diff options
| author | jsing <> | 2017-07-24 17:15:27 +0000 |
|---|---|---|
| committer | jsing <> | 2017-07-24 17:15:27 +0000 |
| commit | b458c380d4a5175d5bda251e8a549e7a58c48839 (patch) | |
| tree | 7247e470d3966779c07f04bfa28a581f6339f3dc /src | |
| parent | 0698e049c8b5abfa4b777c0c20e976bfd5620394 (diff) | |
| download | openbsd-b458c380d4a5175d5bda251e8a549e7a58c48839.tar.gz openbsd-b458c380d4a5175d5bda251e8a549e7a58c48839.tar.bz2 openbsd-b458c380d4a5175d5bda251e8a549e7a58c48839.zip | |
Add regress coverage for the TLS Renegotiation Indication extension.
Diffstat (limited to 'src')
| -rw-r--r-- | src/regress/lib/libssl/tlsext/tlsexttest.c | 267 |
1 files changed, 266 insertions, 1 deletions
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c index 557c3ca409..abf6a9dfe6 100644 --- a/src/regress/lib/libssl/tlsext/tlsexttest.c +++ b/src/regress/lib/libssl/tlsext/tlsexttest.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tlsexttest.c,v 1.1 2017/07/16 18:18:10 jsing Exp $ */ | 1 | /* $OpenBSD: tlsexttest.c,v 1.2 2017/07/24 17:15:27 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -33,6 +33,268 @@ hexdump(const unsigned char *buf, size_t len) | |||
| 33 | fprintf(stderr, "\n"); | 33 | fprintf(stderr, "\n"); |
| 34 | } | 34 | } |
| 35 | 35 | ||
| 36 | /* | ||
| 37 | * Renegotiation Indication - RFC 5746. | ||
| 38 | */ | ||
| 39 | |||
| 40 | static unsigned char tlsext_ri_prev_client[] = { | ||
| 41 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
| 42 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, | ||
| 43 | }; | ||
| 44 | |||
| 45 | static unsigned char tlsext_ri_prev_server[] = { | ||
| 46 | 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, | ||
| 47 | 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00, | ||
| 48 | }; | ||
| 49 | |||
| 50 | static unsigned char tlsext_ri_clienthello[] = { | ||
| 51 | 0x10, | ||
| 52 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
| 53 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, | ||
| 54 | }; | ||
| 55 | |||
| 56 | static unsigned char tlsext_ri_serverhello[] = { | ||
| 57 | 0x20, | ||
| 58 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
| 59 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, | ||
| 60 | 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, | ||
| 61 | 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00, | ||
| 62 | }; | ||
| 63 | |||
| 64 | static int | ||
| 65 | test_tlsext_ri_clienthello(void) | ||
| 66 | { | ||
| 67 | unsigned char *data = NULL; | ||
| 68 | SSL_CTX *ssl_ctx = NULL; | ||
| 69 | SSL *ssl = NULL; | ||
| 70 | int failure = 0; | ||
| 71 | size_t dlen; | ||
| 72 | int alert; | ||
| 73 | CBB cbb; | ||
| 74 | CBS cbs; | ||
| 75 | |||
| 76 | CBB_init(&cbb, 0); | ||
| 77 | |||
| 78 | if ((ssl_ctx = SSL_CTX_new(TLSv1_2_client_method())) == NULL) | ||
| 79 | errx(1, "failed to create SSL_CTX"); | ||
