summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/regress/lib/libssl')
-rw-r--r--src/regress/lib/libssl/Makefile31
-rw-r--r--src/regress/lib/libssl/Makefile.inc2
-rw-r--r--src/regress/lib/libssl/api/Makefile16
-rw-r--r--src/regress/lib/libssl/api/apitest.c369
-rw-r--r--src/regress/lib/libssl/asn1/Makefile11
-rw-r--r--src/regress/lib/libssl/asn1/asn1test.c478
-rw-r--r--src/regress/lib/libssl/buffer/Makefile10
-rw-r--r--src/regress/lib/libssl/buffer/buffertest.c364
-rw-r--r--src/regress/lib/libssl/bytestring/Makefile10
-rw-r--r--src/regress/lib/libssl/bytestring/bytestringtest.c968
-rw-r--r--src/regress/lib/libssl/certs/ca-int-ecdsa.crl8
-rw-r--r--src/regress/lib/libssl/certs/ca-int-ecdsa.pem13
-rw-r--r--src/regress/lib/libssl/certs/ca-int-rsa.crl11
-rw-r--r--src/regress/lib/libssl/certs/ca-int-rsa.pem22
-rw-r--r--src/regress/lib/libssl/certs/ca-root-ecdsa.pem13
-rw-r--r--src/regress/lib/libssl/certs/ca-root-rsa.pem22
-rw-r--r--src/regress/lib/libssl/certs/ca.pem45
-rw-r--r--src/regress/lib/libssl/certs/client.pem51
-rw-r--r--src/regress/lib/libssl/certs/client1-ecdsa-chain.pem27
-rw-r--r--src/regress/lib/libssl/certs/client1-ecdsa.pem19
-rw-r--r--src/regress/lib/libssl/certs/client1-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/client1-rsa.pem50
-rw-r--r--src/regress/lib/libssl/certs/client2-ecdsa-chain.pem26
-rw-r--r--src/regress/lib/libssl/certs/client2-ecdsa.pem18
-rw-r--r--src/regress/lib/libssl/certs/client2-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/client2-rsa.pem50
-rw-r--r--src/regress/lib/libssl/certs/client3-ecdsa-chain.pem26
-rw-r--r--src/regress/lib/libssl/certs/client3-ecdsa.pem18
-rw-r--r--src/regress/lib/libssl/certs/client3-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/client3-rsa.pem50
-rwxr-xr-xsrc/regress/lib/libssl/certs/make-certs.sh263
-rw-r--r--src/regress/lib/libssl/certs/server.pem51
-rw-r--r--src/regress/lib/libssl/certs/server1-ecdsa-chain.pem26
-rw-r--r--src/regress/lib/libssl/certs/server1-ecdsa.pem18
-rw-r--r--src/regress/lib/libssl/certs/server1-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/server1-rsa.pem50
-rw-r--r--src/regress/lib/libssl/certs/server2-ecdsa-chain.pem26
-rw-r--r--src/regress/lib/libssl/certs/server2-ecdsa.pem18
-rw-r--r--src/regress/lib/libssl/certs/server2-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/server2-rsa.pem50
-rw-r--r--src/regress/lib/libssl/certs/server3-ecdsa-chain.pem26
-rw-r--r--src/regress/lib/libssl/certs/server3-ecdsa.pem18
-rw-r--r--src/regress/lib/libssl/certs/server3-rsa-chain.pem44
-rw-r--r--src/regress/lib/libssl/certs/server3-rsa.pem50
-rw-r--r--src/regress/lib/libssl/ciphers/Makefile9
-rw-r--r--src/regress/lib/libssl/ciphers/cipherstest.c531
-rw-r--r--src/regress/lib/libssl/client/Makefile9
-rw-r--r--src/regress/lib/libssl/client/clienttest.c731
-rw-r--r--src/regress/lib/libssl/dtls/Makefile20
-rw-r--r--src/regress/lib/libssl/dtls/dtlstest.c1071
-rw-r--r--src/regress/lib/libssl/handshake/Makefile45
-rw-r--r--src/regress/lib/libssl/handshake/handshake_table.c553
-rw-r--r--src/regress/lib/libssl/handshake/valid_handshakes_terminate.c57
-rw-r--r--src/regress/lib/libssl/interop/LICENSE15
-rw-r--r--src/regress/lib/libssl/interop/Makefile19
-rw-r--r--src/regress/lib/libssl/interop/Makefile.inc90
-rw-r--r--src/regress/lib/libssl/interop/README22
-rw-r--r--src/regress/lib/libssl/interop/botan/Makefile84
-rw-r--r--src/regress/lib/libssl/interop/botan/client.cpp228
-rw-r--r--src/regress/lib/libssl/interop/cert/Makefile91
-rw-r--r--src/regress/lib/libssl/interop/cipher/Makefile169
-rw-r--r--src/regress/lib/libssl/interop/client.c285
-rw-r--r--src/regress/lib/libssl/interop/libressl/Makefile34
-rw-r--r--src/regress/lib/libssl/interop/netcat/Makefile84
-rw-r--r--src/regress/lib/libssl/interop/openssl/Makefile43
-rw-r--r--src/regress/lib/libssl/interop/openssl11/Makefile43
-rw-r--r--src/regress/lib/libssl/interop/server.c332
-rw-r--r--src/regress/lib/libssl/interop/session/Makefile46
-rw-r--r--src/regress/lib/libssl/interop/util.c145
-rw-r--r--src/regress/lib/libssl/interop/util.h23
-rw-r--r--src/regress/lib/libssl/interop/version/Makefile103
-rw-r--r--src/regress/lib/libssl/key_schedule/Makefile10
-rw-r--r--src/regress/lib/libssl/key_schedule/key_schedule.c317
-rw-r--r--src/regress/lib/libssl/openssl-ruby/Makefile87
-rw-r--r--src/regress/lib/libssl/pqueue/Makefile17
-rw-r--r--src/regress/lib/libssl/pqueue/expected.txt3
-rw-r--r--src/regress/lib/libssl/pqueue/pq_test.c118
-rw-r--r--src/regress/lib/libssl/quic/Makefile19
-rw-r--r--src/regress/lib/libssl/quic/quictest.c339
-rw-r--r--src/regress/lib/libssl/record/Makefile10
-rw-r--r--src/regress/lib/libssl/record/recordtest.c555
-rw-r--r--src/regress/lib/libssl/record_layer/Makefile10
-rw-r--r--src/regress/lib/libssl/record_layer/record_layer_test.c306
-rw-r--r--src/regress/lib/libssl/server/Makefile18
-rw-r--r--src/regress/lib/libssl/server/servertest.c203
-rw-r--r--src/regress/lib/libssl/ssl/Makefile17
-rw-r--r--src/regress/lib/libssl/ssl/ssltest.c1951
-rw-r--r--src/regress/lib/libssl/ssl/testssl164
-rw-r--r--src/regress/lib/libssl/tls/Makefile18
-rw-r--r--src/regress/lib/libssl/tls/tlstest.c476
-rw-r--r--src/regress/lib/libssl/tlsext/Makefile10
-rw-r--r--src/regress/lib/libssl/tlsext/tlsexttest.c4496
-rw-r--r--src/regress/lib/libssl/tlsfuzzer/Makefile47
-rw-r--r--src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py884
-rw-r--r--src/regress/lib/libssl/tlslegacy/Makefile9
-rw-r--r--src/regress/lib/libssl/tlslegacy/tlslegacytest.c625
-rw-r--r--src/regress/lib/libssl/unit/Makefile28
-rw-r--r--src/regress/lib/libssl/unit/cipher_list.c209
-rw-r--r--src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c482
-rw-r--r--src/regress/lib/libssl/unit/ssl_methods.c267
-rw-r--r--src/regress/lib/libssl/unit/ssl_set_alpn_protos.c204
-rw-r--r--src/regress/lib/libssl/unit/ssl_versions.c922
-rw-r--r--src/regress/lib/libssl/unit/tests.h44
-rw-r--r--src/regress/lib/libssl/unit/tls_ext_alpn.c442
-rw-r--r--src/regress/lib/libssl/unit/tls_prf.c251
-rw-r--r--src/regress/lib/libssl/verify/Makefile37
-rw-r--r--src/regress/lib/libssl/verify/create-libressl-test-certs.pl111
-rw-r--r--src/regress/lib/libssl/verify/verify.c373
108 files changed, 0 insertions, 22549 deletions
diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile
deleted file mode 100644
index a79a631eed..0000000000
--- a/src/regress/lib/libssl/Makefile
+++ /dev/null
@@ -1,31 +0,0 @@
1# $OpenBSD: Makefile,v 1.49 2022/08/27 09:23:17 jsing Exp $
2
3SUBDIR += api
4SUBDIR += asn1
5SUBDIR += buffer
6SUBDIR += bytestring
7SUBDIR += ciphers
8SUBDIR += client
9SUBDIR += dtls
10SUBDIR += handshake
11SUBDIR += pqueue
12SUBDIR += quic
13SUBDIR += record
14SUBDIR += record_layer
15SUBDIR += server
16SUBDIR += ssl
17SUBDIR += tls
18SUBDIR += tlsext
19SUBDIR += tlslegacy
20SUBDIR += key_schedule
21SUBDIR += unit
22SUBDIR += verify
23
24# Things that take a long time should go below here.
25SUBDIR += openssl-ruby
26SUBDIR += tlsfuzzer
27SUBDIR += interop
28
29install:
30
31.include <bsd.subdir.mk>
diff --git a/src/regress/lib/libssl/Makefile.inc b/src/regress/lib/libssl/Makefile.inc
deleted file mode 100644
index a8880845e9..0000000000
--- a/src/regress/lib/libssl/Makefile.inc
+++ /dev/null
@@ -1,2 +0,0 @@
1# Use this variable when the test needs internal symbols from libssl
2SSL_INT= -Wl,-Bstatic -lssl -Wl,-Bdynamic
diff --git a/src/regress/lib/libssl/api/Makefile b/src/regress/lib/libssl/api/Makefile
deleted file mode 100644
index 0989fc2264..0000000000
--- a/src/regress/lib/libssl/api/Makefile
+++ /dev/null
@@ -1,16 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2022/01/05 09:59:39 jsing Exp $
2
3PROG= apitest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9REGRESS_TARGETS= \
10 regress-apitest
11
12regress-apitest: ${PROG}
13 ./apitest \
14 ${.CURDIR}/../../libssl/certs
15
16.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/api/apitest.c b/src/regress/lib/libssl/api/apitest.c
deleted file mode 100644
index b5a5c544e2..0000000000
--- a/src/regress/lib/libssl/api/apitest.c
+++ /dev/null
@@ -1,369 +0,0 @@
1/* $OpenBSD: apitest.c,v 1.1 2022/01/05 09:59:39 jsing Exp $ */
2/*
3 * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include <openssl/bio.h>
21#include <openssl/err.h>
22#include <openssl/ssl.h>
23
24const char *certs_path;
25
26int debug = 0;
27
28static int
29ssl_ctx_use_ca_file(SSL_CTX *ssl_ctx, const char *ca_file)
30{
31 char *ca_path = NULL;
32 int ret = 0;
33
34 if (asprintf(&ca_path, "%s/%s", certs_path, ca_file) == -1)
35 goto err;
36 if (!SSL_CTX_load_verify_locations(ssl_ctx, ca_path, NULL)) {
37 fprintf(stderr, "load_verify_locations(%s) failed\n", ca_path);
38 goto err;
39 }
40
41 ret = 1;
42
43 err:
44 free(ca_path);
45
46 return ret;
47}
48
49static int
50ssl_ctx_use_keypair(SSL_CTX *ssl_ctx, const char *chain_file,
51 const char *key_file)
52{
53 char *chain_path = NULL, *key_path = NULL;
54 int ret = 0;
55
56 if (asprintf(&chain_path, "%s/%s", certs_path, chain_file) == -1)
57 goto err;
58 if (SSL_CTX_use_certificate_chain_file(ssl_ctx, chain_path) != 1) {
59 fprintf(stderr, "FAIL: Failed to load certificates\n");
60 goto err;
61 }
62 if (asprintf(&key_path, "%s/%s", certs_path, key_file) == -1)
63 goto err;
64 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, key_path,
65 SSL_FILETYPE_PEM) != 1) {
66 fprintf(stderr, "FAIL: Failed to load private key\n");
67 goto err;
68 }
69
70 ret = 1;
71
72 err:
73 free(chain_path);
74 free(key_path);
75
76 return ret;
77}
78
79static SSL *
80tls_client(BIO *rbio, BIO *wbio)
81{
82 SSL_CTX *ssl_ctx = NULL;
83 SSL *ssl = NULL;
84
85 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
86 errx(1, "client context");
87
88 SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
89
90 if (!ssl_ctx_use_ca_file(ssl_ctx, "ca-root-rsa.pem"))
91 goto failure;
92 if (!ssl_ctx_use_keypair(ssl_ctx, "client1-rsa-chain.pem",
93 "client1-rsa.pem"))
94 goto failure;
95
96 if ((ssl = SSL_new(ssl_ctx)) == NULL)
97 errx(1, "client ssl");
98
99 BIO_up_ref(rbio);
100 BIO_up_ref(wbio);
101
102 SSL_set_bio(ssl, rbio, wbio);
103
104 failure:
105 SSL_CTX_free(ssl_ctx);
106
107 return ssl;
108}
109
110static SSL *
111tls_server(BIO *rbio, BIO *wbio)
112{
113 SSL_CTX *ssl_ctx = NULL;
114 SSL *ssl = NULL;
115
116 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
117 errx(1, "server context");
118
119 SSL_CTX_set_dh_auto(ssl_ctx, 2);
120
121 SSL_CTX_set_verify(ssl_ctx,
122 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
123
124 if (!ssl_ctx_use_ca_file(ssl_ctx, "ca-root-rsa.pem"))
125 goto failure;
126 if (!ssl_ctx_use_keypair(ssl_ctx, "server1-rsa-chain.pem",
127 "server1-rsa.pem"))
128 goto failure;
129
130 if ((ssl = SSL_new(ssl_ctx)) == NULL)
131 errx(1, "server ssl");
132
133 BIO_up_ref(rbio);
134 BIO_up_ref(wbio);
135
136 SSL_set_bio(ssl, rbio, wbio);
137
138 failure:
139 SSL_CTX_free(ssl_ctx);
140
141 return ssl;
142}
143
144static int
145ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret)
146{
147 int ssl_err;
148
149 ssl_err = SSL_get_error(ssl, ssl_ret);
150
151 if (ssl_err == SSL_ERROR_WANT_READ) {
152 return 1;
153 } else if (ssl_err == SSL_ERROR_WANT_WRITE) {
154 return 1;
155 } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
156 /* Yup, this is apparently a thing... */
157 } else {
158 fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
159 name, desc, ssl_err, errno);
160 ERR_print_errors_fp(stderr);
161 return 0;
162 }
163
164 return 1;
165}
166
167static int
168do_connect(SSL *ssl, const char *name, int *done)
169{
170 int ssl_ret;
171
172 if ((ssl_ret = SSL_connect(ssl)) == 1) {
173 fprintf(stderr, "INFO: %s connect done\n", name);
174 *done = 1;
175 return 1;
176 }
177
178 return ssl_error(ssl, name, "connect", ssl_ret);
179}
180
181static int
182do_accept(SSL *ssl, const char *name, int *done)
183{
184 int ssl_ret;
185
186 if ((ssl_ret = SSL_accept(ssl)) == 1) {
187 fprintf(stderr, "INFO: %s accept done\n", name);
188 *done = 1;
189 return 1;
190 }
191
192 return ssl_error(ssl, name, "accept", ssl_ret);
193}
194
195typedef int (*ssl_func)(SSL *ssl, const char *name, int *done);
196
197static int
198do_client_server_loop(SSL *client, ssl_func client_func, SSL *server,
199 ssl_func server_func)
200{
201 int client_done = 0, server_done = 0;
202 int i = 0;
203
204 do {
205 if (!client_done) {
206 if (debug)
207 fprintf(stderr, "DEBUG: client loop\n");
208 if (!client_func(client, "client", &client_done))
209 return 0;
210 }
211 if (!server_done) {
212 if (debug)
213 fprintf(stderr, "DEBUG: server loop\n");
214 if (!server_func(server, "server", &server_done))
215 return 0;
216 }
217 } while (i++ < 100 && (!client_done || !server_done));
218
219 if (!client_done || !server_done)
220 fprintf(stderr, "FAIL: gave up\n");
221
222 return client_done && server_done;
223}
224
225static int
226ssl_get_peer_cert_chain_test(uint16_t tls_version)
227{
228 STACK_OF(X509) *peer_chain;
229 X509 *peer_cert;
230 BIO *client_wbio = NULL, *server_wbio = NULL;
231 SSL *client = NULL, *server = NULL;
232 int failed = 1;
233
234 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL)
235 goto failure;
236 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0)
237 goto failure;
238
239 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL)
240 goto failure;
241 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0)
242 goto failure;
243
244 if ((client = tls_client(server_wbio, client_wbio)) == NULL)
245 goto failure;
246 if (tls_version != 0) {
247 if (!SSL_set_min_proto_version(client, tls_version))
248 goto failure;
249 if (!SSL_set_max_proto_version(client, tls_version))
250 goto failure;
251 }
252
253 if ((server = tls_server(client_wbio, server_wbio)) == NULL)
254 goto failure;
255 if (tls_version != 0) {
256 if (!SSL_set_min_proto_version(server, tls_version))
257 goto failure;
258 if (!SSL_set_max_proto_version(server, tls_version))
259 goto failure;
260 }
261
262 if (!do_client_server_loop(client, do_connect, server, do_accept)) {
263 fprintf(stderr, "FAIL: client and server handshake failed\n");
264 goto failure;
265 }
266
267 if (tls_version != 0) {
268 if (SSL_version(client) != tls_version) {
269 fprintf(stderr, "FAIL: client got TLS version %x, "
270 "want %x\n", SSL_version(client), tls_version);
271 goto failure;
272 }
273 if (SSL_version(server) != tls_version) {
274 fprintf(stderr, "FAIL: server got TLS version %x, "
275 "want %x\n", SSL_version(server), tls_version);
276 goto failure;
277 }
278 }
279
280 /*
281 * Due to the wonders of API inconsistency, SSL_get_peer_cert_chain()
282 * includes the peer's leaf certificate when called by the client,
283 * however it does not when called by the server. Futhermore, the
284 * certificate returned by SSL_get_peer_certificate() has already
285 * had its reference count incremented and must be freed, where as
286 * the certificates returned from SSL_get_peer_cert_chain() must
287 * not be freed... *sigh*
288 */
289 peer_cert = SSL_get_peer_certificate(client);
290 peer_chain = SSL_get_peer_cert_chain(client);
291 X509_free(peer_cert);
292
293 if (peer_cert == NULL) {
294 fprintf(stderr, "FAIL: client got no peer cert\n");
295 goto failure;
296 }
297 if (sk_X509_num(peer_chain) != 2) {
298 fprintf(stderr, "FAIL: client got peer cert chain with %d "
299 "certificates, want 2\n", sk_X509_num(peer_chain));
300 goto failure;
301 }
302 if (X509_cmp(peer_cert, sk_X509_value(peer_chain, 0)) != 0) {
303 fprintf(stderr, "FAIL: client got peer cert chain without peer "
304 "certificate\n");
305 goto failure;
306 }
307
308 peer_cert = SSL_get_peer_certificate(server);
309 peer_chain = SSL_get_peer_cert_chain(server);
310 X509_free(peer_cert);
311
312 if (peer_cert == NULL) {
313 fprintf(stderr, "FAIL: server got no peer cert\n");
314 goto failure;
315 }
316 if (sk_X509_num(peer_chain) != 1) {
317 fprintf(stderr, "FAIL: server got peer cert chain with %d "
318 "certificates, want 1\n", sk_X509_num(peer_chain));
319 goto failure;
320 }
321 if (X509_cmp(peer_cert, sk_X509_value(peer_chain, 0)) == 0) {
322 fprintf(stderr, "FAIL: server got peer cert chain with peer "
323 "certificate\n");
324 goto failure;
325 }
326
327 fprintf(stderr, "INFO: Done!\n");
328
329 failed = 0;
330
331 failure:
332 BIO_free(client_wbio);
333 BIO_free(server_wbio);
334
335 SSL_free(client);
336 SSL_free(server);
337
338 return failed;
339}
340
341static int
342ssl_get_peer_cert_chain_tests(void)
343{
344 int failed = 0;
345
346 fprintf(stderr, "\n== Testing SSL_get_peer_cert_chain()... ==\n");
347
348 failed |= ssl_get_peer_cert_chain_test(0);
349 failed |= ssl_get_peer_cert_chain_test(TLS1_3_VERSION);
350 failed |= ssl_get_peer_cert_chain_test(TLS1_2_VERSION);
351
352 return failed;
353}
354
355int
356main(int argc, char **argv)
357{
358 int failed = 0;
359
360 if (argc != 2) {
361 fprintf(stderr, "usage: %s certspath\n", argv[0]);
362 exit(1);
363 }
364 certs_path = argv[1];
365
366 failed |= ssl_get_peer_cert_chain_tests();
367
368 return failed;
369}
diff --git a/src/regress/lib/libssl/asn1/Makefile b/src/regress/lib/libssl/asn1/Makefile
deleted file mode 100644
index 16fca9f6ca..0000000000
--- a/src/regress/lib/libssl/asn1/Makefile
+++ /dev/null
@@ -1,11 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2021/06/30 18:09:46 jsing Exp $
2
3PROG= asn1test
4LDADD= -lcrypto -lssl
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6
7WARNINGS= Yes
8CFLAGS+= -DLIBRESSL_INTERNAL -Werror
9CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
10
11.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/asn1/asn1test.c b/src/regress/lib/libssl/asn1/asn1test.c
deleted file mode 100644
index 4cb905a86e..0000000000
--- a/src/regress/lib/libssl/asn1/asn1test.c
+++ /dev/null
@@ -1,478 +0,0 @@
1/* $OpenBSD: asn1test.c,v 1.11 2022/06/07 18:00:51 tb Exp $ */
2/*
3 * Copyright (c) 2014, 2016 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdlib.h>
20
21#include <openssl/bio.h>
22#include <openssl/err.h>
23#include <openssl/ssl.h>
24#include <openssl/tls1.h>
25
26#include "ssl_locl.h"
27
28int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
29SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
30 long length);
31
32X509 *peer_cert;
33
34unsigned char *peer_cert_pem =
35 "-----BEGIN CERTIFICATE-----\n"
36 "MIIBcTCCARugAwIBAgIJAPYhaZJAvUuUMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV\n"
37 "BAoMCVRlc3QgUGVlcjAeFw0xNjEyMjYxNDQ3NDdaFw0yNjEyMjQxNDQ3NDdaMBQx\n"
38 "EjAQBgNVBAoMCVRlc3QgUGVlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCyhAdJ\n"
39 "wojHv/uKONh8MbmR2U2+VF1HQusnLfSfHPqkJfvDzLWJ41TG7QcXkx2rIJVtAFrO\n"
40 "U9yNdFYJLA/hsrbjAgMBAAGjUDBOMB0GA1UdDgQWBBS3bZOw7fvaortdsdE2TPMq\n"
41 "IRXFRzAfBgNVHSMEGDAWgBS3bZOw7fvaortdsdE2TPMqIRXFRzAMBgNVHRMEBTAD\n"
42 "AQH/MA0GCSqGSIb3DQEBBQUAA0EAHsxNS+rNUZbopeDMhVIviOfUmelDjJrT56Rc\n"
43 "VJoFN3Gc1cV8nQAHm9aJs71uksC+MN04Pzh0WqmYX9XXrnYPcg==\n"
44 "-----END CERTIFICATE-----\n";
45
46struct ssl_asn1_test {
47 SSL_SESSION session;
48 int peer_cert;
49 const unsigned char asn1[1024];
50 int asn1_len;
51};
52
53unsigned char tlsext_tick[] = {
54 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34,
55 0x2d, 0x30, 0x31, 0x36, 0x30, 0x3a, 0x20, 0x37,
56 0x74, 0x68, 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c,
57 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56,
58 0x45, 0x2d, 0x32, 0x30, 0x31, 0x30, 0x2d, 0x35,
59 0x32, 0x39, 0x38, 0x3a, 0x20, 0x38, 0x74, 0x68,
60 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32,
61 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d,
62 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30, 0x31, 0x39,
63 0x38, 0x3a, 0x20, 0x32, 0x31, 0x73, 0x74, 0x20,
64 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30,
65 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32,
66 0x30, 0x31, 0x34, 0x2d, 0x33, 0x34, 0x37, 0x30,
67 0x3a, 0x20, 0x33, 0x30, 0x74, 0x68, 0x20, 0x4d,
68 0x61, 0x79, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a,
69 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34,
70 0x2d, 0x30, 0x31, 0x39, 0x35, 0x3a, 0x20, 0x35,
71 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20,
72 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45,
73 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30, 0x32,
74 0x32, 0x31, 0x3a, 0x20, 0x35, 0x74, 0x68, 0x20,
75 0x4a, 0x75, 0x6e, 0x65, 0x20, 0x32, 0x30, 0x31,
76 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30,
77 0x31, 0x34, 0x2d, 0x30, 0x32, 0x32, 0x34, 0x3a,
78 0x20, 0x35, 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e,
79 0x65, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a,
80};
81
82struct ssl_asn1_test ssl_asn1_tests[] = {
83 {
84 .session = {
85 .cipher_id = 0x03000000L | 1,
86 .ssl_version = TLS1_2_VERSION,
87 },
88 .asn1 = {
89 0x30, 0x13, 0x02, 0x01, 0x01, 0x02, 0x02, 0x03,
90 0x03, 0x04, 0x02, 0x00, 0x01, 0x04, 0x00, 0x04,
91 0x00, 0xa4, 0x02, 0x04, 0x00,
92 },
93 .asn1_len = 21,
94 },
95 {
96 .session = {
97 .cipher_id = 0x03000000L | 1,
98 .ssl_version = TLS1_2_VERSION,
99 .master_key_length = 26,
100 .session_id = "0123456789",
101 .session_id_length = 10,
102 .sid_ctx = "abcdefghijklmnopqrstuvwxyz",
103 .sid_ctx_length = 26,
104 },
105 .asn1 = {
106 0x30, 0x51, 0x02, 0x01, 0x01, 0x02, 0x02, 0x03,
107 0x03, 0x04, 0x02, 0x00, 0x01, 0x04, 0x0a, 0x30,
108 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
109 0x39, 0x04, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00,
110 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
111 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
112 0x00, 0x00, 0x00, 0x00, 0x00, 0xa4, 0x1c, 0x04,
113 0x1a, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
114 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
115 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
116 0x78, 0x79, 0x7a,
117 },
118 .asn1_len = 83,
119 },
120 {
121 .session = {
122 .cipher_id = 0x03000000L | 1,
123 .ssl_version = TLS1_2_VERSION,
124 .master_key_length = 26,
125 .session_id = "0123456789",
126 .session_id_length = 10,
127 .sid_ctx = "abcdefghijklmnopqrstuvwxyz",
128 .sid_ctx_length = 26,
129 .time = 1405266069,
130 .timeout = 5,
131 .verify_result = 42,
132 .tlsext_hostname = "libressl.openbsd.org",
133 .tlsext_tick_lifetime_hint = 0x7abbccdd,
134 .tlsext_tick = tlsext_tick,
135 .tlsext_ticklen = sizeof(tlsext_tick),
136 },
137 .peer_cert = 1,
138 .asn1 = {
139 0x30, 0x82, 0x02, 0xd1, 0x02, 0x01, 0x01, 0x02,
140 0x02, 0x03, 0x03, 0x04, 0x02, 0x00, 0x01, 0x04,
141 0x0a, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36,
142 0x37, 0x38, 0x39, 0x04, 0x1a, 0x00, 0x00, 0x00,
143 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
144 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
145 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa1,
146 0x06, 0x02, 0x04, 0x53, 0xc2, 0xa8, 0x95, 0xa2,
147 0x03, 0x02, 0x01, 0x05, 0xa3, 0x82, 0x01, 0x75,
148 0x30, 0x82, 0x01, 0x71, 0x30, 0x82, 0x01, 0x1b,
149 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
150 0xf6, 0x21, 0x69, 0x92, 0x40, 0xbd, 0x4b, 0x94,
151 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
152 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30,
153 0x14, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55,
154 0x04, 0x0a, 0x0c, 0x09, 0x54, 0x65, 0x73, 0x74,
155 0x20, 0x50, 0x65, 0x65, 0x72, 0x30, 0x1e, 0x17,
156 0x0d, 0x31, 0x36, 0x31, 0x32, 0x32, 0x36, 0x31,
157 0x34, 0x34, 0x37, 0x34, 0x37, 0x5a, 0x17, 0x0d,
158 0x32, 0x36, 0x31, 0x32, 0x32, 0x34, 0x31, 0x34,
159 0x34, 0x37, 0x34, 0x37, 0x5a, 0x30, 0x14, 0x31,
160 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0a,
161 0x0c, 0x09, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50,
162 0x65, 0x65, 0x72, 0x30, 0x5c, 0x30, 0x0d, 0x06,
163 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
164 0x01, 0x01, 0x05, 0x00, 0x03, 0x4b, 0x00, 0x30,
165 0x48, 0x02, 0x41, 0x00, 0xb2, 0x84, 0x07, 0x49,
166 0xc2, 0x88, 0xc7, 0xbf, 0xfb, 0x8a, 0x38, 0xd8,
167 0x7c, 0x31, 0xb9, 0x91, 0xd9, 0x4d, 0xbe, 0x54,
168 0x5d, 0x47, 0x42, 0xeb, 0x27, 0x2d, 0xf4, 0x9f,
169 0x1c, 0xfa, 0xa4, 0x25, 0xfb, 0xc3, 0xcc, 0xb5,
170 0x89, 0xe3, 0x54, 0xc6, 0xed, 0x07, 0x17, 0x93,
171 0x1d, 0xab, 0x20, 0x95, 0x6d, 0x00, 0x5a, 0xce,
172 0x53, 0xdc, 0x8d, 0x74, 0x56, 0x09, 0x2c, 0x0f,
173 0xe1, 0xb2, 0xb6, 0xe3, 0x02, 0x03, 0x01, 0x00,
174 0x01, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06,
175 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
176 0xb7, 0x6d, 0x93, 0xb0, 0xed, 0xfb, 0xda, 0xa2,
177 0xbb, 0x5d, 0xb1, 0xd1, 0x36, 0x4c, 0xf3, 0x2a,
178 0x21, 0x15, 0xc5, 0x47, 0x30, 0x1f, 0x06, 0x03,
179 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,
180 0x14, 0xb7, 0x6d, 0x93, 0xb0, 0xed, 0xfb, 0xda,
181 0xa2, 0xbb, 0x5d, 0xb1, 0xd1, 0x36, 0x4c, 0xf3,
182 0x2a, 0x21, 0x15, 0xc5, 0x47, 0x30, 0x0c, 0x06,
183 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03,
184 0x01, 0x01, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a,
185 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
186 0x05, 0x00, 0x03, 0x41, 0x00, 0x1e, 0xcc, 0x4d,
187 0x4b, 0xea, 0xcd, 0x51, 0x96, 0xe8, 0xa5, 0xe0,
188 0xcc, 0x85, 0x52, 0x2f, 0x88, 0xe7, 0xd4, 0x99,
189 0xe9, 0x43, 0x8c, 0x9a, 0xd3, 0xe7, 0xa4, 0x5c,
190 0x54, 0x9a, 0x05, 0x37, 0x71, 0x9c, 0xd5, 0xc5,
191 0x7c, 0x9d, 0x00, 0x07, 0x9b, 0xd6, 0x89, 0xb3,
192 0xbd, 0x6e, 0x92, 0xc0, 0xbe, 0x30, 0xdd, 0x38,
193 0x3f, 0x38, 0x74, 0x5a, 0xa9, 0x98, 0x5f, 0xd5,
194 0xd7, 0xae, 0x76, 0x0f, 0x72, 0xa4, 0x1c, 0x04,
195 0x1a, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
196 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
197 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
198 0x78, 0x79, 0x7a, 0xa5, 0x03, 0x02, 0x01, 0x2a,
199 0xa6, 0x16, 0x04, 0x14, 0x6c, 0x69, 0x62, 0x72,
200 0x65, 0x73, 0x73, 0x6c, 0x2e, 0x6f, 0x70, 0x65,
201 0x6e, 0x62, 0x73, 0x64, 0x2e, 0x6f, 0x72, 0x67,
202 0xa9, 0x06, 0x02, 0x04, 0x7a, 0xbb, 0xcc, 0xdd,
203 0xaa, 0x81, 0xd2, 0x04, 0x81, 0xcf, 0x43, 0x56,
204 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30,
205 0x31, 0x36, 0x30, 0x3a, 0x20, 0x37, 0x74, 0x68,
206 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32,
207 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d,
208 0x32, 0x30, 0x31, 0x30, 0x2d, 0x35, 0x32, 0x39,
209 0x38, 0x3a, 0x20, 0x38, 0x74, 0x68, 0x20, 0x41,
210 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30, 0x31,
211 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30,
212 0x31, 0x34, 0x2d, 0x30, 0x31, 0x39, 0x38, 0x3a,
213 0x20, 0x32, 0x31, 0x73, 0x74, 0x20, 0x41, 0x70,
214 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30, 0x31, 0x34,
215 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31,
216 0x34, 0x2d, 0x33, 0x34, 0x37, 0x30, 0x3a, 0x20,
217 0x33, 0x30, 0x74, 0x68, 0x20, 0x4d, 0x61, 0x79,
218 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56,
219 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30,
220 0x31, 0x39, 0x35, 0x3a, 0x20, 0x35, 0x74, 0x68,
221 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20, 0x32, 0x30,
222 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32,
223 0x30, 0x31, 0x34, 0x2d, 0x30, 0x32, 0x32, 0x31,
224 0x3a, 0x20, 0x35, 0x74, 0x68, 0x20, 0x4a, 0x75,
225 0x6e, 0x65, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a,
226 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34,
227 0x2d, 0x30, 0x32, 0x32, 0x34, 0x3a, 0x20, 0x35,
228 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20,
229 0x32, 0x30, 0x31, 0x34, 0x0a,
230 },
231 .asn1_len = 725,
232 },
233 {
234 .session = {
235 .cipher_id = 0x03000000L | 1,
236 .ssl_version = TLS1_2_VERSION,
237 .timeout = -1,
238 },
239 .asn1 = {
240 0x0,
241 },
242 .asn1_len = -1,
243 },
244 {
245 .session = {
246 .cipher_id = 0x03000000L | 1,
247 .ssl_version = TLS1_2_VERSION,
248 .time = -1,
249 },
250 .asn1 = {
251 0x0,
252 },
253 .asn1_len = -1,
254 },
255};
256
257#define N_SSL_ASN1_TESTS \
258 (sizeof(ssl_asn1_tests) / sizeof(*ssl_asn1_tests))
259
260static int
261session_strcmp(const unsigned char *o1, const unsigned char *o2, size_t len)
262{
263 if (o1 == NULL && o2 == NULL)
264 return (0);
265 if (o1 == NULL || o2 == NULL)
266 return (1);
267 return memcmp(o1, o2, len);
268}
269
270static int
271session_cmp(SSL_SESSION *s1, SSL_SESSION *s2)
272{
273 /* Compare the ASN.1 encoded values from two sessions. */
274 if (s1->ssl_version != s2->ssl_version) {
275 fprintf(stderr, "ssl_version differs: %d != %d\n",
276 s1->ssl_version, s2->ssl_version);
277 return (1);
278 }
279 if (s1->cipher_id != s2->cipher_id) {
280 fprintf(stderr, "cipher_id differs: %ld != %ld\n",
281 s1->cipher_id, s2->cipher_id);
282 return (1);
283 }
284
285 if (s1->master_key_length != s2->master_key_length) {
286 fprintf(stderr, "master_key_length differs: %zu != %zu\n",
287 s1->master_key_length, s2->master_key_length);
288 return (1);
289 }
290 if (session_strcmp(s1->master_key, s2->master_key,
291 s1->master_key_length) != 0) {
292 fprintf(stderr, "master_key differs\n");
293 return (1);
294 }
295
296 if (s1->session_id_length != s2->session_id_length) {
297 fprintf(stderr, "session_id_length differs: %zu != %zu\n",
298 s1->session_id_length, s2->session_id_length);
299 return (1);
300 }
301 if (session_strcmp(s1->session_id, s2->session_id,
302 s1->session_id_length) != 0) {
303 fprintf(stderr, "session_id differs\n");
304 return (1);
305 }
306
307 if (s1->sid_ctx_length != s2->sid_ctx_length) {
308 fprintf(stderr, "sid_ctx_length differs: %zu != %zu\n",
309 s1->sid_ctx_length, s2->sid_ctx_length);
310 return (1);
311 }
312 if (session_strcmp(s1->sid_ctx, s2->sid_ctx,
313 s1->sid_ctx_length) != 0) {
314 fprintf(stderr, "sid_ctx differs\n");
315 return (1);
316 }
317
318 /* d2i_SSL_SESSION uses the current time if decoding a zero value. */
319 if ((s1->time != s2->time) && s1->time != 0 && s2->time != 0) {
320 fprintf(stderr, "time differs: %lld != %lld\n",
321 (long long)s1->time, (long long)s2->time);
322 return (1);
323 }
324 /* d2i_SSL_SESSION uses a timeout of 3 if decoding a zero value. */
325 if ((s1->timeout != s2->timeout) &&
326 s1->timeout != 3 && s2->timeout != 3) {
327 fprintf(stderr, "timeout differs: %ld != %ld\n",
328 s1->timeout, s2->timeout);
329 return (1);
330 }
331
332 /* Ensure that a certificate is or is not present in both. */
333 if ((s1->peer_cert != NULL || s2->peer_cert != NULL) &&
334 (s1->peer_cert == NULL || s2->peer_cert == NULL ||
335 X509_cmp(s1->peer_cert, s2->peer_cert) != 0)) {
336 fprintf(stderr, "peer_cert differs\n");
337 return (1);
338 }
339
340 if (s1->verify_result != s2->verify_result) {
341 fprintf(stderr, "verify_result differs: %ld != %ld\n",
342 s1->verify_result, s2->verify_result);
343 return (1);
344 }
345
346 if (session_strcmp(s1->tlsext_hostname, s2->tlsext_hostname,
347 (s1->tlsext_hostname ? strlen(s1->tlsext_hostname) : 0)) != 0) {
348 fprintf(stderr, "sid_ctx differs\n");
349 return (1);
350 }
351 if (s1->tlsext_tick_lifetime_hint != s2->tlsext_tick_lifetime_hint) {
352 fprintf(stderr, "tlsext_tick_lifetime_hint differs: "
353 "%u != %u\n", s1->tlsext_tick_lifetime_hint,
354 s2->tlsext_tick_lifetime_hint);
355 return (1);
356 }
357 if (s1->tlsext_ticklen != s2->tlsext_ticklen) {
358 fprintf(stderr, "tlsext_ticklen differs: %zu != %zu\n",
359 s1->tlsext_ticklen, s2->tlsext_ticklen);
360 return (1);
361 }
362 if (session_strcmp(s1->tlsext_tick, s2->tlsext_tick,
363 s1->tlsext_ticklen) != 0) {
364 fprintf(stderr, "tlsext_tick differs\n");
365 return (1);
366 }
367
368 return (0);
369}
370
371static int
372do_ssl_asn1_test(int test_no, struct ssl_asn1_test *sat)
373{
374 SSL_SESSION *sp = NULL;
375 unsigned char *ap, *asn1 = NULL;
376 const unsigned char *pp;
377 int i, len, rv = 1;
378
379 if (sat->peer_cert)
380 sat->session.peer_cert = peer_cert;
381
382 len = i2d_SSL_SESSION(&sat->session, NULL);
383 if (len != sat->asn1_len) {
384 fprintf(stderr, "FAIL: test %d returned ASN1 length %d, "
385 "want %d\n", test_no, len, sat->asn1_len);
386 goto failed;
387 }
388
389 /* See if the test is expected to fail... */
390 if (sat->asn1_len == -1)
391 return (0);
392
393 if ((asn1 = malloc(len)) == NULL)
394 errx(1, "failed to allocate memory");
395
396 ap = asn1;
397 len = i2d_SSL_SESSION(&sat->session, &ap);
398
399 /* Check the length again since the code path is different. */
400 if (len != sat->asn1_len) {
401 fprintf(stderr, "FAIL: test %d returned ASN1 length %d, "
402 "want %d\n", test_no, len, sat->asn1_len);
403 goto failed;
404 }
405 /* ap should now point at the end of the buffer. */
406 if (ap - asn1 != len) {
407 fprintf(stderr, "FAIL: test %d pointer increment does not "
408 "match length (%d != %d)\n", test_no, (int)(ap - asn1), len);
409 goto failed;
410 }
411
412 if (memcmp(asn1, &sat->asn1, len) != 0) {
413 fprintf(stderr, "FAIL: test %d - encoding differs:\n", test_no);
414 fprintf(stderr, "encoding:\n");
415 for (i = 1; i <= len; i++) {
416 fprintf(stderr, " 0x%02hhx,", asn1[i - 1]);
417 if (i % 8 == 0)
418 fprintf(stderr, "\n");
419 }
420 fprintf(stderr, "\n");
421 fprintf(stderr, "test data:\n");
422 for (i = 1; i <= sat->asn1_len; i++) {
423 fprintf(stderr, " 0x%02hhx,", sat->asn1[i - 1]);
424 if (i % 8 == 0)
425 fprintf(stderr, "\n");
426 }
427 fprintf(stderr, "\n");
428 goto failed;
429 }
430
431 pp = sat->asn1;
432
433 if ((sp = d2i_SSL_SESSION(NULL, &pp, sat->asn1_len)) == NULL) {
434 fprintf(stderr, "FAIL: test %d - decoding failed\n", test_no);
435 goto failed;
436 }
437
438 if (session_cmp(sp, &sat->session) != 0) {
439 fprintf(stderr, "FAIL: test %d - decoding differs\n", test_no);
440 goto failed;
441 }
442
443 rv = 0;
444
445 failed:
446 ERR_print_errors_fp(stderr);
447 SSL_SESSION_free(sp);
448 free(asn1);
449
450 return (rv);
451}
452
453int
454main(int argc, char **argv)
455{
456 BIO *bio = NULL;
457 int failed = 0;
458 size_t i;
459
460 SSL_library_init();
461 SSL_load_error_strings();
462
463 bio = BIO_new_mem_buf(peer_cert_pem, -1);
464 if (bio == NULL)
465 errx(1, "failed to create bio");
466
467 peer_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
468 if (peer_cert == NULL)
469 errx(1, "failed to read peer cert");
470
471 for (i = 0; i < N_SSL_ASN1_TESTS; i++)
472 failed += do_ssl_asn1_test(i, &ssl_asn1_tests[i]);
473
474 X509_free(peer_cert);
475 BIO_free(bio);
476
477 return (failed);
478}
diff --git a/src/regress/lib/libssl/buffer/Makefile b/src/regress/lib/libssl/buffer/Makefile
deleted file mode 100644
index 64ed46fa90..0000000000
--- a/src/regress/lib/libssl/buffer/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2019/01/17 06:46:10 jsing Exp $
2
3PROG= buffertest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/buffer/buffertest.c b/src/regress/lib/libssl/buffer/buffertest.c
deleted file mode 100644
index 3dfad7c44f..0000000000
--- a/src/regress/lib/libssl/buffer/buffertest.c
+++ /dev/null
@@ -1,364 +0,0 @@
1/* $OpenBSD: buffertest.c,v 1.6 2022/07/22 19:34:55 jsing Exp $ */
2/*
3 * Copyright (c) 2019, 2022 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdio.h>
20#include <stdlib.h>
21#include <string.h>
22
23#include "tls_internal.h"
24
25uint8_t testdata[] = {
26 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
27 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
28};
29
30struct read_state {
31 uint8_t *buf;
32 size_t len;
33 size_t offset;
34};
35
36static ssize_t
37read_cb(void *buf, size_t buflen, void *cb_arg)
38{
39 struct read_state *rs = cb_arg;
40 ssize_t n;
41
42 if (rs->offset > rs->len)
43 return TLS_IO_EOF;
44
45 if ((size_t)(n = buflen) > (rs->len - rs->offset))
46 n = rs->len - rs->offset;
47
48 if (n == 0)
49 return TLS_IO_WANT_POLLIN;
50
51 memcpy(buf, &rs->buf[rs->offset], n);
52 rs->offset += n;
53
54 return n;
55}
56
57struct extend_test {
58 size_t extend_len;
59 size_t read_len;
60 ssize_t want_ret;
61};
62
63const struct extend_test extend_tests[] = {
64 {
65 .extend_len = 4,
66 .read_len = 0,
67 .want_ret = TLS_IO_WANT_POLLIN,
68 },
69 {
70 .extend_len = 4,
71 .read_len = 8,
72 .want_ret = 4,
73 },
74 {
75 .extend_len = 12,
76 .read_len = 8,
77 .want_ret = TLS_IO_WANT_POLLIN,
78 },
79 {
80 .extend_len = 12,
81 .read_len = 10,
82 .want_ret = TLS_IO_WANT_POLLIN,
83 },
84 {
85 .extend_len = 12,
86 .read_len = 12,
87 .want_ret = 12,
88 },
89 {
90 .extend_len = 16,
91 .read_len = 16,
92 .want_ret = 16,
93 },
94 {
95 .extend_len = 20,
96 .read_len = 1,
97 .want_ret = TLS_IO_EOF,
98 },
99};
100
101#define N_EXTEND_TESTS (sizeof(extend_tests) / sizeof(extend_tests[0]))
102
103static int
104tls_buffer_extend_test(void)
105{
106 const struct extend_test *et;
107 struct tls_buffer *buf;
108 struct read_state rs;
109 uint8_t *data = NULL;
110 size_t i, data_len;
111 ssize_t ret;
112 CBS cbs;
113 int failed = 1;
114
115 rs.buf = testdata;
116 rs.offset = 0;
117
118 if ((buf = tls_buffer_new(0)) == NULL)
119 errx(1, "tls_buffer_new");
120
121 for (i = 0; i < N_EXTEND_TESTS; i++) {
122 et = &extend_tests[i];
123 rs.len = et->read_len;
124
125 ret = tls_buffer_extend(buf, et->extend_len, read_cb, &rs);
126 if (ret != extend_tests[i].want_ret) {
127 fprintf(stderr, "FAIL: Test %zd - extend returned %zd, "
128 "want %zd\n", i, ret, et->want_ret);
129 goto failed;
130 }
131
132 if (!tls_buffer_data(buf, &cbs)) {
133 fprintf(stderr, "FAIL: Test %zd - failed to get data\n",
134 i);
135 goto failed;
136 }
137
138 if (!CBS_mem_equal(&cbs, testdata, CBS_len(&cbs))) {
139 fprintf(stderr, "FAIL: Test %zd - extend buffer "
140 "mismatch", i);
141 goto failed;
142 }
143 }
144
145 if (!tls_buffer_finish(buf, &data, &data_len)) {
146 fprintf(stderr, "FAIL: failed to finish\n");
147 goto failed;
148 }
149
150 tls_buffer_free(buf);
151 buf = NULL;
152
153 if (data_len != sizeof(testdata)) {
154 fprintf(stderr, "FAIL: got data length %zu, want %zu\n",
155 data_len, sizeof(testdata));
156 goto failed;
157 }
158 if (memcmp(data, testdata, data_len) != 0) {
159 fprintf(stderr, "FAIL: data mismatch\n");
160 goto failed;
161 }
162
163 failed = 0;
164
165 failed:
166 tls_buffer_free(buf);
167 free(data);
168
169 return failed;
170}
171
172struct read_write_test {
173 uint8_t pattern;
174 size_t read;
175 size_t write;
176 size_t append;
177 ssize_t want;
178};
179
180const struct read_write_test read_write_tests[] = {
181 {
182 .read = 2048,
183 .want = TLS_IO_WANT_POLLIN,
184 },
185 {
186 .pattern = 0xdb,
187 .write = 2048,
188 .want = 2048,
189 },
190 {
191 .pattern = 0xbd,
192 .append = 2048,
193 .want = 1,
194 },
195 {
196 .pattern = 0xdb,
197 .read = 2048,
198 .want = 2048,
199 },
200 {
201 .pattern = 0xfe,
202 .append = 1024,
203 .want = 1,
204 },
205 {
206 .pattern = 0xbd,
207 .read = 1000,
208 .want = 1000,
209 },
210 {
211 .pattern = 0xbd,
212 .read = 1048,
213 .want = 1048,
214 },
215 {
216 .pattern = 0xdb,
217 .write = 2048,
218 .want = 2048,
219 },
220 {
221 .pattern = 0xbd,
222 .append = 1024,
223 .want = 1,
224 },
225 {
226 .pattern = 0xee,
227 .append = 4096,
228 .want = 1,
229 },
230 {
231 .pattern = 0xfe,
232 .append = 1,
233 .want = 0,
234 },
235 {
236 .pattern = 0xfe,
237 .write = 1,
238 .want = TLS_IO_FAILURE,
239 },
240 {
241 .pattern = 0xfe,
242 .read = 1024,
243 .want = 1024,
244 },
245 {
246 .pattern = 0xdb,
247 .read = 2048,
248 .want = 2048,
249 },
250 {
251 .pattern = 0xbd,
252 .read = 1024,
253 .want = 1024,
254 },
255 {
256 .pattern = 0xee,
257 .read = 1024,
258 .want = 1024,
259 },
260 {
261 .pattern = 0xee,
262 .read = 4096,
263 .want = 3072,
264 },
265 {
266 .read = 2048,
267 .want = TLS_IO_WANT_POLLIN,
268 },
269};
270
271#define N_READ_WRITE_TESTS (sizeof(read_write_tests) / sizeof(read_write_tests[0]))
272
273static int
274tls_buffer_read_write_test(void)
275{
276 const struct read_write_test *rwt;
277 struct tls_buffer *buf = NULL;
278 uint8_t *rbuf = NULL, *wbuf = NULL;
279 ssize_t n;
280 size_t i;
281 int ret;
282 int failed = 1;
283
284 if ((buf = tls_buffer_new(0)) == NULL)
285 errx(1, "tls_buffer_new");
286
287 tls_buffer_set_capacity_limit(buf, 8192);
288
289 for (i = 0; i < N_READ_WRITE_TESTS; i++) {
290 rwt = &read_write_tests[i];
291
292 if (rwt->append > 0) {
293 free(wbuf);
294 if ((wbuf = malloc(rwt->append)) == NULL)
295 errx(1, "malloc");
296 memset(wbuf, rwt->pattern, rwt->append);
297 if ((ret = tls_buffer_append(buf, wbuf, rwt->append)) !=
298 rwt->want) {
299 fprintf(stderr, "FAIL: test %zu - "
300 "tls_buffer_append() = %d, want %zu\n",
301 i, ret, rwt->want);
302 goto failed;
303 }
304 }
305
306 if (rwt->write > 0) {
307 free(wbuf);
308 if ((wbuf = malloc(rwt->write)) == NULL)
309 errx(1, "malloc");
310 memset(wbuf, rwt->pattern, rwt->write);
311 if ((n = tls_buffer_write(buf, wbuf, rwt->write)) !=
312 rwt->want) {
313 fprintf(stderr, "FAIL: test %zu - "
314 "tls_buffer_write() = %zi, want %zu\n",
315 i, n, rwt->want);
316 goto failed;
317 }
318 }
319
320 if (rwt->read > 0) {
321 free(rbuf);
322 if ((rbuf = calloc(1, rwt->read)) == NULL)
323 errx(1, "malloc");
324 if ((n = tls_buffer_read(buf, rbuf, rwt->read)) !=
325 rwt->want) {
326 fprintf(stderr, "FAIL: test %zu - "
327 "tls_buffer_read() = %zi, want %zu\n",
328 i, n, rwt->want);
329 goto failed;
330 }
331 if (rwt->want > 0) {
332 free(wbuf);
333 if ((wbuf = malloc(rwt->want)) == NULL)
334 errx(1, "malloc");
335 memset(wbuf, rwt->pattern, rwt->want);
336 if (memcmp(rbuf, wbuf, rwt->want) != 0) {
337 fprintf(stderr, "FAIL: test %zu - "
338 "read byte mismatch\n", i);
339 goto failed;
340 }
341 }
342 }
343 }
344
345 failed = 0;
346
347 failed:
348 tls_buffer_free(buf);
349 free(rbuf);
350 free(wbuf);
351
352 return failed;
353}
354
355int
356main(int argc, char **argv)
357{
358 int failed = 0;
359
360 failed |= tls_buffer_extend_test();
361 failed |= tls_buffer_read_write_test();
362
363 return failed;
364}
diff --git a/src/regress/lib/libssl/bytestring/Makefile b/src/regress/lib/libssl/bytestring/Makefile
deleted file mode 100644
index 91b3fea902..0000000000
--- a/src/regress/lib/libssl/bytestring/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.6 2022/06/29 15:06:18 tb Exp $
2
3PROG= bytestringtest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/bytestring/bytestringtest.c b/src/regress/lib/libssl/bytestring/bytestringtest.c
deleted file mode 100644
index a0fcde0baa..0000000000
--- a/src/regress/lib/libssl/bytestring/bytestringtest.c
+++ /dev/null
@@ -1,968 +0,0 @@
1/* $OpenBSD: bytestringtest.c,v 1.16 2022/01/06 14:31:03 jsing Exp $ */
2/*
3 * Copyright (c) 2014, Google Inc.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
12 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
14 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
15 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
16
17#include <stdio.h>
18#include <stdlib.h>
19#include <string.h>
20
21#include <openssl/crypto.h>
22
23#include "bytestring.h"
24
25/* This is from <openssl/base.h> in boringssl */
26#define OPENSSL_U64(x) x##ULL
27
28#define PRINT_ERROR printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
29 __LINE__)
30
31#define CHECK(a) do { \
32 if (!(a)) { \
33 PRINT_ERROR; \
34 return 0; \
35 } \
36} while (0)
37
38#define CHECK_GOTO(a) do { \
39 if (!(a)) { \
40 PRINT_ERROR; \
41 goto err; \
42 } \
43} while (0)
44
45static int
46test_skip(void)
47{
48 static const uint8_t kData[] = {1, 2, 3};
49 CBS data;
50
51 CBS_init(&data, kData, sizeof(kData));
52
53 CHECK(CBS_len(&data) == 3);
54 CHECK(CBS_skip(&data, 1));
55 CHECK(CBS_len(&data) == 2);
56 CHECK(CBS_skip(&data, 2));
57 CHECK(CBS_len(&data) == 0);
58 CHECK(!CBS_skip(&data, 1));
59
60 return 1;
61}
62
63static int
64test_get_u(void)
65{
66 static const uint8_t kData[] = {
67 1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
68 11, 12, 13, 14, 15, 16, 17, 18, 19, 20,
69 };
70 uint8_t u8;
71 uint16_t u16;
72 uint32_t u32;
73 uint64_t u64;
74 CBS data;
75
76 CBS_init(&data, kData, sizeof(kData));
77
78 CHECK(CBS_get_u8(&data, &u8));
79 CHECK(u8 == 1);
80 CHECK(CBS_get_u16(&data, &u16));
81 CHECK(u16 == 0x203);
82 CHECK(CBS_get_u24(&data, &u32));
83 CHECK(u32 == 0x40506);
84 CHECK(CBS_get_u32(&data, &u32));
85 CHECK(u32 == 0x708090a);
86 CHECK(CBS_get_u64(&data, &u64));
87 CHECK(u64 == 0x0b0c0d0e0f101112U);
88 CHECK(CBS_get_last_u8(&data, &u8));
89 CHECK(u8 == 20);
90 CHECK(CBS_get_last_u8(&data, &u8));
91 CHECK(u8 == 19);
92 CHECK(!CBS_get_u8(&data, &u8));
93 CHECK(!CBS_get_last_u8(&data, &u8));
94
95 return 1;
96}
97
98static int
99test_get_prefixed(void)
100{
101 static const uint8_t kData[] = {1, 2, 0, 2, 3, 4, 0, 0, 3, 3, 2, 1};
102 uint8_t u8;
103 uint16_t u16;
104 uint32_t u32;
105 CBS data, prefixed;
106
107 CBS_init(&data, kData, sizeof(kData));
108
109 CHECK(CBS_get_u8_length_prefixed(&data, &prefixed));
110 CHECK(CBS_len(&prefixed) == 1);
111 CHECK(CBS_get_u8(&prefixed, &u8));
112 CHECK(u8 == 2);
113 CHECK(CBS_get_u16_length_prefixed(&data, &prefixed));
114 CHECK(CBS_len(&prefixed) == 2);
115 CHECK(CBS_get_u16(&prefixed, &u16));
116 CHECK(u16 == 0x304);
117 CHECK(CBS_get_u24_length_prefixed(&data, &prefixed));
118 CHECK(CBS_len(&prefixed) == 3);
119 CHECK(CBS_get_u24(&prefixed, &u32));
120 CHECK(u32 == 0x30201);
121
122 return 1;
123}
124
125static int
126test_get_prefixed_bad(void)
127{
128 static const uint8_t kData1[] = {2, 1};
129 static const uint8_t kData2[] = {0, 2, 1};
130 static const uint8_t kData3[] = {0, 0, 2, 1};
131 CBS data, prefixed;
132
133 CBS_init(&data, kData1, sizeof(kData1));
134 CHECK(!CBS_get_u8_length_prefixed(&data, &prefixed));
135
136 CBS_init(&data, kData2, sizeof(kData2));
137 CHECK(!CBS_get_u16_length_prefixed(&data, &prefixed));
138
139 CBS_init(&data, kData3, sizeof(kData3));
140 CHECK(!CBS_get_u24_length_prefixed(&data, &prefixed));
141
142 return 1;
143}
144
145static int
146test_peek_u(void)
147{
148 static const uint8_t kData[] = {
149 1, 2, 3, 4, 5, 6, 7, 8, 9,
150 };
151 uint8_t u8;
152 uint16_t u16;
153 uint32_t u32;
154 CBS data;
155
156 CBS_init(&data, kData, sizeof(kData));
157
158 CHECK(CBS_peek_u8(&data, &u8));
159 CHECK(u8 == 1);
160 CHECK(CBS_peek_u16(&data, &u16));
161 CHECK(u16 == 0x102);
162 CHECK(CBS_peek_u24(&data, &u32));
163 CHECK(u32 == 0x10203);
164 CHECK(CBS_peek_u32(&data, &u32));
165 CHECK(u32 == 0x1020304);
166 CHECK(CBS_get_u32(&data, &u32));
167 CHECK(u32 == 0x1020304);
168 CHECK(CBS_peek_last_u8(&data, &u8));
169 CHECK(u8 == 9);
170 CHECK(CBS_peek_u32(&data, &u32));
171 CHECK(u32 == 0x5060708);
172 CHECK(CBS_get_u32(&data, &u32));
173 CHECK(u32 == 0x5060708);
174 CHECK(CBS_get_u8(&data, &u8));
175 CHECK(u8 == 9);
176 CHECK(!CBS_get_u8(&data, &u8));
177
178 return 1;
179}
180
181static int
182test_get_asn1(void)
183{
184 static const uint8_t kData1[] = {0x30, 2, 1, 2};
185 static const uint8_t kData2[] = {0x30, 3, 1, 2};
186 static const uint8_t kData3[] = {0x30, 0x80};
187 static const uint8_t kData4[] = {0x30, 0x81, 1, 1};
188 static const uint8_t kData5[4 + 0x80] = {0x30, 0x82, 0, 0x80};
189 static const uint8_t kData6[] = {0xa1, 3, 0x4, 1, 1};
190 static const uint8_t kData7[] = {0xa1, 3, 0x4, 2, 1};
191 static const uint8_t kData8[] = {0xa1, 3, 0x2, 1, 1};
192 static const uint8_t kData9[] = {0xa1, 3, 0x2, 1, 0xff};
193
194 CBS data, contents;
195 int present;
196 uint64_t value;
197
198 CBS_init(&data, kData1, sizeof(kData1));
199
200 CHECK(!CBS_peek_asn1_tag(&data, 0x1));
201 CHECK(CBS_peek_asn1_tag(&data, 0x30));
202
203 CHECK(CBS_get_asn1(&data, &contents, 0x30));
204 CHECK(CBS_len(&contents) == 2);
205 CHECK(memcmp(CBS_data(&contents), "\x01\x02", 2) == 0);
206
207 CBS_init(&data, kData2, sizeof(kData2));
208 /* data is truncated */
209 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
210
211 CBS_init(&data, kData3, sizeof(kData3));
212 /* zero byte length of length */
213 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
214
215 CBS_init(&data, kData4, sizeof(kData4));
216 /* long form mistakenly used. */
217 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
218
219 CBS_init(&data, kData5, sizeof(kData5));
220 /* length takes too many bytes. */
221 CHECK(!CBS_get_asn1(&data, &contents, 0x30));
222
223 CBS_init(&data, kData1, sizeof(kData1));
224 /* wrong tag. */
225 CHECK(!CBS_get_asn1(&data, &contents, 0x31));
226
227 CBS_init(&data, NULL, 0);
228 /* peek at empty data. */
229 CHECK(!CBS_peek_asn1_tag(&data, 0x30));
230
231 CBS_init(&data, NULL, 0);
232 /* optional elements at empty data. */
233 CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa0));
234 CHECK(!present);
235 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present,
236 0xa0));
237 CHECK(!present);
238 CHECK(CBS_len(&contents) == 0);
239 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, NULL, 0xa0));
240 CHECK(CBS_len(&contents) == 0);
241 CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa0, 42));
242 CHECK(value == 42);
243
244 CBS_init(&data, kData6, sizeof(kData6));
245 /* optional element. */
246 CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa0));
247 CHECK(!present);
248 CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa1));
249 CHECK(present);
250 CHECK(CBS_len(&contents) == 3);
251 CHECK(memcmp(CBS_data(&contents), "\x04\x01\x01", 3) == 0);
252
253 CBS_init(&data, kData6, sizeof(kData6));
254 /* optional octet string. */
255 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present,
256 0xa0));
257 CHECK(!present);
258 CHECK(CBS_len(&contents) == 0);
259 CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present,
260 0xa1));
261 CHECK(present);
262 CHECK(CBS_len(&contents) == 1);
263 CHECK(CBS_data(&contents)[0] == 1);
264
265 CBS_init(&data, kData7, sizeof(kData7));
266 /* invalid optional octet string. */
267 CHECK(!CBS_get_optional_asn1_octet_string(&data, &contents, &present,
268 0xa1));
269
270 CBS_init(&data, kData8, sizeof(kData8));
271 /* optional octet string. */
272 CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa0, 42));
273 CHECK(value == 42);
274 CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa1, 42));
275 CHECK(value == 1);
276
277 CBS_init(&data, kData9, sizeof(kData9));
278 /* invalid optional integer. */
279 CHECK(!CBS_get_optional_asn1_uint64(&data, &value, 0xa1, 42));
280
281 return 1;
282}
283
284static int
285test_get_optional_asn1_bool(void)
286{
287 CBS data;
288 int val;
289
290 static const uint8_t kTrue[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0xff};
291 static const uint8_t kFalse[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x00};
292 static const uint8_t kInvalid[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x01};
293
294 CBS_init(&data, NULL, 0);
295 val = 2;
296 CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0));
297 CHECK(val == 0);
298
299 CBS_init(&data, kTrue, sizeof(kTrue));
300 val = 2;
301 CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0));
302 CHECK(val == 1);
303
304 CBS_init(&data, kFalse, sizeof(kFalse));
305 val = 2;
306 CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 1));
307 CHECK(val == 0);
308
309 CBS_init(&data, kInvalid, sizeof(kInvalid));
310 CHECK(!CBS_get_optional_asn1_bool(&data, &val, 0x0a, 1));
311
312 return 1;
313}
314
315static int
316test_cbb_basic(void)
317{
318 static const uint8_t kExpected[] = {
319 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12,
320 13, 14, 15, 16, 17, 18, 19, 20,
321 };
322 uint8_t *buf = NULL;
323 size_t buf_len;
324 int ret = 0;
325 CBB cbb;
326
327 CHECK(CBB_init(&cbb, 100));
328
329 CBB_cleanup(&cbb);
330
331 CHECK(CBB_init(&cbb, 0));
332 CHECK_GOTO(CBB_add_u8(&cbb, 1));
333 CHECK_GOTO(CBB_add_u16(&cbb, 0x203));
334 CHECK_GOTO(CBB_add_u24(&cbb, 0x40506));
335 CHECK_GOTO(CBB_add_u32(&cbb, 0x708090a));
336 CHECK_GOTO(CBB_add_bytes(&cbb, (const uint8_t*) "\x0b\x0c", 2));
337 CHECK_GOTO(CBB_add_u64(&cbb, 0xd0e0f1011121314));
338 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
339
340 ret = (buf_len == sizeof(kExpected)
341 && memcmp(buf, kExpected, buf_len) == 0);
342
343 if (0) {
344err:
345 CBB_cleanup(&cbb);
346 }
347 free(buf);
348 return ret;
349}
350
351static int
352test_cbb_add_space(void)
353{
354 static const uint8_t kExpected[] = {1, 2, 0, 0, 0, 0, 7, 8};
355 uint8_t *buf = NULL;
356 size_t buf_len;
357 uint8_t *data;
358 int ret = 0;
359 CBB cbb;
360
361 CHECK(CBB_init(&cbb, 100));
362
363 CHECK_GOTO(CBB_add_u16(&cbb, 0x102));
364 CHECK_GOTO(CBB_add_space(&cbb, &data, 4));
365 CHECK_GOTO(CBB_add_u16(&cbb, 0x708));
366 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
367
368 ret |= (buf_len == sizeof(kExpected)
369 && memcmp(buf, kExpected, buf_len) == 0);
370
371 memset(buf, 0xa5, buf_len);
372 CHECK(CBB_init_fixed(&cbb, buf, buf_len));
373
374 CHECK_GOTO(CBB_add_u16(&cbb, 0x102));
375 CHECK_GOTO(CBB_add_space(&cbb, &data, 4));
376 CHECK_GOTO(CBB_add_u16(&cbb, 0x708));
377 CHECK_GOTO(CBB_finish(&cbb, NULL, NULL));
378
379 ret |= (buf_len == sizeof(kExpected)
380 && memcmp(buf, kExpected, buf_len) == 0);
381
382 if (0) {
383err:
384 CBB_cleanup(&cbb);
385 }
386 free(buf);
387 return ret;
388}
389
390static int
391test_cbb_fixed(void)
392{
393 CBB cbb;
394 uint8_t buf[1];
395 uint8_t *out_buf = NULL;
396 size_t out_size;
397 int ret = 0;
398
399 CHECK(CBB_init_fixed(&cbb, NULL, 0));
400 CHECK_GOTO(!CBB_add_u8(&cbb, 1));
401 CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size));
402 CHECK(out_buf == NULL && out_size == 0);
403
404 CHECK(CBB_init_fixed(&cbb, buf, 1));
405 CHECK_GOTO(CBB_add_u8(&cbb, 1));
406 CHECK_GOTO(!CBB_add_u8(&cbb, 2));
407 CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size));
408
409 ret = (out_buf == buf && out_size == 1 && buf[0] == 1);
410
411 if (0) {
412err:
413 CBB_cleanup(&cbb);
414 }
415
416 return ret;
417}
418
419static int
420test_cbb_finish_child(void)
421{
422 CBB cbb, child;
423 uint8_t *out_buf = NULL;
424 size_t out_size;
425 int ret = 0;
426
427 CHECK(CBB_init(&cbb, 16));
428 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &child));
429 CHECK_GOTO(!CBB_finish(&child, &out_buf, &out_size));
430 CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size));
431
432 ret = (out_size == 1 && out_buf[0] == 0);
433
434err:
435 free(out_buf);
436 return ret;
437}
438
439static int
440test_cbb_prefixed(void)
441{
442 static const uint8_t kExpected[] = {0, 1, 1, 0, 2, 2, 3, 0, 0, 3,
443 4, 5, 6, 5, 4, 1, 0, 1, 2};
444 CBB cbb, contents, inner_contents, inner_inner_contents;
445 uint8_t *buf = NULL;
446 size_t buf_len;
447 int ret = 0;
448
449 CHECK(CBB_init(&cbb, 0));
450 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
451 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
452 CHECK_GOTO(CBB_add_u8(&contents, 1));
453 CHECK_GOTO(CBB_add_u16_length_prefixed(&cbb, &contents));
454 CHECK_GOTO(CBB_add_u16(&contents, 0x203));
455 CHECK_GOTO(CBB_add_u24_length_prefixed(&cbb, &contents));
456 CHECK_GOTO(CBB_add_u24(&contents, 0x40506));
457 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
458 CHECK_GOTO(CBB_add_u8_length_prefixed(&contents, &inner_contents));
459 CHECK_GOTO(CBB_add_u8(&inner_contents, 1));
460 CHECK_GOTO(CBB_add_u16_length_prefixed(&inner_contents,
461 &inner_inner_contents));
462 CHECK_GOTO(CBB_add_u8(&inner_inner_contents, 2));
463 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
464
465 ret = (buf_len == sizeof(kExpected)
466 && memcmp(buf, kExpected, buf_len) == 0);
467
468 if (0) {
469err:
470 CBB_cleanup(&cbb);
471 }
472 free(buf);
473 return ret;
474}
475
476static int
477test_cbb_discard_child(void)
478{
479 static const uint8_t kExpected[] = {
480 0xaa,
481 0,
482 1, 0xbb,
483 0, 2, 0xcc, 0xcc,
484 0, 0, 3, 0xdd, 0xdd, 0xdd,
485 1, 0xff,
486 };
487 CBB cbb, contents, inner_contents, inner_inner_contents;
488 uint8_t *buf = NULL;
489 size_t buf_len;
490 int ret = 0;
491
492 CHECK(CBB_init(&cbb, 0));
493 CHECK_GOTO(CBB_add_u8(&cbb, 0xaa));
494
495 // Discarding |cbb|'s children preserves the byte written.
496 CBB_discard_child(&cbb);
497
498 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
499 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
500 CHECK_GOTO(CBB_add_u8(&contents, 0xbb));
501 CHECK_GOTO(CBB_add_u16_length_prefixed(&cbb, &contents));
502 CHECK_GOTO(CBB_add_u16(&contents, 0xcccc));
503 CHECK_GOTO(CBB_add_u24_length_prefixed(&cbb, &contents));
504 CHECK_GOTO(CBB_add_u24(&contents, 0xdddddd));
505 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents));
506 CHECK_GOTO(CBB_add_u8(&contents, 0xff));
507 CHECK_GOTO(CBB_add_u8_length_prefixed(&contents, &inner_contents));
508 CHECK_GOTO(CBB_add_u8(&inner_contents, 0x42));
509 CHECK_GOTO(CBB_add_u16_length_prefixed(&inner_contents,
510 &inner_inner_contents));
511 CHECK_GOTO(CBB_add_u8(&inner_inner_contents, 0x99));
512
513 // Discard everything from |inner_contents| down.
514 CBB_discard_child(&contents);
515
516 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
517
518 ret = (buf_len == sizeof(kExpected)
519 && memcmp(buf, kExpected, buf_len) == 0);
520
521 if (0) {
522err:
523 CBB_cleanup(&cbb);
524 }
525 free(buf);
526 return ret;
527}
528
529static int
530test_cbb_misuse(void)
531{
532 CBB cbb, child, contents;
533 uint8_t *buf = NULL;
534 size_t buf_len;
535 int ret = 0;
536
537 CHECK(CBB_init(&cbb, 0));
538 CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &child));
539 CHECK_GOTO(CBB_add_u8(&child, 1));
540 CHECK_GOTO(CBB_add_u8(&cbb, 2));
541
542 /*
543 * Since we wrote to |cbb|, |child| is now invalid and attempts to write
544 * to it should fail.
545 */
546 CHECK_GOTO(!CBB_add_u8(&child, 1));
547 CHECK_GOTO(!CBB_add_u16(&child, 1));
548 CHECK_GOTO(!CBB_add_u24(&child, 1));
549 CHECK_GOTO(!CBB_add_u8_length_prefixed(&child, &contents));
550 CHECK_GOTO(!CBB_add_u16_length_prefixed(&child, &contents));
551 CHECK_GOTO(!CBB_add_asn1(&child, &contents, 1));
552 CHECK_GOTO(!CBB_add_bytes(&child, (const uint8_t*) "a", 1));
553 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
554
555 ret = (buf_len == 3 && memcmp(buf, "\x01\x01\x02", 3) == 0);
556
557 if (0) {
558err:
559 CBB_cleanup(&cbb);
560 }
561 free(buf);
562 return ret;
563}
564
565static int
566test_cbb_asn1(void)
567{
568 static const uint8_t kExpected[] = {0x30, 3, 1, 2, 3};
569 uint8_t *buf = NULL, *test_data = NULL;
570 size_t buf_len;
571 CBB cbb, contents, inner_contents;
572 int ret = 0;
573 int alloc = 0;
574
575 CHECK_GOTO(CBB_init(&cbb, 0));
576 alloc = 1;
577 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
578 CHECK_GOTO(CBB_add_bytes(&contents, (const uint8_t*) "\x01\x02\x03",
579 3));
580 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
581 alloc = 0;
582
583 CHECK_GOTO(buf_len == sizeof(kExpected));
584 CHECK_GOTO(memcmp(buf, kExpected, buf_len) == 0);
585
586 free(buf);
587 buf = NULL;
588
589 CHECK_GOTO(((test_data = malloc(100000)) != NULL));
590 memset(test_data, 0x42, 100000);
591
592 CHECK_GOTO(CBB_init(&cbb, 0));
593 alloc = 1;
594 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
595 CHECK_GOTO(CBB_add_bytes(&contents, test_data, 130));
596 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
597 alloc = 0;
598
599 CHECK_GOTO(buf_len == 3 + 130);
600 CHECK_GOTO(memcmp(buf, "\x30\x81\x82", 3) == 0);
601 CHECK_GOTO(memcmp(buf + 3, test_data, 130) == 0);
602
603 free(buf);
604 buf = NULL;
605
606 CHECK_GOTO(CBB_init(&cbb, 0));
607 alloc = 1;
608 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
609 CHECK_GOTO(CBB_add_bytes(&contents, test_data, 1000));
610 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
611 alloc = 0;
612
613 CHECK_GOTO(buf_len == 4 + 1000);
614 CHECK_GOTO(memcmp(buf, "\x30\x82\x03\xe8", 4) == 0);
615 CHECK_GOTO(!memcmp(buf + 4, test_data, 1000));
616
617 free(buf);
618 buf = NULL;
619
620 CHECK_GOTO(CBB_init(&cbb, 0));
621 alloc = 1;
622 CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30));
623 CHECK_GOTO(CBB_add_asn1(&contents, &inner_contents, 0x30));
624 CHECK_GOTO(CBB_add_bytes(&inner_contents, test_data, 100000));
625 CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len));
626 alloc = 0;
627
628 CHECK_GOTO(buf_len == 5 + 5 + 100000);
629 CHECK_GOTO(memcmp(buf, "\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0", 10)
630 == 0);
631 CHECK_GOTO(!memcmp(buf + 10, test_data, 100000));
632
633 ret = 1;
634
635 if (0) {
636err:
637 if (alloc)
638 CBB_cleanup(&cbb);
639 }
640 free(buf);
641 free(test_data);
642 return ret;
643}
644
645static int
646do_indefinite_convert(const char *name, const uint8_t *definite_expected,
647 size_t definite_len, const uint8_t *indefinite, size_t indefinite_len)
648{
649 CBS in;
650 uint8_t *out = NULL;
651 size_t out_len;
652 int ret = 0;
653
654 CBS_init(&in, indefinite, indefinite_len);
655
656 CHECK_GOTO(CBS_asn1_indefinite_to_definite(&in, &out, &out_len));
657
658 if (out == NULL) {
659
660 if (indefinite_len != definite_len ||
661 memcmp(definite_expected, indefinite, indefinite_len) != 0) {
662 PRINT_ERROR;
663 goto err;
664 }
665
666 return 1;
667 }
668
669 if (out_len != definite_len ||
670 memcmp(out, definite_expected, definite_len) != 0) {
671 PRINT_ERROR;
672 goto err;
673 }
674
675 ret = 1;
676err:
677 free(out);
678 return ret;
679}
680
681static int
682test_indefinite_convert(void)
683{
684 static const uint8_t kSimpleBER[] = {0x01, 0x01, 0x00};
685
686 /* kIndefBER contains a SEQUENCE with an indefinite length. */
687 static const uint8_t kIndefBER[] = {0x30, 0x80, 0x01, 0x01, 0x02, 0x00,
688 0x00};
689 static const uint8_t kIndefDER[] = {0x30, 0x03, 0x01, 0x01, 0x02};
690
691 /*
692 * kOctetStringBER contains an indefinite length OCTETSTRING with two
693 * parts. These parts need to be concatenated in DER form.
694 */
695 static const uint8_t kOctetStringBER[] = {0x24, 0x80, 0x04, 0x02, 0,
696 1, 0x04, 0x02, 2, 3, 0x00, 0x00};
697 static const uint8_t kOctetStringDER[] = {0x04, 0x04, 0, 1, 2, 3};
698
699 /*
700 * kNSSBER is part of a PKCS#12 message generated by NSS that uses
701 * indefinite length elements extensively.
