From 4e4f5b4c833ba5285e001bdb6b832bdf91c43da3 Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Mon, 30 Aug 2021 17:27:46 +0000 Subject: This commit was manufactured by cvs2git to create tag 'tb_20210830'. --- src/regress/lib/libssl/Makefile | 27 - src/regress/lib/libssl/Makefile.inc | 2 - src/regress/lib/libssl/asn1/Makefile | 11 - src/regress/lib/libssl/asn1/asn1test.c | 478 --- src/regress/lib/libssl/buffer/Makefile | 10 - src/regress/lib/libssl/buffer/buffertest.c | 156 - src/regress/lib/libssl/bytestring/Makefile | 9 - src/regress/lib/libssl/bytestring/bytestringtest.c | 916 ----- src/regress/lib/libssl/certs/ca.pem | 45 - src/regress/lib/libssl/certs/client.pem | 51 - src/regress/lib/libssl/certs/server.pem | 51 - src/regress/lib/libssl/ciphers/Makefile | 9 - src/regress/lib/libssl/ciphers/cipherstest.c | 531 --- src/regress/lib/libssl/client/Makefile | 9 - src/regress/lib/libssl/client/clienttest.c | 740 ---- src/regress/lib/libssl/dtls/Makefile | 19 - src/regress/lib/libssl/dtls/dtlstest.c | 1072 ------ src/regress/lib/libssl/handshake/Makefile | 44 - src/regress/lib/libssl/handshake/handshake_table.c | 514 --- .../libssl/handshake/valid_handshakes_terminate.c | 57 - src/regress/lib/libssl/interop/LICENSE | 15 - src/regress/lib/libssl/interop/Makefile | 19 - src/regress/lib/libssl/interop/Makefile.inc | 90 - src/regress/lib/libssl/interop/README | 22 - src/regress/lib/libssl/interop/botan/Makefile | 82 - src/regress/lib/libssl/interop/botan/client.cpp | 228 -- src/regress/lib/libssl/interop/cert/Makefile | 87 - src/regress/lib/libssl/interop/cipher/Makefile | 170 - src/regress/lib/libssl/interop/client.c | 273 -- src/regress/lib/libssl/interop/libressl/Makefile | 34 - src/regress/lib/libssl/interop/netcat/Makefile | 84 - src/regress/lib/libssl/interop/openssl/Makefile | 42 - src/regress/lib/libssl/interop/openssl11/Makefile | 42 - src/regress/lib/libssl/interop/server.c | 320 -- src/regress/lib/libssl/interop/session/Makefile | 46 - src/regress/lib/libssl/interop/util.c | 145 - src/regress/lib/libssl/interop/util.h | 23 - src/regress/lib/libssl/interop/version/Makefile | 103 - src/regress/lib/libssl/key_schedule/Makefile | 9 - src/regress/lib/libssl/key_schedule/key_schedule.c | 317 -- src/regress/lib/libssl/openssl-ruby/Makefile | 72 - src/regress/lib/libssl/pqueue/Makefile | 17 - src/regress/lib/libssl/pqueue/expected.txt | 3 - src/regress/lib/libssl/pqueue/pq_test.c | 118 - src/regress/lib/libssl/record/Makefile | 10 - src/regress/lib/libssl/record/recordtest.c | 555 --- src/regress/lib/libssl/record_layer/Makefile | 10 - .../lib/libssl/record_layer/record_layer_test.c | 306 -- src/regress/lib/libssl/server/Makefile | 18 - src/regress/lib/libssl/server/servertest.c | 209 -- src/regress/lib/libssl/ssl/Makefile | 16 - src/regress/lib/libssl/ssl/ssltest.c | 1911 ---------- src/regress/lib/libssl/ssl/testssl | 152 - src/regress/lib/libssl/tlsext/Makefile | 9 - src/regress/lib/libssl/tlsext/tlsexttest.c | 3650 -------------------- src/regress/lib/libssl/tlsfuzzer/Makefile | 47 - src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py | 876 ----- src/regress/lib/libssl/tlslegacy/Makefile | 9 - src/regress/lib/libssl/tlslegacy/tlslegacytest.c | 633 ---- src/regress/lib/libssl/unit/Makefile | 27 - src/regress/lib/libssl/unit/cipher_list.c | 204 -- .../lib/libssl/unit/ssl_get_shared_ciphers.c | 482 --- src/regress/lib/libssl/unit/ssl_methods.c | 267 -- src/regress/lib/libssl/unit/ssl_versions.c | 910 ----- src/regress/lib/libssl/unit/tests.h | 44 - src/regress/lib/libssl/unit/tls_ext_alpn.c | 442 --- src/regress/lib/libssl/unit/tls_prf.c | 251 -- 67 files changed, 18150 deletions(-) delete mode 100644 src/regress/lib/libssl/Makefile delete mode 100644 src/regress/lib/libssl/Makefile.inc delete mode 100644 src/regress/lib/libssl/asn1/Makefile delete mode 100644 src/regress/lib/libssl/asn1/asn1test.c delete mode 100644 src/regress/lib/libssl/buffer/Makefile delete mode 100644 src/regress/lib/libssl/buffer/buffertest.c delete mode 100644 src/regress/lib/libssl/bytestring/Makefile delete mode 100644 src/regress/lib/libssl/bytestring/bytestringtest.c delete mode 100644 src/regress/lib/libssl/certs/ca.pem delete mode 100644 src/regress/lib/libssl/certs/client.pem delete mode 100644 src/regress/lib/libssl/certs/server.pem delete mode 100644 src/regress/lib/libssl/ciphers/Makefile delete mode 100644 src/regress/lib/libssl/ciphers/cipherstest.c delete mode 100644 src/regress/lib/libssl/client/Makefile delete mode 100644 src/regress/lib/libssl/client/clienttest.c delete mode 100644 src/regress/lib/libssl/dtls/Makefile delete mode 100644 src/regress/lib/libssl/dtls/dtlstest.c delete mode 100644 src/regress/lib/libssl/handshake/Makefile delete mode 100644 src/regress/lib/libssl/handshake/handshake_table.c delete mode 100644 src/regress/lib/libssl/handshake/valid_handshakes_terminate.c delete mode 100644 src/regress/lib/libssl/interop/LICENSE delete mode 100644 src/regress/lib/libssl/interop/Makefile delete mode 100644 src/regress/lib/libssl/interop/Makefile.inc delete mode 100644 src/regress/lib/libssl/interop/README delete mode 100644 src/regress/lib/libssl/interop/botan/Makefile delete mode 100644 src/regress/lib/libssl/interop/botan/client.cpp delete mode 100644 src/regress/lib/libssl/interop/cert/Makefile delete mode 100644 src/regress/lib/libssl/interop/cipher/Makefile delete mode 100644 src/regress/lib/libssl/interop/client.c delete mode 100644 src/regress/lib/libssl/interop/libressl/Makefile delete mode 100644 src/regress/lib/libssl/interop/netcat/Makefile delete mode 100644 src/regress/lib/libssl/interop/openssl/Makefile delete mode 100644 src/regress/lib/libssl/interop/openssl11/Makefile delete mode 100644 src/regress/lib/libssl/interop/server.c delete mode 100644 src/regress/lib/libssl/interop/session/Makefile delete mode 100644 src/regress/lib/libssl/interop/util.c delete mode 100644 src/regress/lib/libssl/interop/util.h delete mode 100644 src/regress/lib/libssl/interop/version/Makefile delete mode 100644 src/regress/lib/libssl/key_schedule/Makefile delete mode 100644 src/regress/lib/libssl/key_schedule/key_schedule.c delete mode 100644 src/regress/lib/libssl/openssl-ruby/Makefile delete mode 100644 src/regress/lib/libssl/pqueue/Makefile delete mode 100644 src/regress/lib/libssl/pqueue/expected.txt delete mode 100644 src/regress/lib/libssl/pqueue/pq_test.c delete mode 100644 src/regress/lib/libssl/record/Makefile delete mode 100644 src/regress/lib/libssl/record/recordtest.c delete mode 100644 src/regress/lib/libssl/record_layer/Makefile delete mode 100644 src/regress/lib/libssl/record_layer/record_layer_test.c delete mode 100644 src/regress/lib/libssl/server/Makefile delete mode 100644 src/regress/lib/libssl/server/servertest.c delete mode 100644 src/regress/lib/libssl/ssl/Makefile delete mode 100644 src/regress/lib/libssl/ssl/ssltest.c delete mode 100644 src/regress/lib/libssl/ssl/testssl delete mode 100644 src/regress/lib/libssl/tlsext/Makefile delete mode 100644 src/regress/lib/libssl/tlsext/tlsexttest.c delete mode 100644 src/regress/lib/libssl/tlsfuzzer/Makefile delete mode 100644 src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py delete mode 100644 src/regress/lib/libssl/tlslegacy/Makefile delete mode 100644 src/regress/lib/libssl/tlslegacy/tlslegacytest.c delete mode 100644 src/regress/lib/libssl/unit/Makefile delete mode 100644 src/regress/lib/libssl/unit/cipher_list.c delete mode 100644 src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c delete mode 100644 src/regress/lib/libssl/unit/ssl_methods.c delete mode 100644 src/regress/lib/libssl/unit/ssl_versions.c delete mode 100644 src/regress/lib/libssl/unit/tests.h delete mode 100644 src/regress/lib/libssl/unit/tls_ext_alpn.c delete mode 100644 src/regress/lib/libssl/unit/tls_prf.c (limited to 'src/regress/lib/libssl') diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile deleted file mode 100644 index 1df48f2525..0000000000 --- a/src/regress/lib/libssl/Makefile +++ /dev/null @@ -1,27 +0,0 @@ -# $OpenBSD: Makefile,v 1.43 2021/05/03 18:31:40 tb Exp $ - -SUBDIR += asn1 -SUBDIR += buffer -SUBDIR += bytestring -SUBDIR += ciphers -SUBDIR += client -SUBDIR += dtls -SUBDIR += handshake -SUBDIR += pqueue -SUBDIR += record -SUBDIR += record_layer -SUBDIR += server -SUBDIR += ssl -SUBDIR += tlsext -SUBDIR += tlslegacy -SUBDIR += key_schedule -SUBDIR += unit - -# Things that take a long time should go below here. -SUBDIR += openssl-ruby -SUBDIR += tlsfuzzer -SUBDIR += interop - -install: - -.include diff --git a/src/regress/lib/libssl/Makefile.inc b/src/regress/lib/libssl/Makefile.inc deleted file mode 100644 index a8880845e9..0000000000 --- a/src/regress/lib/libssl/Makefile.inc +++ /dev/null @@ -1,2 +0,0 @@ -# Use this variable when the test needs internal symbols from libssl -SSL_INT= -Wl,-Bstatic -lssl -Wl,-Bdynamic diff --git a/src/regress/lib/libssl/asn1/Makefile b/src/regress/lib/libssl/asn1/Makefile deleted file mode 100644 index 16fca9f6ca..0000000000 --- a/src/regress/lib/libssl/asn1/Makefile +++ /dev/null @@ -1,11 +0,0 @@ -# $OpenBSD: Makefile,v 1.2 2021/06/30 18:09:46 jsing Exp $ - -PROG= asn1test -LDADD= -lcrypto -lssl -DPADD= ${LIBCRYPTO} ${LIBSSL} - -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Werror -CFLAGS+= -I${.CURDIR}/../../../../lib/libssl - -.include diff --git a/src/regress/lib/libssl/asn1/asn1test.c b/src/regress/lib/libssl/asn1/asn1test.c deleted file mode 100644 index 18a9713878..0000000000 --- a/src/regress/lib/libssl/asn1/asn1test.c +++ /dev/null @@ -1,478 +0,0 @@ -/* $OpenBSD: asn1test.c,v 1.8 2021/06/30 18:09:46 jsing Exp $ */ -/* - * Copyright (c) 2014, 2016 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include -#include -#include - -#include "ssl_locl.h" - -int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); -SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, - long length); - -X509 *peer_cert; - -unsigned char *peer_cert_pem = - "-----BEGIN CERTIFICATE-----\n" - "MIIBcTCCARugAwIBAgIJAPYhaZJAvUuUMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV\n" - "BAoMCVRlc3QgUGVlcjAeFw0xNjEyMjYxNDQ3NDdaFw0yNjEyMjQxNDQ3NDdaMBQx\n" - "EjAQBgNVBAoMCVRlc3QgUGVlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCyhAdJ\n" - "wojHv/uKONh8MbmR2U2+VF1HQusnLfSfHPqkJfvDzLWJ41TG7QcXkx2rIJVtAFrO\n" - "U9yNdFYJLA/hsrbjAgMBAAGjUDBOMB0GA1UdDgQWBBS3bZOw7fvaortdsdE2TPMq\n" - "IRXFRzAfBgNVHSMEGDAWgBS3bZOw7fvaortdsdE2TPMqIRXFRzAMBgNVHRMEBTAD\n" - "AQH/MA0GCSqGSIb3DQEBBQUAA0EAHsxNS+rNUZbopeDMhVIviOfUmelDjJrT56Rc\n" - "VJoFN3Gc1cV8nQAHm9aJs71uksC+MN04Pzh0WqmYX9XXrnYPcg==\n" - "-----END CERTIFICATE-----\n"; - -struct ssl_asn1_test { - SSL_SESSION session; - int peer_cert; - const unsigned char asn1[1024]; - int asn1_len; -}; - -unsigned char tlsext_tick[] = { - 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, - 0x2d, 0x30, 0x31, 0x36, 0x30, 0x3a, 0x20, 0x37, - 0x74, 0x68, 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c, - 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, - 0x45, 0x2d, 0x32, 0x30, 0x31, 0x30, 0x2d, 0x35, - 0x32, 0x39, 0x38, 0x3a, 0x20, 0x38, 0x74, 0x68, - 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32, - 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, - 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30, 0x31, 0x39, - 0x38, 0x3a, 0x20, 0x32, 0x31, 0x73, 0x74, 0x20, - 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30, - 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, - 0x30, 0x31, 0x34, 0x2d, 0x33, 0x34, 0x37, 0x30, - 0x3a, 0x20, 0x33, 0x30, 0x74, 0x68, 0x20, 0x4d, - 0x61, 0x79, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, - 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, - 0x2d, 0x30, 0x31, 0x39, 0x35, 0x3a, 0x20, 0x35, - 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20, - 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, - 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30, 0x32, - 0x32, 0x31, 0x3a, 0x20, 0x35, 0x74, 0x68, 0x20, - 0x4a, 0x75, 0x6e, 0x65, 0x20, 0x32, 0x30, 0x31, - 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, - 0x31, 0x34, 0x2d, 0x30, 0x32, 0x32, 0x34, 0x3a, - 0x20, 0x35, 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e, - 0x65, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, -}; - -struct ssl_asn1_test ssl_asn1_tests[] = { - { - .session = { - .cipher_id = 0x03000000L | 1, - .ssl_version = TLS1_2_VERSION, - }, - .asn1 = { - 0x30, 0x13, 0x02, 0x01, 0x01, 0x02, 0x02, 0x03, - 0x03, 0x04, 0x02, 0x00, 0x01, 0x04, 0x00, 0x04, - 0x00, 0xa4, 0x02, 0x04, 0x00, - }, - .asn1_len = 21, - }, - { - .session = { - .cipher_id = 0x03000000L | 1, - .ssl_version = TLS1_2_VERSION, - .master_key_length = 26, - .session_id = "0123456789", - .session_id_length = 10, - .sid_ctx = "abcdefghijklmnopqrstuvwxyz", - .sid_ctx_length = 26, - }, - .asn1 = { - 0x30, 0x51, 0x02, 0x01, 0x01, 0x02, 0x02, 0x03, - 0x03, 0x04, 0x02, 0x00, 0x01, 0x04, 0x0a, 0x30, - 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, - 0x39, 0x04, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0xa4, 0x1c, 0x04, - 0x1a, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, - 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, - 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, - 0x78, 0x79, 0x7a, - }, - .asn1_len = 83, - }, - { - .session = { - .cipher_id = 0x03000000L | 1, - .ssl_version = TLS1_2_VERSION, - .master_key_length = 26, - .session_id = "0123456789", - .session_id_length = 10, - .sid_ctx = "abcdefghijklmnopqrstuvwxyz", - .sid_ctx_length = 26, - .time = 1405266069, - .timeout = 5, - .verify_result = 42, - .tlsext_hostname = "libressl.openbsd.org", - .tlsext_tick_lifetime_hint = 0x7abbccdd, - .tlsext_tick = tlsext_tick, - .tlsext_ticklen = sizeof(tlsext_tick), - }, - .peer_cert = 1, - .asn1 = { - 0x30, 0x82, 0x02, 0xd1, 0x02, 0x01, 0x01, 0x02, - 0x02, 0x03, 0x03, 0x04, 0x02, 0x00, 0x01, 0x04, - 0x0a, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, - 0x37, 0x38, 0x39, 0x04, 0x1a, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa1, - 0x06, 0x02, 0x04, 0x53, 0xc2, 0xa8, 0x95, 0xa2, - 0x03, 0x02, 0x01, 0x05, 0xa3, 0x82, 0x01, 0x75, - 0x30, 0x82, 0x01, 0x71, 0x30, 0x82, 0x01, 0x1b, - 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, - 0xf6, 0x21, 0x69, 0x92, 0x40, 0xbd, 0x4b, 0x94, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, - 0x14, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, - 0x04, 0x0a, 0x0c, 0x09, 0x54, 0x65, 0x73, 0x74, - 0x20, 0x50, 0x65, 0x65, 0x72, 0x30, 0x1e, 0x17, - 0x0d, 0x31, 0x36, 0x31, 0x32, 0x32, 0x36, 0x31, - 0x34, 0x34, 0x37, 0x34, 0x37, 0x5a, 0x17, 0x0d, - 0x32, 0x36, 0x31, 0x32, 0x32, 0x34, 0x31, 0x34, - 0x34, 0x37, 0x34, 0x37, 0x5a, 0x30, 0x14, 0x31, - 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0a, - 0x0c, 0x09, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, - 0x65, 0x65, 0x72, 0x30, 0x5c, 0x30, 0x0d, 0x06, - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, - 0x01, 0x01, 0x05, 0x00, 0x03, 0x4b, 0x00, 0x30, - 0x48, 0x02, 0x41, 0x00, 0xb2, 0x84, 0x07, 0x49, - 0xc2, 0x88, 0xc7, 0xbf, 0xfb, 0x8a, 0x38, 0xd8, - 0x7c, 0x31, 0xb9, 0x91, 0xd9, 