| 80 | if ((ssl = SSL_new(ssl_ctx)) == NULL) | ||
| 81 | errx(1, "failed to create SSL"); | ||
| 82 | |||
| 83 | if (tlsext_ri_clienthello_needs(ssl)) { | ||
| 84 | fprintf(stderr, "FAIL: clienthello should not need RI\n"); | ||
| 85 | failure = 1; | ||
| 86 | goto done; | ||
| 87 | } | ||
| 88 | |||
| 89 | if (!SSL_renegotiate(ssl)) { | ||
| 90 | fprintf(stderr, "FAIL: client failed to set renegotiate\n"); | ||
| 91 | failure = 1; | ||
| 92 | goto done; | ||
| 93 | } | ||
| 94 | |||
| 95 | if (!tlsext_ri_clienthello_needs(ssl)) { | ||
| 96 | fprintf(stderr, "FAIL: clienthello should need RI\n"); | ||
| 97 | failure = 1; | ||
| 98 | goto done; | ||
| 99 | } | ||
| 100 | |||
| 101 | memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client, | ||
| 102 | sizeof(tlsext_ri_prev_client)); | ||
| 103 | S3I(ssl)->previous_client_finished_len = sizeof(tlsext_ri_prev_client); | ||
| 104 | |||
| 105 | S3I(ssl)->renegotiate_seen = 0; | ||
| 106 | |||
| 107 | if (!tlsext_ri_clienthello_build(ssl, &cbb)) { | ||
| 108 | fprintf(stderr, "FAIL: clienthello failed to build RI\n"); | ||
| 109 | failure = 1; | ||
| 110 | goto done; | ||
| 111 | } | ||
| 112 | |||
| 113 | if (!CBB_finish(&cbb, &data, &dlen)) | ||
| 114 | errx(1, "failed to finish CBB"); | ||
| 115 | |||
| 116 | if (dlen != sizeof(tlsext_ri_clienthello)) { | ||
| 117 | fprintf(stderr, "FAIL: got clienthello RI with length %zu, " | ||
| 118 | "want length %zu\n", dlen, sizeof(tlsext_ri_clienthello)); | ||
| 119 | failure = 1; | ||
| 120 | goto done; | ||
| 121 | } | ||
| 122 | |||
| 123 | if (memcmp(data, tlsext_ri_clienthello, dlen) != 0) { | ||
| 124 | fprintf(stderr, "FAIL: clienthello RI differs:\n"); | ||
| 125 | fprintf(stderr, "received:\n"); | ||
| 126 | hexdump(data, dlen); | ||
| 127 | fprintf(stderr, "test data:\n"); | ||
| 128 | hexdump(tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello)); | ||
| 129 | failure = 1; | ||
| 130 | goto done; | ||
| 131 | } | ||
| 132 | |||
| 133 | CBS_init(&cbs, tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello)); | ||
| 134 | if (!tlsext_ri_clienthello_parse(ssl, &cbs, &alert)) { | ||
| 135 | fprintf(stderr, "FAIL: failed to parse clienthello RI\n"); | ||
| 136 | failure = 1; | ||
| 137 | goto done; | ||
| 138 | } | ||
| 139 | |||
| 140 | if (S3I(ssl)->renegotiate_seen != 1) { | ||
| 141 | fprintf(stderr, "FAIL: renegotiate seen not set\n"); | ||
| 142 | failure = 1; | ||
| 143 | goto done; | ||
| 144 | } | ||
| 145 | if (S3I(ssl)->send_connection_binding != 1) { | ||
| 146 | fprintf(stderr, "FAIL: send connection binding not set\n"); | ||
| 147 | failure = 1; | ||
| 148 | goto done; | ||
| 149 | } | ||
| 150 | |||
| 151 | memset(S3I(ssl)->previous_client_finished, 0, | ||
| 152 | sizeof(S3I(ssl)->previous_client_finished)); | ||
| 153 | |||
| 154 | S3I(ssl)->renegotiate_seen = 0; | ||
| 155 | |||
