, 0xf9, 0x71, 0xaa, 0x3c,
95 0x6a, 0x0a, 0x5d, 0x3f, 0xc9, 0x8d, 0x99, 0xa5,
96 0x50, 0x26, 0x25, 0x4e, 0xdc, 0x69, 0x52, 0xb3,
97 0x33, 0x70, 0xe7, 0x72, 0xa2, 0x83, 0x92, 0x54,
98 0xd1, 0xd4, 0x86, 0x15, 0xf2, 0xc4, 0x65, 0xf8,
99 0xbc, 0xe5, 0xd2, 0x1e, 0x12, 0x25, 0x9e, 0x75,
100 0x8e, 0x77, 0xd2, 0x8e, 0x94, 0xca, 0x03, 0x4b,
101 0xf4, 0xc8, 0xca, 0xe3, 0xe3, 0x9b, 0x66, 0xa3,
102 0xa1, 0x37, 0x74, 0xcc, 0xfe, 0xc4, 0x1e, 0x64,
103 0xdc, 0xe3, 0x18, 0xba, 0xc1, 0x7b, 0x39, 0x5b,
104 0xb1, 0x47, 0xe9, 0x11, 0x92, 0xef, 0xee, 0xe6,
105 0x08, 0xcd, 0x93, 0x7b, 0x09, 0xc7, 0x39, 0xfe,
106 0xe5, 0xe2, 0x47, 0x3f, 0x68, 0x78, 0xa4, 0x17,
107 0x78, 0x13, 0xcb, 0x12, 0x38, 0x9d, 0x89, 0x2b,
108 0x1f, 0x75, 0x9b, 0x87, 0x5d, 0x53, 0xfc, 0xb0,
109 0x2a, 0xaf, 0x2d, 0x86, 0x8a, 0x76, 0x3b, 0xce,
110 0x5e, 0xae, 0x43, 0x74, 0x68, 0xc3, 0x28, 0xbf,
111 0x10, 0x2f, 0xdd, 0xd9, 0x43, 0x4b, 0x2d, 0xa6,
112 0xdc, 0x1f, 0x6d, 0x90, 0xd0, 0xce, 0x14, 0x1e,
113 0x6c, 0xdc, 0x7b, 0x06, 0xe4, 0x7b, 0xa9, 0x81,
114 0x40, 0xed, 0xde, 0x18, 0xb7, 0xdf, 0x53, 0x61,
115 0xbc, 0x18, 0x83, 0x11, 0xc7, 0xb4, 0x1b, 0x99,
116 0xef, 0x14, 0xe4, 0x63, 0x39, 0xe3, 0x5c, 0x2f,
117 0xe7, 0x89, 0x58, 0x5b, 0xda, 0x03, 0x3a, 0x39,
118 0x96, 0x8a, 0xca, 0x4f, 0xd8, 0xe3, 0x6c, 0x7f,
119 0x6e, 0xd3, 0xe7, 0x30, 0x34, 0x9c, 0xdb, 0x8b,
120 0xe8, 0x6a, 0xa6, 0x08, 0x77, 0x1d, 0x63, 0xd6,
121 0x57, 0x9d, 0xcd, 0xa7, 0x47, 0x05, 0x39, 0x96,
122 0x7b, 0xfd, 0x9a, 0x09, 0x99, 0xef, 0x49, 0xb1,
123 0x89, 0x02, 0xbe, 0x4f, 0xb8, 0xef, 0xa0, 0x04,
124 0x29, 0x74, 0xfb, 0x9a, 0x7e, 0x9d, 0xa8, 0x10,
125 0xfb, 0x7e, 0xb0, 0x6c, 0x60, 0x4f, 0x57, 0x02,
126 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x05, 0x53,
127 0x30, 0x82, 0x05, 0x4f, 0x30, 0x0e, 0x06, 0x03,
128 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04,
129 0x03, 0x02, 0x05, 0xa0, 0x30, 0x81, 0x9e, 0x06,
130 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01,
131 0x01, 0x04, 0x81, 0x91, 0x30, 0x81, 0x8e, 0x30,
132 0x4b, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
133 0x07, 0x30, 0x02, 0x86, 0x3f, 0x68, 0x74, 0x74,
134 0x70, 0x3a, 0x2f, 0x2f, 0x73, 0x65, 0x63, 0x75,
135 0x72, 0x65, 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61,
136 0x6c, 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f,
137 0x6d, 0x2f, 0x63, 0x61, 0x63, 0x65, 0x72, 0x74,
138 0x2f, 0x67, 0x73, 0x6f, 0x72, 0x67, 0x61, 0x6e,
139 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x76,
140 0x61, 0x6c, 0x73, 0x68, 0x61, 0x32, 0x67, 0x33,
141 0x2e, 0x63, 0x72, 0x74, 0x30, 0x3f, 0x06, 0x08,
142 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01,
143 0x86, 0x33, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
144 0x2f, 0x6f, 0x63, 0x73, 0x70, 0x32, 0x2e, 0x67,
145 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x73, 0x69, 0x67,
146 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x73,
147 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61,
148 0x74, 0x69, 0x6f, 0x6e, 0x76, 0x61, 0x6c, 0x73,
149 0x68, 0x61, 0x32, 0x67, 0x33, 0x30, 0x56, 0x06,
150 0x03, 0x55, 0x1d, 0x20, 0x04, 0x4f, 0x30, 0x4d,
151 0x30, 0x41, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x04,
152 0x01, 0xa0, 0x32, 0x01, 0x14, 0x30, 0x34, 0x30,
153 0x32, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
154 0x07, 0x02, 0x01, 0x16, 0x26, 0x68, 0x74, 0x74,
155 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77,
156 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x73,
157 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
158 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x6f,
159 0x72, 0x79, 0x2f, 0x30, 0x08, 0x06, 0x06, 0x67,
160 0x81, 0x0c, 0x01, 0x02, 0x02, 0x30, 0x09, 0x06,
161 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00,
162 0x30, 0x46, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04,
163 0x3f, 0x30, 0x3d, 0x30, 0x3b, 0xa0, 0x39, 0xa0,
164 0x37, 0x86, 0x35, 0x68, 0x74, 0x74, 0x70, 0x3a,
165 0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x67, 0x6c,
166 0x6f, 0x62, 0x61, 0x6c, 0x73, 0x69, 0x67, 0x6e,
167 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x73, 0x6f,
168 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74,
169 0x69, 0x6f, 0x6e, 0x76, 0x61, 0x6c, 0x73, 0x68,
170 0x61, 0x32, 0x67, 0x33, 0x2e, 0x63, 0x72, 0x6c,
171 0x30, 0x82, 0x02, 0x10, 0x06, 0x03, 0x55, 0x1d,
172 0x11, 0x04, 0x82, 0x02, 0x07, 0x30, 0x82, 0x02,
173 0x03, 0x82, 0x0b, 0x6f, 0x75, 0x74, 0x6c, 0x6f,
174 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x16,
175 0x2a, 0x2e, 0x63, 0x6c, 0x6f, 0x2e, 0x66, 0x6f,
176 0x6f, 0x74, 0x70, 0x72, 0x69, 0x6e, 0x74, 0x64,
177 0x6e, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x0d,
178 0x2a, 0x2e, 0x68, 0x6f, 0x74, 0x6d, 0x61, 0x69,
179 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x16, 0x2a,
180 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61,
181 0x6c, 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f,
182 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x0a, 0x2a,
183 0x2e, 0x6c, 0x69, 0x76, 0x65, 0x2e, 0x63, 0x6f,
184 0x6d, 0x82, 0x16, 0x2a, 0x2e, 0x6e, 0x72, 0x62,
185 0x2e, 0x66, 0x6f, 0x6f, 0x74, 0x70, 0x72, 0x69,
186 0x6e, 0x74, 0x64, 0x6e, 0x73, 0x2e, 0x63, 0x6f,
187 0x6d, 0x82, 0x0c, 0x2a, 0x2e, 0x6f, 0x66, 0x66,
188 0x69, 0x63, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x82,
189 0x0f, 0x2a, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63,
190 0x65, 0x33, 0x36, 0x35, 0x2e, 0x63, 0x6f, 0x6d,
191 0x82, 0x0d, 0x2a, 0x2e, 0x6f, 0x75, 0x74, 0x6c,
192 0x6f, 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x82,
193 0x17, 0x2a, 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f,
194 0x6f, 0x6b, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63,
195 0x65, 0x33, 0x36, 0x35, 0x2e, 0x63, 0x6f, 0x6d,
196 0x82, 0x1b, 0x61, 0x74, 0x74, 0x61, 0x63, 0x68,
197 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x6f, 0x75, 0x74,
198 0x6c, 0x6f, 0x6f, 0x6b, 0x2e, 0x6c, 0x69, 0x76,
199 0x65, 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x1d, 0x61,
200 0x74, 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65, 0x6e,
201 0x74, 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f,
202 0x6b, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65,
203 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x20, 0x61, 0x74,
204 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65, 0x6e, 0x74,
205 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f, 0x6b,
206 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, 0x70,
207 0x70, 0x65, 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x16,
208 0x61, 0x74, 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65,
209 0x6e, 0x74, 0x73, 0x2e, 0x6f, 0x66, 0x66, 0x69,
210 0x63, 0x65, 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x1a,
211 0x61, 0x74, 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65,
212 0x6e, 0x74, 0x73, 0x2d, 0x73, 0x64, 0x66, 0x2e,
213 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, 0x2e, 0x6e,
214 0x65, 0x74, 0x82, 0x1d, 0x63, 0x63, 0x73, 0x2e,
215 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x2e, 0x6d, 0x69,
216 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x6f,
217 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x2e, 0x63, 0x6f,
218 0x6d, 0x82, 0x21, 0x63, 0x63, 0x73, 0x2d, 0x73,
219 0x64, 0x66, 0x2e, 0x6c, 0x6f, 0x67, 0x69, 0x6e,
220 0x2e, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f,
221 0x66, 0x74, 0x6f, 0x6e, 0x6c, 0x69, 0x6e, 0x65,
222 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x0b, 0x68, 0x6f,
223 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
224 0x6d, 0x82, 0x16, 0x6d, 0x61, 0x69, 0x6c, 0x2e,
225 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73,
226 0x2e, 0x6c, 0x69, 0x76, 0x65, 0x2e, 0x63, 0x6f,
227 0x6d, 0x82, 0x0d, 0x6f, 0x66, 0x66, 0x69, 0x63,
228 0x65, 0x33, 0x36, 0x35, 0x2e, 0x63, 0x6f, 0x6d,
229 0x82, 0x12, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f,
230 0x6b, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65,
231 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x14, 0x73, 0x75,
232 0x62, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x2e,
233 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, 0x2e, 0x63,
234 0x6f, 0x6d, 0x82, 0x18, 0x73, 0x75, 0x62, 0x73,
235 0x74, 0x72, 0x61, 0x74, 0x65, 0x2d, 0x73, 0x64,
236 0x66, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65,
237 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1d, 0x06, 0x03,
238 0x55, 0x1d, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06,
239 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03,
240 0x01, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
241 0x07, 0x03, 0x02, 0x30, 0x1f, 0x06, 0x03, 0x55,
242 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
243 0x68, 0x86, 0xb8, 0x7d, 0x7a, 0xd9, 0x6d, 0x49,
244 0x6b, 0x87, 0x2f, 0x18, 0x8b, 0x15, 0x34, 0x6c,
245 0xd7, 0xb4, 0x7a, 0x0e, 0x30, 0x1d, 0x06, 0x03,
246 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x8a,
247 0x7c, 0x73, 0x44, 0x70, 0xa8, 0x4d, 0x83, 0x25,
248 0x6f, 0xa6, 0x53, 0xda, 0x42, 0x52, 0x96, 0xc9,
249 0x15, 0x71, 0x21, 0x30, 0x82, 0x01, 0x7c, 0x06,
250 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79,
251 0x02, 0x04, 0x02, 0x04, 0x82, 0x01, 0x6c, 0x04,
252 0x82, 0x01, 0x68, 0x01, 0x66, 0x00, 0x76, 0x00,
253 0x22, 0x45, 0x45, 0x07, 0x59, 0x55, 0x24, 0x56,
254 0x96, 0x3f, 0xa1, 0x2f, 0xf1, 0xf7, 0x6d, 0x86,
255 0xe0, 0x23, 0x26, 0x63, 0xad, 0xc0, 0x4b, 0x7f,
256 0x5d, 0xc6, 0x83, 0x5c, 0x6e, 0xe2, 0x0f, 0x02,
257 0x00, 0x00, 0x01, 0x73, 0xea, 0x1e, 0x7d, 0x2f,
258 0x00, 0x00, 0x04, 0x03, 0x00, 0x47, 0x30, 0x45,
259 0x02, 0x21, 0x00, 0xf4, 0x50, 0x8f, 0xe7, 0x38,
260 0xc9, 0x7a, 0xd1, 0xf7, 0xf7, 0x69, 0xc5, 0x05,
261 0xea, 0x8e, 0x03, 0x80, 0x2c, 0x87, 0x06, 0x03,
262 0xb6, 0x9b, 0xe6, 0xa5, 0x83, 0x2f, 0xb9, 0xaf,
263 0x7b, 0xb4, 0xac, 0x02, 0x20, 0x51, 0xa6, 0x8f,
264 0xe8, 0xe5, 0x6c, 0xa7, 0xff, 0x16, 0x01, 0x7e,
265 0x15, 0x42, 0x11, 0x31, 0xdc, 0xdc, 0xc7, 0x37,
266 0x7c, 0x64, 0x2c, 0xac, 0xdd, 0x42, 0xbb, 0x3c,
267 0x79, 0x31, 0x74, 0xcc, 0x9d, 0x00, 0x75, 0x00,
268 0x29, 0x79, 0xbe, 0xf0, 0x9e, 0x39, 0x39, 0x21,
269 0xf0, 0x56, 0x73, 0x9f, 0x63, 0xa5, 0x77, 0xe5,
270 0xbe, 0x57, 0x7d, 0x9c, 0x60, 0x0a, 0xf8, 0xf9,
271 0x4d, 0x5d, 0x26, 0x5c, 0x25, 0x5d, 0xc7, 0x84,
272 0x00, 0x00, 0x01, 0x73, 0xea, 0x1e, 0x7a, 0xa7,
273 0x00, 0x00, 0x04, 0x03, 0x00, 0x46, 0x30, 0x44,
274 0x02, 0x20, 0x03, 0xf1, 0x19, 0xd7, 0x0f, 0x2f,
275 0xc4, 0xa9, 0x84, 0xa0, 0x33, 0xd4, 0x76, 0xa6,
276 0xee, 0xf1, 0xae, 0xe0, 0x03, 0xe7, 0xae, 0x98,
277 0x43, 0x17, 0xb0, 0x0f, 0xfb, 0x12, 0xbb, 0x13,
278 0xda, 0x34, 0x02, 0x20, 0x10, 0xe6, 0xa9, 0x1d,
279 0x8b, 0x1c, 0x64, 0xd4, 0xc9, 0xf7, 0xc0, 0x3d,
280 0x3c, 0x77, 0x49, 0xb1, 0x08, 0x3d, 0x1d, 0x5e,
281 0x34, 0xf9, 0xd9, 0x10, 0x7c, 0x74, 0x6b, 0x18,
282 0xc6, 0x5e, 0x6d, 0x07, 0x00, 0x75, 0x00, 0x55,
283 0x81, 0xd4, 0xc2, 0x16, 0x90, 0x36, 0x01, 0x4a,
284 0xea, 0x0b, 0x9b, 0x57, 0x3c, 0x53, 0xf0, 0xc0,
285 0xe4, 0x38, 0x78, 0x70, 0x25, 0x08, 0x17, 0x2f,
286 0xa3, 0xaa, 0x1d, 0x07, 0x13, 0xd3, 0x0c, 0x00,
287 0x00, 0x01, 0x73, 0xea, 0x1e, 0x7d, 0xae, 0x00,
288 0x00, 0x04, 0x03, 0x00, 0x46, 0x30, 0x44, 0x02,
289 0x20, 0x26, 0x21, 0x64, 0xdb, 0xa6, 0xe2, 0x3d,
290 0x32, 0x7d, 0x9f, 0xa8, 0xae, 0xb7, 0x29, 0xb7,
291 0x42, 0x9b, 0x49, 0xaa, 0xf5, 0xa5, 0xc0, 0x12,
292 0x01, 0xa1, 0xb6, 0xe7, 0xf2, 0x01, 0xd4, 0x2f,
293 0x45, 0x02, 0x20, 0x4e, 0x19, 0xba, 0x47, 0x75,
294 0x8b, 0x49, 0xd7, 0x4b, 0xba, 0x04, 0x62, 0xdd,
295 0xa2, 0xb7, 0x6b, 0x05, 0xd0, 0x01, 0x1f, 0x7c,
296 0x36, 0x17, 0x27, 0x29, 0xb2, 0x17, 0x1c, 0x7f,
297 0x10, 0x81, 0x8a, 0x30, 0x0d, 0x06, 0x09, 0x2a,
298 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
299 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x26,
300 0xf4, 0xa3, 0x77, 0x1d, 0xdc, 0x9e, 0xc4, 0x1a,
301 0x88, 0x23, 0x30, 0x8c, 0xe1, 0x14, 0xf9, 0x62,
302 0x0e, 0xbf, 0xad, 0x24, 0xc9, 0xab, 0xab, 0xd0,
303 0x68, 0x8b, 0xbc, 0xf1, 0xec, 0x1c, 0xd0, 0x96,
304 0xad, 0xf9, 0x5f, 0xdd, 0xe0, 0xee, 0xa8, 0xe0,
305 0x2c, 0x3a, 0x19, 0xa5, 0x68, 0x0c, 0x6e, 0xfe,
306 0xe6, 0x80, 0xce, 0xa3, 0x3b, 0x6c, 0x00, 0x88,
307 0x5c, 0xbf, 0x3c, 0xd8, 0x68, 0x08, 0x36, 0xb9,
308 0x9e, 0x84, 0x9b, 0x5f, 0x97, 0xfb, 0x77, 0xea,
309 0x72, 0xfb, 0x73, 0x47, 0x00, 0xb0, 0xa8, 0x7c,
310 0x64, 0x38, 0xf1, 0xcc, 0xc0, 0x29, 0x71, 0x67,
311 0x65, 0x76, 0x4c, 0x80, 0x58, 0x97, 0xc8, 0x62,
312 0x63, 0x3e, 0xf1, 0x3e, 0xc0, 0x0e, 0x48, 0x5f,
313 0x55, 0x21, 0x8f, 0x96, 0x68, 0xbd, 0x41, 0x14,
314 0x7a, 0x0b, 0x8c, 0x31, 0x5b, 0x39, 0xac, 0xa3,
315 0xa0, 0x99, 0x58, 0x24, 0xfa, 0xd9, 0x19, 0x32,
316 0x1c, 0x9f, 0x2d, 0xa9, 0xed, 0xb9, 0x97, 0xa4,
317 0x66, 0x30, 0x29, 0xd8, 0x82, 0xa2, 0xf5, 0xfc,
318 0x6d, 0x10, 0xf1, 0xac, 0x1d, 0x3f, 0xfb, 0xde,
319 0xa1, 0x0e, 0xb6, 0x84, 0x90, 0xd4, 0x55, 0x5c,
320 0x21, 0x1b, 0x1f, 0x21, 0x45, 0x92, 0xc5, 0x9a,
321 0x47, 0x05, 0x0f, 0xb8, 0x1c, 0x78, 0x6e, 0xb9,
322 0x6b, 0xa3, 0xa9, 0x8d, 0xb1, 0x59, 0xff, 0xf4,
323 0xe6, 0x71, 0x77, 0x38, 0x12, 0xfe, 0x41, 0x8f,
324 0x04, 0x92, 0x08, 0x3f, 0x32, 0x2a, 0x92, 0x5e,
325 0x0a, 0x7b, 0x7e, 0x04, 0xee, 0x24, 0x10, 0x39,
326 0xf3, 0xac, 0x5e, 0x04, 0x93, 0x91, 0xa2, 0x8f,
327 0x90, 0x04, 0x33, 0x5c, 0x5c, 0x94, 0xb3, 0x80,
328 0x2b, 0x43, 0xbf, 0xe3, 0x74, 0x64, 0x20, 0xf4,
329 0x00, 0xb2, 0x6c, 0x7b, 0xa8, 0x77, 0xfb, 0x74,
330 0x35, 0xce, 0xdd, 0xb6, 0x5f, 0x83, 0x18, 0xc4,
331 0xe7, 0x31, 0x1a, 0x8d, 0x30, 0x0d, 0xc4, 0x00,
332 0x04, 0x8f, 0x30, 0x82, 0x04, 0x8b, 0x30, 0x82,
333 0x03, 0x73, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02,
334 0x0e, 0x47, 0x07, 0xb1, 0x01, 0x9a, 0x0c, 0x57,
335 0xad, 0x39, 0xb3, 0xe1, 0x7d, 0xa9, 0xf9, 0x30,
336 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
337 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x57,
338 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
339 0x06, 0x13, 0x02, 0x42, 0x45, 0x31, 0x19, 0x30,
340 0x17, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x10,
