Add initial regress for CT.

This provides test coverage for SCT encoding/decoding.

4 files changed, 415 insertions, 1 deletions

diff --git a/src/regress/lib/libcrypto/Makefile b/src/regress/lib/libcrypto/Makefile
index 6f7b024c47..1c346f6e3b 100644
--- a/src/regress/lib/libcrypto/Makefile
+++ b/src/regress/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.41 2020/12/26 00:48:56 bluhm Exp $
+#       $OpenBSD: Makefile,v 1.42 2021/12/05 13:01:08 jsing Exp $
 
 SUBDIR += aead
 SUBDIR += aeswrap
@@ -12,6 +12,7 @@ SUBDIR += cast
 SUBDIR += certs
 SUBDIR += chacha
 SUBDIR += cms
+SUBDIR += ct
 SUBDIR += cts128
 SUBDIR += curve25519
 SUBDIR += des
diff --git a/src/regress/lib/libcrypto/ct/Makefile b/src/regress/lib/libcrypto/ct/Makefile
new file mode 100644
index 0000000000..ba93566d29
--- /dev/null
+++ b/src/regress/lib/libcrypto/ct/Makefile
@@ -0,0 +1,19 @@
+# $OpenBSD: Makefile,v 1.1 2021/12/05 13:01:08 jsing Exp $
+
+PROG=           cttest
+LDADD=          ${CRYPTO_INT}
+DPADD=          ${LIBCRYPTO}
+
+WARNINGS=       Yes
+CFLAGS+=        -Wundef -Werror
+CFLAGS+=        -DLIBRESSL_CRYPTO_INTERNAL -DLIBRESSL_INTERNAL
+CFLAGS+=        -I$(BSDSRCDIR)/lib/libcrypto
+
+REGRESS_TARGETS= \
+        regress-cttest
+
+regress-cttest: ${PROG}
+        ./cttest \
+            ${.CURDIR}/../../libcrypto/ct/libressl.org.crt
+
+.include <bsd.regress.mk>
diff --git a/src/regress/lib/libcrypto/ct/cttest.c b/src/regress/lib/libcrypto/ct/cttest.c
new file mode 100644
index 0000000000..f4c5237e5a
--- /dev/null
+++ b/src/regress/lib/libcrypto/ct/cttest.c
@@ -0,0 +1,355 @@
+/* $OpenBSD: cttest.c,v 1.1 2021/12/05 13:01:08 jsing Exp $ */
+/*
+ * Copyright (c) 2021 Joel Sing <jsing@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <err.h>
+#include <string.h>
+
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+
+#include "ct/ct.h"
+
+const char *test_cert_file;
+
+const int debug = 0;
+
+const uint8_t scts_asn1[] = {
+        0x04, 0x81, 0xf2, 0x00, 0xf0, 0x00, 0x77, 0x00,
+        0x29, 0x79, 0xbe, 0xf0, 0x9e, 0x39, 0x39, 0x21,
+        0xf0, 0x56, 0x73, 0x9f, 0x63, 0xa5, 0x77, 0xe5,
+        0xbe, 0x57, 0x7d, 0x9c, 0x60, 0x0a, 0xf8, 0xf9,
+        0x4d, 0x5d, 0x26, 0x5c, 0x25, 0x5d, 0xc7, 0x84,
+        0x00, 0x00, 0x01, 0x7d, 0x39, 0x51, 0x1f, 0x6f,
+        0x00, 0x00, 0x04, 0x03, 0x00, 0x48, 0x30, 0x46,
+        0x02, 0x21, 0x00, 0x93, 0xed, 0x3a, 0x65, 0x98,
+        0x9a, 0x85, 0xf0, 0x3b, 0x3c, 0x26, 0xf7, 0x52,
+        0x94, 0xd7, 0x92, 0x48, 0xc2, 0xc0, 0x64, 0xcb,
+        0x01, 0xf5, 0xec, 0xf7, 0x6d, 0x41, 0xe0, 0xbd,
+        0x28, 0x56, 0xad, 0x02, 0x21, 0x00, 0xc2, 0x4f,
+        0x92, 0xfb, 0xa0, 0xbb, 0xef, 0x55, 0x67, 0x80,
+        0x06, 0x10, 0x07, 0xe7, 0xb9, 0xb1, 0x96, 0xa7,
+        0xa9, 0x8b, 0xb2, 0xcb, 0xd3, 0x9c, 0x4e, 0x02,
+        0xe8, 0xdb, 0x24, 0x65, 0x1e, 0xc8, 0x00, 0x75,
+        0x00, 0x6f, 0x53, 0x76, 0xac, 0x31, 0xf0, 0x31,
+        0x19, 0xd8, 0x99, 0x00, 0xa4, 0x51, 0x15, 0xff,
+        0x77, 0x15, 0x1c, 0x11, 0xd9, 0x02, 0xc1, 0x00,
+        0x29, 0x06, 0x8d, 0xb2, 0x08, 0x9a, 0x37, 0xd9,
+        0x13, 0x00, 0x00, 0x01, 0x7d, 0x39, 0x51, 0x20,
+        0x3b, 0x00, 0x00, 0x04, 0x03, 0x00, 0x46, 0x30,
+        0x44, 0x02, 0x20, 0x26, 0xc9, 0x12, 0x28, 0x70,
