Add regress coverage for PSK kex modes tlsext handlers.

author: tb <> 2022-06-05 20:24:10 +0000
committer: tb <> 2022-06-05 20:24:10 +0000
commit: 6a38f19f1112b9c747d04c2c463336b5f2d8ab45 (patch)
tree: 922381d738e1e11ff23d0d9cb85194d9c2a12c94 /src
parent: ef0a199f8937e6072f81f7a2ef2d78a694ccc53a (diff)
download: openbsd-6a38f19f1112b9c747d04c2c463336b5f2d8ab45.tar.gz
openbsd-6a38f19f1112b9c747d04c2c463336b5f2d8ab45.tar.bz2
openbsd-6a38f19f1112b9c747d04c2c463336b5f2d8ab45.zip
1 files changed, 210 insertions, 2 deletions
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c
index c21a0e4b08..06fe96ef49 100644
--- a/src/regress/lib/libssl/tlsext/tlsexttest.c
+++ b/src/regress/lib/libssl/tlsext/tlsexttest.c
@@ -1,8 +1,9 @@
-/* $OpenBSD: tlsexttest.c,v 1.60 2022/02/08 19:00:36 tb Exp $ */
+/* $OpenBSD: tlsexttest.c,v 1.61 2022/06/05 20:24:10 tb Exp $ */
 /*
 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
 * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
+ * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
@@ -3067,7 +3068,6 @@ test_tlsext_versions_client(void)
        return (failure);
 }
 static int
 test_tlsext_versions_server(void)
 {
@@ -3565,6 +3565,211 @@ done:
        return (failure);
 }
+const uint8_t tlsext_default_psk_modes[] = {
+        0x01, 0x01,
+};
+const uint8_t tlsext_psk_only_mode[] = {
+        0x01, 0x00,
+};
+const uint8_t tlsext_psk_both_modes[] = {
+        0x02, 0x00, 0x01,
+};
+static int
+test_tlsext_psk_modes_client(void)
+{
+        SSL_CTX *ssl_ctx = NULL;
+        SSL *ssl = NULL;
+        int failure;
+        uint8_t *data = NULL;
+        size_t dlen;
+        CBB cbb;
+        CBS cbs;
+        int alert;
+        CBB_init(&cbb, 0);
+        failure = 1;
+        if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
+                errx(1, "failed to create SSL_CTX");
+        if ((ssl = SSL_new(ssl_ctx)) == NULL)
+                errx(1, "failed to create SSL");
+        /* Disabled by default. */
+        if (tlsext_psk_kex_modes_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
+                FAIL("client should not need psk kex modes by default\n");
+                goto err;
+        }
+        /*
+         * Prerequisites: use_psk_dhe_ke flag is set and
+         * our_max_tls_version >= TLSv1.3.
+         */
+        ssl->s3->hs.tls13.use_psk_dhe_ke = 1;
+        ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
+        if (tlsext_psk_kex_modes_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
+                FAIL("client should not need psk kex modes with TLSv1.2\n");
+                goto err;
+        }
+        ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
+        ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
+        if (tlsext_psk_kex_modes_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
+                FAIL("client should not need psk kex modes without "
+                    "use_psk_dhe_ke\n");
+                goto err;
+        }
+        ssl->s3->hs.tls13.use_psk_dhe_ke = 1;
+        ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
+        if (!tlsext_psk_kex_modes_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
+                FAIL("client should need psk kex modes with TLSv1.3\n");
+                goto err;
+        }
+        /* Make sure we can build the psk modes with DHE key establishments. */
+        if (!tlsext_psk_kex_modes_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
+                FAIL("client failed to build psk kex modes\n");
+                goto err;
+        }
+        if (!CBB_finish(&cbb, &data, &dlen))
+                errx(1, "failed to finish psk kex CBB");
+        if (dlen != sizeof(tlsext_default_psk_modes)) {
+                FAIL("got client psk kex modes with length %zu, "
+                    "want length %zu\n", dlen,
+                    sizeof(tlsext_default_psk_modes));
+                compare_data(data, dlen, tlsext_default_psk_modes,
+                    sizeof(tlsext_default_psk_modes));
+                goto err;
+        }
+        if (memcmp(data, tlsext_default_psk_modes, dlen) != 0) {
+                FAIL("client psk kex modes differ:\n");
+                compare_data(data, dlen, tlsext_default_psk_modes,
+                    sizeof(tlsext_default_psk_modes));
+                goto err;
+        }
+        CBB_cleanup(&cbb);
+        free(data);
+        data = NULL;
+        /*
+         * Make sure we can parse the default psk modes and that use_psk_dhe_ke
+         * is set after parsing.
