summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl/client
diff options
context:
space:
mode:
Diffstat (limited to 'src/regress/lib/libssl/client')
-rw-r--r--src/regress/lib/libssl/client/Makefile9
-rw-r--r--src/regress/lib/libssl/client/clienttest.c731
2 files changed, 0 insertions, 740 deletions
diff --git a/src/regress/lib/libssl/client/Makefile b/src/regress/lib/libssl/client/Makefile
deleted file mode 100644
index 5a54f80914..0000000000
--- a/src/regress/lib/libssl/client/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.3 2021/08/30 17:34:01 tb Exp $
2
3PROG= clienttest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c
deleted file mode 100644
index b0486d95f0..0000000000
--- a/src/regress/lib/libssl/client/clienttest.c
+++ /dev/null
@@ -1,731 +0,0 @@
1/* $OpenBSD: clienttest.c,v 1.39 2022/07/19 20:16:50 tb Exp $ */
2/*
3 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include <openssl/dtls1.h>
21#include <openssl/ssl3.h>
22
23#include <err.h>
24#include <stdio.h>
25#include <string.h>
26
27#define DTLS_HM_OFFSET (DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH)
28#define DTLS_RANDOM_OFFSET (DTLS_HM_OFFSET + 2)
29#define DTLS_CIPHER_OFFSET (DTLS_HM_OFFSET + 38)
30
31#define SSL3_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH)
32#define SSL3_RANDOM_OFFSET (SSL3_HM_OFFSET + 2)
33#define SSL3_CIPHER_OFFSET (SSL3_HM_OFFSET + 37)
34
35#define TLS13_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH)
36#define TLS13_RANDOM_OFFSET (TLS13_HM_OFFSET + 2)
37#define TLS13_SESSION_OFFSET (TLS13_HM_OFFSET + 34)
38#define TLS13_CIPHER_OFFSET (TLS13_HM_OFFSET + 69)
39#define TLS13_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 192)
40#define TLS13_ONLY_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 98)
41
42#define TLS1_3_VERSION_ONLY (TLS1_3_VERSION | 0x10000)
43
44static const uint8_t cipher_list_dtls1[] = {
45 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
46 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
47 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
48 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08,
49 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
50};
51
52static const uint8_t client_hello_dtls1[] = {
53 0x16, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00,
54 0x00, 0x00, 0x00, 0x00, 0x74, 0x01, 0x00, 0x00,
55 0x68, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
56 0x68, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00,
57 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
58 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
59 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
60 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x26, 0xc0,
61 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00,
62 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0,
63 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00,
64 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00,
65 0x16, 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00,
66 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
67 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00,
68 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00,
69 0x00,
70};
71
72static const uint8_t cipher_list_dtls12_aes[] = {
73 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24,
74 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b,
75 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa,
76 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
77 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
78 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
79 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
80 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
81 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
82 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
83 0x00, 0x0a, 0x00, 0xff
84};
85
86static const uint8_t cipher_list_dtls12_chacha[] = {
87 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30,
88 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
89 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
90 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
91 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
92 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
93 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
94 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
95 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
96 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
97 0x00, 0x0a, 0x00, 0xff,
98};
99
100static const uint8_t client_hello_dtls12[] = {
101 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00,
102 0x00, 0x00, 0x00, 0x00, 0xbe, 0x01, 0x00, 0x00,
