summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl/client/clienttest.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/regress/lib/libssl/client/clienttest.c')
-rw-r--r--src/regress/lib/libssl/client/clienttest.c740
1 files changed, 0 insertions, 740 deletions
diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c
deleted file mode 100644
index 2efe676a9d..0000000000
--- a/src/regress/lib/libssl/client/clienttest.c
+++ /dev/null
@@ -1,740 +0,0 @@
1/* $OpenBSD: clienttest.c,v 1.33 2021/06/27 17:13:23 jsing Exp $ */
2/*
3 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include <openssl/dtls1.h>
21#include <openssl/ssl3.h>
22
23#include <err.h>
24#include <stdio.h>
25#include <string.h>
26
27#define DTLS_HM_OFFSET (DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH)
28#define DTLS_RANDOM_OFFSET (DTLS_HM_OFFSET + 2)
29#define DTLS_CIPHER_OFFSET (DTLS_HM_OFFSET + 38)
30
31#define SSL3_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH)
32#define SSL3_RANDOM_OFFSET (SSL3_HM_OFFSET + 2)
33#define SSL3_CIPHER_OFFSET (SSL3_HM_OFFSET + 37)
34
35#define TLS13_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH)
36#define TLS13_RANDOM_OFFSET (TLS13_HM_OFFSET + 2)
37#define TLS13_SESSION_OFFSET (TLS13_HM_OFFSET + 34)
38#define TLS13_CIPHER_OFFSET (TLS13_HM_OFFSET + 69)
39#define TLS13_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 194)
40#define TLS13_ONLY_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 98)
41
42#define TLS1_3_VERSION_ONLY (TLS1_3_VERSION | 0x10000)
43
44static const uint8_t cipher_list_dtls1[] = {
45 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
46 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
47 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
48 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08,
49 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
50};
51
52static const uint8_t client_hello_dtls1[] = {
53 0x16, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00,
54 0x00, 0x00, 0x00, 0x00, 0x74, 0x01, 0x00, 0x00,
55 0x68, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
56 0x68, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00,
57 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
58 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
59 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
60 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x26, 0xc0,
61 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00,
62 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0,
63 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00,
64 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00,
65 0x16, 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00,
66 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
67 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00,
68 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00,
69 0x00,
70};
71
72static const uint8_t cipher_list_dtls12_aes[] = {
73 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24,
74 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b,
75 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa,
76 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
77 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
78 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
79 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
80 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
81 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
82 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
83 0x00, 0x0a, 0x00, 0xff
84};
85
86static const uint8_t cipher_list_dtls12_chacha[] = {
87 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30,
88 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
89 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
90 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
91 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
92 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
93 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
94 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
95 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
96 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
97 0x00, 0x0a, 0x00, 0xff,
98};
99
100static const uint8_t client_hello_dtls12[] = {
101 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00,
102 0x00, 0x00, 0x00, 0x00, 0xbe, 0x01, 0x00, 0x00,
103 0xb2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
104 0xb2, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00,
105 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
106 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
107 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