341 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x53, 0x69,
342 0x67, 0x6e, 0x20, 0x6e, 0x76, 0x2d, 0x73, 0x61,
343 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04,
344 0x0b, 0x13, 0x07, 0x52, 0x6f, 0x6f, 0x74, 0x20,
345 0x43, 0x41, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03,
346 0x55, 0x04, 0x03, 0x13, 0x12, 0x47, 0x6c, 0x6f,
347 0x62, 0x61, 0x6c, 0x53, 0x69, 0x67, 0x6e, 0x20,
348 0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x30,
349 0x1e, 0x17, 0x0d, 0x31, 0x35, 0x30, 0x39, 0x30,
350 0x34, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a,
351 0x17, 0x0d, 0x32, 0x35, 0x30, 0x39, 0x30, 0x34,
352 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30,
353 0x66, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
354 0x04, 0x06, 0x13, 0x02, 0x42, 0x45, 0x31, 0x19,
355 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13,
356 0x10, 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x53,
357 0x69, 0x67, 0x6e, 0x20, 0x6e, 0x76, 0x2d, 0x73,
358 0x61, 0x31, 0x3c, 0x30, 0x3a, 0x06, 0x03, 0x55,
359 0x04, 0x03, 0x13, 0x33, 0x47, 0x6c, 0x6f, 0x62,
360 0x61, 0x6c, 0x53, 0x69, 0x67, 0x6e, 0x20, 0x4f,
361 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74,
362 0x69, 0x6f, 0x6e, 0x20, 0x56, 0x61, 0x6c, 0x69,
363 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x43,
364 0x41, 0x20, 0x2d, 0x20, 0x53, 0x48, 0x41, 0x32,
365 0x35, 0x36, 0x20, 0x2d, 0x20, 0x47, 0x33, 0x30,
366 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a,
367 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
368 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30,
369 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00,
370 0xc9, 0x86, 0xa2, 0x05, 0x3e, 0xec, 0x77, 0x4d,
371 0x79, 0x42, 0x81, 0xf2, 0xc5, 0x46, 0xa9, 0xc2,
372 0x9b, 0xf9, 0x57, 0xa9, 0x48, 0xdd, 0x3c, 0x3b,
373 0xe2, 0x16, 0x47, 0x83, 0x15, 0x0c, 0x36, 0x88,
374 0x61, 0xb3, 0xc8, 0xb9, 0xd5, 0x20, 0x97, 0xb6,
375 0xfe, 0x07, 0x30, 0x01, 0x9e, 0x01, 0x3a, 0xf9,
376 0x50, 0x87, 0xa0, 0x4f, 0x60, 0xcc, 0x90, 0xf6,
377 0xdd, 0x1f, 0xa6, 0xc7, 0x55, 0x00, 0x6c, 0x54,
378 0x31, 0x5f, 0x02, 0x9a, 0xf7, 0x7f, 0x07, 0x9a,
379 0xd2, 0x22, 0x53, 0x05, 0xcd, 0x9f, 0xc7, 0xbb,
380 0x7b, 0x59, 0x3b, 0x8a, 0xb2, 0x93, 0x78, 0x0d,
381 0x43, 0x02, 0x92, 0x76, 0xa5, 0x29, 0xf8, 0x7c,
382 0x9d, 0x5c, 0x3a, 0xa2, 0xf8, 0x52, 0x72, 0x22,
383 0x45, 0x91, 0xfd, 0x90, 0x12, 0x28, 0x4d, 0x75,
384 0xe4, 0xdd, 0xaa, 0x79, 0x58, 0x68, 0x6f, 0x2a,
385 0x7e, 0x7b, 0xef, 0xd1, 0x9e, 0x7f, 0x52, 0xdc,
386 0xcb, 0x1c, 0x48, 0xe2, 0x3e, 0x4d, 0x5c, 0x47,
387 0x7a, 0xb4, 0xf1, 0xce, 0xff, 0xd9, 0x60, 0x2b,
388 0x77, 0xd1, 0x62, 0x22, 0x2d, 0xa9, 0x5a, 0x06,
389 0x16, 0xee, 0x37, 0x6a, 0x51, 0xcf, 0x8e, 0xa5,
390 0xd1, 0x6e, 0x70, 0x4a, 0xf0, 0xd8, 0x63, 0x60,
391 0x6a, 0x72, 0x55, 0xd7, 0xf1, 0x99, 0x38, 0x86,
392 0x44, 0x67, 0x18, 0xe0, 0x71, 0x8e, 0xc1, 0x40,
393 0x6d, 0x85, 0xda, 0x4b, 0xdd, 0x31, 0x73, 0xbc,
394 0x32, 0xcc, 0x6f, 0x8e, 0x7b, 0xb9, 0x8d, 0x4b,
395 0x80, 0xda, 0xb9, 0xc7, 0xc6, 0x24, 0x83, 0x5e,
396 0x32, 0xfb, 0x87, 0xe9, 0x8b, 0x61, 0x67, 0xa2,
397 0x99, 0x76, 0xdb, 0xa5, 0xaa, 0xb4, 0xe8, 0x6c,
398 0x41, 0x9f, 0x5f, 0x2a, 0xb3, 0xd5, 0x7d, 0xd7,
399 0x92, 0xc8, 0x27, 0x4b, 0xec, 0x1f, 0xda, 0x05,
400 0x6d, 0x88, 0x73, 0x8f, 0x06, 0xb2, 0x38, 0x3d,
401 0x03, 0xa2, 0xe1, 0x87, 0x86, 0x3c, 0xc6, 0xa1,
402 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x01,
403 0x44, 0x30, 0x82, 0x01, 0x40, 0x30, 0x0e, 0x06,
404 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04,
405 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x1d, 0x06,
406 0x03, 0x55, 0x1d, 0x25, 0x04, 0x16, 0x30, 0x14,
407 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
408 0x03, 0x01, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05,
409 0x05, 0x07, 0x03, 0x02, 0x30, 0x12, 0x06, 0x03,
410 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08,
411 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x00,
412 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04,
413 0x16, 0x04, 0x14, 0x68, 0x86, 0xb8, 0x7d, 0x7a,
414 0xd9, 0x6d, 0x49, 0x6b, 0x87, 0x2f, 0x18, 0x8b,
415 0x15, 0x34, 0x6c, 0xd7, 0xb4, 0x7a, 0x0e, 0x30,
416 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18,
417 0x30, 0x16, 0x80, 0x14, 0x60, 0x7b, 0x66, 0x1a,
418 0x45, 0x0d, 0x97, 0xca, 0x89, 0x50, 0x2f, 0x7d,
419 0x04, 0xcd, 0x34, 0xa8, 0xff, 0xfc, 0xfd, 0x4b,
420 0x30, 0x3d, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05,
421 0x05, 0x07, 0x01, 0x01, 0x04, 0x31, 0x30, 0x2f,
422 0x30, 0x2d, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05,
423 0x05, 0x07, 0x30, 0x01, 0x86, 0x21, 0x68, 0x74,
424 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x6f, 0x63, 0x73,
425 0x70, 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c,
426 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d,
427 0x2f, 0x72, 0x6f, 0x6f, 0x74, 0x72, 0x31, 0x30,
428 0x33, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x2c,
429 0x30, 0x2a, 0x30, 0x28, 0xa0, 0x26, 0xa0, 0x24,
430 0x86, 0x22, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
431 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x67, 0x6c, 0x6f,
432 0x62, 0x61, 0x6c, 0x73, 0x69, 0x67, 0x6e, 0x2e,
433 0x63, 0x6f, 0x6d, 0x2f, 0x72, 0x6f, 0x6f, 0x74,
434 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x47, 0x06, 0x03,
435 0x55, 0x1d, 0x20, 0x04, 0x40, 0x30, 0x3e, 0x30,
436 0x3c, 0x06, 0x04, 0x55, 0x1d, 0x20, 0x00, 0x30,
437 0x34, 0x30, 0x32, 0x06, 0x08, 0x2b, 0x06, 0x01,
438 0x05, 0x05, 0x07, 0x02, 0x01, 0x16, 0x26, 0x68,
439 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77,
440 0x77, 0x77, 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61,
441 0x6c, 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f,
442 0x6d, 0x2f, 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69,
443 0x74, 0x6f, 0x72, 0x79, 0x2f, 0x30, 0x0d, 0x06,
444 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
445 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01,
446 0x00, 0x9a, 0xb9, 0x82, 0x1c, 0xdd, 0x83, 0x83,
447 0x8b, 0x92, 0xc0, 0xc4, 0xed, 0x01, 0xad, 0x84,
448 0xfc, 0x4e, 0xee, 0x6d, 0x9c, 0x1d, 0x01, 0xfa,
449 0x52, 0x14, 0xdb, 0xd8, 0xc2, 0x10, 0x63, 0x9f,
450 0x6b, 0x39, 0x9a, 0xc7, 0x1c, 0x3c, 0xa0, 0xaa,
451 0xe3, 0x19, 0x3a, 0xfc, 0x64, 0x46, 0x2a, 0xef,
452 0x35, 0x26, 0x03, 0xf6, 0x05, 0x67, 0xfa, 0x6e,
453 0x74, 0xe1, 0x46, 0xfb, 0x40, 0xd8, 0x6f, 0xae,
454 0x2d, 0x39, 0x21, 0x74, 0x86, 0x9f, 0x00, 0x05,
455 0x1a, 0x3f, 0x2f, 0x93, 0x5b, 0xd4, 0xa4, 0x45,
456 0xbc, 0x3d, 0x0c, 0x29, 0x17, 0x5a, 0xd3, 0xfb,
457 0x68, 0xa6, 0x0f, 0xe0, 0x00, 0x68, 0x79, 0xb0,
458 0x4c, 0xb1, 0x45, 0x8b, 0xc8, 0x85, 0x8c, 0x67,
459 0x0e, 0x8c, 0x7d, 0x54, 0xf8, 0xb0, 0x75, 0xce,
460 0x0a, 0xac, 0x1d, 0xd7, 0x6b, 0x44, 0xac, 0xfe,
461 0x1b, 0xd4, 0xa6, 0x98, 0x21, 0x09, 0x3e, 0xa2,
462 0x4b, 0x33, 0xba, 0xba, 0x4b, 0x12, 0xa8, 0x6b,
463 0x57, 0x27, 0x9d, 0xfa, 0x94, 0x80, 0xb4, 0x68,
464 0x4c, 0x77, 0x60, 0xff, 0xd7, 0x29, 0x5a, 0x38,
465 0x3d, 0xce, 0x2d, 0x4b, 0x08, 0x56, 0x9f, 0x69,
466 0xcb, 0x7b, 0xd8, 0xe2, 0x36, 0xf9, 0x37, 0x69,
467 0xc5, 0xce, 0x36, 0x97, 0x1c, 0xba, 0x0d, 0x3f,
468 0x15, 0xb3, 0x65, 0xa0, 0xec, 0x74, 0x12, 0xbd,
469 0xb3, 0xad, 0xe8, 0xde, 0x9e, 0xa1, 0xec, 0xd3,
470 0xbf, 0xa9, 0xe0, 0xa5, 0x91, 0x6d, 0x83, 0x59,
471 0x12, 0x56, 0x2f, 0x13, 0xa6, 0x7e, 0x79, 0x73,
472 0xa1, 0xa3, 0x89, 0xd5, 0xe1, 0xa5, 0x8c, 0xce,
473 0x2d, 0xac, 0x8a, 0xcf, 0x62, 0x16, 0x65, 0xcd,
474 0xd9, 0xee, 0xa8, 0xb6, 0x40, 0x08, 0xb5, 0x7c,
475 0x50, 0xf9, 0x37, 0x82, 0x7a, 0xa4, 0x0b, 0x34,
476 0x66, 0xec, 0xe9, 0x97, 0x57, 0x1f, 0x8a, 0x67,
477 0x3e, 0x81, 0xbc, 0x3b, 0x35, 0xd3, 0x2a, 0x48,
478 0x0c, 0x0c, 0x00, 0x01, 0x69, 0x03, 0x00, 0x18,
479 0x61, 0x04, 0xb7, 0xa9, 0xbd, 0x74, 0x71, 0xd5,
480 0x68, 0xbf, 0xd8, 0xa6, 0x84, 0x12, 0xaf, 0x8f,
481 0xd4, 0x2c, 0xcf, 0xf9, 0x72, 0x2b, 0x8c, 0x6c,
482 0x73, 0xa3, 0x13, 0x74, 0xdb, 0x83, 0x3e, 0xa6,
483 0xf4, 0x1b, 0xee, 0xa9, 0x34, 0xe5, 0x65, 0xa7,
484 0xaf, 0xef, 0xf2, 0xac, 0xfb, 0x87, 0xb4, 0xdb,
485 0x8b, 0x05, 0x4f, 0xe8, 0x25, 0x3d, 0x32, 0x65,
486 0xda, 0x47, 0xd8, 0xd2, 0x86, 0xad, 0x9b, 0x37,
487 0xbc, 0x45, 0xef, 0xb6, 0x91, 0xa2, 0x71, 0x2f,
488 0x13, 0x68, 0xfa, 0xa7, 0x20, 0xe4, 0x8a, 0xa8,
489 0x9b, 0xbe, 0xf6, 0x7c, 0xc8, 0x16, 0xd4, 0x50,
490 0x9d, 0x63, 0xb3, 0xf4, 0x6e, 0xd3, 0x8f, 0x32,
491 0x68, 0x66, 0x04, 0x01, 0x01, 0x00, 0xaa, 0xcb,
492 0x90, 0xbd, 0x94, 0x10, 0xab, 0xfc, 0x30, 0x1d,
493 0x68, 0x1c, 0xb4, 0x21, 0xcf, 0x73, 0xa5, 0x4b,
494 0x20, 0x94, 0xde, 0x66, 0x99, 0x54, 0x3f, 0xba,
495 0x40, 0x58, 0x50, 0xe3, 0x64, 0x53, 0x90, 0x9e,
496 0xf8, 0x67, 0xcc, 0x85, 0x4a, 0xdc, 0xd8, 0xd7,
497 0xc8, 0xb5, 0xe0, 0x92, 0x02, 0x6b, 0xa8, 0x76,
498 0x67, 0xc5, 0xae, 0x12, 0x56, 0xff, 0xd1, 0xda,
499 0xc0, 0x48, 0x17, 0x99, 0xc9, 0xbe, 0x02, 0xc6,
500 0x9e, 0x5c, 0xd9, 0x44, 0x3f, 0x06, 0xbd, 0x98,
501 0xe3, 0x4d, 0x46, 0x10, 0xe8, 0x20, 0xed, 0x7b,
502 0xcd, 0x73, 0xed, 0x03, 0x6a, 0x4c, 0x49, 0xaf,
503 0xbe, 0xa3, 0xe0, 0xab, 0x9a, 0xb8, 0xf8, 0x06,
504 0x25, 0x31, 0x8d, 0x32, 0x44, 0xfd, 0xd6, 0xb0,
505 0xd4, 0x6c, 0x9a, 0x2a, 0x0f, 0xab, 0xe2, 0x13,
506 0x10, 0x6d, 0x41, 0x0b, 0x97, 0x74, 0xa0, 0x04,
507 0x16, 0x60, 0xf1, 0x8e, 0x74, 0xf3, 0x91, 0x75,
508 0x2b, 0x92, 0x2b, 0xc7, 0x5b, 0x6f, 0x1d, 0x70,
509 0xe2, 0xc6, 0x9a, 0x7d, 0x66, 0x55, 0x98, 0x01,
510 0x71, 0xb8, 0xdd, 0xf4, 0x70, 0xc9, 0x74, 0x56,
511 0xcc, 0xa5, 0x2c, 0x51, 0x70, 0x72, 0xc2, 0x44,
512 0xb9, 0x59, 0xc3, 0xc3, 0xf8, 0x29, 0x4e, 0x79,
513 0x40, 0x9b, 0x30, 0x35, 0x66, 0xb2, 0xd8, 0x7d,
514 0xfe, 0x65, 0x6b, 0xf0, 0x17, 0xa3, 0x13, 0xc7,
515 0xc7, 0xc6, 0x48, 0xb2, 0xae, 0x4f, 0x26, 0x0b,
516 0x8a, 0x40, 0xaa, 0x06, 0x65, 0x8a, 0x95, 0x00,
517 0xc4, 0xc9, 0xfd, 0x69, 0x0a, 0xa9, 0x0a, 0x18,
518 0xff, 0x95, 0x40, 0xab, 0x84, 0x75, 0xfe, 0x11,
519 0xb1, 0x6f, 0xca, 0x5e, 0xf7, 0xe4, 0x1d, 0x8d,
520 0x08, 0x1c, 0xd3, 0x95, 0xf4, 0x9b, 0x17, 0x41,
521 0xa8, 0x8f, 0x6e, 0xfa, 0x6c, 0x43, 0x60, 0x39,
522 0x0a, 0xa2, 0x7e, 0xdf, 0x3e, 0x74, 0xc2, 0xbf,
523 0xaf, 0x96, 0x96, 0xbd, 0x21, 0x4b, 0x0d, 0x00,
524 0x00, 0x1a, 0x03, 0x01, 0x02, 0x40, 0x00, 0x12,
525 0x04, 0x01, 0x05, 0x01, 0x02, 0x01, 0x04, 0x03,
526 0x05, 0x03, 0x02, 0x03, 0x02, 0x02, 0x06, 0x01,
527 0x06, 0x03, 0x00, 0x00, 0x0e, 0x00, 0x00, 0x00,
528};
529
530struct tlslegacy_client_test {
531 const unsigned char *desc;
532 unsigned char *server_response;
533 const size_t server_response_len;
534 const SSL_METHOD *(*ssl_method)(void);
535 int want_state;
536};
537
538static struct tlslegacy_client_test tlslegacy_client_tests[] = {
539 {
540 .desc = "TLSv1.2 legacy fallback",
541 .server_response = tls12_server_response,
542 .server_response_len = sizeof(tls12_server_response),
543 .ssl_method = TLS_client_method,
544 .want_state = SSL3_ST_CR_CERT_A,
545 },
546 {
547 .desc = "TLSv1.2 legacy fallback with server cert",
548 .server_response = tls12_server_response_with_cert,
549 .server_response_len = sizeof(tls12_server_response_with_cert),
550 .ssl_method = TLS_client_method,
551 .want_state = SSL3_ST_CR_KEY_EXCH_B,
552 },
553};
554
555#define N_TLSLEGACY_CLIENT_TESTS \
556 (sizeof(tlslegacy_client_tests) / sizeof(*tlslegacy_client_tests))
557
558static int
559tlslegacy_client_test(int testno, struct tlslegacy_client_test *tct)
560{
561 BIO *rbio = NULL, *wbio = NULL;
562 SSL_CTX *ssl_ctx = NULL;
563 SSL *ssl = NULL;
564 int ret = 1;
565
566 fprintf(stderr, "Test %d - %s\n", testno, tct->desc);
567
568 if ((rbio = BIO_new_mem_buf(tct->server_response,
569 tct->server_response_len)) == NULL) {
570 fprintf(stderr, "Failed to setup rbio\n");
571 goto failure;
572 }
573 if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
574 fprintf(stderr, "Failed to setup wbio\n");
575 goto failure;
576 }
577
578 if ((ssl_ctx = SSL_CTX_new(tct->ssl_method())) == NULL) {
579 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
580 goto failure;
581 }
582
583 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
584 fprintf(stderr, "SSL_new() returned NULL\n");
585 goto failure;
586 }
587
588 BIO_up_ref(rbio);
589 BIO_up_ref(wbio);
590 SSL_set_bio(ssl, rbio, wbio);
591
592 if (SSL_connect(ssl) == 1) {
593 fprintf(stderr, "SSL_connect() succeeded\n");
594 goto failure;
595 }
596
597 if (SSL_state(ssl) != tct->want_state) {
598 fprintf(stderr, "FAIL: Got SSL state %x, want %x",
599 SSL_state(ssl), tct->want_state);
600 goto failure;
601 }
602
603 ret = 0;
604
605 failure:
606 SSL_CTX_free(ssl_ctx);
607 SSL_free(ssl);
608
609 BIO_free(rbio);
610 BIO_free(wbio);
611
612 return (ret);
613}
614
615int
616main(int argc, char **argv)
617{
618 int failed = 0;
619 size_t i;
620
621 for (i = 0; i < N_TLSLEGACY_CLIENT_TESTS; i++)
622 failed |= tlslegacy_client_test(i, &tlslegacy_client_tests[i]);
623
624 return (failed);
625}
diff --git a/src/regress/lib/libssl/unit/Makefile b/src/regress/lib/libssl/unit/Makefile
deleted file mode 100644
index 6a925069ca..0000000000
--- a/src/regress/lib/libssl/unit/Makefile
+++ /dev/null
@@ -1,21 +0,0 @@
1# $OpenBSD: Makefile,v 1.16 2023/05/24 09:15:14 tb Exp $
2
3PROGS += cipher_list
4PROGS += ssl_get_shared_ciphers
5PROGS += ssl_methods
6PROGS += ssl_set_alpn_protos
7PROGS += ssl_verify_param
8PROGS += ssl_versions
9PROGS += tls_ext_alpn
10PROGS += tls_prf
11
12WARNINGS= Yes
13LDADD = ${SSL_INT} -lcrypto
14DPADD = ${LIBSSL} ${LIBCRYPTO}
15CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror
16CFLAGS+= -DCERTSDIR=\"${.CURDIR}/../certs\"
17CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
18
19LDADD_ssl_verify_param = ${LIBSSL} ${CRYPTO_INT}
20
21.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/unit/cipher_list.c b/src/regress/lib/libssl/unit/cipher_list.c
deleted file mode 100644
index c715f60e0b..0000000000
--- a/src/regress/lib/libssl/unit/cipher_list.c
+++ /dev/null
@@ -1,231 +0,0 @@
1/* $OpenBSD: cipher_list.c,v 1.14 2022/12/17 16:05:28 jsing Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19/*
20 * Test TLS ssl bytes (aka cipher suites) to cipher list and back.