+         */
+        ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
+        CBS_init(&cbs, tlsext_default_psk_modes,
+            sizeof(tlsext_default_psk_modes));
+        if (!tlsext_psk_kex_modes_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs,
+            &alert)) {
+                FAIL("failed to parse psk kex modes\n");
+                goto err;
+        }
+        if (CBS_len(&cbs) != 0) {
+                FAIL("extension data remaining\n");
+                goto err;
+        }
+        if (ssl->s3->hs.tls13.use_psk_dhe_ke != 1) {
+                FAIL("should have set use_psk_dhe_ke\n");
+                goto err;
+        }
+        /*
+         * Make sure we can parse the psk-only mode and that use_psk_dhe_ke
+         * is still not set after parsing.
+         */
+        ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
+        CBS_init(&cbs, tlsext_psk_only_mode, sizeof(tlsext_psk_only_mode));
+        if (!tlsext_psk_kex_modes_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs,
+            &alert)) {
+                FAIL("failed to parse psk kex modes\n");
+                goto err;
+        }
+        if (CBS_len(&cbs) != 0) {
+                FAIL("extension data remaining\n");
+                goto err;
+        }
+        if (ssl->s3->hs.tls13.use_psk_dhe_ke != 0) {
+                FAIL("should not have set use_psk_dhe_ke\n");
+                goto err;
+        }
+        /*
+         * Make sure we can parse the extension indicating both modes and that
+         * use_psk_dhe_ke is set after parsing.
+         */
+        ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
+        CBS_init(&cbs, tlsext_psk_both_modes, sizeof(tlsext_psk_both_modes));
+        if (!tlsext_psk_kex_modes_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs,
+            &alert)) {
+                FAIL("failed to parse psk kex modes\n");
+                goto err;
+        }
+        if (CBS_len(&cbs) != 0) {
+                FAIL("extension data remaining\n");
+                goto err;
+        }
+        if (ssl->s3->hs.tls13.use_psk_dhe_ke != 1) {
+                FAIL("should have set use_psk_dhe_ke\n");
+                goto err;
+        }
+        failure = 0;
+ err:
+        CBB_cleanup(&cbb);
+        SSL_CTX_free(ssl_ctx);
+        SSL_free(ssl);
+        free(data);
+        return failure;
+}
+static int
+test_tlsext_psk_modes_server(void)
+{
+        SSL_CTX *ssl_ctx = NULL;
+        SSL *ssl = NULL;
+        int failure;
+        failure = 1;
+        if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
+                errx(1, "failed to create SSL_CTX");
+        if ((ssl = SSL_new(ssl_ctx)) == NULL)
+                errx(1, "failed to create SSL");
+        if (tlsext_psk_kex_modes_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
+                FAIL("server should not need psk kex modes by default\n");
+                goto err;
+        }
+        failure = 0;
+ err:
+        SSL_CTX_free(ssl_ctx);
+        SSL_free(ssl);
+        return failure;
+}
 struct tls_sni_test {
        const char *hostname;
        int is_ip;
@@ -3771,6 +3976,9 @@ main(int argc, char **argv)
        failed |= test_tlsext_cookie_client();
        failed |= test_tlsext_cookie_server();
+        failed |= test_tlsext_psk_modes_client();
+        failed |= test_tlsext_psk_modes_server();
 #ifndef OPENSSL_NO_SRTP
        failed |= test_tlsext_srtp_client();
        failed |= test_tlsext_srtp_server();
author	tb <>	2022-06-05 20:24:10 +0000
committer	tb <>	2022-06-05 20:24:10 +0000
commit	6a38f19f1112b9c747d04c2c463336b5f2d8ab45 (patch)
tree	922381d738e1e11ff23d0d9cb85194d9c2a12c94 /src
parent	ef0a199f8937e6072f81f7a2ef2d78a694ccc53a (diff)
download	openbsd-6a38f19f1112b9c747d04c2c463336b5f2d8ab45.tar.gz openbsd-6a38f19f1112b9c747d04c2c463336b5f2d8ab45.tar.bz2 openbsd-6a38f19f1112b9c747d04c2c463336b5f2d8ab45.zip

diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c index c21a0e4b08..06fe96ef49 100644 --- a/src/regress/lib/libssl/tlsext/tlsexttest.c +++ b/src/regress/lib/libssl/tlsext/tlsexttest.c
@@ -1,8 +1,9 @@