702 */
703 static const uint8_t kNSSBER[] = {
704 0x30, 0x80, 0x02, 0x01, 0x03, 0x30, 0x80, 0x06, 0x09, 0x2a, 0x86,
705 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x80, 0x24, 0x80,
706 0x04, 0x04, 0x01, 0x02, 0x03, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00,
707 0x00, 0x30, 0x39, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e,
708 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x84, 0x98, 0xfc, 0x66,
709 0x33, 0xee, 0xba, 0xe7, 0x90, 0xc1, 0xb6, 0xe8, 0x8f, 0xfe, 0x1d,
710 0xc5, 0xa5, 0x97, 0x93, 0x3e, 0x04, 0x10, 0x38, 0x62, 0xc6, 0x44,
711 0x12, 0xd5, 0x30, 0x00, 0xf8, 0xf2, 0x1b, 0xf0, 0x6e, 0x10, 0x9b,
712 0xb8, 0x02, 0x02, 0x07, 0xd0, 0x00, 0x00,
713 };
714
715 static const uint8_t kNSSDER[] = {
716 0x30, 0x53, 0x02, 0x01, 0x03, 0x30, 0x13, 0x06, 0x09, 0x2a, 0x86,
717 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x06, 0x04, 0x04,
718 0x01, 0x02, 0x03, 0x04, 0x30, 0x39, 0x30, 0x21, 0x30, 0x09, 0x06,
719 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x84,
720 0x98, 0xfc, 0x66, 0x33, 0xee, 0xba, 0xe7, 0x90, 0xc1, 0xb6, 0xe8,
721 0x8f, 0xfe, 0x1d, 0xc5, 0xa5, 0x97, 0x93, 0x3e, 0x04, 0x10, 0x38,
722 0x62, 0xc6, 0x44, 0x12, 0xd5, 0x30, 0x00, 0xf8, 0xf2, 0x1b, 0xf0,
723 0x6e, 0x10, 0x9b, 0xb8, 0x02, 0x02, 0x07, 0xd0,
724 };
725
726 CHECK(do_indefinite_convert("kSimpleBER", kSimpleBER, sizeof(kSimpleBER),
727 kSimpleBER, sizeof(kSimpleBER)));
728 CHECK(do_indefinite_convert("kIndefBER", kIndefDER, sizeof(kIndefDER),
729 kIndefBER, sizeof(kIndefBER)));
730 CHECK(do_indefinite_convert("kOctetStringBER", kOctetStringDER,
731 sizeof(kOctetStringDER), kOctetStringBER,
732 sizeof(kOctetStringBER)));
733 CHECK(do_indefinite_convert("kNSSBER", kNSSDER, sizeof(kNSSDER), kNSSBER,
734 sizeof(kNSSBER)));
735
736 return 1;
737}
738
739typedef struct {
740 uint64_t value;
741 const char *encoding;
742 size_t encoding_len;
743} ASN1_UINT64_TEST;
744
745static const ASN1_UINT64_TEST kAsn1Uint64Tests[] = {
746 {0, "\x02\x01\x00", 3},
747 {1, "\x02\x01\x01", 3},
748 {127, "\x02\x01\x7f", 3},
749 {128, "\x02\x02\x00\x80", 4},
750 {0xdeadbeef, "\x02\x05\x00\xde\xad\xbe\xef", 7},
751 {OPENSSL_U64(0x0102030405060708),
752 "\x02\x08\x01\x02\x03\x04\x05\x06\x07\x08", 10},
753 {OPENSSL_U64(0xffffffffffffffff),
754 "\x02\x09\x00\xff\xff\xff\xff\xff\xff\xff\xff", 11},
755};
756
757typedef struct {
758 const char *encoding;
759 size_t encoding_len;
760} ASN1_INVALID_UINT64_TEST;
761
762static const ASN1_INVALID_UINT64_TEST kAsn1InvalidUint64Tests[] = {
763 /* Bad tag. */
764 {"\x03\x01\x00", 3},
765 /* Empty contents. */
766 {"\x02\x00", 2},
767 /* Negative number. */
768 {"\x02\x01\x80", 3},
769 /* Overflow. */
770 {"\x02\x09\x01\x00\x00\x00\x00\x00\x00\x00\x00", 11},
771 /* Leading zeros. */
772 {"\x02\x02\x00\x01", 4},
773};
774
775static int
776test_asn1_uint64(void)
777{
778 CBB cbb;
779 uint8_t *out = NULL;
780 size_t i;
781 int ret = 0;
782 int alloc = 0;
783
784 for (i = 0; i < sizeof(kAsn1Uint64Tests) / sizeof(kAsn1Uint64Tests[0]);
785 i++) {
786 const ASN1_UINT64_TEST *test = &kAsn1Uint64Tests[i];
787 CBS cbs;
788 uint64_t value;
789 size_t len;
790
791 CBS_init(&cbs, (const uint8_t *)test->encoding,
792 test->encoding_len);
793
794 CHECK(CBS_get_asn1_uint64(&cbs, &value));
795 CHECK(CBS_len(&cbs) == 0);
796 CHECK(value == test->value);
797
798 CHECK(CBB_init(&cbb, 0));
799 alloc = 1;
800 CHECK_GOTO(CBB_add_asn1_uint64(&cbb, test->value));
801 CHECK_GOTO(CBB_finish(&cbb, &out, &len));
802 alloc = 0;
803
804 CHECK_GOTO(len == test->encoding_len);
805 CHECK_GOTO(memcmp(out, test->encoding, len) == 0);
806 free(out);
807 out = NULL;
808 }
809
810 for (i = 0; i < sizeof(kAsn1InvalidUint64Tests)
811 / sizeof(kAsn1InvalidUint64Tests[0]); i++) {
812 const ASN1_INVALID_UINT64_TEST *test =
813 &kAsn1InvalidUint64Tests[i];
814 CBS cbs;
815 uint64_t value;
816
817 CBS_init(&cbs, (const uint8_t *)test->encoding,
818 test->encoding_len);
819 CHECK(!CBS_get_asn1_uint64(&cbs, &value));
820 }
821
822 ret = 1;
823
824 if (0) {
825err:
826 if (alloc)
827 CBB_cleanup(&cbb);
828 }
829 free(out);
830
831 return ret;
832}
833
834static int
835test_offset(void)
836{
837 uint8_t v;
838 static const uint8_t input[] = {1, 2, 3, 4, 5};
839 CBS data;
840
841 CBS_init(&data, input, sizeof(input));
842 CHECK(sizeof(input) == 5);
843 CHECK(CBS_len(&data) == 5);
844 CHECK(CBS_offset(&data) == 0);
845 CHECK(CBS_get_u8(&data, &v));
846 CHECK(v == 1);
847 CHECK(CBS_len(&data) == 4);
848 CHECK(CBS_offset(&data) == 1);
849 CHECK(CBS_skip(&data, 2));
850 CHECK(CBS_len(&data) == 2);
851 CHECK(CBS_offset(&data) == 3);
852 CHECK(CBS_get_u8(&data, &v));
853 CHECK(v == 4);
854 CHECK(CBS_get_u8(&data, &v));
855 CHECK(v == 5);
856 CHECK(CBS_len(&data) == 0);
857 CHECK(CBS_offset(&data) == 5);
858 CHECK(!CBS_skip(&data, 1));
859
860 CBS_init(&data, input, sizeof(input));
861 CHECK(CBS_skip(&data, 2));
862 CHECK(CBS_len(&data) == 3);
863 CHECK(CBS_offset(&data) == 2);
864 CHECK(CBS_skip(&data, 3));
865 CHECK(CBS_len(&data) == 0);
866 CHECK(CBS_offset(&data) == 5);
867 CHECK(!CBS_get_u8(&data, &v));
868
869 return 1;
870}
871
872static int
873test_write_bytes(void)
874{
875 int ret = 0;
876 uint8_t v;
877 size_t len;
878 static const uint8_t input[] = {'f', 'o', 'o', 'b', 'a', 'r'};
879 CBS data;
880 uint8_t *tmp = NULL;
881
882 CHECK_GOTO((tmp = malloc(sizeof(input))) != NULL);
883 memset(tmp, 100, sizeof(input));
884
885 CBS_init(&data, input, sizeof(input));
886 CHECK_GOTO(CBS_len(&data) == 6);
887 CHECK_GOTO(CBS_offset(&data) == 0);
888 CHECK_GOTO(CBS_get_u8(&data, &v));
889 CHECK_GOTO(v == 102 /* f */);
890 CHECK_GOTO(CBS_skip(&data, 1));
891 CHECK_GOTO(!CBS_skip(&data, 15));
892 CHECK_GOTO(CBS_write_bytes(&data, tmp, sizeof(input), &len));
893 CHECK_GOTO(len == 4);
894 CHECK_GOTO(memcmp(input + 2, tmp, len) == 0);
895 CHECK_GOTO(tmp[4] == 100 && tmp[5] == 100);
896
897 ret = 1;
898
899err:
900 free(tmp);
901 return ret;
902}
903
904static int
905test_cbs_dup(void)
906{
907 CBS data, check;
908 static const uint8_t input[] = {'f', 'o', 'o', 'b', 'a', 'r'};
909
910 CBS_init(&data, input, sizeof(input));
911 CHECK(CBS_len(&data) == 6);
912 CBS_dup(&data, &check);
913 CHECK(CBS_len(&check) == 6);
914 CHECK(CBS_data(&data) == CBS_data(&check));
915 CHECK(CBS_skip(&data, 1));
916 CHECK(CBS_len(&data) == 5);
917 CHECK(CBS_len(&check) == 6);
918 CHECK(CBS_data(&data) == CBS_data(&check) + 1);
919 CHECK(CBS_skip(&check, 1));
920 CHECK(CBS_len(&data) == 5);
921 CHECK(CBS_len(&check) == 5);
922 CHECK(CBS_data(&data) == CBS_data(&check));
923 CHECK(CBS_offset(&data) == 1);
924 CHECK(CBS_offset(&check) == 1);
925
926 CBS_init(&data, input, sizeof(input));
927 CHECK(CBS_skip(&data, 5));
928 CBS_dup(&data, &check);
929 CHECK(CBS_len(&data) == 1);
930 CHECK(CBS_len(&check) == 1);
931 CHECK(CBS_data(&data) == input + 5);
932 CHECK(CBS_data(&data) == CBS_data(&check));
933 CHECK(CBS_offset(&data) == 5);
934 CHECK(CBS_offset(&check) == 5);
935
936 return 1;
937}
938
939int
940main(void)
941{
942 int failed = 0;
943
944 failed |= !test_skip();
945 failed |= !test_get_u();
946 failed |= !test_get_prefixed();
947 failed |= !test_get_prefixed_bad();
948 failed |= !test_peek_u();
949 failed |= !test_get_asn1();
950 failed |= !test_cbb_basic();
951 failed |= !test_cbb_add_space();
952 failed |= !test_cbb_fixed();
953 failed |= !test_cbb_finish_child();
954 failed |= !test_cbb_discard_child();
955 failed |= !test_cbb_misuse();
956 failed |= !test_cbb_prefixed();
957 failed |= !test_cbb_asn1();
958 failed |= !test_indefinite_convert();
959 failed |= !test_asn1_uint64();
960 failed |= !test_get_optional_asn1_bool();
961 failed |= !test_offset();
962 failed |= !test_write_bytes();
963 failed |= !test_cbs_dup();
964
965 if (!failed)
966 printf("PASS\n");
967 return failed;
968}
diff --git a/src/regress/lib/libssl/certs/ca-int-ecdsa.crl b/src/regress/lib/libssl/certs/ca-int-ecdsa.crl
deleted file mode 100644
index b904de3ef0..0000000000
--- a/src/regress/lib/libssl/certs/ca-int-ecdsa.crl
+++ /dev/null
@@ -1,8 +0,0 @@
1-----BEGIN X509 CRL-----
2MIHuMIGUMAoGCCqGSM49BAMCMC4xLDAqBgNVBAMMI0xpYnJlU1NMIFRlc3QgSW50
3ZXJtZWRpYXRlIENBIEVDRFNBFw0yMTEyMjcxNDQwNDBaFw0yMjAxMjYxNDQwNDBa
4MDgwGgIJAOVssaaTYoH5Fw0yMTEyMjcxNDQwNDBaMBoCCQDlbLGmk2KB+xcNMjEx
5MjI3MTQ0MDQwWjAKBggqhkjOPQQDAgNJADBGAiEA9FWkenCgh+6Rz0/nuS7DaiUR
6J5imCs0Wx6TiG3YUL3oCIQDfTT+54eKAEFXeYN2oToZtHbTHh5YUici5GA/PDmOG
7Ig==
8-----END X509 CRL-----
diff --git a/src/regress/lib/libssl/certs/ca-int-ecdsa.pem b/src/regress/lib/libssl/certs/ca-int-ecdsa.pem
deleted file mode 100644
index fa1db8638a..0000000000
--- a/src/regress/lib/libssl/certs/ca-int-ecdsa.pem
+++ /dev/null
@@ -1,13 +0,0 @@
1subject= CN = LibreSSL Test Intermediate CA ECDSA
2issuer= CN = LibreSSL Test Root CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
5TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
6MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
7dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
8LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
97/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
10BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
11HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
12VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
13-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/ca-int-rsa.crl b/src/regress/lib/libssl/certs/ca-int-rsa.crl
deleted file mode 100644
index 481886ae57..0000000000
--- a/src/regress/lib/libssl/certs/ca-int-rsa.crl
+++ /dev/null
@@ -1,11 +0,0 @@
1-----BEGIN X509 CRL-----
2MIIBrDCBlTANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0
3IEludGVybWVkaWF0ZSBDQSBSU0EXDTIxMTIyNzE0NDAzOFoXDTIyMDEyNjE0NDAz
4OFowODAaAgkA5WyxppNigfQXDTIxMTIyNzE0NDAzN1owGgIJAOVssaaTYoH2Fw0y
5MTEyMjcxNDQwMzhaMA0GCSqGSIb3DQEBCwUAA4IBAQCGMtlhTlaOK7fK2OHXgoAf
6lDr1FQfqfNo5ZNE2+VqOvjYfgwdOgfxIsIuUoNp9/NhzO3e4KNe6P/33axwIsy7o
7RofbGYFSlHIYPEf1LyvH8z5mT2L2LAQAi+p+QMFizH6KNc74Oftygyi1bcJlN3CJ
8dP9LyvACdJSna7dEh7Snu2hy8tEDAO/RxUrryOZca0+5I4aaD8QCdFwdicDQ8U1s
9gTJ5w1gxkEWKv/J/AjCjRAVoAjE2/sUC1PPOJnZy7b0sS2Fv7zV7UAWSzO0KEYv+
10vav3UekGIgw0A5PDdWmUqCxE7aK71iy4EmlzMyVNULVcF1qX6qBQT5OpXr0Eo6WR
11-----END X509 CRL-----
diff --git a/src/regress/lib/libssl/certs/ca-int-rsa.pem b/src/regress/lib/libssl/certs/ca-int-rsa.pem
deleted file mode 100644
index b457ad6f9a..0000000000
--- a/src/regress/lib/libssl/certs/ca-int-rsa.pem
+++ /dev/null
@@ -1,22 +0,0 @@
1subject= CN = LibreSSL Test Intermediate CA RSA
2issuer= CN = LibreSSL Test Root CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
5BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
6MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
7aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
8I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
9wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
10OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
11XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
125jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
13IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
14A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
15BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
16BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
17jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
18kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
19gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
207Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
21ZgJtfcNeVMglYQ==
22-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/ca-root-ecdsa.pem b/src/regress/lib/libssl/certs/ca-root-ecdsa.pem
deleted file mode 100644
index c7862da58a..0000000000
--- a/src/regress/lib/libssl/certs/ca-root-ecdsa.pem
+++ /dev/null
@@ -1,13 +0,0 @@
1subject= CN = LibreSSL Test Root CA ECDSA
2issuer= CN = LibreSSL Test Root CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBpjCCAUygAwIBAgIJALqTupYRbYuwMAoGCCqGSM49BAMCMCYxJDAiBgNVBAMM
5G0xpYnJlU1NMIFRlc3QgUm9vdCBDQSBFQ0RTQTAeFw0yMTEyMjcxNDQwNDBaFw0z
6MTEyMjUxNDQwNDBaMCYxJDAiBgNVBAMMG0xpYnJlU1NMIFRlc3QgUm9vdCBDQSBF
7Q0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIxQjA3Gp+4irgwEumPY1/EG
8lVy6/olnAc+4elWkj0SqqdjfWanQqO8wHFY0qICKq8lHKhcyw2v9oyOsNVXZj8Kj
9YzBhMB0GA1UdDgQWBBS2+Rq3hR1xQSKm3ov88GAQVgfoDDAfBgNVHSMEGDAWgBS2
10+Rq3hR1xQSKm3ov88GAQVgfoDDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
11AwIBBjAKBggqhkjOPQQDAgNIADBFAiAqAN8RFQOAIXeJcxCHUCN1n3sUBuYF/XkS
12VnTsAEU/kwIhANNk/xjGq9O2YeLEFT1InoltVlwM5P8oa7krPnPbFnwY
13-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/ca-root-rsa.pem b/src/regress/lib/libssl/certs/ca-root-rsa.pem
deleted file mode 100644
index daf3407a93..0000000000
--- a/src/regress/lib/libssl/certs/ca-root-rsa.pem
+++ /dev/null
@@ -1,22 +0,0 @@
1subject= CN = LibreSSL Test Root CA RSA
2issuer= CN = LibreSSL Test Root CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDLjCCAhagAwIBAgIJAIuM+uV8F+LtMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
5BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
6MzExMjI1MTQ0MDM3WjAkMSIwIAYDVQQDDBlMaWJyZVNTTCBUZXN0IFJvb3QgQ0Eg
7UlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvrj8h5JmJ+7V33R
8wloqhM0nLvmidkmk1sqJaOi0GNXoMLnaut90+2TnRiFDbsblzAjTijQC6PEfaJTB
9AEFBgNSQKdhVruYTL5HHhw/XHTjxqftizvJj1FsZh2n6gkTG/QOgbaDMCx+yFF88
10wro7Br32TZF+BuDuyzVcSPJUajYT+C9bWSq9jX8Fhvl5M3IOG7olg3gAMmU+E8SY
11TaKhoJ7KGLHDEQP9NJknJusV8T72lY/TzacVDDOxEUxpuYtJ1Kayytflhs1065Ua
12PkiIReoFnhK/tRAgyxz3bc6HDDmTz4FpyGPcAsSRtEbn1n1417hzH4Neq5eioVmx
13hX1HTwIDAQABo2MwYTAdBgNVHQ4EFgQUPkv8e/SsNCqlESgB8ojoXY//FdEwHwYD
14VR0jBBgwFoAUPkv8e/SsNCqlESgB8ojoXY//FdEwDwYDVR0TAQH/BAUwAwEB/zAO
15BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAEYi6O+l7SS14myiZydm
16eP0hS8+ABWz/xqzu81W5Uxo7XD3sNfz5hkhA3S2FrBg5xpDScAzsM9Og6VRuQA7/
17StWLc2gLvLI6cZNdOCOH/O4K6IYRGR0kXG7WA4MpBiDrPXZKXI3WcUNyTHM36Un4
18ZATRkO+xMLKFpnxHCkY5U9kp8xX5boNxtQsGkWfuG+fm7GVBaQapnvN+WRY4QXKQ
19jF10CFUcIUNGG81XTEhQwpcP0b0ruZK6JBah4VG7lUHbJ6/WoYiGYXCToK09ohIX
20PuWiVTiT9LH90U58No3NfinQPbE55mJju+YNNqLU4Wk3ub5rYpp0WFmo6T9kXL/z
21fO8=
22-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/ca.pem b/src/regress/lib/libssl/certs/ca.pem
deleted file mode 100644
index 07f9b3fddb..0000000000
--- a/src/regress/lib/libssl/certs/ca.pem
+++ /dev/null
@@ -1,45 +0,0 @@
1-----BEGIN CERTIFICATE-----
2MIIDtjCCAp6gAwIBAgIJAJz/hGfwYXLrMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
3BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
4VElORyBQVVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBD
5QTAeFw0xNDA1MjQxNDQ1MTFaFw0yNDA1MjExNDQ1MTFaMGgxCzAJBgNVBAYTAlVL
6MRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVTVElORyBQ
7VVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBDQTCCASIw
8DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANMaarigKGOra5Mc/LrhOkcmHzDs
9vkYL7dfaaht8fLBKRTYwzSBvO9x54koTWjq7HkbaxkYAg3HnDTkNCyzkGKNdM89H
10q/PtGIFFlceQIOat3Kjd05Iw3PtLEWTDjT6FMA9Mkjk/XbpmycqRIwNKtgICoFsG
11juIpc4P31kxK7i3ri+JnlyvVmRZjJxrheJB0qHGXilrOVDPOliDn//jXbcyzXemu
12R8KgAeQM4IIs9jYHJOgHrTItIpwa9wNTEp9KCGkO6xr20NkKyDp6XRyd+hmnUB7r
1377WTptvKPFFTjTDFqEtcif9U2kVkCfn2mSRO8noCbVH++fuR8LMWlD99gt8CAwEA
14AaNjMGEwHQYDVR0OBBYEFIwZD9dCMXcFBuHTsZ/rOft4cTpFMB8GA1UdIwQYMBaA
15FIwZD9dCMXcFBuHTsZ/rOft4cTpFMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
16BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCPfqm4KbYtXEB8aP1RdUH2BkPSjyau
17WQLMGfKNF/zkUQue0REgdJ4wVR06NTTlOCsfHC6b68vgz2QFC1mM8ZANgDiyr4M1
186gjvP0eZQVxokJ3EMzjDMFRHIiFrZZAFr7aGq8dxoruuehovqyehuJRakAe0oNUb
194ZTKrGuTKh9Mwti9721XNFByjeTFL2dlH6ulz7qyfI+lrTi+pNsUchuVYE8a1TP3
20OEiG6whsyPU1YoTlemC1mvW0ixtj8Tcem0KyotCUyOmJlwyWj0bA43sCI6z/OVqJ
21tVvwgfqrOeVNk9nN2JslCsttnwstwqUfDoEXFoScej2CT0QezFGPTN21
22-----END CERTIFICATE-----
23-----BEGIN CERTIFICATE-----
24MIIDvjCCAqagAwIBAgIJAPrXr2k7uM/OMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
25BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
26VElORyBQVVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBD
27QTAeFw0xNDA1MjQxNDQ1MTFaFw0yNDA1MDExNDQ1MTFaMHAxCzAJBgNVBAYTAlVL
28MRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVTVElORyBQ
29VVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJtZWRpYXRl
30IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsErw75CmLYD6pkrG
31W/YhAl/K8L5wJYxDjqu2FghxjD8K308W3EHq4uBxEwR1OHXaM1+6ZZw7/r2I37VL
32IdurBEAIEUdbzx0so74FPawgz5EW2CTqoJnK8F71/vo5Kj1VPwW46CxwxUR3cfvJ
33GNXND2ip0TcyTSPLROXOyQakcVfIGJmdSa1wHKi+c2gMA4emADudZUOYLrg80gr2
34ldePm07ynbVsKKzCcStw8MdmoW9Qt3fLnPJn2TFUUBNWj+4kvL+88edWCVQXKNds
35ysD/CDrH4W/hjyPDStVsM6XpiNU0+L2ZY6fcj3OP8d0goOx45xotMn9m8hNkCGsr
36VXx9IwIDAQABo2MwYTAdBgNVHQ4EFgQUNsNsiOeV/rC97M4+PYarIYGH2towHwYD
37VR0jBBgwFoAUjBkP10IxdwUG4dOxn+s5+3hxOkUwDwYDVR0TAQH/BAUwAwEB/zAO
38BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAAIwwR8jyFN6qYGIRAKi
39ahyeHd26hNPC4RiCvjz6dytuvDUqfMTUZcjBy6Ez1Wsfs1/PC8u3IDpOTwZSz72K
40ACQzPpmXREWkO5nx8I+W+94yJsbklhsTxDlZj3X2oJCQ7qO4hdIpYESWfMchYra9
415e55SMBXeGDp+uRILt+6UfOXCGaXaoYqyrzQROJAiGy1x96A/5sU6ZU3KdKN1JLM
42XTZ268ihubCMRVScHnpYUjRDoGrhnQM7007ybVfRUGNXDs+ENqjGfyxc5ScR+Un4
43UQtOd4zD2g9wrdXvlDiqxci6W7IOEPVP6qHG2GIh+T2zpO3GOAuZCe5cjLiCDATs
44hNw=
45-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client.pem b/src/regress/lib/libssl/certs/client.pem
deleted file mode 100644
index ce4bf49ce6..0000000000
--- a/src/regress/lib/libssl/certs/client.pem
+++ /dev/null
@@ -1,51 +0,0 @@
1subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Client Cert
2issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
3-----BEGIN CERTIFICATE-----
4MIIDpTCCAo2gAwIBAgIJAPYm3GvOr5eTMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
5BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
6VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
7ZWRpYXRlIENBMB4XDTE0MDUyNDE0NDUxMVoXDTI0MDQwMTE0NDUxMVowZDELMAkG
8A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
9RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgQ2xpZW50IENlcnQw
10ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ranbHRLcLVqN+0BzcZpY
11+yOLqxzDWT1LD9eW1stC4NzXX9/DCtSIVyN7YIHdGLrIPr64IDdXXaMRzgZ2rOKs
12lmHCAiFpO/ja99gGCJRxH0xwQatqAULfJVHeUhs7OEGOZc2nWifjqKvGfNTilP7D
13nwi69ipQFq9oS19FmhwVHk2wg7KZGHI1qDyG04UrfCZMRitvS9+UVhPpIPjuiBi2
14x3/FZIpL5gXJvvFK6xHY63oq2asyzBATntBgnP4qJFWWcvRx24wF1PnZabxuVoL2
15bPnQ/KvONDrw3IdqkKhYNTul7jEcu3OlcZIMw+7DiaKJLAzKb/bBF5gm/pwW6As9
16AgMBAAGjTjBMMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCwGCWCGSAGG
17+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0B
18AQUFAAOCAQEAJzA4KTjkjXGSC4He63yX9Br0DneGBzjAwc1H6f72uqnCs8m7jgkE
19PQJFdTzQUKh97QPUuayZ2gl8XHagg+iWGy60Kw37gQ0+lumCN2sllvifhHU9R03H
20bWtS4kue+yQjMbrzf3zWygMDgwvFOUAIgBpH9qGc+CdNu97INTYd0Mvz51vLlxRn
21sC5aBYCWaZFnw3lWYxf9eVFRy9U+DkYFqX0LpmbDtcKP7AZGE6ZwSzaim+Cnoz1u
22Cgn+QmpFXgJKMFIZ82iSZISn+JkCCGxctZX1lMvai4Wi8Y0HxW9FTFZ6KBNwwE4B
23zjbN/ehBkgLlW/DWfi44DvwUHmuU6QP3cw==
24-----END CERTIFICATE-----
25-----BEGIN RSA PRIVATE KEY-----
26MIIEpQIBAAKCAQEAtK2p2x0S3C1ajftAc3GaWPsji6scw1k9Sw/XltbLQuDc11/f
27wwrUiFcje2CB3Ri6yD6+uCA3V12jEc4GdqzirJZhwgIhaTv42vfYBgiUcR9McEGr
28agFC3yVR3lIbOzhBjmXNp1on46irxnzU4pT+w58IuvYqUBavaEtfRZocFR5NsIOy
29mRhyNag8htOFK3wmTEYrb0vflFYT6SD47ogYtsd/xWSKS+YFyb7xSusR2Ot6Ktmr
30MswQE57QYJz+KiRVlnL0cduMBdT52Wm8blaC9mz50PyrzjQ68NyHapCoWDU7pe4x
31HLtzpXGSDMPuw4miiSwMym/2wReYJv6cFugLPQIDAQABAoIBAAZOyc9MhIwLSU4L
32p4RgQvM4UVVe8/Id+3XTZ8NsXExJbWxXfIhiqGjaIfL8u4vsgRjcl+v1s/jo2/iT
33KMab4o4D8gXD7UavQVDjtjb/ta79WL3SjRl2Uc9YjjMkyq6WmDNQeo2NKDdafCTB
341uzSJtLNipB8Z53ELPuHJhxX9QMHrMnuha49riQgXZ7buP9iQrHJFhImBjSzbxJx
35L+TI6rkyLSf9Wi0Pd3L27Ob3QWNfNRYNSeTE+08eSRChkur5W0RuXAcuAICdQlCl
36LBvWO/LmmvbzCqiDcgy/TliSb6CGGwgiNG7LJZmlkYNj8laGwalNlYZs3UrVv6NO
37Br2loAECgYEA2kvCvPGj0Dg/6g7WhXDvAkEbcaL1tSeCxBbNH+6HS2UWMWvyTtCn
38/bbD519QIdkvayy1QjEf32GV/UjUVmlULMLBcDy0DGjtL3+XpIhLKWDNxN1v1/ai
391oz23ZJCOgnk6K4qtFtlRS1XtynjA+rBetvYvLP9SKeFrnpzCgaA2r0CgYEA0+KX
401ACXDTNH5ySX3kMjSS9xdINf+OOw4CvPHFwbtc9aqk2HePlEsBTz5I/W3rKwXva3
41NqZ/bRqVVeZB/hHKFywgdUQk2Uc5z/S7Lw70/w1HubNTXGU06Ngb6zOFAo/o/TwZ
42zTP1BMIKSOB6PAZPS3l+aLO4FRIRotfFhgRHOoECgYEAmiZbqt8cJaJDB/5YYDzC
43mp3tSk6gIb936Q6M5VqkMYp9pIKsxhk0N8aDCnTU+kIK6SzWBpr3/d9Ecmqmfyq7
445SvWO3KyVf0WWK9KH0abhOm2BKm2HBQvI0DB5u8sUx2/hsvOnjPYDISbZ11t0MtK
45u35Zy89yMYcSsIYJjG/ROCUCgYEAgI2P9G5PNxEP5OtMwOsW84Y3Xat/hPAQFlI+
46HES+AzbFGWJkeT8zL2nm95tVkFP1sggZ7Kxjz3w7cpx7GX0NkbWSE9O+T51pNASV
47tN1sQ3p5M+/a+cnlqgfEGJVvc7iAcXQPa3LEi5h2yPR49QYXAgG6cifn3dDSpmwn
48SUI7PQECgYEApGCIIpSRPLAEHTGmP87RBL1smurhwmy2s/pghkvUkWehtxg0sGHh
49kuaqDWcskogv+QC0sVdytiLSz8G0DwcEcsHK1Fkyb8A+ayiw6jWJDo2m9+IF4Fww
501Te6jFPYDESnbhq7+TLGgHGhtwcu5cnb4vSuYXGXKupZGzoLOBbv1Zw=
51-----END RSA PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client1-ecdsa-chain.pem b/src/regress/lib/libssl/certs/client1-ecdsa-chain.pem
deleted file mode 100644
index 7a6883db94..0000000000
--- a/src/regress/lib/libssl/certs/client1-ecdsa-chain.pem
+++ /dev/null
@@ -1,27 +0,0 @@
1subject= CN = LibreSSL Test Client 1 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBrTCCAVKgAwIBAgIJAOVssaaTYoH6MAoGCCqGSM49BAMCMC4xLDAqBgNVBAMM
5I0xpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTIxMTIyNzE0
6NDA0MFoXDTMxMTIyNTE0NDA0MFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBD
7bGllbnQgMSBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMnRxZ9SVIjF
8eygaoub4qyo/tQlHXpQ2U66mhwKhchXD02w3viqOW0qklPSRhwV4nFKsdkVTogCg
9Y8AJokxKDU6jYDBeMB0GA1UdDgQWBBTikUU9S7ASdWw7fhaYVdDqUAyH+DAfBgNV
10HSMEGDAWgBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1Ud
11DwEB/wQEAwIHgDAKBggqhkjOPQQDAgNJADBGAiEA+Aal+cjgT+pknsmAPbivSHY+
129clFV0Ree1c+nPbBz8cCIQCZDS2G/X8QthK7hZwV2mYhwvd6M/8kwet4u39qJYx8
13eA==
14-----END CERTIFICATE-----
15subject= CN = LibreSSL Test Intermediate CA ECDSA
16issuer= CN = LibreSSL Test Root CA ECDSA
17-----BEGIN CERTIFICATE-----
18MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
19TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
20MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
21dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
22LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
237/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
24BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
25HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
26VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
27-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client1-ecdsa.pem b/src/regress/lib/libssl/certs/client1-ecdsa.pem
deleted file mode 100644
index 7d1b2cfc00..0000000000
--- a/src/regress/lib/libssl/certs/client1-ecdsa.pem
+++ /dev/null
@@ -1,19 +0,0 @@
1subject= CN = LibreSSL Test Client 1 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBrTCCAVKgAwIBAgIJAOVssaaTYoH6MAoGCCqGSM49BAMCMC4xLDAqBgNVBAMM
5I0xpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTIxMTIyNzE0
6NDA0MFoXDTMxMTIyNTE0NDA0MFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBD
7bGllbnQgMSBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMnRxZ9SVIjF
8eygaoub4qyo/tQlHXpQ2U66mhwKhchXD02w3viqOW0qklPSRhwV4nFKsdkVTogCg
9Y8AJokxKDU6jYDBeMB0GA1UdDgQWBBTikUU9S7ASdWw7fhaYVdDqUAyH+DAfBgNV
10HSMEGDAWgBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1Ud
11DwEB/wQEAwIHgDAKBggqhkjOPQQDAgNJADBGAiEA+Aal+cjgT+pknsmAPbivSHY+
129clFV0Ree1c+nPbBz8cCIQCZDS2G/X8QthK7hZwV2mYhwvd6M/8kwet4u39qJYx8
13eA==
14-----END CERTIFICATE-----
15-----BEGIN PRIVATE KEY-----
16MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQghOgzNmZV/rLf5+I5
17pnOXJ3N6W8QE5biANh/RVNNmNImhRANCAATJ0cWfUlSIxXsoGqLm+KsqP7UJR16U
18NlOupocCoXIVw9NsN74qjltKpJT0kYcFeJxSrHZFU6IAoGPACaJMSg1O
19-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client1-rsa-chain.pem b/src/regress/lib/libssl/certs/client1-rsa-chain.pem
deleted file mode 100644
index e5267eb346..0000000000
--- a/src/regress/lib/libssl/certs/client1-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Client 1 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH1MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzhaFw0zMTEyMjUxNDQwMzhaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7Q2xpZW50IDEgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyct5
8l3L4GIzbFPszUioY0/+W9IGnQqOlBtFJQSzJtM96/UcJ/9MEkz08UUaf07CTYWy/
9Qbwl3DizPV9yymiae64oe9RBc2Hh/Z88473Q6UZvPrdoexoVb159tTdvF8IDfIER
10HEB2VAtssFvszERa04ndpDqS8tHfBcLGUCu2kZQ0FSCKbNSDLLwoQmyNgnWo8PDY
11XshJGdABaTmnhpkrhJq2zeYiUResoWo8z08iVn7vLgjRNTi9mtXr5eC4L0DfEuZB
12exaC8frQXH2rXKvojFrFwJ67QLwCOiUKbGlUQBeKS6iahgDL/dRprHqbNZFI7in4
13QiokqixjfzYSmALFqwIDAQABo2AwXjAdBgNVHQ4EFgQUNRNEZs+zkqBu6va5XyGv
14UfzSKZQwHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBACmIu0ppKw1T
16hzGAoyjxK0y1ffbIDvObcwAMtXSHprMNhkdk7jyQBiXpx4ngEg1LhalUUDkp9Yt1
17qUVjyM4cphJL7ni3N/SyoUtuYWY4s8mqIhloT5adaUJ24kHJ2eFzNBLDuno5wen4
18dXKevTZPNqkkNohbVHrrFewsqS8CYw+rfiNerOJYZzSMbueWK5Pck0od05STZlAE
19/B2zesXgd3ZmRKM8jrlZS6gan1FaJOzwErccP7jWnrOeW9uLysRg0ww26/H8Q9xS
20dm0L8IXjzmE/yodk/nrt9G72mJnUITt4uHW/1ibMi4+iUR0Ff4oeqrBHQAbRawMK
21XKRzXhtI9sI=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client1-rsa.pem b/src/regress/lib/libssl/certs/client1-rsa.pem
deleted file mode 100644
index 7e0c47cc46..0000000000
--- a/src/regress/lib/libssl/certs/client1-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Client 1 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH1MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzhaFw0zMTEyMjUxNDQwMzhaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7Q2xpZW50IDEgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyct5
8l3L4GIzbFPszUioY0/+W9IGnQqOlBtFJQSzJtM96/UcJ/9MEkz08UUaf07CTYWy/
9Qbwl3DizPV9yymiae64oe9RBc2Hh/Z88473Q6UZvPrdoexoVb159tTdvF8IDfIER
10HEB2VAtssFvszERa04ndpDqS8tHfBcLGUCu2kZQ0FSCKbNSDLLwoQmyNgnWo8PDY
11XshJGdABaTmnhpkrhJq2zeYiUResoWo8z08iVn7vLgjRNTi9mtXr5eC4L0DfEuZB
12exaC8frQXH2rXKvojFrFwJ67QLwCOiUKbGlUQBeKS6iahgDL/dRprHqbNZFI7in4
13QiokqixjfzYSmALFqwIDAQABo2AwXjAdBgNVHQ4EFgQUNRNEZs+zkqBu6va5XyGv
14UfzSKZQwHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBACmIu0ppKw1T
16hzGAoyjxK0y1ffbIDvObcwAMtXSHprMNhkdk7jyQBiXpx4ngEg1LhalUUDkp9Yt1
17qUVjyM4cphJL7ni3N/SyoUtuYWY4s8mqIhloT5adaUJ24kHJ2eFzNBLDuno5wen4
18dXKevTZPNqkkNohbVHrrFewsqS8CYw+rfiNerOJYZzSMbueWK5Pck0od05STZlAE
19/B2zesXgd3ZmRKM8jrlZS6gan1FaJOzwErccP7jWnrOeW9uLysRg0ww26/H8Q9xS
20dm0L8IXjzmE/yodk/nrt9G72mJnUITt4uHW/1ibMi4+iUR0Ff4oeqrBHQAbRawMK
21XKRzXhtI9sI=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDJy3mXcvgYjNsU
25+zNSKhjT/5b0gadCo6UG0UlBLMm0z3r9Rwn/0wSTPTxRRp/TsJNhbL9BvCXcOLM9
26X3LKaJp7rih71EFzYeH9nzzjvdDpRm8+t2h7GhVvXn21N28XwgN8gREcQHZUC2yw
27W+zMRFrTid2kOpLy0d8FwsZQK7aRlDQVIIps1IMsvChCbI2Cdajw8NheyEkZ0AFp
28OaeGmSuEmrbN5iJRF6yhajzPTyJWfu8uCNE1OL2a1evl4LgvQN8S5kF7FoLx+tBc
29fatcq+iMWsXAnrtAvAI6JQpsaVRAF4pLqJqGAMv91Gmseps1kUjuKfhCKiSqLGN/
30NhKYAsWrAgMBAAECggEAahMtnXDv/We9mi/Z8Gz0lCwcm/azh5IiI41MJph2hzcx
31fYYkOXghRYzA8jBfv5VoQ6Q4fUN722Fqxu4vlzqZSj5oRX9z0EU52GomRcj30kgW
32Hi+nGl7BucM/7Uxwd1qjHoVyCxnPmapPvfz0YwPjgqNMARJRQJcV1x9lw6rW03rW
33qvoQKwnQ5vZRYldFnvYXRM0VUu8GdruaidWJ2Ra6FUFbEH+I77oIIoyWgXniq9jq
34h0VJNRVCLwV4rFzmMkOAz1yxvJ+4UG9/wHYsZVhJDkyos1FVf0klKipKTS7Z87Em
35aFlZ01JrM//kS/qdgohllCU8Xt1uVtvsYmJY9T6IEQKBgQD1IJzdopCI+BL7PfWf
36qSpyUOgp+8J50CnIJ42ZdBWDhPZSbBqWmqbgBlnXEyPwkKVOhHde6td9DtxRVOiE
37Zfy0gpUp4xWUxFdMKyW0+JmsmXiUJKIck6LxqfYDZUTzD2wp1/AhLGJ2M/J5e4IP
38umr6IQ4BbDfKGp2NiHEQElCmdwKBgQDSvtOy71EhewJQ9slazR+10skSBbc5Ks9W
39cy1fZKcnNB/dPenak5i8Gr04nPhhNvgAwmtDGb9hH1mwjHCUz/TaoPsbTKvtTN2N
40MxFzQEsE9F803ULOvFOppe5YEy/M2OaDLHVil1bMwbrg3pGKD4TUfy5cE2NfCDi3
41JwlKk6uDbQKBgQCLAQ9zb7hes66v4pbjD18OrGq7RBUoVq8a3bMijf2VM1UrsDnz
42pYd0CqXvnN8IkD3tpJi8rpe8Ry0QwgGI8vy2sEY+FpQqZJzMiLs9QKyEgBMsjwmP
43Avmn6SWlD0xmORyxLc7yQOUk+phJ44wBt0jqxsvWarPIXAd0NydGYdxySQKBgAWo
44B4iS8cuDQLGpngfo34QCz1DDhIJtSrlYSAx6aB4eQQiwI7mxInVSBmghlm0Ni6SB
45k11usHtL2x1o95CW8Ex566N08FxjJsMmbr54KEtOv8tscOGZnmk8QeRtR2gpHi7B
46H7lwtGy0em6UqrVY60jEzRq9jno7f0IzMwWkZwMVAoGAL9mQ8xVIaDNyhK477NvD
47ZF2AWrHHLXDeTfwdI+HTCUdeDC208kgTx4Z/AX1cN7KQtWZfKIW0bWtCDnKsIwbK
48zheDR2AjuDEbT9HWLtYgQvx5/fEc/yxJqtQk+n4CTrDY+rNeow51kziBKWFnu8Je
49m38SJSK7uNLz5ZWNgj3XIUE=
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client2-ecdsa-chain.pem b/src/regress/lib/libssl/certs/client2-ecdsa-chain.pem
deleted file mode 100644
index 0cba867b7f..0000000000
--- a/src/regress/lib/libssl/certs/client2-ecdsa-chain.pem
+++ /dev/null
@@ -1,26 +0,0 @@
1subject= CN = LibreSSL Test Client 2 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBpjCCAUygAwIBAgIDEAACMAoGCCqGSM49BAMCMC4xLDAqBgNVBAMMI0xpYnJl
5U1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTEwMDEwMTAwMDAwMFoX
6DTIwMDEwMTAwMDAwMFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBDbGllbnQg
7MiBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABL7oVxdDfyspO7ozwbv+
82QKCXR8Z1+JWKj6lLmAkN6GY/gXPYcCAtXOWRoVt5yg4YrH0eOJalah7yGjAeHLq
9EHijYDBeMB0GA1UdDgQWBBRO8eCtJ/+3xfn+3qY31gP3Ch5JvDAfBgNVHSMEGDAW
10gBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
11AwIHgDAKBggqhkjOPQQDAgNIADBFAiEA10kcAL7I/Y0KVNryJGrfVa1er0uiUXxS
122GmnKWFCQKECID9PY+LK4+DNvxyn4ld47AGJZjdolx6mwLFHK8RvtLo9
13-----END CERTIFICATE-----
14subject= CN = LibreSSL Test Intermediate CA ECDSA
15issuer= CN = LibreSSL Test Root CA ECDSA
16-----BEGIN CERTIFICATE-----
17MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
18TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
19MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
20dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
21LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
227/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
23BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
24HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
25VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
26-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client2-ecdsa.pem b/src/regress/lib/libssl/certs/client2-ecdsa.pem
deleted file mode 100644
index f0576e6eb1..0000000000
--- a/src/regress/lib/libssl/certs/client2-ecdsa.pem
+++ /dev/null
@@ -1,18 +0,0 @@
1subject= CN = LibreSSL Test Client 2 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBpjCCAUygAwIBAgIDEAACMAoGCCqGSM49BAMCMC4xLDAqBgNVBAMMI0xpYnJl
5U1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTEwMDEwMTAwMDAwMFoX
6DTIwMDEwMTAwMDAwMFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBDbGllbnQg
7MiBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABL7oVxdDfyspO7ozwbv+
82QKCXR8Z1+JWKj6lLmAkN6GY/gXPYcCAtXOWRoVt5yg4YrH0eOJalah7yGjAeHLq
9EHijYDBeMB0GA1UdDgQWBBRO8eCtJ/+3xfn+3qY31gP3Ch5JvDAfBgNVHSMEGDAW
10gBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
11AwIHgDAKBggqhkjOPQQDAgNIADBFAiEA10kcAL7I/Y0KVNryJGrfVa1er0uiUXxS
122GmnKWFCQKECID9PY+LK4+DNvxyn4ld47AGJZjdolx6mwLFHK8RvtLo9
13-----END CERTIFICATE-----
14-----BEGIN PRIVATE KEY-----
15MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgGJcFF0AYtzYr190f
16tXnGfakMTr5zk0UO1nAfVSLMW2OhRANCAAS+6FcXQ38rKTu6M8G7/tkCgl0fGdfi
17Vio+pS5gJDehmP4Fz2HAgLVzlkaFbecoOGKx9HjiWpWoe8howHhy6hB4
18-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client2-rsa-chain.pem b/src/regress/lib/libssl/certs/client2-rsa-chain.pem
deleted file mode 100644
index bc09c2e059..0000000000
--- a/src/regress/lib/libssl/certs/client2-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Client 2 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDLjCCAhagAwIBAgIDEAACMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNVBAMMIUxp
5YnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0xMDAxMDEwMDAwMDBa
6Fw0yMDAxMDEwMDAwMDBaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3QgQ2xpZW50
7IDIgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TPjTtVn4l/2
83g+XVWUMpxZWu1G3GJ1TY14loqG2lLcyFwHfbxPgjdeUYUXgKw2v3LKdK1xlwohi
97adKmf8ZsqgWYd+SWtvzyoEEEvWQVj5bbs2+EI9CTP4L96lqsiBYZoHxCI+TG3pY
106JOZQT2wmJEL0zeK9cmUXoaV6fQOcEtSmp6m8XWLEEyUZvVHG3OX+7FtcV0snDfz
11XrnvpRpu4zolbCC6jysufU46VoJNrrKdPlDu4PbF8PKrJl7jOSULaYHqugIeniMV
12V9enkg9t0Bb8bW5sW8/c4vwS52dlRNLHXkwGE7u9+XEVOGDJ+a01eRjVOxQwqptn
13qrWTF++D0QIDAQABo2AwXjAdBgNVHQ4EFgQUmUxF57QtRFh9JBPTMx5rUvRjj+4w
14HwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/BAIwADAO
15BgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAMAvLchG7tWtNXPK3+Ie
16u+htMMPhgJCsHhEC0ssZezD3BfYHaJh7ayQwI1KWKrQOwu9z+oOGWQjoVmhBzoi2
17hmvH9vT4GFVnM5agf68USNLxQvlQiShfnqPZiy3EduwY0q+uNvvNYlHeLTp/Au7F
18SesJqWoaMr3130n8QqiO8myNjUj3GVrmBBpFogU5qxQAHkcy2AbpkATjRtfG4Jn2
19DWXR9Yd56KuvmkpdVkw+DScOXbIgXmHyutJ7qDbm6lwXLD3U5ulvbSxXW/MhJpb9
2072UjtpQbhMzcyQwCvNrKnST+QqKMisAdkOOhCdEYTj8flpCbMA5bqwBRX+t+AMeD
214lY=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client2-rsa.pem b/src/regress/lib/libssl/certs/client2-rsa.pem
deleted file mode 100644
index b4431ce674..0000000000
--- a/src/regress/lib/libssl/certs/client2-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Client 2 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDLjCCAhagAwIBAgIDEAACMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNVBAMMIUxp
5YnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0xMDAxMDEwMDAwMDBa
6Fw0yMDAxMDEwMDAwMDBaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3QgQ2xpZW50
7IDIgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TPjTtVn4l/2
83g+XVWUMpxZWu1G3GJ1TY14loqG2lLcyFwHfbxPgjdeUYUXgKw2v3LKdK1xlwohi
97adKmf8ZsqgWYd+SWtvzyoEEEvWQVj5bbs2+EI9CTP4L96lqsiBYZoHxCI+TG3pY
106JOZQT2wmJEL0zeK9cmUXoaV6fQOcEtSmp6m8XWLEEyUZvVHG3OX+7FtcV0snDfz
11XrnvpRpu4zolbCC6jysufU46VoJNrrKdPlDu4PbF8PKrJl7jOSULaYHqugIeniMV
12V9enkg9t0Bb8bW5sW8/c4vwS52dlRNLHXkwGE7u9+XEVOGDJ+a01eRjVOxQwqptn
13qrWTF++D0QIDAQABo2AwXjAdBgNVHQ4EFgQUmUxF57QtRFh9JBPTMx5rUvRjj+4w
14HwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/BAIwADAO
15BgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAMAvLchG7tWtNXPK3+Ie
16u+htMMPhgJCsHhEC0ssZezD3BfYHaJh7ayQwI1KWKrQOwu9z+oOGWQjoVmhBzoi2
17hmvH9vT4GFVnM5agf68USNLxQvlQiShfnqPZiy3EduwY0q+uNvvNYlHeLTp/Au7F
18SesJqWoaMr3130n8QqiO8myNjUj3GVrmBBpFogU5qxQAHkcy2AbpkATjRtfG4Jn2
19DWXR9Yd56KuvmkpdVkw+DScOXbIgXmHyutJ7qDbm6lwXLD3U5ulvbSxXW/MhJpb9
2072UjtpQbhMzcyQwCvNrKnST+QqKMisAdkOOhCdEYTj8flpCbMA5bqwBRX+t+AMeD
214lY=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDpM+NO1WfiX/be
25D5dVZQynFla7UbcYnVNjXiWiobaUtzIXAd9vE+CN15RhReArDa/csp0rXGXCiGLt
26p0qZ/xmyqBZh35Ja2/PKgQQS9ZBWPltuzb4Qj0JM/gv3qWqyIFhmgfEIj5Mbeljo
27k5lBPbCYkQvTN4r1yZRehpXp9A5wS1KanqbxdYsQTJRm9Ucbc5f7sW1xXSycN/Ne
28ue+lGm7jOiVsILqPKy59TjpWgk2usp0+UO7g9sXw8qsmXuM5JQtpgeq6Ah6eIxVX
2916eSD23QFvxtbmxbz9zi/BLnZ2VE0sdeTAYTu735cRU4YMn5rTV5GNU7FDCqm2eq
30tZMX74PRAgMBAAECggEAGghk06QXGLpFwLxU1H+XTf+8ZuTUX7cQXANiiCktTKS2
31vsLCwo+hfbQXKFS4lZXNkAGQcgq6gWDgSk9mkJJduAfzl7FxkRsEuBJ29fbbygTk
32CBaHpSmY6SdjBp6u/nuF4suWsLH2ZhbeXfg8H4BXenCWtVl59b4vBe5YRemswvQv
33DJzV9gVKDf7HnvcjUMBXNKNWk0cLlodKX6bRhpPbq/WNPAubA3z4Z0JZqnW9uuWa
34wTd7QPeKxVbQmz5Y5hifKMI4ML5i1+Fo6Xvcdt1TwfeHYy+iPNtB8fEu1VdH25DN
35iN5iiMOr7go8MOc4LxCZGsXqIDd6WYOg/DmCEsSiEQKBgQD78UT9ezhI7TLVmUdC
36eQd8+oi1qXykHXpMvobCJUrEulF6/iZSICcVVdH/DcvGRPv7A+90QZWGcY2Bzhtz
378C2XFLqLvSyHegSA4P57PbHjBOqowFAWntLTn/gSOb+nYKSM5XzOQq7RQctYX3EO
38jZb4GKhPOUwzy2Ugd9zNhqD8gwKBgQDs9VtAYvM2i3ylRLH/UdAu/E+oA05ydxT1
39dt4tK6R54KSZk+E/LM/k8D3p70tyiRbfky6DtGrGZSpyecCPdkNF0FJTRER1eDsb
40Au2uH6zP0nn2FUnQnL5fcIkVlclukf8pMox5fbFcoZjIWti9TURIdMTkaQVX9LKf
41Gme84UX2GwKBgQCqsJZuKbpDZjinkDZAKeFR4icW9KIWSkZekkKYbE2QpS6o5mEu
42CMyR3tfsNfuV84zITq0/lWNpd6tIg0wEK3enwQp1vA/cJWXBry2ab30CcoVNGSXp
43fWcWq22VY3yeOJKjRqNc1r671RigYeEl2/WpVoNJUWd4O9fivHJi6FBPYwKBgQDI
443B5y0K27gbex3C5J8A7ZlTTshYj8zGZuwEkK3yC30y2TpV/dDl5XgTHqV9aLixth
45f0CBkfCkpeK6UOxib2wNBM6UGJ0zOixX9D6HSABT1eVeLKN6ezOAcUMykdrCqG0z
46fc7HuT0b+TsqMp/gr1t/U8QGneNSsHCtH1PqLscAGwKBgFdecOiUhKezd6mReDYc
47cBKBN/2EBPNCSKlzuskSGoU/mC0H+2Mj1XX4fx5Wjvjp3hqKEVgs/L8Eth1KYfgF
48CaQzGAkavihH03L73to1Wj/K4XineBAKZLtXkdzWdB+kM8zkYJqmagh6h6BlXFun
49TJvYJYIK9U3kvhZtsD6w1slZ
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client3-ecdsa-chain.pem b/src/regress/lib/libssl/certs/client3-ecdsa-chain.pem
deleted file mode 100644
index a389943eeb..0000000000
--- a/src/regress/lib/libssl/certs/client3-ecdsa-chain.pem
+++ /dev/null
@@ -1,26 +0,0 @@
1subject= CN = LibreSSL Test Client 3 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqjCCAVGgAwIBAgIJAOVssaaTYoH7MAkGByqGSM49BAEwLjEsMCoGA1UEAwwj
5TGlicmVTU0wgVGVzdCBJbnRlcm1lZGlhdGUgQ0EgRUNEU0EwHhcNMjExMjI3MTQ0
6MDQwWhcNMzExMjI1MTQ0MDQwWjAnMSUwIwYDVQQDDBxMaWJyZVNTTCBUZXN0IENs
7aWVudCAzIEVDRFNBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqlNqEjPuPpw3
8HaWxXbWql6f9g2HPei7RGZRfEAeNrnWT+Y4okVoqcxjeLNBA6dNl3uALWbSmDu6a
9kmBSU1aY9KNgMF4wHQYDVR0OBBYEFKxGR7LhwxXUGYyxjqBrxi5RKHamMB8GA1Ud
10IwQYMBaAFBdWPW/8SlcSOULKAnKBq1AN5MIIMAwGA1UdEwEB/wQCMAAwDgYDVR0P
11AQH/BAQDAgeAMAkGByqGSM49BAEDSAAwRQIhAMFzwaCpvWiXD+zEZ/mUBdbMQq2W
12JLELD9Mv11NiBhi6AiAN/QNQjluNEUTkxCH6p9bQiOYCQ3DOnPTxrSly/RQOSQ==
13-----END CERTIFICATE-----
14subject= CN = LibreSSL Test Intermediate CA ECDSA
15issuer= CN = LibreSSL Test Root CA ECDSA
16-----BEGIN CERTIFICATE-----
17MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
18TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
19MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
20dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
21LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
227/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
23BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
24HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
25VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
26-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client3-ecdsa.pem b/src/regress/lib/libssl/certs/client3-ecdsa.pem
deleted file mode 100644
index f42528bfa2..0000000000
--- a/src/regress/lib/libssl/certs/client3-ecdsa.pem
+++ /dev/null
@@ -1,18 +0,0 @@
1subject= CN = LibreSSL Test Client 3 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqjCCAVGgAwIBAgIJAOVssaaTYoH7MAkGByqGSM49BAEwLjEsMCoGA1UEAwwj
5TGlicmVTU0wgVGVzdCBJbnRlcm1lZGlhdGUgQ0EgRUNEU0EwHhcNMjExMjI3MTQ0
6MDQwWhcNMzExMjI1MTQ0MDQwWjAnMSUwIwYDVQQDDBxMaWJyZVNTTCBUZXN0IENs
7aWVudCAzIEVDRFNBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqlNqEjPuPpw3
8HaWxXbWql6f9g2HPei7RGZRfEAeNrnWT+Y4okVoqcxjeLNBA6dNl3uALWbSmDu6a
9kmBSU1aY9KNgMF4wHQYDVR0OBBYEFKxGR7LhwxXUGYyxjqBrxi5RKHamMB8GA1Ud
10IwQYMBaAFBdWPW/8SlcSOULKAnKBq1AN5MIIMAwGA1UdEwEB/wQCMAAwDgYDVR0P
11AQH/BAQDAgeAMAkGByqGSM49BAEDSAAwRQIhAMFzwaCpvWiXD+zEZ/mUBdbMQq2W
12JLELD9Mv11NiBhi6AiAN/QNQjluNEUTkxCH6p9bQiOYCQ3DOnPTxrSly/RQOSQ==
13-----END CERTIFICATE-----
14-----BEGIN PRIVATE KEY-----
15MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfaMOzQZ+d1yL3ToI
16VPcHtdkIVhqatu/rDcJLuJcNnQehRANCAASqU2oSM+4+nDcdpbFdtaqXp/2DYc96
17LtEZlF8QB42udZP5jiiRWipzGN4s0EDp02Xe4AtZtKYO7pqSYFJTVpj0
18-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/client3-rsa-chain.pem b/src/regress/lib/libssl/certs/client3-rsa-chain.pem
deleted file mode 100644
index 251344f934..0000000000
--- a/src/regress/lib/libssl/certs/client3-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Client 3 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH2MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzhaFw0zMTEyMjUxNDQwMzhaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7Q2xpZW50IDMgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1vW
8q3L63zPi8RJaJ07LsR05gCBYJ7FrnprqKbo7swLra3HE5WQFTxxOPkzBBnCUEaa2
9tqPtov34mrOmnYTQDBxpljx5u6AzjgMfwJZfh7CtGf893nbbP7T2f3pXAFBR0A32
10xmEvso5afyLNRvmxCsrdr2u73bETmBqFQFgGrhtBpTeGqsixgOegZzKHVF67ZjJi
11e+faM24GAtkOiPB7PfVgZFyTfe8HQsqqcMRVtjd7JxuN33k8cFIWqv5i8oqVLBME
12mLFM2WFIYNTsMtQ38eA7xieuuK6OPTp+cJKQY6jA3wUJOTRt9UE7pEjxOTumckfM
13u/ZE1+AODHkH97FptwIDAQABo2AwXjAdBgNVHQ4EFgQUz44RRa+P1oRBVI6lla3o
14VsVQq7swHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAFgL5955qwHN
16vFGnAKoHhoszX3qf2h8zc5HvFfnbvZbBbsuRFW1/QGfQPGWDq8YUlb6wu8NjLjSM
17qTSYd1CvWXO1s91kr3LM5k7+9x+whOgbzWjGiprloS9pXcZ+ljTunW4o7jE7pPjZ
18opk7W2WmD7/dEDg10x0yDZnKbzea5PMpp6kLqNjtENW4SETtcnwBdi/MZ09ApuUC
19E+XWK/uKmxbIJ7Rt/Vi5H3BE74w7souq7fMwGGk7NL8Fmha78VQApKvZV/Rsfrio
20D0vVU8djTlEJyXCeqFYU2eKWhc0bfiONIFJ6Wtg/1cR6Jn12+6X36J+wW1G3ibMu
21ey+V9oVpM2U=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/client3-rsa.pem b/src/regress/lib/libssl/certs/client3-rsa.pem
deleted file mode 100644
index b825391c52..0000000000
--- a/src/regress/lib/libssl/certs/client3-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Client 3 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH2MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzhaFw0zMTEyMjUxNDQwMzhaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7Q2xpZW50IDMgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1vW
8q3L63zPi8RJaJ07LsR05gCBYJ7FrnprqKbo7swLra3HE5WQFTxxOPkzBBnCUEaa2
9tqPtov34mrOmnYTQDBxpljx5u6AzjgMfwJZfh7CtGf893nbbP7T2f3pXAFBR0A32
10xmEvso5afyLNRvmxCsrdr2u73bETmBqFQFgGrhtBpTeGqsixgOegZzKHVF67ZjJi
11e+faM24GAtkOiPB7PfVgZFyTfe8HQsqqcMRVtjd7JxuN33k8cFIWqv5i8oqVLBME
12mLFM2WFIYNTsMtQ38eA7xieuuK6OPTp+cJKQY6jA3wUJOTRt9UE7pEjxOTumckfM
13u/ZE1+AODHkH97FptwIDAQABo2AwXjAdBgNVHQ4EFgQUz44RRa+P1oRBVI6lla3o
14VsVQq7swHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAFgL5955qwHN
16vFGnAKoHhoszX3qf2h8zc5HvFfnbvZbBbsuRFW1/QGfQPGWDq8YUlb6wu8NjLjSM
17qTSYd1CvWXO1s91kr3LM5k7+9x+whOgbzWjGiprloS9pXcZ+ljTunW4o7jE7pPjZ
18opk7W2WmD7/dEDg10x0yDZnKbzea5PMpp6kLqNjtENW4SETtcnwBdi/MZ09ApuUC
19E+XWK/uKmxbIJ7Rt/Vi5H3BE74w7souq7fMwGGk7NL8Fmha78VQApKvZV/Rsfrio
20D0vVU8djTlEJyXCeqFYU2eKWhc0bfiONIFJ6Wtg/1cR6Jn12+6X36J+wW1G3ibMu
21ey+V9oVpM2U=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCnW9arcvrfM+Lx
25ElonTsuxHTmAIFgnsWuemuopujuzAutrccTlZAVPHE4+TMEGcJQRpra2o+2i/fia
26s6adhNAMHGmWPHm7oDOOAx/All+HsK0Z/z3edts/tPZ/elcAUFHQDfbGYS+yjlp/
27Is1G+bEKyt2va7vdsROYGoVAWAauG0GlN4aqyLGA56BnModUXrtmMmJ759ozbgYC
282Q6I8Hs99WBkXJN97wdCyqpwxFW2N3snG43feTxwUhaq/mLyipUsEwSYsUzZYUhg
291Owy1Dfx4DvGJ664ro49On5wkpBjqMDfBQk5NG31QTukSPE5O6ZyR8y79kTX4A4M
30eQf3sWm3AgMBAAECggEBAJV3HddtDsR8sHegbkegxaXeddYKDPEWMQkrTWoK2vpa
315ynEJ5a+p0cp/m8BWXqI3JSPEas36CmjLH3taCZR0QSf82SrigSZZLG19IupQJQM
32o+wN2pFuEQ1qbqMW/dBX61kmv3gYn+KV5BibWj3DDeyXlTjvvI6XcOps9QisFPs0
33BqPC7U4B3DaILeK+cLS9ONjXv4WgGi1LB8dpSR3HgT+qKs/bceCWGCcjfi3PQVJw
348Ahv8wce71rwIWxhnh6hcHq8iiGUj2CAtOA9E4qtxgQ5VkhR049pPQ0CkcrFBRT8
35wTDF5ffzSAbU9QRp/cL7k/eeEAiNQg0aL2GUHhmO/KECgYEA1PxATAFTzX6K4nM/
36yRU769vegTiblYjzUB5JL7baMUgSGgXrZ4UomtQQiYZSDhho8bDSEKM7cNzddMTo
37BFyKTvV4Won6LtF2R/JiFbUfDxhGS1+uoLXGciAFdB+NABLrmTQ0jp0N3y53UBmr
38jwMDz9BqXq+6QoM3lLUsL4V2j08CgYEAySiax4D3pkr3T6iTuEaLqW9vTV58vWUY
39sDstNA2YONYTPHUtFMpVfPgMmrraWHl3yNC2LB9W3SjJ+05oRYObUBI1oAg68u9z
40T2+jcxM3fN8HFwyFMm5gd3tygawdwGsvCjLPMJaHdtwlbg8lYfHyEl1hJRA+cnKg
41Y5hrfWtpJRkCgYEApWeBR4WAX4Z2tYZrcu5aqsEF+7TKn0bMLtxWWgfXS459AFi4
42iJyQ/CzU6vi1oNy0I37+pI0gDHZ6RcTlqv1zK/7WiPm+ob1p7lX+dn1CsaZYcRDN
43vWFtzBOyKIyYJAaNkV1Js7eknj6nyj0lTts4ipuBACfYru7Yq1RIDF/Jw2ECgYA9
44qTWwu+at0cL3ZwxI6076VA9BHxqLj8a+lpUnpJcprO1eleiIu/DyirKKZ4ZwomNG
45aju9UKn2xv8LCqDJ1iqwo7ROZtdzClVFX0oyBwz2OQNaXFsj91OYrH2QJCtGhVR5
46AtQh57KEi7zpfLkPyfNTD86sZstNl7d0cA9a9abYWQKBgQCPESj1LojjkEvGKtiD
479w+ZMaDf+mYK+RYQnjEthUMpAPI+mhm9cAl8mMJu3FaNgviOX9oB1/1XGl1Pj5od
48KWej9CF1ltoW/PcjsSTeeRFye5jvXn9BLr3w6iUl9pwyo4sVyLHgMzZpiQvGoRNy
49u80tjy6bVP3dGa5VHm36pENC4Q==
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/make-certs.sh b/src/regress/lib/libssl/certs/make-certs.sh
deleted file mode 100755
index c90b7c8ff3..0000000000
--- a/src/regress/lib/libssl/certs/make-certs.sh
+++ /dev/null
@@ -1,263 +0,0 @@
1#!/bin/ksh
2
3#
4# Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
5#
6# Permission to use, copy, modify, and distribute this software for any
7# purpose with or without fee is hereby granted, provided that the above
8# copyright notice and this permission notice appear in all copies.
9#
10# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17#
18
19set -e
20set -u
21set -x
22
23readonly SUBJECT="/CN=LibreSSL Test"
24
25readonly TMPDIR=$(mktemp -d)
26
27cleanup() {
28 rm -rf "${TMPDIR}"
29}
30
31trap cleanup EXIT INT
32
33reset() {
34 echo '100001' > ${TMPDIR}/certserial
35 cat /dev/null > ${TMPDIR}/certindex
36}
37
38setup() {
39 reset
40
41 cat > ${TMPDIR}/openssl.cnf <<EOF
42[ca]
43default_ca = test_ca
44
45[test_ca]
46new_certs_dir = ${TMPDIR}/
47database = ${TMPDIR}/certindex
48default_days = 365
49default_md = sha256
50policy = test_policy
51serial = ${TMPDIR}/certserial
52
53[test_policy]
54countryName = optional
55stateOrProvinceName = optional
56localityName = optional
57organizationName = optional
58organizationalUnitName = optional
59commonName = supplied
60emailAddress = optional
61
62[v3_ca_root]
63subjectKeyIdentifier = hash
64authorityKeyIdentifier = keyid:always,issuer
65basicConstraints = critical, CA:true
66keyUsage = critical, cRLSign, keyCertSign
67
68[v3_ca_int]
69subjectKeyIdentifier = hash
70authorityKeyIdentifier = keyid:always,issuer
71basicConstraints = critical, CA:true
72keyUsage = critical, cRLSign, keyCertSign
73
74[v3_other]
75subjectKeyIdentifier = hash
76authorityKeyIdentifier = keyid:always,issuer
77basicConstraints = critical, CA:false
78keyUsage = critical, digitalSignature
79
80[req]
81distinguished_name = req_distinguished_name
82
83[ req_distinguished_name ]
84EOF
85}
86
87key_type_to_args() {
88 local key_type=$1
89
90 alg=${key_type%:*}
91 param=${key_type#*:}
92
93 if [[ "${alg}" == "rsa" ]]; then
94 echo "-newkey ${key_type}";
95 elif [[ "${alg}" == "ec" ]]; then
96 echo "-newkey $alg -pkeyopt ec_paramgen_curve:${param}"
97 else
98 echo "Unknown key type ${key_type}" >&2
99 exit 1
100 fi
101}
102
103create_root() {
104 local name=$1 file=$2 key_type=$3
105
106 key_args=$(key_type_to_args "${key_type}")
107
108 openssl req -new -days 3650 -nodes ${key_args} -sha256 -x509 \
109 -subj "${SUBJECT} ${name}" -keyout "${TMPDIR}/${file}.key" \
110 -config ${TMPDIR}/openssl.cnf -extensions v3_ca_root \
111 -out "${TMPDIR}/${file}.crt"
112}
113
114create_intermediate() {
115 local name=$1 file=$2 issuer_file=$3 key_type=$4
116
117 key_args=$(key_type_to_args "${key_type}")
118
119 openssl req -new -days 3650 -nodes ${key_args} -sha256 \
120 -subj "${SUBJECT} ${name}" -keyout "${TMPDIR}/${file}.key" \
121 -out "${TMPDIR}/${file}.csr"
122 openssl x509 -req -days 3650 -CA "${TMPDIR}/${issuer_file}.crt" \
123 -CAkey "${TMPDIR}/${issuer_file}.key" -CAcreateserial \
124 -extfile ${TMPDIR}/openssl.cnf -extensions v3_ca_int \
125 -in "${TMPDIR}/${file}.csr" -out "${TMPDIR}/${file}.crt"
126}
127
128create_leaf() {
129 local name=$1 file=$2 issuer_file=$3 key_type=$4
130
131 key_args=$(key_type_to_args "${key_type}")
132
133 openssl req -new -days 3650 -nodes ${key_args} -sha256 \
134 -subj "${SUBJECT} ${name}" -keyout "${TMPDIR}/${file}.key" \
135 -out "${TMPDIR}/${file}.csr"
136 openssl x509 -req -days 3650 -CA "${TMPDIR}/${issuer_file}.crt" \
137 -CAkey "${TMPDIR}/${issuer_file}.key" -CAcreateserial -sha256 \
138 -extfile ${TMPDIR}/openssl.cnf -extensions v3_other \
139 -in "${TMPDIR}/${file}.csr" -out "${TMPDIR}/${file}.crt"
140}
141
142create_expired_leaf() {
143 local name=$1 file=$2 issuer_file=$3 key_type=$4
144
145 key_args=$(key_type_to_args "${key_type}")
146
147 openssl req -new -days 3650 -nodes ${key_args} -sha256 \
148 -subj "${SUBJECT} ${name}" -keyout "${TMPDIR}/${file}.key" \
149 -out "${TMPDIR}/${file}.csr"
150 openssl ca -batch -notext -cert "${TMPDIR}/${issuer_file}.crt" \
151 -keyfile "${TMPDIR}/${issuer_file}.key" \
152 -config ${TMPDIR}/openssl.cnf -extensions v3_other \
153 -startdate 20100101000000Z -enddate 20200101000000Z \
154 -in "${TMPDIR}/${file}.csr" -out "${TMPDIR}/${file}.crt"
155}
156
157create_revoked_leaf() {
158 local name=$1 file=$2 issuer_file=$3 key_type=$4
159
160 key_args=$(key_type_to_args "${key_type}")
161
162 openssl req -new -days 3650 -nodes ${key_args} -sha256 \
163 -subj "${SUBJECT} ${name}" -keyout "${TMPDIR}/${file}.key" \
164 -out "${TMPDIR}/${file}.csr"
165 openssl x509 -req -days 3650 -CA "${TMPDIR}/${issuer_file}.crt" \
166 -CAkey "${TMPDIR}/${issuer_file}.key" -CAcreateserial \
167 -extfile ${TMPDIR}/openssl.cnf -extensions v3_other \
168 -in "${TMPDIR}/${file}.csr" -out "${TMPDIR}/${file}.crt"
169 openssl ca -cert "${TMPDIR}/${issuer_file}.crt" \
170 -keyfile "${TMPDIR}/${issuer_file}.key" \
171 -config "${TMPDIR}/openssl.cnf" -extensions v3_other \
172 -revoke "${TMPDIR}/${file}.crt"
173 openssl ca -gencrl -cert "${TMPDIR}/${issuer_file}.crt" \
174 -keyfile "${TMPDIR}/${issuer_file}.key" \
175 -config "${TMPDIR}/openssl.cnf" -extensions v3_other \
176 -crldays 30 -out "${TMPDIR}/${issuer_file}.crl"
177}
178
179create_bundle() {
180 local bundle_file=$1
181 shift
182
183 mkdir -p $(dirname ${bundle_file})
184 cat /dev/null > ${bundle_file}
185
186 for _cert_file in $@; do
187 openssl x509 -nameopt oneline -subject -issuer \
188 -in "${TMPDIR}/${_cert_file}.crt" >> ${bundle_file}
189 done
190}
191
192create_bundle_with_key() {
193 local bundle_file=$1
194 shift
195
196 mkdir -p $(dirname ${bundle_file})
197 cat /dev/null > ${bundle_file}
198
199 for _cert_file in $@; do
200 openssl x509 -nameopt oneline -subject -issuer -noout \
201 -in "${TMPDIR}/${_cert_file}.crt" >> ${bundle_file}
202 done
203 for _cert_file in $@; do
204 cat "${TMPDIR}/${_cert_file}.crt" >> ${bundle_file}
205 done
206 for _key_file in $@; do
207 cat "${TMPDIR}/${_key_file}.key" >> ${bundle_file}
208 done
209}
210
211setup
212
213reset
214create_root "Root CA RSA" "ca-root-rsa" "rsa:2048"
215create_intermediate "Intermediate CA RSA" "ca-int-rsa" "ca-root-rsa" "rsa:2048"
216create_leaf "Server 1 RSA" "server-1-rsa" "ca-int-rsa" "rsa:2048"
217create_expired_leaf "Server 2 RSA" "server-2-rsa" "ca-int-rsa" "rsa:2048"
218create_revoked_leaf "Server 3 RSA" "server-3-rsa" "ca-int-rsa" "rsa:2048"
219create_leaf "Client 1 RSA" "client-1-rsa" "ca-int-rsa" "rsa:2048"
220create_expired_leaf "Client 2 RSA" "client-2-rsa" "ca-int-rsa" "rsa:2048"
221create_revoked_leaf "Client 3 RSA" "client-3-rsa" "ca-int-rsa" "rsa:2048"
222
223create_bundle "./ca-root-rsa.pem" "ca-root-rsa"
224create_bundle "./ca-int-rsa.pem" "ca-int-rsa"
225cp "${TMPDIR}/ca-int-rsa.crl" "./ca-int-rsa.crl"
226create_bundle_with_key "./server1-rsa.pem" "server-1-rsa"
227create_bundle "./server1-rsa-chain.pem" "server-1-rsa" "ca-int-rsa"
228create_bundle_with_key "./server2-rsa.pem" "server-2-rsa"
229create_bundle "./server2-rsa-chain.pem" "server-2-rsa" "ca-int-rsa"
230create_bundle_with_key "./server3-rsa.pem" "server-3-rsa"
231create_bundle "./server3-rsa-chain.pem" "server-3-rsa" "ca-int-rsa"
232create_bundle_with_key "./client1-rsa.pem" "client-1-rsa"
233create_bundle "./client1-rsa-chain.pem" "client-1-rsa" "ca-int-rsa"
234create_bundle_with_key "./client2-rsa.pem" "client-2-rsa"
235create_bundle "./client2-rsa-chain.pem" "client-2-rsa" "ca-int-rsa"
236create_bundle_with_key "./client3-rsa.pem" "client-3-rsa"
237create_bundle "./client3-rsa-chain.pem" "client-3-rsa" "ca-int-rsa"
238
239reset
240create_root "Root CA ECDSA" "ca-root-ecdsa" "ec:prime256v1"
241create_intermediate "Intermediate CA ECDSA" "ca-int-ecdsa" "ca-root-ecdsa" "ec:prime256v1"
242create_leaf "Server 1 ECDSA" "server-1-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
243create_expired_leaf "Server 2 ECDSA" "server-2-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
244create_revoked_leaf "Server 3 ECDSA" "server-3-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
245create_leaf "Client 1 ECDSA" "client-1-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
246create_expired_leaf "Client 2 ECDSA" "client-2-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
247create_revoked_leaf "Client 3 ECDSA" "client-3-ecdsa" "ca-int-ecdsa" "ec:prime256v1"
248
249create_bundle "./ca-root-ecdsa.pem" "ca-root-ecdsa"
250create_bundle "./ca-int-ecdsa.pem" "ca-int-ecdsa"
251cp "${TMPDIR}/ca-int-ecdsa.crl" "./ca-int-ecdsa.crl"
252create_bundle_with_key "./server1-ecdsa.pem" "server-1-ecdsa"
253create_bundle "./server1-ecdsa-chain.pem" "server-1-ecdsa" "ca-int-ecdsa"
254create_bundle_with_key "./server2-ecdsa.pem" "server-2-ecdsa"
255create_bundle "./server2-ecdsa-chain.pem" "server-2-ecdsa" "ca-int-ecdsa"
256create_bundle_with_key "./server3-ecdsa.pem" "server-3-ecdsa"
257create_bundle "./server3-ecdsa-chain.pem" "server-3-ecdsa" "ca-int-ecdsa"
258create_bundle_with_key "./client1-ecdsa.pem" "client-1-ecdsa"
259create_bundle "./client1-ecdsa-chain.pem" "client-1-ecdsa" "ca-int-ecdsa"
260create_bundle_with_key "./client2-ecdsa.pem" "client-2-ecdsa"
261create_bundle "./client2-ecdsa-chain.pem" "client-2-ecdsa" "ca-int-ecdsa"
262create_bundle_with_key "./client3-ecdsa.pem" "client-3-ecdsa"
263create_bundle "./client3-ecdsa-chain.pem" "client-3-ecdsa" "ca-int-ecdsa"
diff --git a/src/regress/lib/libssl/certs/server.pem b/src/regress/lib/libssl/certs/server.pem
deleted file mode 100644
index 7412490f51..0000000000
--- a/src/regress/lib/libssl/certs/server.pem
+++ /dev/null
@@ -1,51 +0,0 @@
1subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert
2issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
3-----BEGIN CERTIFICATE-----
4MIIDpTCCAo2gAwIBAgIJAPYm3GvOr5eUMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
5BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
6VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
7ZWRpYXRlIENBMB4XDTE0MDUyNDE0NDUxMloXDTI0MDQwMTE0NDUxMlowZDELMAkG
8A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
9RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgU2VydmVyIENlcnQw
10ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzhPOSNtyyRspmeuUpxfNJ
11KCLTuf7g3uQ4zu4iHOmRO5TQci+HhVlLZrHF9XqFXcIP0y4pWDbMSGuiorUmzmfi
12R7bfSdI/+qIQt8KXRH6HNG1t8ou0VSvWId5TS5Dq/er5ODUr9OaaDva7EquHIcMv
13vPQGuI+OEAcnleVCy9HVEIySrO4P3CNIicnGkwwiAud05yUAq/gPXBC1hTtmlPD7
14TVcGVSEiJdvzqqlgv02qedGrkki6GY4S7GjZxrrf7Foc2EP+51LJzwLQx3/JfrCU
1541NEWAsu/Sl0tQabXESN+zJ1pDqoZ3uHMgpQjeGiE0olr+YcsSW/tJmiU9OiAr8R
16AgMBAAGjTjBMMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCwGCWCGSAGG
17+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0B
18AQUFAAOCAQEADfy8VrY5er5ebYLyiC1il5kVOuJHSf8aN5SciJz/VcifA1+Hl2Bu
19CfuizhP/kUdB9PTSj8ep9sL+5PBFl7CZJDO6Sxs5+qJe15XvLBP8UEdvc779plL6
20StUMJT0aU/MaqUZZCldC3G4CcbwzOzKSD5YzvxxIGspxBWRduZKKMOju/4aqK76p
21dwA/VGCve9mjft3LIrb0gSaPi5KmdGtpAjzW3H1+63DSqxCYb1oiPtUZBs4STwjh
22WPRmAEVR4RPCETM3Sth4C+bE0QMCGY12ctcbzhj7Xgo7LcSpqviq6JD8SPuU7ISL
23hy4NcnBBHJr9OV9WTLpmS9V9Vg6QmOpxQw==
24-----END CERTIFICATE-----
25-----BEGIN RSA PRIVATE KEY-----
26MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv
27h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL
28tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu
29D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI
30uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6
31qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn
32zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3
33r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D
34AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R
355s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm
36W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH
37674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg
38utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY
39BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX
404qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a
41WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8
42bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH
436ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex
444UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa
45WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g
46n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB
47JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+
48OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX
49xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK
50UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==
51-----END RSA PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server1-ecdsa-chain.pem b/src/regress/lib/libssl/certs/server1-ecdsa-chain.pem
deleted file mode 100644
index 46add4d11c..0000000000
--- a/src/regress/lib/libssl/certs/server1-ecdsa-chain.pem
+++ /dev/null
@@ -1,26 +0,0 @@
1subject= CN = LibreSSL Test Server 1 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqzCCAVKgAwIBAgIJAOVssaaTYoH4MAoGCCqGSM49BAMCMC4xLDAqBgNVBAMM
5I0xpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTIxMTIyNzE0
6NDA0MFoXDTMxMTIyNTE0NDA0MFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBT
7ZXJ2ZXIgMSBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLCfzrwjvJ6V
8m2Jog48gtuDNYupHd8TKOCVb6J7f1/U3Owwy2//ZVTvM+9uoIC8xxUJAmN0PC+9a
9+5TkRWiD1KWjYDBeMB0GA1UdDgQWBBTo776/p89eGJwMmJRNk4k+xGVRPTAfBgNV
10HSMEGDAWgBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1Ud
11DwEB/wQEAwIHgDAKBggqhkjOPQQDAgNHADBEAiAhHPaADQMcGea7iBRbKZWSHUAf
12fZSNIWF/nYASNBvKLgIgQXLiuWxt6/a7vxaZwgYXkhP1YfDSC5Kpktxr/3jHcAU=
13-----END CERTIFICATE-----
14subject= CN = LibreSSL Test Intermediate CA ECDSA
15issuer= CN = LibreSSL Test Root CA ECDSA
16-----BEGIN CERTIFICATE-----
17MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
18TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
19MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
20dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
21LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
227/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
23BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
24HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
25VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
26-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server1-ecdsa.pem b/src/regress/lib/libssl/certs/server1-ecdsa.pem
deleted file mode 100644
index 541fed6efe..0000000000
--- a/src/regress/lib/libssl/certs/server1-ecdsa.pem
+++ /dev/null
@@ -1,18 +0,0 @@
1subject= CN = LibreSSL Test Server 1 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqzCCAVKgAwIBAgIJAOVssaaTYoH4MAoGCCqGSM49BAMCMC4xLDAqBgNVBAMM
5I0xpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTIxMTIyNzE0
6NDA0MFoXDTMxMTIyNTE0NDA0MFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBT
7ZXJ2ZXIgMSBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLCfzrwjvJ6V
8m2Jog48gtuDNYupHd8TKOCVb6J7f1/U3Owwy2//ZVTvM+9uoIC8xxUJAmN0PC+9a
9+5TkRWiD1KWjYDBeMB0GA1UdDgQWBBTo776/p89eGJwMmJRNk4k+xGVRPTAfBgNV
10HSMEGDAWgBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1Ud
11DwEB/wQEAwIHgDAKBggqhkjOPQQDAgNHADBEAiAhHPaADQMcGea7iBRbKZWSHUAf
12fZSNIWF/nYASNBvKLgIgQXLiuWxt6/a7vxaZwgYXkhP1YfDSC5Kpktxr/3jHcAU=
13-----END CERTIFICATE-----
14-----BEGIN PRIVATE KEY-----
15MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgvh2q0Zzqn18tPux2
16csqpbWDtHGialpwtx/r/0ENHeKOhRANCAASwn868I7yelZtiaIOPILbgzWLqR3fE
17yjglW+ie39f1NzsMMtv/2VU7zPvbqCAvMcVCQJjdDwvvWvuU5EVog9Sl
18-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server1-rsa-chain.pem b/src/regress/lib/libssl/certs/server1-rsa-chain.pem
deleted file mode 100644
index 57dec7b5b4..0000000000
--- a/src/regress/lib/libssl/certs/server1-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Server 1 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoHzMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzdaFw0zMTEyMjUxNDQwMzdaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7U2VydmVyIDEgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvyt
8i0uA2qaFltVb8+PElYk84AnjY0WZDcGtKSMCAYTD857fO2V4S/wpJ9ZMt8kBKQ29
9D2Glkkhc/HPpb7wJcAUT++aZ/PbOtuzOHzdxheOolfZ6aw+qCSiVlcflKfMp7VPL
10swimqKpm6atl2aSqldKfmGzjhAAPiTXbzUjh9pbTfO8ykdn/6AqP7ju3+4sseMPL
11seNq1wstWRdiHm0P/BoJn4lwDe7QTSp1AxMqDTz5BiO+UjCW2oTsOFfo/hhslQf5
12qv7uPLrz/VWiEojQP5RzfcnVwplUgTvtaOkXxZeOH7VkKS1v8W506/h3RIKj0X8Y
13JDLuIPqSAPNLWGyH4wIDAQABo2AwXjAdBgNVHQ4EFgQUFJPGTfe+ULC/anJ4fCVz
14DXA0JI4wHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAGP5hYyAYzlj
16YCV24ApNPb+mNEMHu1SL1MgDXJOTWZMFOvuYcibtmcVIfwpM4+UpC7cRqPRjBEqm
17NdLbJi4jGzQDNOcI7OZCCx6oKvAhjMofpb42Iq4bDuBqlhHRXvYnO30y0yRbSGXt
18GvKvkNKOSXUnY1UtcBAN5szcyFk30xQK+f/2VqJguvjsTquFV+piqFyq91ICyIeQ
191gjTn1N2/SkmYpwZdyf0HqSjyqJ0FG4xiW6T0HmX1QI651Kux49vLel7ySxzGY+6
20axnPilTYx/7pkciGk5ckLdujpXsDPhC+E2hdoee494c5NvX/uibYhigLU/gHK/ZP
21YisY8ihnPl8=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server1-rsa.pem b/src/regress/lib/libssl/certs/server1-rsa.pem
deleted file mode 100644
index 12e9ac9ec9..0000000000
--- a/src/regress/lib/libssl/certs/server1-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Server 1 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoHzMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzdaFw0zMTEyMjUxNDQwMzdaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7U2VydmVyIDEgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvyt
8i0uA2qaFltVb8+PElYk84AnjY0WZDcGtKSMCAYTD857fO2V4S/wpJ9ZMt8kBKQ29
9D2Glkkhc/HPpb7wJcAUT++aZ/PbOtuzOHzdxheOolfZ6aw+qCSiVlcflKfMp7VPL
10swimqKpm6atl2aSqldKfmGzjhAAPiTXbzUjh9pbTfO8ykdn/6AqP7ju3+4sseMPL
11seNq1wstWRdiHm0P/BoJn4lwDe7QTSp1AxMqDTz5BiO+UjCW2oTsOFfo/hhslQf5
12qv7uPLrz/VWiEojQP5RzfcnVwplUgTvtaOkXxZeOH7VkKS1v8W506/h3RIKj0X8Y
13JDLuIPqSAPNLWGyH4wIDAQABo2AwXjAdBgNVHQ4EFgQUFJPGTfe+ULC/anJ4fCVz
14DXA0JI4wHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAGP5hYyAYzlj
16YCV24ApNPb+mNEMHu1SL1MgDXJOTWZMFOvuYcibtmcVIfwpM4+UpC7cRqPRjBEqm
17NdLbJi4jGzQDNOcI7OZCCx6oKvAhjMofpb42Iq4bDuBqlhHRXvYnO30y0yRbSGXt
18GvKvkNKOSXUnY1UtcBAN5szcyFk30xQK+f/2VqJguvjsTquFV+piqFyq91ICyIeQ
191gjTn1N2/SkmYpwZdyf0HqSjyqJ0FG4xiW6T0HmX1QI651Kux49vLel7ySxzGY+6
20axnPilTYx/7pkciGk5ckLdujpXsDPhC+E2hdoee494c5NvX/uibYhigLU/gHK/ZP
21YisY8ihnPl8=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCe/K2LS4DapoWW
251Vvz48SViTzgCeNjRZkNwa0pIwIBhMPznt87ZXhL/Ckn1ky3yQEpDb0PYaWSSFz8
26c+lvvAlwBRP75pn89s627M4fN3GF46iV9nprD6oJKJWVx+Up8yntU8uzCKaoqmbp
27q2XZpKqV0p+YbOOEAA+JNdvNSOH2ltN87zKR2f/oCo/uO7f7iyx4w8ux42rXCy1Z
28F2IebQ/8GgmfiXAN7tBNKnUDEyoNPPkGI75SMJbahOw4V+j+GGyVB/mq/u48uvP9
29VaISiNA/lHN9ydXCmVSBO+1o6RfFl44ftWQpLW/xbnTr+HdEgqPRfxgkMu4g+pIA
3080tYbIfjAgMBAAECggEBAJDm9PkW6KrfyLPPZA5mUl6EBWKgQInS/gsmsT7j9EkU
31C1A4RXcqJTkD6zKuw59h6NfU+LJTKgeoQm+o6WJ3/BYH2s3kwAZpn7/jFn4nFyWT
32d6yuR6baUPwl7CfmV3wjbtwqWmajhNoG7OMd3yc9SGhi3iibXcWKFJ7W4q04NxJ5
33txswRddLYMFUeJxPBdImlyibyUIWaYFid4O2kozTQWpyJld5SP4+YQObb6sBJuvN
34wR53eaRGb0OaUGppglGlWTahIADBjbhf0zd9YiUjvums/cjx2goHzQqt4rIj1Pid
35I3duu/kw7AsuRlvmhk02Cu4Ixr8hljbeo2L7UAP+4BkCgYEAzVq8Fqi/5IVdjl0H
36FwvS9NX3HFFzdixtI2p/jCQ721Kxpf73zvRpMG/YZL3vBt4sXT7WpJZZsKrYogL7
378s/dG7p/GpzSnvJKQfT6Ko+jnv24MEIoqMx+Smd+nJJJ0KzZRvrqzcF+wsicmKnN
38y/4t8T1DqSm4WxDyuy/uDozqCP0CgYEAxjJ9GJha40sHlY4sOTaJqapN6va/t70/
39iRj+Mt9Bm1O41PBgu+SMADGukrjL5DYp53QRGhyqb2PWmZsGYvftPZNq5b3pzKPo
408jiP9AxYDt/GLO3x/GppiywOxHD8CV19BDVqWcBkV1ATu2kkmokDbq+g94xnMBzN
41nURtfL5Hml8CgYAMeJIrnhvpOOAxoRypHaK2E7hqE9g7OP93wyPz0s9/xknbltxd
42ySIKOwCdPZuigyOWlhZa8HaJ8BYv4JaEbHM1F+JYL2XrGTPBRatbolWBdk8VPy9Q
438PpKcnaR86Bf999KHDreO/4CvkQkUUuaM9l+aQYO4+W6QhE7pPGEGLKt0QKBgCL2
44exzgm3/nF3JpfyGknkpA0bf2SUG3b8LWltkQizlEXqGpudbLbWsHWJ1nXghnCaNb
451Tx+/A3kVdIJB+pjhAVNwRjAFMNV0t0P300U9F/DV+lLHFoDx5SWdBBxQfTA+jHI
463nbwuoKwjJqN5LgiHWnkL4gby4QwQJFSpeHQiz8PAoGBAJaur4aFaSlgGAiKJX4/
47Om4AedImBgFsVKf44xx5pDwEcqLeEwRBxa0r5Sftqsrz+Ck60hR/MWCwJEBll5PV
48MJtOHBb2bINFhLOqV1WoSkSoKEhtMvFnLbWGBi5gYHC4+lYuyQqD/vu3sxe5IT9C
49PKgUgKV32Z7KBpDuFGtGmiDb
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server2-ecdsa-chain.pem b/src/regress/lib/libssl/certs/server2-ecdsa-chain.pem
deleted file mode 100644
index 494d2ea209..0000000000
--- a/src/regress/lib/libssl/certs/server2-ecdsa-chain.pem
+++ /dev/null
@@ -1,26 +0,0 @@
1subject= CN = LibreSSL Test Server 2 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBpjCCAUygAwIBAgIDEAABMAoGCCqGSM49BAMCMC4xLDAqBgNVBAMMI0xpYnJl
5U1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTEwMDEwMTAwMDAwMFoX
6DTIwMDEwMTAwMDAwMFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBTZXJ2ZXIg
7MiBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJOTftmDhBMSS23a+sRO
83Zr43RUwtdJvNfKhpHKRbBLIttBkbI1wWCgufMLCJXhL6pSpCeT/C9ioFks2JMg7
9CPCjYDBeMB0GA1UdDgQWBBSCtBk04EXYNjiFaaTcJumL0BFylTAfBgNVHSMEGDAW
10gBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
11AwIHgDAKBggqhkjOPQQDAgNIADBFAiEAqnQ+TRgMZRys3z3olZysrnP0d6XIdfgv
12XvlXRaM0s/QCIHdrTx/IPfJSvo0rDN08CJfbO0NBOc9PFsnDRUKsxJd4
13-----END CERTIFICATE-----
14subject= CN = LibreSSL Test Intermediate CA ECDSA
15issuer= CN = LibreSSL Test Root CA ECDSA
16-----BEGIN CERTIFICATE-----
17MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
18TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
19MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
20dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
21LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
227/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
23BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
24HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
25VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
26-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server2-ecdsa.pem b/src/regress/lib/libssl/certs/server2-ecdsa.pem
deleted file mode 100644
index 2f49df9931..0000000000
--- a/src/regress/lib/libssl/certs/server2-ecdsa.pem
+++ /dev/null
@@ -1,18 +0,0 @@
1subject= CN = LibreSSL Test Server 2 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBpjCCAUygAwIBAgIDEAABMAoGCCqGSM49BAMCMC4xLDAqBgNVBAMMI0xpYnJl
5U1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIEVDRFNBMB4XDTEwMDEwMTAwMDAwMFoX
6DTIwMDEwMTAwMDAwMFowJzElMCMGA1UEAwwcTGlicmVTU0wgVGVzdCBTZXJ2ZXIg
7MiBFQ0RTQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJOTftmDhBMSS23a+sRO
83Zr43RUwtdJvNfKhpHKRbBLIttBkbI1wWCgufMLCJXhL6pSpCeT/C9ioFks2JMg7
9CPCjYDBeMB0GA1UdDgQWBBSCtBk04EXYNjiFaaTcJumL0BFylTAfBgNVHSMEGDAW
10gBQXVj1v/EpXEjlCygJygatQDeTCCDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
11AwIHgDAKBggqhkjOPQQDAgNIADBFAiEAqnQ+TRgMZRys3z3olZysrnP0d6XIdfgv
12XvlXRaM0s/QCIHdrTx/IPfJSvo0rDN08CJfbO0NBOc9PFsnDRUKsxJd4
13-----END CERTIFICATE-----
14-----BEGIN PRIVATE KEY-----
15MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgxkOt2jb6kQC1ZaUa
16MLSz0lyS0YQtqChoyAvJ7yQf3FahRANCAASTk37Zg4QTEktt2vrETt2a+N0VMLXS
17bzXyoaRykWwSyLbQZGyNcFgoLnzCwiV4S+qUqQnk/wvYqBZLNiTIOwjw
18-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server2-rsa-chain.pem b/src/regress/lib/libssl/certs/server2-rsa-chain.pem
deleted file mode 100644
index 5bb660f45e..0000000000
--- a/src/regress/lib/libssl/certs/server2-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Server 2 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDLjCCAhagAwIBAgIDEAABMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNVBAMMIUxp
5YnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0xMDAxMDEwMDAwMDBa
6Fw0yMDAxMDEwMDAwMDBaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3QgU2VydmVy
7IDIgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu08owc3HqHu2
8+92bKDs/VCVjkGMZSVOrdAXYEKf9WQ6cGxiowjJy391szSd5bW/Yf7hbNhctr29G
98oIj0wsMfz3lxuHDYISt8uAjbjqFiZTNfBeg7PVE9aDWXqaophcq4DT2ygv9O190
1009RxTJD6PdclUtQNYZHr3c7kP2AdeBWWVPAmKISDSEkjXqc0x9LEtm7UA/0WAtKM
11NUXUb/ZNBu90j7gRpjN6VyfaqJMdoDR31s7QXivL5hr4x0M0Y1ihN1/cHA5Qjb0s
126t8w6H2b0xtvJgO5N3ZUAVclAO3MsVRqr04aAyxcJ47qOkWPbh9OqaFyZFdl7L2r
13UTLloQNkcwIDAQABo2AwXjAdBgNVHQ4EFgQUrDgWmmX6bVZt4Z7SvCSXEfJMoZQw
14HwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/BAIwADAO
15BgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBANbQG/fAGsV+J+cmEIlg
169i5c44hpr3BAXn5QYMbV9OQ8M9Rq8cZx/EkwNlCfPnQph2PqN2tZNstBnlL90rNq
17pOj1Ee+ppemeJrHKFuEncytGHbgqjRLgi9n0vR5RF1I7dJvRlPugpf/FxeMC/7f2
18qDDfdMsvmu/+qWBMb+U5yPLXlibGr7nf7B3t9ZBtku5flP3OOmipIjFpLOmvu06Z
199fac0JHDRvBQCemvIbSIa8Sz6UVJ1hKTjaN+lqc7e5tgbovNqjgFiLx0lQrfBmg9
20tnNhoaEuwwyPNIVLUK3J1Q4lv/m9fX7BVmL5C56AexwtD/jupdXe2utjFx6YXrKG
21nxU=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server2-rsa.pem b/src/regress/lib/libssl/certs/server2-rsa.pem
deleted file mode 100644
index ed7389a430..0000000000
--- a/src/regress/lib/libssl/certs/server2-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Server 2 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDLjCCAhagAwIBAgIDEAABMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNVBAMMIUxp
5YnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0xMDAxMDEwMDAwMDBa
6Fw0yMDAxMDEwMDAwMDBaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3QgU2VydmVy
7IDIgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu08owc3HqHu2
8+92bKDs/VCVjkGMZSVOrdAXYEKf9WQ6cGxiowjJy391szSd5bW/Yf7hbNhctr29G
98oIj0wsMfz3lxuHDYISt8uAjbjqFiZTNfBeg7PVE9aDWXqaophcq4DT2ygv9O190
1009RxTJD6PdclUtQNYZHr3c7kP2AdeBWWVPAmKISDSEkjXqc0x9LEtm7UA/0WAtKM
11NUXUb/ZNBu90j7gRpjN6VyfaqJMdoDR31s7QXivL5hr4x0M0Y1ihN1/cHA5Qjb0s
126t8w6H2b0xtvJgO5N3ZUAVclAO3MsVRqr04aAyxcJ47qOkWPbh9OqaFyZFdl7L2r
13UTLloQNkcwIDAQABo2AwXjAdBgNVHQ4EFgQUrDgWmmX6bVZt4Z7SvCSXEfJMoZQw
14HwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/BAIwADAO
15BgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBANbQG/fAGsV+J+cmEIlg
169i5c44hpr3BAXn5QYMbV9OQ8M9Rq8cZx/EkwNlCfPnQph2PqN2tZNstBnlL90rNq
17pOj1Ee+ppemeJrHKFuEncytGHbgqjRLgi9n0vR5RF1I7dJvRlPugpf/FxeMC/7f2
18qDDfdMsvmu/+qWBMb+U5yPLXlibGr7nf7B3t9ZBtku5flP3OOmipIjFpLOmvu06Z
199fac0JHDRvBQCemvIbSIa8Sz6UVJ1hKTjaN+lqc7e5tgbovNqjgFiLx0lQrfBmg9
20tnNhoaEuwwyPNIVLUK3J1Q4lv/m9fX7BVmL5C56AexwtD/jupdXe2utjFx6YXrKG
21nxU=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7TyjBzceoe7b7
253ZsoOz9UJWOQYxlJU6t0BdgQp/1ZDpwbGKjCMnLf3WzNJ3ltb9h/uFs2Fy2vb0by
26giPTCwx/PeXG4cNghK3y4CNuOoWJlM18F6Ds9UT1oNZepqimFyrgNPbKC/07X3TT
271HFMkPo91yVS1A1hkevdzuQ/YB14FZZU8CYohINISSNepzTH0sS2btQD/RYC0ow1
28RdRv9k0G73SPuBGmM3pXJ9qokx2gNHfWztBeK8vmGvjHQzRjWKE3X9wcDlCNvSzq
293zDofZvTG28mA7k3dlQBVyUA7cyxVGqvThoDLFwnjuo6RY9uH06poXJkV2XsvatR
30MuWhA2RzAgMBAAECggEAc5ApQzkkv+xkPwzAl5fGQLI4tXKOvVDj7VdVsSEUDAgZ
31hBY4uGfLvBau8/wwzLY+yr4BeGPgieaLzT9BvwmIElEsHQJZOolhkQF8mpt8nB+0
32j6U8YjYI78rlt8v3LVIJ3/6NbKbs+96vA6qEpIql+dVtb6bpApO3BEiLRhaU1+ra
33pi5YbF56S3XlUFL6H46hpNTUxOqbb6toZ/2rr1nscu4jkQhL8u/KS5Uz1Y7RW3zd
34A3U4rbxXnM8SVZrRuWsN1DRL5CpAOdGGiVhew46vAxZU8iX6rODrRaRCp+Gbnoll
35x/ubMMrBrE4WpCY5orb41FPb4U6raY9ZZzTGPuC9YQKBgQDs0LrDy8kh3V7wsIwn
366vMT9MD2Olpl6zwSyQJ0C04u+hGNur3L6intg78TSRqZ7ZKK7CspPy9JCGTYztTG
37vFbXy2vahCFlI2G3lfZj2nS2D+UNSmo2pdpBtuk/iKj67pFAlaa8C3OQ8MXjldQn
383QPANsCo276t0E9SmFcbJYJVCwKBgQDKe7sfdg0tQr9xsBeDuSxRJQOrtWeTmXm6
39zcPKRX8avWr5Ag6w4/BX/RxGZkD4brV5LaK6Qsbwl8v8aNe8Hv4yBQFdW0IMP8mB
40v4kVaNEGxoJE4fnKk1wS22TQvX5fxWPGZhOWQ1sgIqp3Dzvky0nalK7Ru0gRA4gS
41Jl0a4Sp/OQKBgQCHwuW/B53n5yPdcij3XW87Go5g2nUmhqPq1QeuBSkuLzhO+yaB
42t12QB35MDRXN9u+S6u+XdtyhzskZrgE3aZOTpM/Q9vy6IX2MpNEaz4snMJeMdgPM
43DmrAT58KSEsviAMHdoOevCXlitK3tRZqP/89e2YZp9h5hrlizWjqbCd6nwKBgQCS
44XFWqLB7iNHlFqE+W+2a5UNQSbhHscue2y71WnF1/6qNEUuRjoJ++OksR6B/Wc8/h
45Q8d4c4RxrIfab75hUNXVOiD+ZlSbng/+JYDlZNqS1zKar+1rLJFFYCjDafXLLFcu
46teI6n31jASvO28gjXX6I7ShgmctB4ReeZvSt1UxuoQKBgHQ/0fA3owx9kDRA41Hu
47a+npibal0F2JOxn0xiwgW3JcH/EkcSIvUELm8Kjl3GBxf0y9Osu0uf3cSqW9K9+z
48CRpwZmFq+q3HFN6FYHYI6oVvPKIljDhmkvw9HyexXFLRKNs1z2b7Noz2H7ysE0cb
491sAZitEjace2/eAx/wWr2dq0
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server3-ecdsa-chain.pem b/src/regress/lib/libssl/certs/server3-ecdsa-chain.pem
deleted file mode 100644
index 03f3373d3b..0000000000
--- a/src/regress/lib/libssl/certs/server3-ecdsa-chain.pem
+++ /dev/null
@@ -1,26 +0,0 @@
1subject= CN = LibreSSL Test Server 3 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqjCCAVGgAwIBAgIJAOVssaaTYoH5MAkGByqGSM49BAEwLjEsMCoGA1UEAwwj
5TGlicmVTU0wgVGVzdCBJbnRlcm1lZGlhdGUgQ0EgRUNEU0EwHhcNMjExMjI3MTQ0
6MDQwWhcNMzExMjI1MTQ0MDQwWjAnMSUwIwYDVQQDDBxMaWJyZVNTTCBUZXN0IFNl
7cnZlciAzIEVDRFNBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0pRqRW+PDenx
8cp+5za1pFDdECxXPXZY7LUPoXxens1lPSM2diexVMdLw1kEbVkOZ50s1X32vQnTa
9TVpovmwna6NgMF4wHQYDVR0OBBYEFCXbw+Fdv+OWDOU163ujSYbdJZx3MB8GA1Ud
10IwQYMBaAFBdWPW/8SlcSOULKAnKBq1AN5MIIMAwGA1UdEwEB/wQCMAAwDgYDVR0P
11AQH/BAQDAgeAMAkGByqGSM49BAEDSAAwRQIhAMt01G90LOiCVRIcodKP1nsOg3oY
12kX8VHUPk9myD52KZAiBu32mh/fgaWsR/lbo2dyGJQHKkmHNt9Wy8hOQ9eGO91A==
13-----END CERTIFICATE-----
14subject= CN = LibreSSL Test Intermediate CA ECDSA
15issuer= CN = LibreSSL Test Root CA ECDSA
16-----BEGIN CERTIFICATE-----
17MIIBrDCCAVOgAwIBAgIJAOVssaaTYoH3MAkGByqGSM49BAEwJjEkMCIGA1UEAwwb
18TGlicmVTU0wgVGVzdCBSb290IENBIEVDRFNBMB4XDTIxMTIyNzE0NDA0MFoXDTMx
19MTIyNTE0NDA0MFowLjEsMCoGA1UEAwwjTGlicmVTU0wgVGVzdCBJbnRlcm1lZGlh
20dGUgQ0EgRUNEU0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWRQbJh4aHPzHq
21LOAmosW/o83bTpm3Sj1VxM44StmG7c1nnFM/+gS8rp2bVSgjWZQzRtZqGVGJgzbk
227/M1m3x3o2MwYTAdBgNVHQ4EFgQUF1Y9b/xKVxI5QsoCcoGrUA3kwggwHwYDVR0j
23BBgwFoAUtvkat4UdcUEipt6L/PBgEFYH6AwwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
24HQ8BAf8EBAMCAQYwCQYHKoZIzj0EAQNIADBFAiBE4NiOdv/XRN3WWMnkE5QccvC6
25VThoIQRyBf4I97cRPQIhAK18dvwrLuOOfbhWMdkpNCddMkWZHxS7traw/8+s7OUU
26-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server3-ecdsa.pem b/src/regress/lib/libssl/certs/server3-ecdsa.pem
deleted file mode 100644
index 98950aabbf..0000000000
--- a/src/regress/lib/libssl/certs/server3-ecdsa.pem
+++ /dev/null
@@ -1,18 +0,0 @@
1subject= CN = LibreSSL Test Server 3 ECDSA
2issuer= CN = LibreSSL Test Intermediate CA ECDSA
3-----BEGIN CERTIFICATE-----
4MIIBqjCCAVGgAwIBAgIJAOVssaaTYoH5MAkGByqGSM49BAEwLjEsMCoGA1UEAwwj
5TGlicmVTU0wgVGVzdCBJbnRlcm1lZGlhdGUgQ0EgRUNEU0EwHhcNMjExMjI3MTQ0
6MDQwWhcNMzExMjI1MTQ0MDQwWjAnMSUwIwYDVQQDDBxMaWJyZVNTTCBUZXN0IFNl
7cnZlciAzIEVDRFNBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE0pRqRW+PDenx
8cp+5za1pFDdECxXPXZY7LUPoXxens1lPSM2diexVMdLw1kEbVkOZ50s1X32vQnTa
9TVpovmwna6NgMF4wHQYDVR0OBBYEFCXbw+Fdv+OWDOU163ujSYbdJZx3MB8GA1Ud
10IwQYMBaAFBdWPW/8SlcSOULKAnKBq1AN5MIIMAwGA1UdEwEB/wQCMAAwDgYDVR0P
11AQH/BAQDAgeAMAkGByqGSM49BAEDSAAwRQIhAMt01G90LOiCVRIcodKP1nsOg3oY
12kX8VHUPk9myD52KZAiBu32mh/fgaWsR/lbo2dyGJQHKkmHNt9Wy8hOQ9eGO91A==
13-----END CERTIFICATE-----
14-----BEGIN PRIVATE KEY-----
15MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgTWRMClyUOn11mX5s
16hTTIQT+3BeauAjrTvKMy5RryWtyhRANCAATSlGpFb48N6fFyn7nNrWkUN0QLFc9d
17ljstQ+hfF6ezWU9IzZ2J7FUx0vDWQRtWQ5nnSzVffa9CdNpNWmi+bCdr
18-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/certs/server3-rsa-chain.pem b/src/regress/lib/libssl/certs/server3-rsa-chain.pem
deleted file mode 100644
index e40c982894..0000000000
--- a/src/regress/lib/libssl/certs/server3-rsa-chain.pem
+++ /dev/null
@@ -1,44 +0,0 @@
1subject= CN = LibreSSL Test Server 3 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH0MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzdaFw0zMTEyMjUxNDQwMzdaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7U2VydmVyIDMgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqw4
8GSS7/WAR0VYbqFTltj9Cv17m+RuztM1jiJq+MU0Gscbx59NFPt8UFevNsMzWNmAK
9qkioEMVJxXzSUDBjXjLesDt/+VTjR46z16fje3MhGmWa8lDt7hpuHwDF80dg3rZa
10kVEcgKvd6LODTucgE7l07DzMb8qAdRp1SDXIFECO0wLJewkf2CihmNukTxQhI0d+
11XPZTYe3cyMelj8KpCXCXOVXKnXI+BWnYMHC1Op4S9z90xiVBNgQ+Vmg2K9NFifzT
12ZyKIWsERq80rp1s+JmxmzA/vBRlsbj/Ec0h2kF4IavGtHwvAvdvIPV7AG/dIxwlT
13VnHZkPDuLK0H396wmwIDAQABo2AwXjAdBgNVHQ4EFgQUSuP+QN+526Pxw/LGBTqP
14WJpWGvwwHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAFBJ0mO7dpSN
16euxoh2DJghVfqQB4ladEroDZJkJEDuDkY3SjC+WB/lJowBVPC2QkzjTZt/J4B0Om
176irtKUC8jQ7aqMBfESu/s//GEU4kwlvlJN/Z0nLOh1YEeCwbkavFDy/X62iZ9XvJ
18gjLVVzaXKWGrgdJedHx9Di04rU9jME5qfpXZI50u8grZccpUuTTqpZBiGjFRda2j
19nJhgPBrn9/ityYaOrif8taR+QM6AETvEpJWo+I/iQ7vATmxHuq6y+0Sza5j9wGH/
20begJs9H890AiwO2bbUi1ehNj7NHZHySWNJlzBerwOQv7Zo8j+kHBop82ABsb/Xet
21kgn7bdkfKoI=
22-----END CERTIFICATE-----
23subject= CN = LibreSSL Test Intermediate CA RSA
24issuer= CN = LibreSSL Test Root CA RSA
25-----BEGIN CERTIFICATE-----
26MIIDNjCCAh6gAwIBAgIJAOVssaaTYoHyMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNV
27BAMMGUxpYnJlU1NMIFRlc3QgUm9vdCBDQSBSU0EwHhcNMjExMjI3MTQ0MDM3WhcN
28MzExMjI1MTQ0MDM3WjAsMSowKAYDVQQDDCFMaWJyZVNTTCBUZXN0IEludGVybWVk
29aWF0ZSBDQSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD151AI
30I+W9MrEP3dO0PEjg6L9E1R6+CG6u0LT3Jobc/rG2RXqKLasEaXoBWYiJoTImVxFT
31wtrY+IDDTaEV4/4RGII1fY8Js7v5NpwoEh15jCoJ6/qDjKd4y1s1M48PlWYNNRmv
32OBKRIu3Fz7scUa1RSBCp1bZeHbq/V5SzG419nDq2xpyuUrwmfBhDZTH+kUwBNGn8
33XVRFCRJQVP3qEAH02Zai2emSVj13KrhEWMtNyA8fa34GIuV23Q40RKW3jUgGBF+D
345jPNN8EZCj34nvvbjCCBs7cxZvD4F/MzGbatKpNmNOKXKibeg/xCq8B/F1uzHcl3
35IzJuViNtQ3RjQ/1pAgMBAAGjYzBhMB0GA1UdDgQWBBQ2oaFa//6a3ZNBNV0NlN3n
36A9jiZjAfBgNVHSMEGDAWgBQ+S/x79Kw0KqURKAHyiOhdj/8V0TAPBgNVHRMBAf8E
37BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAcok2oSct
38BOkm75qA8+4eUilGxTaqFPCqY8fk8MKNRKNNzaqirPaLJW62mZaxRHOn1Bw9uzL3
39jgz2PaTwA7n5GpKs3r5JLk8BdtRyeqMLmqJVJKKuu4GtJLCA8jhQm+XNA1Z324hg
40kVeBHLPpLKvQxb+0lmbRBORq/OtMirq2yK8OlF2USrfQx0jmhSvvLpWyA0hhAXRS
41gg1ds9aL57dELvk6gR7Unob+J0O2Xq3FRwz2O1k9fF86a0qrWUkxcnAjobC2BczC
427Fe5B194LgrX2U4IIrzwgJ19kmtrb1Qol2okECxomTYsbQY36sBs+LOKxSuiagu6
43ZgJtfcNeVMglYQ==
44-----END CERTIFICATE-----
diff --git a/src/regress/lib/libssl/certs/server3-rsa.pem b/src/regress/lib/libssl/certs/server3-rsa.pem
deleted file mode 100644
index 256528ae35..0000000000
--- a/src/regress/lib/libssl/certs/server3-rsa.pem
+++ /dev/null
@@ -1,50 +0,0 @@
1subject= CN = LibreSSL Test Server 3 RSA
2issuer= CN = LibreSSL Test Intermediate CA RSA
3-----BEGIN CERTIFICATE-----
4MIIDNDCCAhygAwIBAgIJAOVssaaTYoH0MA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV
5BAMMIUxpYnJlU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBIFJTQTAeFw0yMTEyMjcx
6NDQwMzdaFw0zMTEyMjUxNDQwMzdaMCUxIzAhBgNVBAMMGkxpYnJlU1NMIFRlc3Qg
7U2VydmVyIDMgUlNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqw4
8GSS7/WAR0VYbqFTltj9Cv17m+RuztM1jiJq+MU0Gscbx59NFPt8UFevNsMzWNmAK
9qkioEMVJxXzSUDBjXjLesDt/+VTjR46z16fje3MhGmWa8lDt7hpuHwDF80dg3rZa
10kVEcgKvd6LODTucgE7l07DzMb8qAdRp1SDXIFECO0wLJewkf2CihmNukTxQhI0d+
11XPZTYe3cyMelj8KpCXCXOVXKnXI+BWnYMHC1Op4S9z90xiVBNgQ+Vmg2K9NFifzT
12ZyKIWsERq80rp1s+JmxmzA/vBRlsbj/Ec0h2kF4IavGtHwvAvdvIPV7AG/dIxwlT
13VnHZkPDuLK0H396wmwIDAQABo2AwXjAdBgNVHQ4EFgQUSuP+QN+526Pxw/LGBTqP
14WJpWGvwwHwYDVR0jBBgwFoAUNqGhWv/+mt2TQTVdDZTd5wPY4mYwDAYDVR0TAQH/
15BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAFBJ0mO7dpSN
16euxoh2DJghVfqQB4ladEroDZJkJEDuDkY3SjC+WB/lJowBVPC2QkzjTZt/J4B0Om
176irtKUC8jQ7aqMBfESu/s//GEU4kwlvlJN/Z0nLOh1YEeCwbkavFDy/X62iZ9XvJ
18gjLVVzaXKWGrgdJedHx9Di04rU9jME5qfpXZI50u8grZccpUuTTqpZBiGjFRda2j
19nJhgPBrn9/ityYaOrif8taR+QM6AETvEpJWo+I/iQ7vATmxHuq6y+0Sza5j9wGH/
20begJs9H890AiwO2bbUi1ehNj7NHZHySWNJlzBerwOQv7Zo8j+kHBop82ABsb/Xet
21kgn7bdkfKoI=
22-----END CERTIFICATE-----
23-----BEGIN PRIVATE KEY-----
24MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDKrDgZJLv9YBHR
25VhuoVOW2P0K/Xub5G7O0zWOImr4xTQaxxvHn00U+3xQV682wzNY2YAqqSKgQxUnF
26fNJQMGNeMt6wO3/5VONHjrPXp+N7cyEaZZryUO3uGm4fAMXzR2DetlqRURyAq93o
27s4NO5yATuXTsPMxvyoB1GnVINcgUQI7TAsl7CR/YKKGY26RPFCEjR35c9lNh7dzI
28x6WPwqkJcJc5Vcqdcj4FadgwcLU6nhL3P3TGJUE2BD5WaDYr00WJ/NNnIohawRGr
29zSunWz4mbGbMD+8FGWxuP8RzSHaQXghq8a0fC8C928g9XsAb90jHCVNWcdmQ8O4s
30rQff3rCbAgMBAAECggEAAoOiaoVvI5SGhA9KZosvElS0kkUuHlb+oraNjotE4r2u
314JO0Ooj/aelAiYkUUyYnXiNQ3o3qL9MSuDV1MnN3OBrvckY6rzAjZabaiklV5Bko
32hvhNtMXWPcbsKMxMqFjxVbHza6wS63G2XgWkEl2Bo10Am1Ghw51CfLFoVQ39vmqM
338xKqZBZRwRUNk/2ccNhG5crUOX9+wQJSVjZCTgevjCJVVsFX9NLsHsx7G1wtE580
34AuFb9JEe66QNrtpTbKQP61W8YiRKQHT5uAAL0X9o88d2rpjGAcpJ8214aGH5P1HH
35oUjL7mZceYuVeWvAMwLFFmPbPZuj3Ricgo1OIkKyyQKBgQDtNNXod5GzJyHOUrFR
36rijyHhS81sOeDOhTbc1Cx8eFNH/svGATAU01HqgFRZpeJPHsAVYwVizfyqp/CESk
37EFKTkMqRTat8Pkk+BtAGZD5fEBejl1fwRiBF9bTnk+u6q1WvBsQ0Bngf3v1CYGuq
38rvb57AvhkCsEMjWs1YplBLwdVwKBgQDauvNslanbFstrWVBJqxV1iEaWmN1Lr//C
39fwCFU8rH8VEvp+JJCICu7sE5Te+1TF/ASEs/bCrsW51YXjH30z3De1oFrjFVjwOU
40XFMqcaTCX5Fjxv739LmgGuO2MCrItmveQHYkpTzCl6/p/pI4I1QJN0S5a/FaBNcW
41x5tV2Ks4XQKBgHCCiBdsZ1pPbFR9moeAkQFOTU3InB5iRuwTf7F2Kue+oBK8wuEg
420+snMFDX08Flyq3DcIsaxMwdR8NbO5uJ9nDx03MaIQWcUYcvGgp+D6ttaZj5lwdr
43a7FjOrxAyCXRUKHlFrkKfH25eey66TabKKAgWv5RMGYcHqNs4ejKVyOfAoGALqUf
44tFBWYLqDtujdDljFwsLFCuieiL2HtVqQKd6sp+b2gUs0Ho8JokSYQDg2nlsjMEY6
45hdPzc2Q2Mdoknc0WptFvaTa0nqJZCRKHSc3ibPEkeDq/tPEjhNk3JmsvNI5ygnsM
46ttPmGTlv8l6vn/kouq5moYQ7fA78L4dxwOTr3qECgYBNuIf4vQq8WEkt0uSTJXom
47UQVZglJu61NVGzR//lyukQB7/HrdEMB+JYJfev0o1GxLx1RV8rTVaeDJkUJjwn/h
48qpqiLjJKF328oOuQdP3dH6AavH9r7gUOByOuxXgzZNbhtyNCrStAGOfX2xUxRZyZ
49l0+QtrqbPtB4VSfZ0j+imw==
50-----END PRIVATE KEY-----
diff --git a/src/regress/lib/libssl/ciphers/Makefile b/src/regress/lib/libssl/ciphers/Makefile
deleted file mode 100644
index 2575db4df4..0000000000
--- a/src/regress/lib/libssl/ciphers/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2020/09/13 16:51:30 jsing Exp $
2
3PROG= cipherstest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/ciphers/cipherstest.c b/src/regress/lib/libssl/ciphers/cipherstest.c
deleted file mode 100644
index c43939d4d5..0000000000
--- a/src/regress/lib/libssl/ciphers/cipherstest.c
+++ /dev/null
@@ -1,531 +0,0 @@
1/*
2 * Copyright (c) 2015, 2020 Joel Sing <jsing@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include <openssl/ssl.h>
18
19#include <err.h>
20#include <stdio.h>
21#include <string.h>
22
23int ssl3_num_ciphers(void);
24const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
25
26int ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str);
27
28static inline int
29ssl_aes_is_accelerated(void)
30{
31#if defined(__i386__) || defined(__x86_64__)
32 return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
33#else
34 return (0);
35#endif
36}
37
38static int
39check_cipher_order(void)
40{
41 unsigned long id, prev_id = 0;
42 const SSL_CIPHER *cipher;
43 int num_ciphers;
44 int i;
45
46 num_ciphers = ssl3_num_ciphers();
47
48 for (i = 1; i <= num_ciphers; i++) {
49 /*
50 * For some reason, ssl3_get_cipher() returns ciphers in
51 * reverse order.