+        0x2d, 0x15, 0x05, 0xa7, 0xa2, 0xea, 0x12, 0x1a,
+        0xff, 0x39, 0x36, 0x5f, 0x93, 0xdf, 0x83, 0x36,
+        0x5f, 0xed, 0x07, 0x38, 0xb8, 0x0a, 0x40, 0xe1,
+        0x8d, 0xb9, 0xfa, 0x02, 0x20, 0x61, 0xae, 0x2b,
+        0x86, 0xbd, 0x8e, 0x86, 0x65, 0x2b, 0xfb, 0x63,
+        0xe1, 0xda, 0x77, 0xb3, 0xf3, 0xc5, 0x2a, 0x32,
+        0xb8, 0x23, 0x1e, 0x7e, 0xfa, 0x7d, 0x83, 0xa5,
+        0x49, 0x00, 0xc4, 0x57, 0xb8,
+};
+
+const uint8_t sct_signature1[] = {
+        0x30, 0x46, 0x02, 0x21, 0x00, 0x93, 0xed, 0x3a,
+        0x65, 0x98, 0x9a, 0x85, 0xf0, 0x3b, 0x3c, 0x26,
+        0xf7, 0x52, 0x94, 0xd7, 0x92, 0x48, 0xc2, 0xc0,
+        0x64, 0xcb, 0x01, 0xf5, 0xec, 0xf7, 0x6d, 0x41,
+        0xe0, 0xbd, 0x28, 0x56, 0xad, 0x02, 0x21, 0x00,
+        0xc2, 0x4f, 0x92, 0xfb, 0xa0, 0xbb, 0xef, 0x55,
+        0x67, 0x80, 0x06, 0x10, 0x07, 0xe7, 0xb9, 0xb1,
+        0x96, 0xa7, 0xa9, 0x8b, 0xb2, 0xcb, 0xd3, 0x9c,
+        0x4e, 0x02, 0xe8, 0xdb, 0x24, 0x65, 0x1e, 0xc8
+};
+
+const uint8_t sct_signature2[] = {
+        0x30, 0x44, 0x02, 0x20, 0x26, 0xc9, 0x12, 0x28,
+        0x70, 0x2d, 0x15, 0x05, 0xa7, 0xa2, 0xea, 0x12,
+        0x1a, 0xff, 0x39, 0x36, 0x5f, 0x93, 0xdf, 0x83,
+        0x36, 0x5f, 0xed, 0x07, 0x38, 0xb8, 0x0a, 0x40,
+        0xe1, 0x8d, 0xb9, 0xfa, 0x02, 0x20, 0x61, 0xae,
+        0x2b, 0x86, 0xbd, 0x8e, 0x86, 0x65, 0x2b, 0xfb,
+        0x63, 0xe1, 0xda, 0x77, 0xb3, 0xf3, 0xc5, 0x2a,
+        0x32, 0xb8, 0x23, 0x1e, 0x7e, 0xfa, 0x7d, 0x83,
+        0xa5, 0x49, 0x00, 0xc4, 0x57, 0xb8
+};
+
+struct sct_data {
+        uint8_t version;
+        uint8_t log_id[32];
+        uint64_t timestamp;
+        size_t extensions_len;
+        int signature_nid;
+        const uint8_t *signature;
+        size_t signature_len;
+};
+
+const struct sct_data sct_test_data[] = {
+        {
+                .version = 0,
+                .log_id = {
+                        0x29, 0x79, 0xbe, 0xf0, 0x9e, 0x39, 0x39, 0x21,
+                        0xf0, 0x56, 0x73, 0x9f, 0x63, 0xa5, 0x77, 0xe5,
+                        0xbe, 0x57, 0x7d, 0x9c, 0x60, 0x0a, 0xf8, 0xf9,
+                        0x4d, 0x5d, 0x26, 0x5c, 0x25, 0x5d, 0xc7, 0x84,
+                },
+                .timestamp = 1637344157551,
+                .extensions_len = 0,
+                .signature_nid = NID_ecdsa_with_SHA256,
+                .signature = sct_signature1,
+                .signature_len = sizeof(sct_signature1),
+        },
+        {
+                .version = 0,
+                .log_id = {
+                        0x6f, 0x53, 0x76, 0xac, 0x31, 0xf0, 0x31, 0x19,
+                        0xd8, 0x99, 0x00, 0xa4, 0x51, 0x15, 0xff, 0x77,
+                        0x15, 0x1c, 0x11, 0xd9, 0x02, 0xc1, 0x00, 0x29,
+                        0x06, 0x8d, 0xb2, 0x08, 0x9a, 0x37, 0xd9, 0x13
+                },
+                .timestamp = 1637344157755,
+                .extensions_len = 0,
+                .signature_nid = NID_ecdsa_with_SHA256,
+                .signature = sct_signature2,
+                .signature_len = sizeof(sct_signature2),
+        },
+};
+
+#define N_SCT_TEST_DATA (sizeof(sct_test_data) / sizeof(*sct_test_data))
+
+static void
+hexdump(const unsigned char *buf, size_t len)
+{
+        size_t i;
+
+        for (i = 1; i <= len; i++)