1	/* $OpenBSD: tlsexttest.c,v 1.60 2022/02/08 19:00:36 tb Exp $ */	1	/* $OpenBSD: tlsexttest.c,v 1.61 2022/06/05 20:24:10 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>	4	* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
5	* Copyright (c) 2019 Bob Beck <beck@openbsd.org>	5	* Copyright (c) 2019 Bob Beck <beck@openbsd.org>
		6	* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
6	*	7	*
7	* Permission to use, copy, modify, and distribute this software for any	8	* Permission to use, copy, modify, and distribute this software for any
8	* purpose with or without fee is hereby granted, provided that the above	9	* purpose with or without fee is hereby granted, provided that the above
@@ -3067,7 +3068,6 @@ test_tlsext_versions_client(void)
3067	return (failure);	3068	return (failure);
3068	}	3069	}
3069		3070
3070
3071	static int	3071	static int
3072	test_tlsext_versions_server(void)	3072	test_tlsext_versions_server(void)
3073	{	3073	{
@@ -3565,6 +3565,211 @@ done:
3565	return (failure);	3565	return (failure);
3566	}	3566	}
3567		3567
		3568	const uint8_t tlsext_default_psk_modes[] = {
		3569	0x01, 0x01,
		3570	};
		3571
		3572	const uint8_t tlsext_psk_only_mode[] = {
		3573	0x01, 0x00,
		3574	};
		3575
		3576	const uint8_t tlsext_psk_both_modes[] = {
		3577	0x02, 0x00, 0x01,
		3578	};
		3579
		3580	static int
		3581	test_tlsext_psk_modes_client(void)
		3582	{
		3583	SSL_CTX *ssl_ctx = NULL;
		3584	SSL *ssl = NULL;
		3585	int failure;
		3586	uint8_t *data = NULL;
		3587	size_t dlen;
		3588	CBB cbb;
		3589	CBS cbs;
		3590	int alert;
		3591
		3592	CBB_init(&cbb, 0);
		3593
		3594	failure = 1;
		3595
		3596	if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
		3597	errx(1, "failed to create SSL_CTX");
		3598	if ((ssl = SSL_new(ssl_ctx)) == NULL)
		3599	errx(1, "failed to create SSL");
		3600
		3601	/* Disabled by default. */
		3602	if (tlsext_psk_kex_modes_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
		3603	FAIL("client should not need psk kex modes by default\n");
		3604	goto err;
		3605	}
		3606
		3607	/*
		3608	* Prerequisites: use_psk_dhe_ke flag is set and
		3609	* our_max_tls_version >= TLSv1.3.
		3610	*/
		3611
		3612	ssl->s3->hs.tls13.use_psk_dhe_ke = 1;
		3613	ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
		3614
		3615	if (tlsext_psk_kex_modes_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
		3616	FAIL("client should not need psk kex modes with TLSv1.2\n");
		3617	goto err;
		3618	}
		3619
		3620	ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
		3621	ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
		3622
		3623	if (tlsext_psk_kex_modes_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
		3624	FAIL("client should not need psk kex modes without "
		3625	"use_psk_dhe_ke\n");
		3626	goto err;
		3627	}
		3628
		3629	ssl->s3->hs.tls13.use_psk_dhe_ke = 1;
		3630	ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
		3631
		3632	if (!tlsext_psk_kex_modes_client_needs(ssl, SSL_TLSEXT_MSG_CH)) {
		3633	FAIL("client should need psk kex modes with TLSv1.3\n");
		3634	goto err;
		3635	}
		3636
		3637	/* Make sure we can build the psk modes with DHE key establishments. */
		3638
		3639	if (!tlsext_psk_kex_modes_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
		3640	FAIL("client failed to build psk kex modes\n");
		3641	goto err;
		3642	}
		3643
		3644	if (!CBB_finish(&cbb, &data, &dlen))
		3645	errx(1, "failed to finish psk kex CBB");
		3646
		3647	if (dlen != sizeof(tlsext_default_psk_modes)) {
		3648	FAIL("got client psk kex modes with length %zu, "
		3649	"want length %zu\n", dlen,
		3650	sizeof(tlsext_default_psk_modes));
		3651	compare_data(data, dlen, tlsext_default_psk_modes,
		3652	sizeof(tlsext_default_psk_modes));
		3653	goto err;
		3654	}
		3655	if (memcmp(data, tlsext_default_psk_modes, dlen) != 0) {
		3656	FAIL("client psk kex modes differ:\n");
		3657	compare_data(data, dlen, tlsext_default_psk_modes,
		3658	sizeof(tlsext_default_psk_modes));
		3659	goto err;
		3660	}
		3661
		3662	CBB_cleanup(&cbb);
		3663	free(data);
		3664	data = NULL;
		3665
		3666	/*
		3667	* Make sure we can parse the default psk modes and that use_psk_dhe_ke
		3668	* is set after parsing.