0x4d, 0xbe, 0x54, - 0x5d, 0x47, 0x42, 0xeb, 0x27, 0x2d, 0xf4, 0x9f, - 0x1c, 0xfa, 0xa4, 0x25, 0xfb, 0xc3, 0xcc, 0xb5, - 0x89, 0xe3, 0x54, 0xc6, 0xed, 0x07, 0x17, 0x93, - 0x1d, 0xab, 0x20, 0x95, 0x6d, 0x00, 0x5a, 0xce, - 0x53, 0xdc, 0x8d, 0x74, 0x56, 0x09, 0x2c, 0x0f, - 0xe1, 0xb2, 0xb6, 0xe3, 0x02, 0x03, 0x01, 0x00, - 0x01, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, - 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, - 0xb7, 0x6d, 0x93, 0xb0, 0xed, 0xfb, 0xda, 0xa2, - 0xbb, 0x5d, 0xb1, 0xd1, 0x36, 0x4c, 0xf3, 0x2a, - 0x21, 0x15, 0xc5, 0x47, 0x30, 0x1f, 0x06, 0x03, - 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, - 0x14, 0xb7, 0x6d, 0x93, 0xb0, 0xed, 0xfb, 0xda, - 0xa2, 0xbb, 0x5d, 0xb1, 0xd1, 0x36, 0x4c, 0xf3, - 0x2a, 0x21, 0x15, 0xc5, 0x47, 0x30, 0x0c, 0x06, - 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, - 0x01, 0x01, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, - 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, - 0x05, 0x00, 0x03, 0x41, 0x00, 0x1e, 0xcc, 0x4d, - 0x4b, 0xea, 0xcd, 0x51, 0x96, 0xe8, 0xa5, 0xe0, - 0xcc, 0x85, 0x52, 0x2f, 0x88, 0xe7, 0xd4, 0x99, - 0xe9, 0x43, 0x8c, 0x9a, 0xd3, 0xe7, 0xa4, 0x5c, - 0x54, 0x9a, 0x05, 0x37, 0x71, 0x9c, 0xd5, 0xc5, - 0x7c, 0x9d, 0x00, 0x07, 0x9b, 0xd6, 0x89, 0xb3, - 0xbd, 0x6e, 0x92, 0xc0, 0xbe, 0x30, 0xdd, 0x38, - 0x3f, 0x38, 0x74, 0x5a, 0xa9, 0x98, 0x5f, 0xd5, - 0xd7, 0xae, 0x76, 0x0f, 0x72, 0xa4, 0x1c, 0x04, - 0x1a, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, - 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, - 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, - 0x78, 0x79, 0x7a, 0xa5, 0x03, 0x02, 0x01, 0x2a, - 0xa6, 0x16, 0x04, 0x14, 0x6c, 0x69, 0x62, 0x72, - 0x65, 0x73, 0x73, 0x6c, 0x2e, 0x6f, 0x70, 0x65, - 0x6e, 0x62, 0x73, 0x64, 0x2e, 0x6f, 0x72, 0x67, - 0xa9, 0x06, 0x02, 0x04, 0x7a, 0xbb, 0xcc, 0xdd, - 0xaa, 0x81, 0xd2, 0x04, 0x81, 0xcf, 0x43, 0x56, - 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30, - 0x31, 0x36, 0x30, 0x3a, 0x20, 0x37, 0x74, 0x68, - 0x20, 0x41, 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32, - 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, - 0x32, 0x30, 0x31, 0x30, 0x2d, 0x35, 0x32, 0x39, - 0x38, 0x3a, 0x20, 0x38, 0x74, 0x68, 0x20, 0x41, - 0x70, 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30, 0x31, - 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, - 0x31, 0x34, 0x2d, 0x30, 0x31, 0x39, 0x38, 0x3a, - 0x20, 0x32, 0x31, 0x73, 0x74, 0x20, 0x41, 0x70, - 0x72, 0x69, 0x6c, 0x20, 0x32, 0x30, 0x31, 0x34, - 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, - 0x34, 0x2d, 0x33, 0x34, 0x37, 0x30, 0x3a, 0x20, - 0x33, 0x30, 0x74, 0x68, 0x20, 0x4d, 0x61, 0x79, - 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, 0x43, 0x56, - 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, 0x2d, 0x30, - 0x31, 0x39, 0x35, 0x3a, 0x20, 0x35, 0x74, 0x68, - 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20, 0x32, 0x30, - 0x31, 0x34, 0x0a, 0x43, 0x56, 0x45, 0x2d, 0x32, - 0x30, 0x31, 0x34, 0x2d, 0x30, 0x32, 0x32, 0x31, - 0x3a, 0x20, 0x35, 0x74, 0x68, 0x20, 0x4a, 0x75, - 0x6e, 0x65, 0x20, 0x32, 0x30, 0x31, 0x34, 0x0a, - 0x43, 0x56, 0x45, 0x2d, 0x32, 0x30, 0x31, 0x34, - 0x2d, 0x30, 0x32, 0x32, 0x34, 0x3a, 0x20, 0x35, - 0x74, 0x68, 0x20, 0x4a, 0x75, 0x6e, 0x65, 0x20, - 0x32, 0x30, 0x31, 0x34, 0x0a, - }, - .asn1_len = 725, - }, - { - .session = { - .cipher_id = 0x03000000L | 1, - .ssl_version = TLS1_2_VERSION, - .timeout = -1, - }, - .asn1 = { - 0x0, - }, - .asn1_len = -1, - }, - { - .session = { - .cipher_id = 0x03000000L | 1, - .ssl_version = TLS1_2_VERSION, - .time = -1, - }, - .asn1 = { - 0x0, - }, - .asn1_len = -1, - }, -}; - -#define N_SSL_ASN1_TESTS \ - (sizeof(ssl_asn1_tests) / sizeof(*ssl_asn1_tests)) - -static int -session_strcmp(const unsigned char *o1, const unsigned char *o2, size_t len) -{ - if (o1 == NULL && o2 == NULL) - return (0); - if (o1 == NULL || o2 == NULL) - return (1); - return memcmp(o1, o2, len); -} - -static int -session_cmp(SSL_SESSION *s1, SSL_SESSION *s2) -{ - /* Compare the ASN.1 encoded values from two sessions. */ - if (s1->ssl_version != s2->ssl_version) { - fprintf(stderr, "ssl_version differs: %i != %i\n", - s1->ssl_version, s2->ssl_version); - return (1); - } - if (s1->cipher_id != s2->cipher_id) { - fprintf(stderr, "cipher_id differs: %li != %li\n", - s1->cipher_id, s2->cipher_id); - return (1); - } - - if (s1->master_key_length != s2->master_key_length) { - fprintf(stderr, "master_key_length differs: %i != %i\n", - s1->master_key_length, s2->master_key_length); - return (1); - } - if (session_strcmp(s1->master_key, s2->master_key, - s1->master_key_length) != 0) { - fprintf(stderr, "master_key differs\n"); - return (1); - } - - if (s1->session_id_length != s2->session_id_length) { - fprintf(stderr, "session_id_length differs: %i != %i\n", - s1->session_id_length, s2->session_id_length); - return (1); - } - if (session_strcmp(s1->session_id, s2->session_id, - s1->session_id_length) != 0) { - fprintf(stderr, "session_id differs\n"); - return (1); - } - - if (s1->sid_ctx_length != s2->sid_ctx_length) { - fprintf(stderr, "sid_ctx_length differs: %i != %i\n", - s1->sid_ctx_length, s2->sid_ctx_length); - return (1); - } - if (session_strcmp(s1->sid_ctx, s2->sid_ctx, - s1->sid_ctx_length) != 0) { - fprintf(stderr, "sid_ctx differs\n"); - return (1); - } - - /* d2i_SSL_SESSION uses the current time if decoding a zero value. */ - if ((s1->time != s2->time) && s1->time != 0 && s2->time != 0) { - fprintf(stderr, "time differs: %lli != %lli\n", - (long long)s1->time, (long long)s2->time); - return (1); - } - /* d2i_SSL_SESSION uses a timeout of 3 if decoding a zero value. */ - if ((s1->timeout != s2->timeout) && - s1->timeout != 3 && s2->timeout != 3) { - fprintf(stderr, "timeout differs: %li != %li\n", - s1->timeout, s2->timeout); - return (1); - } - - /* Ensure that a certificate is or is not present in both. */ - if ((s1->peer != NULL || s2->peer != NULL) && - (s1->peer == NULL || s2->peer == NULL || - X509_cmp(s1->peer, s2->peer) != 0)) { - fprintf(stderr, "peer differs\n"); - return (1); - } - - if (s1->verify_result != s2->verify_result) { - fprintf(stderr, "verify_result differs: %li != %li\n", - s1->verify_result, s2->verify_result); - return (1); - } - - if (session_strcmp(s1->tlsext_hostname, s2->tlsext_hostname, - (s1->tlsext_hostname ? strlen(s1->tlsext_hostname) : 0)) != 0) { - fprintf(stderr, "sid_ctx differs\n"); - return (1); - } - if (s1->tlsext_tick_lifetime_hint != s2->tlsext_tick_lifetime_hint) { - fprintf(stderr, "tlsext_tick_lifetime_hint differs: " - "%li != %li\n", s1->tlsext_tick_lifetime_hint, - s2->tlsext_tick_lifetime_hint); - return (1); - } - if (s1->tlsext_ticklen != s2->tlsext_ticklen) { - fprintf(stderr, "tlsext_ticklen differs: %zu != %zu\n", - s1->tlsext_ticklen, s2->tlsext_ticklen); - return (1); - } - if (session_strcmp(s1->tlsext_tick, s2->tlsext_tick, - s1->tlsext_ticklen) != 0) { - fprintf(stderr, "tlsext_tick differs\n"); - return (1); - } - - return (0); -} - -static int -do_ssl_asn1_test(int test_no, struct ssl_asn1_test *sat) -{ - SSL_SESSION *sp = NULL; - unsigned char *ap, *asn1 = NULL; - const unsigned char *pp; - int i, len, rv = 1; - - if (sat->peer_cert) - sat->session.peer = peer_cert; - - len = i2d_SSL_SESSION(&sat->session, NULL); - if (len != sat->asn1_len) { - fprintf(stderr, "FAIL: test %i returned ASN1 length %i, " - "want %i\n", test_no, len, sat->asn1_len); - goto failed; - } - - /* See if the test is expected to fail... */ - if (sat->asn1_len == -1) - return (0); - - if ((asn1 = malloc(len)) == NULL) - errx(1, "failed to allocate memory"); - - ap = asn1; - len = i2d_SSL_SESSION(&sat->session, &ap); - - /* Check the length again since the code path is different. */ - if (len != sat->asn1_len) { - fprintf(stderr, "FAIL: test %i returned ASN1 length %i, " - "want %i\n", test_no, len, sat->asn1_len); - goto failed; - } - /* ap should now point at the end of the buffer. */ - if (ap - asn1 != len) { - fprintf(stderr, "FAIL: test %i pointer increment does not " - "match length (%i != %i)\n", test_no, (int)(ap - asn1), len); - goto failed; - } - - if (memcmp(asn1, &sat->asn1, len) != 0) { - fprintf(stderr, "FAIL: test %i - encoding differs:\n", test_no); - fprintf(stderr, "encoding:\n"); - for (i = 1; i <= len; i++) { - fprintf(stderr, " 0x%02hhx,", asn1[i - 1]); - if (i % 8 == 0) - fprintf(stderr, "\n"); - } - fprintf(stderr, "\n"); - fprintf(stderr, "test data:\n"); - for (i = 1; i <= sat->asn1_len; i++) { - fprintf(stderr, " 0x%02hhx,", sat->asn1[i - 1]); - if (i % 8 == 0) - fprintf(stderr, "\n"); - } - fprintf(stderr, "\n"); - goto failed; - } - - pp = sat->asn1; - - if ((sp = d2i_SSL_SESSION(NULL, &pp, sat->asn1_len)) == NULL) { - fprintf(stderr, "FAIL: test %i - decoding failed\n", test_no); - goto failed; - } - - if (session_cmp(sp, &sat->session) != 0) { - fprintf(stderr, "FAIL: test %i - decoding differs\n", test_no); - goto failed; - } - - rv = 0; - - failed: - ERR_print_errors_fp(stderr); - SSL_SESSION_free(sp); - free(asn1); - - return (rv); -} - -int -main(int argc, char **argv) -{ - BIO *bio = NULL; - int failed = 0; - size_t i; - - SSL_library_init(); - SSL_load_error_strings(); - - bio = BIO_new_mem_buf(peer_cert_pem, -1); - if (bio == NULL) - errx(1, "failed to create bio"); - - peer_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); - if (peer_cert == NULL) - errx(1, "failed to read peer cert"); - - for (i = 0; i < N_SSL_ASN1_TESTS; i++) - failed += do_ssl_asn1_test(i, &ssl_asn1_tests[i]); - - X509_free(peer_cert); - BIO_free(bio); - - return (failed); -} diff --git a/src/regress/lib/libssl/buffer/Makefile b/src/regress/lib/libssl/buffer/Makefile deleted file mode 100644 index 64ed46fa90..0000000000 --- a/src/regress/lib/libssl/buffer/Makefile +++ /dev/null @@ -1,10 +0,0 @@ -# $OpenBSD: Makefile,v 1.1 2019/01/17 06:46:10 jsing Exp $ - -PROG= buffertest -LDADD= ${SSL_INT} -lcrypto -DPADD= ${LIBSSL} ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror -CFLAGS+= -I${.CURDIR}/../../../../lib/libssl - -.include diff --git a/src/regress/lib/libssl/buffer/buffertest.c b/src/regress/lib/libssl/buffer/buffertest.c deleted file mode 100644 index e627865e35..0000000000 --- a/src/regress/lib/libssl/buffer/buffertest.c +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright (c) 2019 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include "tls13_internal.h" - -uint8_t testdata[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, -}; - -struct read_state { - uint8_t *buf; - size_t len; - size_t offset; -}; - -static ssize_t -read_cb(void *buf, size_t buflen, void *cb_arg) -{ - struct read_state *rs = cb_arg; - ssize_t n; - - if (rs->offset > rs->len) - return TLS13_IO_EOF; - - if ((size_t)(n = buflen) > (rs->len - rs->offset)) - n = rs->len - rs->offset; - - if (n == 0) - return TLS13_IO_WANT_POLLIN; - - memcpy(buf, &rs->buf[rs->offset], n); - rs->offset += n; - - return n; -} - -struct extend_test { - size_t extend_len; - size_t read_len; - ssize_t want_ret; -}; - -struct extend_test extend_tests[] = { - { - .extend_len = 4, - .read_len = 0, - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .extend_len = 4, - .read_len = 8, - .want_ret = 4, - }, - { - .extend_len = 12, - .read_len = 8, - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .extend_len = 12, - .read_len = 10, - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .extend_len = 12, - .read_len = 12, - .want_ret = 12, - }, - { - .extend_len = 16, - .read_len = 16, - .want_ret = 16, - }, - { - .extend_len = 20, - .read_len = 1, - .want_ret = TLS13_IO_EOF, - }, -}; - -#define N_EXTEND_TESTS (sizeof(extend_tests) / sizeof(extend_tests[0])) - -int -main(int argc, char **argv) -{ - struct tls13_buffer *buf; - struct extend_test *et; - struct read_state rs; - uint8_t *data; - size_t i, data_len; - ssize_t ret; - CBS cbs; - - rs.buf = testdata; - rs.offset = 0; - - if ((buf = tls13_buffer_new(0)) == NULL) - errx(1, "tls13_buffer_new"); - - for (i = 0; i < N_EXTEND_TESTS; i++) { - et = &extend_tests[i]; - rs.len = et->read_len; - - ret = tls13_buffer_extend(buf, et->extend_len, read_cb, &rs); - if (ret != extend_tests[i].want_ret) { - fprintf(stderr, "FAIL: Test %zi - extend returned %zi, " - "want %zi\n", i, ret, et->want_ret); - return 1; - } - - tls13_buffer_cbs(buf, &cbs); - - if (!CBS_mem_equal(&cbs, testdata, CBS_len(&cbs))) { - fprintf(stderr, "FAIL: Test %zi - extend buffer " - "mismatch", i); - return 1; - } - } - - if (!tls13_buffer_finish(buf, &data, &data_len)) { - fprintf(stderr, "FAIL: failed to finish\n"); - return 1; - } - - tls13_buffer_free(buf); - - if (data_len != sizeof(testdata)) { - fprintf(stderr, "FAIL: got data length %zu, want %zu\n", - data_len, sizeof(testdata)); - return 1; - } - if (memcmp(data, testdata, data_len) != 0) { - fprintf(stderr, "FAIL: data mismatch\n"); - return 1; - } - free(data); - - return 0; -} diff --git a/src/regress/lib/libssl/bytestring/Makefile b/src/regress/lib/libssl/bytestring/Makefile deleted file mode 100644 index 162c81d255..0000000000 --- a/src/regress/lib/libssl/bytestring/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -# $OpenBSD: Makefile,v 1.5 2016/11/04 17:51:54 guenther Exp $ - -PROG= bytestringtest -LDADD= ${SSL_INT} -lcrypto -DPADD= ${LIBCRYPTO} ${LIBSSL} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror -I$(BSDSRCDIR)/lib/libssl - -.include diff --git a/src/regress/lib/libssl/bytestring/bytestringtest.c b/src/regress/lib/libssl/bytestring/bytestringtest.c deleted file mode 100644 index 040667ede9..0000000000 --- a/src/regress/lib/libssl/bytestring/bytestringtest.c +++ /dev/null @@ -1,916 +0,0 @@ -/* $OpenBSD: bytestringtest.c,v 1.14 2021/04/04 19:55:46 tb Exp $ */ -/* - * Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#include -#include -#include - -#include - -#include "bytestring.h" - -/* This is from in boringssl */ -#define OPENSSL_U64(x) x##ULL - -#define PRINT_ERROR printf("Error in %s [%s:%d]\n", __func__, __FILE__, \ - __LINE__) - -#define CHECK(a) do { \ - if (!(a)) { \ - PRINT_ERROR; \ - return 0; \ - } \ -} while (0) - -#define CHECK_GOTO(a) do { \ - if (!