103 0xb2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
104 0xb2, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00,
105 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
106 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
107 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
108 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x54, 0xc0,
109 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
110 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00,
111 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff,
112 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00,
113 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00,
114 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0,
115 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00,
116 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00,
117 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00,
118 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00,
119 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x34, 0x00,
120 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00,
121 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00,
122 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, 0x00, 0x00,
123 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08, 0x06, 0x06,
124 0x01, 0x06, 0x03, 0x08, 0x05, 0x05, 0x01, 0x05,
125 0x03, 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0x02,
126 0x01, 0x02, 0x03,
127};
128
129static const uint8_t cipher_list_tls10[] = {
130 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
131 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
132 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
133 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07,
134 0x00, 0x05, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
135 0x00, 0x0a, 0x00, 0xff,
136};
137
138static const uint8_t client_hello_tls10[] = {
139 0x16, 0x03, 0x01, 0x00, 0x71, 0x01, 0x00, 0x00,
140 0x6d, 0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
141 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
142 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
143 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
144 0x00, 0x00, 0x00, 0x00, 0x00, 0x2c, 0xc0, 0x14,
145 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88,
146 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13,
147 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f,
148 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
149 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
150 0x00, 0xff, 0x01, 0x00, 0x00, 0x18, 0x00, 0x0b,
151 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a,
152 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
153 0x00, 0x19, 0x00, 0x23, 0x00, 0x00,
154};
155
156static const uint8_t cipher_list_tls11[] = {
157 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
158 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
159 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
160 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07,
161 0x00, 0x05, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
162 0x00, 0x0a, 0x00, 0xff,
163};
164
165static const uint8_t client_hello_tls11[] = {
166 0x16, 0x03, 0x01, 0x00, 0x71, 0x01, 0x00, 0x00,
167 0x6d, 0x03, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00,
168 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
169 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
170 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
171 0x00, 0x00, 0x00, 0x00, 0x00, 0x2c, 0xc0, 0x14,
172 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88,
173 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13,
174 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f,
175 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
176 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
177 0x00, 0xff, 0x01, 0x00, 0x00, 0x18, 0x00, 0x0b,
178 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a,
179 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
180 0x00, 0x19, 0x00, 0x23, 0x00, 0x00,
181};
182
183static const uint8_t cipher_list_tls12_aes[] = {
184 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24,
185 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b,
186 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa,
187 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
188 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
189 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
190 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
191 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
192 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
193 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