108 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x54, 0xc0,
109 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
110 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00,
111 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff,
112 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00,
113 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00,
114 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0,
115 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00,
116 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00,
117 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00,
118 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00,
119 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x34, 0x00,
120 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00,
121 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00,
122 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, 0x00, 0x00,
123 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08, 0x06, 0x06,
124 0x01, 0x06, 0x03, 0x08, 0x05, 0x05, 0x01, 0x05,
125 0x03, 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0x02,
126 0x01, 0x02, 0x03,
127};
128
129static const uint8_t cipher_list_tls10[] = {
130 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
131 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
132 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
133 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07,
134 0x00, 0x05, 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08,
135 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
136};
137
138static const uint8_t client_hello_tls10[] = {
139 0x16, 0x03, 0x01, 0x00, 0x73, 0x01, 0x00, 0x00,
140 0x6f, 0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
141 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
142 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
143 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
144 0x00, 0x00, 0x00, 0x00, 0x00, 0x2e, 0xc0, 0x14,
145 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88,
146 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13,
147 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f,
148 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
149 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
150 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x18,
151 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a,
152 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17,
153 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, 0x00,
154};
155
156static const uint8_t cipher_list_tls11[] = {
157 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
158 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
159 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
160 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07,
161 0x00, 0x05, 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08,
162 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
163};
164
165static const uint8_t client_hello_tls11[] = {
166 0x16, 0x03, 0x01, 0x00, 0x73, 0x01, 0x00, 0x00,
167 0x6f, 0x03, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00,
168 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
169 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
170 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
171 0x00, 0x00, 0x00, 0x00, 0x00, 0x2e, 0xc0, 0x14,
172 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88,
173 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13,
174 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f,
175 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
176 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
177 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x18,
178 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a,
179 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17,
180 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, 0x00,
181};
182
183static const uint8_t cipher_list_tls12_aes[] = {
184 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24,
185 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b,
186 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa,
187 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
188 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
189 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
190 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
191 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
192 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
193 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
194 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
195 0x00, 0x0a, 0x00, 0xff,
196};
197
198static const uint8_t cipher_list_tls12_chacha[] = {