21 *
22 * TLSv1.0 - RFC 2246 section 7.4.1.2 (ClientHello struct)
23 * TLSv1.1 - RFC 4346 section 7.4.1.2 (ClientHello struct)
24 * TLSv1.2 - RFC 5246 section 7.4.1.2 (ClientHello struct)
25 *
26 * In all of these standards, the relevant structures are:
27 *
28 * uint8 CipherSuite[2];
29 *
30 * struct {
31 * ...
32 * CipherSuite cipher_suites<2..2^16-2>
33 * ...
34 * } ClientHello;
35 */
36
37#include <openssl/ssl.h>
38
39#include <stdio.h>
40#include <string.h>
41
42#include "ssl_local.h"
43
44#include "tests.h"
45
46static uint8_t cipher_bytes[] = {
47 0xcc, 0xa8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */
48 0xcc, 0xa9, /* ECDHE-RSA-CHACHA20-POLY1305 */
49 0xcc, 0xaa, /* DHE-RSA-CHACHA20-POLY1305 */
50 0x00, 0x9c, /* AES128-GCM-SHA256 */
51 0x00, 0x3d, /* AES256-SHA256 */
52};
53
54static uint8_t cipher_bytes_seclevel3[] = {
55 0xcc, 0xa8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */
56 0xcc, 0xa9, /* ECDHE-RSA-CHACHA20-POLY1305 */
57 0xcc, 0xaa, /* DHE-RSA-CHACHA20-POLY1305 */
58};
59
60static uint16_t cipher_values[] = {
61 0xcca8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */
62 0xcca9, /* ECDHE-RSA-CHACHA20-POLY1305 */
63 0xccaa, /* DHE-RSA-CHACHA20-POLY1305 */
64 0x009c, /* AES128-GCM-SHA256 */
65 0x003d, /* AES256-SHA256 */
66};
67
68#define N_CIPHERS (sizeof(cipher_bytes) / 2)
69
70static int
71ssl_bytes_to_list_alloc(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
72{
73 SSL_CIPHER *cipher;
74 uint16_t value;
75 CBS cbs;
76 int i;
77
78 CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes));
79
80 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
81 CHECK(*ciphers != NULL);
82 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
83 for (i = 0; i < sk_SSL_CIPHER_num(*ciphers); i++) {
84 cipher = sk_SSL_CIPHER_value(*ciphers, i);
85 CHECK(cipher != NULL);
86 value = SSL_CIPHER_get_value(cipher);
87 CHECK(value == cipher_values[i]);
88 }
89
90 return 1;
91}
92
93static int
94ssl_list_to_bytes_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers,
95 const uint8_t *cb, size_t cb_len)
96{
97 CBB cbb;
98 unsigned char *buf = NULL;
99 size_t buflen, outlen;
100 int ret = 0;
101
102 /* Space for cipher bytes, plus reneg SCSV and two spare bytes. */
103 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
104 buflen = cb_len + 2 + 2;
105 CHECK((buf = calloc(1, buflen)) != NULL);
106
107 /* Clear renegotiate so it adds SCSV */
108 s->renegotiate = 0;
109
110 CHECK_GOTO(CBB_init_fixed(&cbb, buf, buflen));
111 CHECK_GOTO(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
112 CHECK_GOTO(CBB_finish(&cbb, NULL, &outlen));
113
114 CHECK_GOTO(outlen > 0 && outlen == cb_len + 2);
115 CHECK_GOTO(memcmp(buf, cb, cb_len) == 0);
116 CHECK_GOTO(buf[buflen - 4] == 0x00 && buf[buflen - 3] == 0xff);
117 CHECK_GOTO(buf[buflen - 2] == 0x00 && buf[buflen - 1] == 0x00);
118
119 ret = 1;
120
121 err:
122 free(buf);
123 return ret;
124}
125
126static int
127ssl_list_to_bytes_no_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers,
128 const uint8_t *cb, size_t cb_len)
129{
130 CBB cbb;
131 unsigned char *buf = NULL;
132 size_t buflen, outlen;
133 int ret = 0;
134
135 /* Space for cipher bytes and two spare bytes */
136 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
137 buflen = cb_len + 2;
138 CHECK((buf = calloc(1, buflen)) != NULL);
139 buf[buflen - 2] = 0xfe;
140 buf[buflen - 1] = 0xab;
141
142 /* Set renegotiate so it doesn't add SCSV */
143 s->renegotiate = 1;
144
145 CHECK_GOTO(CBB_init_fixed(&cbb, buf, buflen));
146 CHECK_GOTO(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
147 CHECK_GOTO(CBB_finish(&cbb, NULL, &outlen));
148
149 CHECK_GOTO(outlen > 0 && outlen == cb_len);
150 CHECK_GOTO(memcmp(buf, cb, cb_len) == 0);
151 CHECK_GOTO(buf[buflen - 2] == 0xfe && buf[buflen - 1] == 0xab);
152
153 ret = 1;
154
155 err:
156 free(buf);
157 return ret;
158}
159
160static int
161ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
162{
163 uint8_t empty_cipher_bytes[] = {0};
164 CBS cbs;
165
166 sk_SSL_CIPHER_free(*ciphers);
167
168 /* Invalid length: CipherSuite is 2 bytes so it must be even */
169 CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes) - 1);
170 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
171 CHECK(*ciphers == NULL);
172
173 /* Invalid length: cipher_suites must be at least 2 */
174 CBS_init(&cbs, empty_cipher_bytes, sizeof(empty_cipher_bytes));
175 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
176 CHECK(*ciphers == NULL);
177
178 return 1;
179}
180
181int
182main(void)
183{
184 STACK_OF(SSL_CIPHER) *ciphers = NULL;
185 SSL_CTX *ctx = NULL;
186 SSL *s = NULL;
187 int rv = 1;
188
189 SSL_library_init();
190
191 /* Use TLSv1.2 client to get all ciphers. */
192 CHECK_GOTO((ctx = SSL_CTX_new(TLSv1_2_client_method())) != NULL);
193 CHECK_GOTO((s = SSL_new(ctx)) != NULL);
194 SSL_set_security_level(s, 2);
195
196 if (!ssl_bytes_to_list_alloc(s, &ciphers))
197 goto err;
198 if (!ssl_list_to_bytes_scsv(s, &ciphers, cipher_bytes,
199 sizeof(cipher_bytes)))
200 goto err;
201 if (!ssl_list_to_bytes_no_scsv(s, &ciphers, cipher_bytes,
202 sizeof(cipher_bytes)))
203 goto err;
204 if (!ssl_bytes_to_list_invalid(s, &ciphers))
205 goto err;
206
207 sk_SSL_CIPHER_free(ciphers);
208 ciphers = NULL;
209
210 SSL_set_security_level(s, 3);
211 if (!ssl_bytes_to_list_alloc(s, &ciphers))
212 goto err;
213 if (!ssl_list_to_bytes_scsv(s, &ciphers, cipher_bytes_seclevel3,
214 sizeof(cipher_bytes_seclevel3)))
215 goto err;
216 if (!ssl_list_to_bytes_no_scsv(s, &ciphers, cipher_bytes_seclevel3,
217 sizeof(cipher_bytes_seclevel3)))
218 goto err;
219
220 rv = 0;
221
222 err:
223 sk_SSL_CIPHER_free(ciphers);
224 SSL_CTX_free(ctx);
225 SSL_free(s);
226
227 if (!rv)
228 printf("PASS %s\n", __FILE__);
229
230 return rv;
231}
diff --git a/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c b/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c
deleted file mode 100644
index 33efc15f10..0000000000
--- a/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c
+++ /dev/null
@@ -1,482 +0,0 @@
1/* $OpenBSD: ssl_get_shared_ciphers.c,v 1.11 2022/02/05 18:19:39 tb Exp $ */
2/*
3 * Copyright (c) 2021 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <stdint.h>
19#include <stdio.h>
20#include <stdlib.h>
21#include <string.h>
22
23#include <openssl/bio.h>
24#include <openssl/crypto.h>
25#include <openssl/err.h>
26#include <openssl/ssl.h>
27
28struct peer_config {
29 const char *name;
30 int server;
31 uint16_t max_version;
32 uint16_t min_version;
33 const char *ciphers;
34};
35
36struct ssl_shared_ciphers_test_data {
37 const char *description;
38 struct peer_config client_config;
39 struct peer_config server_config;
40 const char *shared_ciphers;
41 const char *shared_ciphers_without_aesni;
42};
43
44char *server_cert;
45char *server_key;
46
47static const struct ssl_shared_ciphers_test_data ssl_shared_ciphers_tests[] = {
48 {
49 .description = "TLSv1.3 defaults",
50 .client_config = {
51 .name = "client",
52 .server = 0,
53 .max_version = TLS1_3_VERSION,
54 .min_version = TLS1_3_VERSION,
55 .ciphers =
56 "TLS_AES_256_GCM_SHA384:"
57 "TLS_CHACHA20_POLY1305_SHA256:"
58 "TLS_AES_128_GCM_SHA256",
59 },
60 .server_config = {
61 .name = "server",
62 .server = 1,
63 .max_version = TLS1_3_VERSION,
64 .min_version = TLS1_3_VERSION,
65 .ciphers =
66 "TLS_AES_256_GCM_SHA384:"
67 "TLS_CHACHA20_POLY1305_SHA256:"
68 "TLS_AES_128_GCM_SHA256",
69 },
70 .shared_ciphers =
71 "TLS_AES_256_GCM_SHA384:"
72 "TLS_CHACHA20_POLY1305_SHA256:"
73 "TLS_AES_128_GCM_SHA256",
74 },
75
76 {
77 .description = "TLSv1.3, client without ChaCha",
78 .client_config = {
79 .name = "client",
80 .server = 0,
81 .max_version = TLS1_3_VERSION,
82 .min_version = TLS1_3_VERSION,
83 .ciphers =
84 "TLS_AES_256_GCM_SHA384:"
85 "TLS_AES_128_GCM_SHA256",
86 },
87 .server_config = {
88 .name = "server",
89 .server = 1,
90 .max_version = TLS1_3_VERSION,
91 .min_version = TLS1_3_VERSION,
92 .ciphers =
93 "TLS_AES_256_GCM_SHA384:"
94 "TLS_CHACHA20_POLY1305_SHA256:"
95 "TLS_AES_128_GCM_SHA256",
96 },
97 .shared_ciphers =
98 "TLS_AES_256_GCM_SHA384:"
99 "TLS_AES_128_GCM_SHA256",
100 },
101
102 {
103 .description = "TLSv1.2",
104 .client_config = {
105 .name = "client",
106 .server = 0,
107 .max_version = TLS1_2_VERSION,
108 .min_version = TLS1_2_VERSION,
109 .ciphers =
110 "ECDHE-RSA-AES256-GCM-SHA384:"
111 "ECDHE-ECDSA-AES256-GCM-SHA384:"
112 "ECDHE-RSA-AES256-SHA384:"
113 "ECDHE-ECDSA-AES256-SHA384:"
114 "ECDHE-RSA-AES256-SHA:"
115 "ECDHE-ECDSA-AES256-SHA",
116 },
117 .server_config = {
118 .name = "server",
119 .server = 1,
120 .max_version = TLS1_2_VERSION,
121 .min_version = TLS1_2_VERSION,
122 .ciphers =
123 "ECDHE-RSA-AES256-GCM-SHA384:"
124 "ECDHE-ECDSA-AES256-GCM-SHA384:"
125 "ECDHE-RSA-AES256-SHA384:"
126 "ECDHE-ECDSA-AES256-SHA384:"
127 "ECDHE-RSA-AES256-SHA:"
128 "ECDHE-ECDSA-AES256-SHA",
129 },
130 .shared_ciphers =
131 "ECDHE-RSA-AES256-GCM-SHA384:"
132 "ECDHE-ECDSA-AES256-GCM-SHA384:"
133 "ECDHE-RSA-AES256-SHA384:"
134 "ECDHE-ECDSA-AES256-SHA384:"
135 "ECDHE-RSA-AES256-SHA:"
136 "ECDHE-ECDSA-AES256-SHA",
137 },
138
139 {
140 .description = "TLSv1.2, server without ECDSA",
141 .client_config = {
142 .name = "client",
143 .server = 0,
144 .max_version = TLS1_2_VERSION,
145 .min_version = TLS1_2_VERSION,
146 .ciphers =
147 "ECDHE-RSA-AES256-GCM-SHA384:"
148 "ECDHE-ECDSA-AES256-GCM-SHA384:"
149 "ECDHE-RSA-AES256-SHA384:"
150 "ECDHE-ECDSA-AES256-SHA384:"
151 "ECDHE-RSA-AES256-SHA:"
152 "ECDHE-ECDSA-AES256-SHA",
153 },
154 .server_config = {
155 .name = "server",
156 .server = 1,
157 .max_version = TLS1_2_VERSION,
158 .min_version = TLS1_2_VERSION,
159 .ciphers =
160 "ECDHE-RSA-AES256-GCM-SHA384:"
161 "ECDHE-RSA-AES256-SHA384:"
162 "ECDHE-RSA-AES256-SHA",
163 },
164 .shared_ciphers =
165 "ECDHE-RSA-AES256-GCM-SHA384:"
166 "ECDHE-RSA-AES256-SHA384:"
167 "ECDHE-RSA-AES256-SHA",
168 },
169
170 {
171 .description = "TLSv1.3 ciphers are prepended",
172 .client_config = {
173 .name = "client",
174 .server = 0,
175 .max_version = TLS1_3_VERSION,
176 .min_version = TLS1_2_VERSION,
177 .ciphers =
178 "ECDHE-RSA-AES256-GCM-SHA384",
179 },
180 .server_config = {
181 .name = "server",
182 .server = 1,
183 .max_version = TLS1_3_VERSION,
184 .min_version = TLS1_2_VERSION,
185 .ciphers =
186 "ECDHE-RSA-AES256-GCM-SHA384",
187 },
188 .shared_ciphers =
189 "TLS_AES_256_GCM_SHA384:"
190 "TLS_CHACHA20_POLY1305_SHA256:"
191 "TLS_AES_128_GCM_SHA256:"
192 "ECDHE-RSA-AES256-GCM-SHA384",
193 .shared_ciphers_without_aesni =
194 "TLS_CHACHA20_POLY1305_SHA256:"
195 "TLS_AES_256_GCM_SHA384:"
196 "TLS_AES_128_GCM_SHA256:"
197 "ECDHE-RSA-AES256-GCM-SHA384",
198 },
199};
200
201static const size_t N_SHARED_CIPHERS_TESTS =
202 sizeof(ssl_shared_ciphers_tests) / sizeof(ssl_shared_ciphers_tests[0]);
203
204static SSL_CTX *
205peer_config_to_ssl_ctx(const struct peer_config *config)
206{
207 SSL_CTX *ctx;
208
209 if ((ctx = SSL_CTX_new(TLS_method())) == NULL) {
210 fprintf(stderr, "SSL_CTX_new(%s) failed\n", config->name);
211 goto err;
212 }
213 if (!SSL_CTX_set_max_proto_version(ctx, config->max_version)) {
214 fprintf(stderr, "max_proto_version(%s) failed\n", config->name);
215 goto err;
216 }
217 if (!SSL_CTX_set_min_proto_version(ctx, config->min_version)) {
218 fprintf(stderr, "min_proto_version(%s) failed\n", config->name);
219 goto err;
220 }
221 if (!SSL_CTX_set_cipher_list(ctx, config->ciphers)) {
222 fprintf(stderr, "set_cipher_list(%s) failed\n", config->name);
223 goto err;
224 }
225
226 if (config->server) {
227 if (!SSL_CTX_use_certificate_file(ctx, server_cert,
228 SSL_FILETYPE_PEM)) {
229 fprintf(stderr, "use_certificate_file(%s) failed\n",
230 config->name);
231 goto err;
232 }
233 if (!SSL_CTX_use_PrivateKey_file(ctx, server_key,
234 SSL_FILETYPE_PEM)) {
235 fprintf(stderr, "use_PrivateKey_file(%s) failed\n",
236 config->name);
237 goto err;
238 }
239 }
240
241 return ctx;
242
243 err:
244 SSL_CTX_free(ctx);
245 return NULL;
246}
247
248/* Connect client and server via a pair of "nonblocking" memory BIOs. */
249static int
250connect_peers(SSL *client_ssl, SSL *server_ssl, const char *description)
251{
252 BIO *client_wbio = NULL, *server_wbio = NULL;
253 int ret = 0;
254
255 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL) {
256 fprintf(stderr, "%s: failed to create client BIO\n",
257 description);
258 goto err;
259 }
260 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL) {
261 fprintf(stderr, "%s: failed to create server BIO\n",
262 description);
263 goto err;
264 }
265 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0) {
266 fprintf(stderr, "%s: failed to set client eof return\n",
267 description);
268 goto err;
269 }
270 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0) {
271 fprintf(stderr, "%s: failed to set server eof return\n",
272 description);
273 goto err;
274 }
275
276 /* Avoid double free. SSL_set_bio() takes ownership of the BIOs. */
277 BIO_up_ref(client_wbio);
278 BIO_up_ref(server_wbio);
279
280 SSL_set_bio(client_ssl, server_wbio, client_wbio);
281 SSL_set_bio(server_ssl, client_wbio, server_wbio);
282 client_wbio = NULL;
283 server_wbio = NULL;
284
285 ret = 1;
286
287 err:
288 BIO_free(client_wbio);
289 BIO_free(server_wbio);
290
291 return ret;
292}
293
294static int
295push_data_to_peer(SSL *ssl, int *ret, int (*func)(SSL *), const char *func_name,
296 const char *description)
297{
298 int ssl_err = 0;
299
300 if (*ret == 1)
301 return 1;
302
303 /*
304 * Do SSL_connect/SSL_accept/SSL_shutdown once and loop while hitting
305 * WANT_WRITE. If done or on WANT_READ hand off to peer.