194 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
195 0x00, 0xff,
196};
197
198static const uint8_t cipher_list_tls12_chacha[] = {
199 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30,
200 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
201 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
202 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
203 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
204 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
205 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
206 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
207 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
208 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
209 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
210 0x00, 0xff,
211};
212
213static const uint8_t client_hello_tls12[] = {
214 0x16, 0x03, 0x01, 0x00, 0xbb, 0x01, 0x00, 0x00,
215 0xb7, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
216 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
217 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
218 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
219 0x00, 0x00, 0x00, 0x00, 0x00, 0x5a, 0xc0, 0x30,
220 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
221 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
222 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85,
223 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
224 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
225 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
226 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
227 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
228 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
229 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12,
230 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
231 0x01, 0x00, 0x00, 0x34, 0x00, 0x0b, 0x00, 0x02,
232 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08,
233 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19,
234 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18,
235 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03,
236 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04,
237 0x04, 0x01, 0x04, 0x03, 0x02, 0x01, 0x02, 0x03,
238};
239
240static const uint8_t cipher_list_tls13_aes[] = {
241 0x13, 0x02, 0x13, 0x03, 0x13, 0x01, 0xc0, 0x30,
242 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
243 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
244 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85,
245 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
246 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
247 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
248 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
249 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
250 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
251 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12,
252 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
253};
254
255static const uint8_t cipher_list_tls13_chacha[] = {
256 0x13, 0x03, 0x13, 0x02, 0x13, 0x01, 0xcc, 0xa9,
257 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c,
258 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a,
259 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85,
260 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
261 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
262 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
263 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
264 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
265 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
266 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12,
267 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
268};
269
270static const uint8_t client_hello_tls13[] = {
271 0x16, 0x03, 0x01, 0x01, 0x18, 0x01, 0x00, 0x01,
272 0x14, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
273 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
274 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
275 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
276 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
277 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
278 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
279 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
280 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x13, 0x03,
281 0x13, 0x02, 0x13, 0x01, 0xcc, 0xa9, 0xcc, 0xa8,
282 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28,
283 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f,
284 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85, 0x00, 0xc4,