199 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30,
200 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
201 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
202 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
203 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
204 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
205 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
206 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
207 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
208 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
209 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
210 0x00, 0x0a, 0x00, 0xff,
211};
212
213static const uint8_t client_hello_tls12[] = {
214 0x16, 0x03, 0x01, 0x00, 0xbd, 0x01, 0x00, 0x00,
215 0xb9, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
216 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
217 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
218 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
219 0x00, 0x00, 0x00, 0x00, 0x00, 0x5c, 0xc0, 0x30,
220 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
221 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
222 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85,
223 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
224 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
225 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
226 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
227 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
228 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
229 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04,
230 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
231 0x00, 0xff, 0x01, 0x00, 0x00, 0x34, 0x00, 0x0b,
232 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a,
233 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
234 0x00, 0x19, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d,
235 0x00, 0x18, 0x00, 0x16, 0x08, 0x06, 0x06, 0x01,
236 0x06, 0x03, 0x08, 0x05, 0x05, 0x01, 0x05, 0x03,
237 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0x02, 0x01,
238 0x02, 0x03,
239};
240
241static const uint8_t cipher_list_tls13_aes[] = {
242 0x13, 0x02, 0x13, 0x03, 0x13, 0x01, 0xc0, 0x30,
243 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
244 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
245 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85,
246 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
247 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
248 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
249 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
250 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
251 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
252 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04,
253 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
254 0x00, 0xff
255};
256
257static const uint8_t cipher_list_tls13_chacha[] = {
258 0x13, 0x03, 0x13, 0x02, 0x13, 0x01, 0xcc, 0xa9,
259 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c,
260 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a,
261 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85,
262 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
263 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
264 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
265 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
266 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
267 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
268 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04,
269 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
270 0x00, 0xff,
271};
272
273static const uint8_t client_hello_tls13[] = {
274 0x16, 0x03, 0x01, 0x01, 0x1a, 0x01, 0x00, 0x01,
275 0x16, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
276 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
277 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
278 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
279 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
280 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
281 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
282 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
283 0x00, 0x00, 0x00, 0x00, 0x00, 0x62, 0x13, 0x03,
284 0x13, 0x02, 0x13, 0x01, 0xcc, 0xa9, 0xcc, 0xa8,
285 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28,
286 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f,
287 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85, 0x00, 0xc4,
288 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, 0x00, 0x3d,
289 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, 0xc0, 0x2f,
