diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py | 100 |
1 files changed, 94 insertions, 6 deletions
diff --git a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py b/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py index c473382621..4e8f2c60a3 100644 --- a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py +++ b/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: tlsfuzzer.py,v 1.18 2020/09/25 06:34:59 tb Exp $ | 1 | # $OpenBSD: tlsfuzzer.py,v 1.19 2020/09/25 08:38:25 tb Exp $ |
| 2 | # | 2 | # |
| 3 | # Copyright (c) 2020 Theo Buehler <tb@openbsd.org> | 3 | # Copyright (c) 2020 Theo Buehler <tb@openbsd.org> |
| 4 | # | 4 | # |
| @@ -92,6 +92,97 @@ tls13_tests = TestGroup("TLSv1.3 tests", [ | |||
| 92 | ]), | 92 | ]), |
| 93 | ]) | 93 | ]) |
| 94 | 94 | ||
| 95 | # test-tls13-finished.py has 70 failing tests that expect a "decode_error" | ||
| 96 | # instead of the "decrypt_error" sent by tls13_server_finished_recv(). | ||
| 97 | # Both alerts appear to be reasonable in this context, so work around this | ||
| 98 | # in the test instead of the library. | ||
| 99 | def generate_test_tls13_finished_args(): | ||
| 100 | assertion = "Expected alert description \"decode_error\" does not match received \"decrypt_error\"" | ||
| 101 | paddings = [ | ||
| 102 | ("TLS_AES_128_GCM_SHA256", 0, 1), | ||
| 103 | ("TLS_AES_128_GCM_SHA256", 0, 2), | ||
| 104 | ("TLS_AES_128_GCM_SHA256", 0, 4), | ||
| 105 | ("TLS_AES_128_GCM_SHA256", 0, 8), | ||
| 106 | ("TLS_AES_128_GCM_SHA256", 0, 16), | ||
| 107 | ("TLS_AES_128_GCM_SHA256", 0, 32), | ||
| 108 | ("TLS_AES_128_GCM_SHA256", 0, 48), | ||
| 109 | ("TLS_AES_128_GCM_SHA256", 0, 2**14-4-32), | ||
| 110 | ("TLS_AES_128_GCM_SHA256", 0, 0x20000), | ||
| 111 | ("TLS_AES_128_GCM_SHA256", 0, 0x30000), | ||
| 112 | ("TLS_AES_128_GCM_SHA256", 1, 0), | ||
| 113 | ("TLS_AES_128_GCM_SHA256", 2, 0), | ||
| 114 | ("TLS_AES_128_GCM_SHA256", 4, 0), | ||
| 115 | ("TLS_AES_128_GCM_SHA256", 8, 0), | ||
| 116 | ("TLS_AES_128_GCM_SHA256", 16, 0), | ||
| 117 | ("TLS_AES_128_GCM_SHA256", 32, 0), | ||
| 118 | ("TLS_AES_128_GCM_SHA256", 48, 0), | ||
| 119 | ("TLS_AES_128_GCM_SHA256", 2**14-4-32, 0), | ||
| 120 | ("TLS_AES_128_GCM_SHA256", 12, 0), | ||
| 121 | ("TLS_AES_128_GCM_SHA256", 1, 1), | ||
| 122 | ("TLS_AES_128_GCM_SHA256", 8, 8), | ||
| 123 | ("TLS_AES_256_GCM_SHA384", 0, 1), | ||
| 124 | ("TLS_AES_256_GCM_SHA384", 0, 2), | ||
| 125 | ("TLS_AES_256_GCM_SHA384", 0, 4), | ||
| 126 | ("TLS_AES_256_GCM_SHA384", 0, 8), | ||
| 127 | ("TLS_AES_256_GCM_SHA384", 0, 16), | ||
| 128 | ("TLS_AES_256_GCM_SHA384", 0, 32), | ||
| 129 | ("TLS_AES_256_GCM_SHA384", 0, 48), | ||
| 130 | ("TLS_AES_256_GCM_SHA384", 0, 2**14-4-48), | ||
| 131 | ("TLS_AES_256_GCM_SHA384", 0, 0x20000), | ||
| 132 | ("TLS_AES_256_GCM_SHA384", 0, 0x30000), | ||
| 133 | ("TLS_AES_256_GCM_SHA384", 0, 12), | ||
| 134 | ("TLS_AES_256_GCM_SHA384", 1, 0), | ||
| 135 | ("TLS_AES_256_GCM_SHA384", 2, 0), | ||
| 136 | ("TLS_AES_256_GCM_SHA384", 4, 0), | ||
| 137 | ("TLS_AES_256_GCM_SHA384", 8, 0), | ||
| 138 | ("TLS_AES_256_GCM_SHA384", 16, 0), | ||
| 139 | ("TLS_AES_256_GCM_SHA384", 32, 0), | ||
| 140 | ("TLS_AES_256_GCM_SHA384", 48, 0), | ||
| 141 | ("TLS_AES_256_GCM_SHA384", 2**14-4-48, 0), | ||
| 142 | ("TLS_AES_256_GCM_SHA384", 1, 1), | ||
| 143 | ("TLS_AES_256_GCM_SHA384", 8, 8), | ||
| 144 | ] | ||
| 145 | truncations = [ | ||
| 146 | ("TLS_AES_128_GCM_SHA256", 0, -1), | ||
| 147 | ("TLS_AES_128_GCM_SHA256", 0, -2), | ||
| 148 | ("TLS_AES_128_GCM_SHA256", 0, -4), | ||
| 149 | ("TLS_AES_128_GCM_SHA256", 0, -8), | ||
| 150 | ("TLS_AES_128_GCM_SHA256", 0, -16), | ||
| 151 | ("TLS_AES_128_GCM_SHA256", 0, -32), | ||
| 152 | ("TLS_AES_128_GCM_SHA256", 0, 12), | ||
| 153 | ("TLS_AES_128_GCM_SHA256", 1, None), | ||