52 */
53 if ((cipher = ssl3_get_cipher(num_ciphers - i)) == NULL) {
54 fprintf(stderr, "FAIL: ssl3_get_cipher(%d) returned "
55 "NULL\n", i);
56 return 1;
57 }
58 if ((id = SSL_CIPHER_get_id(cipher)) <= prev_id) {
59 fprintf(stderr, "FAIL: ssl3_ciphers is not sorted by "
60 "id - cipher %d (%lx) <= cipher %d (%lx)\n",
61 i, id, i - 1, prev_id);
62 return 1;
63 }
64 prev_id = id;
65 }
66
67 return 0;
68}
69
70static int
71cipher_find_test(void)
72{
73 STACK_OF(SSL_CIPHER) *ciphers;
74 const SSL_CIPHER *cipher;
75 unsigned char buf[2];
76 SSL_CTX *ssl_ctx = NULL;
77 SSL *ssl = NULL;
78 int ret = 1;
79 int i;
80
81 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) {
82 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
83 goto failure;
84 }
85 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
86 fprintf(stderr, "SSL_new() returned NULL\n");
87 goto failure;
88 }
89 if (!SSL_set_cipher_list(ssl, "ALL")) {
90 fprintf(stderr, "SSL_set_cipher_list failed\n");
91 goto failure;
92 }
93
94 if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {
95 fprintf(stderr, "no ciphers\n");
96 goto failure;
97 }
98
99 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
100 uint16_t cipher_value;
101
102 cipher = sk_SSL_CIPHER_value(ciphers, i);
103 cipher_value = SSL_CIPHER_get_value(cipher);
104
105 buf[0] = cipher_value >> 8;
106 buf[1] = cipher_value & 0xff;
107
108 if ((cipher = SSL_CIPHER_find(ssl, buf)) == NULL) {
109 fprintf(stderr,
110 "SSL_CIPHER_find() returned NULL for %s\n",
111 SSL_CIPHER_get_name(cipher));
112 goto failure;
113 }
114
115 if (SSL_CIPHER_get_value(cipher) != cipher_value) {
116 fprintf(stderr,
117 "got cipher with value 0x%x, want 0x%x\n",
118 SSL_CIPHER_get_value(cipher), cipher_value);
119 goto failure;
120 }
121 }
122
123 ret = 0;
124
125 failure:
126 SSL_CTX_free(ssl_ctx);
127 SSL_free(ssl);
128
129 return (ret);
130}
131
132static int
133cipher_get_by_value_tests(void)
134{
135 STACK_OF(SSL_CIPHER) *ciphers;
136 const SSL_CIPHER *cipher;
137 SSL_CTX *ssl_ctx = NULL;
138 SSL *ssl = NULL;
139 unsigned long id;
140 uint16_t value;
141 int ret = 1;
142 int i;
143
144 if ((ssl_ctx = SSL_CTX_new(SSLv23_method())) == NULL) {
145 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
146 goto failure;
147 }
148 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
149 fprintf(stderr, "SSL_new() returned NULL\n");
150 goto failure;
151 }
152
153 if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {
154 fprintf(stderr, "no ciphers\n");
155 goto failure;
156 }
157
158 for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
159 cipher = sk_SSL_CIPHER_value(ciphers, i);
160
161 id = SSL_CIPHER_get_id(cipher);
162 if (SSL_CIPHER_get_by_id(id) == NULL) {
163 fprintf(stderr, "SSL_CIPHER_get_by_id() failed "
164 "for %s (0x%lx)\n", SSL_CIPHER_get_name(cipher),
165 id);
166 goto failure;
167 }
168
169 value = SSL_CIPHER_get_value(cipher);
170 if (SSL_CIPHER_get_by_value(value) == NULL) {
171 fprintf(stderr, "SSL_CIPHER_get_by_value() failed "
172 "for %s (0x%04hx)\n", SSL_CIPHER_get_name(cipher),
173 value);
174 goto failure;
175 }
176 }
177
178 ret = 0;
179
180 failure:
181 SSL_CTX_free(ssl_ctx);
182 SSL_free(ssl);
183
184 return (ret);
185}
186
187struct parse_ciphersuites_test {
188 const char *str;
189 const int want;
190 const unsigned long cids[32];
191};
192
193struct parse_ciphersuites_test parse_ciphersuites_tests[] = {
194 {
195 /* LibreSSL names. */
196 .str = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256:AEAD-AES128-GCM-SHA256",
197 .want = 1,
198 .cids = {
199 TLS1_3_CK_AES_256_GCM_SHA384,
200 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
201 TLS1_3_CK_AES_128_GCM_SHA256,
202 },
203 },
204 {
205 /* OpenSSL names. */
206 .str = "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256",
207 .want = 1,
208 .cids = {
209 TLS1_3_CK_AES_256_GCM_SHA384,
210 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
211 TLS1_3_CK_AES_128_GCM_SHA256,
212 },
213 },
214 {
215 /* Different priority order. */
216 .str = "AEAD-AES128-GCM-SHA256:AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
217 .want = 1,
218 .cids = {
219 TLS1_3_CK_AES_128_GCM_SHA256,
220 TLS1_3_CK_AES_256_GCM_SHA384,
221 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
222 },
223 },
224 {
225 /* Known but unsupported names. */
226 .str = "AEAD-AES256-GCM-SHA384:AEAD-AES128-CCM-SHA256:AEAD-AES128-CCM-8-SHA256",
227 .want = 1,
228 .cids = {
229 TLS1_3_CK_AES_256_GCM_SHA384,
230 },
231 },
232 {
233 /* Empty string means no TLSv1.3 ciphersuites. */
234 .str = "",
235 .want = 1,
236 .cids = { 0 },
237 },
238 {
239 .str = "TLS_CHACHA20_POLY1305_SHA256:TLS_NOT_A_CIPHERSUITE",
240 .want = 0,
241 },
242 {
243 .str = "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256,TLS_AES_128_GCM_SHA256",
244 .want = 0,
245 },
246};
247
248#define N_PARSE_CIPHERSUITES_TESTS \
249 (sizeof(parse_ciphersuites_tests) / sizeof(*parse_ciphersuites_tests))
250
251static int
252parse_ciphersuites_test(void)
253{
254 struct parse_ciphersuites_test *pct;
255 STACK_OF(SSL_CIPHER) *ciphers = NULL;
256 SSL_CIPHER *cipher;
257 int failed = 1;
258 int j, ret;
259 size_t i;
260
261 for (i = 0; i < N_PARSE_CIPHERSUITES_TESTS; i++) {
262 pct = &parse_ciphersuites_tests[i];
263
264 ret = ssl_parse_ciphersuites(&ciphers, pct->str);
265 if (ret != pct->want) {
266 fprintf(stderr, "FAIL: test %zu - "
267 "ssl_parse_ciphersuites returned %d, want %d\n",
268 i, ret, pct->want);
269 goto failed;
270 }
271 if (ret == 0)
272 continue;
273
274 for (j = 0; j < sk_SSL_CIPHER_num(ciphers); j++) {
275 cipher = sk_SSL_CIPHER_value(ciphers, j);
276 if (SSL_CIPHER_get_id(cipher) == pct->cids[j])
277 continue;
278 fprintf(stderr, "FAIL: test %zu - got cipher %d with "
279 "id %lx, want %lx\n", i, j,
280 SSL_CIPHER_get_id(cipher), pct->cids[j]);
281 goto failed;
282 }
283 if (pct->cids[j] != 0) {
284 fprintf(stderr, "FAIL: test %zu - got %d ciphers, "
285 "expected more", i, sk_SSL_CIPHER_num(ciphers));
286 goto failed;
287 }
288 }
289
290 failed = 0;
291
292 failed:
293 sk_SSL_CIPHER_free(ciphers);
294
295 return failed;
296}
297
298struct cipher_set_test {
299 int ctx_ciphersuites_first;
300 const char *ctx_ciphersuites;
301 const char *ctx_rulestr;
302 int ssl_ciphersuites_first;
303 const char *ssl_ciphersuites;
304 const char *ssl_rulestr;
305 int cids_aes_accel_fixup;
306 unsigned long cids[32];
307};
308
309struct cipher_set_test cipher_set_tests[] = {
310 {
311 .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
312 .cids_aes_accel_fixup = 1,
313 .cids = {
314 TLS1_3_CK_AES_256_GCM_SHA384,
315 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
316 TLS1_3_CK_AES_128_GCM_SHA256,
317 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
318 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
319 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
320 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
321 },
322 },
323 {
324 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
325 .cids_aes_accel_fixup = 1,
326 .cids = {
327 TLS1_3_CK_AES_256_GCM_SHA384,
328 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
329 TLS1_3_CK_AES_128_GCM_SHA256,
330 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
331 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
332 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
333 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
334 },
335 },
336 {
337 .ctx_ciphersuites_first = 1,
338 .ctx_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
339 .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
340 .cids = {
341 TLS1_3_CK_AES_256_GCM_SHA384,
342 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
343 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
344 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
345 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
346 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
347 },
348 },
349 {
350 .ssl_ciphersuites_first = 1,
351 .ssl_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
352 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
353 .cids = {
354 TLS1_3_CK_AES_256_GCM_SHA384,
355 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
356 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
357 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
358 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
359 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
360 },
361 },
362 {
363 .ctx_ciphersuites_first = 0,
364 .ctx_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
365 .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
366 .cids = {
367 TLS1_3_CK_AES_256_GCM_SHA384,
368 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
369 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
370 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
371 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
372 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
373 },
374 },
375 {
376 .ssl_ciphersuites_first = 0,
377 .ssl_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
378 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
379 .cids = {
380 TLS1_3_CK_AES_256_GCM_SHA384,
381 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
382 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
383 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
384 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
385 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
386 },
387 },
388 {
389 .ssl_ciphersuites_first = 1,
390 .ssl_ciphersuites = "",
391 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
392 .cids = {
393 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
394 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
395 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
396 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
397 },
398 },
399 {
400 .ssl_ciphersuites_first = 0,
401 .ssl_ciphersuites = "",
402 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
403 .cids = {
404 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
405 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
406 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
407 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
408 },
409 },
410 {
411 .ctx_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
412 .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
413 .cids = {
414 TLS1_3_CK_AES_256_GCM_SHA384,
415 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
416 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
417 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
418 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
419 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
420 },
421 },
422 {
423 .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES",
424 .ssl_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256",
425 .cids = {
426 TLS1_3_CK_AES_256_GCM_SHA384,
427 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
428 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
429 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
430 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
431 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
432 },
433 },
434};
435
436#define N_CIPHER_SET_TESTS \
437 (sizeof(cipher_set_tests) / sizeof(*cipher_set_tests))
438
439static int
440cipher_set_test(void)
441{
442 struct cipher_set_test *cst;
443 STACK_OF(SSL_CIPHER) *ciphers = NULL;
444 SSL_CIPHER *cipher;
445 SSL_CTX *ctx = NULL;
446 SSL *ssl = NULL;
447 int failed = 0;
448 size_t i;
449 int j;
450
451 for (i = 0; i < N_CIPHER_SET_TESTS; i++) {
452 cst = &cipher_set_tests[i];
453
454 if (!ssl_aes_is_accelerated() && cst->cids_aes_accel_fixup) {
455 cst->cids[0] = TLS1_3_CK_CHACHA20_POLY1305_SHA256;
456 cst->cids[1] = TLS1_3_CK_AES_256_GCM_SHA384;
457 }
458
459 if ((ctx = SSL_CTX_new(TLS_method())) == NULL)
460 errx(1, "SSL_CTX_new");
461
462 if (cst->ctx_ciphersuites_first && cst->ctx_ciphersuites != NULL) {
463 if (!SSL_CTX_set_ciphersuites(ctx, cst->ctx_ciphersuites))
464 errx(1, "SSL_CTX_set_ciphersuites");
465 }
466 if (cst->ctx_rulestr != NULL) {
467 if (!SSL_CTX_set_cipher_list(ctx, cst->ctx_rulestr))
468 errx(1, "SSL_CTX_set_cipher_list");
469 }
470 if (!cst->ctx_ciphersuites_first && cst->ctx_ciphersuites != NULL) {
471 if (!SSL_CTX_set_ciphersuites(ctx, cst->ctx_ciphersuites))
472 errx(1, "SSL_CTX_set_ciphersuites");
473 }
474
475 /* XXX - check SSL_CTX_get_ciphers(ctx) */
476
477 if ((ssl = SSL_new(ctx)) == NULL)
478 errx(1, "SSL_new");
479
480 if (cst->ssl_ciphersuites_first && cst->ssl_ciphersuites != NULL) {
481 if (!SSL_set_ciphersuites(ssl, cst->ssl_ciphersuites))
482 errx(1, "SSL_set_ciphersuites");
483 }
484 if (cst->ssl_rulestr != NULL) {
485 if (!SSL_set_cipher_list(ssl, cst->ssl_rulestr))
486 errx(1, "SSL_set_cipher_list");
487 }
488 if (!cst->ssl_ciphersuites_first && cst->ssl_ciphersuites != NULL) {
489 if (!SSL_set_ciphersuites(ssl, cst->ssl_ciphersuites))
490 errx(1, "SSL_set_ciphersuites");
491 }
492
493 ciphers = SSL_get_ciphers(ssl);
494
495 for (j = 0; j < sk_SSL_CIPHER_num(ciphers); j++) {
496 cipher = sk_SSL_CIPHER_value(ciphers, j);
497 if (SSL_CIPHER_get_id(cipher) == cst->cids[j])
498 continue;
499 fprintf(stderr, "FAIL: test %zu - got cipher %d with "
500 "id %lx, want %lx\n", i, j,
501 SSL_CIPHER_get_id(cipher), cst->cids[j]);
502 failed |= 1;
503 }
504 if (cst->cids[j] != 0) {
505 fprintf(stderr, "FAIL: test %zu - got %d ciphers, "
506 "expected more", i, sk_SSL_CIPHER_num(ciphers));
507 failed |= 1;
508 }
509
510 SSL_CTX_free(ctx);
511 SSL_free(ssl);
512 }
513
514 return failed;
515}
516
517int
518main(int argc, char **argv)
519{
520 int failed = 0;
521
522 failed |= check_cipher_order();
523
524 failed |= cipher_find_test();
525 failed |= cipher_get_by_value_tests();
526
527 failed |= parse_ciphersuites_test();
528 failed |= cipher_set_test();
529
530 return (failed);
531}
diff --git a/src/regress/lib/libssl/client/Makefile b/src/regress/lib/libssl/client/Makefile
deleted file mode 100644
index 5a54f80914..0000000000
--- a/src/regress/lib/libssl/client/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.3 2021/08/30 17:34:01 tb Exp $
2
3PROG= clienttest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c
deleted file mode 100644
index b0486d95f0..0000000000
--- a/src/regress/lib/libssl/client/clienttest.c
+++ /dev/null
@@ -1,731 +0,0 @@
1/* $OpenBSD: clienttest.c,v 1.39 2022/07/19 20:16:50 tb Exp $ */
2/*
3 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include <openssl/dtls1.h>
21#include <openssl/ssl3.h>
22
23#include <err.h>
24#include <stdio.h>
25#include <string.h>
26
27#define DTLS_HM_OFFSET (DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH)
28#define DTLS_RANDOM_OFFSET (DTLS_HM_OFFSET + 2)
29#define DTLS_CIPHER_OFFSET (DTLS_HM_OFFSET + 38)
30
31#define SSL3_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH)
32#define SSL3_RANDOM_OFFSET (SSL3_HM_OFFSET + 2)
33#define SSL3_CIPHER_OFFSET (SSL3_HM_OFFSET + 37)
34
35#define TLS13_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH)
36#define TLS13_RANDOM_OFFSET (TLS13_HM_OFFSET + 2)
37#define TLS13_SESSION_OFFSET (TLS13_HM_OFFSET + 34)
38#define TLS13_CIPHER_OFFSET (TLS13_HM_OFFSET + 69)
39#define TLS13_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 192)
40#define TLS13_ONLY_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 98)
41
42#define TLS1_3_VERSION_ONLY (TLS1_3_VERSION | 0x10000)
43
44static const uint8_t cipher_list_dtls1[] = {
45 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
46 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
47 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
48 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08,
49 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
50};
51
52static const uint8_t client_hello_dtls1[] = {
53 0x16, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00,
54 0x00, 0x00, 0x00, 0x00, 0x74, 0x01, 0x00, 0x00,
55 0x68, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
56 0x68, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00,
57 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
58 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
59 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
60 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x26, 0xc0,
61 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00,
62 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0,
63 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00,
64 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00,
65 0x16, 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00,
66 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
67 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00,
68 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00,
69 0x00,
70};
71
72static const uint8_t cipher_list_dtls12_aes[] = {
73 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24,
74 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b,
75 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa,
76 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
77 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
78 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
79 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
80 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
81 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
82 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
83 0x00, 0x0a, 0x00, 0xff
84};
85
86static const uint8_t cipher_list_dtls12_chacha[] = {
87 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30,
88 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
89 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
90 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
91 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
92 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
93 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
94 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
95 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
96 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
97 0x00, 0x0a, 0x00, 0xff,
98};
99
100static const uint8_t client_hello_dtls12[] = {
101 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00,
102 0x00, 0x00, 0x00, 0x00, 0xbe, 0x01, 0x00, 0x00,
103 0xb2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
104 0xb2, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00,
105 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
106 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
107 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
108 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x54, 0xc0,
109 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
110 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00,
111 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff,
112 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00,
113 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00,
114 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0,
115 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00,
116 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00,
117 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00,
118 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00,
119 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x34, 0x00,
120 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00,
121 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00,
122 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, 0x00, 0x00,
123 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08, 0x06, 0x06,
124 0x01, 0x06, 0x03, 0x08, 0x05, 0x05, 0x01, 0x05,
125 0x03, 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0x02,
126 0x01, 0x02, 0x03,
127};
128
129static const uint8_t cipher_list_tls10[] = {
130 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
131 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
132 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
133 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07,
134 0x00, 0x05, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
135 0x00, 0x0a, 0x00, 0xff,
136};
137
138static const uint8_t client_hello_tls10[] = {
139 0x16, 0x03, 0x01, 0x00, 0x71, 0x01, 0x00, 0x00,
140 0x6d, 0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
141 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
142 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
143 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
144 0x00, 0x00, 0x00, 0x00, 0x00, 0x2c, 0xc0, 0x14,
145 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88,
146 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13,
147 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f,
148 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
149 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
150 0x00, 0xff, 0x01, 0x00, 0x00, 0x18, 0x00, 0x0b,
151 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a,
152 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
153 0x00, 0x19, 0x00, 0x23, 0x00, 0x00,
154};
155
156static const uint8_t cipher_list_tls11[] = {
157 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85,
158 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84,
159 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45,
160 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07,
161 0x00, 0x05, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16,
162 0x00, 0x0a, 0x00, 0xff,
163};
164
165static const uint8_t client_hello_tls11[] = {
166 0x16, 0x03, 0x01, 0x00, 0x71, 0x01, 0x00, 0x00,
167 0x6d, 0x03, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00,
168 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
169 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
170 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
171 0x00, 0x00, 0x00, 0x00, 0x00, 0x2c, 0xc0, 0x14,
172 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88,
173 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13,
174 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f,
175 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
176 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
177 0x00, 0xff, 0x01, 0x00, 0x00, 0x18, 0x00, 0x0b,
178 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a,
179 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
180 0x00, 0x19, 0x00, 0x23, 0x00, 0x00,
181};
182
183static const uint8_t cipher_list_tls12_aes[] = {
184 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24,
185 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b,
186 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa,
187 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
188 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
189 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
190 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
191 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
192 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
193 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
194 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
195 0x00, 0xff,
196};
197
198static const uint8_t cipher_list_tls12_chacha[] = {
199 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30,
200 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
201 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
202 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81,
203 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0,
204 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27,
205 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e,
206 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45,
207 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba,
208 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05,
209 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a,
210 0x00, 0xff,
211};
212
213static const uint8_t client_hello_tls12[] = {
214 0x16, 0x03, 0x01, 0x00, 0xbb, 0x01, 0x00, 0x00,
215 0xb7, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
216 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
217 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
218 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
219 0x00, 0x00, 0x00, 0x00, 0x00, 0x5a, 0xc0, 0x30,
220 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
221 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
222 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85,
223 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
224 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
225 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
226 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
227 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
228 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
229 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12,
230 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
231 0x01, 0x00, 0x00, 0x34, 0x00, 0x0b, 0x00, 0x02,
232 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08,
233 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19,
234 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18,
235 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03,
236 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04,
237 0x04, 0x01, 0x04, 0x03, 0x02, 0x01, 0x02, 0x03,
238};
239
240static const uint8_t cipher_list_tls13_aes[] = {
241 0x13, 0x02, 0x13, 0x03, 0x13, 0x01, 0xc0, 0x30,
242 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
243 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39,
244 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85,
245 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
246 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
247 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
248 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
249 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
250 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
251 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12,
252 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
253};
254
255static const uint8_t cipher_list_tls13_chacha[] = {
256 0x13, 0x03, 0x13, 0x02, 0x13, 0x01, 0xcc, 0xa9,
257 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c,
258 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a,
259 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85,
260 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d,
261 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84,
262 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23,
263 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67,
264 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c,
265 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41,
266 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12,
267 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff,
268};
269
270static const uint8_t client_hello_tls13[] = {
271 0x16, 0x03, 0x01, 0x01, 0x18, 0x01, 0x00, 0x01,
272 0x14, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
273 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
274 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
275 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
276 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
277 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
278 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
279 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
280 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x13, 0x03,
281 0x13, 0x02, 0x13, 0x01, 0xcc, 0xa9, 0xcc, 0xa8,
282 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28,
283 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f,
284 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85, 0x00, 0xc4,
285 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, 0x00, 0x3d,
286 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, 0xc0, 0x2f,
287 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x13,
288 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67, 0x00, 0x33,
289 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c, 0x00, 0x3c,
290 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, 0xc0, 0x11,
291 0xc0, 0x07, 0x00, 0x05, 0xc0, 0x12, 0xc0, 0x08,
292 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00,
293 0x00, 0x6b, 0x00, 0x2b, 0x00, 0x09, 0x08, 0x03,
294 0x04, 0x03, 0x03, 0x03, 0x02, 0x03, 0x01, 0x00,
295 0x33, 0x00, 0x26, 0x00, 0x24, 0x00, 0x1d, 0x00,
296 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
297 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
298 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
299 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
300 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
301 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00,
302 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00,
303 0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08,
304 0x06, 0x06, 0x01, 0x06, 0x03, 0x08, 0x05, 0x05,
305 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01, 0x04,
306 0x03, 0x02, 0x01, 0x02, 0x03,
307};
308
309static const uint8_t cipher_list_tls13_only_aes[] = {
310 0x13, 0x02, 0x13, 0x03, 0x13, 0x01,
311};
312
313static const uint8_t cipher_list_tls13_only_chacha[] = {
314 0x13, 0x03, 0x13, 0x02, 0x13, 0x01,
315};
316
317static const uint8_t client_hello_tls13_only[] = {
318 0x16, 0x03, 0x03, 0x00, 0xb6, 0x01, 0x00, 0x00,
319 0xb2, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00,
320 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
321 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
322 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
323 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
324 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
325 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
326 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
327 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x13, 0x03,
328 0x13, 0x02, 0x13, 0x01, 0x00, 0xff, 0x01, 0x00,
329 0x00, 0x61, 0x00, 0x2b, 0x00, 0x03, 0x02, 0x03,
330 0x04, 0x00, 0x33, 0x00, 0x26, 0x00, 0x24, 0x00,
331 0x1d, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00,
332 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
333 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
334 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
335 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01,
336 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00,
337 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00,
338 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x14, 0x00,
339 0x12, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08,
340 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04,
341 0x01, 0x04, 0x03,
342};
343
344struct client_hello_test {
345 const char *desc;
346 const int protocol;
347 const size_t random_start;
348 const size_t session_start;
349 const size_t key_share_start;
350 const SSL_METHOD *(*ssl_method)(void);
351 const long ssl_options;
352};
353
354static const struct client_hello_test client_hello_tests[] = {
355 {
356 .desc = "DTLSv1 client method",
357 .protocol = DTLS1_VERSION,
358 .random_start = DTLS_RANDOM_OFFSET,
359 .ssl_method = DTLSv1_client_method,
360 },
361 {
362 .desc = "DTLSv1.2 client method",
363 .protocol = DTLS1_2_VERSION,
364 .random_start = DTLS_RANDOM_OFFSET,
365 .ssl_method = DTLSv1_2_client_method,
366 },
367 {
368 .desc = "DTLS client method",
369 .protocol = DTLS1_2_VERSION,
370 .random_start = DTLS_RANDOM_OFFSET,
371 .ssl_method = DTLS_client_method,
372 },
373 {
374 .desc = "DTLS client method (no DTLSv1.2)",
375 .protocol = DTLS1_VERSION,
376 .random_start = DTLS_RANDOM_OFFSET,
377 .ssl_method = DTLS_client_method,
378 .ssl_options = SSL_OP_NO_DTLSv1_2,
379 },
380 {
381 .desc = "DTLS client method (no DTLSv1.0)",
382 .protocol = DTLS1_2_VERSION,
383 .random_start = DTLS_RANDOM_OFFSET,
384 .ssl_method = DTLS_client_method,
385 .ssl_options = SSL_OP_NO_DTLSv1,
386 },
387 {
388 .desc = "TLSv1 client method",
389 .protocol = TLS1_VERSION,
390 .random_start = SSL3_RANDOM_OFFSET,
391 .ssl_method = TLSv1_client_method,
392 },
393 {
394 .desc = "TLSv1_1 client method",
395 .protocol = TLS1_1_VERSION,
396 .random_start = SSL3_RANDOM_OFFSET,
397 .ssl_method = TLSv1_1_client_method,
398 },
399 {
400 .desc = "TLSv1_2 client method",
401 .protocol = TLS1_2_VERSION,
402 .random_start = SSL3_RANDOM_OFFSET,
403 .ssl_method = TLSv1_2_client_method,
404 },
405 {
406 .desc = "SSLv23 default",
407 .protocol = TLS1_3_VERSION,
408 .random_start = TLS13_RANDOM_OFFSET,
409 .session_start = TLS13_SESSION_OFFSET,
410 .key_share_start = TLS13_KEY_SHARE_OFFSET,
411 .ssl_method = SSLv23_client_method,
412 .ssl_options = 0,
413 },
414 {
415 .desc = "SSLv23 default (no TLSv1.3)",
416 .protocol = TLS1_2_VERSION,
417 .random_start = SSL3_RANDOM_OFFSET,
418 .ssl_method = SSLv23_client_method,
419 .ssl_options = SSL_OP_NO_TLSv1_3,
420 },
421 {
422 .desc = "SSLv23 (no TLSv1.2)",
423 .protocol = TLS1_1_VERSION,
424 .random_start = SSL3_RANDOM_OFFSET,
425 .ssl_method = SSLv23_client_method,
426 .ssl_options = SSL_OP_NO_TLSv1_2,
427 },
428 {
429 .desc = "SSLv23 (no TLSv1.1)",
430 .protocol = TLS1_VERSION,
431 .random_start = SSL3_RANDOM_OFFSET,
432 .ssl_method = SSLv23_client_method,
433 .ssl_options = SSL_OP_NO_TLSv1_1,
434 },
435 {
436 .desc = "TLS default",
437 .protocol = TLS1_3_VERSION,
438 .random_start = TLS13_RANDOM_OFFSET,
439 .session_start = TLS13_SESSION_OFFSET,
440 .key_share_start = TLS13_KEY_SHARE_OFFSET,
441 .ssl_method = TLS_client_method,
442 .ssl_options = 0,
443 },
444 {
445 .desc = "TLS (no TLSv1.3)",
446 .protocol = TLS1_2_VERSION,
447 .random_start = SSL3_RANDOM_OFFSET,
448 .ssl_method = TLS_client_method,
449 .ssl_options = SSL_OP_NO_TLSv1_3,
450 },
451 {
452 .desc = "TLS (no TLSv1.2)",
453 .protocol = TLS1_1_VERSION,
454 .random_start = SSL3_RANDOM_OFFSET,
455 .ssl_method = TLS_client_method,
456 .ssl_options = SSL_OP_NO_TLSv1_2,
457 },
458 {
459 .desc = "TLS (no TLSv1.1)",
460 .protocol = TLS1_VERSION,
461 .random_start = SSL3_RANDOM_OFFSET,
462 .ssl_method = TLS_client_method,
463 .ssl_options = SSL_OP_NO_TLSv1_1,
464 },
465#if 0
466 /* XXX - build client hello with explicit versions extension. */
467 {
468 .desc = "TLS (no TLSv1.0, no TLSv1.1)",
469 .protocol = TLS1_3_VERSION,
470 .random_start = TLS13_RANDOM_OFFSET,
471 .session_start = TLS13_SESSION_OFFSET,
472 .key_share_start = TLS13_KEY_SHARE_OFFSET,
473 .ssl_method = TLS_client_method,
474 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
475 },
476#endif
477 {
478 .desc = "TLS (no TLSv1.0, no TLSv1.1, no TLSv1.2)",
479 .protocol = TLS1_3_VERSION_ONLY,
480 .random_start = TLS13_RANDOM_OFFSET,
481 .session_start = TLS13_SESSION_OFFSET,
482 .key_share_start = TLS13_ONLY_KEY_SHARE_OFFSET,
483 .ssl_method = TLS_client_method,
484 .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
485 },
486};
487
488#define N_CLIENT_HELLO_TESTS \
489 (sizeof(client_hello_tests) / sizeof(*client_hello_tests))
490
491static void
492hexdump(const uint8_t *buf, size_t len, const uint8_t *compare)
493{
494 const char *mark = "";
495 size_t i;
496
497 for (i = 1; i <= len; i++) {
498 if (compare != NULL)
499 mark = (buf[i - 1] != compare[i - 1]) ? "*" : " ";
500 fprintf(stderr, " %s0x%02hhx,%s", mark, buf[i - 1],
501 i % 8 && i != len ? "" : "\n");
502 }
503 fprintf(stderr, "\n");
504}
505
506static inline int
507ssl_aes_is_accelerated(void)
508{
509#if defined(__i386__) || defined(__x86_64__)
510 return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
511#else
512 return (0);
513#endif
514}
515
516static int
517make_client_hello(int protocol, char **out, size_t *outlen)
518{
519 size_t client_hello_len, cipher_list_len, cipher_list_offset;
520 const uint8_t *client_hello, *cipher_list;
521 char *p;
522
523 *out = NULL;
524 *outlen = 0;
525
526 switch (protocol) {
527 case DTLS1_VERSION:
528 client_hello = client_hello_dtls1;
529 client_hello_len = sizeof(client_hello_dtls1);
530 cipher_list = cipher_list_dtls1;
531 cipher_list_len = sizeof(cipher_list_dtls1);
532 cipher_list_offset = DTLS_CIPHER_OFFSET;
533 break;
534
535 case DTLS1_2_VERSION:
536 client_hello = client_hello_dtls12;
537 client_hello_len = sizeof(client_hello_dtls12);
538 cipher_list = cipher_list_dtls12_chacha;
539 cipher_list_len = sizeof(cipher_list_dtls12_chacha);
540 if (ssl_aes_is_accelerated()) {
541 cipher_list = cipher_list_dtls12_aes;
542 cipher_list_len = sizeof(cipher_list_dtls12_aes);
543 }
544 cipher_list_offset = DTLS_CIPHER_OFFSET;
545 break;
546
547 case TLS1_VERSION:
548 client_hello = client_hello_tls10;
549 client_hello_len = sizeof(client_hello_tls10);
550 cipher_list = cipher_list_tls10;
551 cipher_list_len = sizeof(cipher_list_tls10);
552 cipher_list_offset = SSL3_CIPHER_OFFSET;
553 break;
554
555 case TLS1_1_VERSION:
556 client_hello = client_hello_tls11;
557 client_hello_len = sizeof(client_hello_tls11);
558 cipher_list = cipher_list_tls11;
559 cipher_list_len = sizeof(cipher_list_tls11);
560 cipher_list_offset = SSL3_CIPHER_OFFSET;
561 break;
562
563 case TLS1_2_VERSION:
564 client_hello = client_hello_tls12;
565 client_hello_len = sizeof(client_hello_tls12);
566 cipher_list = cipher_list_tls12_chacha;
567 cipher_list_len = sizeof(cipher_list_tls12_chacha);
568 if (ssl_aes_is_accelerated()) {
569 cipher_list = cipher_list_tls12_aes;
570 cipher_list_len = sizeof(cipher_list_tls12_aes);
571 }
572 cipher_list_offset = SSL3_CIPHER_OFFSET;
573 break;
574
575 case TLS1_3_VERSION:
576 client_hello = client_hello_tls13;
577 client_hello_len = sizeof(client_hello_tls13);
578 cipher_list = cipher_list_tls13_chacha;
579 cipher_list_len = sizeof(cipher_list_tls13_chacha);
580 if (ssl_aes_is_accelerated()) {
581 cipher_list = cipher_list_tls13_aes;
582 cipher_list_len = sizeof(cipher_list_tls13_aes);
583 }
584 cipher_list_offset = TLS13_CIPHER_OFFSET;
585 break;
586
587 case TLS1_3_VERSION_ONLY:
588 client_hello = client_hello_tls13_only;
589 client_hello_len = sizeof(client_hello_tls13_only);
590 cipher_list = cipher_list_tls13_only_chacha;
591 cipher_list_len = sizeof(cipher_list_tls13_only_chacha);
592 if (ssl_aes_is_accelerated()) {
593 cipher_list = cipher_list_tls13_only_aes;
594 cipher_list_len = sizeof(cipher_list_tls13_only_aes);
595 }
596 cipher_list_offset = TLS13_CIPHER_OFFSET;
597 break;
598
599 default:
600 return (-1);
601 }
602
603 if ((p = malloc(client_hello_len)) == NULL)
604 return (-1);
605
606 memcpy(p, client_hello, client_hello_len);
607 memcpy(p + cipher_list_offset, cipher_list, cipher_list_len);
608
609 *out = p;
610 *outlen = client_hello_len;
611
612 return (0);
613}
614
615static int
616client_hello_test(int testno, const struct client_hello_test *cht)
617{
618 BIO *rbio = NULL, *wbio = NULL;
619 SSL_CTX *ssl_ctx = NULL;
620 SSL *ssl = NULL;
621 char *client_hello = NULL;
622 size_t client_hello_len;
623 size_t session_len;
624 char *wbuf, rbuf[1];
625 int ret = 1;
626 long len;
627
628 fprintf(stderr, "Test %d - %s\n", testno, cht->desc);
629
630 /* Providing a small buf causes *_get_server_hello() to return. */
631 if ((rbio = BIO_new_mem_buf(rbuf, sizeof(rbuf))) == NULL) {
632 fprintf(stderr, "Failed to setup rbio\n");
633 goto failure;
634 }
635 if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
636 fprintf(stderr, "Failed to setup wbio\n");
637 goto failure;
638 }
639
640 if ((ssl_ctx = SSL_CTX_new(cht->ssl_method())) == NULL) {
641 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
642 goto failure;
643 }
644
645 SSL_CTX_set_options(ssl_ctx, cht->ssl_options);
646
647 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
648 fprintf(stderr, "SSL_new() returned NULL\n");
649 goto failure;
650 }
651
652 BIO_up_ref(rbio);
653 BIO_up_ref(wbio);
654 SSL_set_bio(ssl, rbio, wbio);
655
656 if (SSL_connect(ssl) != 0) {
657 fprintf(stderr, "SSL_connect() returned non-zero\n");
658 goto failure;
659 }
660
661 len = BIO_get_mem_data(wbio, &wbuf);
662
663 if (make_client_hello(cht->protocol, &client_hello,
664 &client_hello_len) != 0)
665 errx(1, "failed to make client hello");
666
667 if ((size_t)len != client_hello_len) {
668 fprintf(stderr, "FAIL: test returned ClientHello length %ld, "
669 "want %zu\n", len, client_hello_len);
670 fprintf(stderr, "received:\n");
671 hexdump(wbuf, len, NULL);
672 fprintf(stderr, "test data:\n");
673 hexdump(client_hello, client_hello_len, NULL);
674 fprintf(stderr, "\n");
675 goto failure;
676 }
677
678 /* We expect the client random to differ. */
679 if (memcmp(&client_hello[cht->random_start], &wbuf[cht->random_start],
680 SSL3_RANDOM_SIZE) == 0) {
681 fprintf(stderr, "FAIL: ClientHello has zeroed random\n");
682 goto failure;
683 }
684
685 memset(&wbuf[cht->random_start], 0, SSL3_RANDOM_SIZE);
686
687 if (cht->session_start > 0) {
688 session_len = wbuf[cht->session_start];
689 if (session_len > 0)
690 memset(&wbuf[cht->session_start + 1], 0, session_len);
691 }
692 if (cht->key_share_start > 0)
693 memset(&wbuf[cht->key_share_start], 0, 32);
694
695 if (memcmp(client_hello, wbuf, client_hello_len) != 0) {
696 fprintf(stderr, "FAIL: ClientHello differs:\n");
697 fprintf(stderr, "received:\n");
698 hexdump(wbuf, len, client_hello);
699 fprintf(stderr, "test data:\n");
700 hexdump(client_hello, client_hello_len, wbuf);
701 fprintf(stderr, "\n");
702 goto failure;
703 }
704
705 ret = 0;
706
707 failure:
708 SSL_CTX_free(ssl_ctx);
709 SSL_free(ssl);
710
711 BIO_free(rbio);
712 BIO_free(wbio);
713
714 free(client_hello);
715
716 return (ret);
717}
718
719int
720main(int argc, char **argv)
721{
722 int failed = 0;
723 size_t i;
724
725 SSL_library_init();
726
727 for (i = 0; i < N_CLIENT_HELLO_TESTS; i++)
728 failed |= client_hello_test(i, &client_hello_tests[i]);
729
730 return (failed);
731}
diff --git a/src/regress/lib/libssl/dtls/Makefile b/src/regress/lib/libssl/dtls/Makefile
deleted file mode 100644
index 438cd5c7ff..0000000000
--- a/src/regress/lib/libssl/dtls/Makefile
+++ /dev/null
@@ -1,20 +0,0 @@
1# $OpenBSD: Makefile,v 1.3 2022/01/07 09:07:00 tb Exp $
2
3PROG= dtlstest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libcrypto/bio
9CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
10
11REGRESS_TARGETS= \
12 regress-dtlstest
13
14regress-dtlstest: ${PROG}
15 ./dtlstest \
16 ${.CURDIR}/../../libssl/certs/server.pem \
17 ${.CURDIR}/../../libssl/certs/server.pem \
18 ${.CURDIR}/../../libssl/certs/ca.pem
19
20.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/dtls/dtlstest.c b/src/regress/lib/libssl/dtls/dtlstest.c
deleted file mode 100644
index 3819039f82..0000000000
--- a/src/regress/lib/libssl/dtls/dtlstest.c
+++ /dev/null
@@ -1,1071 +0,0 @@
1/* $OpenBSD: dtlstest.c,v 1.16 2022/10/02 16:38:23 jsing Exp $ */
2/*
3 * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <netinet/in.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <limits.h>
23#include <poll.h>
24#include <unistd.h>
25
26#include <openssl/bio.h>
27#include <openssl/err.h>
28#include <openssl/ssl.h>
29
30#include "bio_local.h"
31#include "ssl_locl.h"
32
33const char *server_ca_file;
34const char *server_cert_file;
35const char *server_key_file;
36
37char dtls_cookie[32];
38
39int debug = 0;
40
41void tls12_record_layer_set_initial_epoch(struct tls12_record_layer *rl,
42 uint16_t epoch);
43
44static void
45hexdump(const unsigned char *buf, size_t len)
46{
47 size_t i;
48
49 for (i = 1; i <= len; i++)
50 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
51
52 if (len % 8)
53 fprintf(stderr, "\n");
54}
55
56#define BIO_C_DELAY_COUNT 1000
57#define BIO_C_DELAY_FLUSH 1001
58#define BIO_C_DELAY_PACKET 1002
59#define BIO_C_DROP_PACKET 1003
60#define BIO_C_DROP_RANDOM 1004
61
62struct bio_packet_monkey_ctx {
63 unsigned int delay_count;
64 unsigned int delay_mask;
65 unsigned int drop_rand;
66 unsigned int drop_mask;
67 uint8_t *delayed_msg;
68 size_t delayed_msg_len;
69};
70
71static int
72bio_packet_monkey_new(BIO *bio)
73{
74 struct bio_packet_monkey_ctx *ctx;
75
76 if ((ctx = calloc(1, sizeof(*ctx))) == NULL)
77 return 0;
78
79 bio->flags = 0;
80 bio->init = 1;
81 bio->num = 0;
82 bio->ptr = ctx;
83
84 return 1;
85}
86
87static int
88bio_packet_monkey_free(BIO *bio)
89{
90 struct bio_packet_monkey_ctx *ctx;
91
92 if (bio == NULL)
93 return 1;
94
95 ctx = bio->ptr;
96 free(ctx->delayed_msg);
97 free(ctx);
98
99 return 1;
100}
101
102static int
103bio_packet_monkey_delay_flush(BIO *bio)
104{
105 struct bio_packet_monkey_ctx *ctx = bio->ptr;
106
107 if (ctx->delayed_msg == NULL)
108 return 1;
109
110 if (debug)
111 fprintf(stderr, "DEBUG: flushing delayed packet...\n");
112 if (debug > 1)
113 hexdump(ctx->delayed_msg, ctx->delayed_msg_len);
114
115 BIO_write(bio->next_bio, ctx->delayed_msg, ctx->delayed_msg_len);
116
117 free(ctx->delayed_msg);
118 ctx->delayed_msg = NULL;
119
120 return BIO_ctrl(bio->next_bio, BIO_CTRL_FLUSH, 0, NULL);
121}
122
123static long
124bio_packet_monkey_ctrl(BIO *bio, int cmd, long num, void *ptr)
125{
126 struct bio_packet_monkey_ctx *ctx;
127
128 ctx = bio->ptr;
129
130 switch (cmd) {
131 case BIO_C_DELAY_COUNT:
132 if (num < 1 || num > 31)
133 return 0;
134 ctx->delay_count = num;
135 return 1;
136
137 case BIO_C_DELAY_FLUSH:
138 return bio_packet_monkey_delay_flush(bio);
139
140 case BIO_C_DELAY_PACKET:
141 if (num < 1 || num > 31)
142 return 0;
143 ctx->delay_mask |= 1 << ((unsigned int)num - 1);
144 return 1;
145
146 case BIO_C_DROP_PACKET:
147 if (num < 1 || num > 31)
148 return 0;
149 ctx->drop_mask |= 1 << ((unsigned int)num - 1);
150 return 1;
151
152 case BIO_C_DROP_RANDOM:
153 if (num < 0 || (size_t)num > UINT_MAX)
154 return 0;
155 ctx->drop_rand = (unsigned int)num;
156 return 1;
157 }
158
159 if (bio->next_bio == NULL)
160 return 0;
161
162 return BIO_ctrl(bio->next_bio, cmd, num, ptr);
163}
164
165static int
166bio_packet_monkey_read(BIO *bio, char *out, int out_len)
167{
168 struct bio_packet_monkey_ctx *ctx = bio->ptr;
169 int ret;
170
171 if (ctx == NULL || bio->next_bio == NULL)
172 return 0;
173
174 ret = BIO_read(bio->next_bio, out, out_len);
175
176 if (ret > 0) {
177 if (debug)
178 fprintf(stderr, "DEBUG: read packet...\n");
179 if (debug > 1)
180 hexdump(out, ret);
181 }
182
183 BIO_clear_retry_flags(bio);
184 if (ret <= 0 && BIO_should_retry(bio->next_bio))
185 BIO_set_retry_read(bio);
186
187 return ret;
188}
189
190static int
191bio_packet_monkey_write(BIO *bio, const char *in, int in_len)
192{
193 struct bio_packet_monkey_ctx *ctx = bio->ptr;
194 const char *label = "writing";
195 int delay = 0, drop = 0;
196 int ret;
197
198 if (ctx == NULL || bio->next_bio == NULL)
199 return 0;
200
201 if (ctx->delayed_msg != NULL && ctx->delay_count > 0)
202 ctx->delay_count--;
203
204 if (ctx->delayed_msg != NULL && ctx->delay_count == 0) {
205 if (debug)
206 fprintf(stderr, "DEBUG: writing delayed packet...\n");
207 if (debug > 1)
208 hexdump(ctx->delayed_msg, ctx->delayed_msg_len);
209
210 ret = BIO_write(bio->next_bio, ctx->delayed_msg,
211 ctx->delayed_msg_len);
212
213 BIO_clear_retry_flags(bio);
214 if (ret <= 0 && BIO_should_retry(bio->next_bio)) {
215 BIO_set_retry_write(bio);
216 return (ret);
217 }
218
219 free(ctx->delayed_msg);
220 ctx->delayed_msg = NULL;
221 }
222
223 if (ctx->delay_mask > 0) {
224 delay = ctx->delay_mask & 1;
225 ctx->delay_mask >>= 1;
226 }
227 if (ctx->drop_rand > 0) {
228 drop = arc4random_uniform(ctx->drop_rand) == 0;
229 } else if (ctx->drop_mask > 0) {
230 drop = ctx->drop_mask & 1;
231 ctx->drop_mask >>= 1;
232 }
233
234 if (delay)
235 label = "delaying";
236 if (drop)
237 label = "dropping";
238 if (debug)
239 fprintf(stderr, "DEBUG: %s packet...\n", label);
240 if (debug > 1)
241 hexdump(in, in_len);
242
243 if (drop)
244 return in_len;
245
246 if (delay) {
247 if (ctx->delayed_msg != NULL)
248 return 0;
249 if ((ctx->delayed_msg = calloc(1, in_len)) == NULL)
250 return 0;
251 memcpy(ctx->delayed_msg, in, in_len);
252 ctx->delayed_msg_len = in_len;
253 return in_len;
254 }
255
256 ret = BIO_write(bio->next_bio, in, in_len);
257
258 BIO_clear_retry_flags(bio);
259 if (ret <= 0 && BIO_should_retry(bio->next_bio))
260 BIO_set_retry_write(bio);
261
262 return ret;
263}
264
265static int
266bio_packet_monkey_puts(BIO *bio, const char *str)
267{
268 return bio_packet_monkey_write(bio, str, strlen(str));
269}
270
271static const BIO_METHOD bio_packet_monkey = {
272 .type = BIO_TYPE_BUFFER,
273 .name = "packet monkey",
274 .bread = bio_packet_monkey_read,
275 .bwrite = bio_packet_monkey_write,
276 .bputs = bio_packet_monkey_puts,
277 .ctrl = bio_packet_monkey_ctrl,
278 .create = bio_packet_monkey_new,
279 .destroy = bio_packet_monkey_free
280};
281
282static const BIO_METHOD *
283BIO_f_packet_monkey(void)
284{
285 return &bio_packet_monkey;
286}
287
288static BIO *
289BIO_new_packet_monkey(void)
290{
291 return BIO_new(BIO_f_packet_monkey());
292}
293
294static int
295BIO_packet_monkey_delay(BIO *bio, int num, int count)
296{
297 if (!BIO_ctrl(bio, BIO_C_DELAY_COUNT, count, NULL))
298 return 0;
299
300 return BIO_ctrl(bio, BIO_C_DELAY_PACKET, num, NULL);
301}
302
303static int
304BIO_packet_monkey_delay_flush(BIO *bio)
305{
306 return BIO_ctrl(bio, BIO_C_DELAY_FLUSH, 0, NULL);
307}
308
309static int
310BIO_packet_monkey_drop(BIO *bio, int num)
311{
312 return BIO_ctrl(bio, BIO_C_DROP_PACKET, num, NULL);
313}
314
315#if 0
316static int
317BIO_packet_monkey_drop_random(BIO *bio, int num)
318{
319 return BIO_ctrl(bio, BIO_C_DROP_RANDOM, num, NULL);
320}
321#endif
322
323static int
324datagram_pair(int *client_sock, int *server_sock,
325 struct sockaddr_in *server_sin)
326{
327 struct sockaddr_in sin;
328 socklen_t sock_len;
329 int cs = -1, ss = -1;
330
331 memset(&sin, 0, sizeof(sin));
332 sin.sin_family = AF_INET;
333 sin.sin_port = 0;
334 sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
335
336 if ((ss = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
337 err(1, "server socket");
338 if (bind(ss, (struct sockaddr *)&sin, sizeof(sin)) == -1)
339 err(1, "server bind");
340 sock_len = sizeof(sin);
341 if (getsockname(ss, (struct sockaddr *)&sin, &sock_len) == -1)
342 err(1, "server getsockname");
343
344 if ((cs = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
345 err(1, "client socket");
346 if (connect(cs, (struct sockaddr *)&sin, sizeof(sin)) == -1)
347 err(1, "client connect");
348
349 *client_sock = cs;
350 *server_sock = ss;
351 memcpy(server_sin, &sin, sizeof(sin));
352
353 return 1;
354}
355
356static int
357poll_timeout(SSL *client, SSL *server)
358{
359 int client_timeout = 0, server_timeout = 0;
360 struct timeval timeout;
361
362 if (DTLSv1_get_timeout(client, &timeout))
363 client_timeout = timeout.tv_sec * 1000 + timeout.tv_usec / 1000;
364
365 if (DTLSv1_get_timeout(server, &timeout))
366 server_timeout = timeout.tv_sec * 1000 + timeout.tv_usec / 1000;
367
368 if (client_timeout <= 0)
369 return server_timeout;
370 if (client_timeout > 0 && server_timeout <= 0)
371 return client_timeout;
372 if (client_timeout < server_timeout)
373 return client_timeout;
374
375 return server_timeout;
376}
377
378static int
379dtls_cookie_generate(SSL *ssl, unsigned char *cookie,
380 unsigned int *cookie_len)
381{
382 arc4random_buf(dtls_cookie, sizeof(dtls_cookie));
383 memcpy(cookie, dtls_cookie, sizeof(dtls_cookie));
384 *cookie_len = sizeof(dtls_cookie);
385
386 return 1;
387}
388
389static int
390dtls_cookie_verify(SSL *ssl, const unsigned char *cookie,
391 unsigned int cookie_len)
392{
393 return cookie_len == sizeof(dtls_cookie) &&
394 memcmp(cookie, dtls_cookie, sizeof(dtls_cookie)) == 0;
395}
396
397static void
398dtls_info_callback(const SSL *ssl, int type, int val)
399{
400 /*
401 * Squeals ahead... remove the bbio from the info callback, so we can
402 * drop specific messages. Ideally this would be an option for the SSL.
403 */
404 if (ssl->wbio == ssl->bbio)
405 ((SSL *)ssl)->wbio = BIO_pop(ssl->wbio);
406}
407
408static SSL *
409dtls_client(int sock, struct sockaddr_in *server_sin, long mtu)
410{
411 SSL_CTX *ssl_ctx = NULL;
412 SSL *ssl = NULL;
413 BIO *bio = NULL;
414
415 if ((bio = BIO_new_dgram(sock, BIO_NOCLOSE)) == NULL)
416 errx(1, "client bio");
417 if (!BIO_socket_nbio(sock, 1))
418 errx(1, "client nbio");
419 if (!BIO_ctrl_set_connected(bio, 1, server_sin))
420 errx(1, "client set connected");
421
422 if ((ssl_ctx = SSL_CTX_new(DTLS_method())) == NULL)
423 errx(1, "client context");
424
425 if ((ssl = SSL_new(ssl_ctx)) == NULL)
426 errx(1, "client ssl");
427
428 SSL_set_bio(ssl, bio, bio);
429 bio = NULL;
430
431 if (mtu > 0) {
432 SSL_set_options(ssl, SSL_OP_NO_QUERY_MTU);
433 SSL_set_mtu(ssl, mtu);
434 }
435
436 SSL_CTX_free(ssl_ctx);
437 BIO_free(bio);
438
439 return ssl;
440}
441
442static SSL *
443dtls_server(int sock, long options, long mtu)
444{
445 SSL_CTX *ssl_ctx = NULL;
446 SSL *ssl = NULL;
447 BIO *bio = NULL;
448
449 if ((bio = BIO_new_dgram(sock, BIO_NOCLOSE)) == NULL)
450 errx(1, "server bio");
451 if (!BIO_socket_nbio(sock, 1))
452 errx(1, "server nbio");
453
454 if ((ssl_ctx = SSL_CTX_new(DTLS_method())) == NULL)
455 errx(1, "server context");
456
457 SSL_CTX_set_cookie_generate_cb(ssl_ctx, dtls_cookie_generate);
458 SSL_CTX_set_cookie_verify_cb(ssl_ctx, dtls_cookie_verify);
459 SSL_CTX_set_dh_auto(ssl_ctx, 2);
460 SSL_CTX_set_options(ssl_ctx, options);
461
462 if (SSL_CTX_use_certificate_chain_file(ssl_ctx, server_cert_file) != 1) {
463 fprintf(stderr, "FAIL: Failed to load server certificate");
464 goto failure;
465 }
466 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
467 SSL_FILETYPE_PEM) != 1) {
468 fprintf(stderr, "FAIL: Failed to load server private key");
469 goto failure;
470 }
471
472 if ((ssl = SSL_new(ssl_ctx)) == NULL)
473 errx(1, "server ssl");
474
475 if (SSL_use_certificate_chain_file(ssl, server_cert_file) != 1) {
476 fprintf(stderr, "FAIL: Failed to load server certificate");
477 goto failure;
478 }
479 SSL_set_bio(ssl, bio, bio);
480 bio = NULL;
481
482 if (mtu > 0) {
483 SSL_set_options(ssl, SSL_OP_NO_QUERY_MTU);
484 SSL_set_mtu(ssl, mtu);
485 }
486
487 failure:
488 SSL_CTX_free(ssl_ctx);
489 BIO_free(bio);
490
491 return ssl;
492}
493
494static int
495ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret,
496 short *events)
497{
498 int ssl_err;
499
500 ssl_err = SSL_get_error(ssl, ssl_ret);
501
502 if (ssl_err == SSL_ERROR_WANT_READ) {
503 *events = POLLIN;
504 } else if (ssl_err == SSL_ERROR_WANT_WRITE) {
505 *events = POLLOUT;
506 } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
507 /* Yup, this is apparently a thing... */
508 } else {
509 fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
510 name, desc, ssl_err, errno);
511 ERR_print_errors_fp(stderr);
512 return 0;
513 }
514
515 return 1;
516}
517
518static int
519do_connect(SSL *ssl, const char *name, int *done, short *events)
520{
521 int ssl_ret;
522
523 if ((ssl_ret = SSL_connect(ssl)) != 1)
524 return ssl_error(ssl, name, "connect", ssl_ret, events);
525
526 fprintf(stderr, "INFO: %s connect done\n", name);
527 *done = 1;
528
529 return 1;
530}
531
532static int
533do_connect_read(SSL *ssl, const char *name, int *done, short *events)
534{
535 uint8_t buf[2048];
536 int ssl_ret;
537 int i;
538
539 if ((ssl_ret = SSL_connect(ssl)) != 1)
540 return ssl_error(ssl, name, "connect", ssl_ret, events);
541
542 fprintf(stderr, "INFO: %s connect done\n", name);
543 *done = 1;
544
545 for (i = 0; i < 3; i++) {
546 fprintf(stderr, "INFO: %s reading after connect\n", name);
547 if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) != 3) {
548 fprintf(stderr, "ERROR: %s read failed\n", name);
549 return 0;
550 }
551 }
552
553 return 1;
554}
555
556static int
557do_connect_shutdown(SSL *ssl, const char *name, int *done, short *events)
558{
559 uint8_t buf[2048];
560 int ssl_ret;
561
562 if ((ssl_ret = SSL_connect(ssl)) != 1)
563 return ssl_error(ssl, name, "connect", ssl_ret, events);
564
565 fprintf(stderr, "INFO: %s connect done\n", name);
566 *done = 1;
567
568 ssl_ret = SSL_read(ssl, buf, sizeof(buf));
569 if (SSL_get_error(ssl, ssl_ret) != SSL_ERROR_ZERO_RETURN) {
570 fprintf(stderr, "FAIL: %s did not receive close-notify\n", name);
571 return 0;
572 }
573
574 fprintf(stderr, "INFO: %s received close-notify\n", name);
575
576 return 1;
577}
578
579static int
580do_accept(SSL *ssl, const char *name, int *done, short *events)
581{
582 int ssl_ret;
583
584 if ((ssl_ret = SSL_accept(ssl)) != 1)
585 return ssl_error(ssl, name, "accept", ssl_ret, events);
586
587 fprintf(stderr, "INFO: %s accept done\n", name);
588 *done = 1;
589
590 return 1;
591}
592
593static int
594do_accept_write(SSL *ssl, const char *name, int *done, short *events)
595{
596 int ssl_ret;
597 BIO *bio;
598 int i;
599
600 if ((ssl_ret = SSL_accept(ssl)) != 1)
601 return ssl_error(ssl, name, "accept", ssl_ret, events);
602
603 fprintf(stderr, "INFO: %s accept done\n", name);
604
605 for (i = 0; i < 3; i++) {
606 fprintf(stderr, "INFO: %s writing after accept\n", name);
607 if ((ssl_ret = SSL_write(ssl, "abc", 3)) != 3) {
608 fprintf(stderr, "ERROR: %s write failed\n", name);
609 return 0;
610 }
611 }
612
613 if ((bio = SSL_get_wbio(ssl)) == NULL)
614 errx(1, "SSL has NULL bio");
615
616 /* Flush any delayed packets. */
617 BIO_packet_monkey_delay_flush(bio);
618
619 *done = 1;
620 return 1;
621}
622
623static int
624do_accept_shutdown(SSL *ssl, const char *name, int *done, short *events)
625{
626 int ssl_ret;
627 BIO *bio;
628
629 if ((ssl_ret = SSL_accept(ssl)) != 1)
630 return ssl_error(ssl, name, "accept", ssl_ret, events);
631
632 fprintf(stderr, "INFO: %s accept done\n", name);
633
634 SSL_shutdown(ssl);
635
636 if ((bio = SSL_get_wbio(ssl)) == NULL)
637 errx(1, "SSL has NULL bio");
638
639 /* Flush any delayed packets. */
640 BIO_packet_monkey_delay_flush(bio);
641
642 *done = 1;
643 return 1;
644}
645
646static int
647do_read(SSL *ssl, const char *name, int *done, short *events)
648{
649 uint8_t buf[512];
650 int ssl_ret;
651
652 if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) > 0) {
653 fprintf(stderr, "INFO: %s read done\n", name);
654 if (debug > 1)
655 hexdump(buf, ssl_ret);
656 *done = 1;
657 return 1;
658 }
659
660 return ssl_error(ssl, name, "read", ssl_ret, events);
661}
662
663static int
664do_write(SSL *ssl, const char *name, int *done, short *events)
665{
666 const uint8_t buf[] = "Hello, World!\n";
667 int ssl_ret;
668
669 if ((ssl_ret = SSL_write(ssl, buf, sizeof(buf))) > 0) {
670 fprintf(stderr, "INFO: %s write done\n", name);
671 *done = 1;
672 return 1;
673 }
674
675 return ssl_error(ssl, name, "write", ssl_ret, events);
676}
677
678static int
679do_shutdown(SSL *ssl, const char *name, int *done, short *events)
680{
681 int ssl_ret;
682
683 ssl_ret = SSL_shutdown(ssl);
684 if (ssl_ret == 1) {
685 fprintf(stderr, "INFO: %s shutdown done\n", name);
686 *done = 1;
687 return 1;
688 }
689 return ssl_error(ssl, name, "shutdown", ssl_ret, events);
690}
691
692typedef int (ssl_func)(SSL *ssl, const char *name, int *done, short *events);
693
694static int
695do_client_server_loop(SSL *client, ssl_func *client_func, SSL *server,
696 ssl_func *server_func, struct pollfd pfd[2])
697{
698 int client_done = 0, server_done = 0;
699 int i = 0;
700
701 pfd[0].revents = POLLIN;
702 pfd[1].revents = POLLIN;
703
704 do {
705 if (!client_done) {
706 if (debug)
707 fprintf(stderr, "DEBUG: client loop\n");
708 if (DTLSv1_handle_timeout(client) > 0)
709 fprintf(stderr, "INFO: client timeout\n");
710 if (!client_func(client, "client", &client_done,
711 &pfd[0].events))
712 return 0;
713 if (client_done)
714 pfd[0].events = 0;
715 }
716 if (!server_done) {
717 if (debug)
718 fprintf(stderr, "DEBUG: server loop\n");
719 if (DTLSv1_handle_timeout(server) > 0)
720 fprintf(stderr, "INFO: server timeout\n");
721 if (!server_func(server, "server", &server_done,
722 &pfd[1].events))
723 return 0;
724 if (server_done)
725 pfd[1].events = 0;
726 }
727 if (poll(pfd, 2, poll_timeout(client, server)) == -1)
728 err(1, "poll");
729
730 } while (i++ < 100 && (!client_done || !server_done));
731
732 if (!client_done || !server_done)
733 fprintf(stderr, "FAIL: gave up\n");
734
735 return client_done && server_done;
736}
737
738#define MAX_PACKET_DELAYS 32
739#define MAX_PACKET_DROPS 32
740
741struct dtls_delay {
742 uint8_t packet;
743 uint8_t count;
744};
745
746struct dtls_test {
747 const unsigned char *desc;
748 long mtu;
749 long ssl_options;
750 int client_bbio_off;
751 int server_bbio_off;
752 uint16_t initial_epoch;
753 int write_after_accept;
754 int shutdown_after_accept;
755 struct dtls_delay client_delays[MAX_PACKET_DELAYS];
756 struct dtls_delay server_delays[MAX_PACKET_DELAYS];
757 uint8_t client_drops[MAX_PACKET_DROPS];
758 uint8_t server_drops[MAX_PACKET_DROPS];
759};
760
761static const struct dtls_test dtls_tests[] = {
762 {
763 .desc = "DTLS without cookies",
764 .ssl_options = 0,
765 },
766 {
767 .desc = "DTLS without cookies (initial epoch 0xfffe)",
768 .ssl_options = 0,
769 .initial_epoch = 0xfffe,
770 },
771 {
772 .desc = "DTLS without cookies (initial epoch 0xffff)",
773 .ssl_options = 0,
774 .initial_epoch = 0xffff,
775 },
776 {
777 .desc = "DTLS with cookies",
778 .ssl_options = SSL_OP_COOKIE_EXCHANGE,
779 },
780 {
781 .desc = "DTLS with low MTU",
782 .mtu = 256,
783 .ssl_options = 0,
784 },
785 {
786 .desc = "DTLS with low MTU and cookies",
787 .mtu = 256,
788 .ssl_options = SSL_OP_COOKIE_EXCHANGE,
789 },
790 {
791 .desc = "DTLS with dropped server response",
792 .ssl_options = 0,
793 .server_drops = { 1 },
794 },
795 {
796 .desc = "DTLS with two dropped server responses",
797 .ssl_options = 0,
798 .server_drops = { 1, 2 },
799 },
800 {
801 .desc = "DTLS with dropped ServerHello",
802 .ssl_options = SSL_OP_NO_TICKET,
803 .server_bbio_off = 1,
804 .server_drops = { 1 },
805 },
806 {
807 .desc = "DTLS with dropped server Certificate",
808 .ssl_options = SSL_OP_NO_TICKET,
809 .server_bbio_off = 1,
810 .server_drops = { 2 },
811 },
812 {
813 .desc = "DTLS with dropped ServerKeyExchange",
814 .ssl_options = SSL_OP_NO_TICKET,
815 .server_bbio_off = 1,
816 .server_drops = { 3 },
817 },
818 {
819 .desc = "DTLS with dropped ServerHelloDone",
820 .ssl_options = SSL_OP_NO_TICKET,
821 .server_bbio_off = 1,
822 .server_drops = { 4 },
823 },
824#if 0
825 /*
826 * These two result in the server accept completing and the
827 * client looping on a timeout. Presumably the server should not
828 * complete until the client Finished is received... this due to
829 * a flaw in the DTLSv1.0 specification, which is addressed in
830 * DTLSv1.2 (see references to "last flight" in RFC 6347 section
831 * 4.2.4). Our DTLS server code still needs to support this.
832 */
833 {
834 .desc = "DTLS with dropped server CCS",
835 .ssl_options = 0,
836 .server_bbio_off = 1,
837 .server_drops = { 5 },
838 },
839 {
840 .desc = "DTLS with dropped server Finished",
841 .ssl_options = 0,
842 .server_bbio_off = 1,
843 .server_drops = { 6 },
844 },
845#endif
846 {
847 .desc = "DTLS with dropped ClientKeyExchange",
848 .ssl_options = 0,
849 .client_bbio_off = 1,
850 .client_drops = { 2 },
851 },
852 {
853 .desc = "DTLS with dropped client CCS",
854 .ssl_options = 0,
855 .client_bbio_off = 1,
856 .client_drops = { 3 },
857 },
858 {
859 .desc = "DTLS with dropped client Finished",
860 .ssl_options = 0,
861 .client_bbio_off = 1,
862 .client_drops = { 4 },
863 },
864 {
865 /* Send CCS after client Finished. */
866 .desc = "DTLS with delayed client CCS",
867 .ssl_options = 0,
868 .client_bbio_off = 1,
869 .client_delays = { { 3, 2 } },
870 },
871 {
872 /*
873 * Send CCS after server Finished - note app data will be
874 * dropped if we send the CCS after app data.
875 */
876 .desc = "DTLS with delayed server CCS",
877 .ssl_options = SSL_OP_NO_TICKET,
878 .server_bbio_off = 1,
879 .server_delays = { { 5, 2 } },
880 .write_after_accept = 1,
881 },
882 {
883 .desc = "DTLS with delayed server CCS (initial epoch 0xfffe)",
884 .ssl_options = SSL_OP_NO_TICKET,
885 .server_bbio_off = 1,
886 .initial_epoch = 0xfffe,
887 .server_delays = { { 5, 2 } },
888 .write_after_accept = 1,
889 },
890 {
891 .desc = "DTLS with delayed server CCS (initial epoch 0xffff)",
892 .ssl_options = SSL_OP_NO_TICKET,
893 .server_bbio_off = 1,
894 .initial_epoch = 0xffff,
895 .server_delays = { { 5, 2 } },
896 .write_after_accept = 1,
897 },
898 {
899 /* Send Finished after app data - this is currently buffered. */
900 .desc = "DTLS with delayed server Finished",
901 .ssl_options = SSL_OP_NO_TICKET,
902 .server_bbio_off = 1,
903 .server_delays = { { 6, 3 } },
904 .write_after_accept = 1,
905 },
906 {
907 /* Send CCS after server finished and close-notify. */
908 .desc = "DTLS with delayed server CCS (close-notify)",
909 .ssl_options = SSL_OP_NO_TICKET,
910 .server_bbio_off = 1,
911 .server_delays = { { 5, 3 } },
912 .shutdown_after_accept = 1,
913 },
914};
915
916#define N_DTLS_TESTS (sizeof(dtls_tests) / sizeof(*dtls_tests))
917
918static void
919dtlstest_packet_monkey(SSL *ssl, const struct dtls_delay delays[],
920 const uint8_t drops[])
921{
922 BIO *bio_monkey;
923 BIO *bio;
924 int i;
925
926 if ((bio_monkey = BIO_new_packet_monkey()) == NULL)
927 errx(1, "packet monkey");
928
929 for (i = 0; i < MAX_PACKET_DELAYS; i++) {
930 if (delays[i].packet == 0)
931 break;
932 if (!BIO_packet_monkey_delay(bio_monkey, delays[i].packet,
933 delays[i].count))
934 errx(1, "delay failure");
935 }
936
937 for (i = 0; i < MAX_PACKET_DROPS; i++) {
938 if (drops[i] == 0)
939 break;
940 if (!BIO_packet_monkey_drop(bio_monkey, drops[i]))
941 errx(1, "drop failure");
942 }
943
944 if ((bio = SSL_get_wbio(ssl)) == NULL)
945 errx(1, "SSL has NULL bio");
946
947 BIO_up_ref(bio);
948 bio = BIO_push(bio_monkey, bio);
949
950 SSL_set_bio(ssl, bio, bio);
951}
952
953static int
954dtlstest(const struct dtls_test *dt)
955{
956 SSL *client = NULL, *server = NULL;
957 ssl_func *connect_func, *accept_func;
958 struct sockaddr_in server_sin;
959 struct pollfd pfd[2];
960 int client_sock = -1;
961 int server_sock = -1;
962 int failed = 1;
963
964 fprintf(stderr, "\n== Testing %s... ==\n", dt->desc);
965
966 if (!datagram_pair(&client_sock, &server_sock, &server_sin))
967 goto failure;
968
969 if ((client = dtls_client(client_sock, &server_sin, dt->mtu)) == NULL)
970 goto failure;
971
972 if ((server = dtls_server(server_sock, dt->ssl_options, dt->mtu)) == NULL)
973 goto failure;
974
975 tls12_record_layer_set_initial_epoch(client->rl, dt->initial_epoch);
976 tls12_record_layer_set_initial_epoch(server->rl, dt->initial_epoch);
977
978 if (dt->client_bbio_off)
979 SSL_set_info_callback(client, dtls_info_callback);
980 if (dt->server_bbio_off)
981 SSL_set_info_callback(server, dtls_info_callback);
982
983 dtlstest_packet_monkey(client, dt->client_delays, dt->client_drops);
984 dtlstest_packet_monkey(server, dt->server_delays, dt->server_drops);
985
986 pfd[0].fd = client_sock;
987 pfd[0].events = POLLOUT;
988 pfd[1].fd = server_sock;
989 pfd[1].events = POLLIN;
990
991 accept_func = do_accept;
992 connect_func = do_connect;
993
994 if (dt->write_after_accept) {
995 accept_func = do_accept_write;
996 connect_func = do_connect_read;
997 } else if (dt->shutdown_after_accept) {
998 accept_func = do_accept_shutdown;
999 connect_func = do_connect_shutdown;
1000 }
1001
1002 if (!do_client_server_loop(client, connect_func, server, accept_func, pfd)) {
1003 fprintf(stderr, "FAIL: client and server handshake failed\n");
1004 goto failure;
1005 }
1006
1007 if (dt->write_after_accept || dt->shutdown_after_accept)
1008 goto done;
1009
1010 pfd[0].events = POLLIN;
1011 pfd[1].events = POLLOUT;
1012
1013 if (!do_client_server_loop(client, do_read, server, do_write, pfd)) {
1014 fprintf(stderr, "FAIL: client read and server write I/O failed\n");
1015 goto failure;
1016 }
1017
1018 pfd[0].events = POLLOUT;
1019 pfd[1].events = POLLIN;
1020
1021 if (!do_client_server_loop(client, do_write, server, do_read, pfd)) {
1022 fprintf(stderr, "FAIL: client write and server read I/O failed\n");
1023 goto failure;
1024 }
1025
1026 pfd[0].events = POLLOUT;
1027 pfd[1].events = POLLOUT;
1028
1029 if (!do_client_server_loop(client, do_shutdown, server, do_shutdown, pfd)) {
1030 fprintf(stderr, "FAIL: client and server shutdown failed\n");
1031 goto failure;
1032 }
1033
1034 done:
1035 fprintf(stderr, "INFO: Done!\n");
1036
1037 failed = 0;
1038
1039 failure:
1040 if (client_sock != -1)
1041 close(client_sock);
1042 if (server_sock != -1)
1043 close(server_sock);
1044
1045 SSL_free(client);
1046 SSL_free(server);
1047
1048 return failed;
1049}
1050
1051int
1052main(int argc, char **argv)
1053{
1054 int failed = 0;
1055 size_t i;
1056
1057 if (argc != 4) {
1058 fprintf(stderr, "usage: %s keyfile certfile cafile\n",
1059 argv[0]);
1060 exit(1);
1061 }
1062
1063 server_key_file = argv[1];
1064 server_cert_file = argv[2];
1065 server_ca_file = argv[3];
1066
1067 for (i = 0; i < N_DTLS_TESTS; i++)
1068 failed |= dtlstest(&dtls_tests[i]);
1069
1070 return failed;
1071}
diff --git a/src/regress/lib/libssl/handshake/Makefile b/src/regress/lib/libssl/handshake/Makefile
deleted file mode 100644
index 64bd5709a8..0000000000
--- a/src/regress/lib/libssl/handshake/Makefile
+++ /dev/null
@@ -1,45 +0,0 @@
1# $OpenBSD: Makefile,v 1.9 2022/06/29 15:06:18 tb Exp $
2
3PROGS += handshake_table
4PROGS += valid_handshakes_terminate
5
6.for p in ${PROGS}
7REGRESS_TARGETS += run-$p
8.endfor
9
10LDADD = ${SSL_INT} -lcrypto
11DPADD = ${LIBCRYPTO} ${LIBSSL}
12WARNINGS = Yes
13CFLAGS += -DLIBRESSL_INTERNAL -Wundef -Werror
14CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
15
16print: handshake_table
17 @./handshake_table -C
18
19handshake.gv: handshake_table
20 ./handshake_table -g > $@.tmp
21 mv $@.tmp $@
22
23CLEANFILES += handshake.gv
24
25.for _FMT in png ps svg
26handshake.${_FMT}: handshake.gv
27 @if [ ! -x /usr/local/bin/dot ]; then \
28 echo "pkg_add graphviz to generate png"; \
29 false; \
30 fi
31 dot -T${_FMT} handshake.gv -o $@
32
33CLEANFILES += handshake.${_FMT}
34.endfor
35
36.for p in ${PROGS}
37run-$p: $p
38 ./$p
39
40.PHONY: run-$p
41.endfor
42
43.PHONY: print
44
45.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/handshake/handshake_table.c b/src/regress/lib/libssl/handshake/handshake_table.c
deleted file mode 100644
index b316734524..0000000000
--- a/src/regress/lib/libssl/handshake/handshake_table.c
+++ /dev/null
@@ -1,553 +0,0 @@
1/* $OpenBSD: handshake_table.c,v 1.17 2022/03/08 16:59:25 tb Exp $ */
2/*
3 * Copyright (c) 2019 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdint.h>
20#include <stdio.h>
21#include <stdlib.h>
22#include <unistd.h>
23
24#include "tls13_handshake.h"
25
26#define MAX_FLAGS (UINT8_MAX + 1)
27
28/*
29 * From RFC 8446:
30 *
31 * Appendix A. State Machine
32 *
33 * This appendix provides a summary of the legal state transitions for
34 * the client and server handshakes. State names (in all capitals,
35 * e.g., START) have no formal meaning but are provided for ease of
36 * comprehension. Actions which are taken only in certain circumstances
37 * are indicated in []. The notation "K_{send,recv} = foo" means "set
38 * the send/recv key to the given key".
39 *
40 * A.1. Client
41 *
42 * START <----+
43 * Send ClientHello | | Recv HelloRetryRequest
44 * [K_send = early data] | |
45 * v |
46 * / WAIT_SH ----+
47 * | | Recv ServerHello
48 * | | K_recv = handshake
49 * Can | V
50 * send | WAIT_EE
51 * early | | Recv EncryptedExtensions
52 * data | +--------+--------+
53 * | Using | | Using certificate
54 * | PSK | v
55 * | | WAIT_CERT_CR
56 * | | Recv | | Recv CertificateRequest
57 * | | Certificate | v
58 * | | | WAIT_CERT
59 * | | | | Recv Certificate
60 * | | v v
61 * | | WAIT_CV
62 * | | | Recv CertificateVerify
63 * | +> WAIT_FINISHED <+
64 * | | Recv Finished
65 * \ | [Send EndOfEarlyData]
66 * | K_send = handshake
67 * | [Send Certificate [+ CertificateVerify]]
68 * Can send | Send Finished
69 * app data --> | K_send = K_recv = application
70 * after here v
71 * CONNECTED
72 *
73 * Note that with the transitions as shown above, clients may send
74 * alerts that derive from post-ServerHello messages in the clear or
75 * with the early data keys. If clients need to send such alerts, they
76 * SHOULD first rekey to the handshake keys if possible.
77 *
78 */
79
80struct child {
81 enum tls13_message_type mt;
82 uint8_t flag;
83 uint8_t forced;
84 uint8_t illegal;
85};
86
87static struct child stateinfo[][TLS13_NUM_MESSAGE_TYPES] = {
88 [CLIENT_HELLO] = {
89 {
90 .mt = SERVER_HELLO_RETRY_REQUEST,
91 },
92 {
93 .mt = SERVER_HELLO,
94 .flag = WITHOUT_HRR,
95 },
96 },
97 [SERVER_HELLO_RETRY_REQUEST] = {
98 {
99 .mt = CLIENT_HELLO_RETRY,
100 },
101 },
102 [CLIENT_HELLO_RETRY] = {
103 {
104 .mt = SERVER_HELLO,
105 },
106 },
107 [SERVER_HELLO] = {
108 {
109 .mt = SERVER_ENCRYPTED_EXTENSIONS,
110 },
111 },
112 [SERVER_ENCRYPTED_EXTENSIONS] = {
113 {
114 .mt = SERVER_CERTIFICATE_REQUEST,
115 },
116 { .mt = SERVER_CERTIFICATE,
117 .flag = WITHOUT_CR,
118 },
119 {
120 .mt = SERVER_FINISHED,
121 .flag = WITH_PSK,
122 },
123 },
124 [SERVER_CERTIFICATE_REQUEST] = {
125 {
126 .mt = SERVER_CERTIFICATE,
127 },
128 },
129 [SERVER_CERTIFICATE] = {
130 {
131 .mt = SERVER_CERTIFICATE_VERIFY,
132 },
133 },
134 [SERVER_CERTIFICATE_VERIFY] = {
135 {
136 .mt = SERVER_FINISHED,
137 },
138 },
139 [SERVER_FINISHED] = {
140 {
141 .mt = CLIENT_FINISHED,
142 .forced = WITHOUT_CR | WITH_PSK,
143 },
144 {
145 .mt = CLIENT_CERTIFICATE,
146 .illegal = WITHOUT_CR | WITH_PSK,
147 },
148 },
149 [CLIENT_CERTIFICATE] = {
150 {
151 .mt = CLIENT_FINISHED,
152 },
153 {
154 .mt = CLIENT_CERTIFICATE_VERIFY,
155 .flag = WITH_CCV,
156 },
157 },
158 [CLIENT_CERTIFICATE_VERIFY] = {
159 {
160 .mt = CLIENT_FINISHED,
161 },
162 },
163 [CLIENT_FINISHED] = {
164 {
165 .mt = APPLICATION_DATA,
166 },
167 },
168 [APPLICATION_DATA] = {
169 {
170 .mt = 0,
171 },
172 },
173};
174
175const size_t stateinfo_count = sizeof(stateinfo) / sizeof(stateinfo[0]);
176
177void build_table(enum tls13_message_type
178 table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES],
179 struct child current, struct child end,
180 struct child path[], uint8_t flags, unsigned int depth);
181size_t count_handshakes(void);
182void edge(enum tls13_message_type start,
183 enum tls13_message_type end, uint8_t flag);
184const char *flag2str(uint8_t flag);
185void flag_label(uint8_t flag);
186void forced_edges(enum tls13_message_type start,
187 enum tls13_message_type end, uint8_t forced);
188int generate_graphics(void);
189void fprint_entry(FILE *stream,
190 enum tls13_message_type path[TLS13_NUM_MESSAGE_TYPES],
191 uint8_t flags);
192void fprint_flags(FILE *stream, uint8_t flags);
193const char *mt2str(enum tls13_message_type mt);
194void usage(void);
195int verify_table(enum tls13_message_type
196 table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES], int print);
197
198const char *
199flag2str(uint8_t flag)
200{
201 const char *ret;
202
203 if (flag & (flag - 1))
204 errx(1, "more than one bit is set");
205
206 switch (flag) {
207 case INITIAL:
208 ret = "INITIAL";
209 break;
210 case NEGOTIATED:
211 ret = "NEGOTIATED";
212 break;
213 case WITHOUT_CR:
214 ret = "WITHOUT_CR";
215 break;
216 case WITHOUT_HRR:
217 ret = "WITHOUT_HRR";
218 break;
219 case WITH_PSK:
220 ret = "WITH_PSK";
221 break;
222 case WITH_CCV:
223 ret = "WITH_CCV";
224 break;
225 case WITH_0RTT:
226 ret = "WITH_0RTT";
227 break;
228 default:
229 ret = "UNKNOWN";
230 }
231
232 return ret;
233}
234
235const char *
236mt2str(enum tls13_message_type mt)
237{
238 const char *ret;
239
240 switch (mt) {
241 case INVALID:
242 ret = "INVALID";
243 break;
244 case CLIENT_HELLO:
245 ret = "CLIENT_HELLO";
246 break;
247 case CLIENT_HELLO_RETRY:
248 ret = "CLIENT_HELLO_RETRY";
249 break;
250 case CLIENT_END_OF_EARLY_DATA:
251 ret = "CLIENT_END_OF_EARLY_DATA";
252 break;
253 case CLIENT_CERTIFICATE:
254 ret = "CLIENT_CERTIFICATE";
255 break;
256 case CLIENT_CERTIFICATE_VERIFY:
257 ret = "CLIENT_CERTIFICATE_VERIFY";
258 break;
259 case CLIENT_FINISHED:
260 ret = "CLIENT_FINISHED";
261 break;
262 case SERVER_HELLO:
263 ret = "SERVER_HELLO";
264 break;
265 case SERVER_HELLO_RETRY_REQUEST:
266 ret = "SERVER_HELLO_RETRY_REQUEST";
267 break;
268 case SERVER_ENCRYPTED_EXTENSIONS:
269 ret = "SERVER_ENCRYPTED_EXTENSIONS";
270 break;
271 case SERVER_CERTIFICATE:
272 ret = "SERVER_CERTIFICATE";
273 break;
274 case SERVER_CERTIFICATE_VERIFY:
275 ret = "SERVER_CERTIFICATE_VERIFY";
276 break;
277 case SERVER_CERTIFICATE_REQUEST:
278 ret = "SERVER_CERTIFICATE_REQUEST";
279 break;
280 case SERVER_FINISHED:
281 ret = "SERVER_FINISHED";
282 break;
283 case APPLICATION_DATA:
284 ret = "APPLICATION_DATA";
285 break;
286 case TLS13_NUM_MESSAGE_TYPES:
287 ret = "TLS13_NUM_MESSAGE_TYPES";
288 break;
289 default:
290 ret = "UNKNOWN";
291 break;
292 }
293
294 return ret;
295}
296
297void
298fprint_flags(FILE *stream, uint8_t flags)
299{
300 int first = 1, i;
301
302 if (flags == 0) {
303 fprintf(stream, "%s", flag2str(flags));
304 return;
305 }
306
307 for (i = 0; i < 8; i++) {
308 uint8_t set = flags & (1U << i);
309
310 if (set) {
311 fprintf(stream, "%s%s", first ? "" : " | ",
312 flag2str(set));
313 first = 0;
314 }
315 }
316}
317
318void
319fprint_entry(FILE *stream,
320 enum tls13_message_type path[TLS13_NUM_MESSAGE_TYPES], uint8_t flags)
321{
322 int i;
323
324 fprintf(stream, "\t[");
325 fprint_flags(stream, flags);
326 fprintf(stream, "] = {\n");
327
328 for (i = 0; i < TLS13_NUM_MESSAGE_TYPES; i++) {
329 if (path[i] == 0)
330 break;
331 fprintf(stream, "\t\t%s,\n", mt2str(path[i]));
332 }
333 fprintf(stream, "\t},\n");
334}
335
336void
337edge(enum tls13_message_type start, enum tls13_message_type end,
338 uint8_t flag)
339{
340 printf("\t%s -> %s", mt2str(start), mt2str(end));
341 flag_label(flag);
342 printf(";\n");
343}
344
345void
346flag_label(uint8_t flag)
347{
348 if (flag)
349 printf(" [label=\"%s\"]", flag2str(flag));
350}
351
352void
353forced_edges(enum tls13_message_type start, enum tls13_message_type end,
354 uint8_t forced)
355{
356 uint8_t forced_flag, i;
357
358 if (forced == 0)
359 return;
360
361 for (i = 0; i < 8; i++) {
362 forced_flag = forced & (1U << i);
363 if (forced_flag)
364 edge(start, end, forced_flag);
365 }
366}
367
368int
369generate_graphics(void)
370{
371 enum tls13_message_type start, end;
372 unsigned int child;
373 uint8_t flag;
374 uint8_t forced;
375
376 printf("digraph G {\n");
377 printf("\t%s [shape=box];\n", mt2str(CLIENT_HELLO));
378 printf("\t%s [shape=box];\n", mt2str(APPLICATION_DATA));
379
380 for (start = CLIENT_HELLO; start < APPLICATION_DATA; start++) {
381 for (child = 0; stateinfo[start][child].mt != 0; child++) {
382 end = stateinfo[start][child].mt;
383 flag = stateinfo[start][child].flag;
384 forced = stateinfo[start][child].forced;
385
386 if (forced == 0)
387 edge(start, end, flag);
388 else
389 forced_edges(start, end, forced);
390 }
391 }
392
393 printf("}\n");
394 return 0;
395}
396
397extern enum tls13_message_type handshakes[][TLS13_NUM_MESSAGE_TYPES];
398extern size_t handshake_count;
399
400size_t
401count_handshakes(void)
402{
403 size_t ret = 0, i;
404
405 for (i = 0; i < handshake_count; i++) {
406 if (handshakes[i][0] != INVALID)
407 ret++;
408 }
409
410 return ret;
411}
412
413void
414build_table(enum tls13_message_type table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES],
415 struct child current, struct child end, struct child path[], uint8_t flags,
416 unsigned int depth)
417{
418 unsigned int i;
419
420 if (depth >= TLS13_NUM_MESSAGE_TYPES - 1)
421 errx(1, "recursed too deeply");
422
423 /* Record current node. */
424 path[depth++] = current;
425 flags |= current.flag;
426
427 /* If we haven't reached the end, recurse over the children. */
428 if (current.mt != end.mt) {
429 for (i = 0; stateinfo[current.mt][i].mt != 0; i++) {
430 struct child child = stateinfo[current.mt][i];
431 int forced = stateinfo[current.mt][i].forced;
432 int illegal = stateinfo[current.mt][i].illegal;
433
434 if ((forced == 0 || (forced & flags)) &&
435 (illegal == 0 || !(illegal & flags)))
436 build_table(table, child, end, path, flags,
437 depth);
438 }
439 return;
440 }
441
442 if (flags == 0)
443 errx(1, "path does not set flags");
444
445 if (table[flags][0] != 0)
446 errx(1, "path traversed twice");
447
448 for (i = 0; i < depth; i++)
449 table[flags][i] = path[i].mt;
450}
451
452int
453verify_table(enum tls13_message_type table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES],
454 int print)
455{
456 int success = 1, i;
457 size_t num_valid, num_found = 0;
458 uint8_t flags = 0;
459
460 do {
461 if (table[flags][0] == 0)
462 continue;
463
464 num_found++;
465
466 for (i = 0; i < TLS13_NUM_MESSAGE_TYPES; i++) {
467 if (table[flags][i] != handshakes[flags][i]) {
468 fprintf(stderr,
469 "incorrect entry %d of handshake ", i);
470 fprint_flags(stderr, flags);
471 fprintf(stderr, "\n");
472 success = 0;
473 }
474 }
475
476 if (print)
477 fprint_entry(stdout, table[flags], flags);
478 } while(++flags != 0);
479
480 num_valid = count_handshakes();
481 if (num_valid != num_found) {
482 fprintf(stderr,
483 "incorrect number of handshakes: want %zu, got %zu.\n",
484 num_valid, num_found);
485 success = 0;
486 }
487
488 return success;
489}
490
491void
492usage(void)
493{
494 fprintf(stderr, "usage: handshake_table [-C | -g]\n");
495 exit(1);
496}
497
498int
499main(int argc, char *argv[])
500{
501 static enum tls13_message_type
502 hs_table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES] = {
503 [INITIAL] = {
504 CLIENT_HELLO,
505 SERVER_HELLO_RETRY_REQUEST,
506 CLIENT_HELLO_RETRY,
507 SERVER_HELLO,
508 },
509 };
510 struct child start = {
511 .mt = CLIENT_HELLO,
512 };
513 struct child end = {
514 .mt = APPLICATION_DATA,
515 };
516 struct child path[TLS13_NUM_MESSAGE_TYPES] = {{0}};
517 uint8_t flags = NEGOTIATED;
518 unsigned int depth = 0;
519 int ch, graphviz = 0, print = 0;
520
521 while ((ch = getopt(argc, argv, "Cg")) != -1) {
522 switch (ch) {
523 case 'C':
524 print = 1;
525 break;
526 case 'g':
527 graphviz = 1;
528 break;
529 default:
530 usage();
531 }
532 }
533 argc -= optind;
534 argv += optind;
535
536 if (argc != 0)
537 usage();
538
539 if (graphviz && print)
540 usage();
541
542 if (graphviz)
543 return generate_graphics();
544
545 build_table(hs_table, start, end, path, flags, depth);
546 if (!verify_table(hs_table, print))
547 return 1;
548
549 if (!print)
550 printf("SUCCESS\n");
551
552 return 0;
553}
diff --git a/src/regress/lib/libssl/handshake/valid_handshakes_terminate.c b/src/regress/lib/libssl/handshake/valid_handshakes_terminate.c
deleted file mode 100644
index 5f0e4f2c18..0000000000
--- a/src/regress/lib/libssl/handshake/valid_handshakes_terminate.c
+++ /dev/null
@@ -1,57 +0,0 @@
1/* $OpenBSD: valid_handshakes_terminate.c,v 1.3 2019/04/05 20:25:42 tb Exp $ */
2/*
3 * Copyright (c) 2019 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdio.h>
20
21#include "tls13_handshake.c"
22
23int
24main(int argc, char *argv[])
25{
26 size_t i, j;
27 int terminates;
28 int fail = 0;
29
30 for (i = 1; i < handshake_count; i++) {
31 enum tls13_message_type mt = handshakes[i][0];
32
33 if (mt == INVALID)
34 continue;
35
36 terminates = 0;
37
38 for (j = 0; j < TLS13_NUM_MESSAGE_TYPES; j++) {
39 mt = handshakes[i][j];
40 if (state_machine[mt].handshake_complete) {
41 terminates = 1;
42 break;
43 }
44 }
45
46 if (!terminates) {
47 fail = 1;
48 printf("FAIL: handshake_complete never true in "
49 "handshake %zu\n", i);
50 }
51 }
52
53 if (!fail)
54 printf("SUCCESS\n");
55
56 return fail;
57}
diff --git a/src/regress/lib/libssl/interop/LICENSE b/src/regress/lib/libssl/interop/LICENSE
deleted file mode 100644
index 838e7f45cc..0000000000
--- a/src/regress/lib/libssl/interop/LICENSE
+++ /dev/null
@@ -1,15 +0,0 @@
1/*
2 * Copyright (c) 2018-2019 Alexander Bluhm <bluhm@openbsd.org>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
diff --git a/src/regress/lib/libssl/interop/Makefile b/src/regress/lib/libssl/interop/Makefile
deleted file mode 100644
index 789ff00e7f..0000000000
--- a/src/regress/lib/libssl/interop/Makefile
+++ /dev/null
@@ -1,19 +0,0 @@
1# $OpenBSD: Makefile,v 1.15 2021/08/30 17:34:02 tb Exp $
2
3SUBDIR = libressl openssl openssl11
4
5# the above binaries must have been built before we can continue
6SUBDIR += netcat
7SUBDIR += session
8SUBDIR += botan
9
10# What is below takes a long time.
11# setting REGRESS_SKIP_SLOW to "yes" in mk.conf
12# will skip the tests that do not test libressl
13# but do things like test openssl to openssl11
14SUBDIR += version
15SUBDIR += cipher
16# This takes a really long time.
17SUBDIR += cert
18
19.include <bsd.subdir.mk>
diff --git a/src/regress/lib/libssl/interop/Makefile.inc b/src/regress/lib/libssl/interop/Makefile.inc
deleted file mode 100644
index ed5fe26147..0000000000
--- a/src/regress/lib/libssl/interop/Makefile.inc
+++ /dev/null
@@ -1,90 +0,0 @@
1# $OpenBSD: Makefile.inc,v 1.8 2020/12/17 00:51:11 bluhm Exp $
2
3.PATH: ${.CURDIR}/..
4
5SRCS_client ?= client.c util.c
6SRCS_server ?= server.c util.c
7WARNINGS = yes
8CLEANFILES += *.out *.fstat
9
10.for p in ${PROGS}
11ldd-$p.out: $p
12 # programs must be linked with correct libraries
13 LD_LIBRARY_PATH=${LD_LIBRARY_PATH} ldd $p >$@
14.endfor
15
16client-self.out server-self.out: run-self-client-server
17
18run-self-client-server: client server 127.0.0.1.crt
19 # check that tls client and server work together
20 LD_LIBRARY_PATH=${LD_LIBRARY_PATH} \
21 ./server >server-self.out \
22 127.0.0.1 0
23 LD_LIBRARY_PATH=${LD_LIBRARY_PATH} \
24 ./client >client-self.out \
25 `sed -n 's/listen sock: //p' server-self.out`
26 # check that the client run successfully to the end
27 grep -q '^success$$' client-self.out
28 # client must have read server greeting
29 grep -q '^<<< greeting$$' client-self.out
30 # check that the server child run successfully to the end
31 grep -q '^success$$' server-self.out
32 # server must have read client hello
33 grep -q '^<<< hello$$' server-self.out
34
35# create certificates for TLS
36
37CLEANFILES += 127.0.0.1.{crt,key} \
38 ca.{crt,key,srl} fake-ca.{crt,key} \
39 {client,server}.{req,crt,key} \
40 {dsa,ec,gost,rsa}.{key,req,crt} \
41 dh.param
42
43127.0.0.1.crt:
44 openssl req -batch -new \
45 -subj /L=OpenBSD/O=tls-regress/OU=server/CN=${@:R}/ \
46 -nodes -newkey rsa -keyout ${@:R}.key -x509 -out $@
47
48ca.crt fake-ca.crt:
49 openssl req -batch -new \
50 -subj /L=OpenBSD/O=tls-regress/OU=ca/CN=root/ \
51 -nodes -newkey rsa -keyout ${@:R}.key -x509 -out $@
52
53client.req server.req:
54 openssl req -batch -new \
55 -subj /L=OpenBSD/O=tls-regress/OU=${@:R}/CN=localhost/ \
56 -nodes -newkey rsa -keyout ${@:R}.key -out $@
57
58client.crt server.crt: ca.crt ${@:R}.req
59 openssl x509 -CAcreateserial -CAkey ca.key -CA ca.crt \
60 -req -in ${@:R}.req -out $@
61
62dh.param:
63 openssl dhparam -out $@ 1024
64
65dsa.key:
66 openssl dsaparam -genkey -out $@ 2048
67
68ec.key:
69 openssl ecparam -genkey -name secp256r1 -out $@
70
71gost.key:
72 openssl genpkey -algorithm gost2001 \
73 -pkeyopt paramset:A -pkeyopt dgst:md_gost94 -out $@
74
75rsa.key:
76 openssl genrsa -out $@ 2048
77
78dsa.req ec.req rsa.req: ${@:R}.key
79 openssl req -batch -new \
80 -subj /L=OpenBSD/O=tls-regress/OU=${@:R}/CN=localhost/ \
81 -nodes -key ${@:R}.key -out $@
82
83gost.req: ${@:R}.key
84 openssl req -batch -new -md_gost94 \
85 -subj /L=OpenBSD/O=tls-regress/OU=${@:R}/CN=localhost/ \
86 -nodes -key ${@:R}.key -out $@
87
88dsa.crt ec.crt gost.crt rsa.crt: ca.crt ${@:R}.req
89 openssl x509 -CAcreateserial -CAkey ca.key -CA ca.crt \
90 -req -in ${@:R}.req -out $@
diff --git a/src/regress/lib/libssl/interop/README b/src/regress/lib/libssl/interop/README
deleted file mode 100644
index 54910e554d..0000000000
--- a/src/regress/lib/libssl/interop/README
+++ /dev/null
@@ -1,22 +0,0 @@
1Test TLS interoperability between LibreSSL and OpenSSL.
2
3Implement simple SSL client and server in C. Create six binaries
4by linking them with LibreSSL or OpenSSL 1.0.2 or OpenSSL 1.1. This
5way API compatibility is tested.
6
7To self test each SSL library, connect client with server. Check
8that the highest available TLS version is selected. LibreSSL TLS
91.3 check has to be enabled when the feature becomes available.
10
11Currently OpenSSL 1.0.2p and OpenSSL 1.1.1 from ports are used. As
12soon as LibreSSL supports TLS 1.3, it should be used automatically
13when netcat is communicating with OpenSSL 1.1.
14
15Connect and accept with netcat to test protocol compatibility with
16libtls. Test TLS session reuse multiple times with different library
17combinations. The cert subdir is testing all combinations of
18certificate validation. Having the three libraries, client and
19server certificates, missing or invalid CA or certificates, and
20enforcing peer certificate results in 1944 test cases. The cipher
21test establishes connections between implementations for each
22supported cipher.
diff --git a/src/regress/lib/libssl/interop/botan/Makefile b/src/regress/lib/libssl/interop/botan/Makefile
deleted file mode 100644
index ea9517dc6d..0000000000
--- a/src/regress/lib/libssl/interop/botan/Makefile
+++ /dev/null
@@ -1,84 +0,0 @@
1# $OpenBSD: Makefile,v 1.5 2021/12/02 17:10:53 kn Exp $
2
3.include <bsd.own.mk>
4
5.if ! exists(/usr/local/bin/botan)
6regress:
7 # install botan2 from ports for interop tests
8 @echo 'Run "pkg_add botan2" to run tests against Botan 2'
9 @echo SKIPPED
10.elif (${COMPILER_VERSION:L} != "clang" && ! exists(/usr/local/bin/eg++))
11regress:
12 # on gcc-archs install g++ from ports for botan2 interop tests
13 @echo 'Run "pkg_add g++" to run tests against Botan 2 on GCC architectures'
14 @echo SKIPPED
15.else
16
17# C++11
18.if ${COMPILER_VERSION:L} != "clang" && ${CXX} == "c++"
19CXX = /usr/local/bin/eg++
20.endif
21
22LIBRARIES = libressl
23.if exists(/usr/local/bin/eopenssl)
24LIBRARIES += openssl
25.endif
26.if exists(/usr/local/bin/eopenssl11)
27LIBRARIES += openssl11
28.endif
29
30PROGS = client
31SRCS_client = client.cpp
32CXXFLAGS = -I/usr/local/include/botan-2 -Wall
33LDFLAGS = -L/usr/local/lib
34LDADD = -lbotan-2
35DPADD = /usr/local/lib/libbotan-2.a
36
37.for lib in ${LIBRARIES}
38
39REGRESS_TARGETS += run-client-botan-server-${lib}
40
41run-client-botan-server-${lib}: client server.crt
42 LD_LIBRARY_PATH=/usr/local/lib/e${lib} \
43 ../${lib}/server >server-${lib}.out \
44 -c server.crt -k server.key \
45 127.0.0.1 0
46 ./client >client-botan.out \
47 -C ca.crt \
48 127.0.0.1 \
49 `sed -n 's/listen sock: 127.0.0.1 //p' server-${lib}.out`
50 # check that the server child run successfully to the end
51 grep -q '^success$$' server-${lib}.out || \
52 { sleep 1; grep -q '^success$$' server-${lib}.out; }
53 # server must have read client hello
54 grep -q '^<<< hello$$' server-${lib}.out
55 # check that the client run successfully to the end
56 grep -q '^success$$' client-botan.out
57 # client must have read server greeting
58 grep -q '^<<< greeting$$' client-botan.out
59 # currently botan supports TLS 1.2, adapt later
60 grep -q ' Protocol *: TLSv1.2$$' server-${lib}.out
61
62.endfor
63
64server.key ca.key:
65 /usr/local/bin/botan keygen >$@.tmp
66 mv $@.tmp $@
67
68ca.crt: ${@:R}.key
69 /usr/local/bin/botan gen_self_signed ${@:R}.key ${@:R} >$@.tmp \
70 --organization=tls-regress --ca
71 mv $@.tmp $@
72
73server.req: ${@:R}.key
74 /usr/local/bin/botan gen_pkcs10 ${@:R}.key localhost >$@.tmp \
75 --organization=tls-regress --dns=127.0.0.1
76 mv $@.tmp $@
77
78server.crt: ca.crt ${@:R}.req
79 /usr/local/bin/botan sign_cert ca.crt ca.key ${@:R}.req >$@.tmp
80 mv $@.tmp $@
81
82.endif # exists(/usr/local/bin/botan)
83
84.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/botan/client.cpp b/src/regress/lib/libssl/interop/botan/client.cpp
deleted file mode 100644
index 2352d7bba2..0000000000
--- a/src/regress/lib/libssl/interop/botan/client.cpp
+++ /dev/null
@@ -1,228 +0,0 @@
1/* $OpenBSD: client.cpp,v 1.1 2020/09/15 01:45:16 bluhm Exp $ */
2/*
3 * Copyright (c) 2019-2020 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <sys/types.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <netdb.h>
23#include <unistd.h>
24
25#include <botan/tls_client.h>
26#include <botan/tls_callbacks.h>
27#include <botan/tls_session_manager.h>
28#include <botan/tls_policy.h>
29#include <botan/auto_rng.h>
30#include <botan/certstor.h>
31
32#include <iostream>
33#include <string>
34using namespace std;
35
36class Callbacks : public Botan::TLS::Callbacks {
37public:
38 Callbacks(int socket) :
39 m_socket(socket)
40 {}
41
42 void print_sockname()
43 {
44 struct sockaddr_storage ss;
45 char host[NI_MAXHOST], port[NI_MAXSERV];
46 socklen_t slen;
47
48 slen = sizeof(ss);
49 if (getsockname(m_socket, (struct sockaddr *)&ss, &slen) == -1)
50 err(1, "getsockname");
51 if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host,
52 sizeof(host), port, sizeof(port),
53 NI_NUMERICHOST | NI_NUMERICSERV))
54 errx(1, "getnameinfo");
55 cout <<"sock: " <<host <<" " <<port <<endl <<flush;
56 }
57
58 void print_peername()
59 {
60 struct sockaddr_storage ss;
61 char host[NI_MAXHOST], port[NI_MAXSERV];
62 socklen_t slen;
63
64 slen = sizeof(ss);
65 if (getpeername(m_socket, (struct sockaddr *)&ss, &slen) == -1)
66 err(1, "getpeername");
67 if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host,
68 sizeof(host), port, sizeof(port),
69 NI_NUMERICHOST | NI_NUMERICSERV))
70 errx(1, "getnameinfo");
71 cout <<"peer: " <<host <<" " <<port <<endl <<flush;
72 }
73
74 void tls_emit_data(const uint8_t data[], size_t size) override
75 {
76 size_t off = 0, len = size;
77
78 while (len > 0) {
79 ssize_t n;
80
81 n = send(m_socket, data + off, len, 0);
82 if (n < 0)
83 err(1, "send");
84 off += n;
85 len -= n;
86 }
87 }
88
89 void tls_record_received(uint64_t seq_no, const uint8_t data[],
90 size_t size) override
91 {
92 cout <<"<<< " <<string((const char *)data, size) <<flush;
93
94 string str("hello\n");
95 cout <<">>> " <<str <<flush;
96 m_channel->send(str);
97 m_channel->close();
98 }
99
100 void tls_alert(Botan::TLS::Alert alert) override
101 {
102 errx(1, "alert: %s", alert.type_string().c_str());
103 }
104
105 bool tls_session_established(const Botan::TLS::Session& session)
106 override
107 {
108 cout <<"established" <<endl <<flush;
109 return false;
110 }
111
112 void set_channel(Botan::TLS::Channel &channel) {
113 m_channel = &channel;
114 }
115
116protected:
117 int m_socket = -1;
118 Botan::TLS::Channel *m_channel = nullptr;
119};
120
121class Credentials : public Botan::Credentials_Manager {
122public:
123 std::vector<Botan::Certificate_Store*> trusted_certificate_authorities(
124 const std::string &type, const std::string &context)
125 override
126 {
127 std::vector<Botan::Certificate_Store*> cs { &m_ca };
128 return cs;
129 }
130
131 void add_certificate_file(const std::string &file) {
132 Botan::X509_Certificate cert(file);
133 m_ca.add_certificate(cert);
134 }
135private:
136 Botan::Certificate_Store_In_Memory m_ca;
137};
138
139class Policy : public Botan::TLS::Strict_Policy {
140public:
141 bool require_cert_revocation_info() const override {
142 return false;
143 }
144};
145
146void __dead
147usage(void)
148{
149 fprintf(stderr, "usage: client [-C CA] host port\n");
150 exit(2);
151}
152
153int
154main(int argc, char *argv[])
155{
156 struct addrinfo hints, *res;
157 int ch, s, error;
158 char buf[256];
159 char *cafile = NULL;
160 char *host, *port;
161
162 while ((ch = getopt(argc, argv, "C:")) != -1) {
163 switch (ch) {
164 case 'C':
165 cafile = optarg;
166 break;
167 default:
168 usage();
169 }
170 }
171 argc -= optind;
172 argv += optind;
173 if (argc == 2) {
174 host = argv[0];
175 port = argv[1];
176 } else {
177 usage();
178 }
179
180 memset(&hints, 0, sizeof(hints));
181 hints.ai_family = AF_INET;
182 hints.ai_socktype = SOCK_STREAM;
183 error = getaddrinfo(host, port, &hints, &res);
184 if (error)
185 errx(1, "getaddrinfo: %s", gai_strerror(error));
186 if (res == NULL)
187 errx(1, "getaddrinfo empty");
188 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
189 if (s == -1)
190 err(1, "socket");
191 if (connect(s, res->ai_addr, res->ai_addrlen) == -1)
192 err(1, "connect");
193 freeaddrinfo(res);
194
195 {
196 Callbacks callbacks(s);
197 Botan::AutoSeeded_RNG rng;
198 Botan::TLS::Session_Manager_In_Memory session_mgr(rng);
199 Credentials creds;
200 if (cafile != NULL)
201 creds.add_certificate_file(cafile);
202 Policy policy;
203
204 callbacks.print_sockname();
205 callbacks.print_peername();
206 Botan::TLS::Client client(callbacks, session_mgr, creds,
207 policy, rng);
208 callbacks.set_channel(client);
209
210 while (!client.is_closed()) {
211 ssize_t n;
212
213 n = recv(s, buf, sizeof(buf), 0);
214 if (n < 0)
215 err(1, "recv");
216 if (n == 0)
217 errx(1, "eof");
218 client.received_data((uint8_t *)&buf, n);
219 }
220 }
221
222 if (close(s) == -1)
223 err(1, "close");
224
225 cout <<"success" <<endl;
226
227 return 0;
228}
diff --git a/src/regress/lib/libssl/interop/cert/Makefile b/src/regress/lib/libssl/interop/cert/Makefile
deleted file mode 100644
index 6698975d7e..0000000000
--- a/src/regress/lib/libssl/interop/cert/Makefile
+++ /dev/null
@@ -1,91 +0,0 @@
1# $OpenBSD: Makefile,v 1.7 2021/09/03 11:58:24 bluhm Exp $
2
3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.0.2, or openssl 1.1. Create client and server certificates
5# that are signed by a CA and not signed by a fake CA. Try all
6# combinations with, without, and with wrong CA for client and server
7# and check the result of certificate verification.
8
9LIBRARIES = libressl
10.if exists(/usr/local/bin/eopenssl)
11LIBRARIES += openssl
12.endif
13.if exists(/usr/local/bin/eopenssl11)
14LIBRARIES += openssl11
15.endif
16
17.for cca in noca ca fakeca
18.for sca in noca ca fakeca
19.for ccert in nocert cert
20.for scert in nocert cert
21.for cv in noverify verify
22.for sv in noverify verify certverify
23
24# remember when certificate verification should fail
25.if (("${cv}" == verify && "${cca}" == ca && "${scert}" == cert) || \
26 "${cv}" == noverify) && \
27 (("${sv}" == verify && "${ccert}" == nocert) || \
28 ("${sv}" == verify && "${sca}" == ca && "${ccert}" == cert) || \
29 ("${sv}" == certverify && "${sca}" == ca && "${ccert}" == cert) || \
30 "${sv}" == noverify)
31FAIL_${cca}_${sca}_${ccert}_${scert}_${cv}_${sv} =
32.else
33FAIL_${cca}_${sca}_${ccert}_${scert}_${cv}_${sv} = !
34.endif
35
36.for clib in ${LIBRARIES}
37.for slib in ${LIBRARIES}
38
39.if ("${clib}" == "libressl" || "${slib}" == "libressl")
40REGRESS_TARGETS += run-cert-client-${clib}-${cca}-${ccert}-${cv}-server-${slib}-${sca}-${scert}-${sv}
41.else
42REGRESS_SLOW_TARGETS += run-cert-client-${clib}-${cca}-${ccert}-${cv}-server-${slib}-${sca}-${scert}-${sv}
43.endif
44
45run-cert-client-${clib}-${cca}-${ccert}-${cv}-server-${slib}-${sca}-${scert}-${sv}: \
46 127.0.0.1.crt ca.crt fake-ca.crt client.crt server.crt \
47 ../${clib}/client ../${slib}/server
48 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
49 ../${slib}/server >${@:S/^run/server/}.out \
50 ${sca:S/^noca//:S/^fakeca/-C fake-ca.crt/:S/^ca/-C ca.crt/} \
51 ${scert:S/^nocert//:S/^cert/-c server.crt -k server.key/} \
52 ${sv:S/^noverify//:S/^verify/-v/:S/^certverify/-vv/} \
53 127.0.0.1 0
54 ${FAIL_${cca}_${sca}_${ccert}_${scert}_${cv}_${sv}} \
55 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
56 ../${clib}/client >${@:S/^run/client/}.out \
57 ${cca:S/^noca//:S/^fakeca/-C fake-ca.crt/:S/^ca/-C ca.crt/} \
58 ${ccert:S/^nocert//:S/^cert/-c server.crt -k server.key/} \
59 ${cv:S/^noverify//:S/^verify/-v/} \
60 `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
61.if empty(${FAIL_${cca}_${sca}_${ccert}_${scert}_${cv}_${sv}})
62 grep '^success$$' ${@:S/^run/server/}.out || \
63 { sleep 1; grep '^success$$' ${@:S/^run/server/}.out; }
64 grep '^success$$' ${@:S/^run/client/}.out
65.elif ! ("${sv}" == certverify && "${ccert}" == nocert) || \
66 ("${cv}" == verify && "${scert}" != cert)
67 grep '^verify: fail' ${@:S/^run/client/}.out ${@:S/^run/server/}.out
68.endif
69
70.endfor
71.endfor
72.endfor
73.endfor
74.endfor
75.endfor
76.endfor
77.endfor
78
79REGRESS_TARGETS += run-bob
80run-bob:
81 @echo Bob, be happy! Tests finished.
82
83# argument list too long for a single rm *
84
85clean: _SUBDIRUSE
86 rm -f client-*.out
87 rm -f server-*.out
88 rm -f a.out [Ee]rrs mklog *.core y.tab.h \
89 ${PROG} ${PROGS} ${OBJS} ${_LEXINTM} ${_YACCINTM} ${CLEANFILES}
90
91.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/cipher/Makefile b/src/regress/lib/libssl/interop/cipher/Makefile
deleted file mode 100644
index bfe8cfea7a..0000000000
--- a/src/regress/lib/libssl/interop/cipher/Makefile
+++ /dev/null
@@ -1,169 +0,0 @@
1# $OpenBSD: Makefile,v 1.9 2022/02/05 18:34:06 tb Exp $
2
3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.0.2, or openssl 1.1. Create lists of supported ciphers
5# and pin client and server to one of the ciphers. Use server
6# certificate with compatible type. Check that client and server
7# have used correct cipher by grepping in their session print out.