285 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, 0x00, 0x3d,
286 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, 0xc0, 0x2f,
287 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x13,
288 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67, 0x00, 0x33,
289 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c, 0x00, 0x3c,
290 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, 0xc0, 0x11,
291 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12, 0xc0, 0x08,
292 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00,
293 0x00, 0x6b, 0x00, 0x2b, 0x00, 0x09, 0x08, 0x03,
294 0x04, 0x03, 0x03, 0x03, 0x02, 0x03, 0x01, 0x00,
295 0x33, 0x00, 0x26, 0x00, 0x24, 0x00, 0x1d, 0x00,
296 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
297 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
298 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
299 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
300 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
301 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00,
302 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00,
303 0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08,
304 0x06, 0x06, 0x01, 0x06, 0x03, 0x08, 0x05, 0x05,
305 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01, 0x04,
306 0x03, 0x02, 0x01, 0x02, 0x03,
307};
308
309static const uint8_t cipher_list_tls13_only_aes[] = {
310 0x13, 0x02, 0x13, 0x03, 0x13, 0x01,
311};
312
313static const uint8_t cipher_list_tls13_only_chacha[] = {
314 0x13, 0x03, 0x13, 0x02, 0x13, 0x01,
315};
316
317static const uint8_t client_hello_tls13_only[] = {
318 0x16, 0x03, 0x03, 0x00, 0xb6, 0x01, 0x00, 0x00,
319 0xb2, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
320 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
321 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
322 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
323 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
324 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
325 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
326 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
327 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x13, 0x03,
328 0x13, 0x02, 0x13, 0x01, 0x00, 0xff, 0x01, 0x00,
329 0x00, 0x61, 0x00, 0x2b, 0x00, 0x03, 0x02, 0x03,
330 0x04, 0x00, 0x33, 0x00, 0x26, 0x00, 0x24, 0x00,
331 0x1d, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00,
332 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
333 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
334 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
335 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01,
336 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00,
337 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00,
338 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x14, 0x00,
339 0x12, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08,
340 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04,
341 0x01, 0x04, 0x03,
342};
343
344struct client_hello_test {
345 const char *desc;
346 const int protocol;
347 const size_t random_start;
348 const size_t session_start;
349 const size_t key_share_start;
350 const SSL_METHOD *(*ssl_method)(void);
351 const long ssl_options;
352};
353
354static const struct client_hello_test client_hello_tests[] = {
355 {
356 .desc = "DTLSv1 client method",
357 .protocol = DTLS1_VERSION,
358 .random_start = DTLS_RANDOM_OFFSET,
359 .ssl_method = DTLSv1_client_method,
360 },
361 {
362 .desc = "DTLSv1.2 client method",
363 .protocol = DTLS1_2_VERSION,
364 .random_start = DTLS_RANDOM_OFFSET,
365 .ssl_method = DTLSv1_2_client_method,
366 },
367 {
368 .desc = "DTLS client method",
369 .protocol = DTLS1_2_VERSION,
370 .random_start = DTLS_RANDOM_OFFSET,
371 .ssl_method = DTLS_client_method,
372 },
373 {
374 .desc = "DTLS client method (no DTLSv1.2)",
375 .protocol = DTLS1_VERSION,
376 .random_start = DTLS_RANDOM_OFFSET,
377 .ssl_method = DTLS_client_method,
378 .ssl_options = SSL_OP_NO_DTLSv1_2,
379 },
380 {
381 .desc = "DTLS client method (no DTLSv1.0)",
382 .protocol = DTLS1_2_VERSION,
383 .random_start = DTLS_RANDOM_OFFSET,
384 .ssl_method = DTLS_client_method,
385 .ssl_options = SSL_OP_NO_DTLSv1,
386 },
387 {
388 .desc = "TLSv1 client method",
389 .protocol = TLS1_VERSION,
390 .random_start = SSL3_RANDOM_OFFSET,
391 .ssl_method = TLSv1_client_method,
392 },
393 {
394 .desc = "TLSv1_1 client method",
395 .protocol = TLS1_1_VERSION,
396 .random_start = SSL3_RANDOM_OFFSET,
397 .ssl_method = TLSv1_1_client_method,
398 },
399 {
400 .desc = "TLSv1_2 client method",
401 .protocol = TLS1_2_VERSION,
402 .random_start = SSL3_RANDOM_OFFSET,
403 .ssl_method = TLSv1_2_client_method,
