diff options
Diffstat (limited to '')
| -rw-r--r-- | src/regress/lib/libssl/unit/cipher_list.c | 30 | 
1 files changed, 10 insertions, 20 deletions
| diff --git a/src/regress/lib/libssl/unit/cipher_list.c b/src/regress/lib/libssl/unit/cipher_list.c index c4b42764a0..7a7ca37708 100644 --- a/src/regress/lib/libssl/unit/cipher_list.c +++ b/src/regress/lib/libssl/unit/cipher_list.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cipher_list.c,v 1.6 2017/08/28 17:32:04 jsing Exp $ */ | 1 | /* $OpenBSD: cipher_list.c,v 1.7 2017/10/10 16:52:17 jsing Exp $ */ | 
| 2 | /* | 2 | /* | 
| 3 | * Copyright (c) 2015 Doug Hogan <doug@openbsd.org> | 3 | * Copyright (c) 2015 Doug Hogan <doug@openbsd.org> | 
| 4 | * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> | 4 | * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> | 
| @@ -63,20 +63,17 @@ static uint16_t cipher_values[] = { | |||
| 63 | 63 | ||
| 64 | #define N_CIPHERS (sizeof(cipher_bytes) / 2) | 64 | #define N_CIPHERS (sizeof(cipher_bytes) / 2) | 
| 65 | 65 | ||
| 66 | extern STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, | ||
| 67 | const unsigned char *p, int num); | ||
| 68 | extern int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, | ||
| 69 | unsigned char *p, size_t len, size_t *outlen); | ||
| 70 | |||
| 71 | static int | 66 | static int | 
| 72 | ssl_bytes_to_list_alloc(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) | 67 | ssl_bytes_to_list_alloc(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) | 
| 73 | { | 68 | { | 
| 74 | SSL_CIPHER *cipher; | 69 | SSL_CIPHER *cipher; | 
| 75 | uint16_t value; | 70 | uint16_t value; | 
| 71 | CBS cbs; | ||
| 76 | int i; | 72 | int i; | 
| 77 | 73 | ||
| 78 | *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, | 74 | CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes)); | 
| 79 | sizeof(cipher_bytes)); | 75 | |
| 76 | *ciphers = ssl_bytes_to_cipher_list(s, &cbs); | ||
| 80 | CHECK(*ciphers != NULL); | 77 | CHECK(*ciphers != NULL); | 
| 81 | CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS); | 78 | CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS); | 
| 82 | for (i = 0; i < sk_SSL_CIPHER_num(*ciphers); i++) { | 79 | for (i = 0; i < sk_SSL_CIPHER_num(*ciphers); i++) { | 
| @@ -149,25 +146,18 @@ static int | |||
| 149 | ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) | 146 | ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) | 
| 150 | { | 147 | { | 
| 151 | uint8_t empty_cipher_bytes[] = {0}; | 148 | uint8_t empty_cipher_bytes[] = {0}; | 
| 149 | CBS cbs; | ||
| 152 | 150 | ||
| 153 | sk_SSL_CIPHER_free(*ciphers); | 151 | sk_SSL_CIPHER_free(*ciphers); | 
| 154 | 152 | ||
| 155 | /* Invalid length: CipherSuite is 2 bytes so it must be even */ | 153 | /* Invalid length: CipherSuite is 2 bytes so it must be even */ | 
| 156 | *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, | 154 | CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes) - 1); | 
| 157 | sizeof(cipher_bytes) - 1); | 155 | *ciphers = ssl_bytes_to_cipher_list(s, &cbs); | 
| 158 | CHECK(*ciphers == NULL); | 156 | CHECK(*ciphers == NULL); | 
| 159 | 157 | ||
| 160 | /* Invalid length: cipher_suites must be at least 2 */ | 158 | /* Invalid length: cipher_suites must be at least 2 */ | 
| 161 | *ciphers = ssl_bytes_to_cipher_list(s, empty_cipher_bytes, | 159 | CBS_init(&cbs, empty_cipher_bytes, sizeof(empty_cipher_bytes)); | 
| 162 | sizeof(empty_cipher_bytes)); | 160 | *ciphers = ssl_bytes_to_cipher_list(s, &cbs); | 
| 163 | CHECK(*ciphers == NULL); | ||
| 164 | |||
| 165 | /* Invalid length: cipher_suites must be at most 2^16-2 */ | ||
| 166 | *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, 0x10000); | ||
| 167 | CHECK(*ciphers == NULL); | ||
| 168 | |||
| 169 | /* Invalid len: prototype is signed, but it shouldn't accept len < 0 */ | ||
| 170 | *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, -2); | ||
| 171 | CHECK(*ciphers == NULL); | 161 | CHECK(*ciphers == NULL); | 
| 172 | 162 | ||
| 173 | return 1; | 163 | return 1; | 