8
9run-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl \
10run-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl \
11client-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl.out \
12client-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl.out \
13server-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl.out \
14server-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl.out \
15check-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl \
16check-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl:
17 # gost does not work with libressl TLS 1.3 right now
18 @echo DISABLED
19
20LIBRARIES = libressl
21.if exists(/usr/local/bin/eopenssl)
22LIBRARIES += openssl
23.endif
24.if exists(/usr/local/bin/eopenssl11)
25LIBRARIES += openssl11
26.endif
27
28CLEANFILES = *.tmp *.ciphers ciphers.mk
29
30.for clib in ${LIBRARIES}
31client-${clib}.ciphers:
32 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
33 ../${clib}/client -l ALL -L >$@.tmp
34 sed -n 's/^cipher //p' <$@.tmp | sort -u >$@
35 rm $@.tmp
36.endfor
37.for slib in ${LIBRARIES}
38server-${slib}.ciphers: 127.0.0.1.crt dsa.crt ec.crt rsa.crt
39 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
40 ../${slib}/server -l ALL -L >$@.tmp
41 sed -n 's/^cipher //p' <$@.tmp | sort -u >$@
42 rm $@.tmp
43.endfor
44
45.for clib in ${LIBRARIES}
46.for slib in ${LIBRARIES}
47ciphers.mk: client-${clib}-server-${slib}.ciphers
48client-${clib}-server-${slib}.ciphers: \
49 client-${clib}.ciphers server-${slib}.ciphers client-libressl.ciphers
50 # get ciphers shared between client and server
51 sort client-${clib}.ciphers server-${slib}.ciphers >$@.tmp
52 uniq -d <$@.tmp >$@
53 # we are only interested in ciphers supported by libressl
54 sort $@ client-libressl.ciphers >$@.tmp
55. if "${clib}" == "openssl11" || "${slib}" == "openssl11"
56 # OpenSSL 1.1's SSL_CTX_set_cipher_list doesn't accept TLSv1.3 ciphers
57 sed -i '/^TLS_/d' $@.tmp
58. endif
59 uniq -d <$@.tmp >$@
60 rm $@.tmp
61.endfor
62.endfor
63
64ciphers.mk:
65 rm -f $@ $@.tmp
66.for clib in ${LIBRARIES}
67.for slib in ${LIBRARIES}
68 echo 'CIPHERS_${clib}_${slib} =' >>$@.tmp \
69 `cat client-${clib}-server-${slib}.ciphers`
70.endfor
71.endfor
72 mv $@.tmp $@
73
74# hack to convert generated lists into usable make variables
75.if exists(ciphers.mk)
76.include "ciphers.mk"
77.else
78regress: ciphers.mk
79 ${MAKE} -C ${.CURDIR} regress
80.endif
81
82LEVEL_libressl =
83LEVEL_openssl =
84LEVEL_openssl11 = ,@SECLEVEL=0
85
86.for clib in ${LIBRARIES}
87.for slib in ${LIBRARIES}
88.for cipher in ${CIPHERS_${clib}_${slib}}
89
90.if "${cipher:M*-DSS-*}" != ""
91TYPE_${cipher} = dsa
92.elif "${cipher:M*-ECDSA-*}" != ""
93TYPE_${cipher} = ec
94.elif "${cipher:M*-GOST89-*}" != ""
95TYPE_${cipher} = gost
96.elif "${cipher:M*-RSA-*}" != ""
97TYPE_${cipher} = rsa
98.else
99TYPE_${cipher} = 127.0.0.1
100.endif
101
102.if "${slib}" == "openssl" && \
103 "${cipher:MADH-*}${cipher:MEDH-*}${cipher:MDHE-*}" != ""
104DHPARAM_${cipher}_${slib} = -p dh.param
105.else
106DHPARAM_${cipher}_${slib} =
107.endif
108
109.if ("${clib}" == "libressl" || "${slib}" == "libressl")
110REGRESS_TARGETS += run-cipher-${cipher}-client-${clib}-server-${slib}
111.else
112REGRESS_SLOW_TARGETS += run-cipher-${cipher}-client-${clib}-server-${slib}
113.endif
114run-cipher-${cipher}-client-${clib}-server-${slib} \
115client-cipher-${cipher}-client-${clib}-server-${slib}.out \
116server-cipher-${cipher}-client-${clib}-server-${slib}.out: dh.param \
117 127.0.0.1.crt ${TYPE_${cipher}}.crt ../${clib}/client ../${slib}/server
118 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
119 ../${slib}/server >${@:S/^run/server/}.out \
120 -c ${TYPE_${cipher}}.crt -k ${TYPE_${cipher}}.key \
121 -l ${cipher}${LEVEL_${slib}} ${DHPARAM_${cipher}_${slib}} \
122 127.0.0.1 0
123 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
124 ../${clib}/client >${@:S/^run/client/}.out \
125 -l ${cipher}${LEVEL_${clib}} \
126 `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
127 grep -q '^success$$' ${@:S/^run/server/}.out || \
128 { sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; }
129 grep -q '^success$$' ${@:S/^run/client/}.out
130
131.if ("${clib}" == "libressl" || "${slib}" == "libressl")
132REGRESS_TARGETS += check-cipher-${cipher}-client-${clib}-server-${slib}
133.else
134REGRESS_SLOW_TARGETS += check-cipher-${cipher}-client-${clib}-server-${slib}
135.endif
136check-cipher-${cipher}-client-${clib}-server-${slib}: \
137 client-cipher-${cipher}-client-${clib}-server-${slib}.out \
138 server-cipher-${cipher}-client-${clib}-server-${slib}.out
139.if "${clib}" != "openssl" && "${slib}" != "openssl" && \
140 "${cipher:C/TLS_(AES.*_GCM|CHACHA.*_POLY.*)_SHA.*/TLS1_3/}" != TLS1_3
141 # client and server 1.3 capable, not TLS 1.3 cipher
142. if "${clib}" == "libressl"
143 # libressl client may prefer chacha-poly if aes-ni is not supported
144 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/client/}.out
145. else
146 # openssl 1.1 generic client cipher
147 grep -q ' Cipher *: TLS_AES_256_GCM_SHA384$$' ${@:S/^check/client/}.out
148. endif
149. if "${clib}" == "libressl"
150 # libressl client may prefer chacha-poly if aes-ni is not supported
151. if "${slib}" == "openssl11"
152 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out
153. else
154 egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out
155. endif
156. else
157 # generic server cipher
158 grep -q ' Cipher *: TLS_AES_256_GCM_SHA384$$' ${@:S/^check/server/}.out
159. endif
160.else
161 grep -q ' Cipher *: ${cipher}$$' ${@:S/^check/client/}.out
162 grep -q ' Cipher *: ${cipher}$$' ${@:S/^check/server/}.out
163.endif
164
165.endfor
166.endfor
167.endfor
168
169.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/client.c b/src/regress/lib/libssl/interop/client.c
deleted file mode 100644
index 31a960381e..0000000000
--- a/src/regress/lib/libssl/interop/client.c
+++ /dev/null
@@ -1,285 +0,0 @@
1/* $OpenBSD: client.c,v 1.11 2022/07/07 13:12:57 tb Exp $ */
2/*
3 * Copyright (c) 2018-2019 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <sys/types.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <netdb.h>
23#include <stdio.h>
24#include <string.h>
25#include <unistd.h>
26
27#include <openssl/err.h>
28#include <openssl/ssl.h>
29
30#include "util.h"
31
32void __dead usage(void);
33
34void __dead
35usage(void)
36{
37 fprintf(stderr, "usage: client [-Lsv] [-C CA] [-c crt -k key] "
38 "[-l ciphers] [-V version] host port\n");
39 exit(2);
40}
41
42int
43main(int argc, char *argv[])
44{
45 const SSL_METHOD *method;
46 SSL_CTX *ctx;
47 SSL *ssl;
48 BIO *bio;
49 SSL_SESSION *session = NULL;
50 int ch, error, listciphers = 0, sessionreuse = 0, verify = 0;
51 int version = 0;
52 char buf[256];
53 char *ca = NULL, *crt = NULL, *key = NULL, *ciphers = NULL;
54 char *host_port, *host = "127.0.0.1", *port = "0";
55
56 while ((ch = getopt(argc, argv, "C:c:k:Ll:p:sV:v")) != -1) {
57 switch (ch) {
58 case 'C':
59 ca = optarg;
60 break;
61 case 'c':
62 crt = optarg;
63 break;
64 case 'k':
65 key = optarg;
66 break;
67 case 'L':
68 listciphers = 1;
69 break;
70 case 'l':
71 ciphers = optarg;
72 break;
73 case 's':
74 /* multiple reueses are possible */
75 sessionreuse++;
76 break;
77 case 'V':
78 if (strcmp(optarg, "TLS1") == 0) {
79 version = TLS1_VERSION;
80 } else if (strcmp(optarg, "TLS1_1") == 0) {
81 version = TLS1_1_VERSION;
82 } else if (strcmp(optarg, "TLS1_2") == 0) {
83 version = TLS1_2_VERSION;
84#ifdef TLS1_3_VERSION
85 } else if (strcmp(optarg, "TLS1_3") == 0) {
86 version = TLS1_3_VERSION;
87#endif
88 } else {
89 errx(1, "unknown protocol version: %s", optarg);
90 }
91 break;
92 case 'v':
93 verify = 1;
94 break;
95 default:
96 usage();
97 }
98 }
99 argc -= optind;
100 argv += optind;
101 if (argc == 2) {
102 host = argv[0];
103 port = argv[1];
104 } else if (!listciphers) {
105 usage();
106 }
107 if (asprintf(&host_port, strchr(host, ':') ? "[%s]:%s" : "%s:%s",
108 host, port) == -1)
109 err(1, "asprintf host port");
110 if ((crt == NULL && key != NULL) || (crt != NULL && key == NULL))
111 errx(1, "certificate and private key must be used together");
112
113 SSL_library_init();
114 SSL_load_error_strings();
115 print_version();
116
117 /* setup method and context */
118#if OPENSSL_VERSION_NUMBER >= 0x1010000f
119 method = TLS_client_method();
120 if (method == NULL)
121 err_ssl(1, "TLS_client_method");
122#else
123 switch (version) {
124 case TLS1_VERSION:
125 method = TLSv1_client_method();
126 break;
127 case TLS1_1_VERSION:
128 method = TLSv1_1_client_method();
129 break;
130 case TLS1_2_VERSION:
131 method = TLSv1_2_client_method();
132 break;
133#ifdef TLS1_3_VERSION
134 case TLS1_3_VERSION:
135 err(1, "TLS1_3 not supported");
136#endif
137 default:
138 method = SSLv23_client_method();
139 break;
140 }
141 if (method == NULL)
142 err_ssl(1, "SSLv23_client_method");
143#endif
144 ctx = SSL_CTX_new(method);
145 if (ctx == NULL)
146 err_ssl(1, "SSL_CTX_new");
147
148#if OPENSSL_VERSION_NUMBER >= 0x1010000f
149 if (version) {
150 if (SSL_CTX_set_min_proto_version(ctx, version) != 1)
151 err_ssl(1, "SSL_CTX_set_min_proto_version");
152 if (SSL_CTX_set_max_proto_version(ctx, version) != 1)
153 err_ssl(1, "SSL_CTX_set_max_proto_version");
154 }
155#endif
156
157 /* load client certificate */
158 if (crt != NULL) {
159 if (SSL_CTX_use_certificate_file(ctx, crt,
160 SSL_FILETYPE_PEM) <= 0)
161 err_ssl(1, "SSL_CTX_use_certificate_file");
162 if (SSL_CTX_use_PrivateKey_file(ctx, key,
163 SSL_FILETYPE_PEM) <= 0)
164 err_ssl(1, "SSL_CTX_use_PrivateKey_file");
165 if (SSL_CTX_check_private_key(ctx) <= 0)
166 err_ssl(1, "SSL_CTX_check_private_key");
167 }
168
169 /* verify server certificate */
170 if (ca != NULL) {
171 if (SSL_CTX_load_verify_locations(ctx, ca, NULL) <= 0)
172 err_ssl(1, "SSL_CTX_load_verify_locations");
173 }
174 SSL_CTX_set_verify(ctx, verify ? SSL_VERIFY_PEER : SSL_VERIFY_NONE,
175 verify_callback);
176
177 if (sessionreuse) {
178 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT);
179 }
180
181 if (ciphers) {
182 if (SSL_CTX_set_cipher_list(ctx, ciphers) <= 0)
183 err_ssl(1, "SSL_CTX_set_cipher_list");
184 }
185
186 if (listciphers) {
187 STACK_OF(SSL_CIPHER) *supported_ciphers;
188
189#if OPENSSL_VERSION_NUMBER < 0x1010000f
190#define SSL_get1_supported_ciphers SSL_get_ciphers
191#endif
192 ssl = SSL_new(ctx);
193 if (ssl == NULL)
194 err_ssl(1, "SSL_new");
195 supported_ciphers = SSL_get1_supported_ciphers(ssl);
196 if (supported_ciphers == NULL)
197 err_ssl(1, "SSL_get1_supported_ciphers");
198 print_ciphers(supported_ciphers);
199
200#if OPENSSL_VERSION_NUMBER >= 0x1010000f
201 sk_SSL_CIPHER_free(supported_ciphers);
202#endif
203 return 0;
204 }
205
206 do {
207 /* setup bio for socket operations */
208 bio = BIO_new_connect(host_port);
209 if (bio == NULL)
210 err_ssl(1, "BIO_new_connect");
211
212 /* connect */
213 if (BIO_do_connect(bio) <= 0)
214 err_ssl(1, "BIO_do_connect");
215 printf("connect ");
216 print_sockname(bio);
217 printf("connect ");
218 print_peername(bio);
219
220 /* do ssl client handshake */
221 ssl = SSL_new(ctx);
222 if (ssl == NULL)
223 err_ssl(1, "SSL_new");
224 SSL_set_bio(ssl, bio, bio);
225 /* resuse session if possible */
226 if (session != NULL) {
227 if (SSL_set_session(ssl, session) <= 0)
228 err_ssl(1, "SSL_set_session");
229 }
230 if ((error = SSL_connect(ssl)) <= 0)
231 err_ssl(1, "SSL_connect %d", error);
232 printf("session %d: %s\n", sessionreuse,
233 SSL_session_reused(ssl) ? "reuse" : "new");
234 if (fflush(stdout) != 0)
235 err(1, "fflush stdout");
236
237 /* print session statistics */
238 if (sessionreuse) {
239 session = SSL_get1_session(ssl);
240 if (session == NULL)
241 err_ssl(1, "SSL1_get_session");
242 } else {
243 session = SSL_get_session(ssl);
244 if (session == NULL)
245 err_ssl(1, "SSL_get_session");
246 }
247 if (SSL_SESSION_print_fp(stdout, session) <= 0)
248 err_ssl(1, "SSL_SESSION_print_fp");
249
250 /* read server greeting and write client hello over TLS */
251 if ((error = SSL_read(ssl, buf, 9)) <= 0)
252 err_ssl(1, "SSL_read %d", error);
253 if (error != 9)
254 errx(1, "read not 9 bytes greeting: %d", error);
255 buf[9] = '\0';
256 printf("<<< %s", buf);
257 if (fflush(stdout) != 0)
258 err(1, "fflush stdout");
259 strlcpy(buf, "hello\n", sizeof(buf));
260 printf(">>> %s", buf);
261 if (fflush(stdout) != 0)
262 err(1, "fflush stdout");
263 if ((error = SSL_write(ssl, buf, 6)) <= 0)
264 err_ssl(1, "SSL_write %d", error);
265 if (error != 6)
266 errx(1, "write not 6 bytes hello: %d", error);
267
268 /* shutdown connection */
269 if ((error = SSL_shutdown(ssl)) < 0)
270 err_ssl(1, "SSL_shutdown unidirectional %d", error);
271 if (error <= 0) {
272 if ((error = SSL_shutdown(ssl)) <= 0)
273 err_ssl(1, "SSL_shutdown bidirectional %d",
274 error);
275 }
276
277 SSL_free(ssl);
278 } while (sessionreuse--);
279
280 SSL_CTX_free(ctx);
281
282 printf("success\n");
283
284 return 0;
285}
diff --git a/src/regress/lib/libssl/interop/libressl/Makefile b/src/regress/lib/libssl/interop/libressl/Makefile
deleted file mode 100644
index d8e20ca122..0000000000
--- a/src/regress/lib/libssl/interop/libressl/Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
1# $OpenBSD: Makefile,v 1.9 2020/12/25 10:50:08 tb Exp $
2
3PROGS = client server
4CFLAGS += -DLIBRESSL_HAS_TLS1_3
5CPPFLAGS +=
6LDFLAGS +=
7LDADD += -lssl -lcrypto
8DPADD += ${LIBSSL} ${LIBCRYPTO}
9LD_LIBRARY_PATH =
10REGRESS_TARGETS = run-self-client-server
11.for p in ${PROGS}
12REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
13.endfor
14
15.for p in ${PROGS}
16
17run-ldd-$p: ldd-$p.out
18 # check that $p is linked with LibreSSL
19 grep -q /usr/lib/libcrypto.so ldd-$p.out
20 grep -q /usr/lib/libssl.so ldd-$p.out
21 # check that $p is not linked with OpenSSL
22 ! grep /usr/local/lib/ ldd-$p.out
23
24run-version-$p: $p-self.out
25 # check that runtime version is LibreSSL
26 grep 'SSLEAY_VERSION: LibreSSL' $p-self.out
27
28run-protocol-$p: $p-self.out
29 # check that LibreSSL protocol version is TLS 1.3
30 grep 'Protocol *: TLSv1.3' $p-self.out
31
32.endfor
33
34.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/netcat/Makefile b/src/regress/lib/libssl/interop/netcat/Makefile
deleted file mode 100644
index f337d4aae8..0000000000
--- a/src/regress/lib/libssl/interop/netcat/Makefile
+++ /dev/null
@@ -1,84 +0,0 @@
1# $OpenBSD: Makefile,v 1.5 2020/12/17 00:51:11 bluhm Exp $
2
3LIBRARIES = libressl
4.if exists(/usr/local/bin/eopenssl)
5LIBRARIES += openssl
6.endif
7.if exists(/usr/local/bin/eopenssl11)
8LIBRARIES += openssl11
9.endif
10
11# run netcat server and connect with test client
12
13.for clib in ${LIBRARIES}
14
15REGRESS_TARGETS += run-netcat-client-${clib}-server-nc
16REGRESS_TARGETS += run-protocol-client-${clib}
17
18run-netcat-client-${clib}-server-nc: ../${clib}/client 127.0.0.1.crt
19 echo "greeting" | \
20 nc >${@:S/^run/server/}.out \
21 -l -c -C 127.0.0.1.crt -K 127.0.0.1.key \
22 127.0.0.1 0 & \
23 for i in `jot 1000`; do fstat -p $$! >netcat.fstat; \
24 grep -q ' stream tcp .*:[1-9][0-9]*$$' netcat.fstat && \
25 exit 0; done; exit 1
26 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
27 ../${clib}/client >${@:S/^run/client/}.out \
28 `sed -n 's/.* stream tcp .*:/127.0.0.1 /p' netcat.fstat`
29 # check that the client run successfully to the end
30 grep -q '^success$$' ${@:S/^run/client/}.out
31 # client must have read server greeting
32 grep -q '^<<< greeting$$' ${@:S/^run/client/}.out
33 # netstat server must have read client hello
34 grep -q '^hello$$' ${@:S/^run/server/}.out
35
36.endfor
37
38# run test server and connect with netcat client
39
40.for slib in ${LIBRARIES}
41
42REGRESS_TARGETS += run-netcat-client-nc-server-${slib}
43
44run-netcat-client-nc-server-${slib}: ../${slib}/server 127.0.0.1.crt
45 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
46 ../${slib}/server >${@:S/^run/server/}.out \
47 127.0.0.1 0
48 echo "hello" | \
49 nc >${@:S/^run/client/}.out \
50 -c -R 127.0.0.1.crt \
51 `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
52 # check that the server child run successfully to the end
53 grep -q '^success$$' ${@:S/^run/server/}.out || \
54 { sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; }
55 # server must have read client hello
56 grep -q '^<<< hello$$' ${@:S/^run/server/}.out
57 # client must have read server greeting
58 grep -q '^greeting$$' ${@:S/^run/client/}.out
59
60.endfor
61
62# check the TLS protocol version in client and server logs
63
64.for clib in ${LIBRARIES}
65
66REGRESS_TARGETS += run-protocol-client-${clib}
67
68run-protocol-client-${clib}: client-netcat-client-${clib}-server-nc.out
69 # check that LibTLS protocol version is TLS 1.2 or TLS 1.3
70 grep 'Protocol *: TLSv1.[23]' client-netcat-client-${clib}-server-nc.out
71
72.endfor
73
74.for slib in ${LIBRARIES}
75
76REGRESS_TARGETS += run-protocol-server-${slib}
77
78run-protocol-server-${slib}: server-netcat-client-nc-server-${slib}.out
79 # check that LibTLS protocol version is TLS 1.2 or TLS 1.3
80 grep 'Protocol *: TLSv1.[23]' server-netcat-client-nc-server-${slib}.out
81
82.endfor
83
84.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/openssl/Makefile b/src/regress/lib/libssl/interop/openssl/Makefile
deleted file mode 100644
index 53c51a83ee..0000000000
--- a/src/regress/lib/libssl/interop/openssl/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
1# $OpenBSD: Makefile,v 1.9 2021/12/02 17:10:53 kn Exp $
2
3.if ! exists(/usr/local/bin/eopenssl)
4regress:
5 # install openssl-1.0.2 from ports for interop tests
6 @echo 'Run "pkg_add openssl--%1.0.2" to run tests against OpenSSL 1.0.2'
7 @echo SKIPPED
8.else
9
10PROGS = client server
11CPPFLAGS = -I /usr/local/include/eopenssl
12LDFLAGS = -L /usr/local/lib/eopenssl
13LDADD = -lssl -lcrypto
14DPADD = /usr/local/lib/eopenssl/libssl.a \
15 /usr/local/lib/eopenssl/libcrypto.a
16LD_LIBRARY_PATH = /usr/local/lib/eopenssl
17REGRESS_TARGETS = run-self-client-server
18.for p in ${PROGS}
19REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
20.endfor
21
22.for p in ${PROGS}
23
24run-ldd-$p: ldd-$p.out
25 # check that $p is linked with OpenSSL
26 grep -q /usr/local/lib/eopenssl/libcrypto.so ldd-$p.out
27 grep -q /usr/local/lib/eopenssl/libssl.so ldd-$p.out
28 # check that $p is not linked with LibreSSL
29 ! grep -v libc.so ldd-$p.out | grep /usr/lib/
30
31run-version-$p: $p-self.out
32 # check that runtime version is OpenSSL 1.0.2
33 grep 'SSLEAY_VERSION: OpenSSL 1.0.2' $p-self.out
34
35run-protocol-$p: $p-self.out
36 # check that OpenSSL 1.0.2 protocol version is TLS 1.2
37 grep 'Protocol *: TLSv1.2' $p-self.out
38
39.endfor
40
41.endif # exists(/usr/local/bin/eopenssl)
42
43.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/openssl11/Makefile b/src/regress/lib/libssl/interop/openssl11/Makefile
deleted file mode 100644
index 27e7354925..0000000000
--- a/src/regress/lib/libssl/interop/openssl11/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
1# $OpenBSD: Makefile,v 1.8 2021/12/02 17:10:53 kn Exp $
2
3.if ! exists(/usr/local/bin/eopenssl11)
4regress:
5 # install openssl-1.1 from ports for interop tests
6 @echo 'Run "pkg_add openssl--%1.1" to run tests against OpenSSL 1.1'
7 @echo SKIPPED
8.else
9
10PROGS = client server
11CPPFLAGS = -I /usr/local/include/eopenssl11
12LDFLAGS = -L /usr/local/lib/eopenssl11
13LDADD = -lssl -lcrypto
14DPADD = /usr/local/lib/eopenssl11/libssl.a \
15 /usr/local/lib/eopenssl11/libcrypto.a
16LD_LIBRARY_PATH = /usr/local/lib/eopenssl11
17REGRESS_TARGETS = run-self-client-server
18.for p in ${PROGS}
19REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p
20.endfor
21
22.for p in ${PROGS}
23
24run-ldd-$p: ldd-$p.out
25 # check that $p is linked with OpenSSL 1.1
26 grep -q /usr/local/lib/eopenssl11/libcrypto.so ldd-$p.out
27 grep -q /usr/local/lib/eopenssl11/libssl.so ldd-$p.out
28 # check that $p is not linked with LibreSSL
29 ! grep -v libc.so ldd-$p.out | grep /usr/lib/
30
31run-version-$p: $p-self.out
32 # check that runtime version is OpenSSL 1.1
33 grep 'SSLEAY_VERSION: OpenSSL 1.1' $p-self.out
34
35run-protocol-$p: $p-self.out
36 # check that OpenSSL 1.1 protocol version is TLS 1.3
37 grep 'Protocol *: TLSv1.3' $p-self.out
38
39.endfor
40
41.endif # exists(/usr/local/bin/eopenssl11)
42
43.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/server.c b/src/regress/lib/libssl/interop/server.c
deleted file mode 100644
index c8e4cb7fc3..0000000000
--- a/src/regress/lib/libssl/interop/server.c
+++ /dev/null
@@ -1,332 +0,0 @@
1/* $OpenBSD: server.c,v 1.11 2022/07/07 13:12:57 tb Exp $ */
2/*
3 * Copyright (c) 2018-2019 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <sys/types.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <netdb.h>
23#include <stdio.h>
24#include <stdlib.h>
25#include <string.h>
26#include <unistd.h>
27
28#include <openssl/err.h>
29#include <openssl/ssl.h>
30
31#include "util.h"
32
33void __dead usage(void);
34
35void __dead
36usage(void)
37{
38 fprintf(stderr, "usage: server [-Lsvv] [-C CA] [-c crt -k key] "
39 "[-l ciphers] [-p dhparam] [-V version] [host port]\n");
40 exit(2);
41}
42
43int
44main(int argc, char *argv[])
45{
46 const SSL_METHOD *method;
47 SSL_CTX *ctx;
48 SSL *ssl;
49 BIO *abio, *cbio;
50 SSL_SESSION *session;
51 int ch, error, listciphers = 0, sessionreuse = 0, verify = 0;
52 int version = 0;
53 char buf[256], *dhparam = NULL;
54 char *ca = NULL, *crt = NULL, *key = NULL, *ciphers = NULL;
55 char *host_port, *host = "127.0.0.1", *port = "0";
56
57 while ((ch = getopt(argc, argv, "C:c:k:Ll:p:sV:v")) != -1) {
58 switch (ch) {
59 case 'C':
60 ca = optarg;
61 break;
62 case 'c':
63 crt = optarg;
64 break;
65 case 'k':
66 key = optarg;
67 break;
68 case 'L':
69 listciphers = 1;
70 break;
71 case 'l':
72 ciphers = optarg;
73 break;
74 case 'p':
75 dhparam = optarg;
76 break;
77 case 's':
78 /* multiple reueses are possible */
79 sessionreuse++;
80 break;
81 case 'V':
82 if (strcmp(optarg, "TLS1") == 0) {
83 version = TLS1_VERSION;
84 } else if (strcmp(optarg, "TLS1_1") == 0) {
85 version = TLS1_1_VERSION;
86 } else if (strcmp(optarg, "TLS1_2") == 0) {
87 version = TLS1_2_VERSION;
88#ifdef TLS1_3_VERSION
89 } else if (strcmp(optarg, "TLS1_3") == 0) {
90 version = TLS1_3_VERSION;
91#endif
92 } else {
93 errx(1, "unknown protocol version: %s", optarg);
94 }
95 break;
96 case 'v':
97 /* use twice to force client cert */
98 verify++;
99 break;
100 default:
101 usage();
102 }
103 }
104 argc -= optind;
105 argv += optind;
106 if (argc == 2) {
107 host = argv[0];
108 port = argv[1];
109 } else if (argc != 0 && !listciphers) {
110 usage();
111 }
112 if (asprintf(&host_port, strchr(host, ':') ? "[%s]:%s" : "%s:%s",
113 host, port) == -1)
114 err(1, "asprintf host port");
115 if ((crt == NULL && key != NULL) || (crt != NULL && key == NULL))
116 errx(1, "certificate and private key must be used together");
117 if (crt == NULL && asprintf(&crt, "%s.crt", host) == -1)
118 err(1, "asprintf crt");
119 if (key == NULL && asprintf(&key, "%s.key", host) == -1)
120 err(1, "asprintf key");
121
122 SSL_library_init();
123 SSL_load_error_strings();
124 print_version();
125
126 /* setup method and context */
127#if OPENSSL_VERSION_NUMBER >= 0x1010000f
128 method = TLS_server_method();
129 if (method == NULL)
130 err_ssl(1, "TLS_server_method");
131#else
132 switch (version) {
133 case TLS1_VERSION:
134 method = TLSv1_server_method();
135 break;
136 case TLS1_1_VERSION:
137 method = TLSv1_1_server_method();
138 break;
139 case TLS1_2_VERSION:
140 method = TLSv1_2_server_method();
141 break;
142#ifdef TLS1_3_VERSION
143 case TLS1_3_VERSION:
144 err(1, "TLS1_3 not supported");
145#endif
146 default:
147 method = SSLv23_server_method();
148 break;
149 }
150 if (method == NULL)
151 err_ssl(1, "SSLv23_server_method");
152#endif
153 ctx = SSL_CTX_new(method);
154 if (ctx == NULL)
155 err_ssl(1, "SSL_CTX_new");
156
157#if OPENSSL_VERSION_NUMBER >= 0x1010000f
158 if (version) {
159 if (SSL_CTX_set_min_proto_version(ctx, version) != 1)
160 err_ssl(1, "SSL_CTX_set_min_proto_version");
161 if (SSL_CTX_set_max_proto_version(ctx, version) != 1)
162 err_ssl(1, "SSL_CTX_set_max_proto_version");
163 }
164#endif
165
166#if OPENSSL_VERSION_NUMBER >= 0x10100000
167 /* needed to use DHE cipher with libressl */
168 if (SSL_CTX_set_dh_auto(ctx, 1) <= 0)
169 err_ssl(1, "SSL_CTX_set_dh_auto");
170#endif
171 /* needed to use ADH, EDH, DHE cipher with openssl */
172 if (dhparam != NULL) {
173 DH *dh;
174 FILE *file;
175
176 file = fopen(dhparam, "r");
177 if (file == NULL)
178 err(1, "fopen %s", dhparam);
179 dh = PEM_read_DHparams(file, NULL, NULL, NULL);
180 if (dh == NULL)
181 err_ssl(1, "PEM_read_DHparams");
182 if (SSL_CTX_set_tmp_dh(ctx, dh) <= 0)
183 err_ssl(1, "SSL_CTX_set_tmp_dh");
184 fclose(file);
185 }
186
187 /* needed when linking with OpenSSL 1.0.2p */
188 if (SSL_CTX_set_ecdh_auto(ctx, 1) <= 0)
189 err_ssl(1, "SSL_CTX_set_ecdh_auto");
190
191 /* load server certificate */
192 if (SSL_CTX_use_certificate_file(ctx, crt, SSL_FILETYPE_PEM) <= 0)
193 err_ssl(1, "SSL_CTX_use_certificate_file");
194 if (SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM) <= 0)
195 err_ssl(1, "SSL_CTX_use_PrivateKey_file");
196 if (SSL_CTX_check_private_key(ctx) <= 0)
197 err_ssl(1, "SSL_CTX_check_private_key");
198
199 /* request client certificate and verify it */
200 if (ca != NULL) {
201 STACK_OF(X509_NAME) *x509stack;
202
203 x509stack = SSL_load_client_CA_file(ca);
204 if (x509stack == NULL)
205 err_ssl(1, "SSL_load_client_CA_file");
206 SSL_CTX_set_client_CA_list(ctx, x509stack);
207 if (SSL_CTX_load_verify_locations(ctx, ca, NULL) <= 0)
208 err_ssl(1, "SSL_CTX_load_verify_locations");
209 }
210 SSL_CTX_set_verify(ctx,
211 verify == 0 ? SSL_VERIFY_NONE :
212 verify == 1 ? SSL_VERIFY_PEER :
213 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
214 verify_callback);
215
216 if (sessionreuse) {
217 uint32_t context;
218
219 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER);
220 context = arc4random();
221 if (SSL_CTX_set_session_id_context(ctx,
222 (unsigned char *)&context, sizeof(context)) <= 0)
223 err_ssl(1, "SSL_CTX_set_session_id_context");
224 }
225
226 if (ciphers) {
227 if (SSL_CTX_set_cipher_list(ctx, ciphers) <= 0)
228 err_ssl(1, "SSL_CTX_set_cipher_list");
229 }
230
231 if (listciphers) {
232 STACK_OF(SSL_CIPHER) *supported_ciphers;
233
234#if OPENSSL_VERSION_NUMBER < 0x1010000f
235#define SSL_get1_supported_ciphers SSL_get_ciphers
236#endif
237 ssl = SSL_new(ctx);
238 if (ssl == NULL)
239 err_ssl(1, "SSL_new");
240 supported_ciphers = SSL_get1_supported_ciphers(ssl);
241 if (supported_ciphers == NULL)
242 err_ssl(1, "SSL_get1_supported_ciphers");
243 print_ciphers(supported_ciphers);
244
245#if OPENSSL_VERSION_NUMBER >= 0x1010000f
246 sk_SSL_CIPHER_free(supported_ciphers);
247#endif
248 return 0;
249 }
250
251 /* setup bio for socket operations */
252 abio = BIO_new_accept(host_port);
253 if (abio == NULL)
254 err_ssl(1, "BIO_new_accept");
255
256 /* bind, listen */
257 if (BIO_do_accept(abio) <= 0)
258 err_ssl(1, "BIO_do_accept setup");
259 printf("listen ");
260 print_sockname(abio);
261
262 /* fork to background and set timeout */
263 if (daemon(1, 1) == -1)
264 err(1, "daemon");
265 alarm(10);
266
267 do {
268 /* accept connection */
269 if (BIO_do_accept(abio) <= 0)
270 err_ssl(1, "BIO_do_accept wait");
271 cbio = BIO_pop(abio);
272 printf("accept ");
273 print_sockname(cbio);
274 printf("accept ");
275 print_peername(cbio);
276
277 /* do ssl server handshake */
278 ssl = SSL_new(ctx);
279 if (ssl == NULL)
280 err_ssl(1, "SSL_new");
281 SSL_set_bio(ssl, cbio, cbio);
282 if ((error = SSL_accept(ssl)) <= 0)
283 err_ssl(1, "SSL_accept %d", error);
284 printf("session %d: %s\n", sessionreuse,
285 SSL_session_reused(ssl) ? "reuse" : "new");
286 if (fflush(stdout) != 0)
287 err(1, "fflush stdout");
288
289
290 /* print session statistics */
291 session = SSL_get_session(ssl);
292 if (session == NULL)
293 err_ssl(1, "SSL_get_session");
294 if (SSL_SESSION_print_fp(stdout, session) <= 0)
295 err_ssl(1, "SSL_SESSION_print_fp");
296
297 /* write server greeting and read client hello over TLS */
298 strlcpy(buf, "greeting\n", sizeof(buf));
299 printf(">>> %s", buf);
300 if (fflush(stdout) != 0)
301 err(1, "fflush stdout");
302 if ((error = SSL_write(ssl, buf, 9)) <= 0)
303 err_ssl(1, "SSL_write %d", error);
304 if (error != 9)
305 errx(1, "write not 9 bytes greeting: %d", error);
306 if ((error = SSL_read(ssl, buf, 6)) <= 0)
307 err_ssl(1, "SSL_read %d", error);
308 if (error != 6)
309 errx(1, "read not 6 bytes hello: %d", error);
310 buf[6] = '\0';
311 printf("<<< %s", buf);
312 if (fflush(stdout) != 0)
313 err(1, "fflush stdout");
314
315 /* shutdown connection */
316 if ((error = SSL_shutdown(ssl)) < 0)
317 err_ssl(1, "SSL_shutdown unidirectional %d", error);
318 if (error <= 0) {
319 if ((error = SSL_shutdown(ssl)) <= 0)
320 err_ssl(1, "SSL_shutdown bidirectional %d",
321 error);
322 }
323
324 SSL_free(ssl);
325 } while (sessionreuse--);
326
327 SSL_CTX_free(ctx);
328
329 printf("success\n");
330
331 return 0;
332}
diff --git a/src/regress/lib/libssl/interop/session/Makefile b/src/regress/lib/libssl/interop/session/Makefile
deleted file mode 100644
index 12d3eb2af7..0000000000
--- a/src/regress/lib/libssl/interop/session/Makefile
+++ /dev/null
@@ -1,46 +0,0 @@
1# $OpenBSD: Makefile,v 1.6 2020/12/17 00:51:11 bluhm Exp $
2
3LIBRARIES = libressl
4.if exists(/usr/local/bin/eopenssl)
5LIBRARIES += openssl
6.endif
7.if exists(/usr/local/bin/eopenssl11)
8LIBRARIES += openssl11
9.endif
10
11run-session-client-libressl-server-libressl \
12run-session-client-libressl-server-openssl11 \
13run-session-client-openssl11-server-libressl \
14run-session-client-openssl11-server-openssl11:
15 # TLS 1.3 needs some extra setup for session reuse
16 @echo DISABLED
17
18.for clib in ${LIBRARIES}
19.for slib in ${LIBRARIES}
20
21REGRESS_TARGETS += run-session-client-${clib}-server-${slib}
22
23run-session-client-${clib}-server-${slib}: \
24 127.0.0.1.crt ../${clib}/client ../${slib}/server
25 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
26 ../${slib}/server >${@:S/^run/server/}.out \
27 -ss \
28 127.0.0.1 0
29 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
30 ../${clib}/client >${@:S/^run/client/}.out \
31 -ss \
32 `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
33 grep '^success$$' ${@:S/^run/server/}.out || \
34 { sleep 1; grep '^success$$' ${@:S/^run/server/}.out; }
35 grep '^success$$' ${@:S/^run/client/}.out
36 grep '^session 2: new$$' ${@:S/^run/server/}.out
37 grep '^session 2: new$$' ${@:S/^run/client/}.out
38 grep '^session 1: reuse$$' ${@:S/^run/server/}.out
39 grep '^session 1: reuse$$' ${@:S/^run/client/}.out
40 grep '^session 0: reuse$$' ${@:S/^run/server/}.out
41 grep '^session 0: reuse$$' ${@:S/^run/client/}.out
42
43.endfor
44.endfor
45
46.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/interop/util.c b/src/regress/lib/libssl/interop/util.c
deleted file mode 100644
index 5190e81828..0000000000
--- a/src/regress/lib/libssl/interop/util.c
+++ /dev/null
@@ -1,145 +0,0 @@
1/* $OpenBSD: util.c,v 1.3 2018/11/09 06:30:41 bluhm Exp $ */
2/*
3 * Copyright (c) 2018 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <sys/types.h>
19#include <sys/socket.h>
20
21#include <err.h>
22#include <netdb.h>
23#include <stdio.h>
24
25#include <openssl/err.h>
26#include <openssl/ssl.h>
27#include <openssl/opensslv.h>
28#include <openssl/crypto.h>
29
30#include "util.h"
31
32void
33print_version(void)
34{
35#ifdef OPENSSL_VERSION_NUMBER
36 printf("OPENSSL_VERSION_NUMBER: %#08lx\n", OPENSSL_VERSION_NUMBER);
37#endif
38#ifdef LIBRESSL_VERSION_NUMBER
39 printf("LIBRESSL_VERSION_NUMBER: %#08lx\n", LIBRESSL_VERSION_NUMBER);
40#endif
41#ifdef LIBRESSL_VERSION_TEXT
42 printf("LIBRESSL_VERSION_TEXT: %s\n", LIBRESSL_VERSION_TEXT);
43#endif
44#if OPENSSL_VERSION_NUMBER >= 0x1010000f
45 printf("OpenSSL_version_num: %#08lx\n", OpenSSL_version_num());
46 printf("OpenSSL_version OPENSSL_VERSION: %s\n",
47 OpenSSL_version(OPENSSL_VERSION));
48 printf("OpenSSL_version OPENSSL_CFLAGS: %s\n",
49 OpenSSL_version(OPENSSL_CFLAGS));
50 printf("OpenSSL_version OPENSSL_BUILT_ON: %s\n",
51 OpenSSL_version(OPENSSL_BUILT_ON));
52 printf("OpenSSL_version OPENSSL_PLATFORM: %s\n",
53 OpenSSL_version(OPENSSL_PLATFORM));
54 printf("OpenSSL_version OPENSSL_DIR: %s\n",
55 OpenSSL_version(OPENSSL_DIR));
56 printf("OpenSSL_version OPENSSL_ENGINES_DIR: %s\n",
57 OpenSSL_version(OPENSSL_ENGINES_DIR));
58#endif
59 printf("SSLeay: %#08lx\n", SSLeay());
60 printf("SSLeay_version SSLEAY_VERSION: %s\n",
61 SSLeay_version(SSLEAY_VERSION));
62 printf("SSLeay_version SSLEAY_CFLAGS: %s\n",
63 SSLeay_version(SSLEAY_CFLAGS));
64 printf("SSLeay_version SSLEAY_BUILT_ON: %s\n",
65 SSLeay_version(SSLEAY_BUILT_ON));
66 printf("SSLeay_version SSLEAY_PLATFORM: %s\n",
67 SSLeay_version(SSLEAY_PLATFORM));
68 printf("SSLeay_version SSLEAY_DIR: %s\n",
69 SSLeay_version(SSLEAY_DIR));
70}
71
72void
73print_ciphers(STACK_OF(SSL_CIPHER) *cstack)
74{
75 const SSL_CIPHER *cipher;
76 int i;
77
78 for (i = 0; (cipher = sk_SSL_CIPHER_value(cstack, i)) != NULL; i++)
79 printf("cipher %s\n", SSL_CIPHER_get_name(cipher));
80 if (fflush(stdout) != 0)
81 err(1, "fflush stdout");
82}
83
84void
85print_sockname(BIO *bio)
86{
87 struct sockaddr_storage ss;
88 socklen_t slen;
89 char host[NI_MAXHOST], port[NI_MAXSERV];
90 int fd;
91
92 if (BIO_get_fd(bio, &fd) <= 0)
93 err_ssl(1, "BIO_get_fd");
94 slen = sizeof(ss);
95 if (getsockname(fd, (struct sockaddr *)&ss, &slen) == -1)
96 err(1, "getsockname");
97 if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host,
98 sizeof(host), port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV))
99 errx(1, "getnameinfo");
100 printf("sock: %s %s\n", host, port);
101 if (fflush(stdout) != 0)
102 err(1, "fflush stdout");
103}
104
105void
106print_peername(BIO *bio)
107{
108 struct sockaddr_storage ss;
109 socklen_t slen;
110 char host[NI_MAXHOST], port[NI_MAXSERV];
111 int fd;
112
113 if (BIO_get_fd(bio, &fd) <= 0)
114 err_ssl(1, "BIO_get_fd");
115 slen = sizeof(ss);
116 if (getpeername(fd, (struct sockaddr *)&ss, &slen) == -1)
117 err(1, "getpeername");
118 if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host,
119 sizeof(host), port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV))
120 errx(1, "getnameinfo");
121 printf("peer: %s %s\n", host, port);
122 if (fflush(stdout) != 0)
123 err(1, "fflush stdout");
124}
125
126void
127err_ssl(int eval, const char *fmt, ...)
128{
129 va_list ap;
130
131 ERR_print_errors_fp(stderr);
132 va_start(ap, fmt);
133 verrx(eval, fmt, ap);
134 va_end(ap);
135}
136
137int
138verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
139{
140 printf("verify: %s\n", preverify_ok ? "pass" : "fail");
141 if (fflush(stdout) != 0)
142 err(1, "fflush stdout");
143
144 return preverify_ok;
145}
diff --git a/src/regress/lib/libssl/interop/util.h b/src/regress/lib/libssl/interop/util.h
deleted file mode 100644
index 7414a037d7..0000000000
--- a/src/regress/lib/libssl/interop/util.h
+++ /dev/null
@@ -1,23 +0,0 @@
1/* $OpenBSD: util.h,v 1.3 2018/11/09 06:30:41 bluhm Exp $ */
2/*
3 * Copyright (c) 2018 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18void print_version(void);
19void print_ciphers(STACK_OF(SSL_CIPHER) *);
20void print_sockname(BIO *);
21void print_peername(BIO *);
22void err_ssl(int, const char *, ...);
23int verify_callback(int, X509_STORE_CTX *);
diff --git a/src/regress/lib/libssl/interop/version/Makefile b/src/regress/lib/libssl/interop/version/Makefile
deleted file mode 100644
index 7ac86ccbeb..0000000000
--- a/src/regress/lib/libssl/interop/version/Makefile
+++ /dev/null
@@ -1,103 +0,0 @@
1# $OpenBSD: Makefile,v 1.3 2020/12/17 00:51:12 bluhm Exp $
2
3# Connect a client to a server. Both can be current libressl, or
4# openssl 1.0.2, or openssl 1.1. Pin client or server to a fixed TLS
5# version number. Incompatible versions must fail. Check that client
6# and server have used correct version by grepping in their session
7# print out.
8
9LIBRARIES = libressl
10.if exists(/usr/local/bin/eopenssl)
11LIBRARIES += openssl
12.endif
13.if exists(/usr/local/bin/eopenssl11)
14LIBRARIES += openssl11
15.endif
16
17VERSIONS = any TLS1 TLS1_1 TLS1_2 TLS1_3
18
19.for cver in ${VERSIONS}
20.for sver in ${VERSIONS}
21
22.if "${cver}" == any || "${sver}" == any || "${cver}" == "${sver}"
23FAIL_${cver}_${sver} =
24.else
25FAIL_${cver}_${sver} = !
26.endif
27
28.for clib in ${LIBRARIES}
29.for slib in ${LIBRARIES}
30
31.if ("${clib}" != openssl && "${slib}" != openssl) || \
32 ("${cver}" != TLS1_3 && "${sver}" != TLS1_3)
33
34.if ("${clib}" == "libressl" || "${slib}" == "libressl")
35REGRESS_TARGETS += run-version-client-${clib}-${cver}-server-${slib}-${sver}
36.else
37REGRESS_SLOW_TARGETS += run-version-client-${clib}-${cver}-server-${slib}-${sver}
38.endif
39
40run-version-client-${clib}-${cver}-server-${slib}-${sver} \
41client-version-client-${clib}-${cver}-server-${slib}-${sver}.out \
42server-version-client-${clib}-${cver}-server-${slib}-${sver}.out: \
43 127.0.0.1.crt ../${clib}/client ../${slib}/server
44 LD_LIBRARY_PATH=/usr/local/lib/e${slib} \
45 ../${slib}/server >${@:S/^run/server/}.out \
46 -c 127.0.0.1.crt -k 127.0.0.1.key \
47 ${sver:Nany:S/^/-V /} \
48 127.0.0.1 0
49 ${FAIL_${cver}_${sver}} \
50 LD_LIBRARY_PATH=/usr/local/lib/e${clib} \
51 ../${clib}/client >${@:S/^run/client/}.out \
52 ${cver:Nany:S/^/-V /} \
53 `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out`
54.if empty(${FAIL_${cver}_${sver}})
55 grep -q '^success$$' ${@:S/^run/server/}.out || \
56 { sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; }
57 grep -q '^success$$' ${@:S/^run/client/}.out
58.endif
59
60.if empty(${FAIL_${cver}_${sver}})
61
62.if ("${clib}" == "libressl" || "${slib}" == "libressl")
63REGRESS_TARGETS += check-version-client-${clib}-${cver}-server-${slib}-${sver}
64.else
65REGRESS_SLOW_TARGETS += check-version-client-${clib}-${cver}-server-${slib}-${sver}
66.endif
67
68check-version-client-${clib}-${cver}-server-${slib}-${sver}: \
69 client-version-client-${clib}-${cver}-server-${slib}-${sver}.out \
70 server-version-client-${clib}-${cver}-server-${slib}-${sver}.out
71 @grep ' Protocol *: ' ${@:S/^check/client/}.out
72 @grep ' Protocol *: ' ${@:S/^check/server/}.out
73.if "${cver}" == any
74.if "${sver}" == any
75.if "${clib}" == openssl || "${slib}" == openssl
76 grep -q ' Protocol *: TLSv1.2$$' ${@:S/^check/client/}.out
77 grep -q ' Protocol *: TLSv1.2$$' ${@:S/^check/server/}.out
78.else
79 grep -q ' Protocol *: TLSv1.3$$' ${@:S/^check/client/}.out
80 grep -q ' Protocol *: TLSv1.3$$' ${@:S/^check/server/}.out
81.endif
82.else
83 grep -q ' Protocol *: ${sver:S/TLS/TLSv/:S/_/./}$$' \
84 ${@:S/^check/client/}.out
85 grep -q ' Protocol *: ${sver:S/TLS/TLSv/:S/_/./}$$' \
86 ${@:S/^check/server/}.out
87.endif
88.else
89 grep -q ' Protocol *: ${cver:S/TLS/TLSv/:S/_/./}$$' \
90 ${@:S/^check/client/}.out
91 grep -q ' Protocol *: ${cver:S/TLS/TLSv/:S/_/./}$$' \
92 ${@:S/^check/server/}.out
93.endif
94.endif
95
96.endif
97
98.endfor
99.endfor
100.endfor
101.endfor
102
103.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/key_schedule/Makefile b/src/regress/lib/libssl/key_schedule/Makefile
deleted file mode 100644
index a8f23a27c5..0000000000
--- a/src/regress/lib/libssl/key_schedule/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2022/06/29 15:06:18 tb Exp $
2
3PROG= key_schedule
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/key_schedule/key_schedule.c b/src/regress/lib/libssl/key_schedule/key_schedule.c
deleted file mode 100644
index 2746bb593d..0000000000
--- a/src/regress/lib/libssl/key_schedule/key_schedule.c
+++ /dev/null
@@ -1,317 +0,0 @@
1/* $OpenBSD: key_schedule.c,v 1.9 2019/11/18 02:09:58 beck Exp $ */
2/*
3 * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include "ssl_locl.h"
21
22#include "bytestring.h"
23#include "ssl_tlsext.h"
24#include "tls13_internal.h"
25
26static int failures = 0;
27
28static void
29hexdump(const unsigned char *buf, size_t len)
30{
31 size_t i;
32
33 for (i = 1; i <= len; i++)
34 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
35
36 fprintf(stderr, "\n");
37}
38
39static void
40compare_data(const uint8_t *recv, size_t recv_len, const uint8_t *expect,
41 size_t expect_len)
42{
43 fprintf(stderr, "received:\n");
44 hexdump(recv, recv_len);
45
46 fprintf(stderr, "test data:\n");
47 hexdump(expect, expect_len);
48}
49
50#define FAIL(msg, ...) \
51do { \
52 fprintf(stderr, "[%s:%d] FAIL: ", __FILE__, __LINE__); \
53 fprintf(stderr, msg, ##__VA_ARGS__); \
54 failures++; \
55} while(0)
56
57/* Hashes and secrets from test vector */
58
59uint8_t chello[] = {
60 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14,
61 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24,
62 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
63 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55
64};
65const struct tls13_secret chello_hash = {
66 .data = chello,
67 .len = 32,
68};
69
70uint8_t cshello [] = {
71 0x86, 0x0c, 0x06, 0xed, 0xc0, 0x78, 0x58, 0xee,
72 0x8e, 0x78, 0xf0, 0xe7, 0x42, 0x8c, 0x58, 0xed,
73 0xd6, 0xb4, 0x3f, 0x2c, 0xa3, 0xe6, 0xe9, 0x5f,
74 0x02, 0xed, 0x06, 0x3c, 0xf0, 0xe1, 0xca, 0xd8
75};
76
77const struct tls13_secret cshello_hash = {
78 .data = cshello,
79 .len = 32,
80};
81
82const uint8_t ecdhe [] = {
83 0x8b, 0xd4, 0x05, 0x4f, 0xb5, 0x5b, 0x9d, 0x63,
84 0xfd, 0xfb, 0xac, 0xf9, 0xf0, 0x4b, 0x9f, 0x0d,
85 0x35, 0xe6, 0xd6, 0x3f, 0x53, 0x75, 0x63, 0xef,
86 0xd4, 0x62, 0x72, 0x90, 0x0f, 0x89, 0x49, 0x2d
87};
88
89uint8_t csfhello [] = {
90 0x96, 0x08, 0x10, 0x2a, 0x0f, 0x1c, 0xcc, 0x6d,
91 0xb6, 0x25, 0x0b, 0x7b, 0x7e, 0x41, 0x7b, 0x1a,
92 0x00, 0x0e, 0xaa, 0xda, 0x3d, 0xaa, 0xe4, 0x77,
93 0x7a, 0x76, 0x86, 0xc9, 0xff, 0x83, 0xdf, 0x13
94};
95
96const struct tls13_secret csfhello_hash = {
97 .data = csfhello,
98 .len = 32,
99};
100
101
102/* Expected Values */
103
104uint8_t expected_extracted_early[] = {
105 0x33, 0xad, 0x0a, 0x1c, 0x60, 0x7e, 0xc0, 0x3b,
106 0x09, 0xe6, 0xcd, 0x98, 0x93, 0x68, 0x0c, 0xe2,
107 0x10, 0xad, 0xf3, 0x00, 0xaa, 0x1f, 0x26, 0x60,
108 0xe1, 0xb2, 0x2e, 0x10, 0xf1, 0x70, 0xf9, 0x2a
109};
110uint8_t expected_derived_early[] = {
111 0x6f, 0x26, 0x15, 0xa1, 0x08, 0xc7, 0x02, 0xc5,
112 0x67, 0x8f, 0x54, 0xfc, 0x9d, 0xba, 0xb6, 0x97,
113 0x16, 0xc0, 0x76, 0x18, 0x9c, 0x48, 0x25, 0x0c,
114 0xeb, 0xea, 0xc3, 0x57, 0x6c, 0x36, 0x11, 0xba
115};
116uint8_t expected_extracted_handshake[] = {
117 0x1d, 0xc8, 0x26, 0xe9, 0x36, 0x06, 0xaa, 0x6f,
118 0xdc, 0x0a, 0xad, 0xc1, 0x2f, 0x74, 0x1b, 0x01,
119 0x04, 0x6a, 0xa6, 0xb9, 0x9f, 0x69, 0x1e, 0xd2,
120 0x21, 0xa9, 0xf0, 0xca, 0x04, 0x3f, 0xbe, 0xac
121};
122uint8_t expected_client_handshake_traffic[] = {
123 0xb3, 0xed, 0xdb, 0x12, 0x6e, 0x06, 0x7f, 0x35,
124 0xa7, 0x80, 0xb3, 0xab, 0xf4, 0x5e, 0x2d, 0x8f,
125 0x3b, 0x1a, 0x95, 0x07, 0x38, 0xf5, 0x2e, 0x96,
126 0x00, 0x74, 0x6a, 0x0e, 0x27, 0xa5, 0x5a, 0x21
127};
128
129uint8_t expected_server_handshake_traffic[] = {
130 0xb6, 0x7b, 0x7d, 0x69, 0x0c, 0xc1, 0x6c, 0x4e,
131 0x75, 0xe5, 0x42, 0x13, 0xcb, 0x2d, 0x37, 0xb4,
132 0xe9, 0xc9, 0x12, 0xbc, 0xde, 0xd9, 0x10, 0x5d,
133 0x42, 0xbe, 0xfd, 0x59, 0xd3, 0x91, 0xad, 0x38
134};
135
136uint8_t expected_derived_handshake[] = {
137 0x43, 0xde, 0x77, 0xe0, 0xc7, 0x77, 0x13, 0x85,
138 0x9a, 0x94, 0x4d, 0xb9, 0xdb, 0x25, 0x90, 0xb5,
139 0x31, 0x90, 0xa6, 0x5b, 0x3e, 0xe2, 0xe4, 0xf1,
140 0x2d, 0xd7, 0xa0, 0xbb, 0x7c, 0xe2, 0x54, 0xb4
141};
142
143uint8_t expected_extracted_master[] = {
144 0x18, 0xdf, 0x06, 0x84, 0x3d, 0x13, 0xa0, 0x8b,
145 0xf2, 0xa4, 0x49, 0x84, 0x4c, 0x5f, 0x8a, 0x47,
146 0x80, 0x01, 0xbc, 0x4d, 0x4c, 0x62, 0x79, 0x84,
147 0xd5, 0xa4, 0x1d, 0xa8, 0xd0, 0x40, 0x29, 0x19
148};
149
150uint8_t expected_server_application_traffic[] = {
151 0xa1, 0x1a, 0xf9, 0xf0, 0x55, 0x31, 0xf8, 0x56,
152 0xad, 0x47, 0x11, 0x6b, 0x45, 0xa9, 0x50, 0x32,
153 0x82, 0x04, 0xb4, 0xf4, 0x4b, 0xfb, 0x6b, 0x3a,
154 0x4b, 0x4f, 0x1f, 0x3f, 0xcb, 0x63, 0x16, 0x43
155};
156
157uint8_t expected_server_application_traffic_updated[] = {
158 0x51, 0x92, 0x1b, 0x8a, 0xa3, 0x00, 0x19, 0x76,
159 0xeb, 0x40, 0x1d, 0x0a, 0x43, 0x19, 0xa8, 0x51,
160 0x64, 0x16, 0xa6, 0xc5, 0x60, 0x01, 0xa3, 0x57,
161 0xe5, 0xd1, 0x62, 0x03, 0x1e, 0x84, 0xf9, 0x16,
162};
163
164uint8_t expected_client_application_traffic[] = {
165 0x9e, 0x40, 0x64, 0x6c, 0xe7, 0x9a, 0x7f, 0x9d,
166 0xc0, 0x5a, 0xf8, 0x88, 0x9b, 0xce, 0x65, 0x52,
167 0x87, 0x5a, 0xfa, 0x0b, 0x06, 0xdf, 0x00, 0x87,
168 0xf7, 0x92, 0xeb, 0xb7, 0xc1, 0x75, 0x04, 0xa5,
169};
170
171uint8_t expected_client_application_traffic_updated[] = {
172 0xfc, 0xdf, 0xcc, 0x72, 0x72, 0x5a, 0xae, 0xe4,
173 0x8b, 0xf6, 0x4e, 0x4f, 0xd8, 0xb7, 0x49, 0xcd,
174 0xbd, 0xba, 0xb3, 0x9d, 0x90, 0xda, 0x0b, 0x26,
175 0xe2, 0x24, 0x5c, 0xa6, 0xea, 0x16, 0x72, 0x07,
176};
177
178uint8_t expected_exporter_master[] = {
179 0xfe, 0x22, 0xf8, 0x81, 0x17, 0x6e, 0xda, 0x18,
180 0xeb, 0x8f, 0x44, 0x52, 0x9e, 0x67, 0x92, 0xc5,
181 0x0c, 0x9a, 0x3f, 0x89, 0x45, 0x2f, 0x68, 0xd8,
182 0xae, 0x31, 0x1b, 0x43, 0x09, 0xd3, 0xcf, 0x50
183};
184
185int
186main (int argc, char **argv)
187{
188 struct tls13_secrets *secrets;
189
190 if ((secrets = tls13_secrets_create(EVP_sha256(), 0)) == NULL)
191 errx(1,"failed to create secrets\n");
192
193 secrets->insecure = 1; /* don't explicit_bzero when done */
194
195 if (tls13_derive_handshake_secrets(secrets, ecdhe, 32, &cshello_hash))
196 FAIL("derive_handshake_secrets worked when it shouldn't\n");
197 if (tls13_derive_application_secrets(secrets,
198 &chello_hash))
199 FAIL("derive_application_secrets worked when it shouldn't\n");
200
201 if (!tls13_derive_early_secrets(secrets,
202 secrets->zeros.data, secrets->zeros.len, &chello_hash))
203 FAIL("derive_early_secrets failed\n");
204 if (tls13_derive_early_secrets(secrets,
205 secrets->zeros.data, secrets->zeros.len, &chello_hash))
206 FAIL("derive_early_secrets worked when it shouldn't(2)\n");
207
208 if (!tls13_derive_handshake_secrets(secrets, ecdhe, 32, &cshello_hash))
209 FAIL("derive_handshake_secrets failed\n");
210 if (tls13_derive_handshake_secrets(secrets, ecdhe, 32, &cshello_hash))
211 FAIL("derive_handshake_secrets worked when it shouldn't(2)\n");
212
213 /* XXX fix hash here once test vector sorted */
214 if (!tls13_derive_application_secrets(secrets, &csfhello_hash))
215 FAIL("derive_application_secrets failed\n");
216 if (tls13_derive_application_secrets(secrets, &csfhello_hash))
217 FAIL("derive_application_secrets worked when it "
218 "shouldn't(2)\n");
219
220 fprintf(stderr, "extracted_early:\n");
221 compare_data(secrets->extracted_early.data, 32,
222 expected_extracted_early, 32);
223 if (memcmp(secrets->extracted_early.data,
224 expected_extracted_early, 32) != 0)
225 FAIL("extracted_early does not match\n");
226
227 fprintf(stderr, "derived_early:\n");
228 compare_data(secrets->derived_early.data, 32,
229 expected_derived_early, 32);
230 if (memcmp(secrets->derived_early.data,
231 expected_derived_early, 32) != 0)
232 FAIL("derived_early does not match\n");
233
234 fprintf(stderr, "extracted_handshake:\n");
235 compare_data(secrets->extracted_handshake.data, 32,
236 expected_extracted_handshake, 32);
237 if (memcmp(secrets->extracted_handshake.data,
238 expected_extracted_handshake, 32) != 0)
239 FAIL("extracted_handshake does not match\n");
240
241 fprintf(stderr, "client_handshake_traffic:\n");
242 compare_data(secrets->client_handshake_traffic.data, 32,
243 expected_client_handshake_traffic, 32);
244 if (memcmp(secrets->client_handshake_traffic.data,
245 expected_client_handshake_traffic, 32) != 0)
246 FAIL("client_handshake_traffic does not match\n");
247
248 fprintf(stderr, "server_handshake_traffic:\n");
249 compare_data(secrets->server_handshake_traffic.data, 32,
250 expected_server_handshake_traffic, 32);
251 if (memcmp(secrets->server_handshake_traffic.data,
252 expected_server_handshake_traffic, 32) != 0)
253 FAIL("server_handshake_traffic does not match\n");
254
255 fprintf(stderr, "derived_early:\n");
256 compare_data(secrets->derived_early.data, 32,
257 expected_derived_early, 32);
258 if (memcmp(secrets->derived_early.data,
259 expected_derived_early, 32) != 0)
260 FAIL("derived_early does not match\n");
261
262 fprintf(stderr, "derived_handshake:\n");
263 compare_data(secrets->derived_handshake.data, 32,
264 expected_derived_handshake, 32);
265 if (memcmp(secrets->derived_handshake.data,
266 expected_derived_handshake, 32) != 0)
267 FAIL("derived_handshake does not match\n");
268
269 fprintf(stderr, "extracted_master:\n");
270 compare_data(secrets->extracted_master.data, 32,
271 expected_extracted_master, 32);
272 if (memcmp(secrets->extracted_master.data,
273 expected_extracted_master, 32) != 0)
274 FAIL("extracted_master does not match\n");
275
276 fprintf(stderr, "server_application_traffic:\n");
277 compare_data(secrets->server_application_traffic.data, 32,
278 expected_server_application_traffic, 32);
279 if (memcmp(secrets->server_application_traffic.data,
280 expected_server_application_traffic, 32) != 0)
281 FAIL("server_application_traffic does not match\n");
282
283 fprintf(stderr, "client_application_traffic:\n");
284 compare_data(secrets->client_application_traffic.data, 32,
285 expected_client_application_traffic, 32);
286 if (memcmp(secrets->client_application_traffic.data,
287 expected_client_application_traffic, 32) != 0)
288 FAIL("server_application_traffic does not match\n");
289
290 fprintf(stderr, "exporter_master:\n");
291 compare_data(secrets->exporter_master.data, 32,
292 expected_exporter_master, 32);
293 if (memcmp(secrets->exporter_master.data,
294 expected_exporter_master, 32) != 0)
295 FAIL("exporter_master does not match\n");
296
297 tls13_update_server_traffic_secret(secrets);
298 fprintf(stderr, "server_application_traffic after update:\n");
299 compare_data(secrets->server_application_traffic.data, 32,
300 expected_server_application_traffic_updated, 32);
301 if (memcmp(secrets->server_application_traffic.data,
302 expected_server_application_traffic_updated, 32) != 0)
303 FAIL("server_application_traffic does not match after update\n");
304
305
306 tls13_update_client_traffic_secret(secrets);
307 fprintf(stderr, "client_application_traffic after update:\n");
308 compare_data(secrets->client_application_traffic.data, 32,
309 expected_client_application_traffic_updated, 32);
310 if (memcmp(secrets->client_application_traffic.data,
311 expected_client_application_traffic_updated, 32) != 0)
312 FAIL("client_application_traffic does not match after update\n");
313
314 tls13_secrets_destroy(secrets);
315
316 return failures;
317}
diff --git a/src/regress/lib/libssl/openssl-ruby/Makefile b/src/regress/lib/libssl/openssl-ruby/Makefile
deleted file mode 100644
index f435270ae9..0000000000
--- a/src/regress/lib/libssl/openssl-ruby/Makefile
+++ /dev/null
@@ -1,87 +0,0 @@
1# $OpenBSD: Makefile,v 1.9 2022/05/10 19:27:21 tb Exp $
2
3OPENSSL_RUBY_TESTS = /usr/local/share/openssl-ruby-tests
4.if exists(/usr/local/bin/ruby31)
5RUBY_BINREV = 31
6.else
7RUBY_BINREV = 30
8.endif
9RUBY = ruby${RUBY_BINREV}
10
11# We work in a subdirectory of obj/ since extconf.rb generates a Makefile whose
12# name can't be customized in $PWD. An obj/Makefile in turn confuses either make
13# or bsd.*.mk. This hurts when things are in an unexpected state after a signal.
14BUILDDIR = build
15
16.if !exists(${OPENSSL_RUBY_TESTS})
17regress:
18 @echo package openssl-ruby-tests is required for this regress
19 @echo SKIPPED
20.else
21
22REGRESS_TARGETS += openssl-ruby-test
23
24openssl-ruby-test: retest
25
26_BUILDDIR_COOKIE = .builddir
27_BUILD_COOKIE = .build
28_TEST_COOKIE = .test
29
30${_BUILDDIR_COOKIE}:
31 mkdir -p ${BUILDDIR}
32 touch $@
33
34${_BUILD_COOKIE}: ${_BUILDDIR_COOKIE}
35 cd ${BUILDDIR} && \
36 ${RUBY} ${OPENSSL_RUBY_TESTS}/ext/openssl/extconf.rb && \
37 make;
38 touch $@
39
40OPENSSL_RUBY_TESTSRC = ${OPENSSL_RUBY_TESTS}/test/openssl/test_*.rb
41${_TEST_COOKIE}: ${_BUILD_COOKIE} ${_BUILDDIR_COOKIE}
42 cd ${BUILDDIR} && \
43 env SKIP_EXPECTED_FAILURES=true ${RUBY} -I. \
44 -I${OPENSSL_RUBY_TESTS}/test/openssl \
45 -I${OPENSSL_RUBY_TESTS}/lib \
46 -e 'Dir["${OPENSSL_RUBY_TESTSRC}"].each{|f| require f}' \
47 -- --no-use-color --no-show-detail-immediately
48 touch $@
49
50build: ${_BUILD_COOKIE}
51test: ${_TEST_COOKIE}
52
53_MAKE = cd ${.CURDIR} && exec ${.MAKE}
54
55rebuild:
56 rm -f ${_BUILD_COOKIE}
57 ${_MAKE} build
58
59retest:
60 rm -f ${_TEST_COOKIE}
61 ${_MAKE} test
62
63.for _t in test_client_ca
64REGRESS_TARGETS += ${_t}
65REGRESS_EXPECTED_FAILURES += ${_t}
66${_t}: ${_BUILD_COOKIE}
67 cd ${BUILDDIR} && \
68 ${RUBY} -I. -I${OPENSSL_RUBY_TESTS}/test/openssl \
69 -I${OPENSSL_RUBY_TESTS}/lib \
70 ${OPENSSL_RUBY_TESTS}/test/openssl/test_ssl.rb \
71 -n ${_t}
72.endfor
73
74CLEANFILES += ${_BUILD_COOKIE} ${_TEST_COOKIE} ${_BUILDDIR_COOKIE}
75
76. if make(clean) || make(cleandir)
77. if exists(${BUILDDIR})
78.BEGIN:
79 rm -r ${BUILDDIR}
80. endif
81. endif
82
83.PHONY: build rebuild test retest
84
85.endif
86
87.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/pqueue/Makefile b/src/regress/lib/libssl/pqueue/Makefile
deleted file mode 100644
index 48c2cb7e61..0000000000
--- a/src/regress/lib/libssl/pqueue/Makefile
+++ /dev/null
@@ -1,17 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2016/11/04 19:45:12 jsing Exp $
2
3PROG= pq_test
4SRC= ${.CURDIR}/../../../../lib/libssl
5CFLAGS+= -I${SRC}
6
7LDADD= ${SSL_INT} -lcrypto
8DPADD= ${LIBSSL} ${LIBCRYPTO}
9WARNINGS= Yes
10CFLAGS+= -DLIBRESSL_INTERNAL -Werror
11
12REGRESS_TARGETS= regress-pq_test
13
14regress-pq_test: ${PROG}
15 ${.OBJDIR}/pq_test | cmp -s ${.CURDIR}/expected.txt /dev/stdin
16
17.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/pqueue/expected.txt b/src/regress/lib/libssl/pqueue/expected.txt
deleted file mode 100644
index c59d6cd838..0000000000
--- a/src/regress/lib/libssl/pqueue/expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
1item 6966726167696c69
2item 7374696365787069
3item 737570657263616c
diff --git a/src/regress/lib/libssl/pqueue/pq_test.c b/src/regress/lib/libssl/pqueue/pq_test.c
deleted file mode 100644
index a078ba5366..0000000000
--- a/src/regress/lib/libssl/pqueue/pq_test.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* crypto/pqueue/pq_test.c */
2/*
3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
5 */
6/* ====================================================================
7 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * openssl-core@OpenSSL.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include "pqueue.h"
63
64/* remember to change expected.txt if you change these values */
65unsigned char prio1[8] = "supercal";
66unsigned char prio2[8] = "ifragili";
67unsigned char prio3[8] = "sticexpi";
68
69static void
70pqueue_print(pqueue pq)
71{
72 pitem *iter, *item;
73
74 iter = pqueue_iterator(pq);
75 for (item = pqueue_next(&iter); item != NULL;
76 item = pqueue_next(&iter)) {
77 printf("item\t%02x%02x%02x%02x%02x%02x%02x%02x\n",
78 item->priority[0], item->priority[1],
79 item->priority[2], item->priority[3],
80 item->priority[4], item->priority[5],
81 item->priority[6], item->priority[7]);
82 }
83}
84
85int
86main(void)
87{
88 pitem *item;
89 pqueue pq;
90
91 pq = pqueue_new();
92
93 item = pitem_new(prio3, NULL);
94 pqueue_insert(pq, item);
95
96 item = pitem_new(prio1, NULL);
97 pqueue_insert(pq, item);
98
99 item = pitem_new(prio2, NULL);
100 pqueue_insert(pq, item);
101
102 item = pqueue_find(pq, prio1);
103 fprintf(stderr, "found %p\n", item->priority);
104
105 item = pqueue_find(pq, prio2);
106 fprintf(stderr, "found %p\n", item->priority);
107
108 item = pqueue_find(pq, prio3);
109 fprintf(stderr, "found %p\n", item ? item->priority: 0);
110
111 pqueue_print(pq);
112
113 for (item = pqueue_pop(pq); item != NULL; item = pqueue_pop(pq))
114 pitem_free(item);
115
116 pqueue_free(pq);
117 return 0;
118}
diff --git a/src/regress/lib/libssl/quic/Makefile b/src/regress/lib/libssl/quic/Makefile
deleted file mode 100644
index a348b2df47..0000000000
--- a/src/regress/lib/libssl/quic/Makefile
+++ /dev/null
@@ -1,19 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2022/10/02 16:40:56 jsing Exp $
2
3PROG= quictest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6
7WARNINGS= Yes
8CFLAGS+= -DLIBRESSL_INTERNAL -Werror
9
10REGRESS_TARGETS= \
11 regress-quictest
12
13regress-quictest: ${PROG}
14 ./quictest \
15 ${.CURDIR}/../../libssl/certs/server.pem \
16 ${.CURDIR}/../../libssl/certs/server.pem \
17 ${.CURDIR}/../../libssl/certs/ca.pem
18
19.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/quic/quictest.c b/src/regress/lib/libssl/quic/quictest.c
deleted file mode 100644
index cdd4b2387c..0000000000
--- a/src/regress/lib/libssl/quic/quictest.c
+++ /dev/null
@@ -1,339 +0,0 @@
1/* $OpenBSD: quictest.c,v 1.1 2022/08/27 09:16:29 jsing Exp $ */
2/*
3 * Copyright (c) 2020, 2021, 2022 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include <openssl/bio.h>
21#include <openssl/err.h>
22#include <openssl/ssl.h>
23
24const char *server_ca_file;
25const char *server_cert_file;
26const char *server_key_file;
27
28int debug = 0;
29
30static void
31hexdump(const unsigned char *buf, size_t len)
32{
33 size_t i;
34
35 for (i = 1; i <= len; i++)
36 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
37
38 if (len % 8)
39 fprintf(stderr, "\n");
40}
41
42struct quic_data {
43 enum ssl_encryption_level_t rlevel;
44 enum ssl_encryption_level_t wlevel;
45 BIO *rbio;
46 BIO *wbio;
47};
48
49static int
50quic_set_read_secret(SSL *ssl, enum ssl_encryption_level_t level,
51 const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len)
52{
53 struct quic_data *qd = SSL_get_app_data(ssl);
54
55 qd->rlevel = level;
56
57 return 1;
58}
59
60static int
61quic_set_write_secret(SSL *ssl, enum ssl_encryption_level_t level,
62 const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len)
63{
64 struct quic_data *qd = SSL_get_app_data(ssl);
65
66 qd->wlevel = level;
67
68 return 1;
69}
70
71static int
72quic_read_handshake_data(SSL *ssl)
73{
74 struct quic_data *qd = SSL_get_app_data(ssl);
75 uint8_t buf[2048];
76 int ret;
77
78 if ((ret = BIO_read(qd->rbio, buf, sizeof(buf))) > 0) {
79 if (debug > 1) {
80 fprintf(stderr, "== quic_read_handshake_data ==\n");
81 hexdump(buf, ret);
82 }
83 if (!SSL_provide_quic_data(ssl, qd->rlevel, buf, ret))
84 return -1;
85 }
86
87 return 1;
88}
89
90static int
91quic_add_handshake_data(SSL *ssl, enum ssl_encryption_level_t level,
92 const uint8_t *data, size_t len)
93{
94 struct quic_data *qd = SSL_get_app_data(ssl);
95 int ret;
96
97 if (debug > 1) {
98 fprintf(stderr, "== quic_add_handshake_data\n");
99 hexdump(data, len);
100 }
101
102 if ((ret = BIO_write(qd->wbio, data, len)) <= 0)
103 return 0;
104
105 return (size_t)ret == len;
106}
107
108static int
109quic_flush_flight(SSL *ssl)
110{
111 return 1;
112}
113
114static int
115quic_send_alert(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert)
116{
117 return 1;
118}
119
120const SSL_QUIC_METHOD quic_method = {
121 .set_read_secret = quic_set_read_secret,
122 .set_write_secret = quic_set_write_secret,
123 .add_handshake_data = quic_add_handshake_data,
124 .flush_flight = quic_flush_flight,
125 .send_alert = quic_send_alert,
126};
127
128static SSL *
129quic_client(struct quic_data *data)
130{
131 SSL_CTX *ssl_ctx = NULL;
132 SSL *ssl = NULL;
133
134 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
135 errx(1, "client context");
136
137 if (!SSL_CTX_set_quic_method(ssl_ctx, &quic_method)) {
138 fprintf(stderr, "FAIL: Failed to set QUIC method\n");
139 goto failure;
140 }
141
142 if ((ssl = SSL_new(ssl_ctx)) == NULL)
143 errx(1, "client ssl");
144
145 SSL_set_connect_state(ssl);
146 SSL_set_app_data(ssl, data);
147
148 failure:
149 SSL_CTX_free(ssl_ctx);
150
151 return ssl;
152}
153
154static SSL *
155quic_server(struct quic_data *data)
156{
157 SSL_CTX *ssl_ctx = NULL;
158 SSL *ssl = NULL;
159
160 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
161 errx(1, "server context");
162
163 SSL_CTX_set_dh_auto(ssl_ctx, 2);
164
165 if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
166 SSL_FILETYPE_PEM) != 1) {
167 fprintf(stderr, "FAIL: Failed to load server certificate\n");
168 goto failure;
169 }
170 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
171 SSL_FILETYPE_PEM) != 1) {
172 fprintf(stderr, "FAIL: Failed to load server private key\n");
173 goto failure;
174 }
175
176 if (!SSL_CTX_set_quic_method(ssl_ctx, &quic_method)) {
177 fprintf(stderr, "FAIL: Failed to set QUIC method\n");
178 goto failure;
179 }
180
181 if ((ssl = SSL_new(ssl_ctx)) == NULL)
182 errx(1, "server ssl");
183
184 SSL_set_accept_state(ssl);
185 SSL_set_app_data(ssl, data);
186
187 failure:
188 SSL_CTX_free(ssl_ctx);
189
190 return ssl;
191}
192
193static int
194ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret)
195{
196 int ssl_err;
197
198 ssl_err = SSL_get_error(ssl, ssl_ret);
199
200 if (ssl_err == SSL_ERROR_WANT_READ) {
201 if (quic_read_handshake_data(ssl) < 0)
202 return 0;
203 return 1;
204 } else if (ssl_err == SSL_ERROR_WANT_WRITE) {
205 return 1;
206 } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
207 /* Yup, this is apparently a thing... */
208 } else {
209 fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
210 name, desc, ssl_err, errno);
211 ERR_print_errors_fp(stderr);
212 return 0;
213 }
214
215 return 1;
216}
217
218static int
219do_handshake(SSL *ssl, const char *name, int *done)
220{
221 int ssl_ret;
222
223 if ((ssl_ret = SSL_do_handshake(ssl)) == 1) {
224 fprintf(stderr, "INFO: %s handshake done\n", name);
225 *done = 1;
226 return 1;
227 }
228
229 return ssl_error(ssl, name, "handshake", ssl_ret);
230}
231
232typedef int (*ssl_func)(SSL *ssl, const char *name, int *done);
233
234static int
235do_client_server_loop(SSL *client, ssl_func client_func, SSL *server,
236 ssl_func server_func)
237{
238 int client_done = 0, server_done = 0;
239 int i = 0;
240
241 do {
242 if (!client_done) {
243 if (debug)
244 fprintf(stderr, "DEBUG: client loop\n");
245 if (!client_func(client, "client", &client_done))
246 return 0;
247 }
248 if (!server_done) {
249 if (debug)
250 fprintf(stderr, "DEBUG: server loop\n");
251 if (!server_func(server, "server", &server_done))
252 return 0;
253 }
254 } while (i++ < 100 && (!client_done || !server_done));
255
256 if (!client_done || !server_done)
257 fprintf(stderr, "FAIL: gave up\n");
258
259 return client_done && server_done;
260}
261
262static int
263quictest(void)
264{
265 struct quic_data *client_data = NULL, *server_data = NULL;
266 BIO *client_wbio = NULL, *server_wbio = NULL;
267 SSL *client = NULL, *server = NULL;
268 int failed = 1;
269
270 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL)
271 goto failure;
272 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0)
273 goto failure;
274
275 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL)
276 goto failure;
277 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0)
278 goto failure;
279
280 if ((client_data = calloc(1, sizeof(*client_data))) == NULL)
281 goto failure;
282
283 client_data->rbio = server_wbio;
284 client_data->wbio = client_wbio;
285
286 if ((client = quic_client(client_data)) == NULL)
287 goto failure;
288
289 if ((server_data = calloc(1, sizeof(*server_data))) == NULL)
290 goto failure;
291
292 server_data->rbio = client_wbio;
293 server_data->wbio = server_wbio;
294
295 if ((server = quic_server(server_data)) == NULL)
296 goto failure;
297
298 if (!do_client_server_loop(client, do_handshake, server, do_handshake)) {
299 fprintf(stderr, "FAIL: client and server handshake failed\n");
300 ERR_print_errors_fp(stderr);
301 goto failure;
302 }
303
304 fprintf(stderr, "INFO: Done!\n");
305
306 failed = 0;
307
308 failure:
309 BIO_free(client_wbio);
310 BIO_free(server_wbio);
311
312 free(client_data);
313 free(server_data);
314
315 SSL_free(client);
316 SSL_free(server);
317
318 return failed;
319}
320
321int
322main(int argc, char **argv)
323{
324 int failed = 0;
325
326 if (argc != 4) {
327 fprintf(stderr, "usage: %s keyfile certfile cafile\n",
328 argv[0]);
329 exit(1);
330 }
331
332 server_key_file = argv[1];
333 server_cert_file = argv[2];
334 server_ca_file = argv[3];
335
336 failed |= quictest();
337
338 return failed;
339}
diff --git a/src/regress/lib/libssl/record/Makefile b/src/regress/lib/libssl/record/Makefile
deleted file mode 100644
index f0e2bc52a8..0000000000
--- a/src/regress/lib/libssl/record/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2019/01/19 02:57:04 jsing Exp $
2
3PROG= recordtest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/record/recordtest.c b/src/regress/lib/libssl/record/recordtest.c
deleted file mode 100644
index de9bfd6935..0000000000
--- a/src/regress/lib/libssl/record/recordtest.c
+++ /dev/null
@@ -1,555 +0,0 @@
1/* $OpenBSD: recordtest.c,v 1.5 2022/06/10 22:00:15 tb Exp $ */
2/*
3 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <string.h>
20
21#include <openssl/ssl.h>
22
23#include "tls13_internal.h"
24#include "tls13_record.h"
25
26/* Valid record. */
27static uint8_t test_record_1[] = {
28 0x16, 0x03, 0x03, 0x00, 0x7a, 0x02, 0x00, 0x00,
29 0x76, 0x03, 0x03, 0x14, 0xae, 0x2b, 0x6d, 0x58,
30 0xe9, 0x79, 0x9d, 0xd4, 0x90, 0x52, 0x90, 0x13,
31 0x1c, 0x08, 0xaa, 0x3f, 0x5b, 0xfb, 0x64, 0xfe,
32 0x9a, 0xca, 0x73, 0x6d, 0x87, 0x8d, 0x8b, 0x3b,
33 0x70, 0x14, 0xa3, 0x20, 0xd7, 0x50, 0xa4, 0xe5,
34 0x17, 0x42, 0x5d, 0xce, 0xe6, 0xfe, 0x1b, 0x59,
35 0x27, 0x6b, 0xff, 0xc8, 0x40, 0xc7, 0xac, 0x16,
36 0x32, 0xe6, 0x5b, 0xd2, 0xd9, 0xd4, 0xb5, 0x3f,
37 0x8f, 0x74, 0x6e, 0x7d, 0x13, 0x02, 0x00, 0x00,
38 0x2e, 0x00, 0x33, 0x00, 0x24, 0x00, 0x1d, 0x00,
39 0x20, 0x72, 0xb0, 0xaf, 0x7f, 0xf5, 0x89, 0x0f,
40 0xcd, 0x6e, 0x45, 0xb1, 0x51, 0xa0, 0xbd, 0x1e,
41 0xee, 0x7e, 0xf1, 0xa5, 0xc5, 0xc6, 0x7e, 0x5f,
42 0x6a, 0xca, 0xc9, 0xe4, 0xae, 0xb9, 0x50, 0x76,
43 0x0a, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04,
44};
45
46/* Truncated record. */
47static uint8_t test_record_2[] = {
48 0x17, 0x03, 0x03, 0x41, 0x00, 0x02, 0x00, 0x00,
49};
50
51/* Oversized and truncated record. */
52static uint8_t test_record_3[] = {
53 0x17, 0x03, 0x03, 0x41, 0x01, 0x02, 0x00, 0x00,
54};
55
56static void
57hexdump(const unsigned char *buf, size_t len)
58{
59 size_t i;
60
61 for (i = 1; i <= len; i++)
62 fprintf(stderr, " 0x%02x,%s", buf[i - 1], i % 8 ? "" : "\n");
63 if (len % 8 != 0)
64 fprintf(stderr, "\n");
65}
66
67struct rw_state {
68 uint8_t *buf;
69 size_t len;
70 size_t offset;
71 uint8_t eof;
72};
73
74static ssize_t
75read_cb(void *buf, size_t buflen, void *cb_arg)
76{
77 struct rw_state *rs = cb_arg;
78 ssize_t n;
79
80 if (rs->eof)
81 return TLS13_IO_EOF;
82
83 if ((size_t)(n = buflen) > (rs->len - rs->offset))
84 n = rs->len - rs->offset;
85
86 if (n == 0)
87 return TLS13_IO_WANT_POLLIN;
88
89 memcpy(buf, &rs->buf[rs->offset], n);
90 rs->offset += n;
91
92 return n;
93}
94
95static ssize_t
96write_cb(const void *buf, size_t buflen, void *cb_arg)
97{
98 struct rw_state *ws = cb_arg;
99 ssize_t n;
100
101 if (ws->eof)
102 return TLS13_IO_EOF;
103
104 if ((size_t)(n = buflen) > (ws->len - ws->offset))
105 n = ws->len - ws->offset;
106
107 if (n == 0)
108 return TLS13_IO_WANT_POLLOUT;
109
110 memcpy(&ws->buf[ws->offset], buf, n);
111 ws->offset += n;
112
113 return n;
114}
115
116struct record_test {
117 size_t rw_len;
118 int eof;
119 ssize_t want_ret;
120};
121
122struct record_recv_test {
123 uint8_t *read_buf;
124 struct record_test rt[10];
125 uint8_t want_content_type;
126 uint8_t *want_data;
127 size_t want_len;
128};
129
130struct record_recv_test record_recv_tests[] = {
131 {
132 .read_buf = test_record_1,
133 .rt = {
134 {
135 .rw_len = sizeof(test_record_1),
136 .want_ret = sizeof(test_record_1),
137 },
138 },
139 .want_content_type = SSL3_RT_HANDSHAKE,
140 .want_data = test_record_1,
141 .want_len = sizeof(test_record_1),
142 },
143 {
144 .read_buf = test_record_1,
145 .rt = {
146 {
147 .rw_len = 0,
148 .want_ret = TLS13_IO_WANT_POLLIN,
149 },
150 {
151 .rw_len = sizeof(test_record_1),
152 .want_ret = sizeof(test_record_1),
153 },
154 },
155 .want_content_type = SSL3_RT_HANDSHAKE,
156 .want_data = test_record_1,
157 .want_len = sizeof(test_record_1),
158 },
159 {
160 .read_buf = test_record_1,
161 .rt = {
162 {
163 .rw_len = 0,
164 .want_ret = TLS13_IO_WANT_POLLIN,
165 },
166 {
167 .rw_len = 5,
168 .want_ret = TLS13_IO_WANT_POLLIN,
169 },
170 {
171 .rw_len = sizeof(test_record_1),
172 .want_ret = sizeof(test_record_1),
173 },
174 },
175 .want_content_type = SSL3_RT_HANDSHAKE,
176 .want_data = test_record_1,
177 .want_len = sizeof(test_record_1),
178 },
179 {
180 .read_buf = test_record_1,
181 .rt = {
182 {
183 .rw_len = 0,
184 .want_ret = TLS13_IO_WANT_POLLIN,
185 },
186 {
187 .rw_len = 2,
188 .want_ret = TLS13_IO_WANT_POLLIN,
189 },
190 {
191 .rw_len = 6,
192 .want_ret = TLS13_IO_WANT_POLLIN,
193 },
194 {
195 .rw_len = sizeof(test_record_1),
196 .want_ret = sizeof(test_record_1),
197 },
198 },
199 .want_content_type = SSL3_RT_HANDSHAKE,
200 .want_data = test_record_1,
201 .want_len = sizeof(test_record_1),
202 },
203 {
204 .read_buf = test_record_1,
205 .rt = {
206 {
207 .rw_len = 4,
208 .want_ret = TLS13_IO_WANT_POLLIN,
209 },
210 {
211 .eof = 1,
212 .want_ret = TLS13_IO_EOF,
213 },
214 },
215 },
216 {
217 .read_buf = test_record_1,
218 .rt = {
219 {
220 .eof = 1,
221 .want_ret = TLS13_IO_EOF,
222 },
223 },
224 },
225 {
226 .read_buf = test_record_2,
227 .rt = {
228 {
229 .rw_len = sizeof(test_record_2),
230 .want_ret = TLS13_IO_WANT_POLLIN,
231 },
232 {
233 .eof = 1,
234 .want_ret = TLS13_IO_EOF,
235 },
236 },
237 .want_content_type = SSL3_RT_APPLICATION_DATA,
238 },
239 {
240 .read_buf = test_record_3,
241 .rt = {
242 {
243 .rw_len = sizeof(test_record_3),
244 .want_ret = TLS13_IO_RECORD_OVERFLOW,
245 },
246 },
247 },
248};
249
250#define N_RECORD_RECV_TESTS (sizeof(record_recv_tests) / sizeof(record_recv_tests[0]))
251
252struct record_send_test {
253 uint8_t *data;
254 size_t data_len;
255 struct record_test rt[10];
256 uint8_t *want_data;
257 size_t want_len;
258};
259
260struct record_send_test record_send_tests[] = {
261 {
262 .data = test_record_1,
263 .data_len = sizeof(test_record_1),
264 .rt = {
265 {
266 .rw_len = sizeof(test_record_1),
267 .want_ret = sizeof(test_record_1),
268 },
269 },
270 .want_data = test_record_1,
271 .want_len = sizeof(test_record_1),
272 },
273 {
274 .data = test_record_1,
275 .data_len = sizeof(test_record_1),
276 .rt = {
277 {
278 .rw_len = 0,
279 .want_ret = TLS13_IO_WANT_POLLOUT,
280 },
281 {
282 .rw_len = sizeof(test_record_1),
283 .want_ret = sizeof(test_record_1),
284 },
285 },
286 .want_data = test_record_1,
287 .want_len = sizeof(test_record_1),
288 },
289 {
290 .data = test_record_1,
291 .data_len = sizeof(test_record_1),
292 .rt = {
293 {
294 .rw_len = 0,
295 .want_ret = TLS13_IO_WANT_POLLOUT,
296 },
297 {
298 .rw_len = 5,
299 .want_ret = TLS13_IO_WANT_POLLOUT,
300 },
301 {
302 .rw_len = sizeof(test_record_1),
303 .want_ret = sizeof(test_record_1),
304 },
305 },
306 .want_data = test_record_1,
307 .want_len = sizeof(test_record_1),
308 },
309 {
310 .data = test_record_1,
311 .data_len = sizeof(test_record_1),
312 .rt = {
313 {
314 .rw_len = 0,
315 .want_ret = TLS13_IO_WANT_POLLOUT,
316 },
317 {
318 .rw_len = 2,
319 .want_ret = TLS13_IO_WANT_POLLOUT,
320 },
321 {
322 .rw_len = 6,
323 .want_ret = TLS13_IO_WANT_POLLOUT,
324 },
325 {
326 .rw_len = sizeof(test_record_1),
327 .want_ret = sizeof(test_record_1),
328 },
329 },
330 .want_data = test_record_1,
331 .want_len = sizeof(test_record_1),
332 },
333 {
334 .data = test_record_1,
335 .data_len = sizeof(test_record_1),
336 .rt = {
337 {
338 .rw_len = 4,
339 .want_ret = TLS13_IO_WANT_POLLOUT,
340 },
341 {
342 .eof = 1,
343 .want_ret = TLS13_IO_EOF,
344 },
345 },
346 .want_data = test_record_1,
347 .want_len = 4,
348 },
349 {
350 .data = test_record_1,
351 .data_len = sizeof(test_record_1),
352 .rt = {
353 {
354 .rw_len = 0,
355 .want_ret = TLS13_IO_WANT_POLLOUT,
356 },
357 {
358 .eof = 1,
359 .want_ret = TLS13_IO_EOF,
360 },
361 },
362 .want_data = NULL,
363 .want_len = 0,
364 },
365};
366
367#define N_RECORD_SEND_TESTS (sizeof(record_send_tests) / sizeof(record_send_tests[0]))
368
369static int
370test_record_recv(size_t test_no, struct record_recv_test *rrt)
371{
372 struct tls13_record *rec;
373 struct rw_state rs;
374 int failed = 1;
375 ssize_t ret;
376 size_t i;
377 CBS cbs;
378
379 rs.buf = rrt->read_buf;
380 rs.offset = 0;
381
382 if ((rec = tls13_record_new()) == NULL)
383 errx(1, "tls13_record_new");
384
385 for (i = 0; rrt->rt[i].rw_len != 0 || rrt->rt[i].want_ret != 0; i++) {
386 rs.eof = rrt->rt[i].eof;
387 rs.len = rrt->rt[i].rw_len;
388
389 ret = tls13_record_recv(rec, read_cb, &rs);
390 if (ret != rrt->rt[i].want_ret) {
391 fprintf(stderr, "FAIL: Test %zu/%zu - tls_record_recv "
392 "returned %zd, want %zd\n", test_no, i, ret,
393 rrt->rt[i].want_ret);
394 goto failure;
395 }
396 }
397
398 if (tls13_record_content_type(rec) != rrt->want_content_type) {
399 fprintf(stderr, "FAIL: Test %zu - got content type %u, "
400 "want %u\n", test_no, tls13_record_content_type(rec),
401 rrt->want_content_type);
402 goto failure;
403 }
404
405 tls13_record_data(rec, &cbs);
406 if (rrt->want_data == NULL) {
407 if (CBS_data(&cbs) != NULL || CBS_len(&cbs) != 0) {
408 fprintf(stderr, "FAIL: Test %zu - got CBS with data, "
409 "want NULL\n", test_no);
410 goto failure;
411 }
412 goto done;
413 }
414 if (!CBS_mem_equal(&cbs, rrt->want_data, rrt->want_len)) {
415 fprintf(stderr, "FAIL: Test %zu - data mismatch\n", test_no);
416 fprintf(stderr, "Got record data:\n");
417 hexdump(CBS_data(&cbs), CBS_len(&cbs));
418 fprintf(stderr, "Want record data:\n");
419 hexdump(rrt->want_data, rrt->want_len);
420 goto failure;
421 }
422
423 if (!tls13_record_header(rec, &cbs)) {
424 fprintf(stderr, "FAIL: Test %zu - fail to get record "
425 "header", test_no);
426 goto failure;
427 }
428 if (!CBS_mem_equal(&cbs, rrt->want_data, TLS13_RECORD_HEADER_LEN)) {
429 fprintf(stderr, "FAIL: Test %zu - header mismatch\n", test_no);
430 fprintf(stderr, "Got record header:\n");
431 hexdump(CBS_data(&cbs), CBS_len(&cbs));
432 fprintf(stderr, "Want record header:\n");
433 hexdump(rrt->want_data, rrt->want_len);
434 goto failure;
435 }
436
437 if (!tls13_record_content(rec, &cbs)) {
438 fprintf(stderr, "FAIL: Test %zu - fail to get record "
439 "content", test_no);
440 goto failure;
441 }
442 if (!CBS_mem_equal(&cbs, rrt->want_data + TLS13_RECORD_HEADER_LEN,
443 rrt->want_len - TLS13_RECORD_HEADER_LEN)) {
444 fprintf(stderr, "FAIL: Test %zu - content mismatch\n", test_no);
445 fprintf(stderr, "Got record content:\n");
446 hexdump(CBS_data(&cbs), CBS_len(&cbs));
447 fprintf(stderr, "Want record content:\n");
448 hexdump(rrt->want_data, rrt->want_len);
449 goto failure;
450 }
451
452 done:
453 failed = 0;
454
455 failure:
456 tls13_record_free(rec);
457
458 return failed;
459}
460
461static int
462test_record_send(size_t test_no, struct record_send_test *rst)
463{
464 uint8_t *data = NULL;
465 struct tls13_record *rec;
466 struct rw_state ws;
467 int failed = 1;
468 ssize_t ret;
469 size_t i;
470
471 if ((ws.buf = malloc(TLS13_RECORD_MAX_LEN)) == NULL)
472 errx(1, "malloc");
473
474 ws.offset = 0;
475
476 if ((rec = tls13_record_new()) == NULL)
477 errx(1, "tls13_record_new");
478
479 if ((data = malloc(rst->data_len)) == NULL)
480 errx(1, "malloc");
481 memcpy(data, rst->data, rst->data_len);
482
483 if (!tls13_record_set_data(rec, data, rst->data_len)) {
484 fprintf(stderr, "FAIL: Test %zu - failed to set record data\n",
485 test_no);
486 goto failure;
487 }
488 data = NULL;
489
490 for (i = 0; rst->rt[i].rw_len != 0 || rst->rt[i].want_ret != 0; i++) {
491 ws.eof = rst->rt[i].eof;
492 ws.len = rst->rt[i].rw_len;
493
494 ret = tls13_record_send(rec, write_cb, &ws);
495 if (ret != rst->rt[i].want_ret) {
496 fprintf(stderr, "FAIL: Test %zu/%zu - tls_record_send "
497 "returned %zd, want %zd\n", test_no, i, ret,
498 rst->rt[i].want_ret);
499 goto failure;
500 }
501 }
502
503 if (rst->want_data != NULL &&
504 memcmp(ws.buf, rst->want_data, rst->want_len) != 0) {
505 fprintf(stderr, "FAIL: Test %zu - content mismatch\n", test_no);
506 fprintf(stderr, "Got record data:\n");
507 hexdump(rst->data, rst->data_len);
508 fprintf(stderr, "Want record data:\n");
509 hexdump(rst->want_data, rst->want_len);
510 goto failure;
511 }
512
513 failed = 0;
514
515 failure:
516 tls13_record_free(rec);
517 free(ws.buf);
518
519 return failed;
520}
521
522static int
523test_recv_records(void)
524{
525 int failed = 0;
526 size_t i;
527
528 for (i = 0; i < N_RECORD_RECV_TESTS; i++)
529 failed |= test_record_recv(i, &record_recv_tests[i]);
530
531 return failed;
532}
533
534static int
535test_send_records(void)
536{
537 int failed = 0;
538 size_t i;
539
540 for (i = 0; i < N_RECORD_SEND_TESTS; i++)
541 failed |= test_record_send(i, &record_send_tests[i]);
542
543 return failed;
544}
545
546int
547main(int argc, char **argv)
548{
549 int failed = 0;
550
551 failed |= test_recv_records();
552 failed |= test_send_records();
553
554 return failed;
555}
diff --git a/src/regress/lib/libssl/record_layer/Makefile b/src/regress/lib/libssl/record_layer/Makefile
deleted file mode 100644
index 66c48dd769..0000000000
--- a/src/regress/lib/libssl/record_layer/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2020/03/13 16:04:31 jsing Exp $
2
3PROG= record_layer_test
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/record_layer/record_layer_test.c b/src/regress/lib/libssl/record_layer/record_layer_test.c
deleted file mode 100644
index 95f13b8cc7..0000000000
--- a/src/regress/lib/libssl/record_layer/record_layer_test.c
+++ /dev/null
@@ -1,306 +0,0 @@
1/* $OpenBSD: record_layer_test.c,v 1.5 2022/06/10 22:00:15 tb Exp $ */
2/*
3 * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <string.h>
20
21#include "ssl_locl.h"
22#include "tls13_internal.h"
23#include "tls13_record.h"
24
25int tls12_record_layer_inc_seq_num(struct tls12_record_layer *rl,
26 uint8_t *seq_num);
27int tls13_record_layer_inc_seq_num(uint8_t *seq_num);
28
29static void
30hexdump(const unsigned char *buf, size_t len)
31{
32 size_t i;
33
34 for (i = 1; i <= len; i++)
35 fprintf(stderr, " 0x%02x,%s", buf[i - 1], i % 8 ? "" : "\n");
36 if (len % 8 != 0)
37 fprintf(stderr, "\n");
38}
39
40struct seq_num_test {
41 uint8_t seq_num[TLS13_RECORD_SEQ_NUM_LEN];
42 uint8_t want_num[TLS13_RECORD_SEQ_NUM_LEN];
43 int want;
44};
45
46struct seq_num_test seq_num_dtls_tests[] = {
47 {
48 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
49 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
50 .want = 1,
51 },
52 {
53 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
54 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02},
55 .want = 1,
56 },
57 {
58 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfe},
59 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
60 .want = 1,
61 },
62 {
63 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
64 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00},
65 .want = 1,
66 },
67 {
68 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00},
69 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01},
70 .want = 1,
71 },
72 {
73 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xff},
74 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00},
75 .want = 1,
76 },
77 {
78 .seq_num = {0xab, 0xcd, 0xef, 0x00, 0xfe, 0xff, 0xff, 0xff},
79 .want_num = {0xab, 0xcd, 0xef, 0x00, 0xff, 0x00, 0x00, 0x00},
80 .want = 1,
81 },
82 {
83 .seq_num = {0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
84 .want_num = {0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
85 .want = 0,
86 },
87 {
88 .seq_num = {0x01, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff},
89 .want_num = {0x01, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00},
90 .want = 1,
91 },
92 {
93 .seq_num = {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe},
94 .want_num = {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
95 .want = 1,
96 },
97 {
98 .seq_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
99 .want_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
100 .want = 1,
101 },
102 {
103 .seq_num = {0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
104 .want_num = {0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
105 .want = 0,
106 },
107 {
108 .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe},
109 .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
110 .want = 1,
111 },
112 {
113 .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
114 .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
115 .want = 0,
116 },
117};
118
119#define N_SEQ_NUM_DTLS_TESTS \
120 (sizeof(seq_num_dtls_tests) / sizeof(seq_num_dtls_tests[0]))
121
122struct seq_num_test seq_num_tls_tests[] = {
123 {
124 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
125 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
126 .want = 1,
127 },
128 {
129 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
130 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02},
131 .want = 1,
132 },
133 {
134 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfe},
135 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
136 .want = 1,
137 },
138 {
139 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
140 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00},
141 .want = 1,
142 },
143 {
144 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00},
145 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01},
146 .want = 1,
147 },
148 {
149 .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xff},
150 .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00},
151 .want = 1,
152 },
153 {
154 .seq_num = {0xab, 0xcd, 0xef, 0x00, 0xfe, 0xff, 0xff, 0xff},
155 .want_num = {0xab, 0xcd, 0xef, 0x00, 0xff, 0x00, 0x00, 0x00},
156 .want = 1,
157 },
158 {
159 .seq_num = {0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
160 .want_num = {0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
161 .want = 1,
162 },
163 {
164 .seq_num = {0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
165 .want_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
166 .want = 1,
167 },
168 {
169 .seq_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
170 .want_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
171 .want = 1,
172 },
173 {
174 .seq_num = {0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
175 .want_num = {0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
176 .want = 1,
177 },
178 {
179 .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe},
180 .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
181 .want = 1,
182 },
183 {
184 .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
185 .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
186 .want = 0,
187 },
188};
189
190#define N_SEQ_NUM_TLS_TESTS \
191 (sizeof(seq_num_tls_tests) / sizeof(seq_num_tls_tests[0]))
192
193#ifndef TLS12_RECORD_SEQ_NUM_LEN
194#define TLS12_RECORD_SEQ_NUM_LEN 8
195#endif
196
197static int
198do_seq_num_test_tls12(size_t test_no, int dtls, struct seq_num_test *snt)
199{
200 uint8_t seq_num[TLS12_RECORD_SEQ_NUM_LEN];
201 struct tls12_record_layer *rl;
202 int failed = 1;
203 int ret;
204
205 if ((rl = tls12_record_layer_new()) == NULL)
206 errx(1, "tls12_record_layer_new");
207
208 if (dtls)
209 tls12_record_layer_set_version(rl, DTLS1_2_VERSION);
210
211 memcpy(seq_num, snt->seq_num, sizeof(seq_num));
212
213 if ((ret = tls12_record_layer_inc_seq_num(rl, seq_num)) != snt->want) {
214 fprintf(stderr, "FAIL: Test %zu - got return %d, want %d\n",
215 test_no, ret, snt->want);
216 goto failure;
217 }
218
219 if (memcmp(seq_num, snt->want_num, sizeof(seq_num)) != 0) {
220 fprintf(stderr, "FAIL: Test %zu - got sequence number:\n",
221 test_no);
222 hexdump(seq_num, sizeof(seq_num));
223 fprintf(stderr, "want:\n");
224 hexdump(snt->want_num, sizeof(snt->want_num));
225 goto failure;
226 }
227
228 failed = 0;
229
230 failure:
231 tls12_record_layer_free(rl);
232
233 return failed;
234}
235
236static int
237test_seq_num_tls12(void)
238{
239 int failed = 0;
240 size_t i;
241
242 fprintf(stderr, "Running TLSv1.2 sequence number tests...\n");
243 for (i = 0; i < N_SEQ_NUM_TLS_TESTS; i++)
244 failed |= do_seq_num_test_tls12(i, 0, &seq_num_tls_tests[i]);
245
246 fprintf(stderr, "Running DTLSv1.2 sequence number tests...\n");
247 for (i = 0; i < N_SEQ_NUM_DTLS_TESTS; i++)
248 failed |= do_seq_num_test_tls12(i, 1, &seq_num_dtls_tests[i]);
249
250 return failed;
251}
252
253static int
254do_seq_num_test_tls13(size_t test_no, struct seq_num_test *snt)
255{
256 uint8_t seq_num[TLS13_RECORD_SEQ_NUM_LEN];
257 int failed = 1;
258 int ret;
259
260 memcpy(seq_num, snt->seq_num, sizeof(seq_num));
261
262 if ((ret = tls13_record_layer_inc_seq_num(seq_num)) != snt->want) {
263 fprintf(stderr, "FAIL: Test %zu - got return %d, want %d\n",
264 test_no, ret, snt->want);
265 goto failure;
266 }
267
268 if (memcmp(seq_num, snt->want_num, sizeof(seq_num)) != 0) {
269 fprintf(stderr, "FAIL: Test %zu - got sequence number:\n",
270 test_no);
271 hexdump(seq_num, sizeof(seq_num));
272 fprintf(stderr, "want:\n");
273 hexdump(snt->want_num, sizeof(snt->want_num));
274 goto failure;
275 }
276
277 failed = 0;
278
279 failure:
280 return failed;
281}
282
283static int
284test_seq_num_tls13(void)
285{
286 int failed = 0;
287 size_t i;
288
289 fprintf(stderr, "Running TLSv1.3 sequence number tests...\n");
290
291 for (i = 0; i < N_SEQ_NUM_TLS_TESTS; i++)
292 failed |= do_seq_num_test_tls13(i, &seq_num_tls_tests[i]);
293
294 return failed;
295}
296
297int
298main(int argc, char **argv)
299{
300 int failed = 0;
301
302 failed |= test_seq_num_tls12();
303 failed |= test_seq_num_tls13();
304
305 return failed;
306}
diff --git a/src/regress/lib/libssl/server/Makefile b/src/regress/lib/libssl/server/Makefile
deleted file mode 100644
index 0621a5f243..0000000000
--- a/src/regress/lib/libssl/server/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2020/05/11 18:18:21 jsing Exp $
2
3PROG= servertest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9REGRESS_TARGETS= \
10 regress-servertest
11
12regress-servertest: ${PROG}
13 ./servertest \
14 ${.CURDIR}/../../libssl/certs/server.pem \
15 ${.CURDIR}/../../libssl/certs/server.pem \
16 ${.CURDIR}/../../libssl/certs/ca.pem
17
18.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/server/servertest.c b/src/regress/lib/libssl/server/servertest.c
deleted file mode 100644
index 3367836dbd..0000000000
--- a/src/regress/lib/libssl/server/servertest.c
+++ /dev/null
@@ -1,203 +0,0 @@
1/* $OpenBSD: servertest.c,v 1.7 2022/06/10 22:00:15 tb Exp $ */
2/*
3 * Copyright (c) 2015, 2016, 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include <openssl/err.h>
21#include <openssl/dtls1.h>
22#include <openssl/ssl3.h>
23
24#include <err.h>
25#include <stdio.h>
26#include <string.h>
27
28const SSL_METHOD *tls_legacy_method(void);
29
30char *server_ca_file;
31char *server_cert_file;
32char *server_key_file;
33
34static unsigned char sslv2_client_hello_tls10[] = {
35 0x80, 0x6a, 0x01, 0x03, 0x01, 0x00, 0x51, 0x00,
36 0x00, 0x00, 0x10, 0x00, 0x00, 0x39, 0x00, 0x00,
37 0x38, 0x00, 0x00, 0x35, 0x00, 0x00, 0x16, 0x00,
38 0x00, 0x13, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x33,
39 0x00, 0x00, 0x32, 0x00, 0x00, 0x2f, 0x00, 0x00,
40 0x07, 0x00, 0x00, 0x66, 0x00, 0x00, 0x05, 0x00,
41 0x00, 0x04, 0x00, 0x00, 0x63, 0x00, 0x00, 0x62,
42 0x00, 0x00, 0x61, 0x00, 0x00, 0x15, 0x00, 0x00,
43 0x12, 0x00, 0x00, 0x09, 0x00, 0x00, 0x65, 0x00,
44 0x00, 0x64, 0x00, 0x00, 0x60, 0x00, 0x00, 0x14,
45 0x00, 0x00, 0x11, 0x00, 0x00, 0x08, 0x00, 0x00,
46 0x06, 0x00, 0x00, 0x03, 0xdd, 0xb6, 0x59, 0x26,
47 0x46, 0xe6, 0x79, 0x77, 0xf4, 0xec, 0x42, 0x76,
48 0xc8, 0x73, 0xad, 0x9c,
49};
50
51static unsigned char sslv2_client_hello_tls12[] = {
52 0x80, 0xcb, 0x01, 0x03, 0x03, 0x00, 0xa2, 0x00,
53 0x00, 0x00, 0x20, 0x00, 0x00, 0xa5, 0x00, 0x00,
54 0xa3, 0x00, 0x00, 0xa1, 0x00, 0x00, 0x9f, 0x00,
55 0x00, 0x6b, 0x00, 0x00, 0x6a, 0x00, 0x00, 0x69,
56 0x00, 0x00, 0x68, 0x00, 0x00, 0x39, 0x00, 0x00,
57 0x38, 0x00, 0x00, 0x37, 0x00, 0x00, 0x36, 0x00,
58 0x00, 0x88, 0x00, 0x00, 0x87, 0x00, 0x00, 0x86,
59 0x00, 0x00, 0x85, 0x00, 0x00, 0x9d, 0x00, 0x00,
60 0x3d, 0x00, 0x00, 0x35, 0x00, 0x00, 0x84, 0x00,
61 0x00, 0xa4, 0x00, 0x00, 0xa2, 0x00, 0x00, 0xa0,
62 0x00, 0x00, 0x9e, 0x00, 0x00, 0x67, 0x00, 0x00,
63 0x40, 0x00, 0x00, 0x3f, 0x00, 0x00, 0x3e, 0x00,
64 0x00, 0x33, 0x00, 0x00, 0x32, 0x00, 0x00, 0x31,
65 0x00, 0x00, 0x30, 0x00, 0x00, 0x9a, 0x00, 0x00,
66 0x99, 0x00, 0x00, 0x98, 0x00, 0x00, 0x97, 0x00,
67 0x00, 0x45, 0x00, 0x00, 0x44, 0x00, 0x00, 0x43,
68 0x00, 0x00, 0x42, 0x00, 0x00, 0x9c, 0x00, 0x00,
69 0x3c, 0x00, 0x00, 0x2f, 0x00, 0x00, 0x96, 0x00,
70 0x00, 0x41, 0x00, 0x00, 0x07, 0x00, 0x00, 0x05,
71 0x00, 0x00, 0x04, 0x00, 0x00, 0x16, 0x00, 0x00,
72 0x13, 0x00, 0x00, 0x10, 0x00, 0x00, 0x0d, 0x00,
73 0x00, 0x0a, 0x00, 0x00, 0xff, 0x1d, 0xfd, 0x90,
74 0x03, 0x61, 0x3c, 0x5a, 0x22, 0x83, 0xed, 0x11,
75 0x85, 0xf4, 0xea, 0x36, 0x59, 0xd9, 0x1b, 0x27,
76 0x22, 0x01, 0x14, 0x07, 0x66, 0xb2, 0x24, 0xf5,
77 0x4e, 0x7d, 0x9d, 0x9c, 0x52,
78};
79
80struct server_hello_test {
81 const unsigned char *desc;
82 unsigned char *client_hello;
83 const size_t client_hello_len;
84 const SSL_METHOD *(*ssl_method)(void);
85 const long ssl_clear_options;
86 const long ssl_set_options;
87};
88
89static struct server_hello_test server_hello_tests[] = {
90 {
91 .desc = "TLSv1.0 in SSLv2 record",
92 .client_hello = sslv2_client_hello_tls10,
93 .client_hello_len = sizeof(sslv2_client_hello_tls10),
94 .ssl_method = tls_legacy_method,
95 .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
96 .ssl_set_options = 0,
97 },
98 {
99 .desc = "TLSv1.2 in SSLv2 record",
100 .client_hello = sslv2_client_hello_tls12,
101 .client_hello_len = sizeof(sslv2_client_hello_tls12),
102 .ssl_method = tls_legacy_method,
103 .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
104 .ssl_set_options = 0,
105 },
106};
107
108#define N_SERVER_HELLO_TESTS \
109 (sizeof(server_hello_tests) / sizeof(*server_hello_tests))
110
111static int
112server_hello_test(int testno, struct server_hello_test *sht)
113{
114 BIO *rbio = NULL, *wbio = NULL;
115 SSL_CTX *ssl_ctx = NULL;
116 SSL *ssl = NULL;
117 int ret = 1;
118
119 fprintf(stderr, "Test %d - %s\n", testno, sht->desc);
120
121 if ((rbio = BIO_new_mem_buf(sht->client_hello,
122 sht->client_hello_len)) == NULL) {
123 fprintf(stderr, "Failed to setup rbio\n");
124 goto failure;
125 }
126 if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
127 fprintf(stderr, "Failed to setup wbio\n");
128 goto failure;
129 }
130
131 if ((ssl_ctx = SSL_CTX_new(sht->ssl_method())) == NULL) {
132 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
133 goto failure;
134 }
135
136 if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
137 SSL_FILETYPE_PEM) != 1) {
138 fprintf(stderr, "Failed to load server certificate");
139 goto failure;
140 }
141 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
142 SSL_FILETYPE_PEM) != 1) {
143 fprintf(stderr, "Failed to load server private key");
144 goto failure;
145 }
146
147 SSL_CTX_set_dh_auto(ssl_ctx, 1);
148 SSL_CTX_set_ecdh_auto(ssl_ctx, 1);
149
150 SSL_CTX_clear_options(ssl_ctx, sht->ssl_clear_options);
151 SSL_CTX_set_options(ssl_ctx, sht->ssl_set_options);
152
153 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
154 fprintf(stderr, "SSL_new() returned NULL\n");
155 goto failure;
156 }
157
158 BIO_up_ref(rbio);
159 BIO_up_ref(wbio);
160 SSL_set_bio(ssl, rbio, wbio);
161
162 if (SSL_accept(ssl) != 0) {
163 fprintf(stderr, "SSL_accept() returned non-zero\n");
164 ERR_print_errors_fp(stderr);
165 goto failure;
166 }
167
168 ret = 0;
169
170 failure:
171 SSL_CTX_free(ssl_ctx);
172 SSL_free(ssl);
173
174 BIO_free(rbio);
175 BIO_free(wbio);
176
177 return (ret);
178}
179
180int
181main(int argc, char **argv)
182{
183 int failed = 0;
184 size_t i;
185
186 if (argc != 4) {
187 fprintf(stderr, "usage: %s keyfile certfile cafile\n",
188 argv[0]);
189 exit(1);
190 }
191
192 server_key_file = argv[1];
193 server_cert_file = argv[2];
194 server_ca_file = argv[3];
195
196 SSL_library_init();
197 SSL_load_error_strings();
198
199 for (i = 0; i < N_SERVER_HELLO_TESTS; i++)
200 failed |= server_hello_test(i, &server_hello_tests[i]);
201
202 return (failed);
203}
diff --git a/src/regress/lib/libssl/ssl/Makefile b/src/regress/lib/libssl/ssl/Makefile
deleted file mode 100644
index 91abaae85e..0000000000
--- a/src/regress/lib/libssl/ssl/Makefile
+++ /dev/null
@@ -1,17 +0,0 @@
1# $OpenBSD: Makefile,v 1.5 2022/07/07 11:40:17 tb Exp $
2
3PROG= ssltest
4LDADD= -lcrypto -lssl
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10REGRESS_TARGETS=regress-ssltest
11
12regress-ssltest: ${PROG}
13 sh ${.CURDIR}/testssl \
14 ${.CURDIR}/../certs/server1-rsa.pem ${.CURDIR}/../certs/server1-rsa-chain.pem \
15 ${.CURDIR}/../certs/ca-root-rsa.pem
16
17.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/ssl/ssltest.c b/src/regress/lib/libssl/ssl/ssltest.c
deleted file mode 100644
index ff5a584d6c..0000000000
--- a/src/regress/lib/libssl/ssl/ssltest.c
+++ /dev/null
@@ -1,1951 +0,0 @@
1/* $OpenBSD: ssltest.c,v 1.35 2022/07/07 13:10:22 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143#define _BSD_SOURCE 1 /* Or gethostname won't be declared properly
144 on Linux and GNU platforms. */
145#include <sys/types.h>
146#include <sys/socket.h>
147
148#include <netinet/in.h>
149
150#include <assert.h>
151#include <errno.h>
152#include <limits.h>
153#include <netdb.h>
154#include <stdio.h>
155#include <stdlib.h>
156#include <string.h>
157#include <time.h>
158#include <unistd.h>
159
160#include <ctype.h>
161
162#include <openssl/opensslconf.h>
163#include <openssl/bio.h>
164#include <openssl/crypto.h>
165#include <openssl/evp.h>
166#include <openssl/x509.h>
167#include <openssl/x509v3.h>
168#include <openssl/ssl.h>
169#ifndef OPENSSL_NO_ENGINE
170#include <openssl/engine.h>
171#endif
172#include <openssl/err.h>
173#include <openssl/rand.h>
174#include <openssl/rsa.h>
175#include <openssl/dsa.h>
176#include <openssl/dh.h>
177#include <openssl/bn.h>
178
179#include "ssl_locl.h"
180
181#define TEST_SERVER_CERT "../apps/server.pem"
182#define TEST_CLIENT_CERT "../apps/client.pem"
183
184static int verify_callback(int ok, X509_STORE_CTX *ctx);
185static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
186#define APP_CALLBACK_STRING "Test Callback Argument"
187struct app_verify_arg {
188 char *string;
189 int app_verify;
190 int allow_proxy_certs;
191 char *proxy_auth;
192 char *proxy_cond;
193};
194
195static DH *get_dh1024(void);
196static DH *get_dh1024dsa(void);
197
198static BIO *bio_err = NULL;
199static BIO *bio_stdout = NULL;
200
201static const char *alpn_client;
202static const char *alpn_server;
203static const char *alpn_expected;
204static unsigned char *alpn_selected;
205
206/*
207 * next_protos_parse parses a comma separated list of strings into a string
208 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
209 * outlen: (output) set to the length of the resulting buffer on success.