(a)) { \ - PRINT_ERROR; \ - goto err; \ - } \ -} while (0) - -static int -test_skip(void) -{ - static const uint8_t kData[] = {1, 2, 3}; - CBS data; - - CBS_init(&data, kData, sizeof(kData)); - - CHECK(CBS_len(&data) == 3); - CHECK(CBS_skip(&data, 1)); - CHECK(CBS_len(&data) == 2); - CHECK(CBS_skip(&data, 2)); - CHECK(CBS_len(&data) == 0); - CHECK(!CBS_skip(&data, 1)); - - return 1; -} - -static int -test_get_u(void) -{ - static const uint8_t kData[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10}; - uint8_t u8; - uint16_t u16; - uint32_t u32; - CBS data; - - CBS_init(&data, kData, sizeof(kData)); - - CHECK(CBS_get_u8(&data, &u8)); - CHECK(u8 == 1); - CHECK(CBS_get_u16(&data, &u16)); - CHECK(u16 == 0x203); - CHECK(CBS_get_u24(&data, &u32)); - CHECK(u32 == 0x40506); - CHECK(CBS_get_u32(&data, &u32)); - CHECK(u32 == 0x708090a); - CHECK(!CBS_get_u8(&data, &u8)); - - return 1; -} - -static int -test_get_prefixed(void) -{ - static const uint8_t kData[] = {1, 2, 0, 2, 3, 4, 0, 0, 3, 3, 2, 1}; - uint8_t u8; - uint16_t u16; - uint32_t u32; - CBS data, prefixed; - - CBS_init(&data, kData, sizeof(kData)); - - CHECK(CBS_get_u8_length_prefixed(&data, &prefixed)); - CHECK(CBS_len(&prefixed) == 1); - CHECK(CBS_get_u8(&prefixed, &u8)); - CHECK(u8 == 2); - CHECK(CBS_get_u16_length_prefixed(&data, &prefixed)); - CHECK(CBS_len(&prefixed) == 2); - CHECK(CBS_get_u16(&prefixed, &u16)); - CHECK(u16 == 0x304); - CHECK(CBS_get_u24_length_prefixed(&data, &prefixed)); - CHECK(CBS_len(&prefixed) == 3); - CHECK(CBS_get_u24(&prefixed, &u32)); - CHECK(u32 == 0x30201); - - return 1; -} - -static int -test_get_prefixed_bad(void) -{ - static const uint8_t kData1[] = {2, 1}; - static const uint8_t kData2[] = {0, 2, 1}; - static const uint8_t kData3[] = {0, 0, 2, 1}; - CBS data, prefixed; - - CBS_init(&data, kData1, sizeof(kData1)); - CHECK(!CBS_get_u8_length_prefixed(&data, &prefixed)); - - CBS_init(&data, kData2, sizeof(kData2)); - CHECK(!CBS_get_u16_length_prefixed(&data, &prefixed)); - - CBS_init(&data, kData3, sizeof(kData3)); - CHECK(!CBS_get_u24_length_prefixed(&data, &prefixed)); - - return 1; -} - -static int -test_get_asn1(void) -{ - static const uint8_t kData1[] = {0x30, 2, 1, 2}; - static const uint8_t kData2[] = {0x30, 3, 1, 2}; - static const uint8_t kData3[] = {0x30, 0x80}; - static const uint8_t kData4[] = {0x30, 0x81, 1, 1}; - static const uint8_t kData5[4 + 0x80] = {0x30, 0x82, 0, 0x80}; - static const uint8_t kData6[] = {0xa1, 3, 0x4, 1, 1}; - static const uint8_t kData7[] = {0xa1, 3, 0x4, 2, 1}; - static const uint8_t kData8[] = {0xa1, 3, 0x2, 1, 1}; - static const uint8_t kData9[] = {0xa1, 3, 0x2, 1, 0xff}; - - CBS data, contents; - int present; - uint64_t value; - - CBS_init(&data, kData1, sizeof(kData1)); - - CHECK(!CBS_peek_asn1_tag(&data, 0x1)); - CHECK(CBS_peek_asn1_tag(&data, 0x30)); - - CHECK(CBS_get_asn1(&data, &contents, 0x30)); - CHECK(CBS_len(&contents) == 2); - CHECK(memcmp(CBS_data(&contents), "\x01\x02", 2) == 0); - - CBS_init(&data, kData2, sizeof(kData2)); - /* data is truncated */ - CHECK(!CBS_get_asn1(&data, &contents, 0x30)); - - CBS_init(&data, kData3, sizeof(kData3)); - /* zero byte length of length */ - CHECK(!CBS_get_asn1(&data, &contents, 0x30)); - - CBS_init(&data, kData4, sizeof(kData4)); - /* long form mistakenly used. */ - CHECK(!CBS_get_asn1(&data, &contents, 0x30)); - - CBS_init(&data, kData5, sizeof(kData5)); - /* length takes too many bytes. */ - CHECK(!CBS_get_asn1(&data, &contents, 0x30)); - - CBS_init(&data, kData1, sizeof(kData1)); - /* wrong tag. */ - CHECK(!CBS_get_asn1(&data, &contents, 0x31)); - - CBS_init(&data, NULL, 0); - /* peek at empty data. */ - CHECK(!CBS_peek_asn1_tag(&data, 0x30)); - - CBS_init(&data, NULL, 0); - /* optional elements at empty data. */ - CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa0)); - CHECK(!present); - CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present, - 0xa0)); - CHECK(!present); - CHECK(CBS_len(&contents) == 0); - CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, NULL, 0xa0)); - CHECK(CBS_len(&contents) == 0); - CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa0, 42)); - CHECK(value == 42); - - CBS_init(&data, kData6, sizeof(kData6)); - /* optional element. */ - CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa0)); - CHECK(!present); - CHECK(CBS_get_optional_asn1(&data, &contents, &present, 0xa1)); - CHECK(present); - CHECK(CBS_len(&contents) == 3); - CHECK(memcmp(CBS_data(&contents), "\x04\x01\x01", 3) == 0); - - CBS_init(&data, kData6, sizeof(kData6)); - /* optional octet string. */ - CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present, - 0xa0)); - CHECK(!present); - CHECK(CBS_len(&contents) == 0); - CHECK(CBS_get_optional_asn1_octet_string(&data, &contents, &present, - 0xa1)); - CHECK(present); - CHECK(CBS_len(&contents) == 1); - CHECK(CBS_data(&contents)[0] == 1); - - CBS_init(&data, kData7, sizeof(kData7)); - /* invalid optional octet string. */ - CHECK(!CBS_get_optional_asn1_octet_string(&data, &contents, &present, - 0xa1)); - - CBS_init(&data, kData8, sizeof(kData8)); - /* optional octet string. */ - CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa0, 42)); - CHECK(value == 42); - CHECK(CBS_get_optional_asn1_uint64(&data, &value, 0xa1, 42)); - CHECK(value == 1); - - CBS_init(&data, kData9, sizeof(kData9)); - /* invalid optional integer. */ - CHECK(!CBS_get_optional_asn1_uint64(&data, &value, 0xa1, 42)); - - return 1; -} - -static int -test_get_optional_asn1_bool(void) -{ - CBS data; - int val; - - static const uint8_t kTrue[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0xff}; - static const uint8_t kFalse[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x00}; - static const uint8_t kInvalid[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x01}; - - CBS_init(&data, NULL, 0); - val = 2; - CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0)); - CHECK(val == 0); - - CBS_init(&data, kTrue, sizeof(kTrue)); - val = 2; - CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0)); - CHECK(val == 1); - - CBS_init(&data, kFalse, sizeof(kFalse)); - val = 2; - CHECK(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 1)); - CHECK(val == 0); - - CBS_init(&data, kInvalid, sizeof(kInvalid)); - CHECK(!CBS_get_optional_asn1_bool(&data, &val, 0x0a, 1)); - - return 1; -} - -static int -test_cbb_basic(void) -{ - static const uint8_t kExpected[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12}; - uint8_t *buf = NULL; - size_t buf_len; - int ret = 0; - CBB cbb; - - CHECK(CBB_init(&cbb, 100)); - - CBB_cleanup(&cbb); - - CHECK(CBB_init(&cbb, 0)); - CHECK_GOTO(CBB_add_u8(&cbb, 1)); - CHECK_GOTO(CBB_add_u16(&cbb, 0x203)); - CHECK_GOTO(CBB_add_u24(&cbb, 0x40506)); - CHECK_GOTO(CBB_add_u32(&cbb, 0x708090a)); - CHECK_GOTO(CBB_add_bytes(&cbb, (const uint8_t*) "\x0b\x0c", 2)); - CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len)); - - ret = (buf_len == sizeof(kExpected) - && memcmp(buf, kExpected, buf_len) == 0); - - if (0) { -err: - CBB_cleanup(&cbb); - } - free(buf); - return ret; -} - -static int -test_cbb_add_space(void) -{ - static const uint8_t kExpected[] = {1, 2, 0, 0, 0, 0, 7, 8}; - uint8_t *buf = NULL; - size_t buf_len; - uint8_t *data; - int ret = 0; - CBB cbb; - - CHECK(CBB_init(&cbb, 100)); - - CHECK_GOTO(CBB_add_u16(&cbb, 0x102)); - CHECK_GOTO(CBB_add_space(&cbb, &data, 4)); - CHECK_GOTO(CBB_add_u16(&cbb, 0x708)); - CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len)); - - ret |= (buf_len == sizeof(kExpected) - && memcmp(buf, kExpected, buf_len) == 0); - - memset(buf, 0xa5, buf_len); - CHECK(CBB_init_fixed(&cbb, buf, buf_len)); - - CHECK_GOTO(CBB_add_u16(&cbb, 0x102)); - CHECK_GOTO(CBB_add_space(&cbb, &data, 4)); - CHECK_GOTO(CBB_add_u16(&cbb, 0x708)); - CHECK_GOTO(CBB_finish(&cbb, NULL, NULL)); - - ret |= (buf_len == sizeof(kExpected) - && memcmp(buf, kExpected, buf_len) == 0); - - if (0) { -err: - CBB_cleanup(&cbb); - } - free(buf); - return ret; -} - -static int -test_cbb_fixed(void) -{ - CBB cbb; - uint8_t buf[1]; - uint8_t *out_buf = NULL; - size_t out_size; - int ret = 0; - - CHECK(CBB_init_fixed(&cbb, NULL, 0)); - CHECK_GOTO(!CBB_add_u8(&cbb, 1)); - CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size)); - CHECK(out_buf == NULL && out_size == 0); - - CHECK(CBB_init_fixed(&cbb, buf, 1)); - CHECK_GOTO(CBB_add_u8(&cbb, 1)); - CHECK_GOTO(!CBB_add_u8(&cbb, 2)); - CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size)); - - ret = (out_buf == buf && out_size == 1 && buf[0] == 1); - - if (0) { -err: - CBB_cleanup(&cbb); - } - - return ret; -} - -static int -test_cbb_finish_child(void) -{ - CBB cbb, child; - uint8_t *out_buf = NULL; - size_t out_size; - int ret = 0; - - CHECK(CBB_init(&cbb, 16)); - CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &child)); - CHECK_GOTO(!CBB_finish(&child, &out_buf, &out_size)); - CHECK_GOTO(CBB_finish(&cbb, &out_buf, &out_size)); - - ret = (out_size == 1 && out_buf[0] == 0); - -err: - free(out_buf); - return ret; -} - -static int -test_cbb_prefixed(void) -{ - static const uint8_t kExpected[] = {0, 1, 1, 0, 2, 2, 3, 0, 0, 3, - 4, 5, 6, 5, 4, 1, 0, 1, 2}; - CBB cbb, contents, inner_contents, inner_inner_contents; - uint8_t *buf = NULL; - size_t buf_len; - int ret = 0; - - CHECK(CBB_init(&cbb, 0)); - CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents)); - CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents)); - CHECK_GOTO(CBB_add_u8(&contents, 1)); - CHECK_GOTO(CBB_add_u16_length_prefixed(&cbb, &contents)); - CHECK_GOTO(CBB_add_u16(&contents, 0x203)); - CHECK_GOTO(CBB_add_u24_length_prefixed(&cbb, &contents)); - CHECK_GOTO(CBB_add_u24(&contents, 0x40506)); - CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents)); - CHECK_GOTO(CBB_add_u8_length_prefixed(&contents, &inner_contents)); - CHECK_GOTO(CBB_add_u8(&inner_contents, 1)); - CHECK_GOTO(CBB_add_u16_length_prefixed(&inner_contents, - &inner_inner_contents)); - CHECK_GOTO(CBB_add_u8(&inner_inner_contents, 2)); - CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len)); - - ret = (buf_len == sizeof(kExpected) - && memcmp(buf, kExpected, buf_len) == 0); - - if (0) { -err: - CBB_cleanup(&cbb); - } - free(buf); - return ret; -} - -static int -test_cbb_discard_child(void) -{ - static const uint8_t kExpected[] = { - 0xaa, - 0, - 1, 0xbb, - 0, 2, 0xcc, 0xcc, - 0, 0, 3, 0xdd, 0xdd, 0xdd, - 1, 0xff, - }; - CBB cbb, contents, inner_contents, inner_inner_contents; - uint8_t *buf = NULL; - size_t buf_len; - int ret = 0; - - CHECK(CBB_init(&cbb, 0)); - CHECK_GOTO(CBB_add_u8(&cbb, 0xaa)); - - // Discarding |cbb|'s children preserves the byte written. - CBB_discard_child(&cbb); - - CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents)); - CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents)); - CHECK_GOTO(CBB_add_u8(&contents, 0xbb)); - CHECK_GOTO(CBB_add_u16_length_prefixed(&cbb, &contents)); - CHECK_GOTO(CBB_add_u16(&contents, 0xcccc)); - CHECK_GOTO(CBB_add_u24_length_prefixed(&cbb, &contents)); - CHECK_GOTO(CBB_add_u24(&contents, 0xdddddd)); - CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &contents)); - CHECK_GOTO(CBB_add_u8(&contents, 0xff)); - CHECK_GOTO(CBB_add_u8_length_prefixed(&contents, &inner_contents)); - CHECK_GOTO(CBB_add_u8(&inner_contents, 0x42)); - CHECK_GOTO(CBB_add_u16_length_prefixed(&inner_contents, - &inner_inner_contents)); - CHECK_GOTO(CBB_add_u8(&inner_inner_contents, 0x99)); - - // Discard everything from |inner_contents| down. - CBB_discard_child(&contents); - - CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len)); - - ret = (buf_len == sizeof(kExpected) - && memcmp(buf, kExpected, buf_len) == 0); - - if (0) { -err: - CBB_cleanup(&cbb); - } - free(buf); - return ret; -} - -static int -test_cbb_misuse(void) -{ - CBB cbb, child, contents; - uint8_t *buf = NULL; - size_t buf_len; - int ret = 0; - - CHECK(CBB_init(&cbb, 0)); - CHECK_GOTO(CBB_add_u8_length_prefixed(&cbb, &child)); - CHECK_GOTO(CBB_add_u8(&child, 1)); - CHECK_GOTO(CBB_add_u8(&cbb, 2)); - - /* - * Since we wrote to |cbb|, |child| is now invalid and attempts to write - * to it should fail. - */ - CHECK_GOTO(!CBB_add_u8(&child, 1)); - CHECK_GOTO(!CBB_add_u16(&child, 1)); - CHECK_GOTO(!CBB_add_u24(&child, 1)); - CHECK_GOTO(!CBB_add_u8_length_prefixed(&child, &contents)); - CHECK_GOTO(!CBB_add_u16_length_prefixed(&child, &contents)); - CHECK_GOTO(!CBB_add_asn1(&child, &contents, 1)); - CHECK_GOTO(!CBB_add_bytes(&child, (const uint8_t*) "a", 1)); - CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len)); - - ret = (buf_len == 3 && memcmp(buf, "\x01\x01\x02", 3) == 0); - - if (0) { -err: - CBB_cleanup(&cbb); - } - free(buf); - return ret; -} - -static int -test_cbb_asn1(void) -{ - static const uint8_t kExpected[] = {0x30, 3, 1, 2, 3}; - uint8_t *buf = NULL, *test_data = NULL; - size_t buf_len; - CBB cbb, contents, inner_contents; - int ret = 0; - int alloc = 0; - - CHECK_GOTO(CBB_init(&cbb, 0)); - alloc = 1; - CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30)); - CHECK_GOTO(CBB_add_bytes(&contents, (const uint8_t*) "\x01\x02\x03", - 3)); - CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len)); - alloc = 0; - - CHECK_GOTO(buf_len == sizeof(kExpected)); - CHECK_GOTO(memcmp(buf, kExpected, buf_len) == 0); - - free(buf); - buf = NULL; - - CHECK_GOTO(((test_data = malloc(100000)) != NULL)); - memset(test_data, 0x42, 100000); - - CHECK_GOTO(CBB_init(&cbb, 0)); - alloc = 1; - CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30)); - CHECK_GOTO(CBB_add_bytes(&contents, test_data, 130)); - CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len)); - alloc = 0; - - CHECK_GOTO(buf_len == 3 + 130); - CHECK_GOTO(memcmp(buf, "\x30\x81\x82", 3) == 0); - CHECK_GOTO(memcmp(buf + 3, test_data, 130) == 0); - - free(buf); - buf = NULL; - - CHECK_GOTO(CBB_init(&cbb, 0)); - alloc = 1; - CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30)); - CHECK_GOTO(CBB_add_bytes(&contents, test_data, 1000)); - CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len)); - alloc = 0; - - CHECK_GOTO(buf_len == 4 + 1000); - CHECK_GOTO(memcmp(buf, "\x30\x82\x03\xe8", 4) == 0); - CHECK_GOTO(!memcmp(buf + 4, test_data, 1000)); - - free(buf); - buf = NULL; - - CHECK_GOTO(CBB_init(&cbb, 0)); - alloc = 1; - CHECK_GOTO(CBB_add_asn1(&cbb, &contents, 0x30)); - CHECK_GOTO(CBB_add_asn1(&contents, &inner_contents, 0x30)); - CHECK_GOTO(CBB_add_bytes(&inner_contents, test_data, 100000)); - CHECK_GOTO(CBB_finish(&cbb, &buf, &buf_len)); - alloc = 0; - - CHECK_GOTO(buf_len == 5 + 5 + 100000); - CHECK_GOTO(memcmp(buf, "\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0", 10) - == 0); - CHECK_GOTO(!memcmp(buf + 10, test_data, 100000)); - - ret = 1; - - if (0) { -err: - if (alloc) - CBB_cleanup(&cbb); - } - free(buf); - free(test_data); - return ret; -} - -static int -do_indefinite_convert(const char *name, const uint8_t *definite_expected, - size_t definite_len, const uint8_t *indefinite, size_t indefinite_len) -{ - CBS in; - uint8_t *out = NULL; - size_t out_len; - int ret = 0; - - CBS_init(&in, indefinite, indefinite_len); - - CHECK_GOTO(CBS_asn1_indefinite_to_definite(&in, &out, &out_len)); - - if (out == NULL) { - - if (indefinite_len != definite_len || - memcmp(definite_expected, indefinite, indefinite_len) != 0) { - PRINT_ERROR; - goto err; - } - - return 1; - } - - if (out_len != definite_len || - memcmp(out, definite_expected, definite_len) != 0) { - PRINT_ERROR; - goto err; - } - - ret = 1; -err: - free(out); - return ret; -} - -static int -test_indefinite_convert(void) -{ - static const uint8_t kSimpleBER[] = {0x01, 0x01, 0x00}; - - /* kIndefBER contains a SEQUENCE with an indefinite length. */ - static const uint8_t kIndefBER[] = {0x30, 0x80, 0x01, 0x01, 0x02, 0x00, - 0x00}; - static const uint8_t kIndefDER[] = {0x30, 0x03, 0x01, 0x01, 0x02}; - - /* - * kOctetStringBER contains an indefinite length OCTETSTRING with two - * parts. These parts need to be concatenated in DER form. - */ - static const uint8_t kOctetStringBER[] = {0x24, 0x80, 0x04, 0x02, 0, - 1, 0x04, 0x02, 2, 3, 0x00, 0x00}; - static const