| 156 | CBS_init(&cbs, tlsext_ri_clienthello, sizeof(tlsext_ri_clienthello)); | ||
| 157 | if (tlsext_ri_clienthello_parse(ssl, &cbs, &alert)) { | ||
| 158 | fprintf(stderr, "FAIL: parsed invalid clienthello RI\n"); | ||
| 159 | failure = 1; | ||
| 160 | goto done; | ||
| 161 | } | ||
| 162 | |||
| 163 | if (S3I(ssl)->renegotiate_seen == 1) { | ||
| 164 | fprintf(stderr, "FAIL: renegotiate seen set\n"); | ||
| 165 | failure = 1; | ||
| 166 | goto done; | ||
| 167 | } | ||
| 168 | |||
| 169 | done: | ||
| 170 | CBB_cleanup(&cbb); | ||
| 171 | SSL_CTX_free(ssl_ctx); | ||
| 172 | SSL_free(ssl); | ||
| 173 | free(data); | ||
| 174 | |||
| 175 | return (failure); | ||
| 176 | } | ||
| 177 | |||
| 178 | static int | ||
| 179 | test_tlsext_ri_serverhello(void) | ||
| 180 | { | ||
| 181 | unsigned char *data = NULL; | ||
| 182 | SSL_CTX *ssl_ctx = NULL; | ||
| 183 | SSL *ssl = NULL; | ||
| 184 | int failure = 0; | ||
| 185 | size_t dlen; | ||
| 186 | int alert; | ||
| 187 | CBB cbb; | ||
| 188 | CBS cbs; | ||
| 189 | |||
| 190 | CBB_init(&cbb, 0); | ||
| 191 | |||
| 192 | if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) | ||
| 193 | errx(1, "failed to create SSL_CTX"); | ||
| 194 | if ((ssl = SSL_new(ssl_ctx)) == NULL) | ||
| 195 | errx(1, "failed to create SSL"); | ||
| 196 | |||
| 197 | if (tlsext_ri_serverhello_needs(ssl)) { | ||
| 198 | fprintf(stderr, "FAIL: serverhello should not need RI\n"); | ||
| 199 | failure = 1; | ||
| 200 | goto done; | ||
| 201 | } | ||
| 202 | |||
| 203 | S3I(ssl)->send_connection_binding = 1; | ||
| 204 | |||
| 205 | if (!tlsext_ri_serverhello_needs(ssl)) { | ||
| 206 | fprintf(stderr, "FAIL: serverhello should need RI\n"); | ||
| 207 | failure = 1; | ||
| 208 | goto done; | ||
| 209 | } | ||
| 210 | |||
| 211 | memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client, | ||
| 212 | sizeof(tlsext_ri_prev_client)); | ||
| 213 | S3I(ssl)->previous_client_finished_len = sizeof(tlsext_ri_prev_client); | ||
| 214 | |||
| 215 | memcpy(S3I(ssl)->previous_server_finished, tlsext_ri_prev_server, | ||
| 216 | sizeof(tlsext_ri_prev_server)); | ||
| 217 | S3I(ssl)->previous_server_finished_len = sizeof(tlsext_ri_prev_server); | ||
| 218 | |||
| 219 | S3I(ssl)->renegotiate_seen = 0; | ||
| 220 | |||
| 221 | if (!tlsext_ri_serverhello_build(ssl, &cbb)) { | ||
| 222 | fprintf(stderr, "FAIL: serverhello failed to build RI\n"); | ||
| 223 | failure = 1; | ||
| 224 | goto done; | ||
| 225 | } | ||
| 226 | |||
| 227 | if (!CBB_finish(&cbb, &data, &dlen)) | ||
| 228 | errx(1, "failed to finish CBB"); | ||
| 229 | |||
| 230 | if (dlen != sizeof(tlsext_ri_serverhello)) { | ||
| 231 | fprintf(stderr, "FAIL: got serverhello RI with length %zu, " | ||
| 232 | "want length %zu\n", dlen, sizeof(tlsext_ri_serverhello)); | ||
| 233 | failure = 1; | ||
| 234 | goto done; | ||
| 235 | } | ||
| 236 | |||
| 237 | if (memcmp(data, tlsext_ri_serverhello, dlen) != 0) { | ||