210 * err: (maybe NULL) on failure, an error message line is written to this BIO.
211 * in: a NUL terminated string like "abc,def,ghi"
212 *
213 * returns: a malloced buffer or NULL on failure.
214 */
215static unsigned char *
216next_protos_parse(unsigned short *outlen, const char *in)
217{
218 size_t i, len, start = 0;
219 unsigned char *out;
220
221 len = strlen(in);
222 if (len >= 65535)
223 return (NULL);
224
225 if ((out = malloc(strlen(in) + 1)) == NULL)
226 return (NULL);
227
228 for (i = 0; i <= len; ++i) {
229 if (i == len || in[i] == ',') {
230 if (i - start > 255) {
231 free(out);
232 return (NULL);
233 }
234 out[start] = i - start;
235 start = i + 1;
236 } else
237 out[i+1] = in[i];
238 }
239 *outlen = len + 1;
240 return (out);
241}
242
243static int
244cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen,
245 const unsigned char *in, unsigned int inlen, void *arg)
246{
247 unsigned char *protos;
248 unsigned short protos_len;
249
250 if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) {
251 fprintf(stderr,
252 "failed to parser ALPN server protocol string: %s\n",
253 alpn_server);
254 abort();
255 }
256
257 if (SSL_select_next_proto((unsigned char **)out, outlen, protos,
258 protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) {
259 free(protos);
260 return (SSL_TLSEXT_ERR_NOACK);
261 }
262
263 /*
264 * Make a copy of the selected protocol which will be freed in
265 * verify_alpn.
266 */
267 if ((alpn_selected = malloc(*outlen)) == NULL) {
268 fprintf(stderr, "malloc failed\n");
269 abort();
270 }
271 memcpy(alpn_selected, *out, *outlen);
272 *out = alpn_selected;
273 free(protos);
274
275 return (SSL_TLSEXT_ERR_OK);
276}
277
278static int
279verify_alpn(SSL *client, SSL *server)
280{
281 const unsigned char *client_proto, *server_proto;
282 unsigned int client_proto_len = 0, server_proto_len = 0;
283
284 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
285 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
286
287 free(alpn_selected);
288 alpn_selected = NULL;
289
290 if (client_proto_len != server_proto_len ||
291 memcmp(client_proto, server_proto, client_proto_len) != 0) {
292 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
293 goto err;
294 }
295
296 if (client_proto_len > 0 && alpn_expected == NULL) {
297 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
298 goto err;
299 }
300
301 if (alpn_expected != NULL &&
302 (client_proto_len != strlen(alpn_expected) ||
303 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
304 BIO_printf(bio_stdout, "ALPN selected protocols not equal to "
305 "expected protocol: %s\n", alpn_expected);
306 goto err;
307 }
308
309 return (0);
310
311err:
312 BIO_printf(bio_stdout, "ALPN results: client: '");
313 BIO_write(bio_stdout, client_proto, client_proto_len);
314 BIO_printf(bio_stdout, "', server: '");
315 BIO_write(bio_stdout, server_proto, server_proto_len);
316 BIO_printf(bio_stdout, "'\n");
317 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
318 alpn_client, alpn_server);
319
320 return (-1);
321}
322
323static char *cipher = NULL;
324static int verbose = 0;
325static int debug = 0;
326
327int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
328 clock_t *c_time);
329int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
330
331static void
332sv_usage(void)
333{
334 fprintf(stderr, "usage: ssltest [args ...]\n");
335 fprintf(stderr, "\n");
336 fprintf(stderr, " -server_auth - check server certificate\n");
337 fprintf(stderr, " -client_auth - do client authentication\n");
338 fprintf(stderr, " -proxy - allow proxy certificates\n");
339 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
340 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n");
341 fprintf(stderr, " -v - more output\n");
342 fprintf(stderr, " -d - debug output\n");
343 fprintf(stderr, " -reuse - use session-id reuse\n");
344 fprintf(stderr, " -num <val> - number of connections to perform\n");
345 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n");
346 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
347 fprintf(stderr, " -no_dhe - disable DHE\n");
348 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
349 fprintf(stderr, " -dtls1 - use DTLSv1\n");
350 fprintf(stderr, " -tls1 - use TLSv1\n");
351 fprintf(stderr, " -tls1_2 - use TLSv1.2\n");
352 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
353 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
354 fprintf(stderr, " -cert arg - Server certificate file\n");
355 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n");
356 fprintf(stderr, " -c_cert arg - Client certificate file\n");
357 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n");
358 fprintf(stderr, " -cipher arg - The cipher list\n");
359 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
360 fprintf(stderr, " -f - Test even cases that can't work\n");
361 fprintf(stderr, " -time - measure processor time used by client and server\n");
362 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \
363 " Use \"openssl ecparam -list_curves\" for all names\n" \
364 " (default is sect163r2).\n");
365 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
366 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
367 fprintf(stderr, " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
368}
369
370static void
371print_details(SSL *c_ssl, const char *prefix)
372{
373 const SSL_CIPHER *ciph;
374 X509 *cert = NULL;
375 EVP_PKEY *pkey;
376
377 ciph = SSL_get_current_cipher(c_ssl);
378 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
379 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph),
380 SSL_CIPHER_get_name(ciph));
381
382 if ((cert = SSL_get_peer_certificate(c_ssl)) == NULL)
383 goto out;
384 if ((pkey = X509_get0_pubkey(cert)) == NULL)
385 goto out;
386 if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) {
387 RSA *rsa;
388
389 if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL)
390 goto out;
391
392 BIO_printf(bio_stdout, ", %d bit RSA", RSA_bits(rsa));
393 } else if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) {
394 DSA *dsa;
395 const BIGNUM *p;
396
397 if ((dsa = EVP_PKEY_get0_DSA(pkey)) == NULL)
398 goto out;
399
400 DSA_get0_pqg(dsa, &p, NULL, NULL);
401
402 BIO_printf(bio_stdout, ", %d bit DSA", BN_num_bits(p));
403 }
404
405 out:
406 /*
407 * The SSL API does not allow us to look at temporary RSA/DH keys,
408 * otherwise we should print their lengths too
409 */
410 BIO_printf(bio_stdout, "\n");
411
412 X509_free(cert);
413}
414
415int
416main(int argc, char *argv[])
417{
418 char *CApath = NULL, *CAfile = NULL;
419 int badop = 0;
420 int bio_pair = 0;
421 int force = 0;
422 int tls1 = 0, tls1_2 = 0, dtls1 = 0, ret = 1;
423 int client_auth = 0;
424 int server_auth = 0, i;
425 struct app_verify_arg app_verify_arg =
426 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
427 char *server_cert = TEST_SERVER_CERT;
428 char *server_key = NULL;
429 char *client_cert = TEST_CLIENT_CERT;
430 char *client_key = NULL;
431 char *named_curve = NULL;
432 SSL_CTX *s_ctx = NULL;
433 SSL_CTX *c_ctx = NULL;
434 const SSL_METHOD *meth = NULL;
435 SSL *c_ssl, *s_ssl;
436 int number = 1, reuse = 0;
437 int seclevel = 0;
438 long bytes = 256L;
439 DH *dh;
440 int dhe1024dsa = 0;
441 EC_KEY *ecdh = NULL;
442 int no_dhe = 0;
443 int no_ecdhe = 0;
444 int print_time = 0;
445 clock_t s_time = 0, c_time = 0;
446
447 verbose = 0;
448 debug = 0;
449 cipher = 0;
450
451 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT);
452
453 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT);
454
455 argc--;
456 argv++;
457
458 while (argc >= 1) {
459 if (!strcmp(*argv, "-F")) {
460 fprintf(stderr, "not compiled with FIPS support, so exiting without running.\n");
461 exit(0);
462 } else if (strcmp(*argv, "-server_auth") == 0)
463 server_auth = 1;
464 else if (strcmp(*argv, "-client_auth") == 0)
465 client_auth = 1;
466 else if (strcmp(*argv, "-proxy_auth") == 0) {
467 if (--argc < 1)
468 goto bad;
469 app_verify_arg.proxy_auth= *(++argv);
470 } else if (strcmp(*argv, "-proxy_cond") == 0) {
471 if (--argc < 1)
472 goto bad;
473 app_verify_arg.proxy_cond= *(++argv);
474 } else if (strcmp(*argv, "-v") == 0)
475 verbose = 1;
476 else if (strcmp(*argv, "-d") == 0)
477 debug = 1;
478 else if (strcmp(*argv, "-reuse") == 0)
479 reuse = 1;
480 else if (strcmp(*argv, "-dhe1024dsa") == 0) {
481 dhe1024dsa = 1;
482 } else if (strcmp(*argv, "-no_dhe") == 0)
483 no_dhe = 1;
484 else if (strcmp(*argv, "-no_ecdhe") == 0)
485 no_ecdhe = 1;
486 else if (strcmp(*argv, "-dtls1") == 0)
487 dtls1 = 1;
488 else if (strcmp(*argv, "-tls1") == 0)
489 tls1 = 1;
490 else if (strcmp(*argv, "-tls1_2") == 0)
491 tls1_2 = 1;
492 else if (strncmp(*argv, "-num", 4) == 0) {
493 if (--argc < 1)
494 goto bad;
495 number = atoi(*(++argv));
496 if (number == 0)
497 number = 1;
498 } else if (strncmp(*argv, "-seclevel", 9) == 0) {
499 if (--argc < 1)
500 goto bad;
501 seclevel = atoi(*(++argv));
502 } else if (strcmp(*argv, "-bytes") == 0) {
503 if (--argc < 1)
504 goto bad;
505 bytes = atol(*(++argv));
506 if (bytes == 0L)
507 bytes = 1L;
508 i = strlen(argv[0]);
509 if (argv[0][i - 1] == 'k')
510 bytes*=1024L;
511 if (argv[0][i - 1] == 'm')
512 bytes*=1024L*1024L;
513 } else if (strcmp(*argv, "-cert") == 0) {
514 if (--argc < 1)
515 goto bad;
516 server_cert= *(++argv);
517 } else if (strcmp(*argv, "-s_cert") == 0) {
518 if (--argc < 1)
519 goto bad;
520 server_cert= *(++argv);
521 } else if (strcmp(*argv, "-key") == 0) {
522 if (--argc < 1)
523 goto bad;
524 server_key= *(++argv);
525 } else if (strcmp(*argv, "-s_key") == 0) {
526 if (--argc < 1)
527 goto bad;
528 server_key= *(++argv);
529 } else if (strcmp(*argv, "-c_cert") == 0) {
530 if (--argc < 1)
531 goto bad;
532 client_cert= *(++argv);
533 } else if (strcmp(*argv, "-c_key") == 0) {
534 if (--argc < 1)
535 goto bad;
536 client_key= *(++argv);
537 } else if (strcmp(*argv, "-cipher") == 0) {
538 if (--argc < 1)
539 goto bad;
540 cipher= *(++argv);
541 } else if (strcmp(*argv, "-CApath") == 0) {
542 if (--argc < 1)
543 goto bad;
544 CApath= *(++argv);
545 } else if (strcmp(*argv, "-CAfile") == 0) {
546 if (--argc < 1)
547 goto bad;
548 CAfile= *(++argv);
549 } else if (strcmp(*argv, "-bio_pair") == 0) {
550 bio_pair = 1;
551 } else if (strcmp(*argv, "-f") == 0) {
552 force = 1;
553 } else if (strcmp(*argv, "-time") == 0) {
554 print_time = 1;
555 } else if (strcmp(*argv, "-named_curve") == 0) {
556 if (--argc < 1)
557 goto bad;
558 named_curve = *(++argv);
559 } else if (strcmp(*argv, "-app_verify") == 0) {
560 app_verify_arg.app_verify = 1;
561 } else if (strcmp(*argv, "-proxy") == 0) {
562 app_verify_arg.allow_proxy_certs = 1;
563 } else if (strcmp(*argv, "-alpn_client") == 0) {
564 if (--argc < 1)
565 goto bad;
566 alpn_client = *(++argv);
567 } else if (strcmp(*argv, "-alpn_server") == 0) {
568 if (--argc < 1)
569 goto bad;
570 alpn_server = *(++argv);
571 } else if (strcmp(*argv, "-alpn_expected") == 0) {
572 if (--argc < 1)
573 goto bad;
574 alpn_expected = *(++argv);
575 } else {
576 fprintf(stderr, "unknown option %s\n", *argv);
577 badop = 1;
578 break;
579 }
580 argc--;
581 argv++;
582 }
583 if (badop) {
584bad:
585 sv_usage();
586 goto end;
587 }
588
589 if (!dtls1 && !tls1 && !tls1_2 && number > 1 && !reuse && !force) {
590 fprintf(stderr,
591 "This case cannot work. Use -f to perform "
592 "the test anyway (and\n-d to see what happens), "
593 "or add one of -dtls1, -tls1, -tls1_2, -reuse\n"
594 "to avoid protocol mismatch.\n");
595 exit(1);
596 }
597
598 if (print_time) {
599 if (!bio_pair) {
600 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
601 bio_pair = 1;
602 }
603 if (number < 50 && !force)
604 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
605 }
606
607/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
608
609 SSL_library_init();
610 SSL_load_error_strings();
611
612 if (dtls1)
613 meth = DTLSv1_method();
614 else if (tls1)
615 meth = TLSv1_method();
616 else if (tls1_2)
617 meth = TLSv1_2_method();
618 else
619 meth = TLS_method();
620
621 c_ctx = SSL_CTX_new(meth);
622 s_ctx = SSL_CTX_new(meth);
623 if ((c_ctx == NULL) || (s_ctx == NULL)) {
624 ERR_print_errors(bio_err);
625 goto end;
626 }
627
628 SSL_CTX_set_security_level(c_ctx, seclevel);
629 SSL_CTX_set_security_level(s_ctx, seclevel);
630
631 if (cipher != NULL) {
632 SSL_CTX_set_cipher_list(c_ctx, cipher);
633 SSL_CTX_set_cipher_list(s_ctx, cipher);
634 }
635
636 if (!no_dhe) {
637 if (dhe1024dsa) {
638 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
639 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
640 dh = get_dh1024dsa();
641 } else
642 dh = get_dh1024();
643 SSL_CTX_set_tmp_dh(s_ctx, dh);
644 DH_free(dh);
645 }
646
647 if (!no_ecdhe) {
648 int nid;
649
650 if (named_curve != NULL) {
651 nid = OBJ_sn2nid(named_curve);
652 if (nid == 0) {
653 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
654 goto end;
655 }
656 } else
657 nid = NID_X9_62_prime256v1;
658
659 ecdh = EC_KEY_new_by_curve_name(nid);
660 if (ecdh == NULL) {
661 BIO_printf(bio_err, "unable to create curve\n");
662 goto end;
663 }
664
665 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
666 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
667 EC_KEY_free(ecdh);
668 }
669
670 if (!SSL_CTX_use_certificate_chain_file(s_ctx, server_cert)) {
671 ERR_print_errors(bio_err);
672 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
673 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) {
674 ERR_print_errors(bio_err);
675 goto end;
676 }
677
678 if (client_auth) {
679 SSL_CTX_use_certificate_chain_file(c_ctx, client_cert);
680 SSL_CTX_use_PrivateKey_file(c_ctx,
681 (client_key ? client_key : client_cert),
682 SSL_FILETYPE_PEM);
683 }
684
685 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
686 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
687 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
688 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
689 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
690 ERR_print_errors(bio_err);
691 /* goto end; */
692 }
693
694 if (client_auth) {
695 BIO_printf(bio_err, "client authentication\n");
696 SSL_CTX_set_verify(s_ctx,
697 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
698 verify_callback);
699 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
700 &app_verify_arg);
701 }
702 if (server_auth) {
703 BIO_printf(bio_err, "server authentication\n");
704 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER,
705 verify_callback);
706 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
707 &app_verify_arg);
708 }
709
710 {
711 int session_id_context = 0;
712 SSL_CTX_set_session_id_context(s_ctx,
713 (void *)&session_id_context, sizeof(session_id_context));
714 }
715
716 if (alpn_server != NULL)
717 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
718
719 if (alpn_client != NULL) {
720 unsigned short alpn_len;
721 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
722
723 if (alpn == NULL) {
724 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
725 goto end;
726 }
727 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
728 free(alpn);
729 }
730
731 c_ssl = SSL_new(c_ctx);
732 s_ssl = SSL_new(s_ctx);
733
734 for (i = 0; i < number; i++) {
735 if (!reuse)
736 SSL_set_session(c_ssl, NULL);
737 if (bio_pair)
738 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time,
739 &c_time);
740 else
741 ret = doit(s_ssl, c_ssl, bytes);
742 }
743
744 if (!verbose) {
745 print_details(c_ssl, "");
746 }
747 if ((number > 1) || (bytes > 1L))
748 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",
749 number, bytes);
750 if (print_time) {
751#ifdef CLOCKS_PER_SEC
752 /* "To determine the time in seconds, the value returned
753 * by the clock function should be divided by the value
754 * of the macro CLOCKS_PER_SEC."
755 * -- ISO/IEC 9899 */
756 BIO_printf(bio_stdout,
757 "Approximate total server time: %6.2f s\n"
758 "Approximate total client time: %6.2f s\n",
759 (double)s_time/CLOCKS_PER_SEC,
760 (double)c_time/CLOCKS_PER_SEC);
761#else
762 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
763 * -- cc on NeXTstep/OpenStep */
764 BIO_printf(bio_stdout,
765 "Approximate total server time: %6.2f units\n"
766 "Approximate total client time: %6.2f units\n",
767 (double)s_time,
768 (double)c_time);
769#endif
770 }
771
772 SSL_free(s_ssl);
773 SSL_free(c_ssl);
774
775end:
776 SSL_CTX_free(s_ctx);
777 SSL_CTX_free(c_ctx);
778 BIO_free(bio_stdout);
779
780#ifndef OPENSSL_NO_ENGINE
781 ENGINE_cleanup();
782#endif
783 CRYPTO_cleanup_all_ex_data();
784 ERR_free_strings();
785 ERR_remove_thread_state(NULL);
786 EVP_cleanup();
787 CRYPTO_mem_leaks(bio_err);
788 BIO_free(bio_err);
789
790 exit(ret);
791 return ret;
792}
793
794int
795doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time,
796 clock_t *c_time)
797{
798 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
799 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
800 BIO *server = NULL, *server_io = NULL;
801 BIO *client = NULL, *client_io = NULL;
802 int ret = 1;
803
804 size_t bufsiz = 256; /* small buffer for testing */
805
806 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
807 goto err;
808 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
809 goto err;
810
811 s_ssl_bio = BIO_new(BIO_f_ssl());
812 if (!s_ssl_bio)
813 goto err;
814
815 c_ssl_bio = BIO_new(BIO_f_ssl());
816 if (!c_ssl_bio)
817 goto err;
818
819 SSL_set_connect_state(c_ssl);
820 SSL_set_bio(c_ssl, client, client);
821 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
822
823 SSL_set_accept_state(s_ssl);
824 SSL_set_bio(s_ssl, server, server);
825 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
826
827 do {
828 /* c_ssl_bio: SSL filter BIO
829 *
830 * client: pseudo-I/O for SSL library
831 *
832 * client_io: client's SSL communication; usually to be
833 * relayed over some I/O facility, but in this
834 * test program, we're the server, too:
835 *
836 * server_io: server's SSL communication
837 *
838 * server: pseudo-I/O for SSL library
839 *
840 * s_ssl_bio: SSL filter BIO
841 *
842 * The client and the server each employ a "BIO pair":
843 * client + client_io, server + server_io.
844 * BIO pairs are symmetric. A BIO pair behaves similar
845 * to a non-blocking socketpair (but both endpoints must
846 * be handled by the same thread).
847 * [Here we could connect client and server to the ends
848 * of a single BIO pair, but then this code would be less
849 * suitable as an example for BIO pairs in general.]
850 *
851 * Useful functions for querying the state of BIO pair endpoints:
852 *
853 * BIO_ctrl_pending(bio) number of bytes we can read now
854 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
855 * other side's read attempt
856 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
857 *
858 * ..._read_request is never more than ..._write_guarantee;
859 * it depends on the application which one you should use.
860 */
861
862 /* We have non-blocking behaviour throughout this test program, but
863 * can be sure that there is *some* progress in each iteration; so
864 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
865 * -- we just try everything in each iteration
866 */
867
868 {
869 /* CLIENT */
870
871 char cbuf[1024*8];
872 int i, r;
873 clock_t c_clock = clock();
874
875 memset(cbuf, 0, sizeof(cbuf));
876
877 if (debug)
878 if (SSL_in_init(c_ssl))
879 printf("client waiting in SSL_connect - %s\n",
880 SSL_state_string_long(c_ssl));
881
882 if (cw_num > 0) {
883 /* Write to server. */
884
885 if (cw_num > (long)sizeof cbuf)
886 i = sizeof cbuf;
887 else
888 i = (int)cw_num;
889 r = BIO_write(c_ssl_bio, cbuf, i);
890 if (r < 0) {
891 if (!BIO_should_retry(c_ssl_bio)) {
892 fprintf(stderr, "ERROR in CLIENT\n");
893 goto err;
894 }
895 /* BIO_should_retry(...) can just be ignored here.
896 * The library expects us to call BIO_write with
897 * the same arguments again, and that's what we will
898 * do in the next iteration. */
899 } else if (r == 0) {
900 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
901 goto err;
902 } else {
903 if (debug)
904 printf("client wrote %d\n", r);
905 cw_num -= r;
906
907 }
908 }
909
910 if (cr_num > 0) {
911 /* Read from server. */
912
913 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
914 if (r < 0) {
915 if (!BIO_should_retry(c_ssl_bio)) {
916 fprintf(stderr, "ERROR in CLIENT\n");
917 goto err;
918 }
919 /* Again, "BIO_should_retry" can be ignored. */
920 } else if (r == 0) {
921 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
922 goto err;
923 } else {
924 if (debug)
925 printf("client read %d\n", r);
926 cr_num -= r;
927 }
928 }
929
930 /* c_time and s_time increments will typically be very small
931 * (depending on machine speed and clock tick intervals),
932 * but sampling over a large number of connections should
933 * result in fairly accurate figures. We cannot guarantee
934 * a lot, however -- if each connection lasts for exactly
935 * one clock tick, it will be counted only for the client
936 * or only for the server or even not at all.
937 */
938 *c_time += (clock() - c_clock);
939 }
940
941 {
942 /* SERVER */
943
944 char sbuf[1024*8];
945 int i, r;
946 clock_t s_clock = clock();
947
948 memset(sbuf, 0, sizeof(sbuf));
949
950 if (debug)
951 if (SSL_in_init(s_ssl))
952 printf("server waiting in SSL_accept - %s\n",
953 SSL_state_string_long(s_ssl));
954
955 if (sw_num > 0) {
956 /* Write to client. */
957
958 if (sw_num > (long)sizeof sbuf)
959 i = sizeof sbuf;
960 else
961 i = (int)sw_num;
962 r = BIO_write(s_ssl_bio, sbuf, i);
963 if (r < 0) {
964 if (!BIO_should_retry(s_ssl_bio)) {
965 fprintf(stderr, "ERROR in SERVER\n");
966 goto err;
967 }
968 /* Ignore "BIO_should_retry". */
969 } else if (r == 0) {
970 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
971 goto err;
972 } else {
973 if (debug)
974 printf("server wrote %d\n", r);
975 sw_num -= r;
976
977 }
978 }
979
980 if (sr_num > 0) {
981 /* Read from client. */
982
983 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
984 if (r < 0) {
985 if (!BIO_should_retry(s_ssl_bio)) {
986 fprintf(stderr, "ERROR in SERVER\n");
987 goto err;
988 }
989 /* blah, blah */
990 } else if (r == 0) {
991 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
992 goto err;
993 } else {
994 if (debug)
995 printf("server read %d\n", r);
996 sr_num -= r;
997 }
998 }
999
1000 *s_time += (clock() - s_clock);
1001 }
1002
1003 {
1004 /* "I/O" BETWEEN CLIENT AND SERVER. */
1005
1006 size_t r1, r2;
1007 BIO *io1 = server_io, *io2 = client_io;
1008 /* we use the non-copying interface for io1
1009 * and the standard BIO_write/BIO_read interface for io2
1010 */
1011
1012 static int prev_progress = 1;
1013 int progress = 0;
1014
1015 /* io1 to io2 */
1016 do {
1017 size_t num;
1018 int r;
1019
1020 r1 = BIO_ctrl_pending(io1);
1021 r2 = BIO_ctrl_get_write_guarantee(io2);
1022
1023 num = r1;
1024 if (r2 < num)
1025 num = r2;
1026 if (num) {
1027 char *dataptr;
1028
1029 if (INT_MAX < num) /* yeah, right */
1030 num = INT_MAX;
1031
1032 r = BIO_nread(io1, &dataptr, (int)num);
1033 assert(r > 0);
1034 assert(r <= (int)num);
1035 /* possibly r < num (non-contiguous data) */
1036 num = r;
1037 r = BIO_write(io2, dataptr, (int)num);
1038 if (r != (int)num) /* can't happen */
1039 {
1040 fprintf(stderr, "ERROR: BIO_write could not write "
1041 "BIO_ctrl_get_write_guarantee() bytes");
1042 goto err;
1043 }
1044 progress = 1;
1045
1046 if (debug)
1047 printf((io1 == client_io) ?
1048 "C->S relaying: %d bytes\n" :
1049 "S->C relaying: %d bytes\n",
1050 (int)num);
1051 }
1052 } while (r1 && r2);
1053
1054 /* io2 to io1 */
1055 {
1056 size_t num;
1057 int r;
1058
1059 r1 = BIO_ctrl_pending(io2);
1060 r2 = BIO_ctrl_get_read_request(io1);
1061 /* here we could use ..._get_write_guarantee instead of
1062 * ..._get_read_request, but by using the latter
1063 * we test restartability of the SSL implementation
1064 * more thoroughly */
1065 num = r1;
1066 if (r2 < num)
1067 num = r2;
1068 if (num) {
1069 char *dataptr;
1070
1071 if (INT_MAX < num)
1072 num = INT_MAX;
1073
1074 if (num > 1)
1075 --num; /* test restartability even more thoroughly */
1076
1077 r = BIO_nwrite0(io1, &dataptr);
1078 assert(r > 0);
1079 if (r < (int)num)
1080 num = r;
1081 r = BIO_read(io2, dataptr, (int)num);
1082 if (r != (int)num) /* can't happen */
1083 {
1084 fprintf(stderr, "ERROR: BIO_read could not read "
1085 "BIO_ctrl_pending() bytes");
1086 goto err;
1087 }
1088 progress = 1;
1089 r = BIO_nwrite(io1, &dataptr, (int)num);
1090 if (r != (int)num) /* can't happen */
1091 {
1092 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
1093 "BIO_nwrite0() bytes");
1094 goto err;
1095 }
1096
1097 if (debug)
1098 printf((io2 == client_io) ?
1099 "C->S relaying: %d bytes\n" :
1100 "S->C relaying: %d bytes\n",
1101 (int)num);
1102 }
1103 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
1104
1105 if (!progress && !prev_progress) {
1106 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
1107 fprintf(stderr, "ERROR: got stuck\n");
1108 goto err;
1109 }
1110 }
1111 prev_progress = progress;
1112 }
1113 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
1114
1115 if (verbose)
1116 print_details(c_ssl, "DONE via BIO pair: ");
1117
1118 if (verify_alpn(c_ssl, s_ssl) < 0) {
1119 ret = 1;
1120 goto err;
1121 }
1122
1123 ret = 0;
1124
1125err:
1126 ERR_print_errors(bio_err);
1127
1128 BIO_free(server);
1129 BIO_free(server_io);
1130 BIO_free(client);
1131 BIO_free(client_io);
1132 BIO_free(s_ssl_bio);
1133 BIO_free(c_ssl_bio);
1134
1135 return ret;
1136}
1137
1138
1139#define W_READ 1
1140#define W_WRITE 2
1141#define C_DONE 1
1142#define S_DONE 2
1143
1144int
1145doit(SSL *s_ssl, SSL *c_ssl, long count)
1146{
1147 char cbuf[1024*8], sbuf[1024*8];
1148 long cw_num = count, cr_num = count;
1149 long sw_num = count, sr_num = count;
1150 int ret = 1;
1151 BIO *c_to_s = NULL;
1152 BIO *s_to_c = NULL;
1153 BIO *c_bio = NULL;
1154 BIO *s_bio = NULL;
1155 int c_r, c_w, s_r, s_w;
1156 int i, j;
1157 int done = 0;
1158 int c_write, s_write;
1159 int do_server = 0, do_client = 0;
1160
1161 memset(cbuf, 0, sizeof(cbuf));
1162 memset(sbuf, 0, sizeof(sbuf));
1163
1164 c_to_s = BIO_new(BIO_s_mem());
1165 s_to_c = BIO_new(BIO_s_mem());
1166 if ((s_to_c == NULL) || (c_to_s == NULL)) {
1167 ERR_print_errors(bio_err);
1168 goto err;
1169 }
1170
1171 c_bio = BIO_new(BIO_f_ssl());
1172 s_bio = BIO_new(BIO_f_ssl());
1173 if ((c_bio == NULL) || (s_bio == NULL)) {
1174 ERR_print_errors(bio_err);
1175 goto err;
1176 }
1177
1178 SSL_set_connect_state(c_ssl);
1179 SSL_set_bio(c_ssl, s_to_c, c_to_s);
1180 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
1181
1182 SSL_set_accept_state(s_ssl);
1183 SSL_set_bio(s_ssl, c_to_s, s_to_c);
1184 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
1185
1186 c_r = 0;
1187 s_r = 1;
1188 c_w = 1;
1189 s_w = 0;
1190 c_write = 1, s_write = 0;
1191
1192 /* We can always do writes */
1193 for (;;) {
1194 do_server = 0;
1195 do_client = 0;
1196
1197 i = (int)BIO_pending(s_bio);
1198 if ((i && s_r) || s_w)
1199 do_server = 1;
1200
1201 i = (int)BIO_pending(c_bio);
1202 if ((i && c_r) || c_w)
1203 do_client = 1;
1204
1205 if (do_server && debug) {
1206 if (SSL_in_init(s_ssl))
1207 printf("server waiting in SSL_accept - %s\n",
1208 SSL_state_string_long(s_ssl));
1209 }
1210
1211 if (do_client && debug) {
1212 if (SSL_in_init(c_ssl))
1213 printf("client waiting in SSL_connect - %s\n",
1214 SSL_state_string_long(c_ssl));
1215 }
1216
1217 if (!do_client && !do_server) {
1218 fprintf(stdout, "ERROR in STARTUP\n");
1219 ERR_print_errors(bio_err);
1220 goto err;
1221 }
1222
1223 if (do_client && !(done & C_DONE)) {
1224 if (c_write) {
1225 j = (cw_num > (long)sizeof(cbuf)) ?
1226 (int)sizeof(cbuf) : (int)cw_num;
1227 i = BIO_write(c_bio, cbuf, j);
1228 if (i < 0) {
1229 c_r = 0;
1230 c_w = 0;
1231 if (BIO_should_retry(c_bio)) {
1232 if (BIO_should_read(c_bio))
1233 c_r = 1;
1234 if (BIO_should_write(c_bio))
1235 c_w = 1;
1236 } else {
1237 fprintf(stderr, "ERROR in CLIENT\n");
1238 ERR_print_errors(bio_err);
1239 goto err;
1240 }
1241 } else if (i == 0) {
1242 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1243 goto err;
1244 } else {
1245 if (debug)
1246 printf("client wrote %d\n", i);
1247 /* ok */
1248 s_r = 1;
1249 c_write = 0;
1250 cw_num -= i;
1251 }
1252 } else {
1253 i = BIO_read(c_bio, cbuf, sizeof(cbuf));
1254 if (i < 0) {
1255 c_r = 0;
1256 c_w = 0;
1257 if (BIO_should_retry(c_bio)) {
1258 if (BIO_should_read(c_bio))
1259 c_r = 1;
1260 if (BIO_should_write(c_bio))
1261 c_w = 1;
1262 } else {
1263 fprintf(stderr, "ERROR in CLIENT\n");
1264 ERR_print_errors(bio_err);
1265 goto err;
1266 }
1267 } else if (i == 0) {
1268 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1269 goto err;
1270 } else {
1271 if (debug)
1272 printf("client read %d\n", i);
1273 cr_num -= i;
1274 if (sw_num > 0) {
1275 s_write = 1;
1276 s_w = 1;
1277 }
1278 if (cr_num <= 0) {
1279 s_write = 1;
1280 s_w = 1;
1281 done = S_DONE|C_DONE;
1282 }
1283 }
1284 }
1285 }
1286
1287 if (do_server && !(done & S_DONE)) {
1288 if (!s_write) {
1289 i = BIO_read(s_bio, sbuf, sizeof(cbuf));
1290 if (i < 0) {
1291 s_r = 0;
1292 s_w = 0;
1293 if (BIO_should_retry(s_bio)) {
1294 if (BIO_should_read(s_bio))
1295 s_r = 1;
1296 if (BIO_should_write(s_bio))
1297 s_w = 1;
1298 } else {
1299 fprintf(stderr, "ERROR in SERVER\n");
1300 ERR_print_errors(bio_err);
1301 goto err;
1302 }
1303 } else if (i == 0) {
1304 ERR_print_errors(bio_err);
1305 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n");
1306 goto err;
1307 } else {
1308 if (debug)
1309 printf("server read %d\n", i);
1310 sr_num -= i;
1311 if (cw_num > 0) {
1312 c_write = 1;
1313 c_w = 1;
1314 }
1315 if (sr_num <= 0) {
1316 s_write = 1;
1317 s_w = 1;
1318 c_write = 0;
1319 }
1320 }
1321 } else {
1322 j = (sw_num > (long)sizeof(sbuf)) ?
1323 (int)sizeof(sbuf) : (int)sw_num;
1324 i = BIO_write(s_bio, sbuf, j);
1325 if (i < 0) {
1326 s_r = 0;
1327 s_w = 0;
1328 if (BIO_should_retry(s_bio)) {
1329 if (BIO_should_read(s_bio))
1330 s_r = 1;
1331 if (BIO_should_write(s_bio))
1332 s_w = 1;
1333 } else {
1334 fprintf(stderr, "ERROR in SERVER\n");
1335 ERR_print_errors(bio_err);
1336 goto err;
1337 }
1338 } else if (i == 0) {
1339 ERR_print_errors(bio_err);
1340 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n");
1341 goto err;
1342 } else {
1343 if (debug)
1344 printf("server wrote %d\n", i);
1345 sw_num -= i;
1346 s_write = 0;
1347 c_r = 1;
1348 if (sw_num <= 0)
1349 done |= S_DONE;
1350 }
1351 }
1352 }
1353
1354 if ((done & S_DONE) && (done & C_DONE))
1355 break;
1356 }
1357
1358 if (verbose)
1359 print_details(c_ssl, "DONE: ");
1360
1361 if (verify_alpn(c_ssl, s_ssl) < 0) {
1362 ret = 1;
1363 goto err;
1364 }
1365
1366 ret = 0;
1367err:
1368 /* We have to set the BIO's to NULL otherwise they will be
1369 * free()ed twice. Once when th s_ssl is SSL_free()ed and
1370 * again when c_ssl is SSL_free()ed.
1371 * This is a hack required because s_ssl and c_ssl are sharing the same
1372 * BIO structure and SSL_set_bio() and SSL_free() automatically
1373 * BIO_free non NULL entries.
1374 * You should not normally do this or be required to do this */
1375 if (s_ssl != NULL) {
1376 s_ssl->rbio = NULL;
1377 s_ssl->wbio = NULL;
1378 }
1379 if (c_ssl != NULL) {
1380 c_ssl->rbio = NULL;
1381 c_ssl->wbio = NULL;
1382 }
1383
1384 BIO_free(c_to_s);
1385 BIO_free(s_to_c);
1386 BIO_free_all(c_bio);
1387 BIO_free_all(s_bio);
1388
1389 return (ret);
1390}
1391
1392static int
1393get_proxy_auth_ex_data_idx(void)
1394{
1395 static volatile int idx = -1;
1396 if (idx < 0) {
1397 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
1398 if (idx < 0) {
1399 idx = X509_STORE_CTX_get_ex_new_index(0,
1400 "SSLtest for verify callback", NULL, NULL, NULL);
1401 }
1402 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
1403 }
1404 return idx;
1405}
1406
1407static int
1408verify_callback(int ok, X509_STORE_CTX *ctx)
1409{
1410 X509 *xs;
1411 char *s, buf[256];
1412 int error, error_depth;
1413
1414 xs = X509_STORE_CTX_get_current_cert(ctx);
1415 s = X509_NAME_oneline(X509_get_subject_name(xs), buf, sizeof buf);
1416 error = X509_STORE_CTX_get_error(ctx);
1417 error_depth = X509_STORE_CTX_get_error_depth(ctx);
1418 if (s != NULL) {
1419 if (ok)
1420 fprintf(stderr, "depth=%d %s\n", error_depth, buf);
1421 else {
1422 fprintf(stderr, "depth=%d error=%d %s\n", error_depth,
1423 error, buf);
1424 }
1425 }
1426
1427 if (ok == 0) {
1428 fprintf(stderr, "Error string: %s\n",
1429 X509_verify_cert_error_string(error));
1430 switch (error) {
1431 case X509_V_ERR_CERT_NOT_YET_VALID:
1432 case X509_V_ERR_CERT_HAS_EXPIRED:
1433 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
1434 fprintf(stderr, " ... ignored.\n");
1435 ok = 1;
1436 }
1437 }
1438
1439 if (ok == 1) {
1440 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) {
1441 unsigned int *letters =
1442 X509_STORE_CTX_get_ex_data(ctx,
1443 get_proxy_auth_ex_data_idx());
1444
1445 if (letters) {
1446 int found_any = 0;
1447 int i;
1448 PROXY_CERT_INFO_EXTENSION *pci =
1449 X509_get_ext_d2i(xs, NID_proxyCertInfo,
1450 NULL, NULL);
1451
1452 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
1453 case NID_Independent:
1454 /* Completely meaningless in this
1455 program, as there's no way to
1456 grant explicit rights to a
1457 specific PrC. Basically, using
1458 id-ppl-Independent is the perfect
1459 way to grant no rights at all. */
1460 fprintf(stderr, " Independent proxy certificate");
1461 for (i = 0; i < 26; i++)
1462 letters[i] = 0;
1463 break;
1464 case NID_id_ppl_inheritAll:
1465 /* This is basically a NOP, we
1466 simply let the current rights
1467 stand as they are. */
1468 fprintf(stderr, " Proxy certificate inherits all");
1469 break;
1470 default:
1471 s = (char *)
1472 pci->proxyPolicy->policy->data;
1473 i = pci->proxyPolicy->policy->length;
1474
1475 /* The algorithm works as follows:
1476 it is assumed that previous
1477 iterations or the initial granted
1478 rights has already set some elements
1479 of `letters'. What we need to do is
1480 to clear those that weren't granted
1481 by the current PrC as well. The
1482 easiest way to do this is to add 1
1483 to all the elements whose letters
1484 are given with the current policy.
1485 That way, all elements that are set
1486 by the current policy and were
1487 already set by earlier policies and
1488 through the original grant of rights
1489 will get the value 2 or higher.
1490 The last thing to do is to sweep
1491 through `letters' and keep the
1492 elements having the value 2 as set,
1493 and clear all the others. */
1494
1495 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s);
1496 while (i-- > 0) {
1497 int c = *s++;
1498 if (isascii(c) && isalpha(c)) {
1499 if (islower(c))
1500 c = toupper(c);
1501 letters[c - 'A']++;
1502 }
1503 }
1504 for (i = 0; i < 26; i++)
1505 if (letters[i] < 2)
1506 letters[i] = 0;
1507 else
1508 letters[i] = 1;
1509 }
1510
1511 found_any = 0;
1512 fprintf(stderr, ", resulting proxy rights = ");
1513 for (i = 0; i < 26; i++)
1514 if (letters[i]) {
1515 fprintf(stderr, "%c", i + 'A');
1516 found_any = 1;
1517 }
1518 if (!found_any)
1519 fprintf(stderr, "none");
1520 fprintf(stderr, "\n");
1521
1522 PROXY_CERT_INFO_EXTENSION_free(pci);
1523 }
1524 }
1525 }
1526
1527 return (ok);
1528}
1529
1530static void
1531process_proxy_debug(int indent, const char *format, ...)
1532{
1533 static const char indentation[] =
1534 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
1535 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
1536 char my_format[256];
1537 va_list args;
1538
1539 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s",
1540 indent, indent, indentation, format);
1541
1542 va_start(args, format);
1543 vfprintf(stderr, my_format, args);
1544 va_end(args);
1545}
1546/* Priority levels:
1547 0 [!]var, ()
1548 1 & ^
1549 2 |
1550*/
1551static int process_proxy_cond_adders(unsigned int letters[26],
1552 const char *cond, const char **cond_end, int *pos, int indent);
1553
1554static int
1555process_proxy_cond_val(unsigned int letters[26], const char *cond,
1556 const char **cond_end, int *pos, int indent)
1557{
1558 int c;
1559 int ok = 1;
1560 int negate = 0;
1561
1562 while (isspace((int)*cond)) {
1563 cond++;
1564 (*pos)++;
1565 }
1566 c = *cond;
1567
1568 if (debug)
1569 process_proxy_debug(indent,
1570 "Start process_proxy_cond_val at position %d: %s\n",
1571 *pos, cond);
1572
1573 while (c == '!') {
1574 negate = !negate;
1575 cond++;
1576 (*pos)++;
1577 while (isspace((int)*cond)) {
1578 cond++;
1579 (*pos)++;
1580 }
1581 c = *cond;
1582 }
1583
1584 if (c == '(') {
1585 cond++;
1586 (*pos)++;
1587 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
1588 indent + 1);
1589 cond = *cond_end;
1590 if (ok < 0)
1591 goto end;
1592 while (isspace((int)*cond)) {
1593 cond++;
1594 (*pos)++;
1595 }
1596 c = *cond;
1597 if (c != ')') {
1598 fprintf(stderr,
1599 "Weird condition character in position %d: "
1600 "%c\n", *pos, c);
1601 ok = -1;
1602 goto end;
1603 }
1604 cond++;
1605 (*pos)++;
1606 } else if (isascii(c) && isalpha(c)) {
1607 if (islower(c))
1608 c = toupper(c);
1609 ok = letters[c - 'A'];
1610 cond++;
1611 (*pos)++;
1612 } else {
1613 fprintf(stderr,
1614 "Weird condition character in position %d: "
1615 "%c\n", *pos, c);
1616 ok = -1;
1617 goto end;
1618 }
1619end:
1620 *cond_end = cond;
1621 if (ok >= 0 && negate)
1622 ok = !ok;
1623
1624 if (debug)
1625 process_proxy_debug(indent,
1626 "End process_proxy_cond_val at position %d: %s, returning %d\n",
1627 *pos, cond, ok);
1628
1629 return ok;
1630}
1631
1632static int
1633process_proxy_cond_multipliers(unsigned int letters[26], const char *cond,
1634 const char **cond_end, int *pos, int indent)
1635{
1636 int ok;
1637 char c;
1638
1639 if (debug)
1640 process_proxy_debug(indent,
1641 "Start process_proxy_cond_multipliers at position %d: %s\n",
1642 *pos, cond);
1643
1644 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
1645 cond = *cond_end;
1646 if (ok < 0)
1647 goto end;
1648
1649 while (ok >= 0) {
1650 while (isspace((int)*cond)) {
1651 cond++;
1652 (*pos)++;
1653 }
1654 c = *cond;
1655
1656 switch (c) {
1657 case '&':
1658 case '^':
1659 {
1660 int save_ok = ok;
1661
1662 cond++;
1663 (*pos)++;
1664 ok = process_proxy_cond_val(letters,
1665 cond, cond_end, pos, indent + 1);
1666 cond = *cond_end;
1667 if (ok < 0)
1668 break;
1669
1670 switch (c) {
1671 case '&':
1672 ok &= save_ok;
1673 break;
1674 case '^':
1675 ok ^= save_ok;
1676 break;
1677 default:
1678 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
1679 " STOPPING\n");
1680 exit(1);
1681 }
1682 }
1683 break;
1684 default:
1685 goto end;
1686 }
1687 }
1688end:
1689 if (debug)
1690 process_proxy_debug(indent,
1691 "End process_proxy_cond_multipliers at position %d: %s, "
1692 "returning %d\n",
1693 *pos, cond, ok);
1694
1695 *cond_end = cond;
1696 return ok;
1697}
1698
1699static int
1700process_proxy_cond_adders(unsigned int letters[26], const char *cond,
1701 const char **cond_end, int *pos, int indent)
1702{
1703 int ok;
1704 char c;
1705
1706 if (debug)
1707 process_proxy_debug(indent,
1708 "Start process_proxy_cond_adders at position %d: %s\n",
1709 *pos, cond);
1710
1711 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
1712 indent + 1);
1713 cond = *cond_end;
1714 if (ok < 0)
1715 goto end;
1716
1717 while (ok >= 0) {
1718 while (isspace((int)*cond)) {
1719 cond++;
1720 (*pos)++;
1721 }
1722 c = *cond;
1723
1724 switch (c) {
1725 case '|':
1726 {
1727 int save_ok = ok;
1728
1729 cond++;
1730 (*pos)++;
1731 ok = process_proxy_cond_multipliers(letters,
1732 cond, cond_end, pos, indent + 1);
1733 cond = *cond_end;
1734 if (ok < 0)
1735 break;
1736
1737 switch (c) {
1738 case '|':
1739 ok |= save_ok;
1740 break;
1741 default:
1742 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
1743 " STOPPING\n");
1744 exit(1);
1745 }
1746 }
1747 break;
1748 default:
1749 goto end;
1750 }
1751 }
1752end:
1753 if (debug)
1754 process_proxy_debug(indent,
1755 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
1756 *pos, cond, ok);
1757
1758 *cond_end = cond;
1759 return ok;
1760}
1761
1762static int
1763process_proxy_cond(unsigned int letters[26], const char *cond,
1764 const char **cond_end)
1765{
1766 int pos = 1;
1767 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
1768}
1769
1770static int
1771app_verify_callback(X509_STORE_CTX *ctx, void *arg)
1772{
1773 int ok = 1;
1774 struct app_verify_arg *cb_arg = arg;
1775 unsigned int letters[26]; /* only used with proxy_auth */
1776
1777 if (cb_arg->app_verify) {
1778 X509 *xs;
1779 char *s = NULL, buf[256];
1780
1781 xs = X509_STORE_CTX_get0_cert(ctx);
1782 fprintf(stderr, "In app_verify_callback, allowing cert. ");
1783 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
1784 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
1785 (void *)ctx, (void *)xs);
1786 if (xs)
1787 s = X509_NAME_oneline(X509_get_subject_name(xs), buf, 256);
1788 if (s != NULL) {
1789 fprintf(stderr, "cert depth=%d %s\n",
1790 X509_STORE_CTX_get_error_depth(ctx), buf);
1791 }
1792 return (1);
1793 }
1794 if (cb_arg->proxy_auth) {
1795 int found_any = 0, i;
1796 char *sp;
1797
1798 for (i = 0; i < 26; i++)
1799 letters[i] = 0;
1800 for (sp = cb_arg->proxy_auth; *sp; sp++) {
1801 int c = *sp;
1802 if (isascii(c) && isalpha(c)) {
1803 if (islower(c))
1804 c = toupper(c);
1805 letters[c - 'A'] = 1;
1806 }
1807 }
1808
1809 fprintf(stderr, " Initial proxy rights = ");
1810 for (i = 0; i < 26; i++)
1811 if (letters[i]) {
1812 fprintf(stderr, "%c", i + 'A');
1813 found_any = 1;
1814 }
1815 if (!found_any)
1816 fprintf(stderr, "none");
1817 fprintf(stderr, "\n");
1818
1819 X509_STORE_CTX_set_ex_data(ctx,
1820 get_proxy_auth_ex_data_idx(), letters);
1821 }
1822 if (cb_arg->allow_proxy_certs) {
1823 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
1824 }
1825
1826 ok = X509_verify_cert(ctx);
1827
1828 if (cb_arg->proxy_auth) {
1829 if (ok > 0) {
1830 const char *cond_end = NULL;
1831
1832 ok = process_proxy_cond(letters,
1833 cb_arg->proxy_cond, &cond_end);
1834
1835 if (ok < 0)
1836 exit(3);
1837 if (*cond_end) {
1838 fprintf(stderr, "Stopped processing condition before it's end.\n");
1839 ok = 0;
1840 }
1841 if (!ok)
1842 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
1843 cb_arg->proxy_cond);
1844 else
1845 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
1846 cb_arg->proxy_cond);
1847 }
1848 }
1849 return (ok);
1850}
1851
1852/* These DH parameters have been generated as follows:
1853 * $ openssl dhparam -C -noout 1024
1854 * $ openssl dhparam -C -noout -dsaparam 1024
1855 * (The second function has been renamed to avoid name conflicts.)
1856 */
1857static DH *
1858get_dh1024()
1859{
1860 static unsigned char dh1024_p[] = {
1861 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A,
1862 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2,
1863 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0,
1864 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2,
1865 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C,
1866 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8,
1867 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52,
1868 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1,
1869 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1,
1870 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB,
1871 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
1872 };
1873 static unsigned char dh1024_g[] = {
1874 0x02,
1875 };
1876 DH *dh;
1877 BIGNUM *dh_p = NULL, *dh_g = NULL;
1878
1879 if ((dh = DH_new()) == NULL)
1880 return NULL;
1881
1882 dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
1883 dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
1884 if (dh_p == NULL || dh_g == NULL)
1885 goto err;
1886
1887 if (!DH_set0_pqg(dh, dh_p, NULL, dh_g))
1888 goto err;
1889
1890 return dh;
1891
1892 err:
1893 BN_free(dh_p);
1894 BN_free(dh_g);
1895 DH_free(dh);
1896 return NULL;
1897}
1898
1899static DH *
1900get_dh1024dsa()
1901{
1902 static unsigned char dh1024_p[] = {
1903 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00,
1904 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19,
1905 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2,
1906 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55,
1907 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC,
1908 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97,
1909 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D,
1910 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB,
1911 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6,
1912 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E,
1913 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
1914 };
1915 static unsigned char dh1024_g[] = {
1916 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05,
1917 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3,
1918 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9,
1919 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C,
1920 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65,
1921 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60,
1922 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6,
1923 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7,
1924 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1,
1925 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60,
1926 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
1927 };
1928 DH *dh;
1929 BIGNUM *dh_p = NULL, *dh_g = NULL;
1930
1931 if ((dh = DH_new()) == NULL)
1932 return NULL;
1933
1934 dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
1935 dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
1936 if (dh_p == NULL || dh_g == NULL)
1937 goto err;
1938
1939 if (!DH_set0_pqg(dh, dh_p, NULL, dh_g))
1940 goto err;
1941
1942 DH_set_length(dh, 160);
1943
1944 return dh;
1945
1946 err:
1947 BN_free(dh_p);
1948 BN_free(dh_g);
1949 DH_free(dh);
1950 return NULL;
1951}
diff --git a/src/regress/lib/libssl/ssl/testssl b/src/regress/lib/libssl/ssl/testssl
deleted file mode 100644
index 43efaa6460..0000000000
--- a/src/regress/lib/libssl/ssl/testssl
+++ /dev/null
@@ -1,164 +0,0 @@
1#!/bin/sh
2
3key="$1"
4cert="$2"
5CA="-CAfile $3"
6ssltest="${4-./ssltest} -key $key -cert $cert -c_key $key -c_cert $cert"
7openssl=${5-openssl}
8extra="$6"
9
10$openssl version || exit 1
11
12if $openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
13 dsa_cert=YES
14else
15 dsa_cert=NO
16fi
17
18#############################################################################
19
20echo test sslv2/sslv3
21$ssltest $extra || exit 1
22
23echo test sslv2/sslv3 with server authentication
24$ssltest -server_auth $CA $extra || exit 1
25
26echo test sslv2/sslv3 with client authentication
27$ssltest -client_auth $CA $extra || exit 1
28
29echo test sslv2/sslv3 with both client and server authentication
30$ssltest -server_auth -client_auth $CA $extra || exit 1
31
32echo test sslv2/sslv3 via BIO pair
33$ssltest $extra || exit 1
34
35if [ $dsa_cert = NO ]; then
36 echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
37 $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
38fi
39
40echo test sslv2/sslv3 with 1024bit DHE via BIO pair
41$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
42
43echo test sslv2/sslv3 with server authentication
44$ssltest -bio_pair -server_auth $CA $extra || exit 1
45
46echo test sslv2/sslv3 with client authentication via BIO pair
47$ssltest -bio_pair -client_auth $CA $extra || exit 1
48
49echo test sslv2/sslv3 with both client and server authentication via BIO pair
50$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
51
52echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
53$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
54
55echo "Testing ciphersuites"
56for protocol in SSLv3 TLSv1.2; do
57 echo "Testing ciphersuites for $protocol"
58 for cipher in `$openssl ciphers -v "$protocol+aRSA" |
59 awk "/ $protocol / { print \\$1 }"`; do
60 echo "Testing $cipher"
61 $ssltest -cipher $cipher -tls1_2
62 if [ $? -ne 0 ] ; then
63 echo "Failed $cipher"
64 exit 1
65 fi
66 done
67done
68for protocol in TLSv1.3; do
69 echo "Testing ciphersuites for $protocol at security level 2"
70 for cipher in `$openssl ciphers -v "$protocol" |
71 awk "/ $protocol / { print \\$1 }"`; do
72 echo "Testing $cipher"
73 $ssltest -cipher $cipher -seclevel 2
74 if [ $? -ne 0 ] ; then
75 echo "Failed $cipher"
76 exit 1
77 fi
78 done
79done
80for protocol in TLSv1.3; do
81 echo "Testing ciphersuites for $protocol at security level 3"
82 for cipher in `$openssl ciphers -v "$protocol" |
83 awk "/ $protocol / { print \\$1 }"`; do
84 echo "Testing $cipher"
85 $ssltest -cipher $cipher -seclevel 3
86 if [ $? -eq 0 ] ; then
87 echo "Failed $cipher should not have succeeded"
88 exit 1
89 fi
90 done
91done
92
93#############################################################################
94
95if $openssl no-dh; then
96 echo skipping anonymous DH tests
97else
98 echo test tls1 with 1024bit anonymous DH, multiple handshakes
99 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
100fi
101
102#if $openssl no-rsa; then
103# echo skipping RSA tests
104#else
105# echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
106# ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
107#
108# if $openssl no-dh; then
109# echo skipping RSA+DHE tests
110# else
111# echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
112# ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
113# fi
114#fi
115
116#
117# DTLS tests
118#
119
120echo test dtlsv1
121$ssltest -dtls1 $extra || exit 1
122
123echo test dtlsv1 with server authentication
124$ssltest -dtls1 -server_auth $CA $extra || exit 1
125
126echo test dtlsv1 with client authentication
127$ssltest -dtls1 -client_auth $CA $extra || exit 1
128
129echo test dtlsv1 with both client and server authentication
130$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1
131
132echo "Testing DTLS ciphersuites"
133for protocol in SSLv3; do
134 echo "Testing ciphersuites for $protocol"
135 for cipher in `$openssl ciphers -v "RSA+$protocol" |
136 awk "/ $protocol / { print \\$1 }" |
137 grep -v RC4`; do
138 echo "Testing $cipher"
139 $ssltest -cipher $cipher -dtls1
140 if [ $? -ne 0 ] ; then
141 echo "Failed $cipher"
142 exit 1
143 fi
144 done
145done
146
147#
148# ALPN tests
149#
150echo "Testing ALPN..."
151$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server bar || exit 1
152$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server foo \
153 -alpn_expected foo || exit 1
154$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo \
155 -alpn_expected foo || exit 1
156$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo \
157 -alpn_expected foo || exit 1
158$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar \
159 -alpn_expected foo || exit 1
160$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo \
161 -alpn_expected bar || exit 1
162$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo \
163 -alpn_expected bar || exit 1
164$ssltest -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo || exit 1
diff --git a/src/regress/lib/libssl/tls/Makefile b/src/regress/lib/libssl/tls/Makefile
deleted file mode 100644
index a22cdcdeb2..0000000000
--- a/src/regress/lib/libssl/tls/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2021/10/23 14:34:10 jsing Exp $
2
3PROG= tlstest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9REGRESS_TARGETS= \
10 regress-tlstest
11
12regress-tlstest: ${PROG}
13 ./tlstest \
14 ${.CURDIR}/../../libssl/certs/server.pem \
15 ${.CURDIR}/../../libssl/certs/server.pem \
16 ${.CURDIR}/../../libssl/certs/ca.pem
17
18.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/tls/tlstest.c b/src/regress/lib/libssl/tls/tlstest.c
deleted file mode 100644
index 5c72717e6e..0000000000
--- a/src/regress/lib/libssl/tls/tlstest.c
+++ /dev/null
@@ -1,476 +0,0 @@
1/* $OpenBSD: tlstest.c,v 1.1 2021/10/23 14:34:10 jsing Exp $ */
2/*
3 * Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include <openssl/bio.h>
21#include <openssl/err.h>
22#include <openssl/ssl.h>
23
24const char *server_ca_file;
25const char *server_cert_file;
26const char *server_key_file;
27
28int debug = 0;
29
30static void
31hexdump(const unsigned char *buf, size_t len)
32{
33 size_t i;
34
35 for (i = 1; i <= len; i++)
36 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
37
38 if (len % 8)
39 fprintf(stderr, "\n");
40}
41
42static SSL *
43tls_client(BIO *rbio, BIO *wbio)
44{
45 SSL_CTX *ssl_ctx = NULL;
46 SSL *ssl = NULL;
47
48 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
49 errx(1, "client context");
50
51 if ((ssl = SSL_new(ssl_ctx)) == NULL)
52 errx(1, "client ssl");
53
54 BIO_up_ref(rbio);
55 BIO_up_ref(wbio);
56
57 SSL_set_bio(ssl, rbio, wbio);
58
59 SSL_CTX_free(ssl_ctx);
60
61 return ssl;
62}
63
64static SSL *
65tls_server(BIO *rbio, BIO *wbio)
66{
67 SSL_CTX *ssl_ctx = NULL;
68 SSL *ssl = NULL;
69
70 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL)
71 errx(1, "server context");
72
73 SSL_CTX_set_dh_auto(ssl_ctx, 2);
74
75 if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file,
76 SSL_FILETYPE_PEM) != 1) {
77 fprintf(stderr, "FAIL: Failed to load server certificate");
78 goto failure;
79 }
80 if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file,
81 SSL_FILETYPE_PEM) != 1) {
82 fprintf(stderr, "FAIL: Failed to load server private key");
83 goto failure;
84 }
85
86 if ((ssl = SSL_new(ssl_ctx)) == NULL)
87 errx(1, "server ssl");
88
89 BIO_up_ref(rbio);
90 BIO_up_ref(wbio);
91
92 SSL_set_bio(ssl, rbio, wbio);
93
94 failure:
95 SSL_CTX_free(ssl_ctx);
96
97 return ssl;
98}
99
100static int
101ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret)
102{
103 int ssl_err;
104
105 ssl_err = SSL_get_error(ssl, ssl_ret);
106
107 if (ssl_err == SSL_ERROR_WANT_READ) {
108 return 1;
109 } else if (ssl_err == SSL_ERROR_WANT_WRITE) {
110 return 1;
111 } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) {
112 /* Yup, this is apparently a thing... */
113 } else {
114 fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n",
115 name, desc, ssl_err, errno);
116 ERR_print_errors_fp(stderr);
117 return 0;
118 }
119
120 return 1;
121}
122
123static int
124do_connect(SSL *ssl, const char *name, int *done)
125{
126 int ssl_ret;
127
128 if ((ssl_ret = SSL_connect(ssl)) == 1) {
129 fprintf(stderr, "INFO: %s connect done\n", name);
130 *done = 1;
131 return 1;
132 }
133
134 return ssl_error(ssl, name, "connect", ssl_ret);
135}
136
137static int
138do_accept(SSL *ssl, const char *name, int *done)
139{
140 int ssl_ret;
141
142 if ((ssl_ret = SSL_accept(ssl)) == 1) {
143 fprintf(stderr, "INFO: %s accept done\n", name);
144 *done = 1;
145 return 1;
146 }
147
148 return ssl_error(ssl, name, "accept", ssl_ret);
149}
150
151static int
152do_read(SSL *ssl, const char *name, int *done)
153{
154 uint8_t buf[512];
155 int ssl_ret;
156
157 if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) > 0) {
158 fprintf(stderr, "INFO: %s read done\n", name);
159 if (debug > 1)
160 hexdump(buf, ssl_ret);
161 *done = 1;
162 return 1;
163 }
164
165 return ssl_error(ssl, name, "read", ssl_ret);
166}
167
168static int
169do_write(SSL *ssl, const char *name, int *done)
170{
171 const uint8_t buf[] = "Hello, World!\n";
172 int ssl_ret;
173
174 if ((ssl_ret = SSL_write(ssl, buf, sizeof(buf))) > 0) {
175 fprintf(stderr, "INFO: %s write done\n", name);
176 *done = 1;
177 return 1;
178 }
179
180 return ssl_error(ssl, name, "write", ssl_ret);
181}
182
183static int
184do_shutdown(SSL *ssl, const char *name, int *done)
185{
186 int ssl_ret;
187
188 ssl_ret = SSL_shutdown(ssl);
189 if (ssl_ret == 1) {
190 fprintf(stderr, "INFO: %s shutdown done\n", name);
191 *done = 1;
192 return 1;
193 }
194 return ssl_error(ssl, name, "shutdown", ssl_ret);
195}
196
197typedef int (*ssl_func)(SSL *ssl, const char *name, int *done);
198
199static int
200do_client_server_loop(SSL *client, ssl_func client_func, SSL *server,
201 ssl_func server_func)
202{
203 int client_done = 0, server_done = 0;
204 int i = 0;
205
206 do {
207 if (!client_done) {
208 if (debug)
209 fprintf(stderr, "DEBUG: client loop\n");
210 if (!client_func(client, "client", &client_done))
211 return 0;
212 }
213 if (!server_done) {
214 if (debug)
215 fprintf(stderr, "DEBUG: server loop\n");
216 if (!server_func(server, "server", &server_done))
217 return 0;
218 }
219 } while (i++ < 100 && (!client_done || !server_done));
220
221 if (!client_done || !server_done)
222 fprintf(stderr, "FAIL: gave up\n");
223
224 return client_done && server_done;
225}
226
227struct tls_test {
228 const unsigned char *desc;
229 const SSL_METHOD *(*client_method)(void);
230 uint16_t client_min_version;
231 uint16_t client_max_version;
232 const char *client_ciphers;
233 const SSL_METHOD *(*server_method)(void);
234 uint16_t server_min_version;
235 uint16_t server_max_version;
236 const char *server_ciphers;
237};
238
239static const struct tls_test tls_tests[] = {
240 {
241 .desc = "Default client and server",
242 },
243 {
244 .desc = "Default client and TLSv1.2 server",
245 .server_max_version = TLS1_2_VERSION,
246 },
247 {
248 .desc = "Default client and TLSv1.1 server",
249 .server_max_version = TLS1_1_VERSION,
250 },
251 {
252 .desc = "Default client and TLSv1.0 server",
253 .server_max_version = TLS1_VERSION,
254 },
255 {
256 .desc = "Default client and default server with ECDHE KEX",
257 .server_ciphers = "ECDHE-RSA-AES128-SHA",
258 },
259 {
260 .desc = "Default client and TLSv1.2 server with ECDHE KEX",
261 .server_max_version = TLS1_2_VERSION,
262 .server_ciphers = "ECDHE-RSA-AES128-SHA",
263 },
264 {
265 .desc = "Default client and TLSv1.1 server with ECDHE KEX",
266 .server_max_version = TLS1_1_VERSION,
267 .server_ciphers = "ECDHE-RSA-AES128-SHA",
268 },
269 {
270 .desc = "Default client and TLSv1.0 server with ECDHE KEX",
271 .server_max_version = TLS1_VERSION,
272 .server_ciphers = "ECDHE-RSA-AES128-SHA",
273 },
274 {
275 .desc = "Default client and default server with DHE KEX",
276 .server_ciphers = "DHE-RSA-AES128-SHA",
277 },
278 {
279 .desc = "Default client and TLSv1.2 server with DHE KEX",
280 .server_max_version = TLS1_2_VERSION,
281 .server_ciphers = "DHE-RSA-AES128-SHA",
282 },
283 {
284 .desc = "Default client and TLSv1.1 server with DHE KEX",
285 .server_max_version = TLS1_1_VERSION,
286 .server_ciphers = "DHE-RSA-AES128-SHA",
287 },
288 {
289 .desc = "Default client and TLSv1.0 server with DHE KEX",
290 .server_max_version = TLS1_VERSION,
291 .server_ciphers = "DHE-RSA-AES128-SHA",
292 },
293 {
294 .desc = "Default client and default server with RSA KEX",
295 .server_ciphers = "AES128-SHA",
296 },
297 {
298 .desc = "Default client and TLSv1.2 server with RSA KEX",
299 .server_max_version = TLS1_2_VERSION,
300 .server_ciphers = "AES128-SHA",
301 },
302 {
303 .desc = "Default client and TLSv1.1 server with RSA KEX",
304 .server_max_version = TLS1_1_VERSION,
305 .server_ciphers = "AES128-SHA",
306 },
307 {
308 .desc = "Default client and TLSv1.0 server with RSA KEX",
309 .server_max_version = TLS1_VERSION,
310 .server_ciphers = "AES128-SHA",
311 },
312 {
313 .desc = "TLSv1.2 client and default server",
314 .client_max_version = TLS1_2_VERSION,
315 },
316 {
317 .desc = "TLSv1.1 client and default server",
318 .client_max_version = TLS1_1_VERSION,
319 },
320 {
321 .desc = "TLSv1.0 client and default server",
322 .client_max_version = TLS1_VERSION,
323 },
324 {
325 .desc = "TLSv1.2 client and default server with ECDHE KEX",
326 .client_max_version = TLS1_2_VERSION,
327 .client_ciphers = "ECDHE-RSA-AES128-SHA",
328 },
329 {
330 .desc = "TLSv1.1 client and default server with ECDHE KEX",
331 .client_max_version = TLS1_1_VERSION,
332 .client_ciphers = "ECDHE-RSA-AES128-SHA",
333 },
334 {
335 .desc = "TLSv1.0 client and default server with ECDHE KEX",
336 .client_max_version = TLS1_VERSION,
337 .client_ciphers = "ECDHE-RSA-AES128-SHA",
338 },
339 {
340 .desc = "TLSv1.2 client and default server with DHE KEX",
341 .server_max_version = TLS1_2_VERSION,
342 .client_ciphers = "DHE-RSA-AES128-SHA",
343 },
344 {
345 .desc = "TLSv1.1 client and default server with DHE KEX",
346 .client_max_version = TLS1_1_VERSION,
347 .client_ciphers = "DHE-RSA-AES128-SHA",
348 },
349 {
350 .desc = "TLSv1.0 client and default server with DHE KEX",
351 .client_max_version = TLS1_VERSION,
352 .client_ciphers = "DHE-RSA-AES128-SHA",
353 },
354 {
355 .desc = "TLSv1.2 client and default server with RSA KEX",
356 .client_max_version = TLS1_2_VERSION,
357 .client_ciphers = "AES128-SHA",
358 },
359 {
360 .desc = "TLSv1.1 client and default server with RSA KEX",
361 .client_max_version = TLS1_1_VERSION,
362 .client_ciphers = "AES128-SHA",
363 },
364 {
365 .desc = "TLSv1.0 client and default server with RSA KEX",
366 .client_max_version = TLS1_VERSION,
367 .client_ciphers = "AES128-SHA",
368 },
369};
370
371#define N_TLS_TESTS (sizeof(tls_tests) / sizeof(*tls_tests))
372
373static int
374tlstest(const struct tls_test *tt)
375{
376 BIO *client_wbio = NULL, *server_wbio = NULL;
377 SSL *client = NULL, *server = NULL;
378 int failed = 1;
379
380 fprintf(stderr, "\n== Testing %s... ==\n", tt->desc);
381
382 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL)
383 goto failure;
384 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0)
385 goto failure;
386
387 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL)
388 goto failure;
389 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0)
390 goto failure;
391
392 if ((client = tls_client(server_wbio, client_wbio)) == NULL)
393 goto failure;
394 if (tt->client_min_version != 0) {
395 if (!SSL_set_min_proto_version(client, tt->client_min_version))
396 goto failure;
397 }
398 if (tt->client_max_version != 0) {
399 if (!SSL_set_max_proto_version(client, tt->client_max_version))
400 goto failure;
401 }
402 if (tt->client_ciphers != NULL) {
403 if (!SSL_set_cipher_list(client, tt->client_ciphers))
404 goto failure;
405 }
406
407 if ((server = tls_server(client_wbio, server_wbio)) == NULL)
408 goto failure;
409 if (tt->server_min_version != 0) {
410 if (!SSL_set_min_proto_version(server, tt->server_min_version))
411 goto failure;
412 }
413 if (tt->server_max_version != 0) {
414 if (!SSL_set_max_proto_version(server, tt->server_max_version))
415 goto failure;
416 }
417 if (tt->server_ciphers != NULL) {
418 if (!SSL_set_cipher_list(server, tt->server_ciphers))
419 goto failure;
420 }
421
422 if (!do_client_server_loop(client, do_connect, server, do_accept)) {
423 fprintf(stderr, "FAIL: client and server handshake failed\n");
424 goto failure;
425 }
426
427 if (!do_client_server_loop(client, do_write, server, do_read)) {
428 fprintf(stderr, "FAIL: client write and server read I/O failed\n");
429 goto failure;
430 }
431
432 if (!do_client_server_loop(client, do_read, server, do_write)) {
433 fprintf(stderr, "FAIL: client read and server write I/O failed\n");
434 goto failure;
435 }
436
437 if (!do_client_server_loop(client, do_shutdown, server, do_shutdown)) {
438 fprintf(stderr, "FAIL: client and server shutdown failed\n");
439 goto failure;
440 }
441
442 fprintf(stderr, "INFO: Done!\n");
443
444 failed = 0;
445
446 failure:
447 BIO_free(client_wbio);
448 BIO_free(server_wbio);
449
450 SSL_free(client);
451 SSL_free(server);
452
453 return failed;
454}
455
456int
457main(int argc, char **argv)
458{
459 int failed = 0;
460 size_t i;
461
462 if (argc != 4) {
463 fprintf(stderr, "usage: %s keyfile certfile cafile\n",
464 argv[0]);
465 exit(1);
466 }
467
468 server_key_file = argv[1];
469 server_cert_file = argv[2];
470 server_ca_file = argv[3];
471
472 for (i = 0; i < N_TLS_TESTS; i++)
473 failed |= tlstest(&tls_tests[i]);
474
475 return failed;
476}
diff --git a/src/regress/lib/libssl/tlsext/Makefile b/src/regress/lib/libssl/tlsext/Makefile
deleted file mode 100644
index 9ff441697f..0000000000
--- a/src/regress/lib/libssl/tlsext/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
1# $OpenBSD: Makefile,v 1.2 2022/06/29 15:06:18 tb Exp $
2
3PROG= tlsexttest
4LDADD= ${SSL_INT} -lcrypto
5DPADD= ${LIBCRYPTO} ${LIBSSL}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror
8CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
9
10.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c
deleted file mode 100644
index 331d554c0e..0000000000
--- a/src/regress/lib/libssl/tlsext/tlsexttest.c
+++ /dev/null
@@ -1,4496 +0,0 @@
1/* $OpenBSD: tlsexttest.c,v 1.76 2022/10/02 16:38:23 jsing Exp $ */
2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
5 * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
6 * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
7 *
8 * Permission to use, copy, modify, and distribute this software for any
9 * purpose with or without fee is hereby granted, provided that the above
10 * copyright notice and this permission notice appear in all copies.
11 *
12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 */
20
21#include <err.h>
22
23#include <openssl/tls1.h>
24
25#include "ssl_locl.h"
26
27#include "bytestring.h"
28#include "ssl_tlsext.h"
29
30struct tls_extension_funcs {
31 int (*needs)(SSL *s, uint16_t msg_type);
32 int (*build)(SSL *s, uint16_t msg_type, CBB *cbb);
33 int (*parse)(SSL *s, uint16_t msg_type, CBS *cbs, int *alert);
34};
35
36const struct tls_extension *tls_extension_find(uint16_t, size_t *);
37const struct tls_extension_funcs *tlsext_funcs(const struct tls_extension *,
38 int);
39
40static int
41tls_extension_funcs(int type, const struct tls_extension_funcs **client_funcs,
42 const struct tls_extension_funcs **server_funcs)
43{
44 const struct tls_extension *ext;
45 size_t idx;
46
47 if ((ext = tls_extension_find(type, &idx)) == NULL)
48 return 0;
49
50 if ((*client_funcs = tlsext_funcs(ext, 0)) == NULL)
51 return 0;
52
53 if ((*server_funcs = tlsext_funcs(ext, 1)) == NULL)
54 return 0;
55
56 return 1;
57}
58
59static void
60hexdump(const unsigned char *buf, size_t len)
61{
62 size_t i;
63
64 for (i = 1; i <= len; i++)
65 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
66
67 fprintf(stderr, "\n");
68}
69
70static void
71hexdump2(const uint16_t *buf, size_t len)
72{
73 size_t i;
74
75 for (i = 1; i <= len / 2; i++)
76 fprintf(stderr, " 0x%04hx,%s", buf[i - 1], i % 8 ? "" : "\n");
77
78 fprintf(stderr, "\n");
79}
80
81static void
82compare_data(const uint8_t *recv, size_t recv_len, const uint8_t *expect,
83 size_t expect_len)
84{
85 fprintf(stderr, "received:\n");
86 hexdump(recv, recv_len);
87
88 fprintf(stderr, "test data:\n");
89 hexdump(expect, expect_len);
90}
91
92static void
93compare_data2(const uint16_t *recv, size_t recv_len, const uint16_t *expect,
94 size_t expect_len)
95{
96 fprintf(stderr, "received:\n");
97 hexdump2(recv, recv_len);
98
99 fprintf(stderr, "test data:\n");
100 hexdump2(expect, expect_len);
101}
102
103#define FAIL(msg, ...) \
104do { \
105 fprintf(stderr, "[%s:%d] FAIL: ", __FILE__, __LINE__); \
106 fprintf(stderr, msg, ##__VA_ARGS__); \
107} while(0)
108
109/*
110 * Supported Application-Layer Protocol Negotiation - RFC 7301
111 *
112 * There are already extensive unit tests for this so this just
113 * tests the state info.
114 */
115
116const uint8_t tlsext_alpn_multiple_protos_val[] = {
117 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
118 0x08, /* len */
119 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
120 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
121 0x09, /* len */
122 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
123};
124
125const uint8_t tlsext_alpn_multiple_protos[] = {
126 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
127 0x00, 0x13, /* len of all names */
128 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
129 0x08, /* len */
130 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
131 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
132 0x09, /* len */
133 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
134};
135
136const uint8_t tlsext_alpn_single_proto_val[] = {
137 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
138 0x08, /* len */
139 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31
140};
141
142const uint8_t tlsext_alpn_single_proto_name[] = {
143 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* 'http/1.1' */
144};
145
146const uint8_t tlsext_alpn_single_proto[] = {
147 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
148 0x00, 0x09, /* len of all names */
149 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
150 0x08, /* len */
151 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31
152};
153
154#define TLSEXT_TYPE_alpn TLSEXT_TYPE_application_layer_protocol_negotiation
155
156static int
157test_tlsext_alpn_client(void)
158{
159 SSL_CTX *ssl_ctx = NULL;
160 SSL *ssl = NULL;
161 const struct tls_extension_funcs *client_funcs;
162 const struct tls_extension_funcs *server_funcs;
163 uint8_t *data = NULL;
164 CBB cbb;
165 CBS cbs;
166 int failure, alert;
167 size_t dlen;
168
169 failure = 1;
170
171 if (!CBB_init(&cbb, 0))
172 errx(1, "Failed to create CBB");
173
174 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
175 errx(1, "failed to create SSL_CTX");
176 if ((ssl = SSL_new(ssl_ctx)) == NULL)
177 errx(1, "failed to create SSL");
178
179 if (!tls_extension_funcs(TLSEXT_TYPE_alpn, &client_funcs, &server_funcs))
180 errx(1, "failed to fetch ALPN funcs");
181
182 /* By default, we don't need this */
183 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
184 FAIL("client should not need ALPN by default\n");
185 goto err;
186 }
187
188 /*
189 * Prereqs:
190 * 1) Set s->alpn_client_proto_list
191 * - Using SSL_set_alpn_protos()
192 * 2) We have not finished or renegotiated.
193 * - s->s3->tmp.finish_md_len == 0
194 */
195 if (SSL_set_alpn_protos(ssl, tlsext_alpn_single_proto_val,
196 sizeof(tlsext_alpn_single_proto_val)) != 0) {
197 FAIL("should be able to set ALPN to http/1.1\n");
198 goto err;
199 }
200 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
201 FAIL("client should need ALPN by default\n");
202 goto err;
203 }
204
205 /* Make sure we can build the client with a single proto. */
206
207 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
208 FAIL("client failed to build ALPN\n");
209 goto err;
210 }
211 if (!CBB_finish(&cbb, &data, &dlen))
212 errx(1, "failed to finish CBB");
213
214 if (dlen != sizeof(tlsext_alpn_single_proto)) {
215 FAIL("got client ALPN with length %zu, "
216 "want length %zu\n", dlen,
217 sizeof(tlsext_alpn_single_proto));
218 compare_data(data, dlen, tlsext_alpn_single_proto,
219 sizeof(tlsext_alpn_single_proto));
220 goto err;
221 }
222 if (memcmp(data, tlsext_alpn_single_proto, dlen) != 0) {
223 FAIL("client ALPN differs:\n");
224 compare_data(data, dlen, tlsext_alpn_single_proto,
225 sizeof(tlsext_alpn_single_proto));
226 goto err;
227 }
228
229 CBB_cleanup(&cbb);
230 if (!CBB_init(&cbb, 0))
231 errx(1, "Failed to create CBB");
232 free(data);
233 data = NULL;
234
235 /* Make sure we can parse the single proto. */
236
237 CBS_init(&cbs, tlsext_alpn_single_proto,
238 sizeof(tlsext_alpn_single_proto));
239 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
240 FAIL("failed to parse ALPN\n");
241 goto err;
242 }
243 if (CBS_len(&cbs) != 0) {
244 FAIL("extension data remaining\n");
245 goto err;
246 }
247
248 if (ssl->alpn_client_proto_list_len !=
249 sizeof(tlsext_alpn_single_proto_val)) {
250 FAIL("got client ALPN with length %zu, "
251 "want length %zu\n", dlen,
252 sizeof(tlsext_alpn_single_proto_val));
253 compare_data(ssl->alpn_client_proto_list,
254 ssl->alpn_client_proto_list_len,
255 tlsext_alpn_single_proto_val,
256 sizeof(tlsext_alpn_single_proto_val));
257 goto err;
258 }
259 if (memcmp(ssl->alpn_client_proto_list,
260 tlsext_alpn_single_proto_val,
261 sizeof(tlsext_alpn_single_proto_val)) != 0) {
262 FAIL("client ALPN differs:\n");
263 compare_data(data, dlen, tlsext_alpn_single_proto_val,
264 sizeof(tlsext_alpn_single_proto_val));
265 goto err;
266 }
267
268 /* Make sure we can build the clienthello with multiple entries. */
269
270 if (SSL_set_alpn_protos(ssl, tlsext_alpn_multiple_protos_val,
271 sizeof(tlsext_alpn_multiple_protos_val)) != 0) {
272 FAIL("should be able to set ALPN to http/1.1\n");
273 goto err;
274 }
275 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
276 FAIL("client should need ALPN by now\n");
277 goto err;
278 }
279
280 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
281 FAIL("client failed to build ALPN\n");
282 goto err;
283 }
284 if (!CBB_finish(&cbb, &data, &dlen))
285 errx(1, "failed to finish CBB");
286
287 if (dlen != sizeof(tlsext_alpn_multiple_protos)) {
288 FAIL("got client ALPN with length %zu, "
289 "want length %zu\n", dlen,
290 sizeof(tlsext_alpn_multiple_protos));
291 compare_data(data, dlen, tlsext_alpn_multiple_protos,
292 sizeof(tlsext_alpn_multiple_protos));
293 goto err;
294 }
295 if (memcmp(data, tlsext_alpn_multiple_protos, dlen) != 0) {
296 FAIL("client ALPN differs:\n");
297 compare_data(data, dlen, tlsext_alpn_multiple_protos,
298 sizeof(tlsext_alpn_multiple_protos));
299 goto err;
300 }
301
302 /* Make sure we can parse multiple protos */
303
304 CBS_init(&cbs, tlsext_alpn_multiple_protos,
305 sizeof(tlsext_alpn_multiple_protos));
306 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
307 FAIL("failed to parse ALPN\n");
308 goto err;
309 }
310 if (CBS_len(&cbs) != 0) {
311 FAIL("extension data remaining\n");
312 goto err;
313 }
314
315 if (ssl->alpn_client_proto_list_len !=
316 sizeof(tlsext_alpn_multiple_protos_val)) {
317 FAIL("got client ALPN with length %zu, "
318 "want length %zu\n", dlen,
319 sizeof(tlsext_alpn_multiple_protos_val));
320 compare_data(ssl->alpn_client_proto_list,
321 ssl->alpn_client_proto_list_len,
322 tlsext_alpn_multiple_protos_val,
323 sizeof(tlsext_alpn_multiple_protos_val));
324 goto err;
325 }
326 if (memcmp(ssl->alpn_client_proto_list,
327 tlsext_alpn_multiple_protos_val,
328 sizeof(tlsext_alpn_multiple_protos_val)) != 0) {
329 FAIL("client ALPN differs:\n");
330 compare_data(data, dlen, tlsext_alpn_multiple_protos_val,
331 sizeof(tlsext_alpn_multiple_protos_val));
332 goto err;
333 }
334
335 /* Make sure we can remove the list and avoid ALPN */
336
337 free(ssl->alpn_client_proto_list);
338 ssl->alpn_client_proto_list = NULL;
339 ssl->alpn_client_proto_list_len = 0;
340
341 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
342 FAIL("client should need ALPN by default\n");
343 goto err;
344 }
345
346 failure = 0;
347
348 err:
349 CBB_cleanup(&cbb);
350 SSL_CTX_free(ssl_ctx);
351 SSL_free(ssl);
352 free(data);
353
354 return (failure);
355}
356
357static int
358test_tlsext_alpn_server(void)
359{
360 SSL_CTX *ssl_ctx = NULL;
361 SSL *ssl = NULL;
362 const struct tls_extension_funcs *client_funcs;
363 const struct tls_extension_funcs *server_funcs;
364 uint8_t *data = NULL;
365 CBB cbb;
366 CBS cbs;
367 int failure, alert;
368 size_t dlen;
369
370 failure = 1;
371
372 if (!CBB_init(&cbb, 0))
373 errx(1, "Failed to create CBB");
374
375 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
376 errx(1, "failed to create SSL_CTX");
377 if ((ssl = SSL_new(ssl_ctx)) == NULL)
378 errx(1, "failed to create SSL");
379
380 if (!tls_extension_funcs(TLSEXT_TYPE_alpn, &client_funcs, &server_funcs))
381 errx(1, "failed to fetch ALPN funcs");
382
383 /* By default, ALPN isn't needed. */
384 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
385 FAIL("server should not need ALPN by default\n");
386 goto err;
387 }
388
389 /*
390 * The server has a single ALPN selection which is set by
391 * SSL_CTX_set_alpn_select_cb() and calls SSL_select_next_proto().
392 *
393 * This will be a plain name and separate length.
394 */
395 if ((ssl->s3->alpn_selected = malloc(sizeof(tlsext_alpn_single_proto_name))) == NULL) {
396 errx(1, "failed to malloc");
397 }
398 memcpy(ssl->s3->alpn_selected, tlsext_alpn_single_proto_name,
399 sizeof(tlsext_alpn_single_proto_name));
400 ssl->s3->alpn_selected_len = sizeof(tlsext_alpn_single_proto_name);
401
402 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
403 FAIL("server should need ALPN after a protocol is selected\n");
404 goto err;
405 }
406
407 /* Make sure we can build a server with one protocol */
408
409 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
410 FAIL("server should be able to build a response\n");
411 goto err;
412 }
413 if (!CBB_finish(&cbb, &data, &dlen))
414 errx(1, "failed to finish CBB");
415
416 if (dlen != sizeof(tlsext_alpn_single_proto)) {
417 FAIL("got client ALPN with length %zu, "
418 "want length %zu\n", dlen,
419 sizeof(tlsext_alpn_single_proto));
420 compare_data(data, dlen, tlsext_alpn_single_proto,
421 sizeof(tlsext_alpn_single_proto));
422 goto err;
423 }
424 if (memcmp(data, tlsext_alpn_single_proto, dlen) != 0) {
425 FAIL("client ALPN differs:\n");
426 compare_data(data, dlen, tlsext_alpn_single_proto,
427 sizeof(tlsext_alpn_single_proto));
428 goto err;
429 }
430
431 CBB_cleanup(&cbb);
432 if (!CBB_init(&cbb, 0))
433 errx(1, "Failed to create CBB");
434 free(data);
435 data = NULL;
436
437 /* Make sure we can parse the single proto. */
438
439 CBS_init(&cbs, tlsext_alpn_single_proto,
440 sizeof(tlsext_alpn_single_proto));
441
442 /* Shouldn't be able to parse without requesting */
443 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
444 FAIL("Should only parse server if we requested it\n");
445 goto err;
446 }
447
448 /* Should be able to parse once requested. */
449 if (SSL_set_alpn_protos(ssl, tlsext_alpn_single_proto_val,
450 sizeof(tlsext_alpn_single_proto_val)) != 0) {
451 FAIL("should be able to set ALPN to http/1.1\n");
452 goto err;
453 }
454 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
455 FAIL("Should be able to parse server when we request it\n");
456 goto err;
457 }
458 if (CBS_len(&cbs) != 0) {
459 FAIL("extension data remaining\n");
460 goto err;
461 }
462
463 if (ssl->s3->alpn_selected_len !=
464 sizeof(tlsext_alpn_single_proto_name)) {
465 FAIL("got server ALPN with length %zu, "
466 "want length %zu\n", dlen,
467 sizeof(tlsext_alpn_single_proto_name));
468 compare_data(ssl->s3->alpn_selected,
469 ssl->s3->alpn_selected_len,
470 tlsext_alpn_single_proto_name,
471 sizeof(tlsext_alpn_single_proto_name));
472 goto err;
473 }
474 if (memcmp(ssl->s3->alpn_selected,
475 tlsext_alpn_single_proto_name,
476 sizeof(tlsext_alpn_single_proto_name)) != 0) {
477 FAIL("server ALPN differs:\n");
478 compare_data(ssl->s3->alpn_selected,
479 ssl->s3->alpn_selected_len,
480 tlsext_alpn_single_proto_name,
481 sizeof(tlsext_alpn_single_proto_name));
482 goto err;
483 }
484
485 /*
486 * We should NOT be able to build a server with multiple
487 * protocol names. However, the existing code did not check for this
488 * case because it is passed in as an encoded value.
489 */
490
491 /* Make sure we can remove the list and avoid ALPN */
492
493 free(ssl->s3->alpn_selected);
494 ssl->s3->alpn_selected = NULL;
495 ssl->s3->alpn_selected_len = 0;
496
497 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
498 FAIL("server should not need ALPN by default\n");
499 goto err;
500 }
501
502 failure = 0;
503
504 err:
505 CBB_cleanup(&cbb);
506 SSL_CTX_free(ssl_ctx);
507 SSL_free(ssl);
508 free(data);
509
510 return (failure);
511
512}
513
514/*
515 * Supported Elliptic Curves - RFC 4492 section 5.1.1.
516 *
517 * This extension is only used by the client.
518 */
519
520static uint8_t tlsext_supportedgroups_client_default[] = {
521 0x00, 0x08,
522 0x00, 0x1d, /* X25519 (29) */
523 0x00, 0x17, /* secp256r1 (23) */
524 0x00, 0x18, /* secp384r1 (24) */
525 0x00, 0x19, /* secp521r1 (25) */
526};
527
528static uint16_t tlsext_supportedgroups_client_secp384r1_val[] = {
529 0x0018 /* tls1_ec_nid2group_id(NID_secp384r1) */
530};
531static uint8_t tlsext_supportedgroups_client_secp384r1[] = {
532 0x00, 0x02,
533 0x00, 0x18 /* secp384r1 (24) */
534};
535
536/* Example from RFC 4492 section 5.1.1 */
537static uint16_t tlsext_supportedgroups_client_nistp192and224_val[] = {
538 0x0013, /* tls1_ec_nid2group_id(NID_X9_62_prime192v1) */
539 0x0015 /* tls1_ec_nid2group_id(NID_secp224r1) */
540};
541static uint8_t tlsext_supportedgroups_client_nistp192and224[] = {
542 0x00, 0x04,
543 0x00, 0x13, /* secp192r1 aka NIST P-192 */
544 0x00, 0x15 /* secp224r1 aka NIST P-224 */
545};
546
547static int
548test_tlsext_supportedgroups_client(void)
549{
550 unsigned char *data = NULL;
551 SSL_CTX *ssl_ctx = NULL;
552 SSL *ssl = NULL;
553 const struct tls_extension_funcs *client_funcs;
554 const struct tls_extension_funcs *server_funcs;
555 size_t dlen;
556 int failure, alert;
557 CBB cbb;
558 CBS cbs;
559
560 failure = 1;
561
562 if (!CBB_init(&cbb, 0))
563 errx(1, "failed to create CBB");
564
565 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
566 errx(1, "failed to create SSL_CTX");
567 if ((ssl = SSL_new(ssl_ctx)) == NULL)
568 errx(1, "failed to create SSL");
569
570 if (!tls_extension_funcs(TLSEXT_TYPE_supported_groups, &client_funcs,
571 &server_funcs))
572 errx(1, "failed to fetch supported groups funcs");
573
574 /*
575 * Default ciphers include EC so we need it by default.
576 */
577 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
578 FAIL("client should need Ellipticcurves for default "
579 "ciphers\n");
580 goto err;
581 }
582
583 /*
584 * Exclude cipher suites so we can test not including it.
585 */
586 if (!SSL_set_cipher_list(ssl, "TLSv1.2:!ECDHE:!ECDSA")) {
587 FAIL("client should be able to set cipher list\n");
588 goto err;
589 }
590 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
591 FAIL("client should not need Ellipticcurves\n");
592 goto err;
593 }
594
595 /*
596 * Use libtls default for the rest of the testing
597 */
598 if (!SSL_set_cipher_list(ssl, "TLSv1.2+AEAD+ECDHE")) {
599 FAIL("client should be able to set cipher list\n");
600 goto err;
601 }
602 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
603 FAIL("client should need Ellipticcurves\n");
604 goto err;
605 }
606
607 /*
608 * Test with a session secp384r1. The default is used instead.
609 */
610 if ((ssl->session = SSL_SESSION_new()) == NULL)
611 errx(1, "failed to create session");
612
613 if ((ssl->session->tlsext_supportedgroups = malloc(sizeof(uint16_t)))
614 == NULL) {
615 FAIL("client could not malloc\n");
616 goto err;
617 }
618 if (!tls1_ec_nid2group_id(NID_secp384r1,
619 &ssl->session->tlsext_supportedgroups[0]))
620 goto err;
621 ssl->session->tlsext_supportedgroups_length = 1;
622
623 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
624 FAIL("client should need Ellipticcurves\n");
625 goto err;
626 }
627
628 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
629 FAIL("client failed to build Ellipticcurves\n");
630 goto err;
631 }
632
633 if (!CBB_finish(&cbb, &data, &dlen))
634 errx(1, "failed to finish CBB");
635
636 if (dlen != sizeof(tlsext_supportedgroups_client_default)) {
637 FAIL("got client Ellipticcurves with length %zu, "
638 "want length %zu\n", dlen,
639 sizeof(tlsext_supportedgroups_client_default));
640 compare_data(data, dlen, tlsext_supportedgroups_client_default,
641 sizeof(tlsext_supportedgroups_client_default));
642 goto err;
643 }
644
645 if (memcmp(data, tlsext_supportedgroups_client_default, dlen) != 0) {
646 FAIL("client Ellipticcurves differs:\n");
647 compare_data(data, dlen, tlsext_supportedgroups_client_default,
648 sizeof(tlsext_supportedgroups_client_default));
649 goto err;
650 }
651
652 /*
653 * Test parsing secp384r1
654 */
655 CBB_cleanup(&cbb);
656 if (!CBB_init(&cbb, 0))
657 errx(1, "Failed to create CBB");
658 free(data);
659 data = NULL;
660
661 SSL_SESSION_free(ssl->session);
662 if ((ssl->session = SSL_SESSION_new()) == NULL)
663 errx(1, "failed to create session");
664
665 CBS_init(&cbs, tlsext_supportedgroups_client_secp384r1,
666 sizeof(tlsext_supportedgroups_client_secp384r1));
667 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
668 FAIL("failed to parse client Ellipticcurves\n");
669 goto err;
670 }
671 if (CBS_len(&cbs) != 0) {
672 FAIL("extension data remaining\n");
673 goto err;
674 }
675
676 if (ssl->session->tlsext_supportedgroups_length !=
677 sizeof(tlsext_supportedgroups_client_secp384r1_val) / sizeof(uint16_t)) {
678 FAIL("no tlsext_ellipticcurves from client "
679 "Ellipticcurves\n");
680 goto err;
681 }
682
683 if (memcmp(ssl->session->tlsext_supportedgroups,
684 tlsext_supportedgroups_client_secp384r1_val,
685 sizeof(tlsext_supportedgroups_client_secp384r1_val)) != 0) {
686 FAIL("client had an incorrect Ellipticcurves "
687 "entry\n");
688 compare_data2(ssl->session->tlsext_supportedgroups,
689 ssl->session->tlsext_supportedgroups_length * 2,
690 tlsext_supportedgroups_client_secp384r1_val,
691 sizeof(tlsext_supportedgroups_client_secp384r1_val));
692 goto err;
693 }
694
695 /*
696 * Use a custom order.
697 */
698 CBB_cleanup(&cbb);
699 if (!CBB_init(&cbb, 0))
700 errx(1, "Failed to create CBB");
701
702 SSL_SESSION_free(ssl->session);
703 if ((ssl->session = SSL_SESSION_new()) == NULL)
704 errx(1, "failed to create session");
705
706 if ((ssl->tlsext_supportedgroups = malloc(sizeof(uint16_t) * 2)) == NULL) {
707 FAIL("client could not malloc\n");
708 goto err;
709 }
710 if (!tls1_ec_nid2group_id(NID_X9_62_prime192v1,
711 &ssl->tlsext_supportedgroups[0]))
712 goto err;
713 if (!tls1_ec_nid2group_id(NID_secp224r1,
714 &ssl->tlsext_supportedgroups[1]))
715 goto err;
716 ssl->tlsext_supportedgroups_length = 2;
717
718 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
719 FAIL("client should need Ellipticcurves\n");
720 goto err;
721 }
722
723 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
724 FAIL("client failed to build Ellipticcurves\n");
725 goto err;
726 }
727
728 if (!CBB_finish(&cbb, &data, &dlen))
729 errx(1, "failed to finish CBB");
730
731 if (dlen != sizeof(tlsext_supportedgroups_client_nistp192and224)) {
732 FAIL("got client Ellipticcurves with length %zu, "
733 "want length %zu\n", dlen,
734 sizeof(tlsext_supportedgroups_client_nistp192and224));
735 fprintf(stderr, "received:\n");
736 hexdump(data, dlen);
737 fprintf(stderr, "test data:\n");
738 hexdump(tlsext_supportedgroups_client_nistp192and224,
739 sizeof(tlsext_supportedgroups_client_nistp192and224));
740 goto err;
741 }
742
743 if (memcmp(data, tlsext_supportedgroups_client_nistp192and224, dlen) != 0) {
744 FAIL("client Ellipticcurves differs:\n");
745 fprintf(stderr, "received:\n");
746 hexdump(data, dlen);
747 fprintf(stderr, "test data:\n");
748 hexdump(tlsext_supportedgroups_client_nistp192and224,
749 sizeof(tlsext_supportedgroups_client_nistp192and224));
750 goto err;
751 }
752
753 /*
754 * Parse non-default curves to session.