uint8_t kOctetStringDER[] = {0x04, 0x04, 0, 1, 2, 3}; - - /* - * kNSSBER is part of a PKCS#12 message generated by NSS that uses - * indefinite length elements extensively. - */ - static const uint8_t kNSSBER[] = { - 0x30, 0x80, 0x02, 0x01, 0x03, 0x30, 0x80, 0x06, 0x09, 0x2a, 0x86, - 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x80, 0x24, 0x80, - 0x04, 0x04, 0x01, 0x02, 0x03, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x30, 0x39, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, - 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x84, 0x98, 0xfc, 0x66, - 0x33, 0xee, 0xba, 0xe7, 0x90, 0xc1, 0xb6, 0xe8, 0x8f, 0xfe, 0x1d, - 0xc5, 0xa5, 0x97, 0x93, 0x3e, 0x04, 0x10, 0x38, 0x62, 0xc6, 0x44, - 0x12, 0xd5, 0x30, 0x00, 0xf8, 0xf2, 0x1b, 0xf0, 0x6e, 0x10, 0x9b, - 0xb8, 0x02, 0x02, 0x07, 0xd0, 0x00, 0x00, - }; - - static const uint8_t kNSSDER[] = { - 0x30, 0x53, 0x02, 0x01, 0x03, 0x30, 0x13, 0x06, 0x09, 0x2a, 0x86, - 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x06, 0x04, 0x04, - 0x01, 0x02, 0x03, 0x04, 0x30, 0x39, 0x30, 0x21, 0x30, 0x09, 0x06, - 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x84, - 0x98, 0xfc, 0x66, 0x33, 0xee, 0xba, 0xe7, 0x90, 0xc1, 0xb6, 0xe8, - 0x8f, 0xfe, 0x1d, 0xc5, 0xa5, 0x97, 0x93, 0x3e, 0x04, 0x10, 0x38, - 0x62, 0xc6, 0x44, 0x12, 0xd5, 0x30, 0x00, 0xf8, 0xf2, 0x1b, 0xf0, - 0x6e, 0x10, 0x9b, 0xb8, 0x02, 0x02, 0x07, 0xd0, - }; - - CHECK(do_indefinite_convert("kSimpleBER", kSimpleBER, sizeof(kSimpleBER), - kSimpleBER, sizeof(kSimpleBER))); - CHECK(do_indefinite_convert("kIndefBER", kIndefDER, sizeof(kIndefDER), - kIndefBER, sizeof(kIndefBER))); - CHECK(do_indefinite_convert("kOctetStringBER", kOctetStringDER, - sizeof(kOctetStringDER), kOctetStringBER, - sizeof(kOctetStringBER))); - CHECK(do_indefinite_convert("kNSSBER", kNSSDER, sizeof(kNSSDER), kNSSBER, - sizeof(kNSSBER))); - - return 1; -} - -typedef struct { - uint64_t value; - const char *encoding; - size_t encoding_len; -} ASN1_UINT64_TEST; - -static const ASN1_UINT64_TEST kAsn1Uint64Tests[] = { - {0, "\x02\x01\x00", 3}, - {1, "\x02\x01\x01", 3}, - {127, "\x02\x01\x7f", 3}, - {128, "\x02\x02\x00\x80", 4}, - {0xdeadbeef, "\x02\x05\x00\xde\xad\xbe\xef", 7}, - {OPENSSL_U64(0x0102030405060708), - "\x02\x08\x01\x02\x03\x04\x05\x06\x07\x08", 10}, - {OPENSSL_U64(0xffffffffffffffff), - "\x02\x09\x00\xff\xff\xff\xff\xff\xff\xff\xff", 11}, -}; - -typedef struct { - const char *encoding; - size_t encoding_len; -} ASN1_INVALID_UINT64_TEST; - -static const ASN1_INVALID_UINT64_TEST kAsn1InvalidUint64Tests[] = { - /* Bad tag. */ - {"\x03\x01\x00", 3}, - /* Empty contents. */ - {"\x02\x00", 2}, - /* Negative number. */ - {"\x02\x01\x80", 3}, - /* Overflow. */ - {"\x02\x09\x01\x00\x00\x00\x00\x00\x00\x00\x00", 11}, - /* Leading zeros. */ - {"\x02\x02\x00\x01", 4}, -}; - -static int -test_asn1_uint64(void) -{ - CBB cbb; - uint8_t *out = NULL; - size_t i; - int ret = 0; - int alloc = 0; - - for (i = 0; i < sizeof(kAsn1Uint64Tests) / sizeof(kAsn1Uint64Tests[0]); - i++) { - const ASN1_UINT64_TEST *test = &kAsn1Uint64Tests[i]; - CBS cbs; - uint64_t value; - size_t len; - - CBS_init(&cbs, (const uint8_t *)test->encoding, - test->encoding_len); - - CHECK(CBS_get_asn1_uint64(&cbs, &value)); - CHECK(CBS_len(&cbs) == 0); - CHECK(value == test->value); - - CHECK(CBB_init(&cbb, 0)); - alloc = 1; - CHECK_GOTO(CBB_add_asn1_uint64(&cbb, test->value)); - CHECK_GOTO(CBB_finish(&cbb, &out, &len)); - alloc = 0; - - CHECK_GOTO(len == test->encoding_len); - CHECK_GOTO(memcmp(out, test->encoding, len) == 0); - free(out); - out = NULL; - } - - for (i = 0; i < sizeof(kAsn1InvalidUint64Tests) - / sizeof(kAsn1InvalidUint64Tests[0]); i++) { - const ASN1_INVALID_UINT64_TEST *test = - &kAsn1InvalidUint64Tests[i]; - CBS cbs; - uint64_t value; - - CBS_init(&cbs, (const uint8_t *)test->encoding, - test->encoding_len); - CHECK(!CBS_get_asn1_uint64(&cbs, &value)); - } - - ret = 1; - - if (0) { -err: - if (alloc) - CBB_cleanup(&cbb); - } - free(out); - - return ret; -} - -static int -test_offset(void) -{ - uint8_t v; - static const uint8_t input[] = {1, 2, 3, 4, 5}; - CBS data; - - CBS_init(&data, input, sizeof(input)); - CHECK(sizeof(input) == 5); - CHECK(CBS_len(&data) == 5); - CHECK(CBS_offset(&data) == 0); - CHECK(CBS_get_u8(&data, &v)); - CHECK(v == 1); - CHECK(CBS_len(&data) == 4); - CHECK(CBS_offset(&data) == 1); - CHECK(CBS_skip(&data, 2)); - CHECK(CBS_len(&data) == 2); - CHECK(CBS_offset(&data) == 3); - CHECK(CBS_get_u8(&data, &v)); - CHECK(v == 4); - CHECK(CBS_get_u8(&data, &v)); - CHECK(v == 5); - CHECK(CBS_len(&data) == 0); - CHECK(CBS_offset(&data) == 5); - CHECK(!CBS_skip(&data, 1)); - - CBS_init(&data, input, sizeof(input)); - CHECK(CBS_skip(&data, 2)); - CHECK(CBS_len(&data) == 3); - CHECK(CBS_offset(&data) == 2); - CHECK(CBS_skip(&data, 3)); - CHECK(CBS_len(&data) == 0); - CHECK(CBS_offset(&data) == 5); - CHECK(!CBS_get_u8(&data, &v)); - - return 1; -} - -static int -test_write_bytes(void) -{ - int ret = 0; - uint8_t v; - size_t len; - static const uint8_t input[] = {'f', 'o', 'o', 'b', 'a', 'r'}; - CBS data; - uint8_t *tmp = NULL; - - CHECK_GOTO((tmp = malloc(sizeof(input))) != NULL); - memset(tmp, 100, sizeof(input)); - - CBS_init(&data, input, sizeof(input)); - CHECK_GOTO(CBS_len(&data) == 6); - CHECK_GOTO(CBS_offset(&data) == 0); - CHECK_GOTO(CBS_get_u8(&data, &v)); - CHECK_GOTO(v == 102 /* f */); - CHECK_GOTO(CBS_skip(&data, 1)); - CHECK_GOTO(!CBS_skip(&data, 15)); - CHECK_GOTO(CBS_write_bytes(&data, tmp, sizeof(input), &len)); - CHECK_GOTO(len == 4); - CHECK_GOTO(memcmp(input + 2, tmp, len) == 0); - CHECK_GOTO(tmp[4] == 100 && tmp[5] == 100); - - ret = 1; - -err: - free(tmp); - return ret; -} - -static int -test_cbs_dup(void) -{ - CBS data, check; - static const uint8_t input[] = {'f', 'o', 'o', 'b', 'a', 'r'}; - - CBS_init(&data, input, sizeof(input)); - CHECK(CBS_len(&data) == 6); - CBS_dup(&data, &check); - CHECK(CBS_len(&check) == 6); - CHECK(CBS_data(&data) == CBS_data(&check)); - CHECK(CBS_skip(&data, 1)); - CHECK(CBS_len(&data) == 5); - CHECK(CBS_len(&check) == 6); - CHECK(CBS_data(&data) == CBS_data(&check) + 1); - CHECK(CBS_skip(&check, 1)); - CHECK(CBS_len(&data) == 5); - CHECK(CBS_len(&check) == 5); - CHECK(CBS_data(&data) == CBS_data(&check)); - CHECK(CBS_offset(&data) == 1); - CHECK(CBS_offset(&check) == 1); - - CBS_init(&data, input, sizeof(input)); - CHECK(CBS_skip(&data, 5)); - CBS_dup(&data, &check); - CHECK(CBS_len(&data) == 1); - CHECK(CBS_len(&check) == 1); - CHECK(CBS_data(&data) == input + 5); - CHECK(CBS_data(&data) == CBS_data(&check)); - CHECK(CBS_offset(&data) == 5); - CHECK(CBS_offset(&check) == 5); - - return 1; -} - -int -main(void) -{ - int failed = 0; - - failed |= !test_skip(); - failed |= !test_get_u(); - failed |= !test_get_prefixed(); - failed |= !test_get_prefixed_bad(); - failed |= !test_get_asn1(); - failed |= !test_cbb_basic(); - failed |= !test_cbb_add_space(); - failed |= !test_cbb_fixed(); - failed |= !test_cbb_finish_child(); - failed |= !test_cbb_discard_child(); - failed |= !test_cbb_misuse(); - failed |= !test_cbb_prefixed(); - failed |= !test_cbb_asn1(); - failed |= !test_indefinite_convert(); - failed |= !test_asn1_uint64(); - failed |= !test_get_optional_asn1_bool(); - failed |= !test_offset(); - failed |= !test_write_bytes(); - failed |= !test_cbs_dup(); - - if (!failed) - printf("PASS\n"); - return failed; -} diff --git a/src/regress/lib/libssl/certs/ca.pem b/src/regress/lib/libssl/certs/ca.pem deleted file mode 100644 index 07f9b3fddb..0000000000 --- a/src/regress/lib/libssl/certs/ca.pem +++ /dev/null @@ -1,45 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDtjCCAp6gAwIBAgIJAJz/hGfwYXLrMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV -BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT -VElORyBQVVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBD -QTAeFw0xNDA1MjQxNDQ1MTFaFw0yNDA1MjExNDQ1MTFaMGgxCzAJBgNVBAYTAlVL -MRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVTVElORyBQ -VVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBDQTCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANMaarigKGOra5Mc/LrhOkcmHzDs -vkYL7dfaaht8fLBKRTYwzSBvO9x54koTWjq7HkbaxkYAg3HnDTkNCyzkGKNdM89H -q/PtGIFFlceQIOat3Kjd05Iw3PtLEWTDjT6FMA9Mkjk/XbpmycqRIwNKtgICoFsG -juIpc4P31kxK7i3ri+JnlyvVmRZjJxrheJB0qHGXilrOVDPOliDn//jXbcyzXemu -R8KgAeQM4IIs9jYHJOgHrTItIpwa9wNTEp9KCGkO6xr20NkKyDp6XRyd+hmnUB7r -77WTptvKPFFTjTDFqEtcif9U2kVkCfn2mSRO8noCbVH++fuR8LMWlD99gt8CAwEA -AaNjMGEwHQYDVR0OBBYEFIwZD9dCMXcFBuHTsZ/rOft4cTpFMB8GA1UdIwQYMBaA -FIwZD9dCMXcFBuHTsZ/rOft4cTpFMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCPfqm4KbYtXEB8aP1RdUH2BkPSjyau -WQLMGfKNF/zkUQue0REgdJ4wVR06NTTlOCsfHC6b68vgz2QFC1mM8ZANgDiyr4M1 -6gjvP0eZQVxokJ3EMzjDMFRHIiFrZZAFr7aGq8dxoruuehovqyehuJRakAe0oNUb -4ZTKrGuTKh9Mwti9721XNFByjeTFL2dlH6ulz7qyfI+lrTi+pNsUchuVYE8a1TP3 -OEiG6whsyPU1YoTlemC1mvW0ixtj8Tcem0KyotCUyOmJlwyWj0bA43sCI6z/OVqJ -tVvwgfqrOeVNk9nN2JslCsttnwstwqUfDoEXFoScej2CT0QezFGPTN21 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDvjCCAqagAwIBAgIJAPrXr2k7uM/OMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV -BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT -VElORyBQVVJQT1NFUyBPTkxZMR0wGwYDVQQDDBRPcGVuU1NMIFRlc3QgUm9vdCBD -QTAeFw0xNDA1MjQxNDQ1MTFaFw0yNDA1MDExNDQ1MTFaMHAxCzAJBgNVBAYTAlVL -MRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVTVElORyBQ -VVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJtZWRpYXRl -IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsErw75CmLYD6pkrG -W/YhAl/K8L5wJYxDjqu2FghxjD8K308W3EHq4uBxEwR1OHXaM1+6ZZw7/r2I37VL -IdurBEAIEUdbzx0so74FPawgz5EW2CTqoJnK8F71/vo5Kj1VPwW46CxwxUR3cfvJ -GNXND2ip0TcyTSPLROXOyQakcVfIGJmdSa1wHKi+c2gMA4emADudZUOYLrg80gr2 -ldePm07ynbVsKKzCcStw8MdmoW9Qt3fLnPJn2TFUUBNWj+4kvL+88edWCVQXKNds -ysD/CDrH4W/hjyPDStVsM6XpiNU0+L2ZY6fcj3OP8d0goOx45xotMn9m8hNkCGsr -VXx9IwIDAQABo2MwYTAdBgNVHQ4EFgQUNsNsiOeV/rC97M4+PYarIYGH2towHwYD -VR0jBBgwFoAUjBkP10IxdwUG4dOxn+s5+3hxOkUwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAAIwwR8jyFN6qYGIRAKi -ahyeHd26hNPC4RiCvjz6dytuvDUqfMTUZcjBy6Ez1Wsfs1/PC8u3IDpOTwZSz72K -ACQzPpmXREWkO5nx8I+W+94yJsbklhsTxDlZj3X2oJCQ7qO4hdIpYESWfMchYra9 -5e55SMBXeGDp+uRILt+6UfOXCGaXaoYqyrzQROJAiGy1x96A/5sU6ZU3KdKN1JLM -XTZ268ihubCMRVScHnpYUjRDoGrhnQM7007ybVfRUGNXDs+ENqjGfyxc5ScR+Un4 -UQtOd4zD2g9wrdXvlDiqxci6W7IOEPVP6qHG2GIh+T2zpO3GOAuZCe5cjLiCDATs -hNw= ------END CERTIFICATE----- diff --git a/src/regress/lib/libssl/certs/client.pem b/src/regress/lib/libssl/certs/client.pem deleted file mode 100644 index ce4bf49ce6..0000000000 --- a/src/regress/lib/libssl/certs/client.pem +++ /dev/null @@ -1,51 +0,0 @@ -subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Client Cert -issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA ------BEGIN CERTIFICATE----- -MIIDpTCCAo2gAwIBAgIJAPYm3GvOr5eTMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV -BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT -VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTE0MDUyNDE0NDUxMVoXDTI0MDQwMTE0NDUxMVowZDELMAkG -A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU -RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgQ2xpZW50IENlcnQw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ranbHRLcLVqN+0BzcZpY -+yOLqxzDWT1LD9eW1stC4NzXX9/DCtSIVyN7YIHdGLrIPr64IDdXXaMRzgZ2rOKs -lmHCAiFpO/ja99gGCJRxH0xwQatqAULfJVHeUhs7OEGOZc2nWifjqKvGfNTilP7D -nwi69ipQFq9oS19FmhwVHk2wg7KZGHI1qDyG04UrfCZMRitvS9+UVhPpIPjuiBi2 -x3/FZIpL5gXJvvFK6xHY63oq2asyzBATntBgnP4qJFWWcvRx24wF1PnZabxuVoL2 -bPnQ/KvONDrw3IdqkKhYNTul7jEcu3OlcZIMw+7DiaKJLAzKb/bBF5gm/pwW6As9 -AgMBAAGjTjBMMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCwGCWCGSAGG -+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0B -AQUFAAOCAQEAJzA4KTjkjXGSC4He63yX9Br0DneGBzjAwc1H6f72uqnCs8m7jgkE -PQJFdTzQUKh97QPUuayZ2gl8XHagg+iWGy60Kw37gQ0+lumCN2sllvifhHU9R03H -bWtS4kue+yQjMbrzf3zWygMDgwvFOUAIgBpH9qGc+CdNu97INTYd0Mvz51vLlxRn -sC5aBYCWaZFnw3lWYxf9eVFRy9U+DkYFqX0LpmbDtcKP7AZGE6ZwSzaim+Cnoz1u -Cgn+QmpFXgJKMFIZ82iSZISn+JkCCGxctZX1lMvai4Wi8Y0HxW9FTFZ6KBNwwE4B -zjbN/ehBkgLlW/DWfi44DvwUHmuU6QP3cw== ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAtK2p2x0S3C1ajftAc3GaWPsji6scw1k9Sw/XltbLQuDc11/f -wwrUiFcje2CB3Ri6yD6+uCA3V12jEc4GdqzirJZhwgIhaTv42vfYBgiUcR9McEGr -agFC3yVR3lIbOzhBjmXNp1on46irxnzU4pT+w58IuvYqUBavaEtfRZocFR5NsIOy -mRhyNag8htOFK3wmTEYrb0vflFYT6SD47ogYtsd/xWSKS+YFyb7xSusR2Ot6Ktmr -MswQE57QYJz+KiRVlnL0cduMBdT52Wm8blaC9mz50PyrzjQ68NyHapCoWDU7pe4x -HLtzpXGSDMPuw4miiSwMym/2wReYJv6cFugLPQIDAQABAoIBAAZOyc9MhIwLSU4L -p4RgQvM4UVVe8/Id+3XTZ8NsXExJbWxXfIhiqGjaIfL8u4vsgRjcl+v1s/jo2/iT -KMab4o4D8gXD7UavQVDjtjb/ta79WL3SjRl2Uc9YjjMkyq6WmDNQeo2NKDdafCTB -1uzSJtLNipB8Z53ELPuHJhxX9QMHrMnuha49riQgXZ7buP9iQrHJFhImBjSzbxJx -L+TI6rkyLSf9Wi0Pd3L27Ob3QWNfNRYNSeTE+08eSRChkur5W0RuXAcuAICdQlCl -LBvWO/LmmvbzCqiDcgy/TliSb6CGGwgiNG7LJZmlkYNj8laGwalNlYZs3UrVv6NO -Br2loAECgYEA2kvCvPGj0Dg/6g7WhXDvAkEbcaL1tSeCxBbNH+6HS2UWMWvyTtCn -/bbD519QIdkvayy1QjEf32GV/UjUVmlULMLBcDy0DGjtL3+XpIhLKWDNxN1v1/ai -1oz23ZJCOgnk6K4qtFtlRS1XtynjA+rBetvYvLP9SKeFrnpzCgaA2r0CgYEA0+KX -1ACXDTNH5ySX3kMjSS9xdINf+OOw4CvPHFwbtc9aqk2HePlEsBTz5I/W3rKwXva3 -NqZ/bRqVVeZB/hHKFywgdUQk2Uc5z/S7Lw70/w1HubNTXGU06Ngb6zOFAo/o/TwZ -zTP1BMIKSOB6PAZPS3l+aLO4FRIRotfFhgRHOoECgYEAmiZbqt8cJaJDB/5YYDzC -mp3tSk6gIb936Q6M5VqkMYp9pIKsxhk0N8aDCnTU+kIK6SzWBpr3/d9Ecmqmfyq7 -5SvWO3KyVf0WWK9KH0abhOm2BKm2HBQvI0DB5u8sUx2/hsvOnjPYDISbZ11t0MtK -u35Zy89yMYcSsIYJjG/ROCUCgYEAgI2P9G5PNxEP5OtMwOsW84Y3Xat/hPAQFlI+ -HES+AzbFGWJkeT8zL2nm95tVkFP1sggZ7Kxjz3w7cpx7GX0NkbWSE9O+T51pNASV -tN1sQ3p5M+/a+cnlqgfEGJVvc7iAcXQPa3LEi5h2yPR49QYXAgG6cifn3dDSpmwn -SUI7PQECgYEApGCIIpSRPLAEHTGmP87RBL1smurhwmy2s/pghkvUkWehtxg0sGHh -kuaqDWcskogv+QC0sVdytiLSz8G0DwcEcsHK1Fkyb8A+ayiw6jWJDo2m9+IF4Fww -1Te6jFPYDESnbhq7+TLGgHGhtwcu5cnb4vSuYXGXKupZGzoLOBbv1Zw= ------END RSA PRIVATE KEY----- diff --git a/src/regress/lib/libssl/certs/server.pem b/src/regress/lib/libssl/certs/server.pem deleted file mode 100644 index 7412490f51..0000000000 --- a/src/regress/lib/libssl/certs/server.pem +++ /dev/null @@ -1,51 +0,0 @@ -subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert -issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA ------BEGIN CERTIFICATE----- -MIIDpTCCAo2gAwIBAgIJAPYm3GvOr5eUMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV -BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT -VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTE0MDUyNDE0NDUxMloXDTI0MDQwMTE0NDUxMlowZDELMAkG -A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU -RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgU2VydmVyIENlcnQw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzhPOSNtyyRspmeuUpxfNJ -KCLTuf7g3uQ4zu4iHOmRO5TQci+HhVlLZrHF9XqFXcIP0y4pWDbMSGuiorUmzmfi -R7bfSdI/+qIQt8KXRH6HNG1t8ou0VSvWId5TS5Dq/er5ODUr9OaaDva7EquHIcMv -vPQGuI+OEAcnleVCy9HVEIySrO4P3CNIicnGkwwiAud05yUAq/gPXBC1hTtmlPD7 -TVcGVSEiJdvzqqlgv02qedGrkki6GY4S7GjZxrrf7Foc2EP+51LJzwLQx3/JfrCU -41NEWAsu/Sl0tQabXESN+zJ1pDqoZ3uHMgpQjeGiE0olr+YcsSW/tJmiU9OiAr8R -AgMBAAGjTjBMMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCwGCWCGSAGG -+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0B -AQUFAAOCAQEADfy8VrY5er5ebYLyiC1il5kVOuJHSf8aN5SciJz/VcifA1+Hl2Bu -CfuizhP/kUdB9PTSj8ep9sL+5PBFl7CZJDO6Sxs5+qJe15XvLBP8UEdvc779plL6 -StUMJT0aU/MaqUZZCldC3G4CcbwzOzKSD5YzvxxIGspxBWRduZKKMOju/4aqK76p -dwA/VGCve9mjft3LIrb0gSaPi5KmdGtpAjzW3H1+63DSqxCYb1oiPtUZBs4STwjh -WPRmAEVR4RPCETM3Sth4C+bE0QMCGY12ctcbzhj7Xgo7LcSpqviq6JD8SPuU7ISL -hy4NcnBBHJr9OV9WTLpmS9V9Vg6QmOpxQw== ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv -h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL -tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu -D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI -uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6 -qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn -zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3 -r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D -AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R -5s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm -W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH -674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg -utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY -BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX -4qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a -WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8 -bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH -6ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex -4UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa -WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g -n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB -JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+ -OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX -xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK -UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ== ------END RSA PRIVATE KEY----- diff --git a/src/regress/lib/libssl/ciphers/Makefile b/src/regress/lib/libssl/ciphers/Makefile deleted file mode 100644 index 2575db4df4..0000000000 --- a/src/regress/lib/libssl/ciphers/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -# $OpenBSD: Makefile,v 1.2 2020/09/13 16:51:30 jsing Exp $ - -PROG= cipherstest -LDADD= ${SSL_INT} -lcrypto -DPADD= ${LIBSSL} ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Werror - -.include diff --git a/src/regress/lib/libssl/ciphers/cipherstest.c b/src/regress/lib/libssl/ciphers/cipherstest.c deleted file mode 100644 index c43939d4d5..0000000000 --- a/src/regress/lib/libssl/ciphers/cipherstest.c +++ /dev/null @@ -1,531 +0,0 @@ -/* - * Copyright (c) 2015, 2020 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include -#include -#include - -int ssl3_num_ciphers(void); -const SSL_CIPHER *ssl3_get_cipher(unsigned int u); - -int ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str); - -static inline int -ssl_aes_is_accelerated(void) -{ -#if defined(__i386__) || defined(__x86_64__) - return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0); -#else - return (0); -#endif -} - -static int -check_cipher_order(void) -{ - unsigned long id, prev_id = 0; - const SSL_CIPHER *cipher; - int num_ciphers; - int i; - - num_ciphers = ssl3_num_ciphers(); - - for (i = 1; i <= num_ciphers; i++) { - /* - * For some reason, ssl3_get_cipher() returns ciphers in - * reverse order. - */ - if ((cipher = ssl3_get_cipher(num_ciphers - i)) == NULL) { - fprintf(stderr, "FAIL: ssl3_get_cipher(%d) returned " - "NULL\n", i); - return 1; - } - if ((id = SSL_CIPHER_get_id(cipher)) <= prev_id) { - fprintf(stderr, "FAIL: ssl3_ciphers is not sorted by " - "id - cipher %d (%lx) <= cipher %d (%lx)\n", - i, id, i - 1, prev_id); - return 1; - } - prev_id = id; - } - - return 0; -} - -static int -cipher_find_test(void) -{ - STACK_OF(SSL_CIPHER) *ciphers; - const SSL_CIPHER *cipher; - unsigned char buf[2]; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int ret = 1; - int i; - - if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) { - fprintf(stderr, "SSL_CTX_new() returned NULL\n"); - goto failure; - } - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new() returned NULL\n"); - goto failure; - } - if (!SSL_set_cipher_list(ssl, "ALL")) { - fprintf(stderr, "SSL_set_cipher_list failed\n"); - goto failure; - } - - if ((ciphers = SSL_get_ciphers(ssl)) == NULL) { - fprintf(stderr, "no ciphers\n"); - goto failure; - } - - for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { - uint16_t cipher_value; - - cipher = sk_SSL_CIPHER_value(ciphers, i); - cipher_value = SSL_CIPHER_get_value(cipher); - - buf[0] = cipher_value >> 8; - buf[1] = cipher_value & 0xff; - - if ((cipher = SSL_CIPHER_find(ssl, buf)) == NULL) { - fprintf(stderr, - "SSL_CIPHER_find() returned NULL for %s\n", - SSL_CIPHER_get_name(cipher)); - goto failure; - } - - if (SSL_CIPHER_get_value(cipher) != cipher_value) { - fprintf(stderr, - "got cipher with value 0x%x, want 0x%x\n", - SSL_CIPHER_get_value(cipher), cipher_value); - goto failure; - } - } - - ret = 0; - - failure: - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - - return (ret); -} - -static int -cipher_get_by_value_tests(void) -{ - STACK_OF(SSL_CIPHER) *ciphers; - const SSL_CIPHER *cipher; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - unsigned long id; - uint16_t value; - int ret = 1; - int i; - - if ((ssl_ctx = SSL_CTX_new(SSLv23_method())) == NULL) { - fprintf(stderr, "SSL_CTX_new() returned NULL\n"); - goto failure; - } - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new() returned NULL\n"); - goto failure; - } - - if ((ciphers = SSL_get_ciphers(ssl)) == NULL) { - fprintf(stderr, "no ciphers\n"); - goto failure; - } - - for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { - cipher = sk_SSL_CIPHER_value(ciphers, i); - - id = SSL_CIPHER_get_id(cipher); - if (SSL_CIPHER_get_by_id(id) == NULL) { - fprintf(stderr, "SSL_CIPHER_get_by_id() failed " - "for %s (0x%lx)\n", SSL_CIPHER_get_name(cipher), - id); - goto failure; - } - - value = SSL_CIPHER_get_value(cipher); - if (SSL_CIPHER_get_by_value(value) == NULL) { - fprintf(stderr, "SSL_CIPHER_get_by_value() failed " - "for %s (0x%04hx)\n", SSL_CIPHER_get_name(cipher), - value); - goto failure; - } - } - - ret = 0; - - failure: - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - - return (ret); -} - -struct parse_ciphersuites_test { - const char *str; - const int want; - const unsigned long cids[32]; -}; - -struct parse_ciphersuites_test parse_ciphersuites_tests[] = { - { - /* LibreSSL names. */ - .str = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256:AEAD-AES128-GCM-SHA256", - .want = 1, - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - TLS1_3_CK_AES_128_GCM_SHA256, - }, - }, - { - /* OpenSSL names. */ - .str = "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256", - .want = 1, - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - TLS1_3_CK_AES_128_GCM_SHA256, - }, - }, - { - /* Different priority order. */ - .str = "AEAD-AES128-GCM-SHA256:AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256", - .want = 1, - .cids = { - TLS1_3_CK_AES_128_GCM_SHA256, - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - }, - }, - { - /* Known but unsupported names. */ - .str = "AEAD-AES256-GCM-SHA384:AEAD-AES128-CCM-SHA256:AEAD-AES128-CCM-8-SHA256", - .want = 1, - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - }, - }, - { - /* Empty string means no TLSv1.3 ciphersuites. */ - .str = "", - .want = 1, - .cids = { 0 }, - }, - { - .str = "TLS_CHACHA20_POLY1305_SHA256:TLS_NOT_A_CIPHERSUITE", - .want = 0, - }, - { - .str = "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256,TLS_AES_128_GCM_SHA256", - .want = 0, - }, -}; - -#define N_PARSE_CIPHERSUITES_TESTS \ - (sizeof(parse_ciphersuites_tests) / sizeof(*parse_ciphersuites_tests)) - -static int -parse_ciphersuites_test(void) -{ - struct parse_ciphersuites_test *pct; - STACK_OF(SSL_CIPHER) *ciphers = NULL; - SSL_CIPHER *cipher; - int failed = 1; - int j, ret; - size_t i; - - for (i = 0; i < N_PARSE_CIPHERSUITES_TESTS; i++) { - pct = &parse_ciphersuites_tests[i]; - - ret = ssl_parse_ciphersuites(&ciphers, pct->str); - if (ret != pct->want) { - fprintf(stderr, "FAIL: test %zu - " - "ssl_parse_ciphersuites returned %d, want %d\n", - i, ret, pct->want); - goto failed; - } - if (ret == 0) - continue; - - for (j = 0; j < sk_SSL_CIPHER_num(ciphers); j++) { - cipher = sk_SSL_CIPHER_value(ciphers, j); - if (SSL_CIPHER_get_id(cipher) == pct->cids[j]) - continue; - fprintf(stderr, "FAIL: test %zu - got cipher %d with " - "id %lx, want %lx\n", i, j, - SSL_CIPHER_get_id(cipher), pct->cids[j]); - goto failed; - } - if (pct->cids[j] != 0) { - fprintf(stderr, "FAIL: test %zu - got %d ciphers, " - "expected more", i, sk_SSL_CIPHER_num(ciphers)); - goto failed; - } - } - - failed = 0; - - failed: - sk_SSL_CIPHER_free(ciphers); - - return failed; -} - -struct cipher_set_test { - int ctx_ciphersuites_first; - const char *ctx_ciphersuites; - const char *ctx_rulestr; - int ssl_ciphersuites_first; - const char *ssl_ciphersuites; - const char *ssl_rulestr; - int cids_aes_accel_fixup; - unsigned long cids[32]; -}; - -struct cipher_set_test cipher_set_tests[] = { - { - .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES", - .cids_aes_accel_fixup = 1, - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - TLS1_3_CK_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - }, - }, - { - .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES", - .cids_aes_accel_fixup = 1, - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - TLS1_3_CK_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - }, - }, - { - .ctx_ciphersuites_first = 1, - .ctx_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256", - .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES", - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - }, - }, - { - .ssl_ciphersuites_first = 1, - .ssl_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256", - .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES", - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - }, - }, - { - .ctx_ciphersuites_first = 0, - .ctx_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256", - .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES", - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - }, - }, - { - .ssl_ciphersuites_first = 0, - .ssl_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256", - .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES", - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - }, - }, - { - .ssl_ciphersuites_first = 1, - .ssl_ciphersuites = "", - .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES", - .cids = { - TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - }, - }, - { - .ssl_ciphersuites_first = 0, - .ssl_ciphersuites = "", - .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES", - .cids = { - TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - }, - }, - { - .ctx_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256", - .ssl_rulestr = "TLSv1.2+ECDHE+AEAD+AES", - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - }, - }, - { - .ctx_rulestr = "TLSv1.2+ECDHE+AEAD+AES", - .ssl_ciphersuites = "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256", - .cids = { - TLS1_3_CK_AES_256_GCM_SHA384, - TLS1_3_CK_CHACHA20_POLY1305_SHA256, - TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - }, - }, -}; - -#define N_CIPHER_SET_TESTS \ - (sizeof(cipher_set_tests) / sizeof(*cipher_set_tests)) - -static int -cipher_set_test(void) -{ - struct cipher_set_test *cst; - STACK_OF(SSL_CIPHER) *ciphers = NULL; - SSL_CIPHER *cipher; - SSL_CTX *ctx = NULL; - SSL *ssl = NULL; - int failed = 0; - size_t i; - int j; - - for (i = 0; i < N_CIPHER_SET_TESTS; i++) { - cst = &cipher_set_tests[i]; - - if (!ssl_aes_is_accelerated() && cst->cids_aes_accel_fixup) { - cst->cids[0] = TLS1_3_CK_CHACHA20_POLY1305_SHA256; - cst->cids[1] = TLS1_3_CK_AES_256_GCM_SHA384; - } - - if ((ctx = SSL_CTX_new(TLS_method())) == NULL) - errx(1, "SSL_CTX_new"); - - if (cst->ctx_ciphersuites_first && cst->ctx_ciphersuites != NULL) { - if (!SSL_CTX_set_ciphersuites(ctx, cst->ctx_ciphersuites)) - errx(1, "SSL_CTX_set_ciphersuites"); - } - if (cst->ctx_rulestr != NULL) { - if (!SSL_CTX_set_cipher_list(ctx, cst->ctx_rulestr)) - errx(1, "SSL_CTX_set_cipher_list"); - } - if (!cst->ctx_ciphersuites_first && cst->ctx_ciphersuites != NULL) { - if (!SSL_CTX_set_ciphersuites(ctx, cst->ctx_ciphersuites)) - errx(1, "SSL_CTX_set_ciphersuites"); - } - - /* XXX - check SSL_CTX_get_ciphers(ctx) */ - - if ((ssl = SSL_new(ctx)) == NULL) - errx(1, "SSL_new"); - - if (cst->ssl_ciphersuites_first && cst->ssl_ciphersuites != NULL) { - if (!SSL_set_ciphersuites(ssl, cst->ssl_ciphersuites)) - errx(1, "SSL_set_ciphersuites"); - } - if (cst->ssl_rulestr != NULL) { - if (!SSL_set_cipher_list(ssl, cst->ssl_rulestr)) - errx(1, "SSL_set_cipher_list"); - } - if (!cst->ssl_ciphersuites_first && cst->ssl_ciphersuites != NULL) { - if (!SSL_set_ciphersuites(ssl, cst->ssl_ciphersuites)) - errx(1, "SSL_set_ciphersuites"); - } - - ciphers = SSL_get_ciphers(ssl); - - for (j = 0; j < sk_SSL_CIPHER_num(ciphers); j++) { - cipher = sk_SSL_CIPHER_value(ciphers, j); - if (SSL_CIPHER_get_id(cipher) == cst->cids[j]) - continue; - fprintf(stderr, "FAIL: test %zu - got cipher %d with " - "id %lx, want %lx\n", i, j, - SSL_CIPHER_get_id(cipher), cst->cids[j]); - failed |= 1; - } - if (cst->cids[j] != 0) { - fprintf(stderr, "FAIL: test %zu - got %d ciphers, " - "expected more", i, sk_SSL_CIPHER_num(ciphers)); - failed |= 1; - } - - SSL_CTX_free(ctx); - SSL_free(ssl); - } - - return failed; -} - -int -main(int argc, char **argv) -{ - int failed = 0; - - failed |= check_cipher_order(); - - failed |= cipher_find_test(); - failed |= cipher_get_by_value_tests(); - - failed |= parse_ciphersuites_test(); - failed |= cipher_set_test(); - - return (failed); -} diff --git a/src/regress/lib/libssl/client/Makefile b/src/regress/lib/libssl/client/Makefile deleted file mode 100644 index 4f99f0e97c..0000000000 --- a/src/regress/lib/libssl/client/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -# $OpenBSD: Makefile,v 1.1 2015/09/01 17:02:18 jsing Exp $ - -PROG= clienttest -LDADD= -lssl -lcrypto -DPADD= ${LIBSSL} ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Werror - -.include diff --git a/src/regress/lib/libssl/client/clienttest.c b/src/regress/lib/libssl/client/clienttest.c deleted file mode 100644 index 2efe676a9d..0000000000 --- a/src/regress/lib/libssl/client/clienttest.c +++ /dev/null @@ -1,740 +0,0 @@ -/* $OpenBSD: clienttest.c,v 1.33 2021/06/27 17:13:23 jsing Exp $ */ -/* - * Copyright (c) 2015 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include -#include - -#include -#include -#include - -#define DTLS_HM_OFFSET (DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH) -#define DTLS_RANDOM_OFFSET (DTLS_HM_OFFSET + 2) -#define DTLS_CIPHER_OFFSET (DTLS_HM_OFFSET + 38) - -#define SSL3_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH) -#define SSL3_RANDOM_OFFSET (SSL3_HM_OFFSET + 2) -#define SSL3_CIPHER_OFFSET (SSL3_HM_OFFSET + 37) - -#define TLS13_HM_OFFSET (SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH) -#define TLS13_RANDOM_OFFSET (TLS13_HM_OFFSET + 2) -#define TLS13_SESSION_OFFSET (TLS13_HM_OFFSET + 34) -#define TLS13_CIPHER_OFFSET (TLS13_HM_OFFSET + 69) -#define TLS13_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 194) -#define TLS13_ONLY_KEY_SHARE_OFFSET (TLS13_HM_OFFSET + 98) - -#define TLS1_3_VERSION_ONLY (TLS1_3_VERSION | 0x10000) - -static const uint8_t cipher_list_dtls1[] = { - 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, - 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, - 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, - 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, - 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff, -}; - -static const uint8_t client_hello_dtls1[] = { - 0x16, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x74, 0x01, 0x00, 0x00, - 0x68, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x68, 0xfe, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x26, 0xc0, - 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, - 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, - 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, - 0x2f, 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, - 0x16, 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, - 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, - 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, - 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, - 0x00, -}; - -static const uint8_t cipher_list_dtls12_aes[] = { - 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, - 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, - 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, - 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, - 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, - 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, - 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, - 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, - 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, - 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, - 0x00, 0x0a, 0x00, 0xff -}; - -static const uint8_t cipher_list_dtls12_chacha[] = { - 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, - 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, - 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, - 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, - 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, - 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, - 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, - 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, - 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, - 0x00, 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, - 0x00, 0x0a, 0x00, 0xff, -}; - -static const uint8_t client_hello_dtls12[] = { - 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xbe, 0x01, 0x00, 0x00, - 0xb2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xb2, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x54, 0xc0, - 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, - 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, - 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, - 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, - 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, - 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, - 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, - 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, - 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, - 0x41, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, - 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x34, 0x00, - 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, - 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, - 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, 0x00, 0x00, - 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08, 0x06, 0x06, - 0x01, 0x06, 0x03, 0x08, 0x05, 0x05, 0x01, 0x05, - 0x03, 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0x02, - 0x01, 0x02, 0x03, -}; - -static const uint8_t cipher_list_tls10[] = { - 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, - 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, - 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, - 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, - 0x00, 0x05, 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, - 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff, -}; - -static const uint8_t client_hello_tls10[] = { - 0x16, 0x03, 0x01, 0x00, 0x73, 0x01, 0x00, 0x00, - 0x6f, 0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x2e, 0xc0, 0x14, - 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88, - 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13, - 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f, - 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, - 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, - 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x18, - 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, - 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, - 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, 0x00, -}; - -static const uint8_t cipher_list_tls11[] = { - 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, - 0x00, 0x88, 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, - 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, - 0x00, 0x2f, 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, - 0x00, 0x05, 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, - 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff, -}; - -static const uint8_t client_hello_tls11[] = { - 0x16, 0x03, 0x01, 0x00, 0x73, 0x01, 0x00, 0x00, - 0x6f, 0x03, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x2e, 0xc0, 0x14, - 0xc0, 0x0a, 0x00, 0x39, 0xff, 0x85, 0x00, 0x88, - 0x00, 0x81, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x13, - 0xc0, 0x09, 0x00, 0x33, 0x00, 0x45, 0x00, 0x2f, - 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, - 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, - 0x00, 0x0a, 0x00, 0xff, 0x01, 0x00, 0x00, 0x18, - 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, - 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, - 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, 0x00, 0x00, -}; - -static const uint8_t cipher_list_tls12_aes[] = { - 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, - 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, - 0x00, 0x39, 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, - 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, - 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, - 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, - 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, - 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, - 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, - 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, - 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, - 0x00, 0x0a, 0x00, 0xff, -}; - -static const uint8_t cipher_list_tls12_chacha[] = { - 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, - 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, - 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, - 0xff, 0x85, 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, - 0x00, 0x9d, 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, - 0x00, 0x84, 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, - 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, - 0x00, 0x67, 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, - 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, - 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, - 0x00, 0x04, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, - 0x00, 0x0a, 0x00, 0xff, -}; - -static const uint8_t client_hello_tls12[] = { - 0x16, 0x03, 0x01, 0x00, 0xbd, 0x01, 0x00, 0x00, - 0xb9, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x5c, 0xc0, 0x30, - 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, - 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, - 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85, - 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, - 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, - 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, - 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67, - 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c, - 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, - 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04, - 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, - 0x00, 0xff, 0x01, 0x00, 0x00, 0x34, 0x00, 0x0b, - 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x0a, - 0x00, 0x08, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18, - 0x00, 0x19, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, - 0x00, 0x18, 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, - 0x06, 0x03, 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, - 0x08, 0x04, 0x04, 0x01, 0x04, 0x03, 0x02, 0x01, - 0x02, 0x03, -}; - -static const uint8_t cipher_list_tls13_aes[] = { - 0x13, 0x02, 0x13, 0x03, 0x13, 0x01, 0xc0, 0x30, - 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, - 0xc0, 0x0a, 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, - 0xcc, 0xa9, 0xcc, 0xa8, 0xcc, 0xaa, 0xff, 0x85, - 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, - 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, - 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, - 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67, - 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c, - 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, - 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04, - 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, - 0x00, 0xff -}; - -static const uint8_t cipher_list_tls13_chacha[] = { - 0x13, 0x03, 0x13, 0x02, 0x13, 0x01, 0xcc, 0xa9, - 0xcc, 0xa8, 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c, - 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a, - 0x00, 0x9f, 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85, - 0x00, 0xc4, 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, - 0x00, 0x3d, 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, - 0xc0, 0x2f, 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, - 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67, - 0x00, 0x33, 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c, - 0x00, 0x3c, 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, - 0xc0, 0x11, 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04, - 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, - 0x00, 0xff, -}; - -static const uint8_t client_hello_tls13[] = { - 0x16, 0x03, 0x01, 0x01, 0x1a, 0x01, 0x00, 0x01, - 0x16, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x62, 0x13, 0x03, - 0x13, 0x02, 0x13, 0x01, 0xcc, 0xa9, 0xcc, 0xa8, - 0xcc, 0xaa, 0xc0, 0x30, 0xc0, 0x2c, 0xc0, 0x28, - 0xc0, 0x24, 0xc0, 0x14, 0xc0, 0x0a, 0x00, 0x9f, - 0x00, 0x6b, 0x00, 0x39, 0xff, 0x85, 0x00, 0xc4, - 0x00, 0x88, 0x00, 0x81, 0x00, 0x9d, 0x00, 0x3d, - 0x00, 0x35, 0x00, 0xc0, 0x00, 0x84, 0xc0, 0x2f, - 0xc0, 0x2b, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x13, - 0xc0, 0x09, 0x00, 0x9e, 0x00, 0x67, 0x00, 0x33, - 0x00, 0xbe, 0x00, 0x45, 0x00, 0x9c, 0x00, 0x3c, - 0x00, 0x2f, 0x00, 0xba, 0x00, 0x41, 0xc0, 0x11, - 0xc0, 0x07, 0x00, 0x05, 0x00, 0x04, 0xc0, 0x12, - 0xc0, 0x08, 0x00, 0x16, 0x00, 0x0a, 0x00, 0xff, - 0x01, 0x00, 0x00, 0x6b, 0x00, 0x2b, 0x00, 0x09, - 0x08, 0x03, 0x04, 0x03, 0x03, 0x03, 0x02, 0x03, - 0x01, 0x00, 0x33, 0x00, 0x26, 0x00, 0x24, 0x00, - 0x1d, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, - 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, - 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, - 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, - 0x16, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08, - 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, - 0x01, 0x04, 0x03, 0x02, 0x01, 0x02, 0x03, -}; - -static const uint8_t cipher_list_tls13_only_aes[] = { - 0x13, 0x02, 0x13, 0x03, 0x13, 0x01, -}; - -static const uint8_t cipher_list_tls13_only_chacha[] = { - 0x13, 0x03, 0x13, 0x02, 0x13, 0x01, -}; - -static const uint8_t client_hello_tls13_only[] = { - 0x16, 0x03, 0x03, 0x00, 0xb6, 0x01, 0x00, 0x00, - 0xb2, 0x03, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x13, 0x03, - 0x13, 0x02, 0x13, 0x01, 0x00, 0xff, 0x01, 0x00, - 0x00, 0x61, 0x00, 0x2b, 0x00, 0x03, 0x02, 0x03, - 0x04, 0x00, 0x33, 0x00, 0x26, 0x00, 0x24, 0x00, - 0x1d, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, - 0x00, 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, - 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, - 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x14, 0x00, - 0x12, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08, - 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, - 0x01, 0x04, 0x03, -}; - -struct client_hello_test { - const char *desc; - const int protocol; - const size_t random_start; - const size_t session_start; - const size_t key_share_start; - const SSL_METHOD *(*ssl_method)(void); - const long ssl_options; -}; - -static const struct client_hello_test client_hello_tests[] = { - { - .desc = "DTLSv1 client method", - .protocol = DTLS1_VERSION, - .random_start = DTLS_RANDOM_OFFSET, - .ssl_method = DTLSv1_client_method, - }, - { - .desc = "DTLSv1.2 client method", - .protocol = DTLS1_2_VERSION, - .random_start = DTLS_RANDOM_OFFSET, - .ssl_method = DTLSv1_2_client_method, - }, - { - .desc = "DTLS client method", - .protocol = DTLS1_2_VERSION, - .random_start = DTLS_RANDOM_OFFSET, - .ssl_method = DTLS_client_method, - }, - { - .desc = "DTLS client method (no DTLSv1.2)", - .protocol = DTLS1_VERSION, - .random_start = DTLS_RANDOM_OFFSET, - .ssl_method = DTLS_client_method, - .ssl_options = SSL_OP_NO_DTLSv1_2, - }, - { - .desc = "DTLS client method (no DTLSv1.0)", - .protocol = DTLS1_2_VERSION, - .random_start = DTLS_RANDOM_OFFSET, - .ssl_method = DTLS_client_method, - .ssl_options = SSL_OP_NO_DTLSv1, - }, - { - .desc = "TLSv1 client method", - .protocol = TLS1_VERSION, - .random_start = SSL3_RANDOM_OFFSET, - .ssl_method = TLSv1_client_method, - }, - { - .desc = "TLSv1_1 client method", - .protocol = TLS1_1_VERSION, - .random_start = SSL3_RANDOM_OFFSET, - .ssl_method = TLSv1_1_client_method, - }, - { - .desc = "TLSv1_2 client method", - .protocol = TLS1_2_VERSION, - .random_start = SSL3_RANDOM_OFFSET, - .ssl_method = TLSv1_2_client_method, - }, - { - .desc = "SSLv23 default", - .protocol = TLS1_3_VERSION, - .random_start = TLS13_RANDOM_OFFSET, - .session_start = TLS13_SESSION_OFFSET, - .key_share_start = TLS13_KEY_SHARE_OFFSET, - .ssl_method = SSLv23_client_method, - .ssl_options = 0, - }, - { - .desc = "SSLv23 default (no TLSv1.3)", - .protocol = TLS1_2_VERSION, - .random_start = SSL3_RANDOM_OFFSET, - .ssl_method = SSLv23_client_method, - .ssl_options = SSL_OP_NO_TLSv1_3, - }, - { - .desc = "SSLv23 (no TLSv1.2)", - .protocol = TLS1_1_VERSION, - .random_start = SSL3_RANDOM_OFFSET, - .ssl_method = SSLv23_client_method, - .ssl_options = SSL_OP_NO_TLSv1_2, - }, - { - .desc = "SSLv23 (no TLSv1.1)", - .protocol = TLS1_VERSION, - .random_start = SSL3_RANDOM_OFFSET, - .ssl_method = SSLv23_client_method, - .ssl_options = SSL_OP_NO_TLSv1_1, - }, - { - .desc = "TLS default", - .protocol = TLS1_3_VERSION, - .random_start = TLS13_RANDOM_OFFSET, - .session_start = TLS13_SESSION_OFFSET, - .key_share_start = TLS13_KEY_SHARE_OFFSET, - .ssl_method = TLS_client_method, - .ssl_options = 0, - }, - { - .desc = "TLS (no TLSv1.3)", - .protocol = TLS1_2_VERSION, - .random_start = SSL3_RANDOM_OFFSET, - .ssl_method = TLS_client_method, - .ssl_options = SSL_OP_NO_TLSv1_3, - }, - { - .desc = "TLS (no TLSv1.2)", - .protocol = TLS1_1_VERSION, - .random_start = SSL3_RANDOM_OFFSET, - .ssl_method = TLS_client_method, - .ssl_options = SSL_OP_NO_TLSv1_2, - }, - { - .desc = "TLS (no TLSv1.1)", - .protocol = TLS1_VERSION, - .random_start = SSL3_RANDOM_OFFSET, - .ssl_method = TLS_client_method, - .ssl_options = SSL_OP_NO_TLSv1_1, - }, -#if 0 - /* XXX - build client hello with explicit versions extension. */ - { - .desc = "TLS (no TLSv1.0, no TLSv1.1)", - .protocol = TLS1_3_VERSION, - .random_start = TLS13_RANDOM_OFFSET, - .session_start = TLS13_SESSION_OFFSET, - .key_share_start = TLS13_KEY_SHARE_OFFSET, - .ssl_method = TLS_client_method, - .