290 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x13,
291 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67, 0x00, 0x33,
292 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c, 0x00, 0x3c,
293 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, 0xc0, 0x11,
294 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04, 0xc0, 0x12,
295 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
296 0x01, 0x00, 0x00, 0x6b, 0x00, 0x2b, 0x00, 0x09,
297 0x08, 0x03, 0x04, 0x03, 0x03, 0x03, 0x02, 0x03,
298 0x01, 0x00, 0x33, 0x00, 0x26, 0x00, 0x24, 0x00,
299 0x1d, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00,
300 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
301 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
302 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
303 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01,
304 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00,
305 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00,
306 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18, 0x00,
307 0x16, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08,
308 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04,
309 0x01, 0x04, 0x03, 0x02, 0x01, 0x02, 0x03,
310};
311
312static const uint8_t cipher_list_tls13_only_aes[] = {
313 0x13, 0x02, 0x13, 0x03, 0x13, 0x01,
314};
315
316static const uint8_t cipher_list_tls13_only_chacha[] = {
317 0x13, 0x03, 0x13, 0x02, 0x13, 0x01,
318};
319
320static const uint8_t client_hello_tls13_only[] = {
321 0x16, 0x03, 0x03, 0x00, 0xb6, 0x01, 0x00, 0x00,
322 0xb2, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
323 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
324 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
325 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
326 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
327 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
328 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
329 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
330 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x13, 0x03,
331 0x13, 0x02, 0x13, 0x01, 0x00, 0xff, 0x01, 0x00,
332 0x00, 0x61, 0x00, 0x2b, 0x00, 0x03, 0x02, 0x03,
333 0x04, 0x00, 0x33, 0x00, 0x26, 0x00, 0x24, 0x00,
334 0x1d, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00,
335 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
336 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
337 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
338 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01,
339 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00,
340 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00,
341 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x14, 0x00,
342 0x12, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08,
343 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04,
344 0x01, 0x04, 0x03,
345};
346
347struct client_hello_test {
348 const char *desc;
349 const int protocol;
350 const size_t random_start;
351 const size_t session_start;
352 const size_t key_share_start;
353 const SSL_METHOD *(*ssl_method)(void);
354 const long ssl_options;
355};
356
357static const struct client_hello_test client_hello_tests[] = {
358 {
359 .desc = "DTLSv1 client method",
360 .protocol = DTLS1_VERSION,
361 .random_start = DTLS_RANDOM_OFFSET,
362 .ssl_method = DTLSv1_client_method,
363 },
364 {
365 .desc = "DTLSv1.2 client method",
366 .protocol = DTLS1_2_VERSION,
367 .random_start = DTLS_RANDOM_OFFSET,
368 .ssl_method = DTLSv1_2_client_method,
369 },
370 {
371 .desc = "DTLS client method",
372 .protocol = DTLS1_2_VERSION,
373 .random_start = DTLS_RANDOM_OFFSET,
374 .ssl_method = DTLS_client_method,
375 },
376 {
377 .desc = "DTLS client method (no DTLSv1.2)",
378 .protocol = DTLS1_VERSION,
379 .random_start = DTLS_RANDOM_OFFSET,
380 .ssl_method = DTLS_client_method,
381 .ssl_options = SSL_OP_NO_DTLSv1_2,
382 },
383 {
384 .desc = "DTLS client method (no DTLSv1.0)",
385 .protocol = DTLS1_2_VERSION,
386 .random_start = DTLS_RANDOM_OFFSET,
387 .ssl_method = DTLS_client_method,
388 .ssl_options = SSL_OP_NO_DTLSv1,
389 },
390 {
391 .desc = "TLSv1 client method",
392 .protocol = TLS1_VERSION,
393 .random_start = SSL3_RANDOM_OFFSET,
394 .ssl_method = TLSv1_client_method,
395 },
396 {
397 .desc = "TLSv1_1 client method",
398 .protocol = TLS1_1_VERSION,
399 .random_start = SSL3_RANDOM_OFFSET,
400 .ssl_method = TLSv1_1_client_method,
401 },
402 {
403 .desc = "TLSv1_2 client method",
404 .protocol = TLS1_2_VERSION,
405 .random_start = SSL3_RANDOM_OFFSET,
406 .ssl_method = TLSv1_2_client_method,
407 },
408 {
409 .desc = "SSLv23 default",
410 .protocol = TLS1_3_VERSION,
411 .random_start = TLS13_RANDOM_OFFSET,