755 */
756 CBB_cleanup(&cbb);
757 if (!CBB_init(&cbb, 0))
758 errx(1, "Failed to create CBB");
759 free(data);
760 data = NULL;
761
762 SSL_SESSION_free(ssl->session);
763 if ((ssl->session = SSL_SESSION_new()) == NULL)
764 errx(1, "failed to create session");
765
766 /* Reset back to the default list. */
767 free(ssl->tlsext_supportedgroups);
768 ssl->tlsext_supportedgroups = NULL;
769 ssl->tlsext_supportedgroups_length = 0;
770
771 CBS_init(&cbs, tlsext_supportedgroups_client_nistp192and224,
772 sizeof(tlsext_supportedgroups_client_nistp192and224));
773 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
774 FAIL("failed to parse client Ellipticcurves\n");
775 goto err;
776 }
777 if (CBS_len(&cbs) != 0) {
778 FAIL("extension data remaining\n");
779 goto err;
780 }
781
782 if (ssl->session->tlsext_supportedgroups_length !=
783 sizeof(tlsext_supportedgroups_client_nistp192and224_val) / sizeof(uint16_t)) {
784 FAIL("no tlsext_ellipticcurves from client Ellipticcurves\n");
785 goto err;
786 }
787
788 if (memcmp(ssl->session->tlsext_supportedgroups,
789 tlsext_supportedgroups_client_nistp192and224_val,
790 sizeof(tlsext_supportedgroups_client_nistp192and224_val)) != 0) {
791 FAIL("client had an incorrect Ellipticcurves entry\n");
792 compare_data2(ssl->session->tlsext_supportedgroups,
793 ssl->session->tlsext_supportedgroups_length * 2,
794 tlsext_supportedgroups_client_nistp192and224_val,
795 sizeof(tlsext_supportedgroups_client_nistp192and224_val));
796 goto err;
797 }
798
799 failure = 0;
800
801 err:
802 CBB_cleanup(&cbb);
803 SSL_CTX_free(ssl_ctx);
804 SSL_free(ssl);
805 free(data);
806
807 return (failure);
808}
809
810
811/* elliptic_curves is only used by the client so this doesn't test much. */
812static int
813test_tlsext_supportedgroups_server(void)
814{
815 SSL_CTX *ssl_ctx = NULL;
816 SSL *ssl = NULL;
817 const struct tls_extension_funcs *client_funcs;
818 const struct tls_extension_funcs *server_funcs;
819 int failure;
820
821 failure = 1;
822
823 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
824 errx(1, "failed to create SSL_CTX");
825 if ((ssl = SSL_new(ssl_ctx)) == NULL)
826 errx(1, "failed to create SSL");
827
828 if (!tls_extension_funcs(TLSEXT_TYPE_supported_groups, &client_funcs,
829 &server_funcs))
830 errx(1, "failed to fetch supported groups funcs");
831
832 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
833 FAIL("server should not need elliptic_curves\n");
834 goto err;
835 }
836
837 if ((ssl->session = SSL_SESSION_new()) == NULL)
838 errx(1, "failed to create session");
839
840 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
841 FAIL("server should not need elliptic_curves\n");
842 goto err;
843 }
844
845 failure = 0;
846
847 err:
848 SSL_CTX_free(ssl_ctx);
849 SSL_free(ssl);
850
851 return (failure);
852
853}
854
855/*
856 * Supported Point Formats - RFC 4492 section 5.1.2.
857 *
858 * Examples are from the RFC. Both client and server have the same build and
859 * parse but the needs differ.
860 */
861
862static uint8_t tlsext_ecpf_hello_uncompressed_val[] = {
863 TLSEXT_ECPOINTFORMAT_uncompressed
864};
865static uint8_t tlsext_ecpf_hello_uncompressed[] = {
866 0x01,
867 0x00 /* TLSEXT_ECPOINTFORMAT_uncompressed */
868};
869
870static uint8_t tlsext_ecpf_hello_prime[] = {
871 0x01,
872 0x01 /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime */
873};
874
875static uint8_t tlsext_ecpf_hello_prefer_order_val[] = {
876 TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime,
877 TLSEXT_ECPOINTFORMAT_uncompressed,
878 TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2
879};
880static uint8_t tlsext_ecpf_hello_prefer_order[] = {
881 0x03,
882 0x01, /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime */
883 0x00, /* TLSEXT_ECPOINTFORMAT_uncompressed */
884 0x02 /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 */
885};
886
887static int
888test_tlsext_ecpf_client(void)
889{
890 uint8_t *data = NULL;
891 SSL_CTX *ssl_ctx = NULL;
892 SSL *ssl = NULL;
893 const struct tls_extension_funcs *client_funcs;
894 const struct tls_extension_funcs *server_funcs;
895 size_t dlen;
896 int failure, alert;
897 CBB cbb;
898 CBS cbs;
899
900 failure = 1;
901
902 if (!CBB_init(&cbb, 0))
903 errx(1, "Failed to create CBB");
904
905 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
906 errx(1, "failed to create SSL_CTX");
907 if ((ssl = SSL_new(ssl_ctx)) == NULL)
908 errx(1, "failed to create SSL");
909
910 if (!tls_extension_funcs(TLSEXT_TYPE_ec_point_formats, &client_funcs,
911 &server_funcs))
912 errx(1, "failed to fetch ecpf funcs");
913
914 /*
915 * Default ciphers include EC so we need it by default.
916 */
917 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
918 FAIL("client should need ECPointFormats for default "
919 "ciphers\n");
920 goto err;
921 }
922
923 /*
924 * Exclude EC cipher suites so we can test not including it.
925 */
926 if (!SSL_set_cipher_list(ssl, "ALL:!ECDHE:!ECDH")) {
927 FAIL("client should be able to set cipher list\n");
928 goto err;
929 }
930 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
931 FAIL("client should not need ECPointFormats\n");
932 goto err;
933 }
934
935 /*
936 * Use libtls default for the rest of the testing
937 */
938 if (!SSL_set_cipher_list(ssl, "TLSv1.2+AEAD+ECDHE")) {
939 FAIL("client should be able to set cipher list\n");
940 goto err;
941 }
942 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
943 FAIL("client should need ECPointFormats\n");
944 goto err;
945 }
946
947 /*
948 * The default ECPointFormats should only have uncompressed
949 */
950 if ((ssl->session = SSL_SESSION_new()) == NULL)
951 errx(1, "failed to create session");
952
953 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
954 FAIL("client failed to build ECPointFormats\n");
955 goto err;
956 }
957
958 if (!CBB_finish(&cbb, &data, &dlen))
959 errx(1, "failed to finish CBB");
960
961 if (dlen != sizeof(tlsext_ecpf_hello_uncompressed)) {
962 FAIL("got client ECPointFormats with length %zu, "
963 "want length %zu\n", dlen,
964 sizeof(tlsext_ecpf_hello_uncompressed));
965 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
966 sizeof(tlsext_ecpf_hello_uncompressed));
967 goto err;
968 }
969
970 if (memcmp(data, tlsext_ecpf_hello_uncompressed, dlen) != 0) {
971 FAIL("client ECPointFormats differs:\n");
972 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
973 sizeof(tlsext_ecpf_hello_uncompressed));
974 goto err;
975 }
976
977 /*
978 * Make sure we can parse the default.
979 */
980 CBB_cleanup(&cbb);
981 if (!CBB_init(&cbb, 0))
982 errx(1, "Failed to create CBB");
983 free(data);
984 data = NULL;
985
986 SSL_SESSION_free(ssl->session);
987 if ((ssl->session = SSL_SESSION_new()) == NULL)
988 errx(1, "failed to create session");
989
990 CBS_init(&cbs, tlsext_ecpf_hello_uncompressed,
991 sizeof(tlsext_ecpf_hello_uncompressed));
992 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
993 FAIL("failed to parse client ECPointFormats\n");
994 goto err;
995 }
996 if (CBS_len(&cbs) != 0) {
997 FAIL("extension data remaining\n");
998 goto err;
999 }
1000
1001 if (ssl->session->tlsext_ecpointformatlist_length !=
1002 sizeof(tlsext_ecpf_hello_uncompressed_val)) {
1003 FAIL("no tlsext_ecpointformats from client "
1004 "ECPointFormats\n");
1005 goto err;
1006 }
1007
1008 if (memcmp(ssl->session->tlsext_ecpointformatlist,
1009 tlsext_ecpf_hello_uncompressed_val,
1010 sizeof(tlsext_ecpf_hello_uncompressed_val)) != 0) {
1011 FAIL("client had an incorrect ECPointFormats entry\n");
1012 goto err;
1013 }
1014
1015 /*
1016 * Test with a custom order.
1017 */
1018 CBB_cleanup(&cbb);
1019 if (!CBB_init(&cbb, 0))
1020 errx(1, "Failed to create CBB");
1021 free(data);
1022 data = NULL;
1023
1024 SSL_SESSION_free(ssl->session);
1025 if ((ssl->session = SSL_SESSION_new()) == NULL)
1026 errx(1, "failed to create session");
1027
1028 if ((ssl->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) {
1029 FAIL("client could not malloc\n");
1030 goto err;
1031 }
1032 ssl->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
1033 ssl->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed;
1034 ssl->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
1035 ssl->tlsext_ecpointformatlist_length = 3;
1036
1037 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1038 FAIL("client should need ECPointFormats with a custom "
1039 "format\n");
1040 goto err;
1041 }
1042
1043 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
1044 FAIL("client failed to build ECPointFormats\n");
1045 goto err;
1046 }
1047
1048 if (!CBB_finish(&cbb, &data, &dlen))
1049 errx(1, "failed to finish CBB");
1050
1051 if (dlen != sizeof(tlsext_ecpf_hello_prefer_order)) {
1052 FAIL("got client ECPointFormats with length %zu, "
1053 "want length %zu\n", dlen,
1054 sizeof(tlsext_ecpf_hello_prefer_order));
1055 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
1056 sizeof(tlsext_ecpf_hello_prefer_order));
1057 goto err;
1058 }
1059
1060 if (memcmp(data, tlsext_ecpf_hello_prefer_order, dlen) != 0) {
1061 FAIL("client ECPointFormats differs:\n");
1062 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
1063 sizeof(tlsext_ecpf_hello_prefer_order));
1064 goto err;
1065 }
1066
1067 /*
1068 * Make sure that we can parse this custom order.
1069 */
1070 CBB_cleanup(&cbb);
1071 if (!CBB_init(&cbb, 0))
1072 errx(1, "Failed to create CBB");
1073 free(data);
1074 data = NULL;
1075
1076 SSL_SESSION_free(ssl->session);
1077 if ((ssl->session = SSL_SESSION_new()) == NULL)
1078 errx(1, "failed to create session");
1079
1080 /* Reset the custom list so we go back to the default uncompressed. */
1081 free(ssl->tlsext_ecpointformatlist);
1082 ssl->tlsext_ecpointformatlist = NULL;
1083 ssl->tlsext_ecpointformatlist_length = 0;
1084
1085 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order,
1086 sizeof(tlsext_ecpf_hello_prefer_order));
1087 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1088 FAIL("failed to parse client ECPointFormats\n");
1089 goto err;
1090 }
1091 if (CBS_len(&cbs) != 0) {
1092 FAIL("extension data remaining\n");
1093 goto err;
1094 }
1095
1096 if (ssl->session->tlsext_ecpointformatlist_length !=
1097 sizeof(tlsext_ecpf_hello_prefer_order_val)) {
1098 FAIL("no tlsext_ecpointformats from client "
1099 "ECPointFormats\n");
1100 goto err;
1101 }
1102
1103 if (memcmp(ssl->session->tlsext_ecpointformatlist,
1104 tlsext_ecpf_hello_prefer_order_val,
1105 sizeof(tlsext_ecpf_hello_prefer_order_val)) != 0) {
1106 FAIL("client had an incorrect ECPointFormats entry\n");
1107 goto err;
1108 }
1109
1110
1111 failure = 0;
1112
1113 err:
1114 CBB_cleanup(&cbb);
1115 SSL_CTX_free(ssl_ctx);
1116 SSL_free(ssl);
1117 free(data);
1118
1119 return (failure);
1120}
1121
1122static int
1123test_tlsext_ecpf_server(void)
1124{
1125 uint8_t *data = NULL;
1126 SSL_CTX *ssl_ctx = NULL;
1127 SSL *ssl = NULL;
1128 const struct tls_extension_funcs *client_funcs;
1129 const struct tls_extension_funcs *server_funcs;
1130 size_t dlen;
1131 int failure, alert;
1132 CBB cbb;
1133 CBS cbs;
1134
1135 failure = 1;
1136
1137 if (!CBB_init(&cbb, 0))
1138 errx(1, "Failed to create CBB");
1139
1140 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1141 errx(1, "failed to create SSL_CTX");
1142 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1143 errx(1, "failed to create SSL");
1144
1145 if (!tls_extension_funcs(TLSEXT_TYPE_ec_point_formats, &client_funcs,
1146 &server_funcs))
1147 errx(1, "failed to fetch ecpf funcs");
1148
1149 if ((ssl->session = SSL_SESSION_new()) == NULL)
1150 errx(1, "failed to create session");
1151
1152 /* Setup the state so we can call needs. */
1153 if ((ssl->s3->hs.cipher =
1154 ssl3_get_cipher_by_id(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305))
1155 == NULL) {
1156 FAIL("server cannot find cipher\n");
1157 goto err;
1158 }
1159 if ((ssl->session->tlsext_ecpointformatlist = malloc(sizeof(uint8_t)))
1160 == NULL) {
1161 FAIL("server could not malloc\n");
1162 goto err;
1163 }
1164 ssl->session->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
1165 ssl->session->tlsext_ecpointformatlist_length = 1;
1166
1167 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1168 FAIL("server should need ECPointFormats now\n");
1169 goto err;
1170 }
1171
1172 /*
1173 * The server will ignore the session list and use either a custom
1174 * list or the default (uncompressed).
1175 */
1176 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
1177 FAIL("server failed to build ECPointFormats\n");
1178 goto err;
1179 }
1180
1181 if (!CBB_finish(&cbb, &data, &dlen))
1182 errx(1, "failed to finish CBB");
1183
1184 if (dlen != sizeof(tlsext_ecpf_hello_uncompressed)) {
1185 FAIL("got server ECPointFormats with length %zu, "
1186 "want length %zu\n", dlen,
1187 sizeof(tlsext_ecpf_hello_uncompressed));
1188 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
1189 sizeof(tlsext_ecpf_hello_uncompressed));
1190 goto err;
1191 }
1192
1193 if (memcmp(data, tlsext_ecpf_hello_uncompressed, dlen) != 0) {
1194 FAIL("server ECPointFormats differs:\n");
1195 compare_data(data, dlen, tlsext_ecpf_hello_uncompressed,
1196 sizeof(tlsext_ecpf_hello_uncompressed));
1197 goto err;
1198 }
1199
1200 /*
1201 * Cannot parse a non-default list without at least uncompressed.
1202 */
1203 CBB_cleanup(&cbb);
1204 if (!CBB_init(&cbb, 0))
1205 errx(1, "Failed to create CBB");
1206 free(data);
1207 data = NULL;
1208
1209 SSL_SESSION_free(ssl->session);
1210 if ((ssl->session = SSL_SESSION_new()) == NULL)
1211 errx(1, "failed to create session");
1212
1213 CBS_init(&cbs, tlsext_ecpf_hello_prime,
1214 sizeof(tlsext_ecpf_hello_prime));
1215 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1216 FAIL("must include uncompressed in server ECPointFormats\n");
1217 goto err;
1218 }
1219 if (CBS_len(&cbs) != 0) {
1220 FAIL("extension data remaining\n");
1221 goto err;
1222 }
1223
1224 /*
1225 * Test with a custom order that replaces the default uncompressed.
1226 */
1227 CBB_cleanup(&cbb);
1228 if (!CBB_init(&cbb, 0))
1229 errx(1, "Failed to create CBB");
1230 free(data);
1231 data = NULL;
1232
1233 SSL_SESSION_free(ssl->session);
1234 if ((ssl->session = SSL_SESSION_new()) == NULL)
1235 errx(1, "failed to create session");
1236
1237 /* Add a session list even though it will be ignored. */
1238 if ((ssl->session->tlsext_ecpointformatlist = malloc(sizeof(uint8_t)))
1239 == NULL) {
1240 FAIL("server could not malloc\n");
1241 goto err;
1242 }
1243 ssl->session->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
1244 ssl->session->tlsext_ecpointformatlist_length = 1;
1245
1246 /* Replace the default list with a custom one. */
1247 if ((ssl->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) {
1248 FAIL("server could not malloc\n");
1249 goto err;
1250 }
1251 ssl->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
1252 ssl->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed;
1253 ssl->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
1254 ssl->tlsext_ecpointformatlist_length = 3;
1255
1256 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1257 FAIL("server should need ECPointFormats\n");
1258 goto err;
1259 }
1260
1261 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
1262 FAIL("server failed to build ECPointFormats\n");
1263 goto err;
1264 }
1265
1266 if (!CBB_finish(&cbb, &data, &dlen))
1267 errx(1, "failed to finish CBB");
1268
1269 if (dlen != sizeof(tlsext_ecpf_hello_prefer_order)) {
1270 FAIL("got server ECPointFormats with length %zu, "
1271 "want length %zu\n", dlen,
1272 sizeof(tlsext_ecpf_hello_prefer_order));
1273 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
1274 sizeof(tlsext_ecpf_hello_prefer_order));
1275 goto err;
1276 }
1277
1278 if (memcmp(data, tlsext_ecpf_hello_prefer_order, dlen) != 0) {
1279 FAIL("server ECPointFormats differs:\n");
1280 compare_data(data, dlen, tlsext_ecpf_hello_prefer_order,
1281 sizeof(tlsext_ecpf_hello_prefer_order));
1282 goto err;
1283 }
1284
1285 /*
1286 * Should be able to parse the custom list into a session list.
1287 */
1288 CBB_cleanup(&cbb);
1289 if (!CBB_init(&cbb, 0))
1290 errx(1, "Failed to create CBB");
1291 free(data);
1292 data = NULL;
1293
1294 SSL_SESSION_free(ssl->session);
1295 if ((ssl->session = SSL_SESSION_new()) == NULL)
1296 errx(1, "failed to create session");
1297
1298 /* Reset back to the default (uncompressed) */
1299 free(ssl->tlsext_ecpointformatlist);
1300 ssl->tlsext_ecpointformatlist = NULL;
1301 ssl->tlsext_ecpointformatlist_length = 0;
1302
1303 CBS_init(&cbs, tlsext_ecpf_hello_prefer_order,
1304 sizeof(tlsext_ecpf_hello_prefer_order));
1305 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1306 FAIL("failed to parse server ECPointFormats\n");
1307 goto err;
1308 }
1309 if (CBS_len(&cbs) != 0) {
1310 FAIL("extension data remaining\n");
1311 goto err;
1312 }
1313
1314 if (ssl->session->tlsext_ecpointformatlist_length !=
1315 sizeof(tlsext_ecpf_hello_prefer_order_val)) {
1316 FAIL("no tlsext_ecpointformats from server "
1317 "ECPointFormats\n");
1318 goto err;
1319 }
1320
1321 if (memcmp(ssl->session->tlsext_ecpointformatlist,
1322 tlsext_ecpf_hello_prefer_order_val,
1323 sizeof(tlsext_ecpf_hello_prefer_order_val)) != 0) {
1324 FAIL("server had an incorrect ECPointFormats entry\n");
1325 goto err;
1326 }
1327
1328 failure = 0;
1329
1330 err:
1331 CBB_cleanup(&cbb);
1332 SSL_CTX_free(ssl_ctx);
1333 SSL_free(ssl);
1334 free(data);
1335
1336 return (failure);
1337}
1338
1339/*
1340 * Renegotiation Indication - RFC 5746.
1341 */
1342
1343static unsigned char tlsext_ri_prev_client[] = {
1344 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
1345 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
1346};
1347
1348static unsigned char tlsext_ri_prev_server[] = {
1349 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88,
1350 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00,
1351};
1352
1353static unsigned char tlsext_ri_client[] = {
1354 0x10,
1355 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
1356 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
1357};
1358
1359static unsigned char tlsext_ri_server[] = {
1360 0x20,
1361 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
1362 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff,
1363 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88,
1364 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00,
1365};
1366
1367static int
1368test_tlsext_ri_client(void)
1369{
1370 unsigned char *data = NULL;
1371 SSL_CTX *ssl_ctx = NULL;
1372 SSL *ssl = NULL;
1373 const struct tls_extension_funcs *client_funcs;
1374 const struct tls_extension_funcs *server_funcs;
1375 int failure;
1376 size_t dlen;
1377 int alert;
1378 CBB cbb;
1379 CBS cbs;
1380
1381 failure = 1;
1382
1383 if (!CBB_init(&cbb, 0))
1384 errx(1, "Failed to create CBB");
1385
1386 if ((ssl_ctx = SSL_CTX_new(TLSv1_2_client_method())) == NULL)
1387 errx(1, "failed to create SSL_CTX");
1388 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1389 errx(1, "failed to create SSL");
1390
1391 if (!tls_extension_funcs(TLSEXT_TYPE_renegotiate, &client_funcs,
1392 &server_funcs))
1393 errx(1, "failed to fetch ri funcs");
1394
1395 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1396 FAIL("client should not need RI\n");
1397 goto err;
1398 }
1399
1400 if (!SSL_renegotiate(ssl)) {
1401 FAIL("client failed to set renegotiate\n");
1402 goto err;
1403 }
1404
1405 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1406 FAIL("client should need RI\n");
1407 goto err;
1408 }
1409
1410 memcpy(ssl->s3->previous_client_finished, tlsext_ri_prev_client,
1411 sizeof(tlsext_ri_prev_client));
1412 ssl->s3->previous_client_finished_len = sizeof(tlsext_ri_prev_client);
1413
1414 ssl->s3->renegotiate_seen = 0;
1415
1416 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
1417 FAIL("client failed to build RI\n");
1418 goto err;
1419 }
1420
1421 if (!CBB_finish(&cbb, &data, &dlen))
1422 errx(1, "failed to finish CBB");
1423
1424 if (dlen != sizeof(tlsext_ri_client)) {
1425 FAIL("got client RI with length %zu, "
1426 "want length %zu\n", dlen, sizeof(tlsext_ri_client));
1427 goto err;
1428 }
1429
1430 if (memcmp(data, tlsext_ri_client, dlen) != 0) {
1431 FAIL("client RI differs:\n");
1432 fprintf(stderr, "received:\n");
1433 hexdump(data, dlen);
1434 fprintf(stderr, "test data:\n");
1435 hexdump(tlsext_ri_client, sizeof(tlsext_ri_client));
1436 goto err;
1437 }
1438
1439 CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client));
1440 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1441 FAIL("failed to parse client RI\n");
1442 goto err;
1443 }
1444 if (CBS_len(&cbs) != 0) {
1445 FAIL("extension data remaining\n");
1446 goto err;
1447 }
1448
1449 if (ssl->s3->renegotiate_seen != 1) {
1450 FAIL("renegotiate seen not set\n");
1451 goto err;
1452 }
1453 if (ssl->s3->send_connection_binding != 1) {
1454 FAIL("send connection binding not set\n");
1455 goto err;
1456 }
1457
1458 memset(ssl->s3->previous_client_finished, 0,
1459 sizeof(ssl->s3->previous_client_finished));
1460
1461 ssl->s3->renegotiate_seen = 0;
1462
1463 CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client));
1464 if (server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1465 FAIL("parsed invalid client RI\n");
1466 goto err;
1467 }
1468
1469 if (ssl->s3->renegotiate_seen == 1) {
1470 FAIL("renegotiate seen set\n");
1471 goto err;
1472 }
1473
1474 failure = 0;
1475
1476 err:
1477 CBB_cleanup(&cbb);
1478 SSL_CTX_free(ssl_ctx);
1479 SSL_free(ssl);
1480 free(data);
1481
1482 return (failure);
1483}
1484
1485static int
1486test_tlsext_ri_server(void)
1487{
1488 unsigned char *data = NULL;
1489 SSL_CTX *ssl_ctx = NULL;
1490 SSL *ssl = NULL;
1491 const struct tls_extension_funcs *client_funcs;
1492 const struct tls_extension_funcs *server_funcs;
1493 int failure;
1494 size_t dlen;
1495 int alert;
1496 CBB cbb;
1497 CBS cbs;
1498
1499 failure = 1;
1500
1501 if (!CBB_init(&cbb, 0))
1502 errx(1, "Failed to create CBB");
1503
1504 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1505 errx(1, "failed to create SSL_CTX");
1506 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1507 errx(1, "failed to create SSL");
1508
1509 if (!tls_extension_funcs(TLSEXT_TYPE_renegotiate, &client_funcs,
1510 &server_funcs))
1511 errx(1, "failed to fetch ri funcs");
1512
1513 ssl->version = TLS1_2_VERSION;
1514 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1515 FAIL("server should not need RI\n");
1516 goto err;
1517 }
1518
1519 ssl->s3->send_connection_binding = 1;
1520
1521 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1522 FAIL("server should need RI\n");
1523 goto err;
1524 }
1525
1526 memcpy(ssl->s3->previous_client_finished, tlsext_ri_prev_client,
1527 sizeof(tlsext_ri_prev_client));
1528 ssl->s3->previous_client_finished_len = sizeof(tlsext_ri_prev_client);
1529
1530 memcpy(ssl->s3->previous_server_finished, tlsext_ri_prev_server,
1531 sizeof(tlsext_ri_prev_server));
1532 ssl->s3->previous_server_finished_len = sizeof(tlsext_ri_prev_server);
1533
1534 ssl->s3->renegotiate_seen = 0;
1535
1536 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
1537 FAIL("server failed to build RI\n");
1538 goto err;
1539 }
1540
1541 if (!CBB_finish(&cbb, &data, &dlen))
1542 errx(1, "failed to finish CBB");
1543
1544 if (dlen != sizeof(tlsext_ri_server)) {
1545 FAIL("got server RI with length %zu, "
1546 "want length %zu\n", dlen, sizeof(tlsext_ri_server));
1547 goto err;
1548 }
1549
1550 if (memcmp(data, tlsext_ri_server, dlen) != 0) {
1551 FAIL("server RI differs:\n");
1552 fprintf(stderr, "received:\n");
1553 hexdump(data, dlen);
1554 fprintf(stderr, "test data:\n");
1555 hexdump(tlsext_ri_server, sizeof(tlsext_ri_server));
1556 goto err;
1557 }
1558
1559 CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server));
1560 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1561 FAIL("failed to parse server RI\n");
1562 goto err;
1563 }
1564 if (CBS_len(&cbs) != 0) {
1565 FAIL("extension data remaining\n");
1566 goto err;
1567 }
1568
1569 if (ssl->s3->renegotiate_seen != 1) {
1570 FAIL("renegotiate seen not set\n");
1571 goto err;
1572 }
1573 if (ssl->s3->send_connection_binding != 1) {
1574 FAIL("send connection binding not set\n");
1575 goto err;
1576 }
1577
1578 memset(ssl->s3->previous_client_finished, 0,
1579 sizeof(ssl->s3->previous_client_finished));
1580 memset(ssl->s3->previous_server_finished, 0,
1581 sizeof(ssl->s3->previous_server_finished));
1582
1583 ssl->s3->renegotiate_seen = 0;
1584
1585 CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server));
1586 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1587 FAIL("parsed invalid server RI\n");
1588 goto err;
1589 }
1590
1591 if (ssl->s3->renegotiate_seen == 1) {
1592 FAIL("renegotiate seen set\n");
1593 goto err;
1594 }
1595
1596 failure = 0;
1597
1598 err:
1599 CBB_cleanup(&cbb);
1600 SSL_CTX_free(ssl_ctx);
1601 SSL_free(ssl);
1602 free(data);
1603
1604 return (failure);
1605}
1606
1607/*
1608 * Signature Algorithms - RFC 5246 section 7.4.1.4.1.
1609 */
1610
1611static unsigned char tlsext_sigalgs_client[] = {
1612 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03,
1613 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04,
1614 0x04, 0x01, 0x04, 0x03, 0x02, 0x01, 0x02, 0x03,
1615};
1616
1617static int
1618test_tlsext_sigalgs_client(void)
1619{
1620 unsigned char *data = NULL;
1621 SSL_CTX *ssl_ctx = NULL;
1622 SSL *ssl = NULL;
1623 const struct tls_extension_funcs *client_funcs;
1624 const struct tls_extension_funcs *server_funcs;
1625 int failure;
1626 size_t dlen;
1627 int alert;
1628 CBB cbb;
1629 CBS cbs;
1630
1631 failure = 1;
1632
1633 if (!CBB_init(&cbb, 0))
1634 errx(1, "Failed to create CBB");
1635
1636 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
1637 errx(1, "failed to create SSL_CTX");
1638 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1639 errx(1, "failed to create SSL");
1640
1641 if (!tls_extension_funcs(TLSEXT_TYPE_signature_algorithms,
1642 &client_funcs, &server_funcs))
1643 errx(1, "failed to fetch sigalgs funcs");
1644
1645 ssl->s3->hs.our_max_tls_version = TLS1_1_VERSION;
1646
1647 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1648 FAIL("client should not need sigalgs\n");
1649 goto done;
1650 }
1651
1652 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
1653
1654 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1655 FAIL("client should need sigalgs\n");
1656 goto done;
1657 }
1658
1659 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
1660 FAIL("client failed to build sigalgs\n");
1661 goto done;
1662 }
1663
1664 if (!CBB_finish(&cbb, &data, &dlen))
1665 errx(1, "failed to finish CBB");
1666
1667 if (dlen != sizeof(tlsext_sigalgs_client)) {
1668 FAIL("got client sigalgs length %zu, "
1669 "want length %zu\n", dlen, sizeof(tlsext_sigalgs_client));
1670 goto done;
1671 }
1672
1673 if (memcmp(data, tlsext_sigalgs_client, dlen) != 0) {
1674 FAIL("client SNI differs:\n");
1675 fprintf(stderr, "received:\n");
1676 hexdump(data, dlen);
1677 fprintf(stderr, "test data:\n");
1678 hexdump(tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client));
1679 goto done;
1680 }
1681
1682 CBS_init(&cbs, tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client));
1683 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1684 FAIL("failed to parse client SNI\n");
1685 goto done;
1686 }
1687 if (CBS_len(&cbs) != 0) {
1688 FAIL("extension data remaining\n");
1689 goto done;
1690 }
1691
1692 failure = 0;
1693
1694 done:
1695 CBB_cleanup(&cbb);
1696 SSL_CTX_free(ssl_ctx);
1697 SSL_free(ssl);
1698 free(data);
1699
1700 return (failure);
1701}
1702
1703#if 0
1704static int
1705test_tlsext_sigalgs_server(void)
1706{
1707 unsigned char *data = NULL;
1708 SSL_CTX *ssl_ctx = NULL;
1709 SSL *ssl = NULL;
1710 const struct tls_extension_funcs *client_funcs;
1711 const struct tls_extension_funcs *server_funcs;
1712 int failure;
1713 size_t dlen;
1714 int alert;
1715 CBB cbb;
1716 CBS cbs;
1717
1718 failure = 1;
1719
1720 if (!CBB_init(&cbb, 0))
1721 errx(1, "Failed to create CBB");
1722
1723 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1724 errx(1, "failed to create SSL_CTX");
1725 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1726 errx(1, "failed to create SSL");
1727
1728 if (!tls_extension_funcs(TLSEXT_TYPE_server_name, &client_funcs,
1729 &server_funcs))
1730 errx(1, "failed to fetch sigalgs funcs");
1731
1732 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1733 FAIL("server should not need sigalgs\n");
1734 goto done;
1735 }
1736
1737 if (server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
1738 FAIL("server should not build sigalgs\n");
1739 goto done;
1740 }
1741
1742 if (!CBB_finish(&cbb, &data, &dlen))
1743 errx(1, "failed to finish CBB");
1744
1745 CBS_init(&cbs, tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client));
1746 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1747 FAIL("server should not parse sigalgs\n");
1748 goto done;
1749 }
1750
1751 failure = 0;
1752
1753 done:
1754 CBB_cleanup(&cbb);
1755 SSL_CTX_free(ssl_ctx);
1756 SSL_free(ssl);
1757 free(data);
1758
1759 return (failure);
1760}
1761#endif
1762
1763/*
1764 * Server Name Indication - RFC 6066 section 3.
1765 */
1766
1767#define TEST_SNI_SERVERNAME "www.libressl.org"
1768
1769static unsigned char tlsext_sni_client[] = {
1770 0x00, 0x13, 0x00, 0x00, 0x10, 0x77, 0x77, 0x77,
1771 0x2e, 0x6c, 0x69, 0x62, 0x72, 0x65, 0x73, 0x73,
1772 0x6c, 0x2e, 0x6f, 0x72, 0x67,
1773};
1774
1775static unsigned char tlsext_sni_server[] = {
1776};
1777
1778static int
1779test_tlsext_sni_client(void)
1780{
1781 unsigned char *data = NULL;
1782 SSL_CTX *ssl_ctx = NULL;
1783 SSL *ssl = NULL;
1784 const struct tls_extension_funcs *client_funcs;
1785 const struct tls_extension_funcs *server_funcs;
1786 int failure;
1787 size_t dlen;
1788 int alert;
1789 CBB cbb;
1790 CBS cbs;
1791
1792 failure = 1;
1793
1794 if (!CBB_init(&cbb, 0))
1795 errx(1, "Failed to create CBB");
1796
1797 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
1798 errx(1, "failed to create SSL_CTX");
1799 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1800 errx(1, "failed to create SSL");
1801
1802 if (!tls_extension_funcs(TLSEXT_TYPE_server_name, &client_funcs,
1803 &server_funcs))
1804 errx(1, "failed to fetch sni funcs");
1805
1806 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1807 FAIL("client should not need SNI\n");
1808 goto err;
1809 }
1810
1811 if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) {
1812 FAIL("client failed to set server name\n");
1813 goto err;
1814 }
1815
1816 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1817 FAIL("client should need SNI\n");
1818 goto err;
1819 }
1820
1821 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
1822 FAIL("client failed to build SNI\n");
1823 goto err;
1824 }
1825
1826 if (!CBB_finish(&cbb, &data, &dlen)) {
1827 FAIL("failed to finish CBB");
1828 goto err;
1829 }
1830
1831 if (dlen != sizeof(tlsext_sni_client)) {
1832 FAIL("got client SNI with length %zu, "
1833 "want length %zu\n", dlen, sizeof(tlsext_sni_client));
1834 goto err;
1835 }
1836
1837 if (memcmp(data, tlsext_sni_client, dlen) != 0) {
1838 FAIL("client SNI differs:\n");
1839 fprintf(stderr, "received:\n");
1840 hexdump(data, dlen);
1841 fprintf(stderr, "test data:\n");
1842 hexdump(tlsext_sni_client, sizeof(tlsext_sni_client));
1843 goto err;
1844 }
1845
1846 /*
1847 * SSL_set_tlsext_host_name() may be called with a NULL host name to
1848 * disable SNI.
1849 */
1850 if (!SSL_set_tlsext_host_name(ssl, NULL)) {
1851 FAIL("cannot set host name to NULL");
1852 goto err;
1853 }
1854
1855 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
1856 FAIL("client should not need SNI\n");
1857 goto err;
1858 }
1859
1860 if ((ssl->session = SSL_SESSION_new()) == NULL) {
1861 FAIL("failed to create session");
1862 goto err;
1863 }
1864
1865 ssl->hit = 0;
1866
1867 CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client));
1868 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1869 FAIL("failed to parse client SNI\n");
1870 goto err;
1871 }
1872 if (CBS_len(&cbs) != 0) {
1873 FAIL("extension data remaining\n");
1874 goto err;
1875 }
1876
1877 if (ssl->session->tlsext_hostname == NULL) {
1878 FAIL("no tlsext_hostname from client SNI\n");
1879 goto err;
1880 }
1881
1882 if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) ||
1883 strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME,
1884 strlen(TEST_SNI_SERVERNAME)) != 0) {
1885 FAIL("got tlsext_hostname `%s', want `%s'\n",
1886 ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME);
1887 goto err;
1888 }
1889
1890 ssl->hit = 1;
1891
1892 free(ssl->session->tlsext_hostname);
1893 if ((ssl->session->tlsext_hostname = strdup("notthesame.libressl.org")) ==
1894 NULL) {
1895 FAIL("failed to strdup tlsext_hostname");
1896 goto err;
1897 }
1898
1899 CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client));
1900 if (server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
1901 FAIL("parsed client with mismatched SNI\n");
1902 goto err;
1903 }
1904
1905 failure = 0;
1906
1907 err:
1908 CBB_cleanup(&cbb);
1909 SSL_CTX_free(ssl_ctx);
1910 SSL_free(ssl);
1911 free(data);
1912
1913 return (failure);
1914}
1915
1916static int
1917test_tlsext_sni_server(void)
1918{
1919 unsigned char *data = NULL;
1920 SSL_CTX *ssl_ctx = NULL;
1921 SSL *ssl = NULL;
1922 const struct tls_extension_funcs *client_funcs;
1923 const struct tls_extension_funcs *server_funcs;
1924 int failure;
1925 size_t dlen;
1926 int alert;
1927 CBB cbb;
1928 CBS cbs;
1929
1930 failure = 1;
1931
1932 if (!CBB_init(&cbb, 0))
1933 errx(1, "Failed to create CBB");
1934
1935 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
1936 errx(1, "failed to create SSL_CTX");
1937 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1938 errx(1, "failed to create SSL");
1939
1940 if (!tls_extension_funcs(TLSEXT_TYPE_server_name, &client_funcs,
1941 &server_funcs))
1942 errx(1, "failed to fetch sni funcs");
1943
1944 if ((ssl->session = SSL_SESSION_new()) == NULL)
1945 errx(1, "failed to create session");
1946
1947 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1948 FAIL("server should not need SNI\n");
1949 goto err;
1950 }
1951
1952 if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) {
1953 FAIL("client failed to set server name\n");
1954 goto err;
1955 }
1956
1957 if ((ssl->session->tlsext_hostname = strdup(TEST_SNI_SERVERNAME)) ==
1958 NULL)
1959 errx(1, "failed to strdup tlsext_hostname");
1960
1961 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
1962 FAIL("server should need SNI\n");
1963 goto err;
1964 }
1965
1966 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
1967 FAIL("server failed to build SNI\n");
1968 goto err;
1969 }
1970
1971 if (!CBB_finish(&cbb, &data, &dlen))
1972 errx(1, "failed to finish CBB");
1973
1974 if (dlen != sizeof(tlsext_sni_server)) {
1975 FAIL("got server SNI with length %zu, "
1976 "want length %zu\n", dlen, sizeof(tlsext_sni_server));
1977 goto err;
1978 }
1979
1980 if (memcmp(data, tlsext_sni_server, dlen) != 0) {
1981 FAIL("server SNI differs:\n");
1982 fprintf(stderr, "received:\n");
1983 hexdump(data, dlen);
1984 fprintf(stderr, "test data:\n");
1985 hexdump(tlsext_sni_server, sizeof(tlsext_sni_server));
1986 goto err;
1987 }
1988
1989 free(ssl->session->tlsext_hostname);
1990 ssl->session->tlsext_hostname = NULL;
1991
1992 CBS_init(&cbs, tlsext_sni_server, sizeof(tlsext_sni_server));
1993 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1994 FAIL("failed to parse server SNI\n");
1995 goto err;
1996 }
1997 if (CBS_len(&cbs) != 0) {
1998 FAIL("extension data remaining\n");
1999 goto err;
2000 }
2001
2002 if (ssl->session->tlsext_hostname == NULL) {
2003 FAIL("no tlsext_hostname after server SNI\n");
2004 goto err;
2005 }
2006
2007 if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) ||
2008 strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME,
2009 strlen(TEST_SNI_SERVERNAME)) != 0) {
2010 FAIL("got tlsext_hostname `%s', want `%s'\n",
2011 ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME);
2012 goto err;
2013 }
2014
2015 failure = 0;
2016
2017 err:
2018 CBB_cleanup(&cbb);
2019 SSL_CTX_free(ssl_ctx);
2020 SSL_free(ssl);
2021 free(data);
2022
2023 return (failure);
2024}
2025
2026
2027/*
2028 * QUIC transport parameters extension - RFC 90210 :)
2029 */
2030
2031#define TEST_QUIC_TRANSPORT_DATA "0123456789abcdef"
2032
2033static unsigned char tlsext_quic_transport_data[] = {
2034 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
2035 0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
2036};
2037
2038static int
2039test_tlsext_quic_transport_parameters_client(void)
2040{
2041 const SSL_QUIC_METHOD quic_method;
2042 unsigned char *data = NULL;
2043 SSL_CTX *ssl_ctx = NULL;
2044 SSL *ssl = NULL;
2045 const struct tls_extension_funcs *client_funcs;
2046 const struct tls_extension_funcs *server_funcs;
2047 int failure;
2048 size_t dlen;
2049 CBB cbb;
2050 CBS cbs;
2051 int alert;
2052 const uint8_t *out_bytes;
2053 size_t out_bytes_len;
2054
2055 failure = 1;
2056
2057 if (!CBB_init(&cbb, 0))
2058 errx(1, "Failed to create CBB");
2059
2060 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
2061 errx(1, "failed to create SSL_CTX");
2062 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2063 errx(1, "failed to create SSL");
2064
2065 if (!tls_extension_funcs(TLSEXT_TYPE_quic_transport_parameters,
2066 &client_funcs, &server_funcs))
2067 errx(1, "failed to fetch quic transport parameter funcs");
2068
2069 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2070 FAIL("client should not need QUIC\n");
2071 goto err;
2072 }
2073
2074 if (!SSL_set_quic_transport_params(ssl,
2075 TEST_QUIC_TRANSPORT_DATA, strlen(TEST_QUIC_TRANSPORT_DATA))) {
2076 FAIL("client failed to set QUIC parametes\n");
2077 goto err;
2078 }
2079
2080 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2081 FAIL("client should not need QUIC\n");
2082 goto err;
2083 }
2084
2085 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
2086 ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
2087
2088 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2089 FAIL("client should not need QUIC\n");
2090 goto err;
2091 }
2092
2093 ssl->quic_method = &quic_method;
2094
2095 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2096 FAIL("client should need QUIC\n");
2097 goto err;
2098 }
2099
2100 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2101 FAIL("client failed to build QUIC\n");
2102 goto err;
2103 }
2104
2105 if (!CBB_finish(&cbb, &data, &dlen)) {
2106 FAIL("failed to finish CBB");
2107 goto err;
2108 }
2109
2110 if (dlen != sizeof(tlsext_quic_transport_data)) {
2111 FAIL("got client QUIC with length %zu, "
2112 "want length %zu\n", dlen,
2113 sizeof(tlsext_quic_transport_data));
2114 goto err;
2115 }
2116
2117 if (memcmp(data, tlsext_quic_transport_data, dlen) != 0) {
2118 FAIL("client QUIC differs:\n");
2119 fprintf(stderr, "received:\n");
2120 hexdump(data, dlen);
2121 fprintf(stderr, "test data:\n");
2122 hexdump(tlsext_quic_transport_data,
2123 sizeof(tlsext_quic_transport_data));
2124 goto err;
2125 }
2126
2127 CBS_init(&cbs, tlsext_quic_transport_data,
2128 sizeof(tlsext_quic_transport_data));
2129
2130 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
2131 FAIL("server_parse of QUIC from server failed\n");
2132 goto err;
2133 }
2134 if (CBS_len(&cbs) != 0) {
2135 FAIL("extension data remaining\n");
2136 goto err;
2137 }
2138
2139 SSL_get_peer_quic_transport_params(ssl, &out_bytes, &out_bytes_len);
2140
2141 if (out_bytes_len != strlen(TEST_QUIC_TRANSPORT_DATA)) {
2142 FAIL("server_parse QUIC length differs, got %zu want %zu\n",
2143 out_bytes_len,
2144 sizeof(tlsext_quic_transport_data));
2145 goto err;
2146 }
2147
2148 if (memcmp(out_bytes, TEST_QUIC_TRANSPORT_DATA,
2149 out_bytes_len) != 0) {
2150 FAIL("server_parse QUIC differs from sent:\n");
2151 fprintf(stderr, "received:\n");
2152 hexdump(data, dlen);
2153 fprintf(stderr, "test data:\n");
2154 hexdump(tlsext_quic_transport_data,
2155 sizeof(tlsext_quic_transport_data));
2156 goto err;
2157 }
2158
2159 failure = 0;
2160
2161 err:
2162 CBB_cleanup(&cbb);
2163 SSL_CTX_free(ssl_ctx);
2164 SSL_free(ssl);
2165 free(data);
2166
2167 return (failure);
2168}
2169
2170static int
2171test_tlsext_quic_transport_parameters_server(void)
2172{
2173 const SSL_QUIC_METHOD quic_method;
2174 unsigned char *data = NULL;
2175 SSL_CTX *ssl_ctx = NULL;
2176 SSL *ssl = NULL;
2177 const struct tls_extension_funcs *client_funcs;
2178 const struct tls_extension_funcs *server_funcs;
2179 int failure;
2180 size_t dlen;
2181 int alert;
2182 CBB cbb;
2183 CBS cbs;
2184 const uint8_t *out_bytes;
2185 size_t out_bytes_len;
2186
2187 failure = 1;
2188
2189 if (!CBB_init(&cbb, 0))
2190 errx(1, "Failed to create CBB");
2191
2192 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
2193 errx(1, "failed to create SSL_CTX");
2194 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2195 errx(1, "failed to create SSL");
2196
2197 if (!tls_extension_funcs(TLSEXT_TYPE_quic_transport_parameters,
2198 &client_funcs, &server_funcs))
2199 errx(1, "failed to fetch quic transport parameter funcs");
2200
2201 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2202 FAIL("server should not need QUIC\n");
2203 goto err;
2204 }
2205
2206 if (!SSL_set_quic_transport_params(ssl,
2207 TEST_QUIC_TRANSPORT_DATA, strlen(TEST_QUIC_TRANSPORT_DATA))) {
2208 FAIL("server failed to set QUIC parametes\n");
2209 goto err;
2210 }
2211
2212 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_EE)) {
2213 FAIL("server should not need QUIC\n");
2214 goto err;
2215 }
2216
2217 ssl->quic_method = &quic_method;
2218
2219 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_EE)) {
2220 FAIL("server should need QUIC\n");
2221 goto err;
2222 }
2223
2224 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_EE, &cbb)) {
2225 FAIL("server failed to build QUIC\n");
2226 goto err;
2227 }
2228
2229 if (!CBB_finish(&cbb, &data, &dlen))
2230 errx(1, "failed to finish CBB");
2231
2232 if (dlen != sizeof(tlsext_quic_transport_data)) {
2233 FAIL("got server QUIC with length %zu, want length %zu\n",
2234 dlen, sizeof(tlsext_quic_transport_data));
2235 goto err;
2236 }
2237
2238 if (memcmp(data, tlsext_quic_transport_data, dlen) != 0) {
2239 FAIL("saved server QUIC differs:\n");
2240 fprintf(stderr, "received:\n");
2241 hexdump(data, dlen);
2242 fprintf(stderr, "test data:\n");
2243 hexdump(tlsext_quic_transport_data,
2244 sizeof(tlsext_quic_transport_data));
2245 goto err;
2246 }
2247
2248 CBS_init(&cbs, tlsext_quic_transport_data,
2249 sizeof(tlsext_quic_transport_data));
2250
2251 ssl->quic_method = NULL;
2252
2253 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_EE, &cbs, &alert)) {
2254 FAIL("QUIC parse should have failed!\n");
2255 goto err;
2256 }
2257
2258 ssl->quic_method = &quic_method;
2259
2260 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
2261 FAIL("client_parse of QUIC from server failed\n");
2262 goto err;
2263 }
2264 if (CBS_len(&cbs) != 0) {
2265 FAIL("extension data remaining\n");
2266 goto err;
2267 }
2268
2269 SSL_get_peer_quic_transport_params(ssl, &out_bytes, &out_bytes_len);
2270
2271 if (out_bytes_len != strlen(TEST_QUIC_TRANSPORT_DATA)) {
2272 FAIL("client QUIC length differs, got %zu want %zu\n",
2273 out_bytes_len,
2274 sizeof(tlsext_quic_transport_data));
2275 goto err;
2276 }
2277
2278 if (memcmp(out_bytes, TEST_QUIC_TRANSPORT_DATA, out_bytes_len) != 0) {
2279 FAIL("client QUIC differs from sent:\n");
2280 fprintf(stderr, "received:\n");
2281 hexdump(data, dlen);
2282 fprintf(stderr, "test data:\n");
2283 hexdump(tlsext_quic_transport_data,
2284 sizeof(tlsext_quic_transport_data));
2285 goto err;
2286 }
2287
2288 failure = 0;
2289
2290 err:
2291 CBB_cleanup(&cbb);
2292 SSL_CTX_free(ssl_ctx);
2293 SSL_free(ssl);
2294 free(data);
2295
2296 return (failure);
2297}
2298
2299static unsigned char tls_ocsp_client_default[] = {
2300 0x01, 0x00, 0x00, 0x00, 0x00
2301};
2302
2303static int
2304test_tlsext_ocsp_client(void)
2305{
2306 unsigned char *data = NULL;
2307 SSL_CTX *ssl_ctx = NULL;
2308 SSL *ssl = NULL;
2309 const struct tls_extension_funcs *client_funcs;
2310 const struct tls_extension_funcs *server_funcs;
2311 size_t dlen;
2312 int failure;
2313 int alert;
2314 CBB cbb;
2315 CBS cbs;
2316
2317 failure = 1;
2318
2319 if (!CBB_init(&cbb, 0))
2320 errx(1, "Failed to create CBB");
2321
2322 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
2323 errx(1, "failed to create SSL_CTX");
2324 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2325 errx(1, "failed to create SSL");
2326
2327 if (!tls_extension_funcs(TLSEXT_TYPE_status_request, &client_funcs,
2328 &server_funcs))
2329 errx(1, "failed to fetch ocsp funcs");
2330
2331 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2332 FAIL("client should not need TLSEXT_TYPE_status_request\n");
2333 goto err;
2334 }
2335 SSL_set_tlsext_status_type(ssl, TLSEXT_STATUSTYPE_ocsp);
2336
2337 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2338 FAIL("client should need TLSEXT_TYPE_status_request\n");
2339 goto err;
2340 }
2341 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2342 FAIL("client failed to build SNI\n");
2343 goto err;
2344 }
2345 if (!CBB_finish(&cbb, &data, &dlen))
2346 errx(1, "failed to finish CBB");
2347
2348 if (dlen != sizeof(tls_ocsp_client_default)) {
2349 FAIL("got TLSEXT_TYPE_status_request client with length %zu, "
2350 "want length %zu\n", dlen,
2351 sizeof(tls_ocsp_client_default));
2352 goto err;
2353 }
2354 if (memcmp(data, tls_ocsp_client_default, dlen) != 0) {
2355 FAIL("TLSEXT_TYPE_status_request client differs:\n");
2356 fprintf(stderr, "received:\n");
2357 hexdump(data, dlen);
2358 fprintf(stderr, "test data:\n");
2359 hexdump(tls_ocsp_client_default,
2360 sizeof(tls_ocsp_client_default));
2361 goto err;
2362 }
2363 CBS_init(&cbs, tls_ocsp_client_default,
2364 sizeof(tls_ocsp_client_default));
2365 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
2366 FAIL("failed to parse TLSEXT_TYPE_status_request client\n");
2367 goto err;
2368 }
2369 if (CBS_len(&cbs) != 0) {
2370 FAIL("extension data remaining\n");
2371 goto err;
2372 }
2373
2374 failure = 0;
2375
2376 err:
2377 CBB_cleanup(&cbb);
2378 SSL_CTX_free(ssl_ctx);
2379 SSL_free(ssl);
2380 free(data);
2381
2382 return (failure);
2383}
2384
2385static int
2386test_tlsext_ocsp_server(void)
2387{
2388 unsigned char *data = NULL;
2389 SSL_CTX *ssl_ctx = NULL;
2390 SSL *ssl = NULL;
2391 const struct tls_extension_funcs *client_funcs;
2392 const struct tls_extension_funcs *server_funcs;
2393 size_t dlen;
2394 int failure;
2395 CBB cbb;
2396
2397 failure = 1;
2398
2399 if (!CBB_init(&cbb, 0))
2400 errx(1, "Failed to create CBB");
2401
2402 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
2403 errx(1, "failed to create SSL_CTX");
2404 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2405 errx(1, "failed to create SSL");
2406
2407 if (!tls_extension_funcs(TLSEXT_TYPE_status_request, &client_funcs,
2408 &server_funcs))
2409 errx(1, "failed to fetch ocsp funcs");
2410
2411 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2412 FAIL("server should not need TLSEXT_TYPE_status_request\n");
2413 goto err;
2414 }
2415
2416 ssl->tlsext_status_expected = 1;
2417
2418 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2419 FAIL("server should need TLSEXT_TYPE_status_request\n");
2420 goto err;
2421 }
2422 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
2423 FAIL("server failed to build TLSEXT_TYPE_status_request\n");
2424 goto err;
2425 }
2426
2427 if (!CBB_finish(&cbb, &data, &dlen))
2428 errx(1, "failed to finish CBB");
2429
2430 failure = 0;
2431
2432 err:
2433 CBB_cleanup(&cbb);
2434 SSL_CTX_free(ssl_ctx);
2435 SSL_free(ssl);
2436 free(data);
2437
2438 return (failure);
2439}
2440
2441/*
2442 * Session ticket - RFC 5077 since no known implementations use 4507.
2443 *
2444 * Session tickets can be length 0 (special case) to 2^16-1.
2445 *
2446 * The state is encrypted by the server so it is opaque to the client.
2447 */
2448static uint8_t tlsext_sessionticket_hello_min[1];
2449static uint8_t tlsext_sessionticket_hello_max[65535];
2450
2451static int
2452test_tlsext_sessionticket_client(void)
2453{
2454 unsigned char *data = NULL;
2455 SSL_CTX *ssl_ctx = NULL;
2456 SSL *ssl = NULL;
2457 const struct tls_extension_funcs *client_funcs;
2458 const struct tls_extension_funcs *server_funcs;
2459 int failure;
2460 CBB cbb;
2461 size_t dlen;
2462 uint8_t dummy[1234];
2463
2464 failure = 1;
2465
2466 if (!CBB_init(&cbb, 0))
2467 errx(1, "Failed to create CBB");
2468
2469 /* Create fake session tickets with random data. */
2470 arc4random_buf(tlsext_sessionticket_hello_min,
2471 sizeof(tlsext_sessionticket_hello_min));
2472 arc4random_buf(tlsext_sessionticket_hello_max,
2473 sizeof(tlsext_sessionticket_hello_max));
2474
2475 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
2476 errx(1, "failed to create SSL_CTX");
2477 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2478 errx(1, "failed to create SSL");
2479
2480 if (!tls_extension_funcs(TLSEXT_TYPE_session_ticket, &client_funcs,
2481 &server_funcs))
2482 errx(1, "failed to fetch session ticket funcs");
2483
2484 /* Should need a ticket by default. */
2485 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2486 FAIL("client should need Sessionticket for default "
2487 "ciphers\n");
2488 goto err;
2489 }
2490
2491 /* Test disabling tickets. */
2492 if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) {
2493 FAIL("Cannot disable tickets in the TLS connection\n");
2494 goto err;
2495 }
2496 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2497 FAIL("client should not need SessionTicket if it was disabled\n");
2498 goto err;
2499 }
2500
2501 /* Test re-enabling tickets. */
2502 if ((SSL_clear_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) != 0) {
2503 FAIL("Cannot re-enable tickets in the TLS connection\n");
2504 goto err;
2505 }
2506 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2507 FAIL("client should need SessionTicket if it was disabled\n");
2508 goto err;
2509 }
2510
2511 /* Since we don't have a session, we should build an empty ticket. */
2512 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2513 FAIL("Cannot build a ticket\n");
2514 goto err;
2515 }
2516 if (!CBB_finish(&cbb, &data, &dlen)) {
2517 FAIL("Cannot finish CBB\n");
2518 goto err;
2519 }
2520 if (dlen != 0) {
2521 FAIL("Expected 0 length but found %zu\n", dlen);
2522 goto err;
2523 }
2524
2525 CBB_cleanup(&cbb);
2526 if (!CBB_init(&cbb, 0))
2527 errx(1, "Failed to create CBB");
2528 free(data);
2529 data = NULL;
2530
2531 /* With a new session (but no ticket), we should still have 0 length */
2532 if ((ssl->session = SSL_SESSION_new()) == NULL)
2533 errx(1, "failed to create session");
2534 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2535 FAIL("Should still want a session ticket with a new session\n");
2536 goto err;
2537 }
2538 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2539 FAIL("Cannot build a ticket\n");
2540 goto err;
2541 }
2542 if (!CBB_finish(&cbb, &data, &dlen)) {
2543 FAIL("Cannot finish CBB\n");
2544 goto err;
2545 }
2546 if (dlen != 0) {
2547 FAIL("Expected 0 length but found %zu\n", dlen);
2548 goto err;
2549 }
2550
2551 CBB_cleanup(&cbb);
2552 if (!CBB_init(&cbb, 0))
2553 errx(1, "Failed to create CBB");
2554 free(data);
2555 data = NULL;
2556
2557 /* With a new session (and ticket), we should use that ticket */
2558 SSL_SESSION_free(ssl->session);
2559 if ((ssl->session = SSL_SESSION_new()) == NULL)
2560 errx(1, "failed to create session");
2561
2562 arc4random_buf(&dummy, sizeof(dummy));
2563 if ((ssl->session->tlsext_tick = malloc(sizeof(dummy))) == NULL) {
2564 errx(1, "failed to malloc");
2565 }
2566 memcpy(ssl->session->tlsext_tick, dummy, sizeof(dummy));
2567 ssl->session->tlsext_ticklen = sizeof(dummy);
2568
2569 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2570 FAIL("Should still want a session ticket with a new session\n");
2571 goto err;
2572 }
2573 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2574 FAIL("Cannot build a ticket\n");
2575 goto err;
2576 }
2577 if (!CBB_finish(&cbb, &data, &dlen)) {
2578 FAIL("Cannot finish CBB\n");
2579 goto err;
2580 }
2581 if (dlen != sizeof(dummy)) {
2582 FAIL("Expected %zu length but found %zu\n", sizeof(dummy), dlen);
2583 goto err;
2584 }
2585 if (memcmp(data, dummy, dlen) != 0) {
2586 FAIL("server SNI differs:\n");
2587 compare_data(data, dlen,
2588 dummy, sizeof(dummy));
2589 goto err;
2590 }
2591
2592 CBB_cleanup(&cbb);
2593 if (!CBB_init(&cbb, 0))
2594 errx(1, "Failed to create CBB");
2595 free(data);
2596 data = NULL;
2597 free(ssl->session->tlsext_tick);
2598 ssl->session->tlsext_tick = NULL;
2599 ssl->session->tlsext_ticklen = 0;
2600
2601 /*
2602 * Send in NULL to disable session tickets at runtime without going
2603 * through SSL_set_options().
2604 */
2605 if (!SSL_set_session_ticket_ext(ssl, NULL, 0)) {
2606 FAIL("Could not set a NULL custom ticket\n");
2607 goto err;
2608 }
2609 /* Should not need a ticket in this case */
2610 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2611 FAIL("Should not want to use session tickets with a NULL custom\n");
2612 goto err;
2613 }
2614
2615 /*
2616 * If you want to remove the tlsext_session_ticket behavior, you have
2617 * to do it manually.
2618 */
2619 free(ssl->tlsext_session_ticket);
2620 ssl->tlsext_session_ticket = NULL;
2621
2622 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2623 FAIL("Should need a session ticket again when the custom one is removed\n");
2624 goto err;
2625 }
2626
2627 /* Test a custom session ticket (not recommended in practice) */
2628 if (!SSL_set_session_ticket_ext(ssl, tlsext_sessionticket_hello_max,
2629 sizeof(tlsext_sessionticket_hello_max))) {
2630 FAIL("Should be able to set a custom ticket\n");
2631 goto err;
2632 }
2633 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2634 FAIL("Should need a session ticket again when the custom one is not empty\n");
2635 goto err;
2636 }
2637 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2638 FAIL("Cannot build a ticket with a max length random payload\n");
2639 goto err;
2640 }
2641 if (!CBB_finish(&cbb, &data, &dlen)) {
2642 FAIL("Cannot finish CBB\n");
2643 goto err;
2644 }
2645 if (dlen != sizeof(tlsext_sessionticket_hello_max)) {
2646 FAIL("Expected %zu length but found %zu\n",
2647 sizeof(tlsext_sessionticket_hello_max), dlen);
2648 goto err;
2649 }
2650 if (memcmp(data, tlsext_sessionticket_hello_max,
2651 sizeof(tlsext_sessionticket_hello_max)) != 0) {
2652 FAIL("Expected to get what we passed in\n");
2653 compare_data(data, dlen,
2654 tlsext_sessionticket_hello_max,
2655 sizeof(tlsext_sessionticket_hello_max));
2656 goto err;
2657 }
2658
2659 failure = 0;
2660
2661 err:
2662 CBB_cleanup(&cbb);
2663 SSL_CTX_free(ssl_ctx);
2664 SSL_free(ssl);
2665 free(data);
2666
2667 return (failure);
2668}
2669
2670
2671static int
2672test_tlsext_sessionticket_server(void)
2673{
2674 SSL_CTX *ssl_ctx = NULL;
2675 SSL *ssl = NULL;
2676 const struct tls_extension_funcs *client_funcs;
2677 const struct tls_extension_funcs *server_funcs;
2678 int failure;
2679 uint8_t *data = NULL;
2680 size_t dlen;
2681 CBB cbb;
2682
2683 failure = 1;
2684
2685 if (!CBB_init(&cbb, 0))
2686 errx(1, "Failed to create CBB");
2687
2688 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
2689 errx(1, "failed to create SSL_CTX");
2690 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2691 errx(1, "failed to create SSL");
2692
2693 if (!tls_extension_funcs(TLSEXT_TYPE_session_ticket, &client_funcs,
2694 &server_funcs))
2695 errx(1, "failed to fetch session ticket funcs");
2696
2697 /*
2698 * By default, should not need a session ticket since the ticket
2699 * is not yet expected.
2700 */
2701 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2702 FAIL("server should not need SessionTicket by default\n");
2703 goto err;
2704 }
2705
2706 /* Test disabling tickets. */
2707 if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) {
2708 FAIL("Cannot disable tickets in the TLS connection\n");
2709 goto err;
2710 }
2711 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2712 FAIL("server should not need SessionTicket if it was disabled\n");
2713 goto err;
2714 }
2715
2716 /* Test re-enabling tickets. */
2717 if ((SSL_clear_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) != 0) {
2718 FAIL("Cannot re-enable tickets in the TLS connection\n");
2719 goto err;
2720 }
2721 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2722 FAIL("server should not need SessionTicket yet\n");
2723 goto err;
2724 }
2725
2726 /* Set expected to require it. */
2727 ssl->tlsext_ticket_expected = 1;
2728 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
2729 FAIL("server should now be required for SessionTicket\n");
2730 goto err;
2731 }
2732
2733 /* server hello's session ticket should always be 0 length payload. */
2734 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
2735 FAIL("Cannot build a ticket with a max length random payload\n");
2736 goto err;
2737 }
2738 if (!CBB_finish(&cbb, &data, &dlen)) {
2739 FAIL("Cannot finish CBB\n");
2740 goto err;
2741 }
2742 if (dlen != 0) {
2743 FAIL("Expected 0 length but found %zu\n", dlen);
2744 goto err;
2745 }
2746
2747 failure = 0;
2748
2749 err:
2750 CBB_cleanup(&cbb);
2751 SSL_CTX_free(ssl_ctx);
2752 SSL_free(ssl);
2753 free(data);
2754
2755 return (failure);
2756}
2757
2758#ifndef OPENSSL_NO_SRTP
2759/*
2760 * Supported Secure Real-time Transport Protocol (RFC 5764 section 4.1.1)
2761 */
2762
2763/* Colon separated string values */
2764const char *tlsext_srtp_single_profile = "SRTP_AES128_CM_SHA1_80";
2765const char *tlsext_srtp_multiple_profiles = "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32";
2766
2767const char *tlsext_srtp_aes128cmsha80 = "SRTP_AES128_CM_SHA1_80";
2768const char *tlsext_srtp_aes128cmsha32 = "SRTP_AES128_CM_SHA1_32";
2769
2770const uint8_t tlsext_srtp_single[] = {
2771 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2772 0x00, 0x02, /* len */
2773 0x00, 0x01, /* SRTP_AES128_CM_SHA1_80 */
2774 0x00 /* opaque srtp_mki<0..255> */
2775};
2776
2777const uint8_t tlsext_srtp_multiple[] = {
2778 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2779 0x00, 0x04, /* len */
2780 0x00, 0x01, /* SRTP_AES128_CM_SHA1_80 */
2781 0x00, 0x02, /* SRTP_AES128_CM_SHA1_32 */
2782 0x00 /* opaque srtp_mki<0..255> */
2783};
2784
2785const uint8_t tlsext_srtp_multiple_invalid[] = {
2786 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2787 0x00, 0x04, /* len */
2788 0x00, 0x08, /* arbitrary value not found in known profiles */
2789 0x00, 0x09, /* arbitrary value not found in known profiles */
2790 0x00 /* opaque srtp_mki<0..255> */
2791};
2792
2793const uint8_t tlsext_srtp_single_invalid[] = {
2794 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2795 0x00, 0x02, /* len */
2796 0x00, 0x08, /* arbitrary value not found in known profiles */
2797 0x00 /* opaque srtp_mki<0..255> */
2798};
2799
2800const uint8_t tlsext_srtp_multiple_one_valid[] = {
2801 /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */
2802 0x00, 0x04, /* len */
2803 0x00, 0x08, /* arbitrary value not found in known profiles */
2804 0x00, 0x02, /* SRTP_AES128_CM_SHA1_32 */
2805 0x00 /* opaque srtp_mki<0..255> */
2806};
2807
2808static int
2809test_tlsext_srtp_client(void)
2810{
2811 SRTP_PROTECTION_PROFILE *prof;
2812 SSL_CTX *ssl_ctx = NULL;
2813 SSL *ssl = NULL;
2814 const struct tls_extension_funcs *client_funcs;
2815 const struct tls_extension_funcs *server_funcs;
2816 uint8_t *data = NULL;
2817 CBB cbb;
2818 CBS cbs;
2819 int failure, alert;
2820 size_t dlen;
2821
2822 failure = 1;
2823
2824 if (!CBB_init(&cbb, 0))
2825 errx(1, "Failed to create CBB");
2826
2827 /* SRTP is for DTLS */
2828 if ((ssl_ctx = SSL_CTX_new(DTLSv1_client_method())) == NULL)
2829 errx(1, "failed to create SSL_CTX");
2830 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2831 errx(1, "failed to create SSL");
2832
2833 if (!tls_extension_funcs(TLSEXT_TYPE_use_srtp, &client_funcs,
2834 &server_funcs))
2835 errx(1, "failed to fetch srtp funcs");
2836
2837 /* By default, we don't need this */
2838 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2839 FAIL("client should not need SRTP by default\n");
2840 goto err;
2841 }
2842
2843 if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_single_profile) != 0) {
2844 FAIL("should be able to set a single SRTP\n");
2845 goto err;
2846 }
2847 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2848 FAIL("client should need SRTP\n");
2849 goto err;
2850 }
2851
2852 /* Make sure we can build the client with a single profile. */
2853
2854 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2855 FAIL("client failed to build SRTP\n");
2856 goto err;
2857 }
2858 if (!CBB_finish(&cbb, &data, &dlen))
2859 errx(1, "failed to finish CBB");
2860
2861 if (dlen != sizeof(tlsext_srtp_single)) {
2862 FAIL("got client SRTP with length %zu, "
2863 "want length %zu\n", dlen,
2864 sizeof(tlsext_srtp_single));
2865 compare_data(data, dlen, tlsext_srtp_single,
2866 sizeof(tlsext_srtp_single));
2867 goto err;
2868 }
2869 if (memcmp(data, tlsext_srtp_single, dlen) != 0) {
2870 FAIL("client SRTP differs:\n");
2871 compare_data(data, dlen, tlsext_srtp_single,
2872 sizeof(tlsext_srtp_single));
2873 goto err;
2874 }
2875
2876 CBB_cleanup(&cbb);
2877 if (!CBB_init(&cbb, 0))
2878 errx(1, "Failed to create CBB");
2879 free(data);
2880 data = NULL;
2881
2882 /* Make sure we can parse the single profile. */
2883
2884 if (SSL_get_selected_srtp_profile(ssl) != NULL) {
2885 FAIL("SRTP profile should not be set yet\n");
2886 goto err;
2887 }
2888
2889 CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single));
2890 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
2891 FAIL("failed to parse SRTP\n");
2892 goto err;
2893 }
2894 if (CBS_len(&cbs) != 0) {
2895 FAIL("extension data remaining\n");
2896 goto err;
2897 }
2898
2899 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
2900 FAIL("SRTP profile should be set now\n");
2901 goto err;
2902 }
2903 if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) {
2904 FAIL("SRTP profile was not set properly\n");
2905 goto err;
2906 }
2907
2908 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2909 FAIL("should send server extension when profile selected\n");
2910 goto err;
2911 }
2912
2913 /* Make sure we can build the clienthello with multiple entries. */
2914
2915 if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_multiple_profiles) != 0) {
2916 FAIL("should be able to set SRTP to multiple profiles\n");
2917 goto err;
2918 }
2919 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2920 FAIL("client should need SRTP by now\n");
2921 goto err;
2922 }
2923
2924 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
2925 FAIL("client failed to build SRTP\n");
2926 goto err;
2927 }
2928 if (!CBB_finish(&cbb, &data, &dlen))
2929 errx(1, "failed to finish CBB");
2930
2931 if (dlen != sizeof(tlsext_srtp_multiple)) {
2932 FAIL("got client SRTP with length %zu, "
2933 "want length %zu\n", dlen,
2934 sizeof(tlsext_srtp_multiple));
2935 compare_data(data, dlen, tlsext_srtp_multiple,
2936 sizeof(tlsext_srtp_multiple));
2937 goto err;
2938 }
2939 if (memcmp(data, tlsext_srtp_multiple, dlen) != 0) {
2940 FAIL("client SRTP differs:\n");
2941 compare_data(data, dlen, tlsext_srtp_multiple,
2942 sizeof(tlsext_srtp_multiple));
2943 goto err;
2944 }
2945
2946 CBB_cleanup(&cbb);
2947 if (!CBB_init(&cbb, 0))
2948 errx(1, "Failed to create CBB");
2949 free(data);
2950 data = NULL;
2951
2952 /* Make sure we can parse multiple profiles (selects server preferred) */
2953
2954 ssl->srtp_profile = NULL;
2955
2956 CBS_init(&cbs, tlsext_srtp_multiple,
2957 sizeof(tlsext_srtp_multiple));
2958 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
2959 FAIL("failed to parse SRTP\n");
2960 goto err;
2961 }
2962 if (CBS_len(&cbs) != 0) {
2963 FAIL("extension data remaining\n");
2964 goto err;
2965 }
2966
2967 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
2968 FAIL("SRTP profile should be set now\n");
2969 goto err;
2970 }
2971 if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) {
2972 FAIL("SRTP profile was not set properly\n");
2973 goto err;
2974 }
2975
2976 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
2977 FAIL("should send server extension when profile selected\n");
2978 goto err;
2979 }
2980
2981 /*
2982 * Make sure we can parse the clienthello with multiple entries
2983 * where one is unknown.
2984 */
2985 ssl->srtp_profile = NULL;
2986
2987 CBS_init(&cbs, tlsext_srtp_multiple_one_valid,
2988 sizeof(tlsext_srtp_multiple_one_valid));
2989 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
2990 FAIL("failed to parse SRTP\n");
2991 goto err;
2992 }
2993 if (CBS_len(&cbs) != 0) {
2994 FAIL("extension data remaining\n");
2995 goto err;
2996 }
2997
2998 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
2999 FAIL("SRTP profile should be set now\n");
3000 goto err;
3001 }
3002 if (strcmp(prof->name, tlsext_srtp_aes128cmsha32) != 0) {
3003 FAIL("SRTP profile was not set properly\n");
3004 goto err;
3005 }
3006
3007 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3008 FAIL("should send server extension when profile selected\n");
3009 goto err;
3010 }
3011
3012 /* Make sure we fall back to negotiated when none work. */
3013
3014 ssl->srtp_profile = NULL;
3015
3016 CBS_init(&cbs, tlsext_srtp_multiple_invalid,
3017 sizeof(tlsext_srtp_multiple_invalid));
3018 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3019 FAIL("should be able to fall back to negotiated\n");
3020 goto err;
3021 }
3022 if (CBS_len(&cbs) != 0) {
3023 FAIL("extension data remaining\n");
3024 goto err;
3025 }
3026
3027 /* If we fallback, the server should NOT send the extension. */
3028 if (SSL_get_selected_srtp_profile(ssl) != NULL) {
3029 FAIL("should not have selected a profile when none found\n");
3030 goto err;
3031 }
3032 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3033 FAIL("should not send server tlsext when no profile found\n");
3034 goto err;
3035 }
3036
3037 failure = 0;
3038
3039 err:
3040 CBB_cleanup(&cbb);
3041 SSL_CTX_free(ssl_ctx);
3042 SSL_free(ssl);
3043 free(data);
3044
3045 return (failure);
3046}
3047
3048static int
3049test_tlsext_srtp_server(void)
3050{
3051 const SRTP_PROTECTION_PROFILE *prof;
3052 SSL_CTX *ssl_ctx = NULL;
3053 SSL *ssl = NULL;
3054 const struct tls_extension_funcs *client_funcs;
3055 const struct tls_extension_funcs *server_funcs;
3056 uint8_t *data = NULL;
3057 CBB cbb;
3058 CBS cbs;
3059 int failure, alert;
3060 size_t dlen;
3061
3062 failure = 1;
3063
3064 if (!CBB_init(&cbb, 0))
3065 errx(1, "Failed to create CBB");
3066
3067 /* SRTP is for DTLS */
3068 if ((ssl_ctx = SSL_CTX_new(DTLSv1_client_method())) == NULL)
3069 errx(1, "failed to create SSL_CTX");
3070 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3071 errx(1, "failed to create SSL");
3072
3073 if (!tls_extension_funcs(TLSEXT_TYPE_use_srtp, &client_funcs,
3074 &server_funcs))
3075 errx(1, "failed to fetch srtp funcs");
3076
3077 /* By default, we don't need this */
3078 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3079 FAIL("server should not need SRTP by default\n");
3080 goto err;
3081 }
3082
3083 if (srtp_find_profile_by_name(tlsext_srtp_aes128cmsha80, &prof,
3084 strlen(tlsext_srtp_aes128cmsha80))) {
3085 FAIL("should be able to find the given profile\n");
3086 goto err;
3087 }
3088 ssl->srtp_profile = prof;
3089 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3090 FAIL("server should need SRTP by now\n");
3091 goto err;
3092 }
3093
3094 /* Make sure we can build the server with a single profile. */
3095
3096 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3097 FAIL("server failed to build SRTP\n");
3098 goto err;
3099 }
3100 if (!CBB_finish(&cbb, &data, &dlen))
3101 errx(1, "failed to finish CBB");
3102
3103 if (dlen != sizeof(tlsext_srtp_single)) {
3104 FAIL("got server SRTP with length %zu, "
3105 "want length %zu\n", dlen,
3106 sizeof(tlsext_srtp_single));
3107 compare_data(data, dlen, tlsext_srtp_single,
3108 sizeof(tlsext_srtp_single));
3109 goto err;
3110 }
3111 if (memcmp(data, tlsext_srtp_single, dlen) != 0) {
3112 FAIL("server SRTP differs:\n");
3113 compare_data(data, dlen, tlsext_srtp_single,
3114 sizeof(tlsext_srtp_single));
3115 goto err;
3116 }
3117
3118 CBB_cleanup(&cbb);
3119 if (!CBB_init(&cbb, 0))
3120 errx(1, "Failed to create CBB");
3121 free(data);
3122 data = NULL;
3123
3124 /* Make sure we can parse the single profile. */
3125 ssl->srtp_profile = NULL;
3126
3127 if (SSL_get_selected_srtp_profile(ssl) != NULL) {
3128 FAIL("SRTP profile should not be set yet\n");
3129 goto err;
3130 }
3131
3132 /* Setup the environment as if a client sent a list of profiles. */
3133 if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_multiple_profiles) != 0) {
3134 FAIL("should be able to set multiple profiles in SRTP\n");
3135 goto err;
3136 }
3137
3138 CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single));
3139 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3140 FAIL("failed to parse SRTP\n");
3141 goto err;
3142 }
3143 if (CBS_len(&cbs) != 0) {
3144 FAIL("extension data remaining\n");
3145 goto err;
3146 }
3147
3148 if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) {
3149 FAIL("SRTP profile should be set now\n");
3150 goto err;
3151 }
3152 if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) {
3153 FAIL("SRTP profile was not set properly\n");
3154 goto err;
3155 }
3156
3157 /* Make sure we cannot parse multiple profiles */
3158 ssl->srtp_profile = NULL;
3159
3160 CBS_init(&cbs, tlsext_srtp_multiple,
3161 sizeof(tlsext_srtp_multiple));
3162 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3163 FAIL("should not find multiple entries from the server\n");
3164 goto err;
3165 }
3166
3167 /* Make sure we cannot parse a server with unknown profile */
3168 ssl->srtp_profile = NULL;
3169
3170 CBS_init(&cbs, tlsext_srtp_single_invalid,
3171 sizeof(tlsext_srtp_single_invalid));
3172 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3173 FAIL("should not be able to parse this\n");
3174 goto err;
3175 }
3176
3177 failure = 0;
3178
3179 err:
3180 CBB_cleanup(&cbb);
3181 SSL_CTX_free(ssl_ctx);
3182 SSL_free(ssl);
3183 free(data);
3184
3185 return (failure);
3186}
3187#endif /* OPENSSL_NO_SRTP */
3188
3189unsigned char tlsext_clienthello_default[] = {
3190 0x00, 0x34, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00,
3191 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d,
3192 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23,
3193 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16,
3194 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08, 0x05,
3195 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01,
3196 0x04, 0x03, 0x02, 0x01, 0x02, 0x03,
3197};
3198
3199unsigned char tlsext_clienthello_disabled[] = {};
3200
3201static int
3202test_tlsext_clienthello_build(void)
3203{
3204 unsigned char *data = NULL;
3205 SSL_CTX *ssl_ctx = NULL;
3206 SSL *ssl = NULL;
3207 const struct tls_extension_funcs *client_funcs;
3208 const struct tls_extension_funcs *server_funcs;
3209 size_t dlen;
3210 int failure;
3211 CBB cbb;
3212
3213 failure = 1;
3214
3215 if (!CBB_init(&cbb, 0))
3216 errx(1, "failed to create CBB");
3217
3218 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) {
3219 FAIL("failed to create SSL_CTX");
3220 goto err;
3221 }
3222
3223 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
3224 FAIL("failed to create SSL");
3225 goto err;
3226 }
3227
3228 if (!tls_extension_funcs(TLSEXT_TYPE_supported_versions, &client_funcs,
3229 &server_funcs))
3230 errx(1, "failed to fetch supported versions funcs");
3231
3232 ssl->s3->hs.our_min_tls_version = TLS1_VERSION;
3233 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
3234
3235 if (!tlsext_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
3236 FAIL("failed to build clienthello extensions\n");
3237 goto err;
3238 }
3239 if (!CBB_finish(&cbb, &data, &dlen)) {
3240 FAIL("failed to finish CBB");
3241 goto err;
3242 }
3243
3244 if (dlen != sizeof(tlsext_clienthello_default)) {
3245 FAIL("got clienthello extensions with length %zu, "
3246 "want length %zu\n", dlen,
3247 sizeof(tlsext_clienthello_default));
3248 compare_data(data, dlen, tlsext_clienthello_default,
3249 sizeof(tlsext_clienthello_default));
3250 goto err;
3251 }
3252 if (memcmp(data, tlsext_clienthello_default, dlen) != 0) {
3253 FAIL("clienthello extensions differs:\n");
3254 compare_data(data, dlen, tlsext_clienthello_default,
3255 sizeof(tlsext_clienthello_default));
3256 goto err;
3257 }
3258
3259 free(data);
3260 data = NULL;
3261 CBB_cleanup(&cbb);
3262 if (!CBB_init(&cbb, 0))
3263 errx(1, "Failed to create CBB");
3264
3265 /* Switch to TLSv1.1, disable EC ciphers and session tickets. */
3266 ssl->s3->hs.our_max_tls_version = TLS1_1_VERSION;
3267 if (!SSL_set_cipher_list(ssl, "TLSv1.2:!ECDHE:!ECDSA")) {
3268 FAIL("failed to set cipher list\n");
3269 goto err;
3270 }
3271 if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) {
3272 FAIL("failed to disable session tickets\n");
3273 goto err;
3274 }
3275
3276 if (!tlsext_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
3277 FAIL("failed to build clienthello extensions\n");
3278 goto err;
3279 }
3280 if (!CBB_finish(&cbb, &data, &dlen)) {
3281 FAIL("failed to finish CBB");
3282 goto err;
3283 }
3284
3285 if (dlen != sizeof(tlsext_clienthello_disabled)) {
3286 FAIL("got clienthello extensions with length %zu, "
3287 "want length %zu\n", dlen,
3288 sizeof(tlsext_clienthello_disabled));
3289 compare_data(data, dlen, tlsext_clienthello_disabled,
3290 sizeof(tlsext_clienthello_disabled));
3291 goto err;
3292 }
3293 if (memcmp(data, tlsext_clienthello_disabled, dlen) != 0) {
3294 FAIL("clienthello extensions differs:\n");
3295 compare_data(data, dlen, tlsext_clienthello_disabled,
3296 sizeof(tlsext_clienthello_disabled));
3297 goto err;
3298 }
3299
3300 failure = 0;
3301
3302 err:
3303 CBB_cleanup(&cbb);
3304 SSL_CTX_free(ssl_ctx);
3305 SSL_free(ssl);
3306 free(data);
3307
3308 return (failure);
3309}
3310
3311unsigned char tlsext_serverhello_default[] = {
3312 0x00, 0x06, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04,
3313};
3314
3315unsigned char tlsext_serverhello_enabled[] = {
3316 0x00, 0x10, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04,
3317 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23,
3318 0x00, 0x00,
3319};
3320
3321static int
3322test_tlsext_serverhello_build(void)
3323{
3324 unsigned char *data = NULL;
3325 SSL_CTX *ssl_ctx = NULL;
3326 SSL *ssl = NULL;
3327 size_t dlen;
3328 int failure;
3329 CBB cbb;
3330
3331 failure = 1;
3332
3333 if (!CBB_init(&cbb, 0))
3334 errx(1, "failed to create CBB");
3335
3336 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) {
3337 FAIL("failed to create SSL_CTX");
3338 goto err;
3339 }
3340 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
3341 FAIL("failed to create SSL");
3342 goto err;
3343 }
3344 if ((ssl->session = SSL_SESSION_new()) == NULL) {
3345 FAIL("failed to create session");
3346 goto err;
3347 }
3348
3349 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3350 ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
3351 ssl->s3->hs.cipher =
3352 ssl3_get_cipher_by_id(TLS1_CK_RSA_WITH_AES_128_SHA256);
3353
3354 if (!tlsext_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3355 FAIL("failed to build serverhello extensions\n");
3356 goto err;
3357 }
3358 if (!CBB_finish(&cbb, &data, &dlen)) {
3359 FAIL("failed to finish CBB");
3360 goto err;
3361 }
3362
3363 if (dlen != sizeof(tlsext_serverhello_default)) {
3364 FAIL("got serverhello extensions with length %zu, "
3365 "want length %zu\n", dlen,
3366 sizeof(tlsext_serverhello_default));
3367 compare_data(data, dlen, tlsext_serverhello_default,
3368 sizeof(tlsext_serverhello_default));
3369 goto err;
3370 }
3371 if (memcmp(data, tlsext_serverhello_default, dlen) != 0) {
3372 FAIL("serverhello extensions differs:\n");
3373 compare_data(data, dlen, tlsext_serverhello_default,
3374 sizeof(tlsext_serverhello_default));
3375 goto err;
3376 }
3377
3378 CBB_cleanup(&cbb);
3379 free(data);
3380 data = NULL;
3381 if (!CBB_init(&cbb, 0))
3382 errx(1, "Failed to create CBB");
3383
3384 /* Turn a few things on so we get extensions... */
3385 ssl->s3->send_connection_binding = 1;
3386 ssl->s3->hs.cipher =
3387 ssl3_get_cipher_by_id(TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256);
3388 ssl->tlsext_status_expected = 1;
3389 ssl->tlsext_ticket_expected = 1;
3390 if ((ssl->session->tlsext_ecpointformatlist = malloc(1)) == NULL) {
3391 FAIL("malloc failed");
3392 goto err;
3393 }
3394 ssl->session->tlsext_ecpointformatlist_length = 1;
3395 ssl->session->tlsext_ecpointformatlist[0] =
3396 TLSEXT_ECPOINTFORMAT_uncompressed;
3397
3398 if (!tlsext_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3399 FAIL("failed to build serverhello extensions\n");
3400 goto err;
3401 }
3402 if (!CBB_finish(&cbb, &data, &dlen)) {
3403 FAIL("failed to finish CBB");
3404 goto err;
3405 }
3406
3407 if (dlen != sizeof(tlsext_serverhello_enabled)) {
3408 FAIL("got serverhello extensions with length %zu, "
3409 "want length %zu\n", dlen,
3410 sizeof(tlsext_serverhello_enabled));
3411 compare_data(data, dlen, tlsext_serverhello_enabled,
3412 sizeof(tlsext_serverhello_enabled));
3413 goto err;
3414 }
3415 if (memcmp(data, tlsext_serverhello_enabled, dlen) != 0) {
3416 FAIL("serverhello extensions differs:\n");
3417 compare_data(data, dlen, tlsext_serverhello_enabled,
3418 sizeof(tlsext_serverhello_enabled));
3419 goto err;
3420 }
3421
3422 failure = 0;
3423
3424 err:
3425 CBB_cleanup(&cbb);
3426 SSL_CTX_free(ssl_ctx);
3427 SSL_free(ssl);
3428 free(data);
3429
3430 return (failure);
3431}
3432
3433const unsigned char tlsext_versions_client[] = {
3434 0x08, 0x03, 0x04, 0x03, 0x03, 0x03,
3435 0x02, 0x03, 0x01,
3436};
3437
3438const unsigned char tlsext_versions_server[] = {
3439 0x03, 0x04,
3440};
3441
3442static int
3443test_tlsext_versions_client(void)
3444{
3445 unsigned char *data = NULL;
3446 SSL_CTX *ssl_ctx = NULL;
3447 SSL *ssl = NULL;
3448 const struct tls_extension_funcs *client_funcs;
3449 const struct tls_extension_funcs *server_funcs;
3450 int failure;
3451 size_t dlen;
3452 int alert;
3453 CBB cbb;
3454 CBS cbs;
3455
3456 failure = 1;
3457
3458 if (!CBB_init(&cbb, 0))
3459 errx(1, "Failed to create CBB");
3460
3461 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3462 errx(1, "failed to create SSL_CTX");
3463 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3464 errx(1, "failed to create SSL");
3465
3466 if (!tls_extension_funcs(TLSEXT_TYPE_supported_versions, &client_funcs,
3467 &server_funcs))
3468 errx(1, "failed to fetch supported versions funcs");
3469
3470 ssl->s3->hs.our_max_tls_version = TLS1_1_VERSION;
3471
3472 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3473 FAIL("client should not need versions\n");
3474 goto done;
3475 }
3476
3477 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
3478
3479 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3480 FAIL("client should not need versions\n");
3481 goto done;
3482 }
3483
3484 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3485
3486 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3487 FAIL("client should need versions\n");
3488 goto done;
3489 }
3490
3491 ssl->s3->hs.our_min_tls_version = TLS1_VERSION;
3492 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3493
3494 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
3495 FAIL("client should have built versions\n");
3496 goto done;
3497 }
3498
3499 if (!CBB_finish(&cbb, &data, &dlen)) {
3500 FAIL("failed to finish CBB\n");
3501 goto done;
3502 }
3503
3504 if (dlen != sizeof(tlsext_versions_client)) {
3505 FAIL("got versions with length %zu, "
3506 "want length %zu\n", dlen, sizeof(tlsext_versions_client));
3507 goto done;
3508 }
3509
3510 CBS_init(&cbs, data, dlen);
3511 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3512 FAIL("failed to parse client versions\n");
3513 goto done;
3514 }
3515 if (CBS_len(&cbs) != 0) {
3516 FAIL("extension data remaining\n");
3517 goto done;
3518 }
3519
3520 failure = 0;
3521
3522 done:
3523 CBB_cleanup(&cbb);
3524 SSL_CTX_free(ssl_ctx);
3525 SSL_free(ssl);
3526 free(data);
3527
3528 return (failure);
3529}
3530
3531static int
3532test_tlsext_versions_server(void)
3533{
3534 unsigned char *data = NULL;
3535 SSL_CTX *ssl_ctx = NULL;
3536 SSL *ssl = NULL;
3537 const struct tls_extension_funcs *client_funcs;
3538 const struct tls_extension_funcs *server_funcs;
3539 int failure;
3540 size_t dlen;
3541 int alert;
3542 CBB cbb;
3543 CBS cbs;
3544
3545 failure = 1;
3546
3547 if (!CBB_init(&cbb, 0))
3548 errx(1, "Failed to create CBB");
3549
3550 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3551 errx(1, "failed to create SSL_CTX");
3552 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3553 errx(1, "failed to create SSL");
3554
3555 if (!tls_extension_funcs(TLSEXT_TYPE_supported_versions, &client_funcs,
3556 &server_funcs))
3557 errx(1, "failed to fetch supported versions funcs");
3558
3559 ssl->s3->hs.negotiated_tls_version = TLS1_2_VERSION;
3560
3561 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3562 FAIL("server should not need versions\n");
3563 goto done;
3564 }
3565
3566 ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
3567
3568 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3569 FAIL("server should need versions\n");
3570 goto done;
3571 }
3572
3573 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3574 FAIL("server should have built versions\n");
3575 goto done;
3576 }
3577
3578 if (!CBB_finish(&cbb, &data, &dlen)) {
3579 FAIL("failed to finish CBB\n");
3580 goto done;
3581 }
3582
3583 if (dlen != sizeof(tlsext_versions_server)) {
3584 FAIL("got versions with length %zu, "
3585 "want length %zu\n", dlen, sizeof(tlsext_versions_server));
3586 goto done;
3587 }
3588
3589 CBS_init(&cbs, data, dlen);
3590 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3591 FAIL("failed to parse client versions\n");
3592 goto done;
3593 }
3594 if (CBS_len(&cbs) != 0) {
3595 FAIL("extension data remaining\n");
3596 goto done;
3597 }
3598
3599 failure = 0;
3600
3601 done:
3602 CBB_cleanup(&cbb);
3603 SSL_CTX_free(ssl_ctx);
3604 SSL_free(ssl);
3605 free(data);
3606
3607 return (failure);
3608}
3609
3610const unsigned char tlsext_keyshare_client[] = {
3611 0x00, 0x24, 0x00, 0x1d, 0x00, 0x20, 0xba, 0x83,
3612 0x2e, 0x4a, 0x18, 0xbe, 0x96, 0xd2, 0x71, 0x70,
3613 0x18, 0x04, 0xf9, 0x9d, 0x76, 0x98, 0xef, 0xe8,
3614 0x4f, 0x8b, 0x85, 0x41, 0xa4, 0xd9, 0x61, 0x57,
3615 0xad, 0x5b, 0xa4, 0xe9, 0x8b, 0x6b,
3616};
3617
3618const unsigned char tlsext_keyshare_server[] = {
3619 0x00, 0x1d, 0x00, 0x20, 0xe5, 0xe8, 0x5a, 0xb9,
3620 0x7e, 0x12, 0x62, 0xe3, 0xd8, 0x7f, 0x6e, 0x3c,
3621 0xec, 0xa6, 0x8b, 0x99, 0x45, 0x77, 0x8e, 0x11,
3622 0xb3, 0xb9, 0x12, 0xb6, 0xbe, 0x35, 0xca, 0x51,
3623 0x76, 0x1e, 0xe8, 0x22
3624};
3625
3626static int
3627test_tlsext_keyshare_client(void)
3628{
3629 unsigned char *data = NULL;
3630 SSL_CTX *ssl_ctx = NULL;
3631 SSL *ssl = NULL;
3632 const struct tls_extension_funcs *client_funcs;
3633 const struct tls_extension_funcs *server_funcs;
3634 int failure;
3635 size_t dlen;
3636 int alert;
3637 CBB cbb;
3638 CBS cbs;
3639
3640 failure = 1;
3641
3642 if (!CBB_init(&cbb, 0))
3643 errx(1, "Failed to create CBB");
3644
3645 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3646 errx(1, "failed to create SSL_CTX");
3647 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3648 errx(1, "failed to create SSL");
3649
3650 if (!tls_extension_funcs(TLSEXT_TYPE_key_share, &client_funcs,
3651 &server_funcs))
3652 errx(1, "failed to fetch keyshare funcs");
3653
3654 if ((ssl->s3->hs.key_share =
3655 tls_key_share_new_nid(NID_X25519)) == NULL)
3656 errx(1, "failed to create key share");
3657 if (!tls_key_share_generate(ssl->s3->hs.key_share))
3658 errx(1, "failed to generate key share");
3659
3660 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
3661 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3662 FAIL("client should not need keyshare\n");
3663 goto done;
3664 }
3665
3666 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3667 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3668 FAIL("client should need keyshare\n");
3669 goto done;
3670 }
3671
3672 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3673 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
3674 FAIL("client should have built keyshare\n");
3675 goto done;
3676 }
3677
3678 if (!CBB_finish(&cbb, &data, &dlen)) {
3679 FAIL("failed to finish CBB\n");
3680 goto done;
3681 }
3682
3683 if (dlen != sizeof(tlsext_keyshare_client)) {
3684 FAIL("got client keyshare with length %zu, "
3685 "want length %zu\n", dlen, (size_t) sizeof(tlsext_keyshare_client));
3686 goto done;
3687 }
3688
3689 (ssl)->version = TLS1_3_VERSION;
3690 CBS_init(&cbs, data, dlen);
3691
3692 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3693 FAIL("failed to parse client keyshare\n");
3694 goto done;
3695 }
3696
3697 if (CBS_len(&cbs) != 0) {
3698 FAIL("extension data remaining\n");
3699 goto done;
3700 }
3701
3702 failure = 0;
3703
3704 done:
3705 CBB_cleanup(&cbb);
3706 SSL_CTX_free(ssl_ctx);
3707 SSL_free(ssl);
3708 free(data);
3709
3710 return (failure);
3711}
3712
3713static const uint8_t bogokey[] = {
3714 0xe5, 0xe8, 0x5a, 0xb9, 0x7e, 0x12, 0x62, 0xe3,
3715 0xd8, 0x7f, 0x6e, 0x3c, 0xec, 0xa6, 0x8b, 0x99,
3716 0x45, 0x77, 0x8e, 0x11, 0xb3, 0xb9, 0x12, 0xb6,
3717 0xbe, 0x35, 0xca, 0x51, 0x76, 0x1e, 0xe8, 0x22,
3718};
3719
3720static int
3721test_tlsext_keyshare_server(void)
3722{
3723 unsigned char *data = NULL;
3724 SSL_CTX *ssl_ctx = NULL;
3725 SSL *ssl = NULL;
3726 const struct tls_extension_funcs *client_funcs;
3727 const struct tls_extension_funcs *server_funcs;
3728 int decode_error;
3729 int failure;
3730 size_t dlen, idx;
3731 int alert;
3732 CBB cbb;
3733 CBS cbs;
3734
3735 failure = 1;
3736
3737 if (!CBB_init(&cbb, 0))
3738 errx(1, "Failed to create CBB");
3739
3740 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3741 errx(1, "failed to create SSL_CTX");
3742 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3743 errx(1, "failed to create SSL");
3744
3745 if (!tls_extension_funcs(TLSEXT_TYPE_key_share, &client_funcs,
3746 &server_funcs))
3747 errx(1, "failed to fetch keyshare funcs");
3748
3749 ssl->s3->hs.negotiated_tls_version = TLS1_2_VERSION;
3750 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3751 FAIL("server should not need keyshare\n");
3752 goto done;
3753 }
3754
3755 ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
3756 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3757 FAIL("client should not need keyshare\n");
3758 goto done;
3759 }
3760
3761 if (tls_extension_find(TLSEXT_TYPE_key_share, &idx) == NULL) {
3762 FAIL("failed to find keyshare extension\n");
3763 goto done;
3764 }
3765 ssl->s3->hs.extensions_seen |= (1 << idx);
3766
3767 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3768 FAIL("server should need keyshare\n");
3769 goto done;
3770 }
3771
3772 if (server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3773 FAIL("server should not have built a keyshare response\n");
3774 goto done;
3775 }
3776
3777 if ((ssl->s3->hs.key_share =
3778 tls_key_share_new_nid(NID_X25519)) == NULL) {
3779 FAIL("failed to create key share");
3780 goto done;
3781 }
3782
3783 if (!tls_key_share_generate(ssl->s3->hs.key_share)) {
3784 FAIL("failed to generate key share");
3785 goto done;
3786 }
3787
3788 CBS_init(&cbs, bogokey, sizeof(bogokey));
3789
3790 if (!tls_key_share_peer_public(ssl->s3->hs.key_share, &cbs,
3791 &decode_error, NULL)) {
3792 FAIL("failed to load peer public key\n");
3793 goto done;
3794 }
3795
3796 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) {
3797 FAIL("server should be able to build a keyshare response\n");
3798 goto done;
3799 }
3800
3801 if (!CBB_finish(&cbb, &data, &dlen)) {
3802 FAIL("failed to finish CBB\n");
3803 goto done;
3804 }
3805
3806 if (dlen != sizeof(tlsext_keyshare_server)) {
3807 FAIL("got server keyshare with length %zu, "
3808 "want length %zu\n", dlen, sizeof(tlsext_keyshare_server));
3809 goto done;
3810 }
3811
3812 tls_key_share_free(ssl->s3->hs.key_share);
3813
3814 if ((ssl->s3->hs.key_share =
3815 tls_key_share_new_nid(NID_X25519)) == NULL) {
3816 FAIL("failed to create key share");
3817 goto done;
3818 }
3819 if (!tls_key_share_generate(ssl->s3->hs.key_share)) {
3820 FAIL("failed to generate key share");
3821 goto done;
3822 }
3823
3824 CBS_init(&cbs, data, dlen);
3825
3826 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
3827 FAIL("failed to parse server keyshare\n");
3828 goto done;
3829 }
3830
3831 if (CBS_len(&cbs) != 0) {
3832 FAIL("extension data remaining\n");
3833 goto done;
3834 }
3835
3836 failure = 0;
3837
3838done:
3839 CBB_cleanup(&cbb);
3840 SSL_CTX_free(ssl_ctx);
3841 SSL_free(ssl);
3842 free(data);
3843
3844 return (failure);
3845}
3846
3847/* One day I hope to be the only Muppet in this codebase */
3848const uint8_t cookie[] = "\n"
3849 " (o)(o) \n"
3850 " m' 'm \n"
3851 " M -****- M \n"
3852 " 'm m' \n"
3853 " m''''''''''m \n"
3854 " M M BB \n";
3855
3856static int
3857test_tlsext_cookie_client(void)
3858{
3859 unsigned char *data = NULL;
3860 SSL_CTX *ssl_ctx = NULL;
3861 SSL *ssl = NULL;
3862 const struct tls_extension_funcs *client_funcs;
3863 const struct tls_extension_funcs *server_funcs;
3864 int failure;
3865 size_t dlen;
3866 int alert;
3867 CBB cbb;
3868 CBS cbs;
3869
3870 failure = 1;
3871
3872 if (!CBB_init(&cbb, 0))
3873 errx(1, "Failed to create CBB");
3874
3875 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3876 errx(1, "failed to create SSL_CTX");
3877 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3878 errx(1, "failed to create SSL");
3879
3880 if (!tls_extension_funcs(TLSEXT_TYPE_cookie, &client_funcs,
3881 &server_funcs))
3882 errx(1, "failed to fetch cookie funcs");
3883
3884 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
3885 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3886 FAIL("client should not need cookie\n");
3887 goto done;
3888 }
3889
3890
3891 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3892 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3893 FAIL("client should not need cookie\n");
3894 goto done;
3895 }
3896
3897 /* Normally would be set by receiving a server cookie in an HRR */
3898 ssl->s3->hs.tls13.cookie = strdup(cookie);
3899 ssl->s3->hs.tls13.cookie_len = strlen(cookie);
3900
3901 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
3902 FAIL("client should need cookie\n");
3903 goto done;
3904 }
3905
3906 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
3907 FAIL("client should have built a cookie response\n");
3908 goto done;
3909 }
3910
3911 if (!CBB_finish(&cbb, &data, &dlen)) {
3912 FAIL("failed to finish CBB\n");
3913 goto done;
3914 }
3915
3916 if (dlen != strlen(cookie) + sizeof(uint16_t)) {
3917 FAIL("got cookie with length %zu, "
3918 "want length %zu\n", dlen, strlen(cookie) +
3919 sizeof(uint16_t));
3920 goto done;
3921 }
3922
3923 CBS_init(&cbs, data, dlen);
3924
3925 /* Checks cookie against what's in the hs.tls13 */
3926 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
3927 FAIL("failed to parse client cookie\n");
3928 goto done;
3929 }
3930
3931 if (CBS_len(&cbs) != 0) {
3932 FAIL("extension data remaining\n");
3933 goto done;
3934 }
3935
3936 failure = 0;
3937
3938 done:
3939 CBB_cleanup(&cbb);
3940 SSL_CTX_free(ssl_ctx);
3941 SSL_free(ssl);
3942 free(data);
3943
3944 return (failure);
3945}
3946
3947static int
3948test_tlsext_cookie_server(void)
3949{
3950 unsigned char *data = NULL;
3951 SSL_CTX *ssl_ctx = NULL;
3952 SSL *ssl = NULL;
3953 const struct tls_extension_funcs *client_funcs;
3954 const struct tls_extension_funcs *server_funcs;
3955 int failure;
3956 size_t dlen;
3957 int alert;
3958 CBB cbb;
3959 CBS cbs;
3960
3961 failure = 1;
3962
3963 if (!CBB_init(&cbb, 0))
3964 errx(1, "Failed to create CBB");
3965
3966 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
3967 errx(1, "failed to create SSL_CTX");
3968 if ((ssl = SSL_new(ssl_ctx)) == NULL)
3969 errx(1, "failed to create SSL");
3970
3971 if (!tls_extension_funcs(TLSEXT_TYPE_cookie, &client_funcs,
3972 &server_funcs))
3973 errx(1, "failed to fetch cookie funcs");
3974
3975 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
3976 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3977 FAIL("server should not need cookie\n");
3978 goto done;
3979 }
3980
3981 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
3982 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
3983 FAIL("server should not need cookie\n");
3984 goto done;
3985 }
3986
3987 /* Normally would be set by server before sending HRR */
3988 ssl->s3->hs.tls13.cookie = strdup(cookie);
3989 ssl->s3->hs.tls13.cookie_len = strlen(cookie);
3990
3991 if (!server_funcs->needs(ssl, SSL_TLSEXT_MSG_HRR)) {
3992 FAIL("server should need cookie\n");
3993 goto done;
3994 }
3995
3996 if (!server_funcs->build(ssl, SSL_TLSEXT_MSG_HRR, &cbb)) {
3997 FAIL("server should have built a cookie response\n");
3998 goto done;
3999 }
4000
4001 if (!CBB_finish(&cbb, &data, &dlen)) {
4002 FAIL("failed to finish CBB\n");
4003 goto done;
4004 }
4005
4006 if (dlen != strlen(cookie) + sizeof(uint16_t)) {
4007 FAIL("got cookie with length %zu, "
4008 "want length %zu\n", dlen, strlen(cookie) +
4009 sizeof(uint16_t));
4010 goto done;
4011 }
4012
4013 CBS_init(&cbs, data, dlen);
4014
4015 if (client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
4016 FAIL("client should not have parsed server cookie\n");
4017 goto done;
4018 }
4019
4020 freezero(ssl->s3->hs.tls13.cookie, ssl->s3->hs.tls13.cookie_len);
4021 ssl->s3->hs.tls13.cookie = NULL;
4022 ssl->s3->hs.tls13.cookie_len = 0;
4023
4024 if (!client_funcs->parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
4025 FAIL("failed to parse server cookie\n");
4026 goto done;
4027 }
4028
4029 if (memcmp(cookie, ssl->s3->hs.tls13.cookie,
4030 ssl->s3->hs.tls13.cookie_len) != 0) {
4031 FAIL("parsed server cookie does not match sent cookie\n");
4032 goto done;
4033 }
4034
4035 if (CBS_len(&cbs) != 0) {
4036 FAIL("extension data remaining\n");
4037 goto done;
4038 }
4039
4040 failure = 0;
4041
4042done:
4043 CBB_cleanup(&cbb);
4044 SSL_CTX_free(ssl_ctx);
4045 SSL_free(ssl);
4046 free(data);
4047
4048 return (failure);
4049}
4050
4051const uint8_t tlsext_default_psk_modes[] = {
4052 0x01, 0x01,
4053};
4054
4055const uint8_t tlsext_psk_only_mode[] = {
4056 0x01, 0x00,
4057};
4058
4059const uint8_t tlsext_psk_both_modes[] = {
4060 0x02, 0x00, 0x01,
4061};
4062
4063static int
4064test_tlsext_psk_modes_client(void)
4065{
4066 SSL_CTX *ssl_ctx = NULL;
4067 SSL *ssl = NULL;
4068 const struct tls_extension_funcs *client_funcs;
4069 const struct tls_extension_funcs *server_funcs;
4070 int failure;
4071 uint8_t *data = NULL;
4072 size_t dlen;
4073 CBB cbb;
4074 CBS cbs;
4075 int alert;
4076
4077 failure = 1;
4078
4079 if (!CBB_init(&cbb, 0))
4080 errx(1, "Failed to create CBB");
4081
4082 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
4083 errx(1, "failed to create SSL_CTX");
4084 if ((ssl = SSL_new(ssl_ctx)) == NULL)
4085 errx(1, "failed to create SSL");
4086
4087 if (!tls_extension_funcs(TLSEXT_TYPE_psk_kex_modes, &client_funcs,
4088 &server_funcs))
4089 errx(1, "failed to fetch psk funcs");
4090
4091 /* Disabled by default. */
4092 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
4093 FAIL("client should not need psk kex modes by default\n");
4094 goto err;
4095 }
4096
4097 /*
4098 * Prerequisites: use_psk_dhe_ke flag is set and
4099 * our_max_tls_version >= TLSv1.3.