306 */
307
308 do {
309 if ((*ret = func(ssl)) <= 0)
310 ssl_err = SSL_get_error(ssl, *ret);
311 } while (*ret <= 0 && ssl_err == SSL_ERROR_WANT_WRITE);
312
313 /* Ignore erroneous error - see SSL_shutdown(3)... */
314 if (func == SSL_shutdown && ssl_err == SSL_ERROR_SYSCALL)
315 return 1;
316
317 if (*ret <= 0 && ssl_err != SSL_ERROR_WANT_READ) {
318 fprintf(stderr, "%s: %s failed\n", description, func_name);
319 ERR_print_errors_fp(stderr);
320 return 0;
321 }
322
323 return 1;
324}
325
326/*
327 * Alternate between loops of SSL_connect() and SSL_accept() as long as only
328 * WANT_READ and WANT_WRITE situations are encountered. A function is repeated
329 * until WANT_READ is returned or it succeeds, then it's the other function's
330 * turn to make progress. Succeeds if SSL_connect() and SSL_accept() return 1.
331 */
332static int
333handshake(SSL *client_ssl, SSL *server_ssl, const char *description)
334{
335 int loops = 0, client_ret = 0, server_ret = 0;
336
337 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
338 if (!push_data_to_peer(client_ssl, &client_ret, SSL_connect,
339 "SSL_connect", description))
340 return 0;
341
342 if (!push_data_to_peer(server_ssl, &server_ret, SSL_accept,
343 "SSL_accept", description))
344 return 0;
345 }
346
347 if (client_ret != 1 || server_ret != 1) {
348 fprintf(stderr, "%s: failed\n", __func__);
349 return 0;
350 }
351
352 return 1;
353}
354
355static int
356shutdown_peers(SSL *client_ssl, SSL *server_ssl, const char *description)
357{
358 int loops = 0, client_ret = 0, server_ret = 0;
359
360 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
361 if (!push_data_to_peer(client_ssl, &client_ret, SSL_shutdown,
362 "client shutdown", description))
363 return 0;
364
365 if (!push_data_to_peer(server_ssl, &server_ret, SSL_shutdown,
366 "server shutdown", description))
367 return 0;
368 }
369
370 if (client_ret != 1 || server_ret != 1) {
371 fprintf(stderr, "%s: failed\n", __func__);
372 return 0;
373 }
374
375 return 1;
376}
377
378/* from ssl_ciph.c */
379static inline int
380ssl_aes_is_accelerated(void)
381{
382#if defined(__i386__) || defined(__x86_64__)
383 return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
384#else
385 return (0);
386#endif
387}
388
389static int
390check_shared_ciphers(const struct ssl_shared_ciphers_test_data *test,
391 const char *got)
392{
393 const char *want = test->shared_ciphers;
394 int failed;
395
396 if (!ssl_aes_is_accelerated() &&
397 test->shared_ciphers_without_aesni != NULL)
398 want = test->shared_ciphers_without_aesni;
399
400 failed = strcmp(want, got);
401
402 if (failed)
403 fprintf(stderr, "%s: want \"%s\", got \"%s\"\n",
404 test->description, want, got);
405
406 return failed;
407}
408
409static int
410test_get_shared_ciphers(const struct ssl_shared_ciphers_test_data *test)
411{
412 SSL_CTX *client_ctx = NULL, *server_ctx = NULL;
413 SSL *client_ssl = NULL, *server_ssl = NULL;
414 char buf[4096];
415 int failed = 1;
416
417 if ((client_ctx = peer_config_to_ssl_ctx(&test->client_config)) == NULL)
418 goto err;
419 if ((server_ctx = peer_config_to_ssl_ctx(&test->server_config)) == NULL)
420 goto err;
421
422 if ((client_ssl = SSL_new(client_ctx)) == NULL) {
423 fprintf(stderr, "%s: failed to create client SSL\n",
424 test->description);
425 goto err;
426 }
427 if ((server_ssl = SSL_new(server_ctx)) == NULL) {
428 fprintf(stderr, "%s: failed to create server SSL\n",
429 test->description);
430 goto err;
431 }
432
433 if (!connect_peers(client_ssl, server_ssl, test->description))
434 goto err;
435
436 if (!handshake(client_ssl, server_ssl, test->description))
437 goto err;
438
439 if (SSL_get_shared_ciphers(server_ssl, buf, sizeof(buf)) == NULL) {
440 fprintf(stderr, "%s: failed to get shared ciphers\n",
441 test->description);
442 goto err;
443 }
444
445 if (!shutdown_peers(client_ssl, server_ssl, test->description))
446 goto err;
447
448 failed = check_shared_ciphers(test, buf);
449
450 err:
451 SSL_CTX_free(client_ctx);
452 SSL_CTX_free(server_ctx);
453 SSL_free(client_ssl);
454 SSL_free(server_ssl);
455
456 return failed;
457}
458
459int
460main(int argc, char **argv)
461{
462 size_t i;
463 int failed = 0;
464
465 if (asprintf(&server_cert, "%s/server.pem", CERTSDIR) == -1) {
466 fprintf(stderr, "asprintf server_cert failed\n");
467 failed = 1;
468 goto err;
469 }
470 server_key = server_cert;
471
472 for (i = 0; i < N_SHARED_CIPHERS_TESTS; i++)
473 failed |= test_get_shared_ciphers(&ssl_shared_ciphers_tests[i]);
474
475 if (failed == 0)
476 printf("PASS %s\n", __FILE__);
477
478 err:
479 free(server_cert);
480
481 return failed;
482}
diff --git a/src/regress/lib/libssl/unit/ssl_methods.c b/src/regress/lib/libssl/unit/ssl_methods.c
deleted file mode 100644
index 0fc33a406c..0000000000
--- a/src/regress/lib/libssl/unit/ssl_methods.c
+++ /dev/null
@@ -1,267 +0,0 @@
1/* $OpenBSD: ssl_methods.c,v 1.4 2021/04/04 20:21:43 tb Exp $ */
2/*
3 * Copyright (c) 2020 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <stdio.h>
19
20#include <openssl/ssl.h>
21
22struct ssl_method_test_data {
23 const SSL_METHOD *(*method)(void);
24 const char *name;
25 int server;
26 int dtls;
27};
28
29struct ssl_method_test_data ssl_method_tests[] = {
30 {
31 .method = SSLv23_method,
32 .name = "SSLv23_method",
33 .server = 1,
34 .dtls = 0,
35 },
36 {
37 .method = SSLv23_server_method,
38 .name = "SSLv23_server_method",
39 .server = 1,
40 .dtls = 0,
41 },
42 {
43 .method = SSLv23_client_method,
44 .name = "SSLv23_client_method",
45 .server = 0,
46 .dtls = 0,
47 },
48
49 {
50 .method = TLSv1_method,
51 .name = "TLSv1_method",
52 .server = 1,
53 .dtls = 0,
54 },
55 {
56 .method = TLSv1_server_method,
57 .name = "TLSv1_server_method",
58 .server = 1,
59 .dtls = 0,
60 },
61 {
62 .method = TLSv1_client_method,
63 .name = "TLSv1_client_method",
64 .server = 0,
65 .dtls = 0,
66 },
67
68 {
69 .method = TLSv1_1_method,
70 .name = "TLSv1_1_method",
71 .server = 1,
72 .dtls = 0,
73 },
74 {
75 .method = TLSv1_1_server_method,
76 .name = "TLSv1_1_server_method",
77 .server = 1,
78 .dtls = 0,
79 },
80 {
81 .method = TLSv1_1_client_method,
82 .name = "TLSv1_1_client_method",
83 .server = 0,
84 .dtls = 0,
85 },
86
87 {
88 .method = TLSv1_2_method,
89 .name = "TLSv1_2_method",
90 .server = 1,
91 .dtls = 0,
92 },
93 {
94 .method = TLSv1_2_server_method,
95 .name = "TLSv1_2_server_method",
96 .server = 1,
97 .dtls = 0,
98 },
99 {
100 .method = TLSv1_2_client_method,
101 .name = "TLSv1_2_client_method",
102 .server = 0,
103 .dtls = 0,
104 },
105
106 {
107 .method = TLS_method,
108 .name = "TLS_method",
109 .server = 1,
110 .dtls = 0,
111 },
112 {
113 .method = TLS_server_method,
114 .name = "TLS_server_method",
115 .server = 1,
116 .dtls = 0,
117 },
118 {
119 .method = TLS_client_method,
120 .name = "TLS_client_method",
121 .server = 0,
122 .dtls = 0,
123 },
124
125 {
126 .method = DTLSv1_method,
127 .name = "DTLSv1_method",
128 .server = 1,
129 .dtls = 1,
130 },
131 {
132 .method = DTLSv1_server_method,
133 .name = "DTLSv1_server_method",
134 .server = 1,
135 .dtls = 1,
136 },
137 {
138 .method = DTLSv1_client_method,
139 .name = "DTLSv1_client_method",
140 .server = 0,
141 .dtls = 1,
142 },
143
144 {
145 .method = DTLSv1_2_method,
146 .name = "DTLSv1_2_method",
147 .server = 1,
148 .dtls = 1,
149 },
150 {
151 .method = DTLSv1_2_server_method,
152 .name = "DTLSv1_2_server_method",
153 .server = 1,
154 .dtls = 1,
155 },
156 {
157 .method = DTLSv1_2_client_method,
158 .name = "DTLSv1_2_client_method",
159 .server = 0,
160 .dtls = 1,
161 },
162
163 {
164 .method = DTLS_method,
165 .name = "DTLS_method",
166 .server = 1,
167 .dtls = 1,
168 },
169 {
170 .method = DTLS_server_method,
171 .name = "DTLS_server_method",
172 .server = 1,
173 .dtls = 1,
174 },
175 {
176 .method = DTLS_client_method,
177 .name = "DTLS_client_method",
178 .server = 0,
179 .dtls = 1,
180 },
181};
182
183#define N_METHOD_TESTS (sizeof(ssl_method_tests) / sizeof(ssl_method_tests[0]))
184
185int test_client_or_server_method(struct ssl_method_test_data *);
186int test_dtls_method(struct ssl_method_test_data *);
187
188int
189test_client_or_server_method(struct ssl_method_test_data *testcase)
190{
191 SSL_CTX *ssl_ctx;
192 SSL *ssl = NULL;
193 int failed = 1;
194
195 if ((ssl_ctx = SSL_CTX_new(testcase->method())) == NULL) {
196 fprintf(stderr, "SSL_CTX_new returned NULL\n");
197 goto err;
198 }
199
200 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
201 fprintf(stderr, "SSL_new returned NULL\n");
202 goto err;
203 }
204
205 if (SSL_is_server(ssl) != testcase->server) {
206 fprintf(stderr, "%s: SSL_is_server: want %d, got %d\n",
207 testcase->name, testcase->server, SSL_is_server(ssl));
208 goto err;
209 }
210
211 failed = 0;
212
213 err:
214 SSL_free(ssl);
215 SSL_CTX_free(ssl_ctx);
216
217 return failed;
218}
219
220int
221test_dtls_method(struct ssl_method_test_data *testcase)
222{
223 SSL_CTX *ssl_ctx;
224 SSL *ssl = NULL;
225 int failed = 1;
226
227 if ((ssl_ctx = SSL_CTX_new(testcase->method())) == NULL) {
228 fprintf(stderr, "SSL_CTX_new returned NULL\n");
229 goto err;
230 }
231
232 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
233 fprintf(stderr, "SSL_new returned NULL\n");
234 goto err;
235 }
236
237 if (SSL_is_dtls(ssl) != testcase->dtls) {
238 fprintf(stderr, "%s: SSL_is_dtls: want %d, got %d\n",
239 testcase->name, testcase->dtls, SSL_is_dtls(ssl));
240 goto err;
241 }
242
243 failed = 0;
244
245 err:
246 SSL_free(ssl);
247 SSL_CTX_free(ssl_ctx);
248
249 return failed;
250}
251
252int
253main(int argc, char **argv)
254{
255 size_t i;
256 int failed = 0;
257
258 for (i = 0; i < N_METHOD_TESTS; i++) {
259 failed |= test_client_or_server_method(&ssl_method_tests[i]);
260 failed |= test_dtls_method(&ssl_method_tests[i]);
261 }
262
263 if (failed == 0)
264 printf("PASS %s\n", __FILE__);
265
266 return failed;
267}
diff --git a/src/regress/lib/libssl/unit/ssl_set_alpn_protos.c b/src/regress/lib/libssl/unit/ssl_set_alpn_protos.c
deleted file mode 100644
index 87dd4d9e5a..0000000000
--- a/src/regress/lib/libssl/unit/ssl_set_alpn_protos.c
+++ /dev/null
@@ -1,204 +0,0 @@
1/* $OpenBSD: ssl_set_alpn_protos.c,v 1.2 2022/07/21 03:59:04 tb Exp $ */
2/*
3 * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdio.h>
20
21#include <openssl/ssl.h>
22
23struct alpn_test {
24 const char *description;
25 const uint8_t protocols[24];
26 size_t protocols_len;
27 int ret;
28};
29
30static const struct alpn_test alpn_tests[] = {
31 {
32 .description = "valid protocol list",
33 .protocols = {
34 6, 's', 'p', 'd', 'y', '/', '1',
35 8, 'h', 't', 't', 'p', '/', '1', '.', '1',
36 },
37 .protocols_len = 16,
38 .ret = 0,
39 },
40 {
41 .description = "zero length protocol",
42 .protocols = {
43 0,
44 },
45 .protocols_len = 1,
46 .ret = 1,
47 },
48 {
49 .description = "zero length protocol at start",
50 .protocols = {
51 0,
52 8, 'h', 't', 't', 'p', '/', '1', '.', '1',
53 6, 's', 'p', 'd', 'y', '/', '1',
54 },
55 .protocols_len = 17,
56 .ret = 1,
57 },
58 {
59 .description = "zero length protocol embedded",
60 .protocols = {
61 8, 'h', 't', 't', 'p', '/', '1', '.', '1',
62 0,
63 6, 's', 'p', 'd', 'y', '/', '1',
64 },
65 .protocols_len = 17,
66 .ret = 1,
67 },
68 {
69 .description = "zero length protocol at end",
70 .protocols = {
71 8, 'h', 't', 't', 'p', '/', '1', '.', '1',
72 6, 's', 'p', 'd', 'y', '/', '1',
73 0,
74 },
75 .protocols_len = 17,
76 .ret = 1,
77 },
78 {
79 .description = "protocol length too short",
80 .protocols = {
81 6, 'h', 't', 't', 'p', '/', '1', '.', '1',
82 },
83 .protocols_len = 9,
84 .ret = 1,
85 },
86 {
87 .description = "protocol length too long",
88 .protocols = {
89 8, 's', 'p', 'd', 'y', '/', '1',
90 },
91 .protocols_len = 7,
92 .ret = 1,
93 },
94};
95
96static const size_t N_ALPN_TESTS = sizeof(alpn_tests) / sizeof(alpn_tests[0]);
97
98static int
99test_ssl_set_alpn_protos(const struct alpn_test *tc)
100{
101 SSL_CTX *ctx;
102 SSL *ssl;
103 int ret;
104 int failed = 0;
105
106 if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
107 errx(1, "SSL_CTX_new");
108
109 ret = SSL_CTX_set_alpn_protos(ctx, tc->protocols, tc->protocols_len);
110 if (ret != tc->ret) {
111 warnx("%s: setting on SSL_CTX: want %d, got %d",
112 tc->description, tc->ret, ret);
113 failed = 1;
114 }
115
116 if ((ssl = SSL_new(ctx)) == NULL)
117 errx(1, "SSL_new");
118
119 ret = SSL_set_alpn_protos(ssl, tc->protocols, tc->protocols_len);
120 if (ret != tc->ret) {
121 warnx("%s: setting on SSL: want %d, got %d",
122 tc->description, tc->ret, ret);
123 failed = 1;
124 }
125
126 SSL_CTX_free(ctx);
127 SSL_free(ssl);
128
129 return failed;
130}
131
132static int
133test_ssl_set_alpn_protos_edge_cases(void)
134{
135 SSL_CTX *ctx;
136 SSL *ssl;
137 const uint8_t valid[] = {
138 6, 's', 'p', 'd', 'y', '/', '3',
139 8, 'h', 't', 't', 'p', '/', '1', '.', '1',
140 };
141 int failed = 0;
142
143 if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
144 errx(1, "SSL_CTX_new");
145
146 if (SSL_CTX_set_alpn_protos(ctx, valid, sizeof(valid)) != 0) {
147 warnx("setting valid protocols on SSL_CTX failed");
148 failed = 1;
149 }
150 if (SSL_CTX_set_alpn_protos(ctx, NULL, 0) != 0) {
151 warnx("setting 'NULL, 0' on SSL_CTX failed");
152 failed = 1;
153 }
154 if (SSL_CTX_set_alpn_protos(ctx, valid, 0) != 0) {
155 warnx("setting 'valid, 0' on SSL_CTX failed");
156 failed = 1;
157 }
158 if (SSL_CTX_set_alpn_protos(ctx, NULL, 43) != 0) {