412 .session_start = TLS13_SESSION_OFFSET,
413 .key_share_start = TLS13_KEY_SHARE_OFFSET,
414 .ssl_method = SSLv23_client_method,
415 .ssl_options = 0,
416 },
417 {
418 .desc = "SSLv23 default (no TLSv1.3)",
419 .protocol = TLS1_2_VERSION,
420 .random_start = SSL3_RANDOM_OFFSET,
421 .ssl_method = SSLv23_client_method,
422 .ssl_options = SSL_OP_NO_TLSv1_3,
423 },
424 {
425 .desc = "SSLv23 (no TLSv1.2)",
426 .protocol = TLS1_1_VERSION,
427 .random_start = SSL3_RANDOM_OFFSET,
428 .ssl_method = SSLv23_client_method,
429 .ssl_options = SSL_OP_NO_TLSv1_2,
430 },
431 {
432 .desc = "SSLv23 (no TLSv1.1)",
433 .protocol = TLS1_VERSION,
434 .random_start = SSL3_RANDOM_OFFSET,
435 .ssl_method = SSLv23_client_method,
436 .ssl_options = SSL_OP_NO_TLSv1_1,
437 },
438 {
439 .desc = "TLS default",
440 .protocol = TLS1_3_VERSION,
441 .random_start = TLS13_RANDOM_OFFSET,
442 .session_start = TLS13_SESSION_OFFSET,
443 .key_share_start = TLS13_KEY_SHARE_OFFSET,
444 .ssl_method = TLS_client_method,
445 .ssl_options = 0,
446 },
447 {
448 .desc = "TLS (no TLSv1.3)",
449 .protocol = TLS1_2_VERSION,
450 .random_start = SSL3_RANDOM_OFFSET,
451 .ssl_method = TLS_client_method,
452 .ssl_options = SSL_OP_NO_TLSv1_3,
453 },
454 {
455 .desc = "TLS (no TLSv1.2)",
456 .protocol = TLS1_1_VERSION,
457 .random_start = SSL3_RANDOM_OFFSET,
458 .ssl_method = TLS_client_method,
459 .ssl_options = SSL_OP_NO_TLSv1_2,
460 },
461 {
462 .desc = "TLS (no TLSv1.1)",
463 .protocol = TLS1_VERSION,
464 .random_start = SSL3_RANDOM_OFFSET,
465 .ssl_method = TLS_client_method,
466 .ssl_options = SSL_OP_NO_TLSv1_1,
467 },
468#if 0
469 /* XXX - build client hello with explicit versions extension. */
470 {
471 .desc = "TLS (no TLSv1.0, no TLSv1.1)",
472 .protocol = TLS1_3_VERSION,
473 .random_start = TLS13_RANDOM_OFFSET,
474 .session_start = TLS13_SESSION_OFFSET,
475 .key_share_start = TLS13_KEY_SHARE_OFFSET,
476 .ssl_method = TLS_client_method,
477 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
478 },
479#endif
480 {
481 .desc = "TLS (no TLSv1.0, no TLSv1.1, no TLSv1.2)",
482 .protocol = TLS1_3_VERSION_ONLY,
483 .random_start = TLS13_RANDOM_OFFSET,
484 .session_start = TLS13_SESSION_OFFSET,
485 .key_share_start = TLS13_ONLY_KEY_SHARE_OFFSET,
486 .ssl_method = TLS_client_method,
487 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
488 },
489};
490
491#define N_CLIENT_HELLO_TESTS \
492 (sizeof(client_hello_tests) / sizeof(*client_hello_tests))
493
494static void
495hexdump(const uint8_t *buf, size_t len, const uint8_t *compare)
496{
497 const char *mark = "";
498 size_t i;
499
500 for (i = 1; i <= len; i++) {
501 if (compare != NULL)
502 mark = (buf[i - 1] != compare[i - 1]) ? "*" : " ";
503 fprintf(stderr, " %s0x%02hhx,%s", mark, buf[i - 1],
504 i % 8 && i != len ? "" : "\n");
505 }
506 fprintf(stderr, "\n");
507}
508
509static inline int
510ssl_aes_is_accelerated(void)
511{
512#if defined(__i386__) || defined(__x86_64__)
513 return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
514#else
515 return (0);
516#endif
517}
518
519static int
520make_client_hello(int protocol, char **out, size_t *outlen)
521{
522 size_t client_hello_len, cipher_list_len, cipher_list_offset;
523 const uint8_t *client_hello, *cipher_list;
524 char *p;
525
526 *out = NULL;
527 *outlen = 0;
528
529 switch (protocol) {
530 case DTLS1_VERSION:
531 client_hello = client_hello_dtls1;
532 client_hello_len = sizeof(client_hello_dtls1);
533 cipher_list = cipher_list_dtls1;
534 cipher_list_len = sizeof(cipher_list_dtls1);
535 cipher_list_offset = DTLS_CIPHER_OFFSET;
536 break;
537
538 case DTLS1_2_VERSION:
539 client_hello = client_hello_dtls12;
540 client_hello_len = sizeof(client_hello_dtls12);
541 cipher_list = cipher_list_dtls12_chacha;
542 cipher_list_len = sizeof(cipher_list_dtls12_chacha);
543 if (ssl_aes_is_accelerated()) {
544 cipher_list = cipher_list_dtls12_aes;
545 cipher_list_len = sizeof(cipher_list_dtls12_aes);
546 }
547 cipher_list_offset = DTLS_CIPHER_OFFSET;
548 break;
549
550 case TLS1_VERSION:
551 client_hello = client_hello_tls10;
552 client_hello_len = sizeof(client_hello_tls10);
553 cipher_list = cipher_list_tls10;
554 cipher_list_len = sizeof(cipher_list_tls10);
555 cipher_list_offset = SSL3_CIPHER_OFFSET;
556 break;
557
558 case TLS1_1_VERSION:
559 client_hello = client_hello_tls11;
560 client_hello_len = sizeof(client_hello_tls11);
561 cipher_list = cipher_list_tls11;
562 cipher_list_len = sizeof(cipher_list_tls11);
563 cipher_list_offset = SSL3_CIPHER_OFFSET;
564 break;
565
566 case TLS1_2_VERSION:
567 client_hello = client_hello_tls12;
568 client_hello_len = sizeof(client_hello_tls12);
569 cipher_list = cipher_list_tls12_chacha;