4100 */
4101
4102 ssl->s3->hs.tls13.use_psk_dhe_ke = 1;
4103 ssl->s3->hs.our_max_tls_version = TLS1_2_VERSION;
4104
4105 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
4106 FAIL("client should not need psk kex modes with TLSv1.2\n");
4107 goto err;
4108 }
4109
4110 ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
4111 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
4112
4113 if (client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
4114 FAIL("client should not need psk kex modes without "
4115 "use_psk_dhe_ke\n");
4116 goto err;
4117 }
4118
4119 ssl->s3->hs.tls13.use_psk_dhe_ke = 1;
4120 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
4121
4122 if (!client_funcs->needs(ssl, SSL_TLSEXT_MSG_CH)) {
4123 FAIL("client should need psk kex modes with TLSv1.3\n");
4124 goto err;
4125 }
4126
4127 /* Make sure we can build psk modes with DHE key establishment. */
4128
4129 if (!client_funcs->build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) {
4130 FAIL("client failed to build psk kex modes\n");
4131 goto err;
4132 }
4133
4134 if (!CBB_finish(&cbb, &data, &dlen))
4135 errx(1, "failed to finish psk kex CBB");
4136
4137 if (dlen != sizeof(tlsext_default_psk_modes)) {
4138 FAIL("got client psk kex modes with length %zu, "
4139 "want length %zu\n", dlen,
4140 sizeof(tlsext_default_psk_modes));
4141 compare_data(data, dlen, tlsext_default_psk_modes,
4142 sizeof(tlsext_default_psk_modes));
4143 goto err;
4144 }
4145 if (memcmp(data, tlsext_default_psk_modes, dlen) != 0) {
4146 FAIL("client psk kex modes differ:\n");
4147 compare_data(data, dlen, tlsext_default_psk_modes,
4148 sizeof(tlsext_default_psk_modes));
4149 goto err;
4150 }
4151
4152 CBB_cleanup(&cbb);
4153 free(data);
4154 data = NULL;
4155
4156 /*
4157 * Make sure we can parse the default psk modes and that use_psk_dhe_ke
4158 * is set after parsing.
4159 */
4160
4161 ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
4162
4163 CBS_init(&cbs, tlsext_default_psk_modes,
4164 sizeof(tlsext_default_psk_modes));
4165 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
4166 FAIL("failed to parse psk kex modes\n");
4167 goto err;
4168 }
4169 if (CBS_len(&cbs) != 0) {
4170 FAIL("extension data remaining\n");
4171 goto err;
4172 }
4173
4174 if (ssl->s3->hs.tls13.use_psk_dhe_ke != 1) {
4175 FAIL("should have set use_psk_dhe_ke\n");
4176 goto err;
4177 }
4178
4179 /*
4180 * Make sure we can parse the psk-only mode and that use_psk_dhe_ke
4181 * is still not set after parsing.
4182 */
4183
4184 ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
4185
4186 CBS_init(&cbs, tlsext_psk_only_mode, sizeof(tlsext_psk_only_mode));
4187 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
4188 FAIL("failed to parse psk kex modes\n");
4189 goto err;
4190 }
4191 if (CBS_len(&cbs) != 0) {
4192 FAIL("extension data remaining\n");
4193 goto err;
4194 }
4195
4196 if (ssl->s3->hs.tls13.use_psk_dhe_ke != 0) {
4197 FAIL("should not have set use_psk_dhe_ke\n");
4198 goto err;
4199 }
4200
4201 /*
4202 * Make sure we can parse the extension indicating both modes and that
4203 * use_psk_dhe_ke is set after parsing.
4204 */
4205
4206 ssl->s3->hs.tls13.use_psk_dhe_ke = 0;
4207
4208 CBS_init(&cbs, tlsext_psk_both_modes, sizeof(tlsext_psk_both_modes));
4209 if (!server_funcs->parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) {
4210 FAIL("failed to parse psk kex modes\n");
4211 goto err;
4212 }
4213 if (CBS_len(&cbs) != 0) {
4214 FAIL("extension data remaining\n");
4215 goto err;
4216 }
4217
4218 if (ssl->s3->hs.tls13.use_psk_dhe_ke != 1) {
4219 FAIL("should have set use_psk_dhe_ke\n");
4220 goto err;
4221 }
4222
4223 failure = 0;
4224
4225 err:
4226 CBB_cleanup(&cbb);
4227 SSL_CTX_free(ssl_ctx);
4228 SSL_free(ssl);
4229 free(data);
4230
4231 return failure;
4232}
4233
4234static int
4235test_tlsext_psk_modes_server(void)
4236{
4237 SSL_CTX *ssl_ctx = NULL;
4238 SSL *ssl = NULL;
4239 const struct tls_extension_funcs *client_funcs;
4240 const struct tls_extension_funcs *server_funcs;
4241 int failure;
4242
4243 failure = 1;
4244
4245 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
4246 errx(1, "failed to create SSL_CTX");
4247 if ((ssl = SSL_new(ssl_ctx)) == NULL)
4248 errx(1, "failed to create SSL");
4249
4250 if (!tls_extension_funcs(TLSEXT_TYPE_psk_kex_modes, &client_funcs,
4251 &server_funcs))
4252 errx(1, "failed to fetch psk funcs");
4253
4254 if (server_funcs->needs(ssl, SSL_TLSEXT_MSG_SH)) {
4255 FAIL("server should not need psk kex modes\n");
4256 goto err;
4257 }
4258
4259 failure = 0;
4260
4261 err:
4262 SSL_CTX_free(ssl_ctx);
4263 SSL_free(ssl);
4264
4265 return failure;
4266}
4267
4268struct tls_sni_test {
4269 const char *hostname;
4270 int is_ip;
4271 int valid;
4272};
4273
4274static const struct tls_sni_test tls_sni_tests[] = {
4275 {
4276 .hostname = "openbsd.org",
4277 .valid = 1,
4278 },
4279 {
4280 .hostname = "op3nbsd.org",
4281 .valid = 1,
4282 },
4283 {
4284 .hostname = "org",
4285 .valid = 1,
4286 },
4287 {
4288 .hostname = "3openbsd.com",
4289 .valid = 1,
4290 },
4291 {
4292 .hostname = "3-0penb-d.c-m",
4293 .valid = 1,
4294 },
4295 {
4296 .hostname = "a",
4297 .valid = 1,
4298 },
4299 {
4300 .hostname =
4301 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com",
4302 .valid = 1,
4303 },
4304 {
4305 .hostname =
4306 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4307 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4308 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4309 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
4310 .valid = 1,
4311 },
4312 {
4313 .hostname = "openbsd.org.",
4314 .valid = 0,
4315 },
4316 {
4317 .hostname = "openbsd..org",
4318 .valid = 0,
4319 },
4320 {
4321 .hostname = "openbsd.org-",
4322 .valid = 0,
4323 },
4324 {
4325 .hostname =
4326 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com",
4327 .valid = 0,
4328 },
4329 {
4330 .hostname =
4331 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4332 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4333 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
4334 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.a",
4335 .valid = 0,
4336 },
4337 {
4338 .hostname = "-p3nbsd.org",
4339 .valid = 0,
4340 },
4341 {
4342 .hostname = "openbs-.org",
4343 .valid = 0,
4344 },
4345 {
4346 .hostname = "openbsd\n.org",
4347 .valid = 0,
4348 },
4349 {
4350 .hostname = "open_bsd.org",
4351 .valid = 0,
4352 },
4353 {
4354 .hostname = "open\178bsd.org",
4355 .valid = 0,
4356 },
4357 {
4358 .hostname = "open\255bsd.org",
4359 .valid = 0,
4360 },
4361 {
4362 .hostname = "dead::beef",
4363 .is_ip = 1,
4364 .valid = 0,
4365 },
4366 {
4367 .hostname = "192.168.0.1",
4368 .is_ip = 1,
4369 .valid = 0,
4370 },
4371};
4372
4373#define N_TLS_SNI_TESTS (sizeof(tls_sni_tests) / sizeof(*tls_sni_tests))
4374
4375static int
4376test_tlsext_is_valid_hostname(const struct tls_sni_test *tst)
4377{
4378 int failure;
4379 int is_ip;
4380 CBS cbs;
4381
4382 failure = 1;
4383
4384 CBS_init(&cbs, tst->hostname, strlen(tst->hostname));
4385 if (tlsext_sni_is_valid_hostname(&cbs, &is_ip) != tst->valid) {
4386 if (tst->valid) {
4387 FAIL("Valid hostname '%s' rejected\n",
4388 tst->hostname);
4389 } else {
4390 FAIL("Invalid hostname '%s' accepted\n",
4391 tst->hostname);
4392 }
4393 goto done;
4394 }
4395 if (tst->is_ip != is_ip) {
4396 if (tst->is_ip) {
4397 FAIL("Hostname '%s' is an IP literal but not "
4398 "identified as one\n", tst->hostname);
4399 } else {
4400 FAIL("Hostname '%s' is not an IP literal but is "
4401 "identified as one\n", tst->hostname);
4402 }
4403 goto done;
4404 }
4405
4406 if (tst->valid) {
4407 CBS_init(&cbs, tst->hostname,
4408 strlen(tst->hostname) + 1);
4409 if (tlsext_sni_is_valid_hostname(&cbs, &is_ip)) {
4410 FAIL("hostname with NUL byte accepted\n");
4411 goto done;
4412 }
4413 }
4414
4415 failure = 0;
4416
4417 done:
4418
4419 return failure;
4420}
4421
4422static int
4423test_tlsext_valid_hostnames(void)
4424{
4425 const struct tls_sni_test *tst;
4426 int failure = 0;
4427 size_t i;
4428
4429 for (i = 0; i < N_TLS_SNI_TESTS; i++) {
4430 tst = &tls_sni_tests[i];
4431 failure |= test_tlsext_is_valid_hostname(tst);
4432 }
4433
4434 return failure;
4435}
4436
4437int
4438main(int argc, char **argv)
4439{
4440 int failed = 0;
4441
4442 SSL_library_init();
4443 SSL_load_error_strings();
4444
4445 failed |= test_tlsext_alpn_client();
4446 failed |= test_tlsext_alpn_server();
4447
4448 failed |= test_tlsext_supportedgroups_client();
4449 failed |= test_tlsext_supportedgroups_server();
4450
4451 failed |= test_tlsext_ecpf_client();
4452 failed |= test_tlsext_ecpf_server();
4453
4454 failed |= test_tlsext_ri_client();
4455 failed |= test_tlsext_ri_server();
4456
4457 failed |= test_tlsext_sigalgs_client();
4458
4459 failed |= test_tlsext_sni_client();
4460 failed |= test_tlsext_sni_server();
4461
4462 failed |= test_tlsext_ocsp_client();
4463 failed |= test_tlsext_ocsp_server();
4464
4465 failed |= test_tlsext_sessionticket_client();
4466 failed |= test_tlsext_sessionticket_server();
4467
4468 failed |= test_tlsext_versions_client();
4469 failed |= test_tlsext_versions_server();
4470
4471 failed |= test_tlsext_keyshare_client();
4472 failed |= test_tlsext_keyshare_server();
4473
4474 failed |= test_tlsext_cookie_client();
4475 failed |= test_tlsext_cookie_server();
4476
4477#ifndef OPENSSL_NO_SRTP
4478 failed |= test_tlsext_srtp_client();
4479 failed |= test_tlsext_srtp_server();
4480#else
4481 fprintf(stderr, "Skipping SRTP tests due to OPENSSL_NO_SRTP\n");
4482#endif
4483
4484 failed |= test_tlsext_psk_modes_client();
4485 failed |= test_tlsext_psk_modes_server();
4486
4487 failed |= test_tlsext_clienthello_build();
4488 failed |= test_tlsext_serverhello_build();
4489
4490 failed |= test_tlsext_valid_hostnames();
4491
4492 failed |= test_tlsext_quic_transport_parameters_client();
4493 failed |= test_tlsext_quic_transport_parameters_server();
4494
4495 return (failed);
4496}
diff --git a/src/regress/lib/libssl/tlsfuzzer/Makefile b/src/regress/lib/libssl/tlsfuzzer/Makefile
deleted file mode 100644
index b57b44daa7..0000000000
--- a/src/regress/lib/libssl/tlsfuzzer/Makefile
+++ /dev/null
@@ -1,47 +0,0 @@
1# $OpenBSD: Makefile,v 1.6 2022/07/18 09:17:44 tb Exp $
2
3.if !exists(/usr/local/share/tlsfuzzer)
4regress:
5 @echo package py3-tlsfuzzer is required for this regress
6 @echo SKIPPED
7.else
8
9REGRESS_TARGETS=regress-tlsfuzzer
10
11localhost.key localhost.crt:
12 openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt \
13 -subj /CN=localhost -nodes -batch
14
15certs: localhost.key localhost.crt
16
17CLEANFILES += localhost.key localhost.crt
18
19PORT ?= 4433
20SLOW = -s
21TIMING = # -t
22VERBOSE = # -v
23
24regress-tlsfuzzer: certs
25 python3 ${.CURDIR}/tlsfuzzer.py ${SLOW} ${TIMING} ${VERBOSE}
26
27failing: certs
28 python3 ${.CURDIR}/tlsfuzzer.py -f ${SLOW} ${TIMING} ${VERBOSE}
29
30
31port: certs
32 python3 ${.CURDIR}/tlsfuzzer.py ${SLOW} ${TIMING} ${VERBOSE} -p ${PORT}
33
34list:
35 @python3 ${.CURDIR}/tlsfuzzer.py -l
36
37list-failing:
38 @python3 ${.CURDIR}/tlsfuzzer.py -l -f
39
40missing:
41 @python3 ${.CURDIR}/tlsfuzzer.py -m
42
43.PHONY: all certs failing list list-failing missing port
44
45.endif
46
47.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py b/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py
deleted file mode 100644
index 0cbd90c2e2..0000000000
--- a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py
+++ /dev/null
@@ -1,884 +0,0 @@
1# $OpenBSD: tlsfuzzer.py,v 1.47 2022/07/18 09:15:08 tb Exp $
2#
3# Copyright (c) 2020 Theo Buehler <tb@openbsd.org>
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16
17import getopt
18import os
19import subprocess
20import sys
21from timeit import default_timer as timer
22
23tlsfuzzer_scriptdir = "/usr/local/share/tlsfuzzer/scripts/"
24
25class Test:
26 """
27 Represents a tlsfuzzer test script.
28 name: the script's name
29 args: arguments to feed to the script
30 tls12_args: override args for a TLSv1.2 server
31 tls13_args: override args for a TLSv1.3 server
32
33 XXX Add client cert support.
34 """
35 def __init__(self, name="", args=[], tls12_args=[], tls13_args=[]):
36 self.name = name
37 self.tls12_args = args
38 self.tls13_args = args
39 if tls12_args:
40 self.tls12_args = tls12_args
41 if tls13_args:
42 self.tls13_args = tls13_args
43
44 def args(self, has_tls1_3: True):
45 if has_tls1_3:
46 return self.tls13_args
47 else:
48 return self.tls12_args
49
50 def __repr__(self):
51 return "<Test: %s tls12_args: %s tls13_args: %s>" % (
52 self.name, self.tls12_args, self.tls13_args
53 )
54
55class TestGroup:
56 """ A group of Test objects to be run by TestRunner."""
57 def __init__(self, title="Tests", tests=[]):
58 self.title = title
59 self.tests = tests
60
61 def __iter__(self):
62 return iter(self.tests)
63
64# argument to pass to several tests
65tls13_unsupported_ciphers = [
66 "-e", "TLS 1.3 with ffdhe2048",
67 "-e", "TLS 1.3 with ffdhe3072",
68 "-e", "TLS 1.3 with x448",
69]
70
71def substitute_alert(want, got):
72 return f"Expected alert description \"{want}\" " \
73 + f"does not match received \"{got}\""
74
75# test-tls13-finished.py has 70 failing tests that expect a "decode_error"
76# instead of the "decrypt_error" sent by tls13_server_finished_recv().
77# Both alerts appear to be reasonable in this context, so work around this
78# in the test instead of the library.
79def generate_test_tls13_finished_args():
80 assertion = substitute_alert("decode_error", "decrypt_error");
81 paddings = [
82 ("TLS_AES_128_GCM_SHA256", 0, 1),
83 ("TLS_AES_128_GCM_SHA256", 0, 2),
84 ("TLS_AES_128_GCM_SHA256", 0, 4),
85 ("TLS_AES_128_GCM_SHA256", 0, 8),
86 ("TLS_AES_128_GCM_SHA256", 0, 16),
87 ("TLS_AES_128_GCM_SHA256", 0, 32),
88 ("TLS_AES_128_GCM_SHA256", 0, 48),
89 ("TLS_AES_128_GCM_SHA256", 0, 2**14-4-32),
90 ("TLS_AES_128_GCM_SHA256", 0, 0x20000),
91 ("TLS_AES_128_GCM_SHA256", 0, 0x30000),
92 ("TLS_AES_128_GCM_SHA256", 1, 0),
93 ("TLS_AES_128_GCM_SHA256", 2, 0),
94 ("TLS_AES_128_GCM_SHA256", 4, 0),
95 ("TLS_AES_128_GCM_SHA256", 8, 0),
96 ("TLS_AES_128_GCM_SHA256", 16, 0),
97 ("TLS_AES_128_GCM_SHA256", 32, 0),
98 ("TLS_AES_128_GCM_SHA256", 48, 0),
99 ("TLS_AES_128_GCM_SHA256", 2**14-4-32, 0),
100 ("TLS_AES_128_GCM_SHA256", 12, 0),
101 ("TLS_AES_128_GCM_SHA256", 1, 1),
102 ("TLS_AES_128_GCM_SHA256", 8, 8),
103 ("TLS_AES_256_GCM_SHA384", 0, 1),
104 ("TLS_AES_256_GCM_SHA384", 0, 2),
105 ("TLS_AES_256_GCM_SHA384", 0, 4),
106 ("TLS_AES_256_GCM_SHA384", 0, 8),
107 ("TLS_AES_256_GCM_SHA384", 0, 16),
108 ("TLS_AES_256_GCM_SHA384", 0, 32),
109 ("TLS_AES_256_GCM_SHA384", 0, 48),
110 ("TLS_AES_256_GCM_SHA384", 0, 2**14-4-48),
111 ("TLS_AES_256_GCM_SHA384", 0, 0x20000),
112 ("TLS_AES_256_GCM_SHA384", 0, 0x30000),
113 ("TLS_AES_256_GCM_SHA384", 0, 12),
114 ("TLS_AES_256_GCM_SHA384", 1, 0),
115 ("TLS_AES_256_GCM_SHA384", 2, 0),
116 ("TLS_AES_256_GCM_SHA384", 4, 0),
117 ("TLS_AES_256_GCM_SHA384", 8, 0),
118 ("TLS_AES_256_GCM_SHA384", 16, 0),
119 ("TLS_AES_256_GCM_SHA384", 32, 0),
120 ("TLS_AES_256_GCM_SHA384", 48, 0),
121 ("TLS_AES_256_GCM_SHA384", 2**14-4-48, 0),
122 ("TLS_AES_256_GCM_SHA384", 1, 1),
123 ("TLS_AES_256_GCM_SHA384", 8, 8),
124 ]
125 truncations = [
126 ("TLS_AES_128_GCM_SHA256", 0, -1),
127 ("TLS_AES_128_GCM_SHA256", 0, -2),
128 ("TLS_AES_128_GCM_SHA256", 0, -4),
129 ("TLS_AES_128_GCM_SHA256", 0, -8),
130 ("TLS_AES_128_GCM_SHA256", 0, -16),
131 ("TLS_AES_128_GCM_SHA256", 0, -32),
132 ("TLS_AES_128_GCM_SHA256", 0, 12),
133 ("TLS_AES_128_GCM_SHA256", 1, None),
134 ("TLS_AES_128_GCM_SHA256", 2, None),
135 ("TLS_AES_128_GCM_SHA256", 4, None),
136 ("TLS_AES_128_GCM_SHA256", 8, None),
137 ("TLS_AES_128_GCM_SHA256", 16, None),
138 ("TLS_AES_128_GCM_SHA256", 32, None),
139 ("TLS_AES_256_GCM_SHA384", 0, -1),
140 ("TLS_AES_256_GCM_SHA384", 0, -2),
141 ("TLS_AES_256_GCM_SHA384", 0, -4),
142 ("TLS_AES_256_GCM_SHA384", 0, -8),
143 ("TLS_AES_256_GCM_SHA384", 0, -16),
144 ("TLS_AES_256_GCM_SHA384", 0, -32),
145 ("TLS_AES_256_GCM_SHA384", 0, 12),
146 ("TLS_AES_256_GCM_SHA384", 1, None),
147 ("TLS_AES_256_GCM_SHA384", 2, None),
148 ("TLS_AES_256_GCM_SHA384", 4, None),
149 ("TLS_AES_256_GCM_SHA384", 8, None),
150 ("TLS_AES_256_GCM_SHA384", 16, None),
151 ("TLS_AES_256_GCM_SHA384", 32, None),
152 ]
153
154 args = [
155 "-x", "empty - cipher TLS_AES_128_GCM_SHA256", "-X", assertion,
156 "-x", "empty - cipher TLS_AES_256_GCM_SHA384", "-X", assertion,
157 ]
158 padding_fmt = "padding - cipher %s, pad_byte 0, pad_left %d, pad_right %d"
159 for padding in paddings:
160 args += ["-x", padding_fmt % padding, "-X", assertion]
161 truncation_fmt = "truncation - cipher %s, start %d, end %s"
162 for truncation in truncations:
163 args += ["-x", truncation_fmt % truncation, "-X", assertion]
164 return args
165
166tls13_tests = TestGroup("TLSv1.3 tests", [
167 Test("test-tls13-ccs.py"),
168 Test("test-tls13-conversation.py"),
169 Test("test-tls13-count-tickets.py"),
170 Test("test-tls13-empty-alert.py"),
171 Test("test-tls13-finished.py", generate_test_tls13_finished_args()),
172 Test("test-tls13-finished-plaintext.py"),
173 Test("test-tls13-hrr.py"),
174 Test("test-tls13-keyshare-omitted.py"),
175 Test("test-tls13-legacy-version.py"),
176 Test("test-tls13-nociphers.py"),
177 Test("test-tls13-record-padding.py"),
178 # Exclude QUIC transport parameters
179 Test("test-tls13-shuffled-extentions.py", [ "--exc", "57" ]),
180 Test("test-tls13-zero-content-type.py"),
181
182 # The skipped tests fail due to a bug in BIO_gets() which masks the retry
183 # signalled from an SSL_read() failure. Testing with httpd(8) shows we're
184 # handling these corner cases correctly since tls13_record_layer.c -r1.47.
185 Test("test-tls13-zero-length-data.py", [
186 "-e", "zero-length app data",
187 "-e", "zero-length app data with large padding",
188 "-e", "zero-length app data with padding",
189 ]),
190])
191
192# Tests that take a lot of time (> ~30s on an x280)
193tls13_slow_tests = TestGroup("slow TLSv1.3 tests", [
194 # XXX: Investigate the occasional message
195 # "Got shared secret with 1 most significant bytes equal to zero."
196 Test("test-tls13-dhe-shared-secret-padding.py", tls13_unsupported_ciphers),
197
198 Test("test-tls13-invalid-ciphers.py"),
199 Test("test-tls13-serverhello-random.py", tls13_unsupported_ciphers),
200
201 # Mark two tests cases as xfail for now. The tests expect an arguably
202 # correct decode_error while we send a decrypt_error (like fizz/boring).
203 Test("test-tls13-record-layer-limits.py", [
204 "-x", "max size payload (2**14) of Finished msg, with 16348 bytes of left padding, cipher TLS_AES_128_GCM_SHA256",
205 "-X", substitute_alert("decode_error", "decrypt_error"),
206 "-x", "max size payload (2**14) of Finished msg, with 16348 bytes of left padding, cipher TLS_CHACHA20_POLY1305_SHA256",
207 "-X", substitute_alert("decode_error", "decrypt_error"),
208 ]),
209 # We don't accept an empty ECPF extension since it must advertise the
210 # uncompressed point format. Exclude this extension type from the test.
211 # Also exclude QUIC transport parameters.
212 Test(
213 "test-tls13-large-number-of-extensions.py",
214 tls13_args = ["--exc", "11", "--exc", "57"],
215 ),
216])
217
218tls13_extra_cert_tests = TestGroup("TLSv1.3 certificate tests", [
219 # need to set up client certs to run these
220 Test("test-tls13-certificate-request.py"),
221 Test("test-tls13-certificate-verify.py"),
222 Test("test-tls13-ecdsa-in-certificate-verify.py"),
223 Test("test-tls13-eddsa-in-certificate-verify.py"),
224
225 # Test expects the server to have installed three certificates:
226 # with P-256, P-384 and P-521 curve. Also SHA1+ECDSA is verified
227 # to not work.
228 Test("test-tls13-ecdsa-support.py"),
229])
230
231tls13_failing_tests = TestGroup("failing TLSv1.3 tests", [
232 # Some tests fail because we fail later than the scripts expect us to.
233 # With X25519, we accept weak peer public keys and fail when we actually
234 # compute the keyshare. Other tests seem to indicate that we could be
235 # stricter about what keyshares we accept.
236 Test("test-tls13-crfg-curves.py", [
237 '-e', 'all zero x448 key share',
238 '-e', 'empty x448 key share',
239 '-e', 'sanity x448 with compression ansiX962_compressed_char2',
240 '-e', 'sanity x448 with compression ansiX962_compressed_prime',
241 '-e', 'sanity x448 with compression uncompressed',
242 '-e', 'too big x448 key share',
243 '-e', 'too small x448 key share',
244 '-e', 'x448 key share of "1"',
245 ]),
246 Test("test-tls13-ecdhe-curves.py", [
247 '-e', 'sanity - x448',
248 '-e', 'x448 - key share from other curve',
249 '-e', 'x448 - point at infinity',
250 '-e', 'x448 - right 0-padded key_share',
251 '-e', 'x448 - right-truncated key_share',
252 ]),
253
254 # The test sends records with protocol version 0x0300 instead of 0x0303
255 # and currently fails with OpenSSL and LibreSSL for this reason.
256 # We have the logic corresponding to NSS's fix for CVE-2020-25648
257 # https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361
258 # so should not be affected by this issue.
259 Test("test-tls13-multiple-ccs-messages.py"),
260
261 # https://github.com/openssl/openssl/issues/8369
262 Test("test-tls13-obsolete-curves.py"),
263
264 # 3 failing rsa_pss_pss tests
265 Test("test-tls13-rsa-signatures.py"),
266
267 # The failing tests all expect an ri extension. What's up with that?
268 Test("test-tls13-version-negotiation.py"),
269])
270
271tls13_slow_failing_tests = TestGroup("slow, failing TLSv1.3 tests", [
272 # Other test failures bugs in keyshare/tlsext negotiation?
273 Test("test-tls13-unrecognised-groups.py"), # unexpected closure
274
275 # 5 occasional failures:
276 # 'app data split, conversation with KeyUpdate msg'
277 # 'fragmented keyupdate msg'
278 # 'multiple KeyUpdate messages'
279 # 'post-handshake KeyUpdate msg with update_not_request'
280 # 'post-handshake KeyUpdate msg with update_request'
281 Test("test-tls13-keyupdate.py"),
282
283 Test("test-tls13-symetric-ciphers.py"), # unexpected message from peer
284
285 # 6 tests fail: 'rsa_pkcs1_{md5,sha{1,224,256,384,512}} signature'
286 # We send server hello, but the test expects handshake_failure
287 Test("test-tls13-pkcs-signature.py"),
288 # 8 tests fail: 'tls13 signature rsa_pss_{pss,rsae}_sha{256,384,512}
289 Test("test-tls13-rsapss-signatures.py"),
290])
291
292tls13_unsupported_tests = TestGroup("TLSv1.3 tests for unsupported features", [
293 # Tests for features we don't support
294 Test("test-tls13-0rtt-garbage.py"),
295 Test("test-tls13-ffdhe-groups.py"),
296 Test("test-tls13-ffdhe-sanity.py"),
297 Test("test-tls13-psk_dhe_ke.py"),
298 Test("test-tls13-psk_ke.py"),
299
300 # need server to react to HTTP GET for /keyupdate
301 Test("test-tls13-keyupdate-from-server.py"),
302
303 # needs an echo server
304 Test("test-tls13-lengths.py"),
305
306 # Weird test: tests servers that don't support 1.3
307 Test("test-tls13-non-support.py"),
308
309 # broken test script
310 # UnboundLocalError: local variable 'cert' referenced before assignment
311 Test("test-tls13-post-handshake-auth.py"),
312
313 # ExpectNewSessionTicket
314 Test("test-tls13-session-resumption.py"),
315
316 # Server must be configured to support only rsa_pss_rsae_sha512
317 Test("test-tls13-signature-algorithms.py"),
318])
319
320tls12_exclude_legacy_protocols = [
321 # all these have BIO_read timeouts against TLSv1.3
322 "-e", "Protocol (3, 0)",
323 "-e", "Protocol (3, 0) in SSLv2 compatible ClientHello",
324 # the following only fail with TLSv1.3
325 "-e", "Protocol (3, 1) in SSLv2 compatible ClientHello",
326 "-e", "Protocol (3, 2) in SSLv2 compatible ClientHello",
327 "-e", "Protocol (3, 3) in SSLv2 compatible ClientHello",
328 "-e", "Protocol (3, 1) with x448 group",
329 "-e", "Protocol (3, 2) with x448 group",
330 "-e", "Protocol (3, 3) with x448 group",
331]
332
333tls12_tests = TestGroup("TLSv1.2 tests", [
334 # Tests that pass as they are.
335 Test("test-TLSv1_2-rejected-without-TLSv1_2.py"),
336 Test("test-aes-gcm-nonces.py"),
337 Test("test-chacha20.py"),
338 Test("test-conversation.py"),
339 Test("test-cve-2016-2107.py"),
340 Test("test-cve-2016-6309.py"),
341 Test("test-dhe-rsa-key-exchange.py"),
342 Test("test-dhe-rsa-key-exchange-with-bad-messages.py"),
343 Test("test-early-application-data.py"),
344 Test("test-empty-extensions.py"),
345 Test("test-extensions.py"),
346 Test("test-fuzzed-MAC.py"),
347 Test("test-fuzzed-ciphertext.py"),
348 Test("test-fuzzed-finished.py"),
349 Test("test-fuzzed-padding.py"),
350 Test("test-fuzzed-plaintext.py"), # fails once in a while
351 Test("test-hello-request-by-client.py"),
352 Test("test-invalid-cipher-suites.py"),
353 Test("test-invalid-content-type.py"),
354 Test("test-invalid-session-id.py"),
355 Test("test-invalid-version.py"),
356 Test("test-lucky13.py"),
357 Test("test-message-skipping.py"),
358 Test("test-no-heartbeat.py"),
359 Test("test-record-layer-fragmentation.py"),
360 Test("test-sessionID-resumption.py"),
361 Test("test-sslv2-connection.py"),
362 Test("test-truncating-of-finished.py"),
363 Test("test-truncating-of-kRSA-client-key-exchange.py"),
364 Test("test-unsupported-curve-fallback.py"),
365 Test("test-version-numbers.py"),
366 Test("test-zero-length-data.py"),
367
368 # Tests that need tweaking for unsupported features and ciphers.
369 Test(
370 "test-atypical-padding.py", [
371 "-e", "sanity - encrypt then MAC",
372 "-e", "2^14 bytes of AppData with 256 bytes of padding (SHA1 + Encrypt then MAC)",
373 ]
374 ),
375 Test(
376 "test-dhe-rsa-key-exchange-signatures.py", [
377 "-e", "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA sha224 signature",
378 "-e", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 sha224 signature",
379 "-e", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA sha224 signature",
380 "-e", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 sha224 signature",
381 "-e", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA sha224 signature",
382 ]
383 ),
384 Test("test-dhe-key-share-random.py", tls12_exclude_legacy_protocols),
385 Test("test-export-ciphers-rejected.py", ["--min-ver", "TLSv1.0"]),
386 Test(
387 "test-downgrade-protection.py",
388 tls12_args = ["--server-max-protocol", "TLSv1.2"],
389 tls13_args = ["--server-max-protocol", "TLSv1.3"],
390 ),
391 Test("test-fallback-scsv.py", tls13_args = ["--tls-1.3"] ),
392
393 Test("test-invalid-compression-methods.py", [
394 "-x", "invalid compression methods",
395 "-X", substitute_alert("illegal_parameter", "decode_error"),
396 "-x", "only deflate compression method",
397 "-X", substitute_alert("illegal_parameter", "decode_error"),
398 ]),
399
400 # Skip extended_master_secret test. Since we don't support this
401 # extension, we don't notice that it was dropped.
402 Test("test-renegotiation-changed-clienthello.py", [
403 "-e", "drop extended_master_secret in renegotiation",
404 ]),
405
406 # Without --sig-algs-drop-ok, two tests fail since we do not currently
407 # implement the signature_algorithms_cert extension (although we MUST).
408 Test("test-sig-algs-renegotiation-resumption.py", ["--sig-algs-drop-ok"]),
409
410 Test("test-serverhello-random.py", args = tls12_exclude_legacy_protocols),
411])
412
413tls12_slow_tests = TestGroup("slow TLSv1.2 tests", [
414 Test("test-cve-2016-7054.py"),
415 Test("test-dhe-no-shared-secret-padding.py", tls12_exclude_legacy_protocols),
416 Test("test-ecdhe-padded-shared-secret.py", tls12_exclude_legacy_protocols),
417 Test("test-ecdhe-rsa-key-share-random.py", tls12_exclude_legacy_protocols),
418 # Start at extension number 58 to avoid QUIC transport parameters (57)
419 Test("test-large-hello.py", [ "-m", "58" ]),
420])
421
422tls12_failing_tests = TestGroup("failing TLSv1.2 tests", [
423 # no shared cipher
424 Test("test-aesccm.py"),
425 # need server to set up alpn
426 Test("test-alpn-negotiation.py"),
427 # many tests fail due to unexpected server_name extension
428 Test("test-bleichenbacher-workaround.py"),
429
430 # need client key and cert plus extra server setup
431 Test("test-certificate-malformed.py"),
432 Test("test-certificate-request.py"),
433 Test("test-certificate-verify-malformed-sig.py"),
434 Test("test-certificate-verify-malformed.py"),
435 Test("test-certificate-verify.py"),
436 Test("test-ecdsa-in-certificate-verify.py"),
437 Test("test-eddsa-in-certificate-verify.py"),
438 Test("test-renegotiation-disabled-client-cert.py"),
439 Test("test-rsa-pss-sigs-on-certificate-verify.py"),
440 Test("test-rsa-sigs-on-certificate-verify.py"),
441
442 # test doesn't expect session ticket
443 Test("test-client-compatibility.py"),
444 # abrupt closure
445 Test("test-client-hello-max-size.py"),
446 # unknown signature algorithms
447 Test("test-clienthello-md5.py"),
448
449 # Tests expect an illegal_parameter or a decode_error alert. Should be
450 # added to ssl3_get_client_key_exchange on kex function failure.
451 Test("test-ecdhe-rsa-key-exchange-with-bad-messages.py"),
452
453 # We send a handshake_failure due to no shared ciphers while the
454 # test expects to succeed.
455 Test("test-ecdhe-rsa-key-exchange.py"),
456
457 # no shared cipher
458 Test("test-ecdsa-sig-flexibility.py"),
459
460 # Tests expect SH but we send unexpected_message or handshake_failure
461 # 'Application data inside Client Hello'
462 # 'Application data inside Client Key Exchange'
463 # 'Application data inside Finished'
464 Test("test-interleaved-application-data-and-fragmented-handshakes-in-renegotiation.py"),
465 # Tests expect SH but we send handshake_failure
466 # 'Application data before Change Cipher Spec'
467 # 'Application data before Client Key Exchange'
468 # 'Application data before Finished'
469 Test("test-interleaved-application-data-in-renegotiation.py"),
470
471 # broken test script
472 # TypeError: '<' not supported between instances of 'int' and 'NoneType'
473 Test("test-invalid-client-hello-w-record-overflow.py"),
474
475 # Lots of failures. abrupt closure
476 Test("test-invalid-client-hello.py"),
477
478 # abrupt closure
479 # 'encrypted premaster set to all zero (n)' n in 256 384 512
480 Test("test-invalid-rsa-key-exchange-messages.py"),
481
482 # test expects illegal_parameter, we send unrecognized_name (which seems
483 # correct according to rfc 6066?)
484 Test("test-invalid-server-name-extension-resumption.py"),
485 # let through some server names without sending an alert
486 # again illegal_parameter vs unrecognized_name
487 Test("test-invalid-server-name-extension.py"),
488
489 # 14 pass
490 # 7 fail
491 # 'n extensions', n in 4095, 4096, 4097, 8191, 8192, 8193, 16383,
492 Test("test-large-number-of-extensions.py"),
493
494 # 4 failures:
495 # 'insecure (legacy) renegotiation with GET after 2nd handshake'
496 # 'insecure (legacy) renegotiation with incomplete GET'
497 # 'secure renegotiation with GET after 2nd handshake'
498 # 'secure renegotiation with incomplete GET'
499 Test("test-legacy-renegotiation.py"),
500
501 # 1 failure (timeout): we don't send the unexpected_message alert
502 # 'duplicate change cipher spec after Finished'
503 Test("test-message-duplication.py"),
504
505 # server should send status_request
506 Test("test-ocsp-stapling.py"),
507
508 # unexpected closure
509 Test("test-openssl-3712.py"),
510
511 # failed: 3 (expect an alert, we send AD)
512 # 'try insecure (legacy) renegotiation with incomplete GET'
513 # 'try secure renegotiation with GET after 2nd CH'
514 # 'try secure renegotiation with incomplete GET'
515 Test("test-renegotiation-disabled.py"),
516
517 # 'resumption of safe session with NULL cipher'
518 # 'resumption with cipher from old CH but not selected by server'
519 Test("test-resumption-with-wrong-ciphers.py"),
520
521 # 5 failures:
522 # 'empty sigalgs'
523 # 'only undefined sigalgs'
524 # 'rsa_pss_pss_sha256 only'
525 # 'rsa_pss_pss_sha384 only'
526 # 'rsa_pss_pss_sha512 only'
527 Test("test-sig-algs.py"),
528
529 # 13 failures:
530 # 'duplicated n non-rsa schemes' for n in 202 2342 8119 23741 32744
531 # 'empty list of signature methods'
532 # 'tolerance n RSA or ECDSA methods' for n in 215 2355 8132 23754
533 # 'tolerance 32758 methods with sig_alg_cert'
534 # 'tolerance max 32744 number of methods with sig_alg_cert'
535 # 'tolerance max (32760) number of methods'
536 Test("test-signature-algorithms.py"),
537
538 # times out
539 Test("test-ssl-death-alert.py"),
540
541 # 17 pass, 13 fail. padding and truncation
542 Test("test-truncating-of-client-hello.py"),
543
544 # x448 tests need disabling plus x25519 corner cases need sorting out
545 Test("test-x25519.py"),
546])
547
548tls12_unsupported_tests = TestGroup("TLSv1.2 for unsupported features", [
549 # protocol_version
550 Test("test-SSLv3-padding.py"),
551 # we don't do RSA key exchanges
552 Test("test-bleichenbacher-timing.py"),
553 # no encrypt-then-mac
554 Test("test-encrypt-then-mac-renegotiation.py"),
555 Test("test-encrypt-then-mac.py"),
556 # no EME support
557 Test("test-extended-master-secret-extension-with-client-cert.py"),
558 Test("test-extended-master-secret-extension.py"),
559 # no ffdhe
560 Test("test-ffdhe-expected-params.py"),
561 Test("test-ffdhe-negotiation.py"),
562 # record_size_limit/max_fragment_length extension (RFC 8449)
563 Test("test-record-size-limit.py"),
564 # expects the server to send the heartbeat extension
565 Test("test-heartbeat.py"),
566 # needs an echo server
567 Test("test-lengths.py"),
568])
569
570# These tests take a ton of time to fail against an 1.3 server,
571# so don't run them against 1.3 pending further investigation.
572legacy_tests = TestGroup("Legacy protocol tests", [
573 Test("test-sslv2-force-cipher-3des.py"),
574 Test("test-sslv2-force-cipher-non3des.py"),
575 Test("test-sslv2-force-cipher.py"),
576 Test("test-sslv2-force-export-cipher.py"),
577 Test("test-sslv2hello-protocol.py"),
578])
579
580all_groups = [
581 tls13_tests,
582 tls13_slow_tests,
583 tls13_extra_cert_tests,
584 tls13_failing_tests,
585 tls13_slow_failing_tests,
586 tls13_unsupported_tests,
587 tls12_tests,
588 tls12_slow_tests,
589 tls12_failing_tests,
590 tls12_unsupported_tests,
591 legacy_tests,
592]
593
594failing_groups = [
595 tls13_failing_tests,
596 tls13_slow_failing_tests,
597 tls12_failing_tests,
598]
599
600class TestRunner:
601 """ Runs the given tests troups against a server and displays stats. """
602
603 def __init__(
604 self, timing=False, verbose=False, host="localhost", port=4433,
605 use_tls1_3=True, dry_run=False, tests=[], scriptdir=tlsfuzzer_scriptdir,
606 ):
607 self.tests = []
608
609 self.dryrun = dry_run
610 self.use_tls1_3 = use_tls1_3
611 self.host = host
612 self.port = str(port)
613 self.scriptdir = scriptdir
614
615 self.stats = []
616 self.failed = []
617 self.missing = []
618
619 self.timing = timing
620 self.verbose = verbose
621
622 def add(self, title="tests", tests=[]):
623 # tests.sort(key=lambda test: test.name)
624 self.tests.append(TestGroup(title, tests))
625
626 def add_group(self, group):
627 self.tests.append(group)
628
629 def run_script(self, test):
630 script = test.name
631 args = ["-h"] + [self.host] + ["-p"] + [self.port] + test.args(self.use_tls1_3)
632
633 if self.dryrun:
634 if not self.verbose:
635 args = []
636 print(script , end=' ' if args else '')
637 print(' '.join([f"\"{arg}\"" for arg in args]))
638 return
639
640 if self.verbose:
641 print(script)
642 else:
643 print(f"{script[:68]:<72}", end=" ", flush=True)
644 start = timer()
645 scriptpath = os.path.join(self.scriptdir, script)
646 if not os.path.exists(scriptpath):
647 self.missing.append(script)
648 print("MISSING")
649 return
650 test = subprocess.run(
651 ["python3", scriptpath] + args,
652 capture_output=not self.verbose,
653 text=True,
654 )
655 end = timer()
656 self.stats.append((script, end - start))
657 if test.returncode == 0:
658 print("OK")
659 return
660 print("FAILED")
661 self.failed.append(script)
662
663 if self.verbose:
664 return
665
666 print('\n'.join(test.stdout.split("Test end\n", 1)[1:]), end="")
667
668 def run(self):
669 for group in self:
670 print(f"Running {group.title} ...")
671 for test in group:
672 self.run_script(test)
673 return not self.failed
674
675 def __iter__(self):
676 return iter(self.tests)
677
678 def __del__(self):
679 if self.timing and self.stats:
680 total = 0.0
681 for (script, time) in self.stats:
682 print(f"{round(time, 2):6.2f} {script}")
683 total += time
684 print(f"{round(total, 2):6.2f} total")
685
686 if self.failed:
687 print("Failed tests:")
688 print('\n'.join(self.failed))
689
690 if self.missing:
691 print("Missing tests (outdated package?):")
692 print('\n'.join(self.missing))
693
694class TlsServer:
695 """ Spawns an s_server listening on localhost:port if necessary. """
696
697 def __init__(self, host="localhost", port=4433):
698 self.spawn = True
699 # Check whether a server is already listening on localhost:port
700 self.spawn = subprocess.run(
701 ["nc", "-c", "-z", "-T", "noverify", host, str(port)],
702 stderr=subprocess.DEVNULL,
703 ).returncode != 0
704
705 if self.spawn:
706 self.server = subprocess.Popen(
707 [
708 "openssl",
709 "s_server",
710 "-accept",
711 str(port),
712 "-groups",
713 "X25519:P-256:P-521:P-384",
714 "-key",
715 "localhost.key",
716 "-cert",
717 "localhost.crt",
718 "-www",
719 ],
720 stdout=subprocess.DEVNULL,
721 stderr=subprocess.PIPE,
722 text=True,
723 )
724
725 # Check whether the server talks TLSv1.3
726 self.has_tls1_3 = True or subprocess.run(
727 [
728 "nc",
729 "-c",
730 "-z",
731 "-T",
732 "noverify",
733 "-T",
734 "protocols=TLSv1.3",
735 "localhost",
736 str(port),
737 ],
738 stderr=subprocess.DEVNULL,
739 ).returncode == 0
740
741 self.check()
742
743 def check(self):
744 if self.spawn and self.server.poll() is not None:
745 print(self.server.stderr.read())
746 raise RuntimeError(
747 f"openssl s_server died. Return code: {self.server.returncode}."
748 )
749 if self.spawn:
750 self.server.stderr.detach()
751
752 def __del__(self):
753 if self.spawn:
754 self.server.terminate()
755
756# Extract the arguments we pass to script
757def defaultargs(script, has_tls1_3):
758 return next(
759 (test for group in all_groups for test in group if test.name == script),
760 Test()
761 ).args(has_tls1_3)
762
763def list_or_missing(missing=True):
764 tests = [test.name for group in all_groups for test in group]
765
766 if missing:
767 scripts = {
768 f for f in os.listdir(tlsfuzzer_scriptdir) if f != "__pycache__"
769 }
770 missing = scripts - set(tests)
771 if missing:
772 print('\n'.join(sorted(missing)))
773 exit(0)
774
775 tests.sort()
776 print('\n'.join(tests))
777 exit(0)
778
779def usage():
780 print("Usage: python3 tlsfuzzer.py [-flmnstv] [-p port] [script [test...]]")
781 print(" --help help")
782 print(" -f run failing tests")
783 print(" -l list tests")
784 print(" -m list new tests after package update")
785 print(" -n do not run tests, but list the ones that would be run")
786 print(" -p port connect to this port - defaults to 4433")
787 print(" -s run slow tests")
788 print(" -t show timing stats at end")
789 print(" -v verbose output")
790 exit(0)
791
792def main():
793 failing = False
794 list = False
795 missing = False
796 dryrun = False
797 host = "localhost"
798 port = 4433
799 slow = False
800 timing = False
801 verbose = False
802
803 argv = sys.argv[1:]
804 opts, args = getopt.getopt(argv, "fh:lmnp:stv", ["help"])
805 for opt, arg in opts:
806 if opt == '--help':
807 usage()
808 elif opt == '-f':
809 failing = True
810 elif opt == '-h':
811 host = arg
812 elif opt == '-l':
813 list = True
814 elif opt == '-m':
815 missing = True
816 elif opt == '-n':
817 dryrun = True
818 elif opt == '-p':
819 port = int(arg)
820 elif opt == '-s':
821 slow = True
822 elif opt == '-t':
823 timing = True
824 elif opt == '-v':
825 verbose = True
826 else:
827 raise ValueError(f"Unknown option: {opt}")
828
829 if not os.path.exists(tlsfuzzer_scriptdir):
830 print("package py3-tlsfuzzer is required for this regress")
831 exit(1)
832
833 if list and failing:
834 failing = [test.name for group in failing_groups for test in group]
835 failing.sort()
836 print('\n'.join(failing))
837 exit(0)
838
839 if list or missing:
840 list_or_missing(missing)
841
842 tls_server = TlsServer(host, port)
843
844 tests = TestRunner(timing, verbose, host, port, tls_server.has_tls1_3, dryrun)
845
846 if args:
847 (dir, script) = os.path.split(args[0])
848 if dir and not dir == '.':
849 tests.scriptdir = dir
850
851 testargs = defaultargs(script, tls_server.has_tls1_3)
852
853 tests.verbose = True
854 tests.add("test from command line", [Test(script, testargs + args[1:])])
855
856 exit(not tests.run())
857
858 if failing:
859 if tls_server.has_tls1_3:
860 tests.add_group(tls13_failing_tests)
861 if slow:
862 tests.add_group(tls13_slow_failing_tests)
863 tests.add_group(tls12_failing_tests)
864
865 if tls_server.has_tls1_3:
866 tests.add_group(tls13_tests)
867 if slow:
868 tests.add_group(tls13_slow_tests)
869 else:
870 tests.add_group(legacy_tests)
871
872 tests.add_group(tls12_tests)
873 if slow:
874 tests.add_group(tls12_slow_tests)
875
876 success = tests.run()
877 del tests
878
879 if not success:
880 print("FAILED")
881 exit(1)
882
883if __name__ == "__main__":
884 main()
diff --git a/src/regress/lib/libssl/tlslegacy/Makefile b/src/regress/lib/libssl/tlslegacy/Makefile
deleted file mode 100644
index c39981f0b8..0000000000
--- a/src/regress/lib/libssl/tlslegacy/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
1# $OpenBSD: Makefile,v 1.1 2020/10/07 07:52:17 jsing Exp $
2
3PROG= tlslegacytest
4LDADD= -lssl -lcrypto
5DPADD= ${LIBSSL} ${LIBCRYPTO}
6WARNINGS= Yes
7CFLAGS+= -DLIBRESSL_INTERNAL -Werror
8
9.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/tlslegacy/tlslegacytest.c b/src/regress/lib/libssl/tlslegacy/tlslegacytest.c
deleted file mode 100644
index 59429d716a..0000000000
--- a/src/regress/lib/libssl/tlslegacy/tlslegacytest.c
+++ /dev/null
@@ -1,625 +0,0 @@
1/* $OpenBSD: tlslegacytest.c,v 1.7 2022/10/02 16:39:39 jsing Exp $ */
2/*
3 * Copyright (c) 2015, 2016, 2017, 2020 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include <err.h>
21#include <stdio.h>
22#include <string.h>
23
24/* openssl.org:443 */
25static uint8_t tls12_server_response[] = {
26 0x16, 0x03, 0x03, 0x00, 0x3d, 0x02, 0x00, 0x00,
27 0x39, 0x03, 0x03, 0x62, 0x0c, 0x8a, 0x7e, 0x29,
28 0x60, 0xcb, 0x08, 0xd1, 0xb4, 0x95, 0x68, 0x76,
29 0xea, 0x4e, 0x0c, 0x94, 0xf2, 0x42, 0x3d, 0xd1,
30 0x7a, 0xc2, 0xfe, 0x6c, 0xb3, 0xe6, 0x12, 0x8a,
31 0x33, 0x02, 0x92, 0x00, 0xc0, 0x30, 0x00, 0x00,
32 0x11, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x0b,
33 0x00, 0x04, 0x03, 0x00, 0x01, 0x02, 0x00, 0x23,
34 0x00, 0x00,
35};
36
37/*
38 * outlook.office365.com:587 with starttls - this server response includes
39 * multiple handshake messages contained in a single TLS record.
40 */
41static uint8_t tls12_server_response_with_cert[] = {
42 0x16, 0x03, 0x03, 0x0f, 0x2b, 0x02, 0x00, 0x00,
43 0x4d, 0x03, 0x03, 0x5f, 0x7c, 0x69, 0x42, 0xe1,
44 0x19, 0xf0, 0x22, 0xfb, 0x71, 0x9a, 0xf1, 0x63,
45 0x34, 0xbb, 0x61, 0x46, 0xea, 0x5f, 0x0b, 0x5e,
46 0xb1, 0x4e, 0x37, 0x96, 0x67, 0xff, 0x83, 0xea,
47 0x0e, 0x16, 0x85, 0x20, 0x3a, 0x1b, 0x00, 0x00,
48 0x17, 0xe9, 0xac, 0xca, 0x19, 0x61, 0xaf, 0x70,
49 0x28, 0x3b, 0x18, 0xaa, 0x6c, 0xa0, 0x0f, 0x78,
50 0xd0, 0x83, 0xfc, 0x5d, 0x78, 0xf9, 0x6d, 0xdb,
51 0x16, 0x21, 0x15, 0xa2, 0xc0, 0x30, 0x00, 0x00,
52 0x05, 0xff, 0x01, 0x00, 0x01, 0x00, 0x0b, 0x00,
53 0x0d, 0x47, 0x00, 0x0d, 0x44, 0x00, 0x08, 0xaf,
54 0x30, 0x82, 0x08, 0xab, 0x30, 0x82, 0x07, 0x93,
55 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0c, 0x6d,
56 0xea, 0x0b, 0xe1, 0x97, 0x27, 0x60, 0xa1, 0x59,
57 0xb1, 0x85, 0x60, 0x30, 0x0d, 0x06, 0x09, 0x2a,
58 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
59 0x05, 0x00, 0x30, 0x66, 0x31, 0x0b, 0x30, 0x09,
60 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x42,
61 0x45, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,
62 0x04, 0x0a, 0x13, 0x10, 0x47, 0x6c, 0x6f, 0x62,
63 0x61, 0x6c, 0x53, 0x69, 0x67, 0x6e, 0x20, 0x6e,
64 0x76, 0x2d, 0x73, 0x61, 0x31, 0x3c, 0x30, 0x3a,
65 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x33, 0x47,
66 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x53, 0x69, 0x67,
67 0x6e, 0x20, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69,
68 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x56,
69 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f,
70 0x6e, 0x20, 0x43, 0x41, 0x20, 0x2d, 0x20, 0x53,
71 0x48, 0x41, 0x32, 0x35, 0x36, 0x20, 0x2d, 0x20,
72 0x47, 0x33, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x30,
73 0x30, 0x38, 0x31, 0x33, 0x32, 0x33, 0x31, 0x38,
74 0x34, 0x39, 0x5a, 0x17, 0x0d, 0x32, 0x32, 0x30,
75 0x38, 0x31, 0x34, 0x32, 0x33, 0x31, 0x38, 0x34,
76 0x39, 0x5a, 0x30, 0x6a, 0x31, 0x0b, 0x30, 0x09,
77 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
78 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
79 0x04, 0x08, 0x13, 0x0a, 0x57, 0x61, 0x73, 0x68,
80 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10,
81 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13,
82 0x07, 0x52, 0x65, 0x64, 0x6d, 0x6f, 0x6e, 0x64,
83 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04,
84 0x0a, 0x13, 0x15, 0x4d, 0x69, 0x63, 0x72, 0x6f,
85 0x73, 0x6f, 0x66, 0x74, 0x20, 0x43, 0x6f, 0x72,
86 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
87 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04,
88 0x03, 0x13, 0x0b, 0x6f, 0x75, 0x74, 0x6c, 0x6f,
89 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82,
90 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
91 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
92 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82,
93 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc9,
94 0x20, 0x3f, 0x57, 0xb9, 0xf9, 0x71, 0xaa, 0x3c,
95 0x6a, 0x0a, 0x5d, 0x3f, 0xc9, 0x8d, 0x99, 0xa5,
96 0x50, 0x26, 0x25, 0x4e, 0xdc, 0x69, 0x52, 0xb3,
97 0x33, 0x70, 0xe7, 0x72, 0xa2, 0x83, 0x92, 0x54,
98 0xd1, 0xd4, 0x86, 0x15, 0xf2, 0xc4, 0x65, 0xf8,
99 0xbc, 0xe5, 0xd2, 0x1e, 0x12, 0x25, 0x9e, 0x75,
100 0x8e, 0x77, 0xd2, 0x8e, 0x94, 0xca, 0x03, 0x4b,
101 0xf4, 0xc8, 0xca, 0xe3, 0xe3, 0x9b, 0x66, 0xa3,
102 0xa1, 0x37, 0x74, 0xcc, 0xfe, 0xc4, 0x1e, 0x64,
103 0xdc, 0xe3, 0x18, 0xba, 0xc1, 0x7b, 0x39, 0x5b,
104 0xb1, 0x47, 0xe9, 0x11, 0x92, 0xef, 0xee, 0xe6,
105 0x08, 0xcd, 0x93, 0x7b, 0x09, 0xc7, 0x39, 0xfe,
106 0xe5, 0xe2, 0x47, 0x3f, 0x68, 0x78, 0xa4, 0x17,
107 0x78, 0x13, 0xcb, 0x12, 0x38, 0x9d, 0x89, 0x2b,
108 0x1f, 0x75, 0x9b, 0x87, 0x5d, 0x53, 0xfc, 0xb0,
109 0x2a, 0xaf, 0x2d, 0x86, 0x8a, 0x76, 0x3b, 0xce,
110 0x5e, 0xae, 0x43, 0x74, 0x68, 0xc3, 0x28, 0xbf,
111 0x10, 0x2f, 0xdd, 0xd9, 0x43, 0x4b, 0x2d, 0xa6,
112 0xdc, 0x1f, 0x6d, 0x90, 0xd0, 0xce, 0x14, 0x1e,
113 0x6c, 0xdc, 0x7b, 0x06, 0xe4, 0x7b, 0xa9, 0x81,
114 0x40, 0xed, 0xde, 0x18, 0xb7, 0xdf, 0x53, 0x61,
115 0xbc, 0x18, 0x83, 0x11, 0xc7, 0xb4, 0x1b, 0x99,
116 0xef, 0x14, 0xe4, 0x63, 0x39, 0xe3, 0x5c, 0x2f,
117 0xe7, 0x89, 0x58, 0x5b, 0xda, 0x03, 0x3a, 0x39,
118 0x96, 0x8a, 0xca, 0x4f, 0xd8, 0xe3, 0x6c, 0x7f,
119 0x6e, 0xd3, 0xe7, 0x30, 0x34, 0x9c, 0xdb, 0x8b,
120 0xe8, 0x6a, 0xa6, 0x08, 0x77, 0x1d, 0x63, 0xd6,
121 0x57, 0x9d, 0xcd, 0xa7, 0x47, 0x05, 0x39, 0x96,
122 0x7b, 0xfd, 0x9a, 0x09, 0x99, 0xef, 0x49, 0xb1,
123 0x89, 0x02, 0xbe, 0x4f, 0xb8, 0xef, 0xa0, 0x04,
124 0x29, 0x74, 0xfb, 0x9a, 0x7e, 0x9d, 0xa8, 0x10,
125 0xfb, 0x7e, 0xb0, 0x6c, 0x60, 0x4f, 0x57, 0x02,
126 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x05, 0x53,
127 0x30, 0x82, 0x05, 0x4f, 0x30, 0x0e, 0x06, 0x03,
128 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04,
129 0x03, 0x02, 0x05, 0xa0, 0x30, 0x81, 0x9e, 0x06,
130 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01,
131 0x01, 0x04, 0x81, 0x91, 0x30, 0x81, 0x8e, 0x30,
132 0x4b, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
133 0x07, 0x30, 0x02, 0x86, 0x3f, 0x68, 0x74, 0x74,
134 0x70, 0x3a, 0x2f, 0x2f, 0x73, 0x65, 0x63, 0x75,
135 0x72, 0x65, 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61,
136 0x6c, 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f,
137 0x6d, 0x2f, 0x63, 0x61, 0x63, 0x65, 0x72, 0x74,
138 0x2f, 0x67, 0x73, 0x6f, 0x72, 0x67, 0x61, 0x6e,
139 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x76,
140 0x61, 0x6c, 0x73, 0x68, 0x61, 0x32, 0x67, 0x33,
141 0x2e, 0x63, 0x72, 0x74, 0x30, 0x3f, 0x06, 0x08,
142 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01,
143 0x86, 0x33, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
144 0x2f, 0x6f, 0x63, 0x73, 0x70, 0x32, 0x2e, 0x67,
145 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x73, 0x69, 0x67,
146 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x73,
147 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61,
148 0x74, 0x69, 0x6f, 0x6e, 0x76, 0x61, 0x6c, 0x73,
149 0x68, 0x61, 0x32, 0x67, 0x33, 0x30, 0x56, 0x06,
150 0x03, 0x55, 0x1d, 0x20, 0x04, 0x4f, 0x30, 0x4d,
151 0x30, 0x41, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x04,
152 0x01, 0xa0, 0x32, 0x01, 0x14, 0x30, 0x34, 0x30,
153 0x32, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
154 0x07, 0x02, 0x01, 0x16, 0x26, 0x68, 0x74, 0x74,
155 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77,
156 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x73,
157 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
158 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x6f,
159 0x72, 0x79, 0x2f, 0x30, 0x08, 0x06, 0x06, 0x67,
160 0x81, 0x0c, 0x01, 0x02, 0x02, 0x30, 0x09, 0x06,
161 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00,
162 0x30, 0x46, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04,
163 0x3f, 0x30, 0x3d, 0x30, 0x3b, 0xa0, 0x39, 0xa0,
164 0x37, 0x86, 0x35, 0x68, 0x74, 0x74, 0x70, 0x3a,
165 0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x67, 0x6c,
166 0x6f, 0x62, 0x61, 0x6c, 0x73, 0x69, 0x67, 0x6e,
167 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x73, 0x6f,
168 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74,
169 0x69, 0x6f, 0x6e, 0x76, 0x61, 0x6c, 0x73, 0x68,
170 0x61, 0x32, 0x67, 0x33, 0x2e, 0x63, 0x72, 0x6c,
171 0x30, 0x82, 0x02, 0x10, 0x06, 0x03, 0x55, 0x1d,
172 0x11, 0x04, 0x82, 0x02, 0x07, 0x30, 0x82, 0x02,
173 0x03, 0x82, 0x0b, 0x6f, 0x75, 0x74, 0x6c, 0x6f,
174 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x16,
175 0x2a, 0x2e, 0x63, 0x6c, 0x6f, 0x2e, 0x66, 0x6f,
176 0x6f, 0x74, 0x70, 0x72, 0x69, 0x6e, 0x74, 0x64,
177 0x6e, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x0d,
178 0x2a, 0x2e, 0x68, 0x6f, 0x74, 0x6d, 0x61, 0x69,
179 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x16, 0x2a,
180 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61,
181 0x6c, 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f,
182 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x0a, 0x2a,
183 0x2e, 0x6c, 0x69, 0x76, 0x65, 0x2e, 0x63, 0x6f,
184 0x6d, 0x82, 0x16, 0x2a, 0x2e, 0x6e, 0x72, 0x62,
185 0x2e, 0x66, 0x6f, 0x6f, 0x74, 0x70, 0x72, 0x69,
186 0x6e, 0x74, 0x64, 0x6e, 0x73, 0x2e, 0x63, 0x6f,
187 0x6d, 0x82, 0x0c, 0x2a, 0x2e, 0x6f, 0x66, 0x66,
188 0x69, 0x63, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x82,
189 0x0f, 0x2a, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63,
190 0x65, 0x33, 0x36, 0x35, 0x2e, 0x63, 0x6f, 0x6d,
191 0x82, 0x0d, 0x2a, 0x2e, 0x6f, 0x75, 0x74, 0x6c,
192 0x6f, 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x82,
193 0x17, 0x2a, 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f,
194 0x6f, 0x6b, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63,
195 0x65, 0x33, 0x36, 0x35, 0x2e, 0x63, 0x6f, 0x6d,
196 0x82, 0x1b, 0x61, 0x74, 0x74, 0x61, 0x63, 0x68,
197 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x6f, 0x75, 0x74,
198 0x6c, 0x6f, 0x6f, 0x6b, 0x2e, 0x6c, 0x69, 0x76,
199 0x65, 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x1d, 0x61,
200 0x74, 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65, 0x6e,
201 0x74, 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f,
202 0x6b, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65,
203 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x20, 0x61, 0x74,
204 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65, 0x6e, 0x74,
205 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f, 0x6b,
206 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, 0x70,
207 0x70, 0x65, 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x16,
208 0x61, 0x74, 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65,
209 0x6e, 0x74, 0x73, 0x2e, 0x6f, 0x66, 0x66, 0x69,
210 0x63, 0x65, 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x1a,
211 0x61, 0x74, 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65,
212 0x6e, 0x74, 0x73, 0x2d, 0x73, 0x64, 0x66, 0x2e,
213 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, 0x2e, 0x6e,
214 0x65, 0x74, 0x82, 0x1d, 0x63, 0x63, 0x73, 0x2e,
215 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x2e, 0x6d, 0x69,
216 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x6f,
217 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x2e, 0x63, 0x6f,
218 0x6d, 0x82, 0x21, 0x63, 0x63, 0x73, 0x2d, 0x73,
219 0x64, 0x66, 0x2e, 0x6c, 0x6f, 0x67, 0x69, 0x6e,
220 0x2e, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f,
221 0x66, 0x74, 0x6f, 0x6e, 0x6c, 0x69, 0x6e, 0x65,
222 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x0b, 0x68, 0x6f,
223 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f,
224 0x6d, 0x82, 0x16, 0x6d, 0x61, 0x69, 0x6c, 0x2e,
225 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73,
226 0x2e, 0x6c, 0x69, 0x76, 0x65, 0x2e, 0x63, 0x6f,
227 0x6d, 0x82, 0x0d, 0x6f, 0x66, 0x66, 0x69, 0x63,
228 0x65, 0x33, 0x36, 0x35, 0x2e, 0x63, 0x6f, 0x6d,
229 0x82, 0x12, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f,
230 0x6b, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65,
231 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x14, 0x73, 0x75,
232 0x62, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x2e,
233 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, 0x2e, 0x63,
234 0x6f, 0x6d, 0x82, 0x18, 0x73, 0x75, 0x62, 0x73,
235 0x74, 0x72, 0x61, 0x74, 0x65, 0x2d, 0x73, 0x64,
236 0x66, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65,
237 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1d, 0x06, 0x03,
238 0x55, 0x1d, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06,
239 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03,
240 0x01, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
241 0x07, 0x03, 0x02, 0x30, 0x1f, 0x06, 0x03, 0x55,
242 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
243 0x68, 0x86, 0xb8, 0x7d, 0x7a, 0xd9, 0x6d, 0x49,
244 0x6b, 0x87, 0x2f, 0x18, 0x8b, 0x15, 0x34, 0x6c,
245 0xd7, 0xb4, 0x7a, 0x0e, 0x30, 0x1d, 0x06, 0x03,
246 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x8a,
247 0x7c, 0x73, 0x44, 0x70, 0xa8, 0x4d, 0x83, 0x25,
248 0x6f, 0xa6, 0x53, 0xda, 0x42, 0x52, 0x96, 0xc9,
249 0x15, 0x71, 0x21, 0x30, 0x82, 0x01, 0x7c, 0x06,
250 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79,
251 0x02, 0x04, 0x02, 0x04, 0x82, 0x01, 0x6c, 0x04,
252 0x82, 0x01, 0x68, 0x01, 0x66, 0x00, 0x76, 0x00,
253 0x22, 0x45, 0x45, 0x07, 0x59, 0x55, 0x24, 0x56,
254 0x96, 0x3f, 0xa1, 0x2f, 0xf1, 0xf7, 0x6d, 0x86,
255 0xe0, 0x23, 0x26, 0x63, 0xad, 0xc0, 0x4b, 0x7f,
256 0x5d, 0xc6, 0x83, 0x5c, 0x6e, 0xe2, 0x0f, 0x02,
257 0x00, 0x00, 0x01, 0x73, 0xea, 0x1e, 0x7d, 0x2f,
258 0x00, 0x00, 0x04, 0x03, 0x00, 0x47, 0x30, 0x45,
259 0x02, 0x21, 0x00, 0xf4, 0x50, 0x8f, 0xe7, 0x38,
260 0xc9, 0x7a, 0xd1, 0xf7, 0xf7, 0x69, 0xc5, 0x05,
261 0xea, 0x8e, 0x03, 0x80, 0x2c, 0x87, 0x06, 0x03,
262 0xb6, 0x9b, 0xe6, 0xa5, 0x83, 0x2f, 0xb9, 0xaf,
263 0x7b, 0xb4, 0xac, 0x02, 0x20, 0x51, 0xa6, 0x8f,
264 0xe8, 0xe5, 0x6c, 0xa7, 0xff, 0x16, 0x01, 0x7e,
265 0x15, 0x42, 0x11, 0x31, 0xdc, 0xdc, 0xc7, 0x37,
266 0x7c, 0x64, 0x2c, 0xac, 0xdd, 0x42, 0xbb, 0x3c,
267 0x79, 0x31, 0x74, 0xcc, 0x9d, 0x00, 0x75, 0x00,
268 0x29, 0x79, 0xbe, 0xf0, 0x9e, 0x39, 0x39, 0x21,
269 0xf0, 0x56, 0x73, 0x9f, 0x63, 0xa5, 0x77, 0xe5,
270 0xbe, 0x57, 0x7d, 0x9c, 0x60, 0x0a, 0xf8, 0xf9,
271 0x4d, 0x5d, 0x26, 0x5c, 0x25, 0x5d, 0xc7, 0x84,
272 0x00, 0x00, 0x01, 0x73, 0xea, 0x1e, 0x7a, 0xa7,
273 0x00, 0x00, 0x04, 0x03, 0x00, 0x46, 0x30, 0x44,
274 0x02, 0x20, 0x03, 0xf1, 0x19, 0xd7, 0x0f, 0x2f,
275 0xc4, 0xa9, 0x84, 0xa0, 0x33, 0xd4, 0x76, 0xa6,
276 0xee, 0xf1, 0xae, 0xe0, 0x03, 0xe7, 0xae, 0x98,
277 0x43, 0x17, 0xb0, 0x0f, 0xfb, 0x12, 0xbb, 0x13,
278 0xda, 0x34, 0x02, 0x20, 0x10, 0xe6, 0xa9, 0x1d,
279 0x8b, 0x1c, 0x64, 0xd4, 0xc9, 0xf7, 0xc0, 0x3d,
280 0x3c, 0x77, 0x49, 0xb1, 0x08, 0x3d, 0x1d, 0x5e,
281 0x34, 0xf9, 0xd9, 0x10, 0x7c, 0x74, 0x6b, 0x18,
282 0xc6, 0x5e, 0x6d, 0x07, 0x00, 0x75, 0x00, 0x55,
283 0x81, 0xd4, 0xc2, 0x16, 0x90, 0x36, 0x01, 0x4a,
284 0xea, 0x0b, 0x9b, 0x57, 0x3c, 0x53, 0xf0, 0xc0,
285 0xe4, 0x38, 0x78, 0x70, 0x25, 0x08, 0x17, 0x2f,
286 0xa3, 0xaa, 0x1d, 0x07, 0x13, 0xd3, 0x0c, 0x00,
287 0x00, 0x01, 0x73, 0xea, 0x1e, 0x7d, 0xae, 0x00,
288 0x00, 0x04, 0x03, 0x00, 0x46, 0x30, 0x44, 0x02,
289 0x20, 0x26, 0x21, 0x64, 0xdb, 0xa6, 0xe2, 0x3d,
290 0x32, 0x7d, 0x9f, 0xa8, 0xae, 0xb7, 0x29, 0xb7,
291 0x42, 0x9b, 0x49, 0xaa, 0xf5, 0xa5, 0xc0, 0x12,
292 0x01, 0xa1, 0xb6, 0xe7, 0xf2, 0x01, 0xd4, 0x2f,
293 0x45, 0x02, 0x20, 0x4e, 0x19, 0xba, 0x47, 0x75,
294 0x8b, 0x49, 0xd7, 0x4b, 0xba, 0x04, 0x62, 0xdd,
295 0xa2, 0xb7, 0x6b, 0x05, 0xd0, 0x01, 0x1f, 0x7c,
296 0x36, 0x17, 0x27, 0x29, 0xb2, 0x17, 0x1c, 0x7f,
297 0x10, 0x81, 0x8a, 0x30, 0x0d, 0x06, 0x09, 0x2a,
298 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
299 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x26,
300 0xf4, 0xa3, 0x77, 0x1d, 0xdc, 0x9e, 0xc4, 0x1a,
301 0x88, 0x23, 0x30, 0x8c, 0xe1, 0x14, 0xf9, 0x62,
302 0x0e, 0xbf, 0xad, 0x24, 0xc9, 0xab, 0xab, 0xd0,
303 0x68, 0x8b, 0xbc, 0xf1, 0xec, 0x1c, 0xd0, 0x96,
304 0xad, 0xf9, 0x5f, 0xdd, 0xe0, 0xee, 0xa8, 0xe0,
305 0x2c, 0x3a, 0x19, 0xa5, 0x68, 0x0c, 0x6e, 0xfe,
306 0xe6, 0x80, 0xce, 0xa3, 0x3b, 0x6c, 0x00, 0x88,
307 0x5c, 0xbf, 0x3c, 0xd8, 0x68, 0x08, 0x36, 0xb9,
308 0x9e, 0x84, 0x9b, 0x5f, 0x97, 0xfb, 0x77, 0xea,
309 0x72, 0xfb, 0x73, 0x47, 0x00, 0xb0, 0xa8, 0x7c,
310 0x64, 0x38, 0xf1, 0xcc, 0xc0, 0x29, 0x71, 0x67,
311 0x65, 0x76, 0x4c, 0x80, 0x58, 0x97, 0xc8, 0x62,
312 0x63, 0x3e, 0xf1, 0x3e, 0xc0, 0x0e, 0x48, 0x5f,
313 0x55, 0x21, 0x8f, 0x96, 0x68, 0xbd, 0x41, 0x14,
314 0x7a, 0x0b, 0x8c, 0x31, 0x5b, 0x39, 0xac, 0xa3,
315 0xa0, 0x99, 0x58, 0x24, 0xfa, 0xd9, 0x19, 0x32,
316 0x1c, 0x9f, 0x2d, 0xa9, 0xed, 0xb9, 0x97, 0xa4,
317 0x66, 0x30, 0x29, 0xd8, 0x82, 0xa2, 0xf5, 0xfc,
318 0x6d, 0x10, 0xf1, 0xac, 0x1d, 0x3f, 0xfb, 0xde,
319 0xa1, 0x0e, 0xb6, 0x84, 0x90, 0xd4, 0x55, 0x5c,
320 0x21, 0x1b, 0x1f, 0x21, 0x45, 0x92, 0xc5, 0x9a,
321 0x47, 0x05, 0x0f, 0xb8, 0x1c, 0x78, 0x6e, 0xb9,
322 0x6b, 0xa3, 0xa9, 0x8d, 0xb1, 0x59, 0xff, 0xf4,
323 0xe6, 0x71, 0x77, 0x38, 0x12, 0xfe, 0x41, 0x8f,
324 0x04, 0x92, 0x08, 0x3f, 0x32, 0x2a, 0x92, 0x5e,
325 0x0a, 0x7b, 0x7e, 0x04, 0xee, 0x24, 0x10, 0x39,
326 0xf3, 0xac, 0x5e, 0x04, 0x93, 0x91, 0xa2, 0x8f,
327 0x90, 0x04, 0x33, 0x5c, 0x5c, 0x94, 0xb3, 0x80,
328 0x2b, 0x43, 0xbf, 0xe3, 0x74, 0x64, 0x20, 0xf4,
329 0x00, 0xb2, 0x6c, 0x7b, 0xa8, 0x77, 0xfb, 0x74,
330 0x35, 0xce, 0xdd, 0xb6, 0x5f, 0x83, 0x18, 0xc4,
331 0xe7, 0x31, 0x1a, 0x8d, 0x30, 0x0d, 0xc4, 0x00,
332 0x04, 0x8f, 0x30, 0x82, 0x04, 0x8b, 0x30, 0x82,
333 0x03, 0x73, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02,
334 0x0e, 0x47, 0x07, 0xb1, 0x01, 0x9a, 0x0c, 0x57,
335 0xad, 0x39, 0xb3, 0xe1, 0x7d, 0xa9, 0xf9, 0x30,
336 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
337 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x57,
338 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
339 0x06, 0x13, 0x02, 0x42, 0x45, 0x31, 0x19, 0x30,
340 0x17, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x10,
341 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x53, 0x69,
342 0x67, 0x6e, 0x20, 0x6e, 0x76, 0x2d, 0x73, 0x61,
343 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04,
344 0x0b, 0x13, 0x07, 0x52, 0x6f, 0x6f, 0x74, 0x20,
345 0x43, 0x41, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03,
346 0x55, 0x04, 0x03, 0x13, 0x12, 0x47, 0x6c, 0x6f,
347 0x62, 0x61, 0x6c, 0x53, 0x69, 0x67, 0x6e, 0x20,
348 0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x30,
349 0x1e, 0x17, 0x0d, 0x31, 0x35, 0x30, 0x39, 0x30,
350 0x34, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a,
351 0x17, 0x0d, 0x32, 0x35, 0x30, 0x39, 0x30, 0x34,
352 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30,
353 0x66, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
354 0x04, 0x06, 0x13, 0x02, 0x42, 0x45, 0x31, 0x19,
355 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13,
356 0x10, 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x53,
357 0x69, 0x67, 0x6e, 0x20, 0x6e, 0x76, 0x2d, 0x73,
358 0x61, 0x31, 0x3c, 0x30, 0x3a, 0x06, 0x03, 0x55,
359 0x04, 0x03, 0x13, 0x33, 0x47, 0x6c, 0x6f, 0x62,
360 0x61, 0x6c, 0x53, 0x69, 0x67, 0x6e, 0x20, 0x4f,
361 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74,
362 0x69, 0x6f, 0x6e, 0x20, 0x56, 0x61, 0x6c, 0x69,
363 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x43,
364 0x41, 0x20, 0x2d, 0x20, 0x53, 0x48, 0x41, 0x32,
365 0x35, 0x36, 0x20, 0x2d, 0x20, 0x47, 0x33, 0x30,
366 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a,
367 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
368 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30,
369 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00,
370 0xc9, 0x86, 0xa2, 0x05, 0x3e, 0xec, 0x77, 0x4d,
371 0x79, 0x42, 0x81, 0xf2, 0xc5, 0x46, 0xa9, 0xc2,
372 0x9b, 0xf9, 0x57, 0xa9, 0x48, 0xdd, 0x3c, 0x3b,
373 0xe2, 0x16, 0x47, 0x83, 0x15, 0x0c, 0x36, 0x88,
374 0x61, 0xb3, 0xc8, 0xb9, 0xd5, 0x20, 0x97, 0xb6,
375 0xfe, 0x07, 0x30, 0x01, 0x9e, 0x01, 0x3a, 0xf9,
376 0x50, 0x87, 0xa0, 0x4f, 0x60, 0xcc, 0x90, 0xf6,
377 0xdd, 0x1f, 0xa6, 0xc7, 0x55, 0x00, 0x6c, 0x54,
378 0x31, 0x5f, 0x02, 0x9a, 0xf7, 0x7f, 0x07, 0x9a,
379 0xd2, 0x22, 0x53, 0x05, 0xcd, 0x9f, 0xc7, 0xbb,
380 0x7b, 0x59, 0x3b, 0x8a, 0xb2, 0x93, 0x78, 0x0d,
381 0x43, 0x02, 0x92, 0x76, 0xa5, 0x29, 0xf8, 0x7c,
382 0x9d, 0x5c, 0x3a, 0xa2, 0xf8, 0x52, 0x72, 0x22,
383 0x45, 0x91, 0xfd, 0x90, 0x12, 0x28, 0x4d, 0x75,
384 0xe4, 0xdd, 0xaa, 0x79, 0x58, 0x68, 0x6f, 0x2a,
385 0x7e, 0x7b, 0xef, 0xd1, 0x9e, 0x7f, 0x52, 0xdc,
386 0xcb, 0x1c, 0x48, 0xe2, 0x3e, 0x4d, 0x5c, 0x47,
387 0x7a, 0xb4, 0xf1, 0xce, 0xff, 0xd9, 0x60, 0x2b,
388 0x77, 0xd1, 0x62, 0x22, 0x2d, 0xa9, 0x5a, 0x06,
389 0x16, 0xee, 0x37, 0x6a, 0x51, 0xcf, 0x8e, 0xa5,
390 0xd1, 0x6e, 0x70, 0x4a, 0xf0, 0xd8, 0x63, 0x60,
391 0x6a, 0x72, 0x55, 0xd7, 0xf1, 0x99, 0x38, 0x86,
392 0x44, 0x67, 0x18, 0xe0, 0x71, 0x8e, 0xc1, 0x40,
393 0x6d, 0x85, 0xda, 0x4b, 0xdd, 0x31, 0x73, 0xbc,
394 0x32, 0xcc, 0x6f, 0x8e, 0x7b, 0xb9, 0x8d, 0x4b,
395 0x80, 0xda, 0xb9, 0xc7, 0xc6, 0x24, 0x83, 0x5e,
396 0x32, 0xfb, 0x87, 0xe9, 0x8b, 0x61, 0x67, 0xa2,
397 0x99, 0x76, 0xdb, 0xa5, 0xaa, 0xb4, 0xe8, 0x6c,
398 0x41, 0x9f, 0x5f, 0x2a, 0xb3, 0xd5, 0x7d, 0xd7,
399 0x92, 0xc8, 0x27, 0x4b, 0xec, 0x1f, 0xda, 0x05,
400 0x6d, 0x88, 0x73, 0x8f, 0x06, 0xb2, 0x38, 0x3d,
401 0x03, 0xa2, 0xe1, 0x87, 0x86, 0x3c, 0xc6, 0xa1,
402 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x01,
403 0x44, 0x30, 0x82, 0x01, 0x40, 0x30, 0x0e, 0x06,
404 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04,
405 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x1d, 0x06,
406 0x03, 0x55, 0x1d, 0x25, 0x04, 0x16, 0x30, 0x14,
407 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
408 0x03, 0x01, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05,
409 0x05, 0x07, 0x03, 0x02, 0x30, 0x12, 0x06, 0x03,
410 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08,
411 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x00,
412 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04,
413 0x16, 0x04, 0x14, 0x68, 0x86, 0xb8, 0x7d, 0x7a,
414 0xd9, 0x6d, 0x49, 0x6b, 0x87, 0x2f, 0x18, 0x8b,
415 0x15, 0x34, 0x6c, 0xd7, 0xb4, 0x7a, 0x0e, 0x30,
416 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18,
417 0x30, 0x16, 0x80, 0x14, 0x60, 0x7b, 0x66, 0x1a,
418 0x45, 0x0d, 0x97, 0xca, 0x89, 0x50, 0x2f, 0x7d,
419 0x04, 0xcd, 0x34, 0xa8, 0xff, 0xfc, 0xfd, 0x4b,
420 0x30, 0x3d, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05,
421 0x05, 0x07, 0x01, 0x01, 0x04, 0x31, 0x30, 0x2f,
422 0x30, 0x2d, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05,
423 0x05, 0x07, 0x30, 0x01, 0x86, 0x21, 0x68, 0x74,
424 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x6f, 0x63, 0x73,
425 0x70, 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c,
426 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d,
427 0x2f, 0x72, 0x6f, 0x6f, 0x74, 0x72, 0x31, 0x30,
428 0x33, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x2c,
429 0x30, 0x2a, 0x30, 0x28, 0xa0, 0x26, 0xa0, 0x24,
430 0x86, 0x22, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
431 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x67, 0x6c, 0x6f,
432 0x62, 0x61, 0x6c, 0x73, 0x69, 0x67, 0x6e, 0x2e,
433 0x63, 0x6f, 0x6d, 0x2f, 0x72, 0x6f, 0x6f, 0x74,
434 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x47, 0x06, 0x03,
435 0x55, 0x1d, 0x20, 0x04, 0x40, 0x30, 0x3e, 0x30,
436 0x3c, 0x06, 0x04, 0x55, 0x1d, 0x20, 0x00, 0x30,
437 0x34, 0x30, 0x32, 0x06, 0x08, 0x2b, 0x06, 0x01,
438 0x05, 0x05, 0x07, 0x02, 0x01, 0x16, 0x26, 0x68,
439 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77,
440 0x77, 0x77, 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61,
441 0x6c, 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f,
442 0x6d, 0x2f, 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69,
443 0x74, 0x6f, 0x72, 0x79, 0x2f, 0x30, 0x0d, 0x06,
444 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
445 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01,
446 0x00, 0x9a, 0xb9, 0x82, 0x1c, 0xdd, 0x83, 0x83,
447 0x8b, 0x92, 0xc0, 0xc4, 0xed, 0x01, 0xad, 0x84,
448 0xfc, 0x4e, 0xee, 0x6d, 0x9c, 0x1d, 0x01, 0xfa,
449 0x52, 0x14, 0xdb, 0xd8, 0xc2, 0x10, 0x63, 0x9f,
450 0x6b, 0x39, 0x9a, 0xc7, 0x1c, 0x3c, 0xa0, 0xaa,
451 0xe3, 0x19, 0x3a, 0xfc, 0x64, 0x46, 0x2a, 0xef,
452 0x35, 0x26, 0x03, 0xf6, 0x05, 0x67, 0xfa, 0x6e,
453 0x74, 0xe1, 0x46, 0xfb, 0x40, 0xd8, 0x6f, 0xae,
454 0x2d, 0x39, 0x21, 0x74, 0x86, 0x9f, 0x00, 0x05,
455 0x1a, 0x3f, 0x2f, 0x93, 0x5b, 0xd4, 0xa4, 0x45,
456 0xbc, 0x3d, 0x0c, 0x29, 0x17, 0x5a, 0xd3, 0xfb,
457 0x68, 0xa6, 0x0f, 0xe0, 0x00, 0x68, 0x79, 0xb0,
458 0x4c, 0xb1, 0x45, 0x8b, 0xc8, 0x85, 0x8c, 0x67,
459 0x0e, 0x8c, 0x7d, 0x54, 0xf8, 0xb0, 0x75, 0xce,
460 0x0a, 0xac, 0x1d, 0xd7, 0x6b, 0x44, 0xac, 0xfe,
461 0x1b, 0xd4, 0xa6, 0x98, 0x21, 0x09, 0x3e, 0xa2,
462 0x4b, 0x33, 0xba, 0xba, 0x4b, 0x12, 0xa8, 0x6b,
463 0x57, 0x27, 0x9d, 0xfa, 0x94, 0x80, 0xb4, 0x68,
464 0x4c, 0x77, 0x60, 0xff, 0xd7, 0x29, 0x5a, 0x38,
465 0x3d, 0xce, 0x2d, 0x4b, 0x08, 0x56, 0x9f, 0x69,
466 0xcb, 0x7b, 0xd8, 0xe2, 0x36, 0xf9, 0x37, 0x69,
467 0xc5, 0xce, 0x36, 0x97, 0x1c, 0xba, 0x0d, 0x3f,
468 0x15, 0xb3, 0x65, 0xa0, 0xec, 0x74, 0x12, 0xbd,
469 0xb3, 0xad, 0xe8, 0xde, 0x9e, 0xa1, 0xec, 0xd3,
470 0xbf, 0xa9, 0xe0, 0xa5, 0x91, 0x6d, 0x83, 0x59,
471 0x12, 0x56, 0x2f, 0x13, 0xa6, 0x7e, 0x79, 0x73,
472 0xa1, 0xa3, 0x89, 0xd5, 0xe1, 0xa5, 0x8c, 0xce,
473 0x2d, 0xac, 0x8a, 0xcf, 0x62, 0x16, 0x65, 0xcd,
474 0xd9, 0xee, 0xa8, 0xb6, 0x40, 0x08, 0xb5, 0x7c,
475 0x50, 0xf9, 0x37, 0x82, 0x7a, 0xa4, 0x0b, 0x34,
476 0x66, 0xec, 0xe9, 0x97, 0x57, 0x1f, 0x8a, 0x67,
477 0x3e, 0x81, 0xbc, 0x3b, 0x35, 0xd3, 0x2a, 0x48,
478 0x0c, 0x0c, 0x00, 0x01, 0x69, 0x03, 0x00, 0x18,
479 0x61, 0x04, 0xb7, 0xa9, 0xbd, 0x74, 0x71, 0xd5,
480 0x68, 0xbf, 0xd8, 0xa6, 0x84, 0x12, 0xaf, 0x8f,
481 0xd4, 0x2c, 0xcf, 0xf9, 0x72, 0x2b, 0x8c, 0x6c,
482 0x73, 0xa3, 0x13, 0x74, 0xdb, 0x83, 0x3e, 0xa6,
483 0xf4, 0x1b, 0xee, 0xa9, 0x34, 0xe5, 0x65, 0xa7,
484 0xaf, 0xef, 0xf2, 0xac, 0xfb, 0x87, 0xb4, 0xdb,
485 0x8b, 0x05, 0x4f, 0xe8, 0x25, 0x3d, 0x32, 0x65,
486 0xda, 0x47, 0xd8, 0xd2, 0x86, 0xad, 0x9b, 0x37,
487 0xbc, 0x45, 0xef, 0xb6, 0x91, 0xa2, 0x71, 0x2f,
488 0x13, 0x68, 0xfa, 0xa7, 0x20, 0xe4, 0x8a, 0xa8,
489 0x9b, 0xbe, 0xf6, 0x7c, 0xc8, 0x16, 0xd4, 0x50,
490 0x9d, 0x63, 0xb3, 0xf4, 0x6e, 0xd3, 0x8f, 0x32,
491 0x68, 0x66, 0x04, 0x01, 0x01, 0x00, 0xaa, 0xcb,
492 0x90, 0xbd, 0x94, 0x10, 0xab, 0xfc, 0x30, 0x1d,
493 0x68, 0x1c, 0xb4, 0x21, 0xcf, 0x73, 0xa5, 0x4b,
494 0x20, 0x94, 0xde, 0x66, 0x99, 0x54, 0x3f, 0xba,
495 0x40, 0x58, 0x50, 0xe3, 0x64, 0x53, 0x90, 0x9e,
496 0xf8, 0x67, 0xcc, 0x85, 0x4a, 0xdc, 0xd8, 0xd7,
497 0xc8, 0xb5, 0xe0, 0x92, 0x02, 0x6b, 0xa8, 0x76,
498 0x67, 0xc5, 0xae, 0x12, 0x56, 0xff, 0xd1, 0xda,
499 0xc0, 0x48, 0x17, 0x99, 0xc9, 0xbe, 0x02, 0xc6,
500 0x9e, 0x5c, 0xd9, 0x44, 0x3f, 0x06, 0xbd, 0x98,
501 0xe3, 0x4d, 0x46, 0x10, 0xe8, 0x20, 0xed, 0x7b,
502 0xcd, 0x73, 0xed, 0x03, 0x6a, 0x4c, 0x49, 0xaf,
503 0xbe, 0xa3, 0xe0, 0xab, 0x9a, 0xb8, 0xf8, 0x06,
504 0x25, 0x31, 0x8d, 0x32, 0x44, 0xfd, 0xd6, 0xb0,
505 0xd4, 0x6c, 0x9a, 0x2a, 0x0f, 0xab, 0xe2, 0x13,
506 0x10, 0x6d, 0x41, 0x0b, 0x97, 0x74, 0xa0, 0x04,
507 0x16, 0x60, 0xf1, 0x8e, 0x74, 0xf3, 0x91, 0x75,
508 0x2b, 0x92, 0x2b, 0xc7, 0x5b, 0x6f, 0x1d, 0x70,
509 0xe2, 0xc6, 0x9a, 0x7d, 0x66, 0x55, 0x98, 0x01,
510 0x71, 0xb8, 0xdd, 0xf4, 0x70, 0xc9, 0x74, 0x56,
511 0xcc, 0xa5, 0x2c, 0x51, 0x70, 0x72, 0xc2, 0x44,
512 0xb9, 0x59, 0xc3, 0xc3, 0xf8, 0x29, 0x4e, 0x79,
513 0x40, 0x9b, 0x30, 0x35, 0x66, 0xb2, 0xd8, 0x7d,
514 0xfe, 0x65, 0x6b, 0xf0, 0x17, 0xa3, 0x13, 0xc7,
515 0xc7, 0xc6, 0x48, 0xb2, 0xae, 0x4f, 0x26, 0x0b,
516 0x8a, 0x40, 0xaa, 0x06, 0x65, 0x8a, 0x95, 0x00,
517 0xc4, 0xc9, 0xfd, 0x69, 0x0a, 0xa9, 0x0a, 0x18,
518 0xff, 0x95, 0x40, 0xab, 0x84, 0x75, 0xfe, 0x11,
519 0xb1, 0x6f, 0xca, 0x5e, 0xf7, 0xe4, 0x1d, 0x8d,
520 0x08, 0x1c, 0xd3, 0x95, 0xf4, 0x9b, 0x17, 0x41,
521 0xa8, 0x8f, 0x6e, 0xfa, 0x6c, 0x43, 0x60, 0x39,
522 0x0a, 0xa2, 0x7e, 0xdf, 0x3e, 0x74, 0xc2, 0xbf,
523 0xaf, 0x96, 0x96, 0xbd, 0x21, 0x4b, 0x0d, 0x00,
524 0x00, 0x1a, 0x03, 0x01, 0x02, 0x40, 0x00, 0x12,
525 0x04, 0x01, 0x05, 0x01, 0x02, 0x01, 0x04, 0x03,
526 0x05, 0x03, 0x02, 0x03, 0x02, 0x02, 0x06, 0x01,
527 0x06, 0x03, 0x00, 0x00, 0x0e, 0x00, 0x00, 0x00,
528};
529
530struct tlslegacy_client_test {
531 const unsigned char *desc;
532 unsigned char *server_response;
533 const size_t server_response_len;
534 const SSL_METHOD *(*ssl_method)(void);
535 int want_state;
536};
537
538static struct tlslegacy_client_test tlslegacy_client_tests[] = {
539 {
540 .desc = "TLSv1.2 legacy fallback",
541 .server_response = tls12_server_response,
542 .server_response_len = sizeof(tls12_server_response),
543 .ssl_method = TLS_client_method,
544 .want_state = SSL3_ST_CR_CERT_A,
545 },
546 {
547 .desc = "TLSv1.2 legacy fallback with server cert",
548 .server_response = tls12_server_response_with_cert,
549 .server_response_len = sizeof(tls12_server_response_with_cert),
550 .ssl_method = TLS_client_method,
551 .want_state = SSL3_ST_CR_KEY_EXCH_B,
552 },
553};
554
555#define N_TLSLEGACY_CLIENT_TESTS \
556 (sizeof(tlslegacy_client_tests) / sizeof(*tlslegacy_client_tests))
557
558static int
559tlslegacy_client_test(int testno, struct tlslegacy_client_test *tct)
560{
561 BIO *rbio = NULL, *wbio = NULL;
562 SSL_CTX *ssl_ctx = NULL;
563 SSL *ssl = NULL;
564 int ret = 1;
565
566 fprintf(stderr, "Test %d - %s\n", testno, tct->desc);
567
568 if ((rbio = BIO_new_mem_buf(tct->server_response,
569 tct->server_response_len)) == NULL) {
570 fprintf(stderr, "Failed to setup rbio\n");
571 goto failure;
572 }
573 if ((wbio = BIO_new(BIO_s_mem())) == NULL) {
574 fprintf(stderr, "Failed to setup wbio\n");
575 goto failure;
576 }
577
578 if ((ssl_ctx = SSL_CTX_new(tct->ssl_method())) == NULL) {
579 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
580 goto failure;
581 }
582
583 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
584 fprintf(stderr, "SSL_new() returned NULL\n");
585 goto failure;
586 }
587
588 BIO_up_ref(rbio);
589 BIO_up_ref(wbio);
590 SSL_set_bio(ssl, rbio, wbio);
591
592 if (SSL_connect(ssl) == 1) {
593 fprintf(stderr, "SSL_connect() succeeded\n");
594 goto failure;
595 }
596
597 if (SSL_state(ssl) != tct->want_state) {
598 fprintf(stderr, "FAIL: Got SSL state %x, want %x",
599 SSL_state(ssl), tct->want_state);
600 goto failure;
601 }
602
603 ret = 0;
604
605 failure:
606 SSL_CTX_free(ssl_ctx);
607 SSL_free(ssl);
608
609 BIO_free(rbio);
610 BIO_free(wbio);
611
612 return (ret);
613}
614
615int
616main(int argc, char **argv)
617{
618 int failed = 0;
619 size_t i;
620
621 for (i = 0; i < N_TLSLEGACY_CLIENT_TESTS; i++)
622 failed |= tlslegacy_client_test(i, &tlslegacy_client_tests[i]);
623
624 return (failed);
625}
diff --git a/src/regress/lib/libssl/unit/Makefile b/src/regress/lib/libssl/unit/Makefile
deleted file mode 100644
index fbd07e556b..0000000000
--- a/src/regress/lib/libssl/unit/Makefile
+++ /dev/null
@@ -1,28 +0,0 @@
1# $OpenBSD: Makefile,v 1.13 2022/07/20 14:50:31 tb Exp $
2
3TEST_CASES+= cipher_list
4TEST_CASES+= ssl_get_shared_ciphers
5TEST_CASES+= ssl_methods
6TEST_CASES+= ssl_set_alpn_protos
7TEST_CASES+= ssl_versions
8TEST_CASES+= tls_ext_alpn
9TEST_CASES+= tls_prf
10
11REGRESS_TARGETS= all_tests
12
13WARNINGS= Yes
14LDLIBS= ${SSL_INT} -lcrypto
15CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror
16CFLAGS+= -DCERTSDIR=\"${.CURDIR}/../certs\"
17CFLAGS+= -I${.CURDIR}/../../../../lib/libssl
18
19CLEANFILES+= ${TEST_CASES}
20
21all_tests: ${TEST_CASES}
22 @for test in $>; do \
23 ./$$test; \
24 done
25
26${TEST_CASES}: ${LIBSSL} ${LIBCRYPTO}
27
28.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/unit/cipher_list.c b/src/regress/lib/libssl/unit/cipher_list.c
deleted file mode 100644
index 543db41c24..0000000000
--- a/src/regress/lib/libssl/unit/cipher_list.c
+++ /dev/null
@@ -1,209 +0,0 @@
1/* $OpenBSD: cipher_list.c,v 1.12 2022/10/02 16:38:23 jsing Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19/*
20 * Test TLS ssl bytes (aka cipher suites) to cipher list and back.
21 *
22 * TLSv1.0 - RFC 2246 section 7.4.1.2 (ClientHello struct)
23 * TLSv1.1 - RFC 4346 section 7.4.1.2 (ClientHello struct)
24 * TLSv1.2 - RFC 5246 section 7.4.1.2 (ClientHello struct)
25 *
26 * In all of these standards, the relevant structures are:
27 *
28 * uint8 CipherSuite[2];
29 *
30 * struct {
31 * ...
32 * CipherSuite cipher_suites<2..2^16-2>
33 * ...