+                fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
+
+        if (len % 8)
+                fprintf(stderr, "\n");
+}
+
+static void
+cert_from_file(const char *filename, X509 **cert)
+{
+        BIO *bio = NULL;
+        X509 *x;
+
+        if ((bio = BIO_new_file(filename, "r")) == NULL) {
+                ERR_print_errors_fp(stderr);
+                errx(1, "failed to create bio");
+        }
+        if ((x = PEM_read_bio_X509(bio, NULL, NULL, NULL)) == NULL)
+                errx(1, "failed to read PEM");
+
+        *cert = x;
+
+        BIO_free(bio);
+}
+
+static int
+ct_compare_test_scts(STACK_OF(SCT) *scts)
+{
+        const struct sct_data *sdt;
+        BIO *bio_err = NULL;
+        SCT *sct;
+        uint8_t *data;
+        size_t len;
+        int i;
+        int ret = 0;
+
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+        if (sk_SCT_num(scts) != N_SCT_TEST_DATA) {
+                fprintf(stderr, "FAIL: got %d SCTS, want %zu\n",
+                    sk_SCT_num(scts), N_SCT_TEST_DATA);
+                goto failure;
+        }
+
+        for (i = 0; i < sk_SCT_num(scts); i++) {
+                sct = sk_SCT_value(scts, i);
+                sdt = &sct_test_data[i];
+
+                if (debug > 0) {
+                        SCT_print(sct, bio_err, 0, NULL);
+                        BIO_printf(bio_err, "\n");
+                }
+
+                if (SCT_get_version(sct) != sdt->version) {
+                        fprintf(stderr, "FAIL: SCT %d - got version %u, "
+                            "want %u\n", i, SCT_get_version(sct), sdt->version);
+                        goto failure;
+                }
+                len = SCT_get0_log_id(sct, &data);
+                if (len != sizeof(sdt->log_id)) {
+                        fprintf(stderr, "FAIL: SCT %d - got version %u, "
+                            "want %u\n", i, SCT_get_version(sct), sdt->version);
+                        goto failure;
+                }
+                if (memcmp(data, sdt->log_id, len) != 0) {
+                        fprintf(stderr, "FAIL: SCT %d - log ID differs\n", i);
+                        fprintf(stderr, "Got:\n");
+                        hexdump(data, len);
+                        fprintf(stderr, "Want:\n");
+                        hexdump(sdt->log_id, sizeof(sdt->log_id));
+                        goto failure;
+                }
+                if (SCT_get_timestamp(sct) != sdt->timestamp) {
+                        fprintf(stderr, "FAIL: SCT %d - got timestamp %llu, "
+                            "want %llu\n", i, SCT_get_timestamp(sct),
+                            sdt->timestamp);
+                        goto failure;
+                }
+                if (SCT_get_signature_nid(sct) != sdt->signature_nid) {
+                        fprintf(stderr, "FAIL: SCT %d - got signature_nid %d, "
+                            "want %d\n", i, SCT_get_signature_nid(sct),
+                            sdt->signature_nid);
+                        goto failure;
+                }
+                len = SCT_get0_extensions(sct, &data);
+                if (len != sdt->extensions_len) {
+                        fprintf(stderr, "FAIL: SCT %d - got extensions with "