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, - }, -#endif - { - .desc = "TLS (no TLSv1.0, no TLSv1.1, no TLSv1.2)", - .protocol = TLS1_3_VERSION_ONLY, - .random_start = TLS13_RANDOM_OFFSET, - .session_start = TLS13_SESSION_OFFSET, - .key_share_start = TLS13_ONLY_KEY_SHARE_OFFSET, - .ssl_method = TLS_client_method, - .ssl_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2, - }, -}; - -#define N_CLIENT_HELLO_TESTS \ - (sizeof(client_hello_tests) / sizeof(*client_hello_tests)) - -static void -hexdump(const uint8_t *buf, size_t len, const uint8_t *compare) -{ - const char *mark = ""; - size_t i; - - for (i = 1; i <= len; i++) { - if (compare != NULL) - mark = (buf[i - 1] != compare[i - 1]) ? "*" : " "; - fprintf(stderr, " %s0x%02hhx,%s", mark, buf[i - 1], - i % 8 && i != len ? "" : "\n"); - } - fprintf(stderr, "\n"); -} - -static inline int -ssl_aes_is_accelerated(void) -{ -#if defined(__i386__) || defined(__x86_64__) - return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0); -#else - return (0); -#endif -} - -static int -make_client_hello(int protocol, char **out, size_t *outlen) -{ - size_t client_hello_len, cipher_list_len, cipher_list_offset; - const uint8_t *client_hello, *cipher_list; - char *p; - - *out = NULL; - *outlen = 0; - - switch (protocol) { - case DTLS1_VERSION: - client_hello = client_hello_dtls1; - client_hello_len = sizeof(client_hello_dtls1); - cipher_list = cipher_list_dtls1; - cipher_list_len = sizeof(cipher_list_dtls1); - cipher_list_offset = DTLS_CIPHER_OFFSET; - break; - - case DTLS1_2_VERSION: - client_hello = client_hello_dtls12; - client_hello_len = sizeof(client_hello_dtls12); - cipher_list = cipher_list_dtls12_chacha; - cipher_list_len = sizeof(cipher_list_dtls12_chacha); - if (ssl_aes_is_accelerated()) { - cipher_list = cipher_list_dtls12_aes; - cipher_list_len = sizeof(cipher_list_dtls12_aes); - } - cipher_list_offset = DTLS_CIPHER_OFFSET; - break; - - case TLS1_VERSION: - client_hello = client_hello_tls10; - client_hello_len = sizeof(client_hello_tls10); - cipher_list = cipher_list_tls10; - cipher_list_len = sizeof(cipher_list_tls10); - cipher_list_offset = SSL3_CIPHER_OFFSET; - break; - - case TLS1_1_VERSION: - client_hello = client_hello_tls11; - client_hello_len = sizeof(client_hello_tls11); - cipher_list = cipher_list_tls11; - cipher_list_len = sizeof(cipher_list_tls11); - cipher_list_offset = SSL3_CIPHER_OFFSET; - break; - - case TLS1_2_VERSION: - client_hello = client_hello_tls12; - client_hello_len = sizeof(client_hello_tls12); - cipher_list = cipher_list_tls12_chacha; - cipher_list_len = sizeof(cipher_list_tls12_chacha); - if (ssl_aes_is_accelerated()) { - cipher_list = cipher_list_tls12_aes; - cipher_list_len = sizeof(cipher_list_tls12_aes); - } - cipher_list_offset = SSL3_CIPHER_OFFSET; - break; - - case TLS1_3_VERSION: - client_hello = client_hello_tls13; - client_hello_len = sizeof(client_hello_tls13); - cipher_list = cipher_list_tls13_chacha; - cipher_list_len = sizeof(cipher_list_tls13_chacha); - if (ssl_aes_is_accelerated()) { - cipher_list = cipher_list_tls13_aes; - cipher_list_len = sizeof(cipher_list_tls13_aes); - } - cipher_list_offset = TLS13_CIPHER_OFFSET; - break; - - case TLS1_3_VERSION_ONLY: - client_hello = client_hello_tls13_only; - client_hello_len = sizeof(client_hello_tls13_only); - cipher_list = cipher_list_tls13_only_chacha; - cipher_list_len = sizeof(cipher_list_tls13_only_chacha); - if (ssl_aes_is_accelerated()) { - cipher_list = cipher_list_tls13_only_aes; - cipher_list_len = sizeof(cipher_list_tls13_only_aes); - } - cipher_list_offset = TLS13_CIPHER_OFFSET; - break; - - default: - return (-1); - } - - if ((p = malloc(client_hello_len)) == NULL) - return (-1); - - memcpy(p, client_hello, client_hello_len); - memcpy(p + cipher_list_offset, cipher_list, cipher_list_len); - - *out = p; - *outlen = client_hello_len; - - return (0); -} - -static int -client_hello_test(int testno, const struct client_hello_test *cht) -{ - BIO *rbio = NULL, *wbio = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - char *client_hello = NULL; - size_t client_hello_len; - size_t session_len; - char *wbuf, rbuf[1]; - int ret = 1; - long len; - - fprintf(stderr, "Test %i - %s\n", testno, cht->desc); - - /* Providing a small buf causes *_get_server_hello() to return. */ - if ((rbio = BIO_new_mem_buf(rbuf, sizeof(rbuf))) == NULL) { - fprintf(stderr, "Failed to setup rbio\n"); - goto failure; - } - if ((wbio = BIO_new(BIO_s_mem())) == NULL) { - fprintf(stderr, "Failed to setup wbio\n"); - goto failure; - } - - if ((ssl_ctx = SSL_CTX_new(cht->ssl_method())) == NULL) { - fprintf(stderr, "SSL_CTX_new() returned NULL\n"); - goto failure; - } - - SSL_CTX_set_options(ssl_ctx, cht->ssl_options); - - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new() returned NULL\n"); - goto failure; - } - - rbio->references = 2; - wbio->references = 2; - - SSL_set_bio(ssl, rbio, wbio); - - if (SSL_connect(ssl) != 0) { - fprintf(stderr, "SSL_connect() returned non-zero\n"); - goto failure; - } - - len = BIO_get_mem_data(wbio, &wbuf); - - if (make_client_hello(cht->protocol, &client_hello, - &client_hello_len) != 0) - errx(1, "failed to make client hello"); - - if ((size_t)len != client_hello_len) { - fprintf(stderr, "FAIL: test returned ClientHello length %li, " - "want %zu\n", len, client_hello_len); - fprintf(stderr, "received:\n"); - hexdump(wbuf, len, NULL); - fprintf(stderr, "test data:\n"); - hexdump(client_hello, client_hello_len, NULL); - fprintf(stderr, "\n"); - goto failure; - } - - /* We expect the client random to differ. */ - if (memcmp(&client_hello[cht->random_start], &wbuf[cht->random_start], - SSL3_RANDOM_SIZE) == 0) { - fprintf(stderr, "FAIL: ClientHello has zeroed random\n"); - goto failure; - } - - memset(&wbuf[cht->random_start], 0, SSL3_RANDOM_SIZE); - - if (cht->session_start > 0) { - session_len = wbuf[cht->session_start]; - if (session_len > 0) - memset(&wbuf[cht->session_start + 1], 0, session_len); - } - if (cht->key_share_start > 0) - memset(&wbuf[cht->key_share_start], 0, 32); - - if (memcmp(client_hello, wbuf, client_hello_len) != 0) { - fprintf(stderr, "FAIL: ClientHello differs:\n"); - fprintf(stderr, "received:\n"); - hexdump(wbuf, len, client_hello); - fprintf(stderr, "test data:\n"); - hexdump(client_hello, client_hello_len, wbuf); - fprintf(stderr, "\n"); - goto failure; - } - - ret = 0; - - failure: - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - - if (rbio != NULL) - rbio->references = 1; - if (wbio != NULL) - wbio->references = 1; - - BIO_free(rbio); - BIO_free(wbio); - - free(client_hello); - - return (ret); -} - -int -main(int argc, char **argv) -{ - int failed = 0; - size_t i; - - SSL_library_init(); - - for (i = 0; i < N_CLIENT_HELLO_TESTS; i++) - failed |= client_hello_test(i, &client_hello_tests[i]); - - return (failed); -} diff --git a/src/regress/lib/libssl/dtls/Makefile b/src/regress/lib/libssl/dtls/Makefile deleted file mode 100644 index 79ca4077d3..0000000000 --- a/src/regress/lib/libssl/dtls/Makefile +++ /dev/null @@ -1,19 +0,0 @@ -# $OpenBSD: Makefile,v 1.2 2021/06/19 17:11:34 jsing Exp $ - -PROG= dtlstest -LDADD= ${SSL_INT} -lcrypto -DPADD= ${LIBSSL} ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Werror -CFLAGS+= -I${.CURDIR}/../../../../lib/libssl - -REGRESS_TARGETS= \ - regress-dtlstest - -regress-dtlstest: ${PROG} - ./dtlstest \ - ${.CURDIR}/../../libssl/certs/server.pem \ - ${.CURDIR}/../../libssl/certs/server.pem \ - ${.CURDIR}/../../libssl/certs/ca.pem - -.include diff --git a/src/regress/lib/libssl/dtls/dtlstest.c b/src/regress/lib/libssl/dtls/dtlstest.c deleted file mode 100644 index 08424c1a4b..0000000000 --- a/src/regress/lib/libssl/dtls/dtlstest.c +++ /dev/null @@ -1,1072 +0,0 @@ -/* $OpenBSD: dtlstest.c,v 1.14 2021/06/19 18:28:51 tb Exp $ */ -/* - * Copyright (c) 2020, 2021 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include -#include -#include - -#include -#include -#include - -#include "ssl_locl.h" - -const char *server_ca_file; -const char *server_cert_file; -const char *server_key_file; - -char dtls_cookie[32]; - -int debug = 0; - -void tls12_record_layer_set_initial_epoch(struct tls12_record_layer *rl, - uint16_t epoch); - -static void -hexdump(const unsigned char *buf, size_t len) -{ - size_t i; - - for (i = 1; i <= len; i++) - fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n"); - - if (len % 8) - fprintf(stderr, "\n"); -} - -#define BIO_C_DELAY_COUNT 1000 -#define BIO_C_DELAY_FLUSH 1001 -#define BIO_C_DELAY_PACKET 1002 -#define BIO_C_DROP_PACKET 1003 -#define BIO_C_DROP_RANDOM 1004 - -struct bio_packet_monkey_ctx { - unsigned int delay_count; - unsigned int delay_mask; - unsigned int drop_rand; - unsigned int drop_mask; - uint8_t *delayed_msg; - size_t delayed_msg_len; -}; - -static int -bio_packet_monkey_new(BIO *bio) -{ - struct bio_packet_monkey_ctx *ctx; - - if ((ctx = calloc(1, sizeof(*ctx))) == NULL) - return 0; - - bio->flags = 0; - bio->init = 1; - bio->num = 0; - bio->ptr = ctx; - - return 1; -} - -static int -bio_packet_monkey_free(BIO *bio) -{ - struct bio_packet_monkey_ctx *ctx; - - if (bio == NULL) - return 1; - - ctx = bio->ptr; - free(ctx->delayed_msg); - free(ctx); - - return 1; -} - -static int -bio_packet_monkey_delay_flush(BIO *bio) -{ - struct bio_packet_monkey_ctx *ctx = bio->ptr; - - if (ctx->delayed_msg == NULL) - return 1; - - if (debug) - fprintf(stderr, "DEBUG: flushing delayed packet...\n"); - if (debug > 1) - hexdump(ctx->delayed_msg, ctx->delayed_msg_len); - - BIO_write(bio->next_bio, ctx->delayed_msg, ctx->delayed_msg_len); - - free(ctx->delayed_msg); - ctx->delayed_msg = NULL; - - return BIO_ctrl(bio->next_bio, BIO_CTRL_FLUSH, 0, NULL); -} - -static long -bio_packet_monkey_ctrl(BIO *bio, int cmd, long num, void *ptr) -{ - struct bio_packet_monkey_ctx *ctx; - - ctx = bio->ptr; - - switch (cmd) { - case BIO_C_DELAY_COUNT: - if (num < 1 || num > 31) - return 0; - ctx->delay_count = num; - return 1; - - case BIO_C_DELAY_FLUSH: - return bio_packet_monkey_delay_flush(bio); - - case BIO_C_DELAY_PACKET: - if (num < 1 || num > 31) - return 0; - ctx->delay_mask |= 1 << ((unsigned int)num - 1); - return 1; - - case BIO_C_DROP_PACKET: - if (num < 1 || num > 31) - return 0; - ctx->drop_mask |= 1 << ((unsigned int)num - 1); - return 1; - - case BIO_C_DROP_RANDOM: - if (num < 0 || (size_t)num > UINT_MAX) - return 0; - ctx->drop_rand = (unsigned int)num; - return 1; - } - - if (bio->next_bio == NULL) - return 0; - - return BIO_ctrl(bio->next_bio, cmd, num, ptr); -} - -static int -bio_packet_monkey_read(BIO *bio, char *out, int out_len) -{ - struct bio_packet_monkey_ctx *ctx = bio->ptr; - int ret; - - if (ctx == NULL || bio->next_bio == NULL) - return 0; - - ret = BIO_read(bio->next_bio, out, out_len); - - if (ret > 0) { - if (debug) - fprintf(stderr, "DEBUG: read packet...\n"); - if (debug > 1) - hexdump(out, ret); - } - - BIO_clear_retry_flags(bio); - if (ret <= 0 && BIO_should_retry(bio->next_bio)) - BIO_set_retry_read(bio); - - return ret; -} - -static int -bio_packet_monkey_write(BIO *bio, const char *in, int in_len) -{ - struct bio_packet_monkey_ctx *ctx = bio->ptr; - const char *label = "writing"; - int delay = 0, drop = 0; - int ret; - - if (ctx == NULL || bio->next_bio == NULL) - return 0; - - if (ctx->delayed_msg != NULL && ctx->delay_count > 0) - ctx->delay_count--; - - if (ctx->delayed_msg != NULL && ctx->delay_count == 0) { - if (debug) - fprintf(stderr, "DEBUG: writing delayed packet...\n"); - if (debug > 1) - hexdump(ctx->delayed_msg, ctx->delayed_msg_len); - - ret = BIO_write(bio->next_bio, ctx->delayed_msg, - ctx->delayed_msg_len); - - BIO_clear_retry_flags(bio); - if (ret <= 0 && BIO_should_retry(bio->next_bio)) { - BIO_set_retry_write(bio); - return (ret); - } - - free(ctx->delayed_msg); - ctx->delayed_msg = NULL; - } - - if (ctx->delay_mask > 0) { - delay = ctx->delay_mask & 1; - ctx->delay_mask >>= 1; - } - if (ctx->drop_rand > 0) { - drop = arc4random_uniform(ctx->drop_rand) == 0; - } else if (ctx->drop_mask > 0) { - drop = ctx->drop_mask & 1; - ctx->drop_mask >>= 1; - } - - if (delay) - label = "delaying"; - if (drop) - label = "dropping"; - if (debug) - fprintf(stderr, "DEBUG: %s packet...