34 * } ClientHello;
35 */
36
37#include <openssl/ssl.h>
38
39#include <stdio.h>
40#include <string.h>
41
42#include "ssl_locl.h"
43
44#include "tests.h"
45
46static uint8_t cipher_bytes[] = {
47 0xcc, 0xa8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */
48 0xcc, 0xa9, /* ECDHE-RSA-CHACHA20-POLY1305 */
49 0xcc, 0xaa, /* DHE-RSA-CHACHA20-POLY1305 */
50 0x00, 0x9c, /* AES128-GCM-SHA256 */
51 0x00, 0x3d, /* AES256-SHA256 */
52};
53
54static uint16_t cipher_values[] = {
55 0xcca8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */
56 0xcca9, /* ECDHE-RSA-CHACHA20-POLY1305 */
57 0xccaa, /* DHE-RSA-CHACHA20-POLY1305 */
58 0x009c, /* AES128-GCM-SHA256 */
59 0x003d, /* AES256-SHA256 */
60};
61
62#define N_CIPHERS (sizeof(cipher_bytes) / 2)
63
64static int
65ssl_bytes_to_list_alloc(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
66{
67 SSL_CIPHER *cipher;
68 uint16_t value;
69 CBS cbs;
70 int i;
71
72 CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes));
73
74 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
75 CHECK(*ciphers != NULL);
76 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
77 for (i = 0; i < sk_SSL_CIPHER_num(*ciphers); i++) {
78 cipher = sk_SSL_CIPHER_value(*ciphers, i);
79 CHECK(cipher != NULL);
80 value = SSL_CIPHER_get_value(cipher);
81 CHECK(value == cipher_values[i]);
82 }
83
84 return 1;
85}
86
87static int
88ssl_list_to_bytes_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
89{
90 CBB cbb;
91 unsigned char *buf = NULL;
92 size_t buflen, outlen;
93 int ret = 0;
94
95 /* Space for cipher bytes, plus reneg SCSV and two spare bytes. */
96 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
97 buflen = sizeof(cipher_bytes) + 2 + 2;
98 CHECK((buf = calloc(1, buflen)) != NULL);
99
100 CHECK(CBB_init_fixed(&cbb, buf, buflen));
101 CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
102 CHECK(CBB_finish(&cbb, NULL, &outlen));
103
104 CHECK_GOTO(outlen > 0 && outlen == buflen - 2);
105 CHECK_GOTO(memcmp(buf, cipher_bytes, sizeof(cipher_bytes)) == 0);
106 CHECK_GOTO(buf[buflen - 4] == 0x00 && buf[buflen - 3] == 0xff);
107 CHECK_GOTO(buf[buflen - 2] == 0x00 && buf[buflen - 1] == 0x00);
108
109 ret = 1;
110
111err:
112 free(buf);
113 return ret;
114}
115
116static int
117ssl_list_to_bytes_no_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
118{
119 CBB cbb;
120 unsigned char *buf = NULL;
121 size_t buflen, outlen;
122 int ret = 0;
123
124 /* Space for cipher bytes and two spare bytes */
125 CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
126 buflen = sizeof(cipher_bytes) + 2;
127 CHECK((buf = calloc(1, buflen)) != NULL);
128 buf[buflen - 2] = 0xfe;
129 buf[buflen - 1] = 0xab;
130
131 /* Set renegotiate so it doesn't add SCSV */
132 s->renegotiate = 1;
133
134 CHECK(CBB_init_fixed(&cbb, buf, buflen));
135 CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
136 CHECK(CBB_finish(&cbb, NULL, &outlen));
137
138 CHECK_GOTO(outlen > 0 && outlen == buflen - 2);
139 CHECK_GOTO(memcmp(buf, cipher_bytes, sizeof(cipher_bytes)) == 0);
140 CHECK_GOTO(buf[buflen - 2] == 0xfe && buf[buflen - 1] == 0xab);
141
142 ret = 1;
143
144err:
145 free(buf);
146 return ret;
147}
148
149static int
150ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
151{
152 uint8_t empty_cipher_bytes[] = {0};
153 CBS cbs;
154
155 sk_SSL_CIPHER_free(*ciphers);
156
157 /* Invalid length: CipherSuite is 2 bytes so it must be even */
158 CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes) - 1);
159 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
160 CHECK(*ciphers == NULL);
161
162 /* Invalid length: cipher_suites must be at least 2 */
163 CBS_init(&cbs, empty_cipher_bytes, sizeof(empty_cipher_bytes));
164 *ciphers = ssl_bytes_to_cipher_list(s, &cbs);
165 CHECK(*ciphers == NULL);
166
167 return 1;
168}
169
170int
171main(void)
172{
173 STACK_OF(SSL_CIPHER) *ciphers = NULL;
174 SSL_CTX *ctx = NULL;
175 SSL *s = NULL;
176 int rv = 1;
177
178 SSL_library_init();
179
180 /* Use TLSv1.2 client to get all ciphers. */
181 CHECK_GOTO((ctx = SSL_CTX_new(TLSv1_2_client_method())) != NULL);
182 CHECK_GOTO((s = SSL_new(ctx)) != NULL);
183 SSL_set_security_level(s, 2);
184
185 if (!ssl_bytes_to_list_alloc(s, &ciphers))
186 goto err;
187 if (!ssl_list_to_bytes_scsv(s, &ciphers))
188 goto err;
189 if (!ssl_list_to_bytes_no_scsv(s, &ciphers))
190 goto err;
191 if (!ssl_bytes_to_list_invalid(s, &ciphers))
192 goto err;
193
194 SSL_set_security_level(s, 3);
195 if (ssl_list_to_bytes_scsv(s, &ciphers))
196 goto err;
197
198 rv = 0;
199
200err:
201 sk_SSL_CIPHER_free(ciphers);
202 SSL_CTX_free(ctx);
203 SSL_free(s);
204
205 if (!rv)
206 printf("PASS %s\n", __FILE__);
207
208 return rv;
209}
diff --git a/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c b/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c
deleted file mode 100644
index 33efc15f10..0000000000
--- a/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c
+++ /dev/null
@@ -1,482 +0,0 @@
1/* $OpenBSD: ssl_get_shared_ciphers.c,v 1.11 2022/02/05 18:19:39 tb Exp $ */
2/*
3 * Copyright (c) 2021 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <stdint.h>
19#include <stdio.h>
20#include <stdlib.h>
21#include <string.h>
22
23#include <openssl/bio.h>
24#include <openssl/crypto.h>
25#include <openssl/err.h>
26#include <openssl/ssl.h>
27
28struct peer_config {
29 const char *name;
30 int server;
31 uint16_t max_version;
32 uint16_t min_version;
33 const char *ciphers;
34};
35
36struct ssl_shared_ciphers_test_data {
37 const char *description;
38 struct peer_config client_config;
39 struct peer_config server_config;
40 const char *shared_ciphers;
41 const char *shared_ciphers_without_aesni;
42};
43
44char *server_cert;
45char *server_key;
46
47static const struct ssl_shared_ciphers_test_data ssl_shared_ciphers_tests[] = {
48 {
49 .description = "TLSv1.3 defaults",
50 .client_config = {
51 .name = "client",
52 .server = 0,
53 .max_version = TLS1_3_VERSION,
54 .min_version = TLS1_3_VERSION,
55 .ciphers =
56 "TLS_AES_256_GCM_SHA384:"
57 "TLS_CHACHA20_POLY1305_SHA256:"
58 "TLS_AES_128_GCM_SHA256",
59 },
60 .server_config = {
61 .name = "server",
62 .server = 1,
63 .max_version = TLS1_3_VERSION,
64 .min_version = TLS1_3_VERSION,
65 .ciphers =
66 "TLS_AES_256_GCM_SHA384:"
67 "TLS_CHACHA20_POLY1305_SHA256:"
68 "TLS_AES_128_GCM_SHA256",
69 },
70 .shared_ciphers =
71 "TLS_AES_256_GCM_SHA384:"
72 "TLS_CHACHA20_POLY1305_SHA256:"
73 "TLS_AES_128_GCM_SHA256",
74 },
75
76 {
77 .description = "TLSv1.3, client without ChaCha",
78 .client_config = {
79 .name = "client",
80 .server = 0,
81 .max_version = TLS1_3_VERSION,
82 .min_version = TLS1_3_VERSION,
83 .ciphers =
84 "TLS_AES_256_GCM_SHA384:"
85 "TLS_AES_128_GCM_SHA256",
86 },
87 .server_config = {
88 .name = "server",
89 .server = 1,
90 .max_version = TLS1_3_VERSION,
91 .min_version = TLS1_3_VERSION,
92 .ciphers =
93 "TLS_AES_256_GCM_SHA384:"
94 "TLS_CHACHA20_POLY1305_SHA256:"
95 "TLS_AES_128_GCM_SHA256",
96 },
97 .shared_ciphers =
98 "TLS_AES_256_GCM_SHA384:"
99 "TLS_AES_128_GCM_SHA256",
100 },
101
102 {
103 .description = "TLSv1.2",
104 .client_config = {
105 .name = "client",
106 .server = 0,
107 .max_version = TLS1_2_VERSION,
108 .min_version = TLS1_2_VERSION,
109 .ciphers =
110 "ECDHE-RSA-AES256-GCM-SHA384:"
111 "ECDHE-ECDSA-AES256-GCM-SHA384:"
112 "ECDHE-RSA-AES256-SHA384:"
113 "ECDHE-ECDSA-AES256-SHA384:"
114 "ECDHE-RSA-AES256-SHA:"
115 "ECDHE-ECDSA-AES256-SHA",
116 },
117 .server_config = {
118 .name = "server",
119 .server = 1,
120 .max_version = TLS1_2_VERSION,
121 .min_version = TLS1_2_VERSION,
122 .ciphers =
123 "ECDHE-RSA-AES256-GCM-SHA384:"
124 "ECDHE-ECDSA-AES256-GCM-SHA384:"
125 "ECDHE-RSA-AES256-SHA384:"
126 "ECDHE-ECDSA-AES256-SHA384:"
127 "ECDHE-RSA-AES256-SHA:"
128 "ECDHE-ECDSA-AES256-SHA",
129 },
130 .shared_ciphers =
131 "ECDHE-RSA-AES256-GCM-SHA384:"
132 "ECDHE-ECDSA-AES256-GCM-SHA384:"
133 "ECDHE-RSA-AES256-SHA384:"
134 "ECDHE-ECDSA-AES256-SHA384:"
135 "ECDHE-RSA-AES256-SHA:"
136 "ECDHE-ECDSA-AES256-SHA",
137 },
138
139 {
140 .description = "TLSv1.2, server without ECDSA",
141 .client_config = {
142 .name = "client",
143 .server = 0,
144 .max_version = TLS1_2_VERSION,
145 .min_version = TLS1_2_VERSION,
146 .ciphers =
147 "ECDHE-RSA-AES256-GCM-SHA384:"
148 "ECDHE-ECDSA-AES256-GCM-SHA384:"
149 "ECDHE-RSA-AES256-SHA384:"
150 "ECDHE-ECDSA-AES256-SHA384:"
151 "ECDHE-RSA-AES256-SHA:"
152 "ECDHE-ECDSA-AES256-SHA",
153 },
154 .server_config = {
155 .name = "server",
156 .server = 1,
157 .max_version = TLS1_2_VERSION,
158 .min_version = TLS1_2_VERSION,
159 .ciphers =
160 "ECDHE-RSA-AES256-GCM-SHA384:"
161 "ECDHE-RSA-AES256-SHA384:"
162 "ECDHE-RSA-AES256-SHA",
163 },
164 .shared_ciphers =
165 "ECDHE-RSA-AES256-GCM-SHA384:"
166 "ECDHE-RSA-AES256-SHA384:"
167 "ECDHE-RSA-AES256-SHA",
168 },
169
170 {
171 .description = "TLSv1.3 ciphers are prepended",
172 .client_config = {
173 .name = "client",
174 .server = 0,
175 .max_version = TLS1_3_VERSION,
176 .min_version = TLS1_2_VERSION,
177 .ciphers =
178 "ECDHE-RSA-AES256-GCM-SHA384",
179 },
180 .server_config = {
181 .name = "server",
182 .server = 1,
183 .max_version = TLS1_3_VERSION,
184 .min_version = TLS1_2_VERSION,
185 .ciphers =
186 "ECDHE-RSA-AES256-GCM-SHA384",
187 },
188 .shared_ciphers =
189 "TLS_AES_256_GCM_SHA384:"
190 "TLS_CHACHA20_POLY1305_SHA256:"
191 "TLS_AES_128_GCM_SHA256:"
192 "ECDHE-RSA-AES256-GCM-SHA384",
193 .shared_ciphers_without_aesni =
194 "TLS_CHACHA20_POLY1305_SHA256:"
195 "TLS_AES_256_GCM_SHA384:"
196 "TLS_AES_128_GCM_SHA256:"
197 "ECDHE-RSA-AES256-GCM-SHA384",
198 },
199};
200
201static const size_t N_SHARED_CIPHERS_TESTS =
202 sizeof(ssl_shared_ciphers_tests) / sizeof(ssl_shared_ciphers_tests[0]);
203
204static SSL_CTX *
205peer_config_to_ssl_ctx(const struct peer_config *config)
206{
207 SSL_CTX *ctx;
208
209 if ((ctx = SSL_CTX_new(TLS_method())) == NULL) {
210 fprintf(stderr, "SSL_CTX_new(%s) failed\n", config->name);
211 goto err;
212 }
213 if (!SSL_CTX_set_max_proto_version(ctx, config->max_version)) {
214 fprintf(stderr, "max_proto_version(%s) failed\n", config->name);
215 goto err;
216 }
217 if (!SSL_CTX_set_min_proto_version(ctx, config->min_version)) {
218 fprintf(stderr, "min_proto_version(%s) failed\n", config->name);
219 goto err;
220 }
221 if (!SSL_CTX_set_cipher_list(ctx, config->ciphers)) {
222 fprintf(stderr, "set_cipher_list(%s) failed\n", config->name);
223 goto err;
224 }
225
226 if (config->server) {
227 if (!SSL_CTX_use_certificate_file(ctx, server_cert,
228 SSL_FILETYPE_PEM)) {
229 fprintf(stderr, "use_certificate_file(%s) failed\n",
230 config->name);
231 goto err;
232 }
233 if (!SSL_CTX_use_PrivateKey_file(ctx, server_key,
234 SSL_FILETYPE_PEM)) {
235 fprintf(stderr, "use_PrivateKey_file(%s) failed\n",
236 config->name);
237 goto err;
238 }
239 }
240
241 return ctx;
242
243 err:
244 SSL_CTX_free(ctx);
245 return NULL;
246}
247
248/* Connect client and server via a pair of "nonblocking" memory BIOs. */
249static int
250connect_peers(SSL *client_ssl, SSL *server_ssl, const char *description)
251{
252 BIO *client_wbio = NULL, *server_wbio = NULL;
253 int ret = 0;
254
255 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL) {
256 fprintf(stderr, "%s: failed to create client BIO\n",
257 description);
258 goto err;
259 }
260 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL) {
261 fprintf(stderr, "%s: failed to create server BIO\n",
262 description);
263 goto err;
264 }
265 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0) {
266 fprintf(stderr, "%s: failed to set client eof return\n",
267 description);
268 goto err;
269 }
270 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0) {
271 fprintf(stderr, "%s: failed to set server eof return\n",
272 description);
273 goto err;
274 }
275
276 /* Avoid double free. SSL_set_bio() takes ownership of the BIOs. */
277 BIO_up_ref(client_wbio);
278 BIO_up_ref(server_wbio);
279
280 SSL_set_bio(client_ssl, server_wbio, client_wbio);
281 SSL_set_bio(server_ssl, client_wbio, server_wbio);
282 client_wbio = NULL;
283 server_wbio = NULL;
284
285 ret = 1;
286
287 err:
288 BIO_free(client_wbio);
289 BIO_free(server_wbio);
290
291 return ret;
292}
293
294static int
295push_data_to_peer(SSL *ssl, int *ret, int (*func)(SSL *), const char *func_name,
296 const char *description)
297{
298 int ssl_err = 0;
299
300 if (*ret == 1)
301 return 1;
302
303 /*
304 * Do SSL_connect/SSL_accept/SSL_shutdown once and loop while hitting
305 * WANT_WRITE. If done or on WANT_READ hand off to peer.
306 */
307
308 do {
309 if ((*ret = func(ssl)) <= 0)
310 ssl_err = SSL_get_error(ssl, *ret);
311 } while (*ret <= 0 && ssl_err == SSL_ERROR_WANT_WRITE);
312
313 /* Ignore erroneous error - see SSL_shutdown(3)... */
314 if (func == SSL_shutdown && ssl_err == SSL_ERROR_SYSCALL)
315 return 1;
316
317 if (*ret <= 0 && ssl_err != SSL_ERROR_WANT_READ) {
318 fprintf(stderr, "%s: %s failed\n", description, func_name);
319 ERR_print_errors_fp(stderr);
320 return 0;
321 }
322
323 return 1;
324}
325
326/*
327 * Alternate between loops of SSL_connect() and SSL_accept() as long as only
328 * WANT_READ and WANT_WRITE situations are encountered. A function is repeated
329 * until WANT_READ is returned or it succeeds, then it's the other function's
330 * turn to make progress. Succeeds if SSL_connect() and SSL_accept() return 1.
331 */
332static int
333handshake(SSL *client_ssl, SSL *server_ssl, const char *description)
334{
335 int loops = 0, client_ret = 0, server_ret = 0;
336
337 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
338 if (!push_data_to_peer(client_ssl, &client_ret, SSL_connect,
339 "SSL_connect", description))
340 return 0;
341
342 if (!push_data_to_peer(server_ssl, &server_ret, SSL_accept,
343 "SSL_accept", description))
344 return 0;
345 }
346
347 if (client_ret != 1 || server_ret != 1) {
348 fprintf(stderr, "%s: failed\n", __func__);
349 return 0;
350 }
351
352 return 1;
353}
354
355static int
356shutdown_peers(SSL *client_ssl, SSL *server_ssl, const char *description)
357{
358 int loops = 0, client_ret = 0, server_ret = 0;
359
360 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
361 if (!push_data_to_peer(client_ssl, &client_ret, SSL_shutdown,
362 "client shutdown", description))
363 return 0;
364
365 if (!push_data_to_peer(server_ssl, &server_ret, SSL_shutdown,
366 "server shutdown", description))
367 return 0;
368 }
369
370 if (client_ret != 1 || server_ret != 1) {
371 fprintf(stderr, "%s: failed\n", __func__);
372 return 0;
373 }
374
375 return 1;
376}
377
378/* from ssl_ciph.c */
379static inline int
380ssl_aes_is_accelerated(void)
381{
382#if defined(__i386__) || defined(__x86_64__)
383 return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
384#else
385 return (0);
386#endif
387}
388
389static int
390check_shared_ciphers(const struct ssl_shared_ciphers_test_data *test,
391 const char *got)
392{
393 const char *want = test->shared_ciphers;
394 int failed;
395
396 if (!ssl_aes_is_accelerated() &&
397 test->shared_ciphers_without_aesni != NULL)
398 want = test->shared_ciphers_without_aesni;
399
400 failed = strcmp(want, got);
401
402 if (failed)
403 fprintf(stderr, "%s: want \"%s\", got \"%s\"\n",
404 test->description, want, got);
405
406 return failed;
407}
408
409static int
410test_get_shared_ciphers(const struct ssl_shared_ciphers_test_data *test)
411{
412 SSL_CTX *client_ctx = NULL, *server_ctx = NULL;
413 SSL *client_ssl = NULL, *server_ssl = NULL;
414 char buf[4096];
415 int failed = 1;
416
417 if ((client_ctx = peer_config_to_ssl_ctx(&test->client_config)) == NULL)
418 goto err;
419 if ((server_ctx = peer_config_to_ssl_ctx(&test->server_config)) == NULL)
420 goto err;
421
422 if ((client_ssl = SSL_new(client_ctx)) == NULL) {
423 fprintf(stderr, "%s: failed to create client SSL\n",
424 test->description);
425 goto err;
426 }
427 if ((server_ssl = SSL_new(server_ctx)) == NULL) {
428 fprintf(stderr, "%s: failed to create server SSL\n",
429 test->description);
430 goto err;
431 }
432
433 if (!connect_peers(client_ssl, server_ssl, test->description))
434 goto err;
435
436 if (!handshake(client_ssl, server_ssl, test->description))
437 goto err;
438
439 if (SSL_get_shared_ciphers(server_ssl, buf, sizeof(buf)) == NULL) {
440 fprintf(stderr, "%s: failed to get shared ciphers\n",
441 test->description);
442 goto err;
443 }
444
445 if (!shutdown_peers(client_ssl, server_ssl, test->description))
446 goto err;
447
448 failed = check_shared_ciphers(test, buf);
449
450 err:
451 SSL_CTX_free(client_ctx);
452 SSL_CTX_free(server_ctx);
453 SSL_free(client_ssl);
454 SSL_free(server_ssl);
455
456 return failed;
457}
458
459int
460main(int argc, char **argv)
461{
462 size_t i;
463 int failed = 0;
464
465 if (asprintf(&server_cert, "%s/server.pem", CERTSDIR) == -1) {
466 fprintf(stderr, "asprintf server_cert failed\n");
467 failed = 1;
468 goto err;
469 }
470 server_key = server_cert;
471
472 for (i = 0; i < N_SHARED_CIPHERS_TESTS; i++)
473 failed |= test_get_shared_ciphers(&ssl_shared_ciphers_tests[i]);
474
475 if (failed == 0)
476 printf("PASS %s\n", __FILE__);
477
478 err:
479 free(server_cert);
480
481 return failed;
482}
diff --git a/src/regress/lib/libssl/unit/ssl_methods.c b/src/regress/lib/libssl/unit/ssl_methods.c
deleted file mode 100644
index 0fc33a406c..0000000000
--- a/src/regress/lib/libssl/unit/ssl_methods.c
+++ /dev/null
@@ -1,267 +0,0 @@
1/* $OpenBSD: ssl_methods.c,v 1.4 2021/04/04 20:21:43 tb Exp $ */
2/*
3 * Copyright (c) 2020 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <stdio.h>
19
20#include <openssl/ssl.h>
21
22struct ssl_method_test_data {
23 const SSL_METHOD *(*method)(void);
24 const char *name;
25 int server;
26 int dtls;
27};
28
29struct ssl_method_test_data ssl_method_tests[] = {
30 {
31 .method = SSLv23_method,
32 .name = "SSLv23_method",
33 .server = 1,
34 .dtls = 0,
35 },
36 {
37 .method = SSLv23_server_method,
38 .name = "SSLv23_server_method",
39 .server = 1,
40 .dtls = 0,
41 },
42 {
43 .method = SSLv23_client_method,
44 .name = "SSLv23_client_method",
45 .server = 0,
46 .dtls = 0,
47 },
48
49 {
50 .method = TLSv1_method,
51 .name = "TLSv1_method",
52 .server = 1,
53 .dtls = 0,
54 },
55 {
56 .method = TLSv1_server_method,
57 .name = "TLSv1_server_method",
58 .server = 1,
59 .dtls = 0,
60 },
61 {
62 .method = TLSv1_client_method,
63 .name = "TLSv1_client_method",
64 .server = 0,
65 .dtls = 0,
66 },
67
68 {
69 .method = TLSv1_1_method,
70 .name = "TLSv1_1_method",
71 .server = 1,
72 .dtls = 0,
73 },
74 {
75 .method = TLSv1_1_server_method,
76 .name = "TLSv1_1_server_method",
77 .server = 1,
78 .dtls = 0,
79 },
80 {
81 .method = TLSv1_1_client_method,
82 .name = "TLSv1_1_client_method",
83 .server = 0,
84 .dtls = 0,
85 },
86
87 {
88 .method = TLSv1_2_method,
89 .name = "TLSv1_2_method",
90 .server = 1,
91 .dtls = 0,
92 },
93 {
94 .method = TLSv1_2_server_method,
95 .name = "TLSv1_2_server_method",
96 .server = 1,
97 .dtls = 0,
98 },
99 {
100 .method = TLSv1_2_client_method,
101 .name = "TLSv1_2_client_method",
102 .server = 0,
103 .dtls = 0,
104 },
105
106 {
107 .method = TLS_method,
108 .name = "TLS_method",
109 .server = 1,
110 .dtls = 0,
111 },
112 {
113 .method = TLS_server_method,
114 .name = "TLS_server_method",
115 .server = 1,
116 .dtls = 0,
117 },
118 {
119 .method = TLS_client_method,
120 .name = "TLS_client_method",
121 .server = 0,
122 .dtls = 0,
123 },
124
125 {
126 .method = DTLSv1_method,
127 .name = "DTLSv1_method",
128 .server = 1,
129 .dtls = 1,
130 },
131 {
132 .method = DTLSv1_server_method,
133 .name = "DTLSv1_server_method",
134 .server = 1,
135 .dtls = 1,
136 },
137 {
138 .method = DTLSv1_client_method,
139 .name = "DTLSv1_client_method",
140 .server = 0,
141 .dtls = 1,
142 },
143
144 {
145 .method = DTLSv1_2_method,
146 .name = "DTLSv1_2_method",
147 .server = 1,
148 .dtls = 1,
149 },
150 {
151 .method = DTLSv1_2_server_method,
152 .name = "DTLSv1_2_server_method",
153 .server = 1,
154 .dtls = 1,
155 },
156 {
157 .method = DTLSv1_2_client_method,
158 .name = "DTLSv1_2_client_method",
159 .server = 0,
160 .dtls = 1,
161 },
162
163 {
164 .method = DTLS_method,
165 .name = "DTLS_method",
166 .server = 1,
167 .dtls = 1,
168 },
169 {
170 .method = DTLS_server_method,
171 .name = "DTLS_server_method",
172 .server = 1,
173 .dtls = 1,
174 },
175 {
176 .method = DTLS_client_method,
177 .name = "DTLS_client_method",
178 .server = 0,
179 .dtls = 1,
180 },
181};
182
183#define N_METHOD_TESTS (sizeof(ssl_method_tests) / sizeof(ssl_method_tests[0]))
184
185int test_client_or_server_method(struct ssl_method_test_data *);
186int test_dtls_method(struct ssl_method_test_data *);
187
188int
189test_client_or_server_method(struct ssl_method_test_data *testcase)
190{
191 SSL_CTX *ssl_ctx;
192 SSL *ssl = NULL;
193 int failed = 1;
194
195 if ((ssl_ctx = SSL_CTX_new(testcase->method())) == NULL) {
196 fprintf(stderr, "SSL_CTX_new returned NULL\n");
197 goto err;
198 }
199
200 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
201 fprintf(stderr, "SSL_new returned NULL\n");
202 goto err;
203 }
204
205 if (SSL_is_server(ssl) != testcase->server) {
206 fprintf(stderr, "%s: SSL_is_server: want %d, got %d\n",
207 testcase->name, testcase->server, SSL_is_server(ssl));
208 goto err;
209 }
210
211 failed = 0;
212
213 err:
214 SSL_free(ssl);
215 SSL_CTX_free(ssl_ctx);
216
217 return failed;
218}
219
220int
221test_dtls_method(struct ssl_method_test_data *testcase)
222{
223 SSL_CTX *ssl_ctx;
224 SSL *ssl = NULL;
225 int failed = 1;
226
227 if ((ssl_ctx = SSL_CTX_new(testcase->method())) == NULL) {
228 fprintf(stderr, "SSL_CTX_new returned NULL\n");
229 goto err;
230 }
231
232 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
233 fprintf(stderr, "SSL_new returned NULL\n");
234 goto err;
235 }
236
237 if (SSL_is_dtls(ssl) != testcase->dtls) {
238 fprintf(stderr, "%s: SSL_is_dtls: want %d, got %d\n",
239 testcase->name, testcase->dtls, SSL_is_dtls(ssl));
240 goto err;
241 }
242
243 failed = 0;
244
245 err:
246 SSL_free(ssl);
247 SSL_CTX_free(ssl_ctx);
248
249 return failed;
250}
251
252int
253main(int argc, char **argv)
254{
255 size_t i;
256 int failed = 0;
257
258 for (i = 0; i < N_METHOD_TESTS; i++) {
259 failed |= test_client_or_server_method(&ssl_method_tests[i]);
260 failed |= test_dtls_method(&ssl_method_tests[i]);
261 }
262
263 if (failed == 0)
264 printf("PASS %s\n", __FILE__);
265
266 return failed;
267}
diff --git a/src/regress/lib/libssl/unit/ssl_set_alpn_protos.c b/src/regress/lib/libssl/unit/ssl_set_alpn_protos.c
deleted file mode 100644
index 87dd4d9e5a..0000000000
--- a/src/regress/lib/libssl/unit/ssl_set_alpn_protos.c
+++ /dev/null
@@ -1,204 +0,0 @@
1/* $OpenBSD: ssl_set_alpn_protos.c,v 1.2 2022/07/21 03:59:04 tb Exp $ */
2/*
3 * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19#include <stdio.h>
20
21#include <openssl/ssl.h>
22
23struct alpn_test {
24 const char *description;
25 const uint8_t protocols[24];
26 size_t protocols_len;
27 int ret;
28};
29
30static const struct alpn_test alpn_tests[] = {
31 {
32 .description = "valid protocol list",
33 .protocols = {
34 6, 's', 'p', 'd', 'y', '/', '1',
35 8, 'h', 't', 't', 'p', '/', '1', '.', '1',
36 },
37 .protocols_len = 16,
38 .ret = 0,
39 },
40 {
41 .description = "zero length protocol",
42 .protocols = {
43 0,
44 },
45 .protocols_len = 1,
46 .ret = 1,
47 },
48 {
49 .description = "zero length protocol at start",
50 .protocols = {
51 0,
52 8, 'h', 't', 't', 'p', '/', '1', '.', '1',
53 6, 's', 'p', 'd', 'y', '/', '1',
54 },
55 .protocols_len = 17,
56 .ret = 1,
57 },
58 {
59 .description = "zero length protocol embedded",
60 .protocols = {
61 8, 'h', 't', 't', 'p', '/', '1', '.', '1',
62 0,
63 6, 's', 'p', 'd', 'y', '/', '1',
64 },
65 .protocols_len = 17,
66 .ret = 1,
67 },
68 {
69 .description = "zero length protocol at end",
70 .protocols = {
71 8, 'h', 't', 't', 'p', '/', '1', '.', '1',
72 6, 's', 'p', 'd', 'y', '/', '1',
73 0,
74 },
75 .protocols_len = 17,
76 .ret = 1,
77 },
78 {
79 .description = "protocol length too short",
80 .protocols = {
81 6, 'h', 't', 't', 'p', '/', '1', '.', '1',
82 },
83 .protocols_len = 9,
84 .ret = 1,
85 },
86 {
87 .description = "protocol length too long",
88 .protocols = {
89 8, 's', 'p', 'd', 'y', '/', '1',
90 },
91 .protocols_len = 7,
92 .ret = 1,
93 },
94};
95
96static const size_t N_ALPN_TESTS = sizeof(alpn_tests) / sizeof(alpn_tests[0]);
97
98static int
99test_ssl_set_alpn_protos(const struct alpn_test *tc)
100{
101 SSL_CTX *ctx;
102 SSL *ssl;
103 int ret;
104 int failed = 0;
105
106 if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
107 errx(1, "SSL_CTX_new");
108
109 ret = SSL_CTX_set_alpn_protos(ctx, tc->protocols, tc->protocols_len);
110 if (ret != tc->ret) {
111 warnx("%s: setting on SSL_CTX: want %d, got %d",
112 tc->description, tc->ret, ret);
113 failed = 1;
114 }
115
116 if ((ssl = SSL_new(ctx)) == NULL)
117 errx(1, "SSL_new");
118
119 ret = SSL_set_alpn_protos(ssl, tc->protocols, tc->protocols_len);
120 if (ret != tc->ret) {
121 warnx("%s: setting on SSL: want %d, got %d",
122 tc->description, tc->ret, ret);
123 failed = 1;
124 }
125
126 SSL_CTX_free(ctx);
127 SSL_free(ssl);
128
129 return failed;
130}
131
132static int
133test_ssl_set_alpn_protos_edge_cases(void)
134{
135 SSL_CTX *ctx;
136 SSL *ssl;
137 const uint8_t valid[] = {
138 6, 's', 'p', 'd', 'y', '/', '3',
139 8, 'h', 't', 't', 'p', '/', '1', '.', '1',
140 };
141 int failed = 0;
142
143 if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL)
144 errx(1, "SSL_CTX_new");
145
146 if (SSL_CTX_set_alpn_protos(ctx, valid, sizeof(valid)) != 0) {
147 warnx("setting valid protocols on SSL_CTX failed");
148 failed = 1;
149 }
150 if (SSL_CTX_set_alpn_protos(ctx, NULL, 0) != 0) {
151 warnx("setting 'NULL, 0' on SSL_CTX failed");
152 failed = 1;
153 }
154 if (SSL_CTX_set_alpn_protos(ctx, valid, 0) != 0) {
155 warnx("setting 'valid, 0' on SSL_CTX failed");
156 failed = 1;
157 }
158 if (SSL_CTX_set_alpn_protos(ctx, NULL, 43) != 0) {
159 warnx("setting 'NULL, 43' on SSL_CTX failed");
160 failed = 1;
161 }
162
163 if ((ssl = SSL_new(ctx)) == NULL)
164 errx(1, "SSL_new");
165
166 if (SSL_set_alpn_protos(ssl, valid, sizeof(valid)) != 0) {
167 warnx("setting valid protocols on SSL failed");
168 failed = 1;
169 }
170 if (SSL_set_alpn_protos(ssl, NULL, 0) != 0) {
171 warnx("setting 'NULL, 0' on SSL failed");
172 failed = 1;
173 }
174 if (SSL_set_alpn_protos(ssl, valid, 0) != 0) {
175 warnx("setting 'valid, 0' on SSL failed");
176 failed = 1;
177 }
178 if (SSL_set_alpn_protos(ssl, NULL, 43) != 0) {
179 warnx("setting 'NULL, 43' on SSL failed");
180 failed = 1;
181 }
182
183 SSL_CTX_free(ctx);
184 SSL_free(ssl);
185
186 return failed;
187}
188
189int
190main(void)
191{
192 size_t i;
193 int failed = 0;
194
195 for (i = 0; i < N_ALPN_TESTS; i++)
196 failed |= test_ssl_set_alpn_protos(&alpn_tests[i]);
197
198 failed |= test_ssl_set_alpn_protos_edge_cases();
199
200 if (!failed)
201 printf("PASS %s\n", __FILE__);
202
203 return failed;
204}
diff --git a/src/regress/lib/libssl/unit/ssl_versions.c b/src/regress/lib/libssl/unit/ssl_versions.c
deleted file mode 100644
index e9bcecafe5..0000000000
--- a/src/regress/lib/libssl/unit/ssl_versions.c
+++ /dev/null
@@ -1,922 +0,0 @@
1/* $OpenBSD: ssl_versions.c,v 1.18 2022/10/02 16:38:23 jsing Exp $ */
2/*
3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <openssl/ssl.h>
19
20#include "ssl_locl.h"
21
22struct version_range_test {
23 const long options;
24 const uint16_t minver;
25 const uint16_t maxver;
26 const uint16_t want_minver;
27 const uint16_t want_maxver;
28};
29
30static struct version_range_test version_range_tests[] = {
31 {
32 .options = 0,
33 .minver = TLS1_VERSION,
34 .maxver = TLS1_3_VERSION,
35 .want_minver = TLS1_VERSION,
36 .want_maxver = TLS1_3_VERSION,
37 },
38 {
39 .options = 0,
40 .minver = TLS1_VERSION,
41 .maxver = TLS1_2_VERSION,
42 .want_minver = TLS1_VERSION,
43 .want_maxver = TLS1_2_VERSION,
44 },
45 {
46 .options = SSL_OP_NO_TLSv1,
47 .minver = TLS1_VERSION,
48 .maxver = TLS1_2_VERSION,
49 .want_minver = TLS1_1_VERSION,
50 .want_maxver = TLS1_2_VERSION,
51 },
52 {
53 .options = SSL_OP_NO_TLSv1_3,
54 .minver = TLS1_VERSION,
55 .maxver = TLS1_3_VERSION,
56 .want_minver = TLS1_VERSION,
57 .want_maxver = TLS1_2_VERSION,
58 },
59 {
60 .options = SSL_OP_NO_TLSv1_2,
61 .minver = TLS1_VERSION,
62 .maxver = TLS1_2_VERSION,
63 .want_minver = TLS1_VERSION,
64 .want_maxver = TLS1_1_VERSION,
65 },
66 {
67 .options = SSL_OP_NO_TLSv1_1,
68 .minver = TLS1_VERSION,
69 .maxver = TLS1_2_VERSION,
70 .want_minver = TLS1_VERSION,
71 .want_maxver = TLS1_VERSION,
72 },
73 {
74 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
75 .minver = TLS1_VERSION,
76 .maxver = TLS1_2_VERSION,
77 .want_minver = TLS1_2_VERSION,
78 .want_maxver = TLS1_2_VERSION,
79 },
80 {
81 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
82 .minver = TLS1_VERSION,
83 .maxver = TLS1_2_VERSION,
84 .want_minver = TLS1_VERSION,
85 .want_maxver = TLS1_VERSION,
86 },
87 {
88 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2,
89 .minver = TLS1_VERSION,
90 .maxver = TLS1_2_VERSION,
91 .want_minver = TLS1_1_VERSION,
92 .want_maxver = TLS1_1_VERSION,
93 },
94 {
95 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
96 SSL_OP_NO_TLSv1_2,
97 .minver = TLS1_VERSION,
98 .maxver = TLS1_2_VERSION,
99 .want_minver = 0,
100 .want_maxver = 0,
101 },
102 {
103 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
104 SSL_OP_NO_TLSv1_2,
105 .minver = TLS1_VERSION,
106 .maxver = TLS1_3_VERSION,
107 .want_minver = TLS1_3_VERSION,
108 .want_maxver = TLS1_3_VERSION,
109 },
110 {
111 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
112 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3,
113 .minver = TLS1_VERSION,
114 .maxver = TLS1_3_VERSION,
115 .want_minver = 0,
116 .want_maxver = 0,
117 },
118 {
119 .options = 0,
120 .minver = TLS1_VERSION,
121 .maxver = TLS1_2_VERSION,
122 .want_minver = TLS1_VERSION,
123 .want_maxver = TLS1_2_VERSION,
124 },
125 {
126 .options = 0,
127 .minver = TLS1_1_VERSION,
128 .maxver = TLS1_2_VERSION,
129 .want_minver = TLS1_1_VERSION,
130 .want_maxver = TLS1_2_VERSION,
131 },
132 {
133 .options = 0,
134 .minver = TLS1_2_VERSION,
135 .maxver = TLS1_2_VERSION,
136 .want_minver = TLS1_2_VERSION,
137 .want_maxver = TLS1_2_VERSION,
138 },
139 {
140 .options = 0,
141 .minver = TLS1_VERSION,
142 .maxver = TLS1_3_VERSION,
143 .want_minver = TLS1_VERSION,
144 .want_maxver = TLS1_3_VERSION,
145 },
146 {
147 .options = 0,
148 .minver = TLS1_1_VERSION,
149 .maxver = TLS1_3_VERSION,
150 .want_minver = TLS1_1_VERSION,
151 .want_maxver = TLS1_3_VERSION,
152 },
153 {
154 .options = 0,
155 .minver = TLS1_2_VERSION,
156 .maxver = TLS1_3_VERSION,
157 .want_minver = TLS1_2_VERSION,
158 .want_maxver = TLS1_3_VERSION,
159 },
160 {
161 .options = 0,
162 .minver = TLS1_3_VERSION,
163 .maxver = TLS1_3_VERSION,
164 .want_minver = TLS1_3_VERSION,
165 .want_maxver = TLS1_3_VERSION,
166 },
167 {
168 .options = 0,
169 .minver = TLS1_VERSION,
170 .maxver = TLS1_1_VERSION,
171 .want_minver = TLS1_VERSION,
172 .want_maxver = TLS1_1_VERSION,
173 },
174 {
175 .options = 0,
176 .minver = TLS1_VERSION,
177 .maxver = TLS1_VERSION,
178 .want_minver = TLS1_VERSION,
179 .want_maxver = TLS1_VERSION,
180 },
181};
182
183#define N_VERSION_RANGE_TESTS \
184 (sizeof(version_range_tests) / sizeof(*version_range_tests))
185
186static int
187test_ssl_enabled_version_range(void)
188{
189 struct version_range_test *vrt;
190 uint16_t minver, maxver;
191 SSL_CTX *ssl_ctx = NULL;
192 SSL *ssl = NULL;
193 int failed = 1;
194 size_t i;
195
196 fprintf(stderr, "INFO: starting enabled version range tests...\n");
197
198 if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) {
199 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
200 goto failure;
201 }
202 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
203 fprintf(stderr, "SSL_new() returned NULL\n");
204 goto failure;
205 }
206
207 failed = 0;
208
209 for (i = 0; i < N_VERSION_RANGE_TESTS; i++) {
210 vrt = &version_range_tests[i];
211
212 SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
213 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
214 SSL_set_options(ssl, vrt->options);
215
216 minver = maxver = 0xffff;
217 ssl->min_tls_version = vrt->minver;
218 ssl->max_tls_version = vrt->maxver;
219
220 if (ssl_enabled_tls_version_range(ssl, &minver, &maxver) != 1) {
221 if (vrt->want_minver != 0 || vrt->want_maxver != 0) {
222 fprintf(stderr, "FAIL: test %zu - failed but "
223 "wanted non-zero versions\n", i);
224 failed++;
225 }
226 continue;
227 }
228 if (minver != vrt->want_minver) {
229 fprintf(stderr, "FAIL: test %zu - got minver %x, "
230 "want %x\n", i, minver, vrt->want_minver);
231 failed++;
232 }
233 if (maxver != vrt->want_maxver) {
234 fprintf(stderr, "FAIL: test %zu - got maxver %x, "
235 "want %x\n", i, maxver, vrt->want_maxver);
236 failed++;
237 }
238 }
239
240 failure:
241 SSL_CTX_free(ssl_ctx);
242 SSL_free(ssl);
243
244 return (failed);
245}
246
247struct shared_version_test {
248 const SSL_METHOD *(*ssl_method)(void);
249 const long options;
250 const uint16_t minver;
251 const uint16_t maxver;
252 const uint16_t peerver;
253 const uint16_t want_maxver;
254};
255
256static struct shared_version_test shared_version_tests[] = {
257 {
258 .ssl_method = TLS_method,
259 .options = 0,
260 .minver = TLS1_VERSION,
261 .maxver = TLS1_2_VERSION,
262 .peerver = SSL2_VERSION,
263 .want_maxver = 0,
264 },
265 {
266 .ssl_method = TLS_method,
267 .options = 0,
268 .minver = TLS1_VERSION,
269 .maxver = TLS1_2_VERSION,
270 .peerver = SSL3_VERSION,
271 .want_maxver = 0,
272 },
273 {
274 .ssl_method = TLS_method,
275 .options = 0,
276 .minver = TLS1_VERSION,
277 .maxver = TLS1_2_VERSION,
278 .peerver = TLS1_VERSION,
279 .want_maxver = TLS1_VERSION,
280 },
281 {
282 .ssl_method = TLS_method,
283 .options = 0,
284 .minver = TLS1_VERSION,
285 .maxver = TLS1_2_VERSION,
286 .peerver = TLS1_1_VERSION,
287 .want_maxver = TLS1_1_VERSION,
288 },
289 {
290 .ssl_method = TLS_method,
291 .options = 0,
292 .minver = TLS1_VERSION,
293 .maxver = TLS1_2_VERSION,
294 .peerver = TLS1_2_VERSION,
295 .want_maxver = TLS1_2_VERSION,
296 },
297 {
298 .ssl_method = TLS_method,
299 .options = 0,
300 .minver = TLS1_VERSION,
301 .maxver = TLS1_2_VERSION,
302 .peerver = TLS1_3_VERSION,
303 .want_maxver = TLS1_2_VERSION,
304 },
305 {
306 .ssl_method = TLS_method,
307 .options = 0,
308 .minver = TLS1_VERSION,
309 .maxver = TLS1_2_VERSION,
310 .peerver = 0x7f12,
311 .want_maxver = TLS1_2_VERSION,
312 },
313 {
314 .ssl_method = TLS_method,
315 .options = SSL_OP_NO_TLSv1_2,
316 .minver = TLS1_VERSION,
317 .maxver = TLS1_2_VERSION,
318 .peerver = TLS1_2_VERSION,
319 .want_maxver = TLS1_1_VERSION,
320 },
321 {
322 .ssl_method = TLS_method,
323 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
324 .minver = TLS1_VERSION,
325 .maxver = TLS1_2_VERSION,
326 .peerver = TLS1_2_VERSION,
327 .want_maxver = TLS1_VERSION,
328 },
329 {
330 .ssl_method = TLS_method,
331 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
332 .minver = TLS1_VERSION,
333 .maxver = TLS1_2_VERSION,
334 .peerver = TLS1_2_VERSION,
335 .want_maxver = 0,
336 },
337 {
338 .ssl_method = TLS_method,
339 .options = SSL_OP_NO_TLSv1,
340 .minver = TLS1_VERSION,
341 .maxver = TLS1_2_VERSION,
342 .peerver = TLS1_1_VERSION,
343 .want_maxver = TLS1_1_VERSION,
344 },
345 {
346 .ssl_method = TLS_method,
347 .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1,
348 .minver = TLS1_VERSION,
349 .maxver = TLS1_2_VERSION,
350 .peerver = TLS1_1_VERSION,
351 .want_maxver = 0,
352 },
353 {
354 .ssl_method = TLS_method,
355 .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2,
356 .minver = TLS1_VERSION,
357 .maxver = TLS1_2_VERSION,
358 .peerver = TLS1_1_VERSION,
359 .want_maxver = TLS1_VERSION,
360 },
361 {
362 .ssl_method = TLS_method,
363 .options = SSL_OP_NO_TLSv1,
364 .minver = TLS1_VERSION,
365 .maxver = TLS1_2_VERSION,
366 .peerver = TLS1_VERSION,
367 .want_maxver = 0,
368 },
369 {
370 .ssl_method = TLS_method,
371 .options = 0,
372 .minver = TLS1_VERSION,
373 .maxver = TLS1_1_VERSION,
374 .peerver = TLS1_2_VERSION,
375 .want_maxver = TLS1_1_VERSION,
376 },
377 {
378 .ssl_method = TLS_method,
379 .options = 0,
380 .minver = TLS1_VERSION,
381 .maxver = TLS1_VERSION,
382 .peerver = TLS1_2_VERSION,
383 .want_maxver = TLS1_VERSION,
384 },
385 {
386 .ssl_method = TLSv1_method,
387 .options = 0,
388 .minver = TLS1_VERSION,
389 .maxver = TLS1_2_VERSION,
390 .peerver = TLS1_VERSION,
391 .want_maxver = TLS1_VERSION,
392 },
393 {
394 .ssl_method = TLSv1_method,
395 .options = 0,
396 .minver = TLS1_1_VERSION,
397 .maxver = TLS1_2_VERSION,
398 .peerver = TLS1_VERSION,
399 .want_maxver = 0,
400 },
401 {
402 .ssl_method = TLSv1_1_method,
403 .options = 0,
404 .minver = TLS1_VERSION,
405 .maxver = TLS1_2_VERSION,
406 .peerver = TLS1_1_VERSION,
407 .want_maxver = TLS1_1_VERSION,
408 },
409 {
410 .ssl_method = DTLS_method,
411 .options = 0,
412 .minver = TLS1_1_VERSION,
413 .maxver = TLS1_2_VERSION,
414 .peerver = DTLS1_VERSION,
415 .want_maxver = DTLS1_VERSION,
416 },
417 {
418 .ssl_method = DTLS_method,
419 .options = 0,
420 .minver = TLS1_1_VERSION,
421 .maxver = TLS1_2_VERSION,
422 .peerver = DTLS1_2_VERSION,
423 .want_maxver = DTLS1_2_VERSION,
424 },
425 {
426 .ssl_method = DTLS_method,
427 .options = 0,
428 .minver = TLS1_1_VERSION,
429 .maxver = TLS1_2_VERSION,
430 .peerver = 0xfefc, /* DTLSv1.3, probably. */
431 .want_maxver = DTLS1_2_VERSION,
432 },
433 {
434 .ssl_method = DTLSv1_method,
435 .options = 0,
436 .minver = TLS1_1_VERSION,
437 .maxver = TLS1_1_VERSION,
438 .peerver = DTLS1_2_VERSION,
439 .want_maxver = DTLS1_VERSION,
440 },
441 {
442 .ssl_method = DTLSv1_2_method,
443 .options = 0,
444 .minver = TLS1_2_VERSION,
445 .maxver = TLS1_2_VERSION,
446 .peerver = DTLS1_2_VERSION,
447 .want_maxver = DTLS1_2_VERSION,
448 },
449 {
450 .ssl_method = DTLSv1_method,
451 .options = 0,
452 .minver = TLS1_1_VERSION,
453 .maxver = TLS1_1_VERSION,
454 .peerver = TLS1_2_VERSION,
455 .want_maxver = 0,
456 },
457 {
458 .ssl_method = DTLS_method,
459 .options = SSL_OP_NO_DTLSv1,
460 .minver = TLS1_1_VERSION,
461 .maxver = TLS1_2_VERSION,
462 .peerver = DTLS1_VERSION,
463 .want_maxver = 0,
464 },
465 {
466 .ssl_method = DTLS_method,
467 .options = SSL_OP_NO_DTLSv1,
468 .minver = TLS1_1_VERSION,
469 .maxver = TLS1_2_VERSION,
470 .peerver = DTLS1_2_VERSION,
471 .want_maxver = DTLS1_2_VERSION,
472 },
473 {
474 .ssl_method = DTLS_method,
475 .options = SSL_OP_NO_DTLSv1_2,
476 .minver = TLS1_1_VERSION,
477 .maxver = TLS1_2_VERSION,
478 .peerver = DTLS1_2_VERSION,
479 .want_maxver = DTLS1_VERSION,
480 },
481};
482
483#define N_SHARED_VERSION_TESTS \
484 (sizeof(shared_version_tests) / sizeof(*shared_version_tests))
485
486static int
487test_ssl_max_shared_version(void)
488{
489 struct shared_version_test *svt;
490 SSL_CTX *ssl_ctx = NULL;
491 SSL *ssl = NULL;
492 uint16_t maxver;
493 int failed = 0;
494 size_t i;
495
496 failed = 0;
497
498 fprintf(stderr, "INFO: starting max shared version tests...\n");
499
500 for (i = 0; i < N_SHARED_VERSION_TESTS; i++) {
501 svt = &shared_version_tests[i];
502
503 if ((ssl_ctx = SSL_CTX_new(svt->ssl_method())) == NULL) {
504 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
505 failed++;
506 goto err;
507 }
508 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
509 fprintf(stderr, "SSL_new() returned NULL\n");
510 failed++;
511 goto err;
512 }
513
514 SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 |
515 SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
516 SSL_set_options(ssl, svt->options);
517
518 maxver = 0;
519 ssl->min_tls_version = svt->minver;
520 ssl->max_tls_version = svt->maxver;
521
522 if (!ssl_max_shared_version(ssl, svt->peerver, &maxver)) {
523 if (svt->want_maxver != 0) {
524 fprintf(stderr, "FAIL: test %zu - failed but "
525 "wanted non-zero shared version (peer %x)\n",
526 i, svt->peerver);
527 failed++;
528 }
529 SSL_CTX_free(ssl_ctx);
530 SSL_free(ssl);
531 ssl_ctx = NULL;
532 ssl = NULL;
533 continue;
534 }
535 if (maxver != svt->want_maxver) {
536 fprintf(stderr, "FAIL: test %zu - got shared "
537 "version %x, want %x\n", i, maxver,
538 svt->want_maxver);
539 failed++;
540 }
541
542 SSL_CTX_free(ssl_ctx);
543 SSL_free(ssl);
544 ssl_ctx = NULL;
545 ssl = NULL;
546 }
547
548 err:
549 SSL_CTX_free(ssl_ctx);
550 SSL_free(ssl);
551
552 return (failed);
553}
554
555struct min_max_version_test {
556 const SSL_METHOD *(*ssl_method)(void);
557 const uint16_t minver;
558 const uint16_t maxver;
559 const uint16_t want_minver;
560 const uint16_t want_maxver;
561 const int want_min_fail;
562 const int want_max_fail;
563};
564
565static struct min_max_version_test min_max_version_tests[] = {
566 {
567 .ssl_method = TLS_method,
568 .minver = 0,
569 .maxver = 0,
570 .want_minver = 0,
571 .want_maxver = 0,
572 },
573 {
574 .ssl_method = TLS_method,
575 .minver = TLS1_VERSION,
576 .maxver = 0,
577 .want_minver = TLS1_VERSION,
578 .want_maxver = 0,
579 },
580 {
581 .ssl_method = TLS_method,
582 .minver = 0,
583 .maxver = TLS1_2_VERSION,
584 .want_minver = 0,
585 .want_maxver = TLS1_2_VERSION,
586 },
587 {
588 .ssl_method = TLS_method,
589 .minver = 0,
590 .maxver = TLS1_3_VERSION,
591 .want_minver = 0,
592 .want_maxver = TLS1_3_VERSION,
593 },
594 {
595 .ssl_method = TLS_method,
596 .minver = TLS1_VERSION,
597 .maxver = TLS1_2_VERSION,
598 .want_minver = TLS1_VERSION,
599 .want_maxver = TLS1_2_VERSION,
600 },
601 {
602 .ssl_method = TLS_method,
603 .minver = TLS1_1_VERSION,
604 .maxver = 0,
605 .want_minver = TLS1_1_VERSION,
606 .want_maxver = 0,
607 },
608 {
609 .ssl_method = TLS_method,
610 .minver = TLS1_2_VERSION,
611 .maxver = 0,
612 .want_minver = TLS1_2_VERSION,
613 .want_maxver = 0,
614 },
615 {
616 .ssl_method = TLS_method,
617 .minver = 0x0300,
618 .maxver = 0,
619 .want_minver = TLS1_VERSION,
620 .want_maxver = 0,
621 },
622 {
623 .ssl_method = TLS_method,
624 .minver = 0x0305,
625 .maxver = 0,
626 .want_min_fail = 1,
627 },
628 {
629 .ssl_method = TLS_method,
630 .minver = 0,
631 .maxver = 0x0305,
632 .want_minver = 0,
633 .want_maxver = TLS1_3_VERSION,
634 },
635 {
636 .ssl_method = TLS_method,
637 .minver = 0,
638 .maxver = TLS1_1_VERSION,
639 .want_minver = 0,
640 .want_maxver = TLS1_1_VERSION,
641 },
642 {
643 .ssl_method = TLS_method,
644 .minver = 0,
645 .maxver = TLS1_VERSION,
646 .want_minver = 0,
647 .want_maxver = TLS1_VERSION,
648 },
649 {
650 .ssl_method = TLS_method,
651 .minver = 0,
652 .maxver = 0x0300,
653 .want_max_fail = 1,
654 },
655 {
656 .ssl_method = TLS_method,
657 .minver = TLS1_2_VERSION,
658 .maxver = TLS1_1_VERSION,
659 .want_minver = TLS1_2_VERSION,
660 .want_maxver = 0,
661 .want_max_fail = 1,
662 },
663 {
664 .ssl_method = TLSv1_1_method,
665 .minver = 0,
666 .maxver = 0,
667 .want_minver = 0,
668 .want_maxver = 0,
669 },
670 {
671 .ssl_method = TLSv1_1_method,
672 .minver = TLS1_VERSION,
673 .maxver = TLS1_2_VERSION,
674 .want_minver = TLS1_1_VERSION,
675 .want_maxver = TLS1_1_VERSION,
676 },
677 {
678 .ssl_method = TLSv1_1_method,
679 .minver = TLS1_2_VERSION,
680 .maxver = 0,
681 .want_minver = 0,
682 .want_maxver = 0,
683 .want_min_fail = 1,
684 },
685 {
686 .ssl_method = TLSv1_1_method,
687 .minver = 0,
688 .maxver = TLS1_VERSION,
689 .want_minver = 0,
690 .want_maxver = 0,
691 .want_max_fail = 1,
692 },
693 {
694 .ssl_method = DTLS_method,
695 .minver = 0,
696 .maxver = 0,
697 .want_minver = 0,
698 .want_maxver = 0,
699 },
700 {
701 .ssl_method = DTLS_method,
702 .minver = 0,
703 .maxver = DTLS1_VERSION,
704 .want_minver = 0,
705 .want_maxver = DTLS1_VERSION,
706 },
707 {
708 .ssl_method = DTLS_method,
709 .minver = DTLS1_VERSION,
710 .maxver = 0,
711 .want_minver = DTLS1_VERSION,
712 .want_maxver = 0,
713 },
714 {
715 .ssl_method = DTLS_method,
716 .minver = DTLS1_VERSION,
717 .maxver = DTLS1_2_VERSION,
718 .want_minver = DTLS1_VERSION,
719 .want_maxver = DTLS1_2_VERSION,
720 },
721 {
722 .ssl_method = DTLSv1_method,
723 .minver = 0,
724 .maxver = 0,
725 .want_minver = 0,
726 .want_maxver = 0,
727 },
728 {
729 .ssl_method = DTLSv1_method,
730 .minver = DTLS1_VERSION,
731 .maxver = 0,
732 .want_minver = DTLS1_VERSION,
733 .want_maxver = 0,
734 },
735 {
736 .ssl_method = DTLSv1_method,
737 .minver = 0,
738 .maxver = DTLS1_VERSION,
739 .want_minver = 0,
740 .want_maxver = DTLS1_VERSION,
741 },
742 {
743 .ssl_method = DTLSv1_method,
744 .minver = 0,
745 .maxver = DTLS1_2_VERSION,
746 .want_minver = 0,
747 .want_maxver = DTLS1_VERSION,
748 },
749 {
750 .ssl_method = DTLSv1_method,
751 .minver = TLS1_VERSION,
752 .maxver = TLS1_2_VERSION,
753 .want_minver = 0,
754 .want_maxver = 0,
755 .want_min_fail = 1,
756 .want_max_fail = 1,
757 },
758};
759
760#define N_MIN_MAX_VERSION_TESTS \
761 (sizeof(min_max_version_tests) / sizeof(*min_max_version_tests))
762
763static int
764test_ssl_min_max_version(void)
765{
766 struct min_max_version_test *mmvt;
767 SSL_CTX *ssl_ctx = NULL;
768 SSL *ssl = NULL;
769 int failed = 0;
770 size_t i;
771
772 failed = 0;
773
774 fprintf(stderr, "INFO: starting min max version tests...\n");
775
776 for (i = 0; i < N_MIN_MAX_VERSION_TESTS; i++) {
777 mmvt = &min_max_version_tests[i];
778
779 if ((ssl_ctx = SSL_CTX_new(mmvt->ssl_method())) == NULL) {
780 fprintf(stderr, "SSL_CTX_new() returned NULL\n");
781 return 1;
782 }
783
784 if (!SSL_CTX_set_min_proto_version(ssl_ctx, mmvt->minver)) {
785 if (!mmvt->want_min_fail) {
786 fprintf(stderr, "FAIL: test %zu - failed to set "
787 "SSL_CTX min version\n", i);
788 failed++;
789 }
790 goto next;
791 }
792 if (!SSL_CTX_set_max_proto_version(ssl_ctx, mmvt->maxver)) {
793 if (!mmvt->want_max_fail) {
794 fprintf(stderr, "FAIL: test %zu - failed to set "
795 "SSL_CTX min version\n", i);
796 failed++;
797 }
798 goto next;
799 }
800
801 if (mmvt->want_min_fail) {
802 fprintf(stderr, "FAIL: test %zu - successfully set "
803 "SSL_CTX min version, should have failed\n", i);
804 failed++;
805 goto next;
806 }
807 if (mmvt->want_max_fail) {
808 fprintf(stderr, "FAIL: test %zu - successfully set "
809 "SSL_CTX max version, should have failed\n", i);
810 failed++;
811 goto next;
812 }
813
814 if (SSL_CTX_get_min_proto_version(ssl_ctx) != mmvt->want_minver) {
815 fprintf(stderr, "FAIL: test %zu - got SSL_CTX min "
816 "version 0x%x, want 0x%x\n", i,
817 SSL_CTX_get_min_proto_version(ssl_ctx), mmvt->want_minver);
818 failed++;
819 goto next;
820 }
821 if (SSL_CTX_get_max_proto_version(ssl_ctx) != mmvt->want_maxver) {
822 fprintf(stderr, "FAIL: test %zu - got SSL_CTX max "
823 "version 0x%x, want 0x%x\n", i,
824 SSL_CTX_get_max_proto_version(ssl_ctx), mmvt->want_maxver);
825 failed++;
826 goto next;
827 }
828
829 if ((ssl = SSL_new(ssl_ctx)) == NULL) {
830 fprintf(stderr, "SSL_new() returned NULL\n");
831 return 1;
832 }
833
834 if (SSL_get_min_proto_version(ssl) != mmvt->want_minver) {
835 fprintf(stderr, "FAIL: test %zu - initial SSL min "
836 "version 0x%x, want 0x%x\n", i,
837 SSL_get_min_proto_version(ssl), mmvt->want_minver);
838 failed++;
839 goto next;
840 }
841 if (SSL_get_max_proto_version(ssl) != mmvt->want_maxver) {
842 fprintf(stderr, "FAIL: test %zu - initial SSL max "
843 "version 0x%x, want 0x%x\n", i,
844 SSL_get_max_proto_version(ssl), mmvt->want_maxver);
845 failed++;
846 goto next;
847 }
848
849 if (!SSL_set_min_proto_version(ssl, mmvt->minver)) {
850 if (mmvt->want_min_fail) {
851 fprintf(stderr, "FAIL: test %zu - failed to set "
852 "SSL min version\n", i);
853 failed++;
854 }
855 goto next;
856 }
857 if (!SSL_set_max_proto_version(ssl, mmvt->maxver)) {
858 if (mmvt->want_max_fail) {
859 fprintf(stderr, "FAIL: test %zu - failed to set "
860 "SSL min version\n", i);
861 failed++;
862 }
863 goto next;
864 }
865
866 if (mmvt->want_min_fail) {
867 fprintf(stderr, "FAIL: test %zu - successfully set SSL "
868 "min version, should have failed\n", i);
869 failed++;
870 goto next;
871 }
872 if (mmvt->want_max_fail) {
873 fprintf(stderr, "FAIL: test %zu - successfully set SSL "
874 "max version, should have failed\n", i);
875 failed++;
876 goto next;
877 }
878
879 if (SSL_get_min_proto_version(ssl) != mmvt->want_minver) {
880 fprintf(stderr, "FAIL: test %zu - got SSL min "
881 "version 0x%x, want 0x%x\n", i,
882 SSL_get_min_proto_version(ssl), mmvt->want_minver);
883 failed++;
884 goto next;
885 }
886 if (SSL_get_max_proto_version(ssl) != mmvt->want_maxver) {
887 fprintf(stderr, "FAIL: test %zu - got SSL max "
888 "version 0x%x, want 0x%x\n", i,
889 SSL_get_max_proto_version(ssl), mmvt->want_maxver);
890 failed++;
891 goto next;
892 }
893
894 next:
895 SSL_CTX_free(ssl_ctx);
896 SSL_free(ssl);
897
898 ssl_ctx = NULL;
899 ssl = NULL;
900 }
901
902 return (failed);
903}
904
905int
906main(int argc, char **argv)
907{
908 int failed = 0;
909
910 SSL_library_init();
911
912 /* XXX - Test ssl_supported_version_range() */
913
914 failed |= test_ssl_enabled_version_range();
915 failed |= test_ssl_max_shared_version();
916 failed |= test_ssl_min_max_version();
917
918 if (failed == 0)
919 printf("PASS %s\n", __FILE__);
920
921 return (failed);
922}
diff --git a/src/regress/lib/libssl/unit/tests.h b/src/regress/lib/libssl/unit/tests.h
deleted file mode 100644
index 287816946a..0000000000
--- a/src/regress/lib/libssl/unit/tests.h
+++ /dev/null
@@ -1,44 +0,0 @@
1/* $OpenBSD: tests.h,v 1.1 2015/06/27 23:35:52 doug Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef LIBRESSL_REGRESS_TESTS_H__
19#define LIBRESSL_REGRESS_TESTS_H__ 1
20
21/* Ugly macros that are useful for regression tests. */
22
23#define SKIP(a) do { \
24 printf("Skipping test in %s [%s:%d]\n", __func__, __FILE__, \
25 __LINE__); \
26} while (0)
27
28#define CHECK(a) do { \
29 if (!(a)) { \
30 printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
31 __LINE__); \
32 return 0; \
33 } \
34} while (0)
35
36#define CHECK_GOTO(a) do { \
37 if (!(a)) { \
38 printf("Error in %s [%s:%d]\n", __func__, __FILE__, \
39 __LINE__); \
40 goto err; \
41 } \
42} while (0)
43
44#endif /* LIBRESSL_REGRESS_TESTS_H__ */
diff --git a/src/regress/lib/libssl/unit/tls_ext_alpn.c b/src/regress/lib/libssl/unit/tls_ext_alpn.c
deleted file mode 100644
index f0e4894557..0000000000
--- a/src/regress/lib/libssl/unit/tls_ext_alpn.c
+++ /dev/null
@@ -1,442 +0,0 @@
1/* $OpenBSD: tls_ext_alpn.c,v 1.8 2022/10/02 16:38:23 jsing Exp $ */
2/*
3 * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/*
19 * Test TLS extension Application-Layer Protocol Negotiation (RFC 7301).
20 */
21#include <stdio.h>
22#include <openssl/ssl.h>
23
24#include "ssl_locl.h"
25#include "ssl_tlsext.h"
26
27#include "tests.h"
28
29/*
30 * In the ProtocolNameList, ProtocolNames must not include empty strings and
31 * byte strings must not be truncated.
32 *
33 * This uses some of the IANA approved protocol names from:
34 * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
35 */
36
37/* Valid for client and server since it only has one name. */
38static uint8_t proto_single[] = {
39 /* Extension extensions<0..2^16-1> -- All TLS extensions */
40 0x00, 0x0f, /* len */
41 /* ExtensionType extension_type */
42 0x00, 0x10, /* ALPN */
43 /* opaque extension_data<0..2^16-1> */
44 0x00, 0x0b, /* len */
45 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
46 0x00, 0x09, /* len of all names */
47 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
48 0x08, /* len */
49 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31
50};
51
52/* Valid for client, but NOT server. Server must have exactly one name. */
53static uint8_t proto_multiple1[] = {
54 /* Extension extensions<0..2^16-1> -- All TLS extensions */
55 0x00, 0x19, /* len */
56 /* ExtensionType extension_type */
57 0x00, 0x10, /* ALPN */
58 /* opaque extension_data<0..2^16-1> */
59 0x00, 0x15, /* len */
60 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
61 0x00, 0x13, /* len of all names */
62 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
63 0x08, /* len */
64 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
65 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
66 0x09, /* len */
67 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
68};
69
70/* Valid for client, but NOT server. Server must have exactly one name. */
71static uint8_t proto_multiple2[] = {
72 /* Extension extensions<0..2^16-1> -- All TLS extensions */
73 0x00, 0x1c, /* len */
74 /* ExtensionType extension_type */
75 0x00, 0x10, /* ALPN */
76 /* opaque extension_data<0..2^16-1> */
77 0x00, 0x18, /* len */
78 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
79 0x00, 0x16, /* len of all names */
80 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
81 0x08, /* len */
82 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
83 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
84 0x02, /* len */
85 0x68, 0x32,
86 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
87 0x09, /* len */
88 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e
89};
90
91/* Valid for client, but NOT server. Server must have exactly one name. */
92static uint8_t proto_multiple3[] = {
93 /* Extension extensions<0..2^16-1> -- All TLS extensions */
94 0x00, 0x20, /* len */
95 /* ExtensionType extension_type */
96 0x00, 0x10, /* ALPN */
97 /* opaque extension_data<0..2^16-1> */
98 0x00, 0x1c, /* len */
99 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
100 0x00, 0x1a, /* len of all names */
101 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
102 0x08, /* len */
103 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
104 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
105 0x02, /* len */
106 0x68, 0x32,
107 /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */
108 0x09, /* len */
109 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e,
110 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
111 0x03, /* len */
112 0x68, 0x32, 0x63
113};
114
115static uint8_t proto_empty[] = {
116 /* Extension extensions<0..2^16-1> -- All TLS extensions. */
117 0x00, 0x00, /* none present. */
118};
119
120/* Invalid for both client and server. Length is wrong. */
121static uint8_t proto_invalid_len1[] = {
122 /* Extension extensions<0..2^16-1> -- All TLS extensions */
123 0x00, 0x0a, /* len */
124 /* ExtensionType extension_type */
125 0x00, 0x10, /* ALPN */
126 /* opaque extension_data<0..2^16-1> */
127 0x00, 0x06, /* len */
128 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
129 0x00, 0x04, /* len of all names */
130 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
131 0x04, /* XXX len too large */
132 0x68, 0x32, 0x63
133};
134static uint8_t proto_invalid_len2[] = {
135 /* Extension extensions<0..2^16-1> -- All TLS extensions */
136 0x00, 0x0a, /* len */
137 /* ExtensionType extension_type */
138 0x00, 0x10, /* ALPN */
139 /* opaque extension_data<0..2^16-1> */
140 0x00, 0x06, /* len */
141 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
142 0x00, 0x04, /* len of all names */
143 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
144 0x02, /* XXX len too small */
145 0x68, 0x32, 0x63
146};
147static uint8_t proto_invalid_len3[] = {
148 /* Extension extensions<0..2^16-1> -- All TLS extensions */
149 0x00, 0x0a, /* len */
150 /* ExtensionType extension_type */
151 0x00, 0x10, /* ALPN */
152 /* opaque extension_data<0..2^16-1> */
153 0x00, 0x06, /* len */
154 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
155 0x00, 0x03, /* XXX len too small */
156 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
157 0x03, /* len */
158 0x68, 0x32, 0x63
159};
160static uint8_t proto_invalid_len4[] = {
161 /* Extension extensions<0..2^16-1> -- All TLS extensions */
162 0x00, 0x0a, /* len */
163 /* ExtensionType extension_type */
164 0x00, 0x10, /* ALPN */
165 /* opaque extension_data<0..2^16-1> */
166 0x00, 0x06, /* len */
167 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
168 0x00, 0x06, /* XXX len too large */
169 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
170 0x03, /* len */
171 0x68, 0x32, 0x63
172};
173static uint8_t proto_invalid_len5[] = {
174 /* Extension extensions<0..2^16-1> -- All TLS extensions */
175 0x00, 0x0a, /* len */
176 /* ExtensionType extension_type */
177 0x00, 0x10, /* ALPN */
178 /* opaque extension_data<0..2^16-1> */
179 0x01, 0x08, /* XXX len too large */
180 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
181 0x00, 0x04, /* len */
182 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
183 0x03, /* len */
184 0x68, 0x32, 0x63
185};
186static uint8_t proto_invalid_len6[] = {
187 /* Extension extensions<0..2^16-1> -- All TLS extensions */
188 0x00, 0x0a, /* len */
189 /* ExtensionType extension_type */
190 0x00, 0x10, /* ALPN */
191 /* opaque extension_data<0..2^16-1> */
192 0x00, 0x05, /* XXX len too small */
193 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
194 0x00, 0x04, /* len */
195 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
196 0x03, /* len */
197 0x68, 0x32, 0x63
198};
199static uint8_t proto_invalid_len7[] = {
200 /* Extension extensions<0..2^16-1> -- All TLS extensions */
201 0x00, 0x06, /* XXX len too small */
202 /* ExtensionType extension_type */
203 0x00, 0x10, /* ALPN */
204 /* opaque extension_data<0..2^16-1> */
205 0x00, 0x06, /* len */
206 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
207 0x00, 0x04, /* len */
208 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
209 0x03, /* len */
210 0x68, 0x32, 0x63
211};
212static uint8_t proto_invalid_len8[] = {
213 /* Extension extensions<0..2^16-1> -- All TLS extensions */
214 0x00, 0x0b, /* XXX len too large */
215 /* ExtensionType extension_type */
216 0x00, 0x10, /* ALPN */
217 /* opaque extension_data<0..2^16-1> */
218 0x00, 0x06, /* len */
219 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
220 0x00, 0x04, /* len */
221 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
222 0x03, /* len */
223 0x68, 0x32, 0x63
224};
225
226/* Invalid for client and server since it is missing data. */
227static uint8_t proto_invalid_missing1[] = {
228 /* Extension extensions<0..2^16-1> -- All TLS extensions */
229 0x00, 0x0a, /* len */
230 /* ExtensionType extension_type */
231 0x00, 0x10, /* ALPN */
232 /* opaque extension_data<0..2^16-1> */
233 0x00, 0x06, /* len */
234 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
235 0x00, 0x04, /* len of all names */
236 /* opaque ProtocolName<1..2^8-1> -- 'h2c' */
237 /* XXX missing */
238};
239static uint8_t proto_invalid_missing2[] = {
240 /* Extension extensions<0..2^16-1> -- All TLS extensions */
241 0x00, 0x0a, /* len */
242 /* ExtensionType extension_type */
243 0x00, 0x10, /* ALPN */
244 /* opaque extension_data<0..2^16-1> */
245 0x00, 0x00, /* XXX missing name list */
246 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
247};
248static uint8_t proto_invalid_missing3[] = {
249 /* Extension extensions<0..2^16-1> -- All TLS extensions */
250 0x00, 0x0a, /* len */
251 /* ExtensionType extension_type */
252 0x00, 0x10, /* ALPN */
253 /* opaque extension_data<0..2^16-1> */
254 0x00, 0x02, /* XXX size is sufficient but missing data for name list */
255 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
256};
257static uint8_t proto_invalid_missing4[] = {
258 /* Extension extensions<0..2^16-1> -- All TLS extensions */
259 0x00, 0x0a, /* len */
260 /* ExtensionType extension_type */
261 0x00, 0x10, /* ALPN */
262 /* opaque extension_data<0..2^16-1> */
263 /* XXX missing */
264};
265static uint8_t proto_invalid_missing5[] = {
266 /* Extension extensions<0..2^16-1> -- All TLS extensions */
267 0x00, 0x1c, /* len */
268 /* ExtensionType extension_type */
269 0x00, 0x10, /* ALPN */
270 /* opaque extension_data<0..2^16-1> */
271 0x00, 0x18, /* len */
272 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
273 0x00, 0x16, /* len of all names */
274 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
275 0x08, /* len */
276 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
277 /* opaque ProtocolName<1..2^8-1> -- 'h2' */
278 0x02, /* len */
279 0x68, 0x32,
280 /* XXX missing name */
281};
282static uint8_t proto_invalid_missing6[] = {
283 /* Extension extensions<0..2^16-1> -- All TLS extensions */
284 0x00, 0x07, /* len */
285 /* ExtensionType extension_type */
286 0x00, 0x10, /* ALPN */
287 /* opaque extension_data<0..2^16-1> */
288 0x00, 0x03, /* len */
289 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
290 0x00, 0x01, /* XXX len must be at least 2 */
291 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
292 0x00, /* XXX len cannot be 0 */
293};
294static uint8_t proto_invalid_missing7[] = {
295 /* Extension extensions<0..2^16-1> -- All TLS extensions */
296 0x00, 0x07, /* len */
297 /* ExtensionType extension_type */
298 0x00, 0x10, /* ALPN */
299 /* opaque extension_data<0..2^16-1> */
300 0x00, 0x03, /* len */
301 /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */
302 0x00, 0x02, /* XXX len is at least 2 but not correct. */
303 /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */
304 0x00, /* XXX len cannot be 0 */
305};
306static uint8_t proto_invalid_missing8[] = {
307 /* Extension extensions<0..2^16-1> -- All TLS extensions */
308 0x00, 0x01, /* len */
309 /* ExtensionType extension_type */
310 0x00, /* XXX need a 2 byte type */
311};
312static uint8_t proto_invalid_missing9[] = {
313 /* Extension extensions<0..2^16-1> -- All TLS extensions */
314 0x0a, /* XXX need a 2 byte len */
315};
316
317
318#define CHECK_BOTH(c_val, s_val, proto) do { \
319 { \
320 CBS cbs; \
321 int al; \
322 \
323 CBS_init(&cbs, proto, sizeof(proto)); \
324 CHECK(c_val == tlsext_server_parse(s, SSL_TLSEXT_MSG_CH, &cbs, &al)); \
325 CBS_init(&cbs, proto, sizeof(proto)); \
326 CHECK(s_val == tlsext_client_parse(s, SSL_TLSEXT_MSG_SH, &cbs, &al)); \
327 } \
328} while (0)
329
330static int dummy_alpn_cb(SSL *ssl, const unsigned char **out,
331 unsigned char *outlen, const unsigned char *in, unsigned int inlen,
332 void *arg);
333
334static int
335check_valid_alpn(SSL *s)
336{
337 const uint8_t str[] = {
338 0x08, /* len */
339 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* http/1.1 */
340 };
341
342 /* Setup in order to test ALPN. */
343 CHECK(! SSL_set_alpn_protos(s, str, 9));
344 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL);
345
346 /* Prerequisites to test these. */
347 CHECK(s->alpn_client_proto_list != NULL);
348 CHECK(s->ctx->alpn_select_cb != NULL);
349 //CHECK(s->s3->tmp.finish_md_len == 0);
350
351 CHECK_BOTH(1, 1, proto_single);
352 CHECK_BOTH(1, 1, proto_empty);
353
354 /* Multiple protocol names are only valid for client */
355 CHECK_BOTH(1, 0, proto_multiple1);
356 CHECK_BOTH(1, 0, proto_multiple2);
357 CHECK_BOTH(1, 0, proto_multiple3);
358
359 return 1;
360}
361
362/*
363 * Some of the IANA approved IDs from:
364 * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
365 */
366static int
367check_invalid_alpn(SSL *s)
368{
369 const uint8_t str[] = {
370 0x08, /* len */
371 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* http/1.1 */
372 };
373
374 /* Setup in order to test ALPN. */
375 CHECK(! SSL_set_alpn_protos(s, str, 9));
376 SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL);
377
378 /* Prerequisites to test these. */
379 CHECK(s->alpn_client_proto_list != NULL);
380 CHECK(s->ctx->alpn_select_cb != NULL);
381 //CHECK(s->s3->tmp.finish_md_len == 0);
382
383 /* None of these are valid for client or server */
384 CHECK_BOTH(0, 0, proto_invalid_len1);
385 CHECK_BOTH(0, 0, proto_invalid_len2);
386 CHECK_BOTH(0, 0, proto_invalid_len3);
387 CHECK_BOTH(0, 0, proto_invalid_len4);
388 CHECK_BOTH(0, 0, proto_invalid_len5);
389 CHECK_BOTH(0, 0, proto_invalid_len6);
390 CHECK_BOTH(0, 0, proto_invalid_len7);
391 CHECK_BOTH(0, 0, proto_invalid_len8);
392 CHECK_BOTH(0, 0, proto_invalid_missing1);
393 CHECK_BOTH(0, 0, proto_invalid_missing2);
394 CHECK_BOTH(0, 0, proto_invalid_missing3);
395 CHECK_BOTH(0, 0, proto_invalid_missing4);
396 CHECK_BOTH(0, 0, proto_invalid_missing5);
397 CHECK_BOTH(0, 0, proto_invalid_missing6);
398 CHECK_BOTH(0, 0, proto_invalid_missing7);
399 CHECK_BOTH(0, 0, proto_invalid_missing8);
400 CHECK_BOTH(0, 0, proto_invalid_missing9);
401
402 return 1;
403}
404
405int
406dummy_alpn_cb(SSL *ssl __attribute__((unused)), const unsigned char **out,
407 unsigned char *outlen, const unsigned char *in, unsigned int inlen,
408 void *arg __attribute__((unused)))
409{
410 *out = in;
411 *outlen = (unsigned char)inlen;
412
413 return 0;
414}
415
416int
417main(void)
418{
419 SSL_CTX *ctx = NULL;
420 SSL *s = NULL;
421 int rv = 1;
422
423 SSL_library_init();
424
425 CHECK_GOTO((ctx = SSL_CTX_new(TLSv1_2_client_method())) != NULL);
426 CHECK_GOTO((s = SSL_new(ctx)) != NULL);
427
428 if (!check_valid_alpn(s))
429 goto err;
430 if (!check_invalid_alpn(s))
431 goto err;
432
433 rv = 0;
434
435err:
436 SSL_CTX_free(ctx);
437 SSL_free(s);
438
439 if (!rv)
440 printf("PASS %s\n", __FILE__);
441 return rv;
442}
diff --git a/src/regress/lib/libssl/unit/tls_prf.c b/src/regress/lib/libssl/unit/tls_prf.c
deleted file mode 100644
index bf0de1f044..0000000000
--- a/src/regress/lib/libssl/unit/tls_prf.c
+++ /dev/null
@@ -1,251 +0,0 @@
1/* $OpenBSD: tls_prf.c,v 1.7 2022/06/10 22:00:15 tb Exp $ */
2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <err.h>
19
20#include "ssl_locl.h"
21
22int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len,
23 const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len,
24 const void *seed3, size_t seed3_len, const void *seed4, size_t seed4_len,
25 const void *seed5, size_t seed5_len, unsigned char *out, size_t out_len);
26
27#define TLS_PRF_OUT_LEN 128
28
29struct tls_prf_test {
30 const unsigned char *desc;
31 const SSL_METHOD *(*ssl_method)(void);
32 const uint16_t cipher_value;
33 const unsigned char out[TLS_PRF_OUT_LEN];
34};
35
36static struct tls_prf_test tls_prf_tests[] = {
37 {
38 .desc = "MD5+SHA1",
39 .ssl_method = TLSv1_method,
40 .cipher_value = 0x0033,
41 .out = {
42 0x03, 0xa1, 0xc1, 0x7d, 0x2c, 0xa5, 0x3d, 0xe8,
43 0x9d, 0x59, 0x5e, 0x30, 0xf5, 0x71, 0xbb, 0x96,
44 0xde, 0x5c, 0x8e, 0xdc, 0x25, 0x8a, 0x7c, 0x05,
45 0x9f, 0x7d, 0x35, 0x29, 0x45, 0xae, 0x56, 0xad,
46 0x9f, 0x57, 0x15, 0x5c, 0xdb, 0x83, 0x3a, 0xac,
47 0x19, 0xa8, 0x2b, 0x40, 0x72, 0x38, 0x1e, 0xed,
48 0xf3, 0x25, 0xde, 0x84, 0x84, 0xd8, 0xd1, 0xfc,
49 0x31, 0x85, 0x81, 0x12, 0x55, 0x4d, 0x12, 0xb5,
50 0xed, 0x78, 0x5e, 0xba, 0xc8, 0xec, 0x8d, 0x28,
51 0xa1, 0x21, 0x1e, 0x6e, 0x07, 0xf1, 0xfc, 0xf5,
52 0xbf, 0xe4, 0x8e, 0x8e, 0x97, 0x15, 0x93, 0x85,
53 0x75, 0xdd, 0x87, 0x09, 0xd0, 0x4e, 0xe5, 0xd5,
54 0x9e, 0x1f, 0xd6, 0x1c, 0x3b, 0xe9, 0xad, 0xba,
55 0xe0, 0x16, 0x56, 0x62, 0x90, 0xd6, 0x82, 0x84,
56 0xec, 0x8a, 0x22, 0xbe, 0xdc, 0x6a, 0x5e, 0x05,
57 0x12, 0x44, 0xec, 0x60, 0x61, 0xd1, 0x8a, 0x66,
58 },
59 },
60 {
61 .desc = "GOST94",
62 .ssl_method = TLSv1_2_method,
63 .cipher_value = 0x0081,
64 .out = {
65 0xcc, 0xd4, 0x89, 0x5f, 0x52, 0x08, 0x9b, 0xc7,
66 0xf9, 0xb5, 0x83, 0x58, 0xe8, 0xc7, 0x71, 0x49,
67 0x39, 0x99, 0x1f, 0x14, 0x8f, 0x85, 0xbe, 0x64,
68 0xee, 0x40, 0x5c, 0xe7, 0x5f, 0x68, 0xaf, 0xf2,
69 0xcd, 0x3a, 0x94, 0x52, 0x33, 0x53, 0x46, 0x7d,
70 0xb6, 0xc5, 0xe1, 0xb8, 0xa4, 0x04, 0x69, 0x91,
71 0x0a, 0x9c, 0x88, 0x86, 0xd9, 0x60, 0x63, 0xdd,
72 0xd8, 0xe7, 0x2e, 0xee, 0xce, 0xe2, 0x20, 0xd8,
73 0x9a, 0xfa, 0x9c, 0x63, 0x0c, 0x9c, 0xa1, 0x76,
74 0xed, 0x78, 0x9a, 0x84, 0x70, 0xb4, 0xd1, 0x51,
75 0x1f, 0xde, 0x44, 0xe8, 0x90, 0x21, 0x3f, 0xeb,
76 0x05, 0xf4, 0x77, 0x59, 0xf3, 0xad, 0xdd, 0x34,
77 0x3d, 0x3a, 0x7c, 0xd0, 0x59, 0x40, 0xe1, 0x3f,
78 0x04, 0x4b, 0x8b, 0xd6, 0x95, 0x46, 0xb4, 0x9e,
79 0x4c, 0x2d, 0xf7, 0xee, 0xbd, 0xbc, 0xcb, 0x5c,
80 0x3a, 0x36, 0x0c, 0xd0, 0x27, 0xcb, 0x45, 0x06,
81 },
82 },
83 {
84 .desc = "SHA256 (via TLSv1.2)",
85 .ssl_method = TLSv1_2_method,
86 .cipher_value = 0x0033,
87 .out = {
88 0x37, 0xa7, 0x06, 0x71, 0x6e, 0x19, 0x19, 0xda,
89 0x23, 0x8c, 0xcc, 0xb4, 0x2f, 0x31, 0x64, 0x9d,
90 0x05, 0x29, 0x1c, 0x33, 0x7e, 0x09, 0x1b, 0x0c,
91 0x0e, 0x23, 0xc1, 0xb0, 0x40, 0xcc, 0x31, 0xf7,
92 0x55, 0x66, 0x68, 0xd9, 0xa8, 0xae, 0x74, 0x75,
93 0xf3, 0x46, 0xe9, 0x3a, 0x54, 0x9d, 0xe0, 0x8b,
94 0x7e, 0x6c, 0x63, 0x1c, 0xfa, 0x2f, 0xfd, 0xc9,
95 0xd3, 0xf1, 0xd3, 0xfe, 0x7b, 0x9e, 0x14, 0x95,
96 0xb5, 0xd0, 0xad, 0x9b, 0xee, 0x78, 0x8c, 0x83,
97 0x18, 0x58, 0x7e, 0xa2, 0x23, 0xc1, 0x8b, 0x62,
98 0x94, 0x12, 0xcb, 0xb6, 0x60, 0x69, 0x32, 0xfe,
99 0x98, 0x0e, 0x93, 0xb0, 0x8e, 0x5c, 0xfb, 0x6e,
100 0xdb, 0x9a, 0xc2, 0x9f, 0x8c, 0x5c, 0x43, 0x19,
101 0xeb, 0x4a, 0x52, 0xad, 0x62, 0x2b, 0xdd, 0x9f,
102 0xa3, 0x74, 0xa6, 0x96, 0x61, 0x4d, 0x98, 0x40,
103 0x63, 0xa6, 0xd4, 0xbb, 0x17, 0x11, 0x75, 0xed,
104 },
105 },
106 {
107 .desc = "SHA384",
108 .ssl_method = TLSv1_2_method,
109 .cipher_value = 0x009d,
110 .out = {
111 0x00, 0x93, 0xc3, 0xfd, 0xa7, 0xbb, 0xdc, 0x5b,
112 0x13, 0x3a, 0xe6, 0x8b, 0x1b, 0xac, 0xf3, 0xfb,
113 0x3c, 0x9a, 0x78, 0xf6, 0x19, 0xf0, 0x13, 0x0f,
114 0x0d, 0x01, 0x9d, 0xdf, 0x0a, 0x28, 0x38, 0xce,
115 0x1a, 0x9b, 0x43, 0xbe, 0x56, 0x12, 0xa7, 0x16,
116 0x58, 0xe1, 0x8a, 0xe4, 0xc5, 0xbb, 0x10, 0x4c,
117 0x3a, 0xf3, 0x7f, 0xd3, 0xdb, 0xe4, 0xe0, 0x3d,
118 0xcc, 0x83, 0xca, 0xf0, 0xf9, 0x69, 0xcc, 0x70,
119 0x83, 0x32, 0xf6, 0xfc, 0x81, 0x80, 0x02, 0xe8,
120 0x31, 0x1e, 0x7c, 0x3b, 0x34, 0xf7, 0x34, 0xd1,
121 0xcf, 0x2a, 0xc4, 0x36, 0x2f, 0xe9, 0xaa, 0x7f,
122 0x6d, 0x1f, 0x5e, 0x0e, 0x39, 0x05, 0x15, 0xe1,
123 0xa2, 0x9a, 0x4d, 0x97, 0x8c, 0x62, 0x46, 0xf1,
124 0x87, 0x65, 0xd8, 0xe9, 0x14, 0x11, 0xa6, 0x48,
125 0xd7, 0x0e, 0x6e, 0x70, 0xad, 0xfb, 0x3f, 0x36,
126 0x05, 0x76, 0x4b, 0xe4, 0x28, 0x50, 0x4a, 0xf2,
127 },
128 },
129 {
130 .desc = "STREEBOG256",
131 .ssl_method = TLSv1_2_method,
132 .cipher_value = 0xff87,
133 .out = {
134 0x3e, 0x13, 0xb9, 0xeb, 0x85, 0x8c, 0xb4, 0x21,
135 0x23, 0x40, 0x9b, 0x73, 0x04, 0x56, 0xe2, 0xff,
136 0xce, 0x52, 0x1f, 0x82, 0x7f, 0x17, 0x5b, 0x80,
137 0x23, 0x71, 0xca, 0x30, 0xdf, 0xfc, 0xdc, 0x2d,
138 0xc0, 0xfc, 0x5d, 0x23, 0x5a, 0x54, 0x7f, 0xae,
139 0xf5, 0x7d, 0x52, 0x1e, 0x86, 0x95, 0xe1, 0x2d,
140 0x28, 0xe7, 0xbe, 0xd7, 0xd0, 0xbf, 0xa9, 0x96,
141 0x13, 0xd0, 0x9c, 0x0c, 0x1c, 0x16, 0x05, 0xbb,
142 0x26, 0xd7, 0x30, 0x39, 0xb9, 0x53, 0x28, 0x98,
143 0x4f, 0x1b, 0x83, 0xc3, 0xce, 0x1c, 0x7c, 0x34,
144 0xa2, 0xc4, 0x7a, 0x54, 0x16, 0xc6, 0xa7, 0x9e,
145 0xed, 0x4b, 0x7b, 0x83, 0xa6, 0xae, 0xe2, 0x5b,
146 0x96, 0xf5, 0x6c, 0xad, 0x1f, 0xa3, 0x83, 0xb2,
147 0x84, 0x32, 0xed, 0xe3, 0x2c, 0xf6, 0xd4, 0x73,
148 0x30, 0xef, 0x9d, 0xbe, 0xe7, 0x23, 0x9a, 0xbf,
149 0x4d, 0x1c, 0xe7, 0xef, 0x3d, 0xea, 0x46, 0xe2,
150 },
151 },
152};
153
154#define N_TLS_PRF_TESTS \
155 (sizeof(tls_prf_tests) / sizeof(*tls_prf_tests))
156
157#define TLS_PRF_SEED1 "tls prf seed 1"
158#define TLS_PRF_SEED2 "tls prf seed 2"
159#define TLS_PRF_SEED3 "tls prf seed 3"
160#define TLS_PRF_SEED4 "tls prf seed 4"
161#define TLS_PRF_SEED5 "tls prf seed 5"
162#define TLS_PRF_SECRET "tls prf secretz"
163
164static void
165hexdump(const unsigned char *buf, size_t len)
166{
167 size_t i;
168
169 for (i = 1; i <= len; i++)
170 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
171
172 fprintf(stderr, "\n");
173}
174
175static int
176do_tls_prf_test(int test_no, struct tls_prf_test *tpt)
177{
178 unsigned char *out = NULL;
179 const SSL_CIPHER *cipher;
180 SSL_CTX *ssl_ctx = NULL;
181 SSL *ssl = NULL;
182 int failure = 1;
183 int len;
184
185 fprintf(stderr, "Test %d - %s\n", test_no, tpt->desc);
186
187 if ((out = malloc(TLS_PRF_OUT_LEN)) == NULL)
188 errx(1, "failed to allocate out");
189
190 if ((ssl_ctx = SSL_CTX_new(tpt->ssl_method())) == NULL)
191 errx(1, "failed to create SSL context");
192 if ((ssl = SSL_new(ssl_ctx)) == NULL)
193 errx(1, "failed to create SSL context");
194
195 if ((cipher = ssl3_get_cipher_by_value(tpt->cipher_value)) == NULL) {
196 fprintf(stderr, "FAIL: no cipher %hx\n", tpt->cipher_value);
197 goto failure;
198 }
199
200 ssl->s3->hs.cipher = cipher;
201
202 for (len = 1; len <= TLS_PRF_OUT_LEN; len++) {
203 memset(out, 'A', TLS_PRF_OUT_LEN);
204
205 if (tls1_PRF(ssl, TLS_PRF_SECRET, sizeof(TLS_PRF_SECRET),
206 TLS_PRF_SEED1, sizeof(TLS_PRF_SEED1), TLS_PRF_SEED2,
207 sizeof(TLS_PRF_SEED2), TLS_PRF_SEED3, sizeof(TLS_PRF_SEED3),
208 TLS_PRF_SEED4, sizeof(TLS_PRF_SEED4), TLS_PRF_SEED5,
209 sizeof(TLS_PRF_SEED5), out, len) != 1) {
210 fprintf(stderr, "FAIL: tls_PRF failed for len %d\n",
211 len);
212 goto failure;
213 }
214
215 if (memcmp(out, tpt->out, len) != 0) {
216 fprintf(stderr, "FAIL: tls_PRF output differs for "
217 "len %d\n", len);
218 fprintf(stderr, "output:\n");
219 hexdump(out, TLS_PRF_OUT_LEN);
220 fprintf(stderr, "test data:\n");
221 hexdump(tpt->out, TLS_PRF_OUT_LEN);
222 fprintf(stderr, "\n");
223 goto failure;
224 }
225 }
226
227 failure = 0;
228
229 failure:
230 SSL_free(ssl);
231 SSL_CTX_free(ssl_ctx);
232
233 free(out);
234
235 return failure;
236}
237
238int
239main(int argc, char **argv)
240{
241 int failed = 0;
242 size_t i;
243
244 SSL_library_init();
245 SSL_load_error_strings();
246
247 for (i = 0; i < N_TLS_PRF_TESTS; i++)
248 failed |= do_tls_prf_test(i, &tls_prf_tests[i]);
249
250 return failed;
251}
diff --git a/src/regress/lib/libssl/verify/Makefile b/src/regress/lib/libssl/verify/Makefile
deleted file mode 100644
index 515b22e07a..0000000000
--- a/src/regress/lib/libssl/verify/Makefile
+++ /dev/null
@@ -1,37 +0,0 @@
1# $OpenBSD: Makefile,v 1.1.1.1 2021/08/30 17:27:45 tb Exp $
2
3.if !(make(clean) || make(cleandir) || make(obj))
4. if !exists(/usr/local/libdata/perl5/site_perl/IO/Socket/SSL.pm)
5regress:
6 @echo "missing package p5-IO-Socket-SSL"
7 @echo SKIPPED
8. endif
9.endif
10PROGS += verify
11
12.for p in ${PROGS}
13REGRESS_TARGETS += run-$p
14.endfor
15
16LDADD = -lcrypto -lssl
17DPADD = ${LIBCRYPTO} ${LIBSSL}
18WARNINGS = Yes
19CFLAGS += -DLIBRESSL_INTERNAL -Wundef -Werror
20
21PERL ?= perl
22
23REGRESS_SETUP_ONCE += create-libressl-test-certs
24create-libressl-test-certs: create-libressl-test-certs.pl
25 ${PERL} ${.CURDIR}/$@.pl
26
27
28CLEANFILES += *.pem *.key
29
30.for p in ${PROGS}
31run-$p: $p
32 ./$p
33
34.PHONY: run-$p
35.endfor
36
37.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/verify/create-libressl-test-certs.pl b/src/regress/lib/libssl/verify/create-libressl-test-certs.pl
deleted file mode 100644
index f38494966e..0000000000
--- a/src/regress/lib/libssl/verify/create-libressl-test-certs.pl
+++ /dev/null
@@ -1,111 +0,0 @@
1#!/usr/bin/perl
2
3# Copyright (c) 2021 Steffen Ullrich <sullr@cpan.org>
4# Public Domain
5
6use strict;
7use warnings;
8use IO::Socket::SSL::Utils;
9
10# primitive CA - ROOT
11my @ca = cert(
12 CA => 1,
13 subject => { CN => 'ROOT' }
14);
15out('caR.pem', pem(crt => $ca[0]));
16out('caR.key', pem(key => $ca[1]));
17
18# server certificate where SAN contains in-label wildcards, which a
19# client MAY choose to accept as per RFC 6125 section 6.4.3.
20my @leafcert = cert(
21 issuer => \@ca,
22 purpose => 'server',
23 subject => { CN => 'server.local' },
24 subjectAltNames => [
25 [ DNS => 'bar.server.local' ],
26 [ DNS => 'www*.server.local'],
27 [ DNS => '*.www.server.local'],
28 [ DNS => 'foo.server.local' ],
29 [ DNS => 'server.local' ],
30 ]
31);
32out('server-unusual-wildcard.pem', pem(@leafcert));
33
34@leafcert = cert(
35 issuer => \@ca,
36 purpose => 'server',
37 subject => { CN => 'server.local' },
38 subjectAltNames => [
39 [ DNS => 'bar.server.local' ],
40 [ DNS => '*.www.server.local'],
41 [ DNS => 'foo.server.local' ],
42 [ DNS => 'server.local' ],
43 ]
44);
45out('server-common-wildcard.pem', pem(@leafcert));
46
47# alternative CA - OLD_ROOT
48my @caO = cert(
49 CA => 1,
50 subject => { CN => 'OLD_ROOT' }
51);
52out('caO.pem', pem(crt => $caO[0]));
53out('caO.key', pem(key => $caO[1]));
54
55# alternative ROOT CA, signed by OLD_ROOT, same key as other ROOT CA
56my @caX = cert(
57 issuer => \@caO,
58 CA => 1,
59 subject => { CN => 'ROOT' },
60 key => $ca[1],
61);
62out('caX.pem', pem(crt => $caX[0]));
63out('caX.key', pem(key => $caX[1]));
64
65# subCA below ROOT
66my @subcaR = cert(
67 issuer => \@ca,
68 CA => 1,
69 subject => { CN => 'SubCA.of.ROOT' }
70);
71out('subcaR.pem', pem(crt => $subcaR[0]));
72out('subcaR.key', pem(key => $subcaR[1]));
73out('chainSX.pem', pem($subcaR[0]), pem($caX[0]));
74
75@leafcert = cert(
76 issuer => \@subcaR,
77 purpose => 'server',
78 subject => { CN => 'server.subca.local' },
79 subjectAltNames => [
80 [ DNS => 'server.subca.local' ],
81 ]
82);
83out('server-subca.pem', pem(@leafcert));
84out('server-subca-chainSX.pem', pem(@leafcert, $subcaR[0], $caX[0]));
85out('server-subca-chainS.pem', pem(@leafcert, $subcaR[0]));
86
87
88sub cert { CERT_create(not_after => 10*365*86400+time(), @_) }
89sub pem {
90 my @default = qw(crt key);
91 my %m = (key => \&PEM_key2string, crt => \&PEM_cert2string);
92 my $result = '';
93 while (my $f = shift(@_)) {
94 my $v;
95 if ($f =~m{^(key|crt)$}) {
96 $v = shift(@_);
97 } else {
98 $v = $f;
99 $f = shift(@default) || 'crt';
100 }
101 $f = $m{$f} || die "wrong key $f";
102 $result .= $f->($v);
103 }
104 return $result;
105}
106
107sub out {
108 my $file = shift;
109 open(my $fh,'>',"$file") or die "failed to create $file: $!";
110 print $fh @_
111}
diff --git a/src/regress/lib/libssl/verify/verify.c b/src/regress/lib/libssl/verify/verify.c
deleted file mode 100644
index 8784396a79..0000000000
--- a/src/regress/lib/libssl/verify/verify.c
+++ /dev/null
@@ -1,373 +0,0 @@
1/* $OpenBSD: verify.c,v 1.1.1.1 2021/08/30 17:27:45 tb Exp $ */
2/*
3 * Copyright (c) 2021 Theo Buehler <tb@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/* Based on https://github.com/noxxi/libressl-tests */
19
20#include <stdint.h>
21#include <stdio.h>
22#include <stdlib.h>
23#include <string.h>
24
25#include <openssl/bio.h>
26#include <openssl/crypto.h>
27#include <openssl/err.h>
28#include <openssl/x509_vfy.h>
29#include <openssl/ssl.h>
30
31struct peer_config {
32 const char *name;
33 int server;
34 const char *cert;
35 const char *key;
36 const char *ca_file;
37};
38
39struct ssl_wildcard_test_data {
40 const char *description;
41 struct peer_config client_config;
42 struct peer_config server_config;
43 long verify_result;
44};
45
46static const struct ssl_wildcard_test_data ssl_wildcard_tests[] = {
47 {
48 .description = "unusual wildcard cert, no CA given to client",
49 .client_config = {
50 .name = "client",
51 .server = 0,
52 .cert = NULL,
53 .ca_file = NULL,
54 },
55 .server_config = {
56 .name = "server",
57 .server = 1,
58 .cert = "server-unusual-wildcard.pem",
59 .key = "server-unusual-wildcard.pem",
60 },
61 /* OpenSSL returns X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE */
62 .verify_result = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
63 },
64
65 {
66 .description = "unusual wildcard cert, CA given to client",
67 .client_config = {
68 .name = "client",
69 .server = 0,
70 .cert = NULL,
71 .ca_file = "caR.pem",
72 },
73 .server_config = {
74 .name = "server",
75 .server = 1,
76 .cert = "server-unusual-wildcard.pem",
77 .key = "server-unusual-wildcard.pem",
78 },
79 .verify_result = X509_V_OK,
80 },
81
82 {
83 .description = "common wildcard cert, no CA given to client",
84 .client_config = {
85 .name = "client",
86 .server = 0,
87 .cert = NULL,
88 .ca_file = NULL,
89 },
90 .server_config = {
91 .name = "server",
92 .server = 1,
93 .cert = "server-common-wildcard.pem",
94 .key = "server-common-wildcard.pem",
95 },
96 /* OpenSSL returns X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE */
97 .verify_result = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
98 },
99
100 {
101 .description = "common wildcard cert, CA given to client",
102 .client_config = {
103 .name = "client",
104 .server = 0,
105 .cert = NULL,
106 .ca_file = "caR.pem",
107 },
108 .server_config = {
109 .name = "server",
110 .server = 1,
111 .cert = "server-common-wildcard.pem",
112 .key = "server-common-wildcard.pem",
113 },
114 .verify_result = X509_V_OK,
115 },
116
117 {
118 .description = "server sends all chain certificates",
119 .client_config = {
120 .name = "client",
121 .server = 0,
122 .cert = NULL,
123 .ca_file = "caR.pem",
124 },
125 .server_config = {
126 .name = "server",
127 .server = 1,
128 .cert = "server-subca-chainS.pem",
129 .key = "server-subca-chainS.pem",
130 .ca_file = "subcaR.pem"
131 },
132 .verify_result = X509_V_OK,
133 },
134};
135
136static const size_t N_SSL_WILDCARD_TESTS =
137 sizeof(ssl_wildcard_tests) / sizeof(ssl_wildcard_tests[0]);
138
139static SSL_CTX *
140peer_config_to_ssl_ctx(const struct peer_config *config)
141{
142 SSL_CTX *ctx;
143
144 if ((ctx = SSL_CTX_new(TLS_method())) == NULL) {
145 fprintf(stderr, "SSL_CTX_new(%s) failed\n", config->name);
146 goto err;
147 }
148
149 if (config->server) {
150 if (!SSL_CTX_use_certificate_file(ctx, config->cert,
151 SSL_FILETYPE_PEM)) {
152 fprintf(stderr, "use_certificate_file(%s) failed\n",
153 config->name);
154 goto err;
155 }
156 if (config->key != NULL && !SSL_CTX_use_PrivateKey_file(ctx,
157 config->key, SSL_FILETYPE_PEM)) {
158 fprintf(stderr, "use_PrivateKey_file(%s) failed\n",
159 config->name);
160 goto err;
161 }
162 }
163
164 if (config->ca_file != NULL) {
165 if (!SSL_CTX_load_verify_locations(ctx, config->ca_file, NULL)) {
166 fprintf(stderr, "load_verify_locations(%s) failed\n",
167 config->name);
168 goto err;
169 }
170 }
171
172 return ctx;
173
174 err:
175 SSL_CTX_free(ctx);
176 return NULL;
177}
178
179/* Connect client and server via a pair of "nonblocking" memory BIOs. */
180static int
181connect_peers(SSL *client_ssl, SSL *server_ssl, const char *description)
182{
183 BIO *client_wbio = NULL, *server_wbio = NULL;
184 int ret = 0;
185
186 if ((client_wbio = BIO_new(BIO_s_mem())) == NULL) {
187 fprintf(stderr, "%s: failed to create client BIO\n",
188 description);
189 goto err;
190 }
191 if ((server_wbio = BIO_new(BIO_s_mem())) == NULL) {
192 fprintf(stderr, "%s: failed to create server BIO\n",
193 description);
194 goto err;
195 }
196 if (BIO_set_mem_eof_return(client_wbio, -1) <= 0) {
197 fprintf(stderr, "%s: failed to set client eof return\n",
198 description);
199 goto err;
200 }
201 if (BIO_set_mem_eof_return(server_wbio, -1) <= 0) {
202 fprintf(stderr, "%s: failed to set server eof return\n",
203 description);
204 goto err;
205 }
206
207 /* Avoid double free. SSL_set_bio() takes ownership of the BIOs. */
208 BIO_up_ref(client_wbio);
209 BIO_up_ref(server_wbio);
210
211 SSL_set_bio(client_ssl, server_wbio, client_wbio);
212 SSL_set_bio(server_ssl, client_wbio, server_wbio);
213 client_wbio = NULL;
214 server_wbio = NULL;
215
216 ret = 1;
217
218 err:
219 BIO_free(client_wbio);
220 BIO_free(server_wbio);
221
222 return ret;
223}
224
225static int
226push_data_to_peer(SSL *ssl, int *ret, int (*func)(SSL *), const char *func_name,
227 const char *description)
228{
229 int ssl_err = 0;
230
231 if (*ret == 1)
232 return 1;
233
234 /*
235 * Do SSL_connect/SSL_accept/SSL_shutdown once and loop while hitting
236 * WANT_WRITE. If done or on WANT_READ hand off to peer.
237 */
238
239 do {
240 if ((*ret = func(ssl)) <= 0)
241 ssl_err = SSL_get_error(ssl, *ret);
242 } while (*ret <= 0 && ssl_err == SSL_ERROR_WANT_WRITE);
243
244 /* Ignore erroneous error - see SSL_shutdown(3)... */
245 if (func == SSL_shutdown && ssl_err == SSL_ERROR_SYSCALL)
246 return 1;
247
248 if (*ret <= 0 && ssl_err != SSL_ERROR_WANT_READ) {
249 fprintf(stderr, "%s: %s failed\n", description, func_name);
250 ERR_print_errors_fp(stderr);
251 return 0;
252 }
253
254 return 1;
255}
256
257/*
258 * Alternate between loops of SSL_connect() and SSL_accept() as long as only
259 * WANT_READ and WANT_WRITE situations are encountered. A function is repeated
260 * until WANT_READ is returned or it succeeds, then it's the other function's
261 * turn to make progress. Succeeds if SSL_connect() and SSL_accept() return 1.
262 */
263static int
264handshake(SSL *client_ssl, SSL *server_ssl, const char *description)
265{
266 int loops = 0, client_ret = 0, server_ret = 0;
267
268 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
269 if (!push_data_to_peer(client_ssl, &client_ret, SSL_connect,
270 "SSL_connect", description))
271 return 0;
272
273 if (!push_data_to_peer(server_ssl, &server_ret, SSL_accept,
274 "SSL_accept", description))
275 return 0;
276 }
277
278 if (client_ret != 1 || server_ret != 1) {
279 fprintf(stderr, "%s: failed\n", __func__);
280 return 0;
281 }
282
283 return 1;
284}
285
286static int
287shutdown_peers(SSL *client_ssl, SSL *server_ssl, const char *description)
288{
289 int loops = 0, client_ret = 0, server_ret = 0;
290
291 while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) {
292 if (!push_data_to_peer(client_ssl, &client_ret, SSL_shutdown,
293 "client shutdown", description))
294 return 0;
295
296 if (!push_data_to_peer(server_ssl, &server_ret, SSL_shutdown,
297 "server shutdown", description))
298 return 0;
299 }
300
301 if (client_ret != 1 || server_ret != 1) {
302 fprintf(stderr, "%s: failed\n", __func__);
303 return 0;
304 }
305
306 return 1;
307}
308
309static int
310test_ssl_wildcards(const struct ssl_wildcard_test_data *test)
311{
312 SSL_CTX *client_ctx = NULL, *server_ctx = NULL;
313 SSL *client_ssl = NULL, *server_ssl = NULL;
314 long verify_result;
315 int failed = 1;
316
317 if ((client_ctx = peer_config_to_ssl_ctx(&test->client_config)) == NULL)
318 goto err;
319 if ((server_ctx = peer_config_to_ssl_ctx(&test->server_config)) == NULL)
320 goto err;
321
322 if ((client_ssl = SSL_new(client_ctx)) == NULL) {
323 fprintf(stderr, "%s: failed to create client SSL\n",
324 test->description);
325 goto err;
326 }
327 if ((server_ssl = SSL_new(server_ctx)) == NULL) {
328 fprintf(stderr, "%s: failed to create server SSL\n",
329 test->description);
330 goto err;
331 }
332
333 if (!connect_peers(client_ssl, server_ssl, test->description))
334 goto err;
335
336 if (!handshake(client_ssl, server_ssl, test->description))
337 goto err;
338
339 verify_result = SSL_get_verify_result(client_ssl);
340
341 if (test->verify_result == verify_result) {
342 failed = 0;
343 fprintf(stderr, "%s: ok\n", test->description);
344 } else
345 fprintf(stderr, "%s: verify_result: want %ld, got %ld\n",
346 test->description, test->verify_result, verify_result);
347
348 if (!shutdown_peers(client_ssl, server_ssl, test->description))
349 goto err;
350
351 err:
352 SSL_CTX_free(client_ctx);
353 SSL_CTX_free(server_ctx);
354 SSL_free(client_ssl);
355 SSL_free(server_ssl);
356
357 return failed;
358}
359
360int
361main(int argc, char **argv)
362{
363 size_t i;
364 int failed = 0;
365
366 for (i = 0; i < N_SSL_WILDCARD_TESTS; i++)
367 failed |= test_ssl_wildcards(&ssl_wildcard_tests[i]);
368
369 if (failed == 0)
370 printf("PASS %s\n", __FILE__);
371
372 return failed;
373}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-26 17:14:32 +0000