| 154 | ("TLS_AES_128_GCM_SHA256", 2, None), | ||
| 155 | ("TLS_AES_128_GCM_SHA256", 4, None), | ||
| 156 | ("TLS_AES_128_GCM_SHA256", 8, None), | ||
| 157 | ("TLS_AES_128_GCM_SHA256", 16, None), | ||
| 158 | ("TLS_AES_128_GCM_SHA256", 32, None), | ||
| 159 | ("TLS_AES_256_GCM_SHA384", 0, -1), | ||
| 160 | ("TLS_AES_256_GCM_SHA384", 0, -2), | ||
| 161 | ("TLS_AES_256_GCM_SHA384", 0, -4), | ||
| 162 | ("TLS_AES_256_GCM_SHA384", 0, -8), | ||
| 163 | ("TLS_AES_256_GCM_SHA384", 0, -16), | ||
| 164 | ("TLS_AES_256_GCM_SHA384", 0, -32), | ||
| 165 | ("TLS_AES_256_GCM_SHA384", 0, 12), | ||
| 166 | ("TLS_AES_256_GCM_SHA384", 1, None), | ||
| 167 | ("TLS_AES_256_GCM_SHA384", 2, None), | ||
| 168 | ("TLS_AES_256_GCM_SHA384", 4, None), | ||
| 169 | ("TLS_AES_256_GCM_SHA384", 8, None), | ||
| 170 | ("TLS_AES_256_GCM_SHA384", 16, None), | ||
| 171 | ("TLS_AES_256_GCM_SHA384", 32, None), | ||
| 172 | ] | ||
| 173 | |||
| 174 | args = [ | ||
| 175 | "-x", "empty - cipher TLS_AES_128_GCM_SHA256", "-X", assertion, | ||
| 176 | "-x", "empty - cipher TLS_AES_256_GCM_SHA384", "-X", assertion, | ||
| 177 | ] | ||
| 178 | padding_fmt = "padding - cipher %s, pad_byte 0, pad_left %d, pad_right %d" | ||
| 179 | for padding in paddings: | ||
| 180 | args += ["-x", padding_fmt % padding, "-X", assertion] | ||
| 181 | truncation_fmt = "truncation - cipher %s, start %d, end %s" | ||
| 182 | for truncation in truncations: | ||
| 183 | args += ["-x", truncation_fmt % truncation, "-X", assertion] | ||
| 184 | return args | ||
| 185 | |||
| 95 | # Tests that take a lot of time (> ~30s on an x280) | 186 | # Tests that take a lot of time (> ~30s on an x280) |
| 96 | tls13_slow_tests = TestGroup("slow TLSv1.3 tests", [ | 187 | tls13_slow_tests = TestGroup("slow TLSv1.3 tests", [ |
| 97 | # XXX: Investigate the occasional message | 188 | # XXX: Investigate the occasional message |
| @@ -101,6 +192,8 @@ tls13_slow_tests = TestGroup("slow TLSv1.3 tests", [ | |||
| 101 | Test("test-tls13-invalid-ciphers.py"), | 192 | Test("test-tls13-invalid-ciphers.py"), |
| 102 | Test("test-tls13-serverhello-random.py", tls13_unsupported_ciphers), | 193 | Test("test-tls13-serverhello-random.py", tls13_unsupported_ciphers), |
| 103 | 194 | ||
| 195 | Test("test-tls13-finished.py", generate_test_tls13_finished_args()), | ||
| 196 | |||
| 104 | # Mark two tests cases as xfail for now. The tests expect an arguably | 197 | # Mark two tests cases as xfail for now. The tests expect an arguably |
| 105 | # correct decode_error while we send a decrypt_error (like fizz/boring). | 198 | # correct decode_error while we send a decrypt_error (like fizz/boring). |
| 106 | Test("test-tls13-record-layer-limits.py", [ | 199 | Test("test-tls13-record-layer-limits.py", [ |
| @@ -161,11 +254,6 @@ tls13_slow_failing_tests = TestGroup("slow, failing TLSv1.3 tests", [ | |||
| 161 | 254 | ||
| 162 | Test("test-tls13-symetric-ciphers.py"), # unexpected message from peer | 255 | Test("test-tls13-symetric-ciphers.py"), # unexpected message from peer |
| 163 | 256 | ||
| 164 | # 70 fail and 644 pass. For some reason the tests expect a decode_error | ||
| 165 | # but we send a decrypt_error after the CBS_mem_equal() fails in | ||
| 166 | # tls13_server_finished_recv() (which is correct). | ||
| 167 | Test("test-tls13-finished.py"), # decrypt_error -> decode_error? | ||
| 168 | |||
| 169 | # 6 tests fail: 'rsa_pkcs1_{md5,sha{1,224,256,384,512}} signature' | 257 | # 6 tests fail: 'rsa_pkcs1_{md5,sha{1,224,256,384,512}} signature' |
| 170 | # We send server hello, but the test expects handshake_failure | 258 | # We send server hello, but the test expects handshake_failure |
| 171 | Test("test-tls13-pkcs-signature.py"), | 259 | Test("test-tls13-pkcs-signature.py"), |