159 warnx("setting 'NULL, 43' on SSL_CTX failed");
160 failed = 1;
161 }
162
163 if ((ssl = SSL_new(ctx)) == NULL)
164 errx(1, "SSL_new");
165
166 if (SSL_set_alpn_protos(ssl, valid, sizeof(valid)) != 0) {
167 warnx("setting valid protocols on SSL failed");
168 failed = 1;
169 }
170 if (SSL_set_alpn_protos(ssl, NULL, 0) != 0) {
171 warnx("setting 'NULL, 0' on SSL failed");
172 failed = 1;
173 }
174 if (SSL_set_alpn_protos(ssl, valid, 0) != 0) {
175 warnx("setting 'valid, 0' on SSL failed");
176 failed = 1;
177 }
178 if (SSL_set_alpn_protos(ssl, NULL, 43) != 0) {
179 warnx("setting 'NULL, 43' on SSL failed");
180 failed = 1;
181 }
182
183 SSL_CTX_free(ctx);
184 SSL_free(ssl);
185
186 return failed;
187}
188
189int
190main(void)
191{
192 size_t i;
193 int failed = 0;
194
195 for (i = 0; i < N_ALPN_TESTS; i++)
196 failed |= test_ssl_set_alpn_protos(&alpn_tests[i]);
197
198 failed |= test_ssl_set_alpn_protos_edge_cases();
199
200 if (!failed)
201 printf("PASS %s\n", __FILE__);
202
203 return failed;
204}
diff --git a/src/regress/lib/libssl/unit/ssl_verify_param.c b/src/regress/lib/libssl/unit/ssl_verify_param.c
deleted file mode 100644
index cdb52c56a8..0000000000
--- a/src/regress/lib/libssl/unit/ssl_verify_param.c
+++ /dev/null
@@ -1,99 +0,0 @@
1/* $OpenBSD: ssl_verify_param.c,v 1.1 2023/05/24 08:54:59 tb Exp $ */
2
3/*
4 * Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#include <err.h>
20#include <stdio.h>
21
22#include <openssl/ssl.h>
23#include <openssl/x509v3.h>
24
25unsigned int X509_VERIFY_PARAM_get_hostflags(X509_VERIFY_PARAM *param);
26
27static int
28ssl_verify_param_flags_inherited(void)
29{
30 SSL_CTX *ssl_ctx = NULL;
31 SSL *ssl = NULL;
32 X509_VERIFY_PARAM *param;
33 unsigned int defaultflags = 0;
34 unsigned int newflags = X509_CHECK_FLAG_NEVER_CHECK_SUBJECT;
35 unsigned int flags;
36 int failed = 1;
37
38 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
39 errx(1, "SSL_CTX_new");
40
41 if ((param = SSL_CTX_get0_param(ssl_ctx)) == NULL) {
42 fprintf(stderr, "FAIL: no verify param on ssl_ctx\n");
43 goto failure;
44 }
45
46 if ((flags = X509_VERIFY_PARAM_get_hostflags(param)) != defaultflags) {
47 fprintf(stderr, "FAIL: SSL_CTX default hostflags, "
48 "want: %x, got: %x\n", defaultflags, flags);
49 goto failure;
50 }
51
52 X509_VERIFY_PARAM_set_hostflags(param, newflags);
53
54 if ((flags = X509_VERIFY_PARAM_get_hostflags(param)) != newflags) {
55 fprintf(stderr, "FAIL: SSL_CTX new hostflags, "
56 "want: %x, got: %x\n", newflags, flags);
57 goto failure;
58 }
59
60 if ((ssl = SSL_new(ssl_ctx)) == NULL)
61 errx(1, "SSL_new");
62
63 if ((param = SSL_get0_param(ssl)) == NULL) {
64 fprintf(stderr, "FAIL: no verify param on ssl\n");
65 goto failure;
66 }
67
68 if ((flags = X509_VERIFY_PARAM_get_hostflags(param)) != newflags) {
69 fprintf(stderr, "FAIL: SSL inherited hostflags, "
70 "want: %x, got: %x\n", newflags, flags);
71 goto failure;
72 }
73
74 SSL_set_hostflags(ssl, defaultflags);
75
76 if ((flags = X509_VERIFY_PARAM_get_hostflags(param)) != defaultflags) {
77 fprintf(stderr, "FAIL: SSL set hostflags, "
78 "want: %x, got: %x\n", defaultflags, flags);
79 goto failure;
80 }
81
82 failed = 0;
83
84 failure:
85 SSL_CTX_free(ssl_ctx);
86 SSL_free(ssl);
87
88 return failed;
89}
90
91int
92main(void)
93{
94 int failed = 0;
95
96 failed |= ssl_verify_param_flags_inherited();
97
98 return failed;
99}
diff --git a/src/regress/lib/libssl/unit/ssl_versions.c b/src/regress/lib/libssl/unit/ssl_versions.c
deleted file mode 100644
index ebfe8d2c28..0000000000
--- a/src/regress/lib/libssl/unit/ssl_versions.c
+++ /dev/null
@@ -1,922 +0,0 @@
1/* $OpenBSD: ssl_versions.c,v 1.20 2023/07/02 17:21:33 beck Exp $ */
2/*
3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include "ssl_local.h"
21
22struct version_range_test {
23 const long options;
24 const uint16_t minver;
25 const uint16_t maxver;
26 const uint16_t want_minver;
27 const uint16_t want_maxver;
28};
29
30static struct version_range_test version_range_tests[] = {
31 {
32 .options = 0,
33 .minver = TLS1_VERSION,
34 .maxver = TLS1_3_VERSION,
35 .want_minver = TLS1_2_VERSION,
36 .want_maxver = TLS1_3_VERSION,
37 },
38 {
39 .options = 0,
40 .minver = TLS1_VERSION,
41 .maxver = TLS1_2_VERSION,
42 .want_minver = TLS1_2_VERSION,
43 .want_maxver = TLS1_2_VERSION,
44 },
45 {
46 .options = SSL_OP_NO_TLSv1,
47 .minver = TLS1_VERSION,
48 .maxver = TLS1_2_VERSION,
49 .want_minver = TLS1_2_VERSION,
50 .want_maxver = TLS1_2_VERSION,
51 },
52 {
53 .options = SSL_OP_NO_TLSv1_3,
54 .minver = TLS1_VERSION,
55 .maxver = TLS1_3_VERSION,
56 .want_minver = TLS1_2_VERSION,
57 .want_maxver = TLS1_2_VERSION,
58 },
59 {
60 .options = SSL_OP_NO_TLSv1_2,
61 .minver = TLS1_VERSION,
62 .maxver = TLS1_2_VERSION,
63 .want_minver = 0,
64 .want_maxver = 0,
65 },
66 {
67 .options = SSL_OP_NO_TLSv1_1,
68 .minver = TLS1_VERSION,
69 .maxver = TLS1_2_VERSION,
70 .want_minver = TLS1_2_VERSION,
71 .want_maxver = TLS1_2_VERSION,
72 },
73 {
74 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
75 .minver = TLS1_VERSION,
76 .maxver = TLS1_2_VERSION,
77 .want_minver = TLS1_2_VERSION,
78 .want_maxver = TLS1_2_VERSION,
79 },
80 {
81 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
82 .minver = TLS1_VERSION,
83 .maxver = TLS1_2_VERSION,
84 .want_minver = 0,
85 .want_maxver = 0,
86 },
87 {
88 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2,
89 .minver = TLS1_VERSION,
90 .maxver = TLS1_2_VERSION,
91 .want_minver = 0,
92 .want_maxver = 0,
93 },
94 {
95 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
96 SSL_OP_NO_TLSv1_2,
97 .minver = TLS1_VERSION,
98 .maxver = TLS1_2_VERSION,
99 .want_minver = 0,
100 .want_maxver = 0,
101 },
102 {
103 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
104 SSL_OP_NO_TLSv1_2,
105 .minver = TLS1_VERSION,
106 .maxver = TLS1_3_VERSION,
107 .want_minver = TLS1_3_VERSION,
108 .want_maxver = TLS1_3_VERSION,
109 },
110 {
111 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
112 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3,
113 .minver = TLS1_VERSION,
114 .maxver = TLS1_3_VERSION,
115 .want_minver = 0,
116 .want_maxver = 0,
117 },
118 {
119 .options = 0,
120 .minver = TLS1_VERSION,
121 .maxver = TLS1_2_VERSION,
122 .want_minver = TLS1_2_VERSION,
123 .want_maxver = TLS1_2_VERSION,
124 },
125 {
126 .options = 0,
127 .minver = TLS1_1_VERSION,
128 .maxver = TLS1_2_VERSION,
129 .want_minver = TLS1_2_VERSION,
130 .want_maxver = TLS1_2_VERSION,
131 },
132 {
133 .options = 0,
134 .minver = TLS1_2_VERSION,
135 .maxver = TLS1_2_VERSION,
136 .want_minver = TLS1_2_VERSION,
137 .want_maxver = TLS1_2_VERSION,
138 },
139 {
140 .options = 0,
141 .minver = TLS1_VERSION,
142 .maxver = TLS1_3_VERSION,
143 .want_minver = TLS1_2_VERSION,
144 .want_maxver = TLS1_3_VERSION,
145 },
146 {
147 .options = 0,
148 .minver = TLS1_1_VERSION,
149 .maxver = TLS1_3_VERSION,
150 .want_minver = TLS1_2_VERSION,
151 .want_maxver = TLS1_3_VERSION,
152 },
153 {
154 .options = 0,
155 .minver = TLS1_2_VERSION,
156 .maxver = TLS1_3_VERSION,
157 .want_minver = TLS1_2_VERSION,
158 .want_maxver = TLS1_3_VERSION,
159 },
160 {
161 .options = 0,
162 .minver = TLS1_3_VERSION,
163 .maxver = TLS1_3_VERSION,
164 .want_minver = TLS1_3_VERSION,
165 .want_maxver = TLS1_3_VERSION,
166 },
167 {
168 .options = 0,
169 .minver = TLS1_VERSION,
170 .maxver = TLS1_1_VERSION,
171 .want_minver = 0,
172 .want_maxver = 0,
173 },
174 {
175 .options = 0,
176 .minver = TLS1_VERSION,
177 .maxver = TLS1_VERSION,
178 .want_minver = 0,
179 .want_maxver = 0,
180 },
181};
182
183#define N_VERSION_RANGE_TESTS \
184 (sizeof(version_range_tests) / sizeof(*version_range_tests))
185
186static int
187test_ssl_enabled_version_range(void)
188{
189 struct version_range_test *vrt;
190 uint16_t minver, maxver;
191 SSL_CTX *ssl_ctx = NULL;
192 SSL *ssl = NULL;
193 int failed = 1;
194 size_t i;
195
196 fprintf(stderr, "INFO: starting enabled version range tests...\n");
197
198 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) {
199 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
200 goto failure;
201 }
202 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
203 fprintf(stderr, "SSL_new() returned NULL\n");
204 goto failure;
205 }
206
207 failed = 0;
208
209 for (i = 0; i < N_VERSION_RANGE_TESTS; i++) {
210 vrt = &version_range_tests[i];
211
212 SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
213 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
214 SSL_set_options(ssl, vrt->options);
215
216 minver = maxver = 0xffff;
217 ssl->min_tls_version = vrt->minver;
218 ssl->max_tls_version = vrt->maxver;
219
220 if (ssl_enabled_tls_version_range(ssl, &minver, &maxver) != 1) {
221 if (vrt->want_minver != 0 || vrt->want_maxver != 0) {
222 fprintf(stderr, "FAIL: test %zu - failed but "
223 "wanted non-zero versions\n", i);
224 failed++;
225 }
226 continue;
227 }
228 if (minver != vrt->want_minver) {
229 fprintf(stderr, "FAIL: test %zu - got minver %x, "
230 "want %x\n", i, minver, vrt->want_minver);
231 failed++;
232 }
233 if (maxver != vrt->want_maxver) {
234 fprintf(stderr, "FAIL: test %zu - got maxver %x, "
235 "want %x\n", i, maxver, vrt->want_maxver);
236 failed++;
237 }
238 }
239
240 failure:
241 SSL_CTX_free(ssl_ctx);
242 SSL_free(ssl);
243
244 return (failed);
245}
246
247struct shared_version_test {
248 const SSL_METHOD *(*ssl_method)(void);
249 const long options;
250 const uint16_t minver;
251 const uint16_t maxver;
252 const uint16_t peerver;
253 const uint16_t want_maxver;
254};
255
256static struct shared_version_test shared_version_tests[] = {
257 {
258 .ssl_method = TLS_method,
259 .options = 0,
260 .minver = TLS1_VERSION,
261 .maxver = TLS1_2_VERSION,
262 .peerver = SSL2_VERSION,
263 .want_maxver = 0,
264 },
265 {
266 .ssl_method = TLS_method,
267 .options = 0,
268 .minver = TLS1_VERSION,
269 .maxver = TLS1_2_VERSION,
270 .peerver = SSL3_VERSION,
271 .want_maxver = 0,
272 },
273 {
274 .ssl_method = TLS_method,
275 .options = 0,
276 .minver = TLS1_VERSION,
277 .maxver = TLS1_2_VERSION,
278 .peerver = TLS1_VERSION,
279 .want_maxver = 0,
280 },
281 {
282 .ssl_method = TLS_method,
283 .options = 0,
284 .minver = TLS1_VERSION,
285 .maxver = TLS1_2_VERSION,
286 .peerver = TLS1_1_VERSION,
287 .want_maxver = 0,
288 },
289 {
290 .ssl_method = TLS_method,
291 .options = 0,
292 .minver = TLS1_VERSION,
293 .maxver = TLS1_2_VERSION,
294 .peerver = TLS1_2_VERSION,
295 .want_maxver = TLS1_2_VERSION,
296 },
297 {
298 .ssl_method = TLS_method,
299 .options = 0,
300 .minver = TLS1_VERSION,
301 .maxver = TLS1_2_VERSION,
302 .peerver = TLS1_3_VERSION,
303 .want_maxver = TLS1_2_VERSION,
304 },
305 {
306 .ssl_method = TLS_method,
307 .options = 0,
308 .minver = TLS1_VERSION,
309 .maxver = TLS1_2_VERSION,
310 .peerver = 0x7f12,
311 .want_maxver = TLS1_2_VERSION,
312 },
313 {
314 .ssl_method = TLS_method,
315 .options = SSL_OP_NO_TLSv1_2,
316 .minver = TLS1_VERSION,
317 .maxver = TLS1_2_VERSION,
318 .peerver = TLS1_2_VERSION,
319 .want_maxver = 0,
320 },
321 {
322 .ssl_method = TLS_method,
323 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
324 .minver = TLS1_VERSION,
325 .maxver = TLS1_2_VERSION,
326 .peerver = TLS1_2_VERSION,
327 .want_maxver = 0,
328 },
329 {
330 .ssl_method = TLS_method,
331 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
332 .minver = TLS1_VERSION,
333 .maxver = TLS1_2_VERSION,
334 .peerver = TLS1_2_VERSION,
335 .want_maxver = 0,
336 },
337 {
338 .ssl_method = TLS_method,
339 .options = SSL_OP_NO_TLSv1,
340 .minver = TLS1_VERSION,
341 .maxver = TLS1_2_VERSION,
342 .peerver = TLS1_1_VERSION,
343 .want_maxver = 0,
344 },
345 {
346 .ssl_method = TLS_method,
347 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
348 .minver = TLS1_VERSION,
349 .maxver = TLS1_2_VERSION,
350 .peerver = TLS1_1_VERSION,
351 .want_maxver = 0,
352 },
353 {
354 .ssl_method = TLS_method,
355 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
356 .minver = TLS1_VERSION,
357 .maxver = TLS1_2_VERSION,
358 .peerver = TLS1_1_VERSION,
359 .want_maxver = 0,
360 },
361 {
362 .ssl_method = TLS_method,
363 .options = SSL_OP_NO_TLSv1,
364 .minver = TLS1_VERSION,
365 .maxver = TLS1_2_VERSION,
366 .peerver = TLS1_VERSION,
367 .want_maxver = 0,
368 },
369 {
370 .ssl_method = TLS_method,
371 .options = 0,
372 .minver = TLS1_VERSION,
373 .maxver = TLS1_1_VERSION,
374 .peerver = TLS1_2_VERSION,
375 .want_maxver = 0,
376 },
377 {
378 .ssl_method = TLS_method,
379 .options = 0,
380 .minver = TLS1_VERSION,
381 .maxver = TLS1_VERSION,
382 .peerver = TLS1_2_VERSION,
383 .want_maxver = 0,
384 },
385 {
386 .ssl_method = TLSv1_method,
387 .options = 0,
388 .minver = TLS1_VERSION,
389 .maxver = TLS1_2_VERSION,
390 .peerver = TLS1_VERSION,
391 .want_maxver = 0,
392 },
393 {
394 .ssl_method = TLSv1_method,
395 .options = 0,
396 .minver = TLS1_1_VERSION,
397 .maxver = TLS1_2_VERSION,
398 .peerver = TLS1_VERSION,
399 .want_maxver = 0,
400 },
401 {
402 .ssl_method = TLSv1_1_method,
403 .options = 0,
404 .minver = TLS1_VERSION,
405 .maxver = TLS1_2_VERSION,
406 .peerver = TLS1_1_VERSION,
407 .want_maxver = 0,
408 },
409 {
410 .ssl_method = DTLS_method,
411 .options = 0,
412 .minver = TLS1_1_VERSION,
413 .maxver = TLS1_2_VERSION,
414 .peerver = DTLS1_VERSION,
415 .want_maxver = 0,
416 },
417 {
418 .ssl_method = DTLS_method,
419 .options = 0,
420 .minver = TLS1_1_VERSION,
421 .maxver = TLS1_2_VERSION,
422 .peerver = DTLS1_2_VERSION,
423 .want_maxver = DTLS1_2_VERSION,
424 },