404 },
405 {
406 .desc = "SSLv23 default",
407 .protocol = TLS1_3_VERSION,
408 .random_start = TLS13_RANDOM_OFFSET,
409 .session_start = TLS13_SESSION_OFFSET,
410 .key_share_start = TLS13_KEY_SHARE_OFFSET,
411 .ssl_method = SSLv23_client_method,
412 .ssl_options = 0,
413 },
414 {
415 .desc = "SSLv23 default (no TLSv1.3)",
416 .protocol = TLS1_2_VERSION,
417 .random_start = SSL3_RANDOM_OFFSET,
418 .ssl_method = SSLv23_client_method,
419 .ssl_options = SSL_OP_NO_TLSv1_3,
420 },
421 {
422 .desc = "SSLv23 (no TLSv1.2)",
423 .protocol = TLS1_1_VERSION,
424 .random_start = SSL3_RANDOM_OFFSET,
425 .ssl_method = SSLv23_client_method,
426 .ssl_options = SSL_OP_NO_TLSv1_2,
427 },
428 {
429 .desc = "SSLv23 (no TLSv1.1)",
430 .protocol = TLS1_VERSION,
431 .random_start = SSL3_RANDOM_OFFSET,
432 .ssl_method = SSLv23_client_method,
433 .ssl_options = SSL_OP_NO_TLSv1_1,
434 },
435 {
436 .desc = "TLS default",
437 .protocol = TLS1_3_VERSION,
438 .random_start = TLS13_RANDOM_OFFSET,
439 .session_start = TLS13_SESSION_OFFSET,
440 .key_share_start = TLS13_KEY_SHARE_OFFSET,
441 .ssl_method = TLS_client_method,
442 .ssl_options = 0,
443 },
444 {
445 .desc = "TLS (no TLSv1.3)",
446 .protocol = TLS1_2_VERSION,
447 .random_start = SSL3_RANDOM_OFFSET,
448 .ssl_method = TLS_client_method,
449 .ssl_options = SSL_OP_NO_TLSv1_3,
450 },
451 {
452 .desc = "TLS (no TLSv1.2)",
453 .protocol = TLS1_1_VERSION,
454 .random_start = SSL3_RANDOM_OFFSET,
455 .ssl_method = TLS_client_method,
456 .ssl_options = SSL_OP_NO_TLSv1_2,
457 },
458 {
459 .desc = "TLS (no TLSv1.1)",
460 .protocol = TLS1_VERSION,
461 .random_start = SSL3_RANDOM_OFFSET,
462 .ssl_method = TLS_client_method,
463 .ssl_options = SSL_OP_NO_TLSv1_1,
464 },
465#if 0
466 /* XXX - build client hello with explicit versions extension. */
467 {
468 .desc = "TLS (no TLSv1.0, no TLSv1.1)",
469 .protocol = TLS1_3_VERSION,
470 .random_start = TLS13_RANDOM_OFFSET,
471 .session_start = TLS13_SESSION_OFFSET,
472 .key_share_start = TLS13_KEY_SHARE_OFFSET,
473 .ssl_method = TLS_client_method,
474 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
475 },
476#endif
477 {
478 .desc = "TLS (no TLSv1.0, no TLSv1.1, no TLSv1.2)",
479 .protocol = TLS1_3_VERSION_ONLY,
480 .random_start = TLS13_RANDOM_OFFSET,
481 .session_start = TLS13_SESSION_OFFSET,
482 .key_share_start = TLS13_ONLY_KEY_SHARE_OFFSET,
483 .ssl_method = TLS_client_method,
484 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
485 },
486};
487
488#define N_CLIENT_HELLO_TESTS \
489 (sizeof(client_hello_tests) / sizeof(*client_hello_tests))
490
491static void
492hexdump(const uint8_t *buf, size_t len, const uint8_t *compare)
493{
494 const char *mark = "";
495 size_t i;
496
497 for (i = 1; i <= len; i++) {
498 if (compare != NULL)
499 mark = (buf[i - 1] != compare[i - 1]) ? "*" : " ";
500 fprintf(stderr, " %s0x%02hhx,%s", mark, buf[i - 1],
501 i % 8 && i != len ? "" : "\n");
502 }
503 fprintf(stderr, "\n");
504}
505
506static inline int
507ssl_aes_is_accelerated(void)
508{
509#if defined(__i386__) || defined(__x86_64__)
510 return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
511#else
512 return (0);
513#endif
514}
515
516static int
517make_client_hello(int protocol, char **out, size_t *outlen)
518{
519 size_t client_hello_len, cipher_list_len, cipher_list_offset;
520 const uint8_t *client_hello, *cipher_list;
521 char *p;
522
523 *out = NULL;
524 *outlen = 0;
525
526 switch (protocol) {
527 case DTLS1_VERSION:
528 client_hello = client_hello_dtls1;
529 client_hello_len = sizeof(client_hello_dtls1);
530 cipher_list = cipher_list_dtls1;
531 cipher_list_len = sizeof(cipher_list_dtls1);
532 cipher_list_offset = DTLS_CIPHER_OFFSET;
533 break;
534
535 case DTLS1_2_VERSION:
536 client_hello = client_hello_dtls12;
537 client_hello_len = sizeof(client_hello_dtls12);
538 cipher_list = cipher_list_dtls12_chacha;
539 cipher_list_len = sizeof(cipher_list_dtls12_chacha);
540 if (ssl_aes_is_accelerated()) {
541 cipher_list = cipher_list_dtls12_aes;
542 cipher_list_len = sizeof(cipher_list_dtls12_aes);
543 }
544 cipher_list_offset = DTLS_CIPHER_OFFSET;
545 break;
546
547 case TLS1_VERSION:
548 client_hello = client_hello_tls10;
549 client_hello_len = sizeof(client_hello_tls10);
550 cipher_list = cipher_list_tls10;
551 cipher_list_len = sizeof(cipher_list_tls10);
552 cipher_list_offset = SSL3_CIPHER_OFFSET;
553 break;
554
555 case TLS1_1_VERSION:
556 client_hello = client_hello_tls11;
557 client_hello_len = sizeof(client_hello_tls11);
558 cipher_list = cipher_list_tls11;
559 cipher_list_len = sizeof(cipher_list_tls11);
560 cipher_list_offset = SSL3_CIPHER_OFFSET;
561 break;
562
563 case TLS1_2_VERSION:
564 client_hello = client_hello_tls12;