| 238 | fprintf(stderr, "FAIL: serverhello RI differs:\n"); | ||
| 239 | fprintf(stderr, "received:\n"); | ||
| 240 | hexdump(data, dlen); | ||
| 241 | fprintf(stderr, "test data:\n"); | ||
| 242 | hexdump(tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello)); | ||
| 243 | failure = 1; | ||
| 244 | goto done; | ||
| 245 | } | ||
| 246 | |||
| 247 | CBS_init(&cbs, tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello)); | ||
| 248 | if (!tlsext_ri_serverhello_parse(ssl, &cbs, &alert)) { | ||
| 249 | fprintf(stderr, "FAIL: failed to parse serverhello RI\n"); | ||
| 250 | failure = 1; | ||
| 251 | goto done; | ||
| 252 | } | ||
| 253 | |||
| 254 | if (S3I(ssl)->renegotiate_seen != 1) { | ||
| 255 | fprintf(stderr, "FAIL: renegotiate seen not set\n"); | ||
| 256 | failure = 1; | ||
| 257 | goto done; | ||
| 258 | } | ||
| 259 | if (S3I(ssl)->send_connection_binding != 1) { | ||
| 260 | fprintf(stderr, "FAIL: send connection binding not set\n"); | ||
| 261 | failure = 1; | ||
| 262 | goto done; | ||
| 263 | } | ||
| 264 | |||
| 265 | memset(S3I(ssl)->previous_client_finished, 0, | ||
| 266 | sizeof(S3I(ssl)->previous_client_finished)); | ||
| 267 | memset(S3I(ssl)->previous_server_finished, 0, | ||
| 268 | sizeof(S3I(ssl)->previous_server_finished)); | ||
| 269 | |||
| 270 | S3I(ssl)->renegotiate_seen = 0; | ||
| 271 | |||
| 272 | CBS_init(&cbs, tlsext_ri_serverhello, sizeof(tlsext_ri_serverhello)); | ||
| 273 | if (tlsext_ri_serverhello_parse(ssl, &cbs, &alert)) { | ||
| 274 | fprintf(stderr, "FAIL: parsed invalid serverhello RI\n"); | ||
| 275 | failure = 1; | ||
| 276 | goto done; | ||
| 277 | } | ||
| 278 | |||
| 279 | if (S3I(ssl)->renegotiate_seen == 1) { | ||
| 280 | fprintf(stderr, "FAIL: renegotiate seen set\n"); | ||
| 281 | failure = 1; | ||
| 282 | goto done; | ||
| 283 | } | ||
| 284 | |||
| 285 | done: | ||
| 286 | CBB_cleanup(&cbb); | ||
| 287 | SSL_CTX_free(ssl_ctx); | ||
| 288 | SSL_free(ssl); | ||
| 289 | free(data); | ||
| 290 | |||
| 291 | return (failure); | ||
| 292 | } | ||
| 293 | |||
| 294 | /* | ||
| 295 | * Server Name Indication - RFC 6066, section 3. | ||
| 296 | */ | ||
| 297 | |||
| 36 | #define TEST_SNI_SERVERNAME "www.libressl.org" | 298 | #define TEST_SNI_SERVERNAME "www.libressl.org" |
| 37 | 299 | ||
| 38 | static unsigned char tlsext_sni_clienthello[] = { | 300 | static unsigned char tlsext_sni_clienthello[] = { |
| @@ -238,6 +500,9 @@ main(int argc, char **argv) | |||
| 238 | 500 | ||
| 239 | SSL_library_init(); | 501 | SSL_library_init(); |
| 240 | 502 | ||
| 503 | failed |= test_tlsext_ri_clienthello(); | ||
| 504 | failed |= test_tlsext_ri_serverhello(); | ||
| 505 | |||
| 241 | failed |= test_tlsext_sni_clienthello(); | 506 | failed |= test_tlsext_sni_clienthello(); |
| 242 | failed |= test_tlsext_sni_serverhello(); | 507 | failed |= test_tlsext_sni_serverhello(); |
| 243 | 508 | ||