425 {
426 .ssl_method = DTLS_method,
427 .options = 0,
428 .minver = TLS1_1_VERSION,
429 .maxver = TLS1_2_VERSION,
430 .peerver = 0xfefc, /* DTLSv1.3, probably. */
431 .want_maxver = DTLS1_2_VERSION,
432 },
433 {
434 .ssl_method = DTLSv1_method,
435 .options = 0,
436 .minver = TLS1_1_VERSION,
437 .maxver = TLS1_1_VERSION,
438 .peerver = DTLS1_2_VERSION,
439 .want_maxver = 0,
440 },
441 {
442 .ssl_method = DTLSv1_2_method,
443 .options = 0,
444 .minver = TLS1_2_VERSION,
445 .maxver = TLS1_2_VERSION,
446 .peerver = DTLS1_2_VERSION,
447 .want_maxver = DTLS1_2_VERSION,
448 },
449 {
450 .ssl_method = DTLSv1_method,
451 .options = 0,
452 .minver = TLS1_1_VERSION,
453 .maxver = TLS1_1_VERSION,
454 .peerver = TLS1_2_VERSION,
455 .want_maxver = 0,
456 },
457 {
458 .ssl_method = DTLS_method,
459 .options = SSL_OP_NO_DTLSv1,
460 .minver = TLS1_1_VERSION,
461 .maxver = TLS1_2_VERSION,
462 .peerver = DTLS1_VERSION,
463 .want_maxver = 0,
464 },
465 {
466 .ssl_method = DTLS_method,
467 .options = SSL_OP_NO_DTLSv1,
468 .minver = TLS1_1_VERSION,
469 .maxver = TLS1_2_VERSION,
470 .peerver = DTLS1_2_VERSION,
471 .want_maxver = DTLS1_2_VERSION,
472 },
473 {
474 .ssl_method = DTLS_method,
475 .options = SSL_OP_NO_DTLSv1_2,
476 .minver = TLS1_1_VERSION,
477 .maxver = TLS1_2_VERSION,
478 .peerver = DTLS1_2_VERSION,
479 .want_maxver = 0,
480 },
481};
482
483#define N_SHARED_VERSION_TESTS \
484 (sizeof(shared_version_tests) / sizeof(*shared_version_tests))
485
486static int
487test_ssl_max_shared_version(void)
488{
489 struct shared_version_test *svt;
490 SSL_CTX *ssl_ctx = NULL;
491 SSL *ssl = NULL;
492 uint16_t maxver;
493 int failed = 0;
494 size_t i;
495
496 failed = 0;
497
498 fprintf(stderr, "INFO: starting max shared version tests...\n");
499
500 for (i = 0; i < N_SHARED_VERSION_TESTS; i++) {
501 svt = &shared_version_tests[i];
502
503 if ((ssl_ctx = SSL_CTX_new(svt->ssl_method())) == NULL) {
504 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
505 failed++;
506 goto err;
507 }
508 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
509 fprintf(stderr, "SSL_new() returned NULL\n");
510 failed++;
511 goto err;
512 }
513
514 SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
515 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
516 SSL_set_options(ssl, svt->options);
517
518 maxver = 0;
519 ssl->min_tls_version = svt->minver;
520 ssl->max_tls_version = svt->maxver;
521
522 if (!ssl_max_shared_version(ssl, svt->peerver, &maxver)) {
523 if (svt->want_maxver != 0) {
524 fprintf(stderr, "FAIL: test %zu - failed but "
525 "wanted non-zero shared version (peer %x)\n",
526 i, svt->peerver);
527 failed++;
528 }
529 SSL_CTX_free(ssl_ctx);
530 SSL_free(ssl);
531 ssl_ctx = NULL;
532 ssl = NULL;
533 continue;
534 }
535 if (maxver != svt->want_maxver) {
536 fprintf(stderr, "FAIL: test %zu - got shared "
537 "version %x, want %x\n", i, maxver,
538 svt->want_maxver);
539 failed++;
540 }
541
542 SSL_CTX_free(ssl_ctx);
543 SSL_free(ssl);
544 ssl_ctx = NULL;
545 ssl = NULL;
546 }
547
548 err:
549 SSL_CTX_free(ssl_ctx);
550 SSL_free(ssl);
551
552 return (failed);
553}
554
555struct min_max_version_test {
556 const SSL_METHOD *(*ssl_method)(void);
557 const uint16_t minver;
558 const uint16_t maxver;
559 const uint16_t want_minver;
560 const uint16_t want_maxver;
561 const int want_min_fail;
562 const int want_max_fail;
563};
564
565static struct min_max_version_test min_max_version_tests[] = {
566 {
567 .ssl_method = TLS_method,
568 .minver = 0,
569 .maxver = 0,
570 .want_minver = 0,
571 .want_maxver = 0,
572 },
573 {
574 .ssl_method = TLS_method,
575 .minver = TLS1_VERSION,
576 .maxver = 0,
577 .want_minver = TLS1_VERSION,
578 .want_maxver = 0,
579 },
580 {
581 .ssl_method = TLS_method,
582 .minver = 0,
583 .maxver = TLS1_2_VERSION,
584 .want_minver = 0,
585 .want_maxver = TLS1_2_VERSION,
586 },
587 {
588 .ssl_method = TLS_method,
589 .minver = 0,
590 .maxver = TLS1_3_VERSION,
591 .want_minver = 0,
592 .want_maxver = TLS1_3_VERSION,
593 },
594 {
595 .ssl_method = TLS_method,
596 .minver = TLS1_VERSION,
597 .maxver = TLS1_2_VERSION,
598 .want_minver = TLS1_VERSION,
599 .want_maxver = TLS1_2_VERSION,
600 },
601 {
602 .ssl_method = TLS_method,
603 .minver = TLS1_1_VERSION,
604 .maxver = 0,
605 .want_minver = TLS1_1_VERSION,
606 .want_maxver = 0,
607 },
608 {
609 .ssl_method = TLS_method,
610 .minver = TLS1_2_VERSION,
611 .maxver = 0,
612 .want_minver = TLS1_2_VERSION,
613 .want_maxver = 0,
614 },
615 {
616 .ssl_method = TLS_method,
617 .minver = 0x0300,
618 .maxver = 0,
619 .want_minver = TLS1_VERSION,
620 .want_maxver = 0,
621 },
622 {
623 .ssl_method = TLS_method,
624 .minver = 0x0305,
625 .maxver = 0,
626 .want_min_fail = 1,
627 },
628 {
629 .ssl_method = TLS_method,
630 .minver = 0,
631 .maxver = 0x0305,
632 .want_minver = 0,
633 .want_maxver = TLS1_3_VERSION,
634 },
635 {
636 .ssl_method = TLS_method,
637 .minver = 0,
638 .maxver = TLS1_1_VERSION,
639 .want_minver = 0,
640 .want_maxver = TLS1_1_VERSION,
641 },
642 {
643 .ssl_method = TLS_method,
644 .minver = 0,
645 .maxver = TLS1_VERSION,
646 .want_minver = 0,
647 .want_maxver = TLS1_VERSION,
648 },
649 {
650 .ssl_method = TLS_method,
651 .minver = 0,
652 .maxver = 0x0300,
653 .want_max_fail = 1,
654 },
655 {
656 .ssl_method = TLS_method,
657 .minver = TLS1_2_VERSION,
658 .maxver = TLS1_1_VERSION,
659 .want_minver = TLS1_2_VERSION,
660 .want_maxver = 0,
661 .want_max_fail = 1,
662 },
663 {
664 .ssl_method = TLSv1_1_method,
665 .minver = 0,
666 .maxver = 0,
667 .want_minver = 0,
668 .want_maxver = 0,
669 },
670 {
671 .ssl_method = TLSv1_1_method,
672 .minver = TLS1_VERSION,
673 .maxver = TLS1_2_VERSION,
674 .want_minver = TLS1_1_VERSION,
675 .want_maxver = TLS1_1_VERSION,
676 },
677 {
678 .ssl_method = TLSv1_1_method,
679 .minver = TLS1_2_VERSION,
680 .maxver = 0,
681 .want_minver = 0,
682 .want_maxver = 0,
683 .want_min_fail = 1,
684 },
685 {
686 .ssl_method = TLSv1_1_method,
687 .minver = 0,
688 .maxver = TLS1_VERSION,
689 .want_minver = 0,
690 .want_maxver = 0,
691 .want_max_fail = 1,
692 },
693 {
694 .ssl_method = DTLS_method,
695 .minver = 0,
696 .maxver = 0,
697 .want_minver = 0,
698 .want_maxver = 0,
699 },
700 {
701 .ssl_method = DTLS_method,
702 .minver = 0,
703 .maxver = DTLS1_VERSION,
704 .want_minver = 0,
705 .want_maxver = DTLS1_VERSION,
706 },
707 {
708 .ssl_method = DTLS_method,
709 .minver = DTLS1_VERSION,
710 .maxver = 0,
711 .want_minver = DTLS1_VERSION,
712 .want_maxver = 0,
713 },
714 {
715 .ssl_method = DTLS_method,
716 .minver = DTLS1_VERSION,
717 .maxver = DTLS1_2_VERSION,
718 .want_minver = DTLS1_VERSION,
719 .want_maxver = DTLS1_2_VERSION,
720 },
721 {
722 .ssl_method = DTLSv1_method,
723 .minver = 0,
724 .maxver = 0,
725 .want_minver = 0,
726 .want_maxver = 0,
727 },
728 {
729 .ssl_method = DTLSv1_method,
730 .minver = DTLS1_VERSION,
731 .maxver = 0,
732 .want_minver = DTLS1_VERSION,
733 .want_maxver = 0,
734 },
735 {
736 .ssl_method = DTLSv1_method,
737 .minver = 0,
738 .maxver = DTLS1_VERSION,
739 .want_minver = 0,
740 .want_maxver = DTLS1_VERSION,
741 },
742 {
743 .ssl_method = DTLSv1_method,
744 .minver = 0,
745 .maxver = DTLS1_2_VERSION,
746 .want_minver = 0,
747 .want_maxver = DTLS1_VERSION,
748 },
749 {
750 .ssl_method = DTLSv1_method,
751 .minver = TLS1_VERSION,
752 .maxver = TLS1_2_VERSION,
753 .want_minver = 0,
754 .want_maxver = 0,
755 .want_min_fail = 1,
756 .want_max_fail = 1,
757 },
758};
759
760#define N_MIN_MAX_VERSION_TESTS \
761 (sizeof(min_max_version_tests) / sizeof(*min_max_version_tests))
762
763static int
764test_ssl_min_max_version(void)
765{
766 struct min_max_version_test *mmvt;
767 SSL_CTX *ssl_ctx = NULL;
768 SSL *ssl = NULL;
769 int failed = 0;
770 size_t i;
771
772 failed = 0;
773
774 fprintf(stderr, "INFO: starting min max version tests...\n");
775
776 for (i = 0; i < N_MIN_MAX_VERSION_TESTS; i++) {
777 mmvt = &min_max_version_tests[i];
778
779 if ((ssl_ctx = SSL_CTX_new(mmvt->ssl_method())) == NULL) {
780 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
781 return 1;
782 }
783
784 if (!SSL_CTX_set_min_proto_version(ssl_ctx, mmvt->minver)) {
785 if (!mmvt->want_min_fail) {
786 fprintf(stderr, "FAIL: test %zu - failed to set "
787 "SSL_CTX min version\n", i);
788 failed++;
789 }
790 goto next;
791 }
792 if (!SSL_CTX_set_max_proto_version(ssl_ctx, mmvt->maxver)) {
793 if (!mmvt->want_max_fail) {
794 fprintf(stderr, "FAIL: test %zu - failed to set "
795 "SSL_CTX min version\n", i);
796 failed++;
797 }
798 goto next;
799 }
800
801 if (mmvt->want_min_fail) {
802 fprintf(stderr, "FAIL: test %zu - successfully set "
803 "SSL_CTX min version, should have failed\n", i);
804 failed++;
805 goto next;
806 }
807 if (mmvt->want_max_fail) {
808 fprintf(stderr, "FAIL: test %zu - successfully set "
809 "SSL_CTX max version, should have failed\n", i);
810 failed++;
811 goto next;
812 }
813
814 if (SSL_CTX_get_min_proto_version(ssl_ctx) != mmvt->want_minver) {
815 fprintf(stderr, "FAIL: test %zu - got SSL_CTX min "
816 "version 0x%x, want 0x%x\n", i,
817 SSL_CTX_get_min_proto_version(ssl_ctx), mmvt->want_minver);
818 failed++;
819 goto next;
820 }
821 if (SSL_CTX_get_max_proto_version(ssl_ctx) != mmvt->want_maxver) {
822 fprintf(stderr, "FAIL: test %zu - got SSL_CTX max "
823 "version 0x%x, want 0x%x\n", i,
824 SSL_CTX_get_max_proto_version(ssl_ctx), mmvt->want_maxver);
825 failed++;
826 goto next;
827 }
828
829 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
830 fprintf(stderr, "SSL_new() returned NULL\n");
831 return 1;
832 }
833
834 if (SSL_get_min_proto_version(ssl) != mmvt->want_minver) {
835 fprintf(stderr, "FAIL: test %zu - initial SSL min "
836 "version 0x%x, want 0x%x\n", i,
837 SSL_get_min_proto_version(ssl), mmvt->want_minver);
838 failed++;
839 goto next;
840 }
841 if (SSL_get_max_proto_version(ssl) != mmvt->want_maxver) {
842 fprintf(stderr, "FAIL: test %zu - initial SSL max "
843 "version 0x%x, want 0x%x\n", i,
844 SSL_get_max_proto_version(ssl), mmvt->want_maxver);
845 failed++;
846 goto next;
847 }
848
849 if (!SSL_set_min_proto_version(ssl, mmvt->minver)) {
850 if (mmvt->want_min_fail) {
851 fprintf(stderr, "FAIL: test %zu - failed to set "
852 "SSL min version\n", i);
853 failed++;
854 }
855 goto next;
856 }
857 if (!SSL_set_max_proto_version(ssl, mmvt->maxver)) {
858 if (mmvt->want_max_fail) {
859 fprintf(stderr, "FAIL: test %zu - failed to set "
860 "SSL min version\n", i);
861 failed++;
862 }
863 goto next;
864 }
865
866 if (mmvt->want_min_fail) {
867 fprintf(stderr, "FAIL: test %zu - successfully set SSL "
868 "min version, should have failed\n", i);
869 failed++;
870 goto next;
871 }
872 if (mmvt->want_max_fail) {
873 fprintf(stderr, "FAIL: test %zu - successfully set SSL "
874 "max version, should have failed\n", i);
875 failed++;
876 goto next;
877 }
878
879 if (SSL_get_min_proto_version(ssl) != mmvt->want_minver) {
880 fprintf(stderr, "FAIL: test %zu - got SSL min "
881 "version 0x%x, want 0x%x\n", i,
882 SSL_get_min_proto_version(ssl), mmvt->want_minver);
883 failed++;
884 goto next;
885 }
886 if (SSL_get_max_proto_version(ssl) != mmvt->want_maxver) {
887 fprintf(stderr, "FAIL: test %zu - got SSL max "
888 "version 0x%x, want 0x%x\n", i,
889 SSL_get_max_proto_version(ssl), mmvt->want_maxver);
890 failed++;
891 goto next;
892 }
893
894 next:
895 SSL_CTX_free(ssl_ctx);
896 SSL_free(ssl);
897
898 ssl_ctx = NULL;
899 ssl = NULL;
900 }
901
902 return (failed);
903}
904
905int
906main(int argc, char **argv)
907{
908 int failed = 0;
909
910 SSL_library_init();
911
912 /* XXX - Test ssl_supported_version_range() */
913
914 failed |= test_ssl_enabled_version_range();
915 failed |= test_ssl_max_shared_version();
916 failed |= test_ssl_min_max_version();
917
918 if (failed == 0)
919 printf("PASS %s\n", __FILE__);
920
921 return (failed);
922}
diff --git a/src/regress/lib/libssl/unit/tests.h b/src/regress/lib/libssl/unit/tests.h
deleted file mode 100644
index 287816946a..0000000000
--- a/src/regress/lib/libssl/unit/tests.h
+++ /dev/null
@@ -1,44 +0,0 @@
1/* $OpenBSD: tests.h,v 1.1 2015/06/27 23:35:52 doug Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef LIBRESSL_REGRESS_TESTS_H__
19#define LIBRESSL_REGRESS_TESTS_H__ 1
20
21/* Ugly macros that are useful for regression tests. */
22
23#define SKIP(a) do { \
24 printf("Skipping test in %s [%s:%d]\n", __func__, __FILE__, \
25 __LINE__); \
26} while (0)
27
28#define CHECK(a) do { \
29 if (!(a)) { \
30 printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
31 __LINE__); \
32 return 0; \
33 } \
34} while (0)
35
36#define CHECK_GOTO(a) do { \
37 if (!(a)) { \
38 printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
39 __LINE__); \
40 goto err; \
41 } \
42} while (0)
43
44#endif /* LIBRESSL_REGRESS_TESTS_H__ */
diff --git a/src/regress/lib/libssl/unit/tls_ext_alpn.c b/src/regress/lib/libssl/unit/tls_ext_alpn.c
deleted file mode 100644
index d00f3efb5f..0000000000
--- a/src/regress/lib/libssl/unit/tls_ext_alpn.c
+++ /dev/null
@@ -1,442 +0,0 @@
1/* $OpenBSD: tls_ext_alpn.c,v 1.9 2022/11/26 16:08:57 tb Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/*
19 * Test TLS extension Application-Layer Protocol Negotiation (RFC 7301).
20 */
21#include <stdio.h>
22#include <openssl/ssl.h>
23
24#include "ssl_local.h"
25#include "ssl_tlsext.h"
26
27#include "tests.h"
28
29/*
30 * In the ProtocolNameList, ProtocolNames must not include empty strings and
31 * byte strings must not be truncated.