565 client_hello_len = sizeof(client_hello_tls12);
566 cipher_list = cipher_list_tls12_chacha;
567 cipher_list_len = sizeof(cipher_list_tls12_chacha);
568 if (ssl_aes_is_accelerated()) {
569 cipher_list = cipher_list_tls12_aes;
570 cipher_list_len = sizeof(cipher_list_tls12_aes);
571 }
572 cipher_list_offset = SSL3_CIPHER_OFFSET;
573 break;
574
575 case TLS1_3_VERSION:
576 client_hello = client_hello_tls13;
577 client_hello_len = sizeof(client_hello_tls13);
578 cipher_list = cipher_list_tls13_chacha;
579 cipher_list_len = sizeof(cipher_list_tls13_chacha);
580 if (ssl_aes_is_accelerated()) {
581 cipher_list = cipher_list_tls13_aes;
582 cipher_list_len = sizeof(cipher_list_tls13_aes);
583 }
584 cipher_list_offset = TLS13_CIPHER_OFFSET;
585 break;
586
587 case TLS1_3_VERSION_ONLY:
588 client_hello = client_hello_tls13_only;
589 client_hello_len = sizeof(client_hello_tls13_only);
590 cipher_list = cipher_list_tls13_only_chacha;
591 cipher_list_len = sizeof(cipher_list_tls13_only_chacha);
592 if (ssl_aes_is_accelerated()) {
593 cipher_list = cipher_list_tls13_only_aes;
594 cipher_list_len = sizeof(cipher_list_tls13_only_aes);
595 }
596 cipher_list_offset = TLS13_CIPHER_OFFSET;
597 break;
598
599 default:
600 return (-1);
601 }
602
603 if ((p = malloc(client_hello_len)) == NULL)
604 return (-1);
605
606 memcpy(p, client_hello, client_hello_len);
607 memcpy(p + cipher_list_offset, cipher_list, cipher_list_len);
608
609 *out = p;
610 *outlen = client_hello_len;
611
612 return (0);
613}
614
615static int
616client_hello_test(int testno, const struct client_hello_test *cht)
617{
618 BIO *rbio = NULL, *wbio = NULL;
619 SSL_CTX *ssl_ctx = NULL;
620 SSL *ssl = NULL;
621 char *client_hello = NULL;
622 size_t client_hello_len;
623 size_t session_len;
624 char *wbuf, rbuf[1];
625 int ret = 1;
626 long len;
627
628 fprintf(stderr, "Test %d - %s\n", testno, cht->desc);
629
630 /* Providing a small buf causes *_get_server_hello() to return. */
631 if ((rbio = BIO_new_mem_buf(rbuf, sizeof(rbuf))) == NULL) {
632 fprintf(stderr, "Failed to setup rbio\n");
633 goto failure;
634 }
635 if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
636 fprintf(stderr, "Failed to setup wbio\n");
637 goto failure;
638 }
639
640 if ((ssl_ctx = SSL_CTX_new(cht->ssl_method())) == NULL) {
641 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
642 goto failure;
643 }
644
645 SSL_CTX_set_options(ssl_ctx, cht->ssl_options);
646
647 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
648 fprintf(stderr, "SSL_new() returned NULL\n");
649 goto failure;
650 }
651
652 BIO_up_ref(rbio);
653 BIO_up_ref(wbio);
654 SSL_set_bio(ssl, rbio, wbio);
655
656 if (SSL_connect(ssl) != 0) {
657 fprintf(stderr, "SSL_connect() returned non-zero\n");
658 goto failure;
659 }
660
661 len = BIO_get_mem_data(wbio, &wbuf);
662
663 if (make_client_hello(cht->protocol, &client_hello,
664 &client_hello_len) != 0)
665 errx(1, "failed to make client hello");
666
667 if ((size_t)len != client_hello_len) {
668 fprintf(stderr, "FAIL: test returned ClientHello length %ld, "
669 "want %zu\n", len, client_hello_len);
670 fprintf(stderr, "received:\n");
671 hexdump(wbuf, len, NULL);
672 fprintf(stderr, "test data:\n");
673 hexdump(client_hello, client_hello_len, NULL);
674 fprintf(stderr, "\n");
675 goto failure;
676 }
677
678 /* We expect the client random to differ. */
679 if (memcmp(&client_hello[cht->random_start], &wbuf[cht->random_start],
680 SSL3_RANDOM_SIZE) == 0) {
681 fprintf(stderr, "FAIL: ClientHello has zeroed random\n");
682 goto failure;
683 }
684
685 memset(&wbuf[cht->random_start], 0, SSL3_RANDOM_SIZE);
686
687 if (cht->session_start > 0) {
688 session_len = wbuf[cht->session_start];
689 if (session_len > 0)
690 memset(&wbuf[cht->session_start + 1], 0, session_len);
691 }
692 if (cht->key_share_start > 0)
693 memset(&wbuf[cht->key_share_start], 0, 32);
694
695 if (memcmp(client_hello, wbuf, client_hello_len) != 0) {
696 fprintf(stderr, "FAIL: ClientHello differs:\n");
697 fprintf(stderr, "received:\n");
698 hexdump(wbuf, len, client_hello);
699 fprintf(stderr, "test data:\n");
700 hexdump(client_hello, client_hello_len, wbuf);
701 fprintf(stderr, "\n");
702 goto failure;
703 }
704
705 ret = 0;
706
707 failure:
708 SSL_CTX_free(ssl_ctx);
709 SSL_free(ssl);
710
711 BIO_free(rbio);
712 BIO_free(wbio);
713
714 free(client_hello);
715
716 return (ret);
717}
718
719int
720main(int argc, char **argv)
721{
722 int failed = 0;
723 size_t i;
724
725 SSL_library_init();
726
727 for (i = 0; i < N_CLIENT_HELLO_TESTS; i++)
728 failed |= client_hello_test(i, &client_hello_tests[i]);
729
730 return (failed);
731}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-26 20:38:50 +0000