+                            "length %zu, want %zu\n", i, len,
+                            sdt->extensions_len);
+                        goto failure;
+                }
+                len = SCT_get0_signature(sct, &data);
+                if (len != sdt->signature_len) {
+                        fprintf(stderr, "FAIL: SCT %d - got signature with "
+                            "length %zu, want %zu\n", i, len,
+                            sdt->signature_len);
+                        goto failure;
+                }
+                if (memcmp(data, sdt->signature, len) != 0) {
+                        fprintf(stderr, "FAIL: SCT %d - signature differs\n",
+                            i);
+                        fprintf(stderr, "Got:\n");
+                        hexdump(data, len);
+                        fprintf(stderr, "Want:\n");
+                        hexdump(sdt->signature, sdt->signature_len);
+                        goto failure;
+                }
+        }
+
+        ret = 1;
+
+ failure:
+        BIO_free(bio_err);
+
+        return ret;
+}
+
+static int
+ct_cert_test(void)
+{
+        X509 *cert = NULL;
+        X509_EXTENSION *ext;
+        STACK_OF(SCT) *scts = NULL;
+        int idx;
+        int failed = 1;
+
+        cert_from_file(test_cert_file, &cert);
+
+        if ((idx = X509_get_ext_by_NID(cert, NID_ct_precert_scts, -1)) == -1) {
+                fprintf(stderr, "FAIL: failed to find SCTs\n");
+                goto failure;
+        }
+        if ((ext = X509_get_ext(cert, idx)) == NULL) {
+                fprintf(stderr, "FAIL: failed to get SCT extension\n");
+                goto failure;
+        }
+        if ((scts = X509V3_EXT_d2i(ext)) == NULL) {
+                fprintf(stderr, "FAIL: failed to decode SCTs\n");
+                ERR_print_errors_fp(stderr);
+                goto failure;
+        }
+
+        if (!ct_compare_test_scts(scts))
+                goto failure;
+
+        failed = 0;
+
+ failure:
+        SCT_LIST_free(scts);
+        X509_free(cert);
+
+        return failed;
+}
+
+static int
+ct_sct_test(void)
+{
+        STACK_OF(SCT) *scts = NULL;
+        const uint8_t *p;
+        uint8_t *data = NULL;
+        int len;
+        int failed = 1;
+
+        p = scts_asn1;
+        if ((scts = d2i_SCT_LIST(NULL, &p, sizeof(scts_asn1))) == NULL) {
+                fprintf(stderr, "FAIL: failed to decode SCTS from ASN.1\n");
+                ERR_print_errors_fp(stderr);
+                goto failure;
+        }
+
+        if (!ct_compare_test_scts(scts))
+                goto failure;
+
+        data = NULL;
+        if ((len = i2d_SCT_LIST(scts, &data)) <= 0) {
+                fprintf(stderr, "FAIL: failed to encode SCTS to ASN.1\n");
+                ERR_print_errors_fp(stderr);
+                goto failure;
+        }
+        if (len != sizeof(scts_asn1)) {
+                fprintf(stderr, "FAIL: ASN.1 length differs - got %d, want "
+                    "%zu\n", len, sizeof(scts_asn1));
+                goto failure;
+        }
+        if (memcmp(data, scts_asn1, len) != 0) {
+                fprintf(stderr, "FAIL: ASN.1 for SCTS differs\n");
+                fprintf(stderr, "Got:\n");
+                hexdump(data, len);
+                fprintf(stderr, "Want:\n");