32 *
33 * This uses some of the IANA approved protocol names from:
34 * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
35 */
36
37/* Valid for client and server since it only has one name. */
38static uint8_t proto_single[] = {
39 /* Extension extensions<0..2^16-1> -- All TLS extensions */
40 0x00, 0x0f, /* len */
41 /* ExtensionType extension_type */
42 0x00, 0x10, /* ALPN */
43 /* opaque extension_data<0..2^16-1> */
44 0x00, 0x0b, /* len */
45 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
46 0x00, 0x09, /* len of all names */
47 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
48 0x08, /* len */
49 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31
50};
51
52/* Valid for client, but NOT server. Server must have exactly one name. */
53static uint8_t proto_multiple1[] = {
54 /* Extension extensions<0..2^16-1> -- All TLS extensions */
55 0x00, 0x19, /* len */
56 /* ExtensionType extension_type */
57 0x00, 0x10, /* ALPN */
58 /* opaque extension_data<0..2^16-1> */
59 0x00, 0x15, /* len */
60 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
61 0x00, 0x13, /* len of all names */
62 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
63 0x08, /* len */
64 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
65 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
66 0x09, /* len */
67 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
68};
69
70/* Valid for client, but NOT server. Server must have exactly one name. */
71static uint8_t proto_multiple2[] = {
72 /* Extension extensions<0..2^16-1> -- All TLS extensions */
73 0x00, 0x1c, /* len */
74 /* ExtensionType extension_type */
75 0x00, 0x10, /* ALPN */
76 /* opaque extension_data<0..2^16-1> */
77 0x00, 0x18, /* len */
78 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
79 0x00, 0x16, /* len of all names */
80 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
81 0x08, /* len */
82 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
83 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
84 0x02, /* len */
85 0x68, 0x32,
86 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
87 0x09, /* len */
88 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
89};
90
91/* Valid for client, but NOT server. Server must have exactly one name. */
92static uint8_t proto_multiple3[] = {
93 /* Extension extensions<0..2^16-1> -- All TLS extensions */
94 0x00, 0x20, /* len */
95 /* ExtensionType extension_type */
96 0x00, 0x10, /* ALPN */
97 /* opaque extension_data<0..2^16-1> */
98 0x00, 0x1c, /* len */
99 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
100 0x00, 0x1a, /* len of all names */
101 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
102 0x08, /* len */
103 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
104 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
105 0x02, /* len */
106 0x68, 0x32,
107 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
108 0x09, /* len */
109 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e,
110 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
111 0x03, /* len */
112 0x68, 0x32, 0x63
113};
114
115static uint8_t proto_empty[] = {
116 /* Extension extensions<0..2^16-1> -- All TLS extensions. */
117 0x00, 0x00, /* none present. */
118};
119
120/* Invalid for both client and server. Length is wrong. */
121static uint8_t proto_invalid_len1[] = {
122 /* Extension extensions<0..2^16-1> -- All TLS extensions */
123 0x00, 0x0a, /* len */
124 /* ExtensionType extension_type */
125 0x00, 0x10, /* ALPN */
126 /* opaque extension_data<0..2^16-1> */
127 0x00, 0x06, /* len */
128 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
129 0x00, 0x04, /* len of all names */
130 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
131 0x04, /* XXX len too large */
132 0x68, 0x32, 0x63
133};
134static uint8_t proto_invalid_len2[] = {
135 /* Extension extensions<0..2^16-1> -- All TLS extensions */
136 0x00, 0x0a, /* len */
137 /* ExtensionType extension_type */
138 0x00, 0x10, /* ALPN */
139 /* opaque extension_data<0..2^16-1> */
140 0x00, 0x06, /* len */
141 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
142 0x00, 0x04, /* len of all names */
143 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
144 0x02, /* XXX len too small */
145 0x68, 0x32, 0x63
146};
147static uint8_t proto_invalid_len3[] = {
148 /* Extension extensions<0..2^16-1> -- All TLS extensions */
149 0x00, 0x0a, /* len */
150 /* ExtensionType extension_type */
151 0x00, 0x10, /* ALPN */
152 /* opaque extension_data<0..2^16-1> */
153 0x00, 0x06, /* len */
154 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
155 0x00, 0x03, /* XXX len too small */
156 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
157 0x03, /* len */
158 0x68, 0x32, 0x63
159};
160static uint8_t proto_invalid_len4[] = {
161 /* Extension extensions<0..2^16-1> -- All TLS extensions */
162 0x00, 0x0a, /* len */
163 /* ExtensionType extension_type */
164 0x00, 0x10, /* ALPN */
165 /* opaque extension_data<0..2^16-1> */
166 0x00, 0x06, /* len */
167 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
168 0x00, 0x06, /* XXX len too large */
169 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
170 0x03, /* len */
171 0x68, 0x32, 0x63
172};
173static uint8_t proto_invalid_len5[] = {
174 /* Extension extensions<0..2^16-1> -- All TLS extensions */
175 0x00, 0x0a, /* len */
176 /* ExtensionType extension_type */
177 0x00, 0x10, /* ALPN */
178 /* opaque extension_data<0..2^16-1> */
179 0x01, 0x08, /* XXX len too large */
180 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
181 0x00, 0x04, /* len */
182 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
183 0x03, /* len */
184 0x68, 0x32, 0x63
185};
186static uint8_t proto_invalid_len6[] = {
187 /* Extension extensions<0..2^16-1> -- All TLS extensions */
188 0x00, 0x0a, /* len */
189 /* ExtensionType extension_type */
190 0x00, 0x10, /* ALPN */
191 /* opaque extension_data<0..2^16-1> */
192 0x00, 0x05, /* XXX len too small */
193 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
194 0x00, 0x04, /* len */
195 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
196 0x03, /* len */
197 0x68, 0x32, 0x63
198};
199static uint8_t proto_invalid_len7[] = {
200 /* Extension extensions<0..2^16-1> -- All TLS extensions */
201 0x00, 0x06, /* XXX len too small */
202 /* ExtensionType extension_type */
203 0x00, 0x10, /* ALPN */
204 /* opaque extension_data<0..2^16-1> */
205 0x00, 0x06, /* len */
206 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
207 0x00, 0x04, /* len */
208 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
209 0x03, /* len */
210 0x68, 0x32, 0x63
211};
212static uint8_t proto_invalid_len8[] = {
213 /* Extension extensions<0..2^16-1> -- All TLS extensions */
214 0x00, 0x0b, /* XXX len too large */
215 /* ExtensionType extension_type */
216 0x00, 0x10, /* ALPN */
217 /* opaque extension_data<0..2^16-1> */
218 0x00, 0x06, /* len */
219 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
220 0x00, 0x04, /* len */
221 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
222 0x03, /* len */
223 0x68, 0x32, 0x63
224};
225
226/* Invalid for client and server since it is missing data. */
227static uint8_t proto_invalid_missing1[] = {
228 /* Extension extensions<0..2^16-1> -- All TLS extensions */
229 0x00, 0x0a, /* len */
230 /* ExtensionType extension_type */
231 0x00, 0x10, /* ALPN */
232 /* opaque extension_data<0..2^16-1> */
233 0x00, 0x06, /* len */
234 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
235 0x00, 0x04, /* len of all names */
236 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
237 /* XXX missing */
238};
239static uint8_t proto_invalid_missing2[] = {
240 /* Extension extensions<0..2^16-1> -- All TLS extensions */
241 0x00, 0x0a, /* len */
242 /* ExtensionType extension_type */
243 0x00, 0x10, /* ALPN */
244 /* opaque extension_data<0..2^16-1> */
245 0x00, 0x00, /* XXX missing name list */
246 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
247};
248static uint8_t proto_invalid_missing3[] = {
249 /* Extension extensions<0..2^16-1> -- All TLS extensions */
250 0x00, 0x0a, /* len */
251 /* ExtensionType extension_type */
252 0x00, 0x10, /* ALPN */
253 /* opaque extension_data<0..2^16-1> */
254 0x00, 0x02, /* XXX size is sufficient but missing data for name list */
255 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
256};
257static uint8_t proto_invalid_missing4[] = {
258 /* Extension extensions<0..2^16-1> -- All TLS extensions */
259 0x00, 0x0a, /* len */
260 /* ExtensionType extension_type */
261 0x00, 0x10, /* ALPN */
262 /* opaque extension_data<0..2^16-1> */
263 /* XXX missing */
264};
265static uint8_t proto_invalid_missing5[] = {
266 /* Extension extensions<0..2^16-1> -- All TLS extensions */
267 0x00, 0x1c, /* len */
268 /* ExtensionType extension_type */
269 0x00, 0x10, /* ALPN */
270 /* opaque extension_data<0..2^16-1> */
271 0x00, 0x18, /* len */
272 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
273 0x00, 0x16, /* len of all names */
274 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
275 0x08, /* len */
276 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
277 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
278 0x02, /* len */
279 0x68, 0x32,
280 /* XXX missing name */
281};
282static uint8_t proto_invalid_missing6[] = {
283 /* Extension extensions<0..2^16-1> -- All TLS extensions */
284 0x00, 0x07, /* len */
285 /* ExtensionType extension_type */
286 0x00, 0x10, /* ALPN */
287 /* opaque extension_data<0..2^16-1> */
288 0x00, 0x03, /* len */
289 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
290 0x00, 0x01, /* XXX len must be at least 2 */
291 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
292 0x00, /* XXX len cannot be 0 */
293};
294static uint8_t proto_invalid_missing7[] = {
295 /* Extension extensions<0..2^16-1> -- All TLS extensions */
296 0x00, 0x07, /* len */
297 /* ExtensionType extension_type */
298 0x00, 0x10, /* ALPN */
299 /* opaque extension_data<0..2^16-1> */
300 0x00, 0x03, /* len */
301 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
302 0x00, 0x02, /* XXX len is at least 2 but not correct. */
303 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
304 0x00, /* XXX len cannot be 0 */
305};
306static uint8_t proto_invalid_missing8[] = {
307 /* Extension extensions<0..2^16-1> -- All TLS extensions */
308 0x00, 0x01, /* len */
309 /* ExtensionType extension_type */
310 0x00, /* XXX need a 2 byte type */
311};
312static uint8_t proto_invalid_missing9[] = {
313 /* Extension extensions<0..2^16-1> -- All TLS extensions */
314 0x0a, /* XXX need a 2 byte len */
315};
316
317
318#define CHECK_BOTH(c_val, s_val, proto) do { \
319 { \
320 CBS cbs; \
321 int al; \
322 \
323 CBS_init(&cbs, proto, sizeof(proto)); \
324 CHECK(c_val == tlsext_server_parse(s, SSL_TLSEXT_MSG_CH, &cbs, &al)); \
325 CBS_init(&cbs, proto, sizeof(proto)); \
326 CHECK(s_val == tlsext_client_parse(s, SSL_TLSEXT_MSG_SH, &cbs, &al)); \
327 } \
328} while (0)
329
330static int dummy_alpn_cb(SSL *ssl, const unsigned char **out,
331 unsigned char *outlen, const unsigned char *in, unsigned int inlen,
332 void *arg);
333
334static int
335check_valid_alpn(SSL *s)
336{
337 const uint8_t str[] = {
338 0x08, /* len */
339 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* http/1.1 */
340 };
341
342 /* Setup in order to test ALPN. */
343 CHECK(! SSL_set_alpn_protos(s, str, 9));
344 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL);
345
346 /* Prerequisites to test these. */
347 CHECK(s->alpn_client_proto_list != NULL);
348 CHECK(s->ctx->alpn_select_cb != NULL);
349 //CHECK(s->s3->tmp.finish_md_len == 0);
350
351 CHECK_BOTH(1, 1, proto_single);
352 CHECK_BOTH(1, 1, proto_empty);
353
354 /* Multiple protocol names are only valid for client */
355 CHECK_BOTH(1, 0, proto_multiple1);
356 CHECK_BOTH(1, 0, proto_multiple2);
357 CHECK_BOTH(1, 0, proto_multiple3);
358
359 return 1;
360}
361
362/*
363 * Some of the IANA approved IDs from:
364 * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
365 */
366static int
367check_invalid_alpn(SSL *s)
368{
369 const uint8_t str[] = {
370 0x08, /* len */
371 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* http/1.1 */
372 };
373
374 /* Setup in order to test ALPN. */
375 CHECK(! SSL_set_alpn_protos(s, str, 9));
376 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL);
377
378 /* Prerequisites to test these. */
379 CHECK(s->alpn_client_proto_list != NULL);
380 CHECK(s->ctx->alpn_select_cb != NULL);
381 //CHECK(s->s3->tmp.finish_md_len == 0);
382
383 /* None of these are valid for client or server */
384 CHECK_BOTH(0, 0, proto_invalid_len1);
385 CHECK_BOTH(0, 0, proto_invalid_len2);
386 CHECK_BOTH(0, 0, proto_invalid_len3);
387 CHECK_BOTH(0, 0, proto_invalid_len4);
388 CHECK_BOTH(0, 0, proto_invalid_len5);
389 CHECK_BOTH(0, 0, proto_invalid_len6);
390 CHECK_BOTH(0, 0, proto_invalid_len7);
391 CHECK_BOTH(0, 0, proto_invalid_len8);
392 CHECK_BOTH(0, 0, proto_invalid_missing1);
393 CHECK_BOTH(0, 0, proto_invalid_missing2);
394 CHECK_BOTH(0, 0, proto_invalid_missing3);
395 CHECK_BOTH(0, 0, proto_invalid_missing4);
396 CHECK_BOTH(0, 0, proto_invalid_missing5);
397 CHECK_BOTH(0, 0, proto_invalid_missing6);
398 CHECK_BOTH(0, 0, proto_invalid_missing7);
399 CHECK_BOTH(0, 0, proto_invalid_missing8);
400 CHECK_BOTH(0, 0, proto_invalid_missing9);
401
402 return 1;
403}
404
405int
406dummy_alpn_cb(SSL *ssl __attribute__((unused)), const unsigned char **out,
407 unsigned char *outlen, const unsigned char *in, unsigned int inlen,
408 void *arg __attribute__((unused)))
409{
410 *out = in;
411 *outlen = (unsigned char)inlen;
412
413 return 0;
414}
415
416int
417main(void)
418{
419 SSL_CTX *ctx = NULL;
420 SSL *s = NULL;
421 int rv = 1;
422
423 SSL_library_init();
424
425 CHECK_GOTO((ctx = SSL_CTX_new(TLSv1_2_client_method())) != NULL);
426 CHECK_GOTO((s = SSL_new(ctx)) != NULL);
427
428 if (!check_valid_alpn(s))
429 goto err;
430 if (!check_invalid_alpn(s))
431 goto err;
432
433 rv = 0;
434
435err:
436 SSL_CTX_free(ctx);
437 SSL_free(s);
438
439 if (!rv)
440 printf("PASS %s\n", __FILE__);
441 return rv;
442}
diff --git a/src/regress/lib/libssl/unit/tls_prf.c b/src/regress/lib/libssl/unit/tls_prf.c
deleted file mode 100644
index a22d0e70d0..0000000000
--- a/src/regress/lib/libssl/unit/tls_prf.c
+++ /dev/null
@@ -1,251 +0,0 @@
1/* $OpenBSD: tls_prf.c,v 1.8 2022/11/26 16:08:57 tb Exp $ */
2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include "ssl_local.h"
21
22int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len,
23 const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len,
24 const void *seed3, size_t seed3_len, const void *seed4, size_t seed4_len,
25 const void *seed5, size_t seed5_len, unsigned char *out, size_t out_len);
26
27#define TLS_PRF_OUT_LEN 128
28
29struct tls_prf_test {
30 const unsigned char *desc;
31 const SSL_METHOD *(*ssl_method)(void);
32 const uint16_t cipher_value;
33 const unsigned char out[TLS_PRF_OUT_LEN];
34};
35
36static struct tls_prf_test tls_prf_tests[] = {
37 {
38 .desc = "MD5+SHA1",
39 .ssl_method = TLSv1_method,
40 .cipher_value = 0x0033,
41 .out = {
42 0x03, 0xa1, 0xc1, 0x7d, 0x2c, 0xa5, 0x3d, 0xe8,
43 0x9d, 0x59, 0x5e, 0x30, 0xf5, 0x71, 0xbb, 0x96,
44 0xde, 0x5c, 0x8e, 0xdc, 0x25, 0x8a, 0x7c, 0x05,
45 0x9f, 0x7d, 0x35, 0x29, 0x45, 0xae, 0x56, 0xad,
46 0x9f, 0x57, 0x15, 0x5c, 0xdb, 0x83, 0x3a, 0xac,
47 0x19, 0xa8, 0x2b, 0x40, 0x72, 0x38, 0x1e, 0xed,
48 0xf3, 0x25, 0xde, 0x84, 0x84, 0xd8, 0xd1, 0xfc,
49 0x31, 0x85, 0x81, 0x12, 0x55, 0x4d, 0x12, 0xb5,
50 0xed, 0x78, 0x5e, 0xba, 0xc8, 0xec, 0x8d, 0x28,
51 0xa1, 0x21, 0x1e, 0x6e, 0x07, 0xf1, 0xfc, 0xf5,
52 0xbf, 0xe4, 0x8e, 0x8e, 0x97, 0x15, 0x93, 0x85,
53 0x75, 0xdd, 0x87, 0x09, 0xd0, 0x4e, 0xe5, 0xd5,
54 0x9e, 0x1f, 0xd6, 0x1c, 0x3b, 0xe9, 0xad, 0xba,
55 0xe0, 0x16, 0x56, 0x62, 0x90, 0xd6, 0x82, 0x84,
56 0xec, 0x8a, 0x22, 0xbe, 0xdc, 0x6a, 0x5e, 0x05,
57 0x12, 0x44, 0xec, 0x60, 0x61, 0xd1, 0x8a, 0x66,
58 },
59 },
60 {
61 .desc = "GOST94",
62 .ssl_method = TLSv1_2_method,
63 .cipher_value = 0x0081,
64 .out = {
65 0xcc, 0xd4, 0x89, 0x5f, 0x52, 0x08, 0x9b, 0xc7,
66 0xf9, 0xb5, 0x83, 0x58, 0xe8, 0xc7, 0x71, 0x49,
67 0x39, 0x99, 0x1f, 0x14, 0x8f, 0x85, 0xbe, 0x64,
68 0xee, 0x40, 0x5c, 0xe7, 0x5f, 0x68, 0xaf, 0xf2,
69 0xcd, 0x3a, 0x94, 0x52, 0x33, 0x53, 0x46, 0x7d,
70 0xb6, 0xc5, 0xe1, 0xb8, 0xa4, 0x04, 0x69, 0x91,
71 0x0a, 0x9c, 0x88, 0x86, 0xd9, 0x60, 0x63, 0xdd,
72 0xd8, 0xe7, 0x2e, 0xee, 0xce, 0xe2, 0x20, 0xd8,
73 0x9a, 0xfa, 0x9c, 0x63, 0x0c, 0x9c, 0xa1, 0x76,
74 0xed, 0x78, 0x9a, 0x84, 0x70, 0xb4, 0xd1, 0x51,
75 0x1f, 0xde, 0x44, 0xe8, 0x90, 0x21, 0x3f, 0xeb,
76 0x05, 0xf4, 0x77, 0x59, 0xf3, 0xad, 0xdd, 0x34,
77 0x3d, 0x3a, 0x7c, 0xd0, 0x59, 0x40, 0xe1, 0x3f,
78 0x04, 0x4b, 0x8b, 0xd6, 0x95, 0x46, 0xb4, 0x9e,
79 0x4c, 0x2d, 0xf7, 0xee, 0xbd, 0xbc, 0xcb, 0x5c,
80 0x3a, 0x36, 0x0c, 0xd0, 0x27, 0xcb, 0x45, 0x06,
81 },
82 },
83 {
84 .desc = "SHA256 (via TLSv1.2)",
85 .ssl_method = TLSv1_2_method,
86 .cipher_value = 0x0033,
87 .out = {
88 0x37, 0xa7, 0x06, 0x71, 0x6e, 0x19, 0x19, 0xda,
89 0x23, 0x8c, 0xcc, 0xb4, 0x2f, 0x31, 0x64, 0x9d,
90 0x05, 0x29, 0x1c, 0x33, 0x7e, 0x09, 0x1b, 0x0c,
91 0x0e, 0x23, 0xc1, 0xb0, 0x40, 0xcc, 0x31, 0xf7,
92 0x55, 0x66, 0x68, 0xd9, 0xa8, 0xae, 0x74, 0x75,
93 0xf3, 0x46, 0xe9, 0x3a, 0x54, 0x9d, 0xe0, 0x8b,
94 0x7e, 0x6c, 0x63, 0x1c, 0xfa, 0x2f, 0xfd, 0xc9,
95 0xd3, 0xf1, 0xd3, 0xfe, 0x7b, 0x9e, 0x14, 0x95,
96 0xb5, 0xd0, 0xad, 0x9b, 0xee, 0x78, 0x8c, 0x83,
97 0x18, 0x58, 0x7e, 0xa2, 0x23, 0xc1, 0x8b, 0x62,
98 0x94, 0x12, 0xcb, 0xb6, 0x60, 0x69, 0x32, 0xfe,
99 0x98, 0x0e, 0x93, 0xb0, 0x8e, 0x5c, 0xfb, 0x6e,
100 0xdb, 0x9a, 0xc2, 0x9f, 0x8c, 0x5c, 0x43, 0x19,
101 0xeb, 0x4a, 0x52, 0xad, 0x62, 0x2b, 0xdd, 0x9f,
102 0xa3, 0x74, 0xa6, 0x96, 0x61, 0x4d, 0x98, 0x40,
103 0x63, 0xa6, 0xd4, 0xbb, 0x17, 0x11, 0x75, 0xed,
104 },
105 },
106 {
107 .desc = "SHA384",
108 .ssl_method = TLSv1_2_method,
109 .cipher_value = 0x009d,
110 .out = {
111 0x00, 0x93, 0xc3, 0xfd, 0xa7, 0xbb, 0xdc, 0x5b,
112 0x13, 0x3a, 0xe6, 0x8b, 0x1b, 0xac, 0xf3, 0xfb,
113 0x3c, 0x9a, 0x78, 0xf6, 0x19, 0xf0, 0x13, 0x0f,
114 0x0d, 0x01, 0x9d, 0xdf, 0x0a, 0x28, 0x38, 0xce,
115 0x1a, 0x9b, 0x43, 0xbe, 0x56, 0x12, 0xa7, 0x16,
116 0x58, 0xe1, 0x8a, 0xe4, 0xc5, 0xbb, 0x10, 0x4c,
117 0x3a, 0xf3, 0x7f, 0xd3, 0xdb, 0xe4, 0xe0, 0x3d,
118 0xcc, 0x83, 0xca, 0xf0, 0xf9, 0x69, 0xcc, 0x70,
119 0x83, 0x32, 0xf6, 0xfc, 0x81, 0x80, 0x02, 0xe8,
120 0x31, 0x1e, 0x7c, 0x3b, 0x34, 0xf7, 0x34, 0xd1,
121 0xcf, 0x2a, 0xc4, 0x36, 0x2f, 0xe9, 0xaa, 0x7f,
122 0x6d, 0x1f, 0x5e, 0x0e, 0x39, 0x05, 0x15, 0xe1,
123 0xa2, 0x9a, 0x4d, 0x97, 0x8c, 0x62, 0x46, 0xf1,
124 0x87, 0x65, 0xd8, 0xe9, 0x14, 0x11, 0xa6, 0x48,
125 0xd7, 0x0e, 0x6e, 0x70, 0xad, 0xfb, 0x3f, 0x36,
126 0x05, 0x76, 0x4b, 0xe4, 0x28, 0x50, 0x4a, 0xf2,
127 },
128 },
129 {
130 .desc = "STREEBOG256",
131 .ssl_method = TLSv1_2_method,
132 .cipher_value = 0xff87,
133 .out = {
134 0x3e, 0x13, 0xb9, 0xeb, 0x85, 0x8c, 0xb4, 0x21,
135 0x23, 0x40, 0x9b, 0x73, 0x04, 0x56, 0xe2, 0xff,
136 0xce, 0x52, 0x1f, 0x82, 0x7f, 0x17, 0x5b, 0x80,
137 0x23, 0x71, 0xca, 0x30, 0xdf, 0xfc, 0xdc, 0x2d,
138 0xc0, 0xfc, 0x5d, 0x23, 0x5a, 0x54, 0x7f, 0xae,
139 0xf5, 0x7d, 0x52, 0x1e, 0x86, 0x95, 0xe1, 0x2d,
140 0x28, 0xe7, 0xbe, 0xd7, 0xd0, 0xbf, 0xa9, 0x96,
141 0x13, 0xd0, 0x9c, 0x0c, 0x1c, 0x16, 0x05, 0xbb,
142 0x26, 0xd7, 0x30, 0x39, 0xb9, 0x53, 0x28, 0x98,
143 0x4f, 0x1b, 0x83, 0xc3, 0xce, 0x1c, 0x7c, 0x34,
144 0xa2, 0xc4, 0x7a, 0x54, 0x16, 0xc6, 0xa7, 0x9e,
145 0xed, 0x4b, 0x7b, 0x83, 0xa6, 0xae, 0xe2, 0x5b,
146 0x96, 0xf5, 0x6c, 0xad, 0x1f, 0xa3, 0x83, 0xb2,
147 0x84, 0x32, 0xed, 0xe3, 0x2c, 0xf6, 0xd4, 0x73,
148 0x30, 0xef, 0x9d, 0xbe, 0xe7, 0x23, 0x9a, 0xbf,
149 0x4d, 0x1c, 0xe7, 0xef, 0x3d, 0xea, 0x46, 0xe2,
150 },
151 },
152};
153
154#define N_TLS_PRF_TESTS \
155 (sizeof(tls_prf_tests) / sizeof(*tls_prf_tests))
156
157#define TLS_PRF_SEED1 "tls prf seed 1"
158#define TLS_PRF_SEED2 "tls prf seed 2"
159#define TLS_PRF_SEED3 "tls prf seed 3"
160#define TLS_PRF_SEED4 "tls prf seed 4"
161#define TLS_PRF_SEED5 "tls prf seed 5"
162#define TLS_PRF_SECRET "tls prf secretz"
163
164static void
165hexdump(const unsigned char *buf, size_t len)
166{
167 size_t i;
168
169 for (i = 1; i <= len; i++)
170 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
171
172 fprintf(stderr, "\n");
173}
174
175static int
176do_tls_prf_test(int test_no, struct tls_prf_test *tpt)
177{
178 unsigned char *out = NULL;
179 const SSL_CIPHER *cipher;
180 SSL_CTX *ssl_ctx = NULL;
181 SSL *ssl = NULL;
182 int failure = 1;
183 int len;
184
185 fprintf(stderr, "Test %d - %s\n", test_no, tpt->desc);
186
187 if ((out = malloc(TLS_PRF_OUT_LEN)) == NULL)
188 errx(1, "failed to allocate out");
189
190 if ((ssl_ctx = SSL_CTX_new(tpt->ssl_method())) == NULL)
191 errx(1, "failed to create SSL context");
192 if ((ssl = SSL_new(ssl_ctx)) == NULL)
193 errx(1, "failed to create SSL context");
194
195 if ((cipher = ssl3_get_cipher_by_value(tpt->cipher_value)) == NULL) {
196 fprintf(stderr, "FAIL: no cipher %hx\n", tpt->cipher_value);
197 goto failure;
198 }
199
200 ssl->s3->hs.cipher = cipher;
201
202 for (len = 1; len <= TLS_PRF_OUT_LEN; len++) {
203 memset(out, 'A', TLS_PRF_OUT_LEN);
204
205 if (tls1_PRF(ssl, TLS_PRF_SECRET, sizeof(TLS_PRF_SECRET),
206 TLS_PRF_SEED1, sizeof(TLS_PRF_SEED1), TLS_PRF_SEED2,
207 sizeof(TLS_PRF_SEED2), TLS_PRF_SEED3, sizeof(TLS_PRF_SEED3),
208 TLS_PRF_SEED4, sizeof(TLS_PRF_SEED4), TLS_PRF_SEED5,
209 sizeof(TLS_PRF_SEED5), out, len) != 1) {
210 fprintf(stderr, "FAIL: tls_PRF failed for len %d\n",
211 len);
212 goto failure;
213 }
214
215 if (memcmp(out, tpt->out, len) != 0) {
216 fprintf(stderr, "FAIL: tls_PRF output differs for "
217 "len %d\n", len);
218 fprintf(stderr, "output:\n");
219 hexdump(out, TLS_PRF_OUT_LEN);
220 fprintf(stderr, "test data:\n");
221 hexdump(tpt->out, TLS_PRF_OUT_LEN);
222 fprintf(stderr, "\n");
223 goto failure;
224 }
225 }
226
227 failure = 0;
228
229 failure:
230 SSL_free(ssl);
231 SSL_CTX_free(ssl_ctx);
232
233 free(out);
234
235 return failure;
236}
237
238int
239main(int argc, char **argv)
240{
241 int failed = 0;
242 size_t i;
243
244 SSL_library_init();
245 SSL_load_error_strings();
246
247 for (i = 0; i < N_TLS_PRF_TESTS; i++)
248 failed |= do_tls_prf_test(i, &tls_prf_tests[i]);
249
250 return failed;
251}
diff --git a/src/regress/lib/libssl/verify/Makefile b/src/regress/lib/libssl/verify/Makefile
deleted file mode 100644
index 515b22e07a..0000000000
--- a/src/regress/lib/libssl/verify/Makefile
+++ /dev/null
@@ -1,37 +0,0 @@
1# $OpenBSD: Makefile,v 1.1.1.1 2021/08/30 17:27:45 tb Exp $
2
3.if !(make(clean) || make(cleandir) || make(obj))
4. if !exists(/usr/local/libdata/perl5/site_perl/IO/Socket/SSL.pm)
5regress:
6 @echo "missing package p5-IO-Socket-SSL"
7 @echo SKIPPED
8. endif
9.endif
10PROGS += verify
11
12.for p in ${PROGS}
13REGRESS_TARGETS += run-$p
14.endfor
15
16LDADD = -lcrypto -lssl
17DPADD = ${LIBCRYPTO} ${LIBSSL}
18WARNINGS = Yes
19CFLAGS += -DLIBRESSL_INTERNAL -Wundef -Werror
20
21PERL ?= perl
22
23REGRESS_SETUP_ONCE += create-libressl-test-certs
24create-libressl-test-certs: create-libressl-test-certs.pl
25 ${PERL} ${.CURDIR}/$@.pl
26
27
28CLEANFILES += *.pem *.key
29
30.for p in ${PROGS}
31run-$p: $p
32 ./$p
33
34.PHONY: run-$p
35.endfor
36
37.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/verify/create-libressl-test-certs.pl b/src/regress/lib/libssl/verify/create-libressl-test-certs.pl
deleted file mode 100644
index f38494966e..0000000000
--- a/src/regress/lib/libssl/verify/create-libressl-test-certs.pl
+++ /dev/null
@@ -1,111 +0,0 @@
1#!/usr/bin/perl
2
3# Copyright (c) 2021 Steffen Ullrich <sullr@cpan.org>
4# Public Domain
5
6use strict;
7use warnings;
8use IO::Socket::SSL::Utils;
9
10# primitive CA - ROOT
11my @ca = cert(
12 CA => 1,
13 subject => { CN => 'ROOT' }
14);
15out('caR.pem', pem(crt => $ca[0]));
16out('caR.key', pem(key => $ca[1]));
17
18# server certificate where SAN contains in-label wildcards, which a
19# client MAY choose to accept as per RFC 6125 section 6.4.3.