		3669	*/
		3670
		3671	ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
		3672
		3673	CBS_init(&cbs, tlsext_default_psk_modes,
		3674	sizeof(tlsext_default_psk_modes));
		3675	if (!tlsext_psk_kex_modes_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs,
		3676	&alert)) {
		3677	FAIL("failed to parse psk kex modes\n");
		3678	goto err;
		3679	}
		3680	if (CBS_len(&cbs) != 0) {
		3681	FAIL("extension data remaining\n");
		3682	goto err;
		3683	}
		3684
		3685	if (ssl->s3->hs.tls13.use_psk_dhe_ke != 1) {
		3686	FAIL("should have set use_psk_dhe_ke\n");
		3687	goto err;
		3688	}
		3689
		3690	/*
		3691	* Make sure we can parse the psk-only mode and that use_psk_dhe_ke
		3692	* is still not set after parsing.
		3693	*/
		3694
		3695	ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
		3696
		3697	CBS_init(&cbs, tlsext_psk_only_mode, sizeof(tlsext_psk_only_mode));
		3698	if (!tlsext_psk_kex_modes_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs,
		3699	&alert)) {
		3700	FAIL("failed to parse psk kex modes\n");
		3701	goto err;
		3702	}
		3703	if (CBS_len(&cbs) != 0) {
		3704	FAIL("extension data remaining\n");
		3705	goto err;
		3706	}
		3707
		3708	if (ssl->s3->hs.tls13.use_psk_dhe_ke != 0) {
		3709	FAIL("should not have set use_psk_dhe_ke\n");
		3710	goto err;
		3711	}
		3712
		3713	/*
		3714	* Make sure we can parse the extension indicating both modes and that
		3715	* use_psk_dhe_ke is set after parsing.
		3716	*/
		3717
		3718	ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
		3719
		3720	CBS_init(&cbs, tlsext_psk_both_modes, sizeof(tlsext_psk_both_modes));
		3721	if (!tlsext_psk_kex_modes_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs,
		3722	&alert)) {
		3723	FAIL("failed to parse psk kex modes\n");
		3724	goto err;
		3725	}
		3726	if (CBS_len(&cbs) != 0) {
		3727	FAIL("extension data remaining\n");
		3728	goto err;
		3729	}
		3730
		3731	if (ssl->s3->hs.tls13.use_psk_dhe_ke != 1) {
		3732	FAIL("should have set use_psk_dhe_ke\n");
		3733	goto err;
		3734	}
		3735
		3736	failure = 0;
		3737	err:
		3738	CBB_cleanup(&cbb);
		3739	SSL_CTX_free(ssl_ctx);
		3740	SSL_free(ssl);
		3741	free(data);
		3742
		3743	return failure;
		3744	}
		3745
		3746	static int
		3747	test_tlsext_psk_modes_server(void)
		3748	{
		3749	SSL_CTX *ssl_ctx = NULL;
		3750	SSL *ssl = NULL;
		3751	int failure;
		3752
		3753	failure = 1;
		3754
		3755	if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
		3756	errx(1, "failed to create SSL_CTX");
		3757	if ((ssl = SSL_new(ssl_ctx)) == NULL)
		3758	errx(1, "failed to create SSL");
		3759
		3760	if (tlsext_psk_kex_modes_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
		3761	FAIL("server should not need psk kex modes by default\n");
		3762	goto err;
		3763	}
		3764
		3765	failure = 0;
		3766	err:
		3767	SSL_CTX_free(ssl_ctx);
		3768	SSL_free(ssl);
		3769
		3770	return failure;
		3771	}
		3772
3568	struct tls_sni_test {	3773	struct tls_sni_test {
3569	const char *hostname;	3774	const char *hostname;
3570	int is_ip;	3775	int is_ip;
@@ -3771,6 +3976,9 @@ main(int argc, char **argv)
3771	failed \|= test_tlsext_cookie_client();	3976	failed \|= test_tlsext_cookie_client();
3772	failed \|= test_tlsext_cookie_server();	3977	failed \|= test_tlsext_cookie_server();
3773		3978
		3979	failed \|= test_tlsext_psk_modes_client();
		3980	failed \|= test_tlsext_psk_modes_server();
		3981
3774	#ifndef OPENSSL_NO_SRTP	3982	#ifndef OPENSSL_NO_SRTP
3775	failed \|= test_tlsext_srtp_client();	3983	failed \|= test_tlsext_srtp_client();
3776	failed \|= test_tlsext_srtp_server();	3984	failed \|= test_tlsext_srtp_server();