+                hexdump(scts_asn1, sizeof(scts_asn1));
+                goto failure;
+        }
+
+        failed = 0;
+
+ failure:
+        SCT_LIST_free(scts);
+        free(data);
+
+        return failed;
+}
+
+int
+main(int argc, char **argv)
+{
+        int failed = 0;
+
+        if (argc != 2) {
+                fprintf(stderr, "usage: %s certfile\n", argv[0]);
+                exit(1);
+        }
+
+        test_cert_file = argv[1];
+
+        failed |= ct_cert_test();
+        failed |= ct_sct_test();
+
+        return (failed);
+}
diff --git a/src/regress/lib/libcrypto/ct/libressl.org.crt b/src/regress/lib/libcrypto/ct/libressl.org.crt
new file mode 100644
index 0000000000..4259548797
--- /dev/null
+++ b/src/regress/lib/libcrypto/ct/libressl.org.crt
@@ -0,0 +1,39 @@
+-----BEGIN CERTIFICATE-----
+MIIG3DCCBcSgAwIBAgISA7cdK3Ainj5sW/nVzBz0QTKzMA0GCSqGSIb3DQEBCwUA
+MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
+EwJSMzAeFw0yMTExMTkxNjQ5MTdaFw0yMjAyMTcxNjQ5MTZaMBoxGDAWBgNVBAMT
+D3d3dy5vcGVuYnNkLm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AONf/xu/gf0QoQT8nqjEpfUQaaygDkhPBw5mswqAU0fOMg9ZaZT7Nx8g9qAH0mgi
+6GNd/y7I2fMM7vvkFk/NQn8pu51EMLJ7aNKv6o4ThJYzyvPikdZW+RcdIdt185wJ
+ws7MNq2kaZ0gJRXsIE8haE0iDB9nPRtJ8HAbhxOeCRczrALjvJBI6blg/9TBI+sd
+zvA8yEOelGRox6AikFSP6JDmSmzoBgVSTXq9riKKQeK1j+Wa6vBYmsN2LFmbWPYN
+1TbJk1C37E7Q3CTCkHt+CZNcAqBFIovClb9jmR+0QU3NQnTSqeXnyKyOe2RtYHOx
+3oRs9A8bsRPybvh6zYf33Od2QbFwCGOS1H9sRux1LJEeZlCFDuccRpU3X9f7IO1X
+n5cYr9eIUFIniTAfiksGvL7do2nYNmX/ujdraX7ttPmJZMVVDBjct9g4KGC7aMvB
+CSc695JcLA7RJuJ8qKXcKxINavIpSHsFPobLDPwl43xxihCMQpMfb8Eg3fi5CQcu
+FjdljawMkFeAiVv4iI1rbpWhpZeOGQTKxxjagWd9UNJW9PQxqh+x63I2zO47+W6r
+jSbk2SicUrYTK7F1W+4HRPbA4e5U+hFk881nngnG0mB0D3sinqzxWIyM5DWTDuVp
+ePBJQq3odt2/ityGRY0FcO35mlYkuB26/7Dfq/KmI4olAgMBAAGjggMCMIIC/jAO
+BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG
+A1UdEwEB/wQCMAAwHQYDVR0OBBYEFIQBXV9xwD2xyW1oHNhKs8qxdQFtMB8GA1Ud
+IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr
+BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw
+Oi8vcjMuaS5sZW5jci5vcmcvMIHRBgNVHREEgckwgcaCD2Z0cC5vcGVuYnNkLm9y
+Z4IMbGlicmVzc2wub3JnggtvcGVuYnNkLm9yZ4IMb3BlbmlrZWQub3JnggtvcGVu
+c3NoLmNvbYIPcnBraS1jbGllbnQub3JnghB3d3cubGlicmVzc2wub3Jngg93d3cu
+b3BlbmJzZC5vcmeCEHd3dy5vcGVuaWtlZC5vcmeCEXd3dy5vcGVucnN5bmMub3Jn
+gg93d3cub3BlbnNzaC5jb22CE3d3dy5ycGtpLWNsaWVudC5vcmcwTAYDVR0gBEUw
+QzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDov
+L2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwAp
+eb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZcJV3HhAAAAX05UR9vAAAEAwBIMEYC
+IQCT7TplmJqF8Ds8JvdSlNeSSMLAZMsB9ez3bUHgvShWrQIhAMJPkvugu+9VZ4AG
+EAfnubGWp6mLssvTnE4C6NskZR7IAHUAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQAp
+Bo2yCJo32RMAAAF9OVEgOwAABAMARjBEAiAmyRIocC0VBaei6hIa/zk2X5PfgzZf
+7Qc4uApA4Y25+gIgYa4rhr2OhmUr+2Ph2nez88UqMrgjHn76fYOlSQDEV7gwDQYJ
+KoZIhvcNAQELBQADggEBADMSIRTpbJOdHjy/ju4TPXmc9H7mhyXwXH382FKnkC+T
+VaqPsJL7Mve7Lgr96tzRGVU8hLF3oRXpZVv6qSNmV3ULyCDVG8JoYDZbJV/v7ziU
+RITnWsraI8BYtxgDx6YU8ISbWU0Kh8REdi+mQ49FWmmPaJO9XyvkvG2BD2e+t1Zh
+8O78YFFhtQLuwTtOYa4WKOzWVXD8t2vZBGecJ+APnhcPGS6NQ9qqpKdDwmm0qYG7
+gafHxcWd2k2phmqbp7R3qqY/VP21VyUXCXoGAp+IaqJRunyEmTBAUyB6LkFBfQpc
+y0LH4LFzj5ouo5HtlZQRR5z3MN9WmwAej1gNpC/j688=
+-----END CERTIFICATE-----