20my @leafcert = cert(
21 issuer => \@ca,
22 purpose => 'server',
23 subject => { CN => 'server.local' },
24 subjectAltNames => [
25 [ DNS => 'bar.server.local' ],
26 [ DNS => 'www*.server.local'],
27 [ DNS => '*.www.server.local'],
28 [ DNS => 'foo.server.local' ],
29 [ DNS => 'server.local' ],
30 ]
31);
32out('server-unusual-wildcard.pem', pem(@leafcert));
33
34@leafcert = cert(
35 issuer => \@ca,
36 purpose => 'server',
37 subject => { CN => 'server.local' },
38 subjectAltNames => [
39 [ DNS => 'bar.server.local' ],
40 [ DNS => '*.www.server.local'],
41 [ DNS => 'foo.server.local' ],
42 [ DNS => 'server.local' ],
43 ]
44);
45out('server-common-wildcard.pem', pem(@leafcert));
46
47# alternative CA - OLD_ROOT
48my @caO = cert(
49 CA => 1,
50 subject => { CN => 'OLD_ROOT' }
51);
52out('caO.pem', pem(crt => $caO[0]));
53out('caO.key', pem(key => $caO[1]));
54
55# alternative ROOT CA, signed by OLD_ROOT, same key as other ROOT CA
56my @caX = cert(
57 issuer => \@caO,
58 CA => 1,
59 subject => { CN => 'ROOT' },
60 key => $ca[1],
61);
62out('caX.pem', pem(crt => $caX[0]));
63out('caX.key', pem(key => $caX[1]));
64
65# subCA below ROOT
66my @subcaR = cert(
67 issuer => \@ca,
68 CA => 1,
69 subject => { CN => 'SubCA.of.ROOT' }
70);
71out('subcaR.pem', pem(crt => $subcaR[0]));
72out('subcaR.key', pem(key => $subcaR[1]));
73out('chainSX.pem', pem($subcaR[0]), pem($caX[0]));
74
75@leafcert = cert(
76 issuer => \@subcaR,
77 purpose => 'server',
78 subject => { CN => 'server.subca.local' },
79 subjectAltNames => [
80 [ DNS => 'server.subca.local' ],
81 ]
82);
83out('server-subca.pem', pem(@leafcert));
84out('server-subca-chainSX.pem', pem(@leafcert, $subcaR[0], $caX[0]));
85out('server-subca-chainS.pem', pem(@leafcert, $subcaR[0]));
86
87
88sub cert { CERT_create(not_after => 10*365*86400+time(), @_) }
89sub pem {
90 my @default = qw(crt key);
91 my %m = (key => \&PEM_key2string, crt => \&PEM_cert2string);
92 my $result = '';
93 while (my $f = shift(@_)) {
94 my $v;
95 if ($f =~m{^(key|crt)$}) {
96 $v = shift(@_);
97 } else {
98 $v = $f;
99 $f = shift(@default) || 'crt';
100 }
101 $f = $m{$f} || die "wrong key $f";
102 $result .= $f->($v);
103 }
104 return $result;
105}
106
107sub out {
108 my $file = shift;
109 open(my $fh,'>',"$file") or die "failed to create $file: $!";
110 print $fh @_
111}
diff --git a/src/regress/lib/libssl/verify/verify.c b/src/regress/lib/libssl/verify/verify.c
deleted file mode 100644
index 8784396a79..0000000000
--- a/src/regress/lib/libssl/verify/verify.c
+++ /dev/null
@@ -1,373 +0,0 @@
1/* $OpenBSD: verify.c,v 1.1.1.1 2021/08/30 17:27:45 tb Exp $ */
2/*
3 * Copyright (c) 2021 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/* Based on https://github.com/noxxi/libressl-tests */
19
20#include <stdint.h>
21#include <stdio.h>
22#include <stdlib.h>
23#include <string.h>
24
25#include <openssl/bio.h>
26#include <openssl/crypto.h>
27#include <openssl/err.h>
28#include <openssl/x509_vfy.h>
29#include <openssl/ssl.h>
30
31struct peer_config {
32 const char *name;
33 int server;
34 const char *cert;
35 const char *key;
36 const char *ca_file;
37};
38
39struct ssl_wildcard_test_data {
40 const char *description;
41 struct peer_config client_config;
42 struct peer_config server_config;
43 long verify_result;
44};
45
46static const struct ssl_wildcard_test_data ssl_wildcard_tests[] = {
47 {
48 .description = "unusual wildcard cert, no CA given to client",
49 .client_config = {
50 .name = "client",
51 .server = 0,
52 .cert = NULL,
53 .ca_file = NULL,
54 },
55 .server_config = {
56 .name = "server",
57 .server = 1,
58 .cert = "server-unusual-wildcard.pem",
59 .key = "server-unusual-wildcard.pem",
60 },
61 /* OpenSSL returns X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE */
62 .verify_result = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
63 },
64
65 {
66 .description = "unusual wildcard cert, CA given to client",
67 .client_config = {
68 .name = "client",
69 .server = 0,
70 .cert = NULL,
71 .ca_file = "caR.pem",
72 },
73 .server_config = {
74 .name = "server",
75 .server = 1,
76 .cert = "server-unusual-wildcard.pem",
77 .key = "server-unusual-wildcard.pem",
78 },
79 .verify_result = X509_V_OK,
80 },
81
82 {
83 .description = "common wildcard cert, no CA given to client",
84 .client_config = {
85 .name = "client",
86 .server = 0,
87 .cert = NULL,
88 .ca_file = NULL,
89 },
90 .server_config = {
91 .name = "server",
92 .server = 1,
93 .cert = "server-common-wildcard.pem",
94 .key = "server-common-wildcard.pem",
95 },
96 /* OpenSSL returns X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE */
97 .verify_result = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
98 },
99
100 {
101 .description = "common wildcard cert, CA given to client",
102 .client_config = {
103 .name = "client",
104 .server = 0,
105 .cert = NULL,
106 .ca_file = "caR.pem",
107 },
108 .server_config = {
109 .name = "server",
110 .server = 1,
111 .cert = "server-common-wildcard.pem",
112 .key = "server-common-wildcard.pem",
113 },
114 .verify_result = X509_V_OK,
115 },
116
117 {
118 .description = "server sends all chain certificates",
119 .client_config = {
120 .name = "client",
121 .server = 0,
122 .cert = NULL,
123 .ca_file = "caR.pem",
124 },
125 .server_config = {
126 .name = "server",
127 .server = 1,
128 .cert = "server-subca-chainS.pem",
129 .key = "server-subca-chainS.pem",
130 .ca_file = "subcaR.pem"
131 },
132 .verify_result = X509_V_OK,
133 },
134};
135
136static const size_t N_SSL_WILDCARD_TESTS =
137 sizeof(ssl_wildcard_tests) / sizeof(ssl_wildcard_tests[0]);
138
139static SSL_CTX *
140peer_config_to_ssl_ctx(const struct peer_config *config)
141{
142 SSL_CTX *ctx;
143
144 if ((ctx = SSL_CTX_new(TLS_method())) == NULL) {
145 fprintf(stderr, "SSL_CTX_new(%s) failed\n", config->name);
146 goto err;
147 }
148
149 if (config->server) {
150 if (!SSL_CTX_use_certificate_file(ctx, config->cert,
151 SSL_FILETYPE_PEM)) {
152 fprintf(stderr, "use_certificate_file(%s) failed\n",
153 config->name);
154 goto err;
155 }
156 if (config->key != NULL && !SSL_CTX_use_PrivateKey_file(ctx,
157 config->key, SSL_FILETYPE_PEM)) {
158 fprintf(stderr, "use_PrivateKey_file(%s) failed\n",
159 config->name);
160 goto err;
161 }
162 }
163
164 if (config->ca_file != NULL) {
165 if (!SSL_CTX_load_verify_locations(ctx, config->ca_file, NULL)) {
166 fprintf(stderr, "load_verify_locations(%s) failed\n",
167 config->name);
168 goto err;
169 }
170 }
171
172 return ctx;
173
174 err:
175 SSL_CTX_free(ctx);
176 return NULL;
177}
178
179/* Connect client and server via a pair of "nonblocking" memory BIOs. */
180static int
181connect_peers(SSL *client_ssl, SSL *server_ssl, const char *description)
182{
183 BIO *client_wbio = NULL, *server_wbio = NULL;
184 int ret = 0;
185
186 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL) {
187 fprintf(stderr, "%s: failed to create client BIO\n",
188 description);
189 goto err;
190 }
191 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL) {
192 fprintf(stderr, "%s: failed to create server BIO\n",
193 description);
194 goto err;
195 }
196 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0) {
197 fprintf(stderr, "%s: failed to set client eof return\n",
198 description);
199 goto err;
200 }
201 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0) {
202 fprintf(stderr, "%s: failed to set server eof return\n",
203 description);
204 goto err;
205 }
206
207 /* Avoid double free. SSL_set_bio() takes ownership of the BIOs. */
208 BIO_up_ref(client_wbio);
209 BIO_up_ref(server_wbio);
210
211 SSL_set_bio(client_ssl, server_wbio, client_wbio);
212 SSL_set_bio(server_ssl, client_wbio, server_wbio);
213 client_wbio = NULL;
214 server_wbio = NULL;
215
216 ret = 1;
217
218 err:
219 BIO_free(client_wbio);
220 BIO_free(server_wbio);
221
222 return ret;
223}
224
225static int
226push_data_to_peer(SSL *ssl, int *ret, int (*func)(SSL *), const char *func_name,
227 const char *description)
228{
229 int ssl_err = 0;
230
231 if (*ret == 1)
232 return 1;
233
234 /*
235 * Do SSL_connect/SSL_accept/SSL_shutdown once and loop while hitting
236 * WANT_WRITE. If done or on WANT_READ hand off to peer.
237 */
238
239 do {
240 if ((*ret = func(ssl)) <= 0)
241 ssl_err = SSL_get_error(ssl, *ret);
242 } while (*ret <= 0 && ssl_err == SSL_ERROR_WANT_WRITE);
243
244 /* Ignore erroneous error - see SSL_shutdown(3)... */
245 if (func == SSL_shutdown && ssl_err == SSL_ERROR_SYSCALL)
246 return 1;
247
248 if (*ret <= 0 && ssl_err != SSL_ERROR_WANT_READ) {
249 fprintf(stderr, "%s: %s failed\n", description, func_name);
250 ERR_print_errors_fp(stderr);
251 return 0;
252 }
253
254 return 1;
255}
256
257/*
258 * Alternate between loops of SSL_connect() and SSL_accept() as long as only
259 * WANT_READ and WANT_WRITE situations are encountered. A function is repeated
260 * until WANT_READ is returned or it succeeds, then it's the other function's
261 * turn to make progress. Succeeds if SSL_connect() and SSL_accept() return 1.
262 */
263static int
264handshake(SSL *client_ssl, SSL *server_ssl, const char *description)
265{
266 int loops = 0, client_ret = 0, server_ret = 0;
267
268 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
269 if (!push_data_to_peer(client_ssl, &client_ret, SSL_connect,
270 "SSL_connect", description))
271 return 0;
272
273 if (!push_data_to_peer(server_ssl, &server_ret, SSL_accept,
274 "SSL_accept", description))
275 return 0;
276 }
277
278 if (client_ret != 1 || server_ret != 1) {
279 fprintf(stderr, "%s: failed\n", __func__);
280 return 0;
281 }
282
283 return 1;
284}
285
286static int
287shutdown_peers(SSL *client_ssl, SSL *server_ssl, const char *description)
288{
289 int loops = 0, client_ret = 0, server_ret = 0;
290
291 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
292 if (!push_data_to_peer(client_ssl, &client_ret, SSL_shutdown,
293 "client shutdown", description))
294 return 0;
295
296 if (!push_data_to_peer(server_ssl, &server_ret, SSL_shutdown,
297 "server shutdown", description))
298 return 0;
299 }
300
301 if (client_ret != 1 || server_ret != 1) {
302 fprintf(stderr, "%s: failed\n", __func__);
303 return 0;
304 }
305
306 return 1;
307}
308
309static int
310test_ssl_wildcards(const struct ssl_wildcard_test_data *test)
311{
312 SSL_CTX *client_ctx = NULL, *server_ctx = NULL;
313 SSL *client_ssl = NULL, *server_ssl = NULL;
314 long verify_result;
315 int failed = 1;
316
317 if ((client_ctx = peer_config_to_ssl_ctx(&test->client_config)) == NULL)
318 goto err;
319 if ((server_ctx = peer_config_to_ssl_ctx(&test->server_config)) == NULL)
320 goto err;
321
322 if ((client_ssl = SSL_new(client_ctx)) == NULL) {
323 fprintf(stderr, "%s: failed to create client SSL\n",
324 test->description);
325 goto err;
326 }
327 if ((server_ssl = SSL_new(server_ctx)) == NULL) {
328 fprintf(stderr, "%s: failed to create server SSL\n",
329 test->description);
330 goto err;
331 }
332
333 if (!connect_peers(client_ssl, server_ssl, test->description))
334 goto err;
335
336 if (!handshake(client_ssl, server_ssl, test->description))
337 goto err;
338
339 verify_result = SSL_get_verify_result(client_ssl);
340
341 if (test->verify_result == verify_result) {
342 failed = 0;
343 fprintf(stderr, "%s: ok\n", test->description);
344 } else
345 fprintf(stderr, "%s: verify_result: want %ld, got %ld\n",
346 test->description, test->verify_result, verify_result);
347
348 if (!shutdown_peers(client_ssl, server_ssl, test->description))
349 goto err;
350
351 err:
352 SSL_CTX_free(client_ctx);
353 SSL_CTX_free(server_ctx);
354 SSL_free(client_ssl);
355 SSL_free(server_ssl);
356
357 return failed;
358}
359
360int
361main(int argc, char **argv)
362{
363 size_t i;
364 int failed = 0;
365
366 for (i = 0; i < N_SSL_WILDCARD_TESTS; i++)
367 failed |= test_ssl_wildcards(&ssl_wildcard_tests[i]);
368
369 if (failed == 0)
370 printf("PASS %s\n", __FILE__);
371
372 return failed;
373}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-25 14:51:31 +0000