570 cipher_list_len = sizeof(cipher_list_tls12_chacha);
571 if (ssl_aes_is_accelerated()) {
572 cipher_list = cipher_list_tls12_aes;
573 cipher_list_len = sizeof(cipher_list_tls12_aes);
574 }
575 cipher_list_offset = SSL3_CIPHER_OFFSET;
576 break;
577
578 case TLS1_3_VERSION:
579 client_hello = client_hello_tls13;
580 client_hello_len = sizeof(client_hello_tls13);
581 cipher_list = cipher_list_tls13_chacha;
582 cipher_list_len = sizeof(cipher_list_tls13_chacha);
583 if (ssl_aes_is_accelerated()) {
584 cipher_list = cipher_list_tls13_aes;
585 cipher_list_len = sizeof(cipher_list_tls13_aes);
586 }
587 cipher_list_offset = TLS13_CIPHER_OFFSET;
588 break;
589
590 case TLS1_3_VERSION_ONLY:
591 client_hello = client_hello_tls13_only;
592 client_hello_len = sizeof(client_hello_tls13_only);
593 cipher_list = cipher_list_tls13_only_chacha;
594 cipher_list_len = sizeof(cipher_list_tls13_only_chacha);
595 if (ssl_aes_is_accelerated()) {
596 cipher_list = cipher_list_tls13_only_aes;
597 cipher_list_len = sizeof(cipher_list_tls13_only_aes);
598 }
599 cipher_list_offset = TLS13_CIPHER_OFFSET;
600 break;
601
602 default:
603 return (-1);
604 }
605
606 if ((p = malloc(client_hello_len)) == NULL)
607 return (-1);
608
609 memcpy(p, client_hello, client_hello_len);
610 memcpy(p + cipher_list_offset, cipher_list, cipher_list_len);
611
612 *out = p;
613 *outlen = client_hello_len;
614
615 return (0);
616}
617
618static int
619client_hello_test(int testno, const struct client_hello_test *cht)
620{
621 BIO *rbio = NULL, *wbio = NULL;
622 SSL_CTX *ssl_ctx = NULL;
623 SSL *ssl = NULL;
624 char *client_hello = NULL;
625 size_t client_hello_len;
626 size_t session_len;
627 char *wbuf, rbuf[1];
628 int ret = 1;
629 long len;
630
631 fprintf(stderr, "Test %i - %s\n", testno, cht->desc);
632
633 /* Providing a small buf causes *_get_server_hello() to return. */
634 if ((rbio = BIO_new_mem_buf(rbuf, sizeof(rbuf))) == NULL) {
635 fprintf(stderr, "Failed to setup rbio\n");
636 goto failure;
637 }
638 if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
639 fprintf(stderr, "Failed to setup wbio\n");
640 goto failure;
641 }
642
643 if ((ssl_ctx = SSL_CTX_new(cht->ssl_method())) == NULL) {
644 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
645 goto failure;
646 }
647
648 SSL_CTX_set_options(ssl_ctx, cht->ssl_options);
649
650 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
651 fprintf(stderr, "SSL_new() returned NULL\n");
652 goto failure;
653 }
654
655 rbio->references = 2;
656 wbio->references = 2;
657
658 SSL_set_bio(ssl, rbio, wbio);
659
660 if (SSL_connect(ssl) != 0) {
661 fprintf(stderr, "SSL_connect() returned non-zero\n");
662 goto failure;
663 }
664
665 len = BIO_get_mem_data(wbio, &wbuf);
666
667 if (make_client_hello(cht->protocol, &client_hello,
668 &client_hello_len) != 0)
669 errx(1, "failed to make client hello");
670
671 if ((size_t)len != client_hello_len) {
672 fprintf(stderr, "FAIL: test returned ClientHello length %li, "
673 "want %zu\n", len, client_hello_len);
674 fprintf(stderr, "received:\n");
675 hexdump(wbuf, len, NULL);
676 fprintf(stderr, "test data:\n");
677 hexdump(client_hello, client_hello_len, NULL);
678 fprintf(stderr, "\n");
679 goto failure;
680 }
681
682 /* We expect the client random to differ. */
683 if (memcmp(&client_hello[cht->random_start], &wbuf[cht->random_start],
684 SSL3_RANDOM_SIZE) == 0) {
685 fprintf(stderr, "FAIL: ClientHello has zeroed random\n");
686 goto failure;
687 }
688
689 memset(&wbuf[cht->random_start], 0, SSL3_RANDOM_SIZE);
690
691 if (cht->session_start > 0) {
692 session_len = wbuf[cht->session_start];
693 if (session_len > 0)
694 memset(&wbuf[cht->session_start + 1], 0, session_len);
695 }
696 if (cht->key_share_start > 0)
697 memset(&wbuf[cht->key_share_start], 0, 32);
698
699 if (memcmp(client_hello, wbuf, client_hello_len) != 0) {
700 fprintf(stderr, "FAIL: ClientHello differs:\n");
701 fprintf(stderr, "received:\n");
702 hexdump(wbuf, len, client_hello);
703 fprintf(stderr, "test data:\n");
704 hexdump(client_hello, client_hello_len, wbuf);
705 fprintf(stderr, "\n");
706 goto failure;
707 }
708
709 ret = 0;
710
711 failure:
712 SSL_CTX_free(ssl_ctx);
713 SSL_free(ssl);
714
715 if (rbio != NULL)
716 rbio->references = 1;
717 if (wbio != NULL)
718 wbio->references = 1;
719
720 BIO_free(rbio);
721 BIO_free(wbio);
722
723 free(client_hello);
724
725 return (ret);
726}
727
728int
729main(int argc, char **argv)
730{
731 int failed = 0;
732 size_t i;
733
734 SSL_library_init();
735
736 for (i = 0; i < N_CLIENT_HELLO_TESTS; i++)
737 failed |= client_hello_test(i, &client_hello_tests[i]);
738
739 return (failed);
740}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-02-09 22:45:48 +0000