\n", label); - if (debug > 1) - hexdump(in, in_len); - - if (drop) - return in_len; - - if (delay) { - if (ctx->delayed_msg != NULL) - return 0; - if ((ctx->delayed_msg = calloc(1, in_len)) == NULL) - return 0; - memcpy(ctx->delayed_msg, in, in_len); - ctx->delayed_msg_len = in_len; - return in_len; - } - - ret = BIO_write(bio->next_bio, in, in_len); - - BIO_clear_retry_flags(bio); - if (ret <= 0 && BIO_should_retry(bio->next_bio)) - BIO_set_retry_write(bio); - - return ret; -} - -static int -bio_packet_monkey_puts(BIO *bio, const char *str) -{ - return bio_packet_monkey_write(bio, str, strlen(str)); -} - -static const BIO_METHOD bio_packet_monkey = { - .type = BIO_TYPE_BUFFER, - .name = "packet monkey", - .bread = bio_packet_monkey_read, - .bwrite = bio_packet_monkey_write, - .bputs = bio_packet_monkey_puts, - .ctrl = bio_packet_monkey_ctrl, - .create = bio_packet_monkey_new, - .destroy = bio_packet_monkey_free -}; - -static const BIO_METHOD * -BIO_f_packet_monkey(void) -{ - return &bio_packet_monkey; -} - -static BIO * -BIO_new_packet_monkey(void) -{ - return BIO_new(BIO_f_packet_monkey()); -} - -static int -BIO_packet_monkey_delay(BIO *bio, int num, int count) -{ - if (!BIO_ctrl(bio, BIO_C_DELAY_COUNT, count, NULL)) - return 0; - - return BIO_ctrl(bio, BIO_C_DELAY_PACKET, num, NULL); -} - -static int -BIO_packet_monkey_delay_flush(BIO *bio) -{ - return BIO_ctrl(bio, BIO_C_DELAY_FLUSH, 0, NULL); -} - -static int -BIO_packet_monkey_drop(BIO *bio, int num) -{ - return BIO_ctrl(bio, BIO_C_DROP_PACKET, num, NULL); -} - -#if 0 -static int -BIO_packet_monkey_drop_random(BIO *bio, int num) -{ - return BIO_ctrl(bio, BIO_C_DROP_RANDOM, num, NULL); -} -#endif - -static int -datagram_pair(int *client_sock, int *server_sock, - struct sockaddr_in *server_sin) -{ - struct sockaddr_in sin; - socklen_t sock_len; - int cs = -1, ss = -1; - - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - sin.sin_port = 0; - sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - - if ((ss = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1) - err(1, "server socket"); - if (bind(ss, (struct sockaddr *)&sin, sizeof(sin)) == -1) - err(1, "server bind"); - sock_len = sizeof(sin); - if (getsockname(ss, (struct sockaddr *)&sin, &sock_len) == -1) - err(1, "server getsockname"); - - if ((cs = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1) - err(1, "client socket"); - if (connect(cs, (struct sockaddr *)&sin, sizeof(sin)) == -1) - err(1, "client connect"); - - *client_sock = cs; - *server_sock = ss; - memcpy(server_sin, &sin, sizeof(sin)); - - return 1; -} - -static int -poll_timeout(SSL *client, SSL *server) -{ - int client_timeout = 0, server_timeout = 0; - struct timeval timeout; - - if (DTLSv1_get_timeout(client, &timeout)) - client_timeout = timeout.tv_sec * 1000 + timeout.tv_usec / 1000; - - if (DTLSv1_get_timeout(server, &timeout)) - server_timeout = timeout.tv_sec * 1000 + timeout.tv_usec / 1000; - - if (client_timeout <= 0) - return server_timeout; - if (client_timeout > 0 && server_timeout <= 0) - return client_timeout; - if (client_timeout < server_timeout) - return client_timeout; - - return server_timeout; -} - -static int -dtls_cookie_generate(SSL *ssl, unsigned char *cookie, - unsigned int *cookie_len) -{ - arc4random_buf(dtls_cookie, sizeof(dtls_cookie)); - memcpy(cookie, dtls_cookie, sizeof(dtls_cookie)); - *cookie_len = sizeof(dtls_cookie); - - return 1; -} - -static int -dtls_cookie_verify(SSL *ssl, const unsigned char *cookie, - unsigned int cookie_len) -{ - return cookie_len == sizeof(dtls_cookie) && - memcmp(cookie, dtls_cookie, sizeof(dtls_cookie)) == 0; -} - -static void -dtls_info_callback(const SSL *ssl, int type, int val) -{ - /* - * Squeals ahead... remove the bbio from the info callback, so we can - * drop specific messages. Ideally this would be an option for the SSL. - */ - if (ssl->wbio == ssl->bbio) - ((SSL *)ssl)->wbio = BIO_pop(ssl->wbio); -} - -static SSL * -dtls_client(int sock, struct sockaddr_in *server_sin, long mtu) -{ - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - BIO *bio = NULL; - - if ((bio = BIO_new_dgram(sock, BIO_NOCLOSE)) == NULL) - errx(1, "client bio"); - if (!BIO_socket_nbio(sock, 1)) - errx(1, "client nbio"); - if (!BIO_ctrl_set_connected(bio, 1, server_sin)) - errx(1, "client set connected"); - - if ((ssl_ctx = SSL_CTX_new(DTLS_method())) == NULL) - errx(1, "client context"); - - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "client ssl"); - - SSL_set_bio(ssl, bio, bio); - bio = NULL; - - if (mtu > 0) { - SSL_set_options(ssl, SSL_OP_NO_QUERY_MTU); - SSL_set_mtu(ssl, mtu); - } - - SSL_CTX_free(ssl_ctx); - BIO_free(bio); - - return ssl; -} - -static SSL * -dtls_server(int sock, long options, long mtu) -{ - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - BIO *bio = NULL; - - if ((bio = BIO_new_dgram(sock, BIO_NOCLOSE)) == NULL) - errx(1, "server bio"); - if (!BIO_socket_nbio(sock, 1)) - errx(1, "server nbio"); - - if ((ssl_ctx = SSL_CTX_new(DTLS_method())) == NULL) - errx(1, "server context"); - - SSL_CTX_set_cookie_generate_cb(ssl_ctx, dtls_cookie_generate); - SSL_CTX_set_cookie_verify_cb(ssl_ctx, dtls_cookie_verify); - SSL_CTX_set_dh_auto(ssl_ctx, 2); - SSL_CTX_set_options(ssl_ctx, options); - - if (SSL_CTX_use_certificate_chain_file(ssl_ctx, server_cert_file) != 1) { - fprintf(stderr, "FAIL: Failed to load server certificate"); - goto failure; - } - if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file, - SSL_FILETYPE_PEM) != 1) { - fprintf(stderr, "FAIL: Failed to load server private key"); - goto failure; - } - - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "server ssl"); - - if (SSL_use_certificate_chain_file(ssl, server_cert_file) != 1) { - fprintf(stderr, "FAIL: Failed to load server certificate"); - goto failure; - } - SSL_set_bio(ssl, bio, bio); - bio = NULL; - - if (mtu > 0) { - SSL_set_options(ssl, SSL_OP_NO_QUERY_MTU); - SSL_set_mtu(ssl, mtu); - } - - failure: - SSL_CTX_free(ssl_ctx); - BIO_free(bio); - - return ssl; -} - -static int -ssl_error(SSL *ssl, const char *name, const char *desc, int ssl_ret, - short *events) -{ - int ssl_err; - - ssl_err = SSL_get_error(ssl, ssl_ret); - - if (ssl_err == SSL_ERROR_WANT_READ) { - *events = POLLIN; - } else if (ssl_err == SSL_ERROR_WANT_WRITE) { - *events = POLLOUT; - } else if (ssl_err == SSL_ERROR_SYSCALL && errno == 0) { - /* Yup, this is apparently a thing... */ - } else { - fprintf(stderr, "FAIL: %s %s failed - ssl err = %d, errno = %d\n", - name, desc, ssl_err, errno); - ERR_print_errors_fp(stderr); - return 0; - } - - return 1; -} - -static int -do_connect(SSL *ssl, const char *name, int *done, short *events) -{ - int ssl_ret; - - if ((ssl_ret = SSL_connect(ssl)) != 1) - return ssl_error(ssl, name, "connect", ssl_ret, events); - - fprintf(stderr, "INFO: %s connect done\n", name); - *done = 1; - - return 1; -} - -static int -do_connect_read(SSL *ssl, const char *name, int *done, short *events) -{ - uint8_t buf[2048]; - int ssl_ret; - int i; - - if ((ssl_ret = SSL_connect(ssl)) != 1) - return ssl_error(ssl, name, "connect", ssl_ret, events); - - fprintf(stderr, "INFO: %s connect done\n", name); - *done = 1; - - for (i = 0; i < 3; i++) { - fprintf(stderr, "INFO: %s reading after connect\n", name); - if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) != 3) { - fprintf(stderr, "ERROR: %s read failed\n", name); - return 0; - } - } - - return 1; -} - -static int -do_connect_shutdown(SSL *ssl, const char *name, int *done, short *events) -{ - uint8_t buf[2048]; - int ssl_ret; - - if ((ssl_ret = SSL_connect(ssl)) != 1) - return ssl_error(ssl, name, "connect", ssl_ret, events); - - fprintf(stderr, "INFO: %s connect done\n", name); - *done = 1; - - ssl_ret = SSL_read(ssl, buf, sizeof(buf)); - if (SSL_get_error(ssl, ssl_ret) != SSL_ERROR_ZERO_RETURN) { - fprintf(stderr, "FAIL: %s did not receive close-notify\n", name); - return 0; - } - - fprintf(stderr, "INFO: %s received close-notify\n", name); - - return 1; -} - -static int -do_accept(SSL *ssl, const char *name, int *done, short *events) -{ - int ssl_ret; - - if ((ssl_ret = SSL_accept(ssl)) != 1) - return ssl_error(ssl, name, "accept", ssl_ret, events); - - fprintf(stderr, "INFO: %s accept done\n", name); - *done = 1; - - return 1; -} - -static int -do_accept_write(SSL *ssl, const char *name, int *done, short *events) -{ - int ssl_ret; - BIO *bio; - int i; - - if ((ssl_ret = SSL_accept(ssl)) != 1) - return ssl_error(ssl, name, "accept", ssl_ret, events); - - fprintf(stderr, "INFO: %s accept done\n", name); - - for (i = 0; i < 3; i++) { - fprintf(stderr, "INFO: %s writing after accept\n", name); - if ((ssl_ret = SSL_write(ssl, "abc", 3)) != 3) { - fprintf(stderr, "ERROR: %s write failed\n", name); - return 0; - } - } - - if ((bio = SSL_get_wbio(ssl)) == NULL) - errx(1, "SSL has NULL bio"); - - /* Flush any delayed packets. */ - BIO_packet_monkey_delay_flush(bio); - - *done = 1; - return 1; -} - -static int -do_accept_shutdown(SSL *ssl, const char *name, int *done, short *events) -{ - int ssl_ret; - BIO *bio; - - if ((ssl_ret = SSL_accept(ssl)) != 1) - return ssl_error(ssl, name, "accept", ssl_ret, events); - - fprintf(stderr, "INFO: %s accept done\n", name); - - SSL_shutdown(ssl); - - if ((bio = SSL_get_wbio(ssl)) == NULL) - errx(1, "SSL has NULL bio"); - - /* Flush any delayed packets. */ - BIO_packet_monkey_delay_flush(bio); - - *done = 1; - return 1; -} - -static int -do_read(SSL *ssl, const char *name, int *done, short *events) -{ - uint8_t buf[512]; - int ssl_ret; - - if ((ssl_ret = SSL_read(ssl, buf, sizeof(buf))) > 0) { - fprintf(stderr, "INFO: %s read done\n", name); - if (debug > 1) - hexdump(buf, ssl_ret); - *done = 1; - return 1; - } - - return ssl_error(ssl, name, "read", ssl_ret, events); -} - -static int -do_write(SSL *ssl, const char *name, int *done, short *events) -{ - const uint8_t buf[] = "Hello, World!\n"; - int ssl_ret; - - if ((ssl_ret = SSL_write(ssl, buf, sizeof(buf))) > 0) { - fprintf(stderr, "INFO: %s write done\n", name); - *done = 1; - return 1; - } - - return ssl_error(ssl, name, "write", ssl_ret, events); -} - -static int -do_shutdown(SSL *ssl, const char *name, int *done, short *events) -{ - int ssl_ret; - - ssl_ret = SSL_shutdown(ssl); - if (ssl_ret == 1) { - fprintf(stderr, "INFO: %s shutdown done\n", name); - *done = 1; - return 1; - } - return ssl_error(ssl, name, "shutdown", ssl_ret, events); -} - -typedef int (ssl_func)(SSL *ssl, const char *name, int *done, short *events); - -static int -do_client_server_loop(SSL *client, ssl_func *client_func, SSL *server, - ssl_func *server_func, struct pollfd pfd[2]) -{ - int client_done = 0, server_done = 0; - int i = 0; - - pfd[0].revents = POLLIN; - pfd[1].revents = POLLIN; - - do { - if (!client_done) { - if (debug) - fprintf(stderr, "DEBUG: client loop\n"); - if (DTLSv1_handle_timeout(client) > 0) - fprintf(stderr, "INFO: client timeout\n"); - if (!client_func(client, "client", &client_done, - &pfd[0].events)) - return 0; - if (client_done) - pfd[0].events = 0; - } - if (!server_done) { - if (debug) - fprintf(stderr, "DEBUG: server loop\n"); - if (DTLSv1_handle_timeout(server) > 0) - fprintf(stderr, "INFO: server timeout\n"); - if (!server_func(server, "server", &server_done, - &pfd[1].events)) - return 0; - if (server_done) - pfd[1].events = 0; - } - if (poll(pfd, 2, poll_timeout(client, server)) == -1) - err(1, "poll"); - - } while (i++ < 100 && (!client_done || !server_done)); - - if (!client_done || !server_done) - fprintf(stderr, "FAIL: gave up\n"); - - return client_done && server_done; -} - -#define MAX_PACKET_DELAYS 32 -#define MAX_PACKET_DROPS 32 - -struct dtls_delay { - uint8_t packet; - uint8_t count; -}; - -struct dtls_test { - const unsigned char *desc; - long mtu; - long ssl_options; - int client_bbio_off; - int server_bbio_off; - uint16_t initial_epoch; - int write_after_accept; - int shutdown_after_accept; - struct dtls_delay client_delays[MAX_PACKET_DELAYS]; - struct dtls_delay server_delays[MAX_PACKET_DELAYS]; - uint8_t client_drops[MAX_PACKET_DROPS]; - uint8_t server_drops[MAX_PACKET_DROPS]; -}; - -static const struct dtls_test dtls_tests[] = { - { - .desc = "DTLS without cookies", - .ssl_options = 0, - }, - { - .desc = "DTLS without cookies (initial epoch 0xfffe)", - .ssl_options = 0, - .initial_epoch = 0xfffe, - }, - { - .desc = "DTLS without cookies (initial epoch 0xffff)", - .ssl_options = 0, - .initial_epoch = 0xffff, - }, - { - .desc = "DTLS with cookies", - .ssl_options = SSL_OP_COOKIE_EXCHANGE, - }, - { - .desc = "DTLS with low MTU", - .mtu = 256, - .ssl_options = 0, - }, - { - .desc = "DTLS with low MTU and cookies", - .mtu = 256, - .ssl_options = SSL_OP_COOKIE_EXCHANGE, - }, - { - .desc = "DTLS with dropped server response", - .ssl_options = 0, - .server_drops = { 1 }, - }, - { - .desc = "DTLS with two dropped server responses", - .ssl_options = 0, - .server_drops = { 1, 2 }, - }, - { - .desc = "DTLS with dropped ServerHello", - .ssl_options = SSL_OP_NO_TICKET, - .server_bbio_off = 1, - .server_drops = { 1 }, - }, - { - .desc = "DTLS with dropped server Certificate", - .ssl_options = SSL_OP_NO_TICKET, - .server_bbio_off = 1, - .server_drops = { 2 }, - }, - { - .desc = "DTLS with dropped ServerKeyExchange", - .ssl_options = SSL_OP_NO_TICKET, - .server_bbio_off = 1, - .server_drops = { 3 }, - }, - { - .desc = "DTLS with dropped ServerHelloDone", - .ssl_options = SSL_OP_NO_TICKET, - .server_bbio_off = 1, - .server_drops = { 4 }, - }, -#if 0 - /* - * These two result in the server accept completing and the - * client looping on a timeout. Presumably the server should not - * complete until the client Finished is received... this due to - * a flaw in the DTLSv1.0 specification, which is addressed in - * DTLSv1.2 (see references to "last flight" in RFC 6347 section - * 4.2.4). Our DTLS server code still needs to support this. - */ - { - .desc = "DTLS with dropped server CCS", - .ssl_options = 0, - .server_bbio_off = 1, - .server_drops = { 5 }, - }, - { - .desc = "DTLS with dropped server Finished", - .ssl_options = 0, - .server_bbio_off = 1, - .server_drops = { 6 }, - }, -#endif - { - .desc = "DTLS with dropped ClientKeyExchange", - .ssl_options = 0, - .client_bbio_off = 1, - .client_drops = { 2 }, - }, - { - .desc = "DTLS with dropped client CCS", - .ssl_options = 0, - .client_bbio_off = 1, - .client_drops = { 3 }, - }, - { - .desc = "DTLS with dropped client Finished", - .ssl_options = 0, - .client_bbio_off = 1, - .client_drops = { 4 }, - }, - { - /* Send CCS after client Finished. */ - .desc = "DTLS with delayed client CCS", - .ssl_options = 0, - .client_bbio_off = 1, - .client_delays = { { 3, 2 } }, - }, - { - /* - * Send CCS after server Finished - note app data will be - * dropped if we send the CCS after app data. - */ - .desc = "DTLS with delayed server CCS", - .ssl_options = SSL_OP_NO_TICKET, - .server_bbio_off = 1, - .server_delays = { { 5, 2 } }, - .write_after_accept = 1, - }, - { - .desc = "DTLS with delayed server CCS (initial epoch 0xfffe)", - .ssl_options = SSL_OP_NO_TICKET, - .server_bbio_off = 1, - .initial_epoch = 0xfffe, - .server_delays = { { 5, 2 } }, - .write_after_accept = 1, - }, - { - .desc = "DTLS with delayed server CCS (initial epoch 0xffff)", - .ssl_options = SSL_OP_NO_TICKET, - .server_bbio_off = 1, - .initial_epoch = 0xffff, - .server_delays = { { 5, 2 } }, - .write_after_accept = 1, - }, - { - /* Send Finished after app data - this is currently buffered. */ - .desc = "DTLS with delayed server Finished", - .ssl_options = SSL_OP_NO_TICKET, - .server_bbio_off = 1, - .server_delays = { { 6, 3 } }, - .write_after_accept = 1, - }, - { - /* Send CCS after server finished and close-notify. */ - .desc = "DTLS with delayed server CCS (close-notify)", - .ssl_options = SSL_OP_NO_TICKET, - .server_bbio_off = 1, - .server_delays = { { 5, 3 } }, - .shutdown_after_accept = 1, - }, -}; - -#define N_DTLS_TESTS (sizeof(dtls_tests) / sizeof(*dtls_tests)) - -static void -dtlstest_packet_monkey(SSL *ssl, const struct dtls_delay delays[], - const uint8_t drops[]) -{ - BIO *bio_monkey; - BIO *bio; - int i; - - if ((bio_monkey = BIO_new_packet_monkey()) == NULL) - errx(1, "packet monkey"); - - for (i = 0; i < MAX_PACKET_DELAYS; i++) { - if (delays[i].packet == 0) - break; - if (!BIO_packet_monkey_delay(bio_monkey, delays[i].packet, - delays[i].count)) - errx(1, "delay failure"); - } - - for (i = 0; i < MAX_PACKET_DROPS; i++) { - if (drops[i] == 0) - break; - if (!BIO_packet_monkey_drop(bio_monkey, drops[i])) - errx(1, "drop failure"); - } - - if ((bio = SSL_get_wbio(ssl)) == NULL) - errx(1, "SSL has NULL bio"); - - BIO_up_ref(bio); - bio = BIO_push(bio_monkey, bio); - - SSL_set_bio(ssl, bio, bio); -} - -static int -dtlstest(const struct dtls_test *dt) -{ - SSL *client = NULL, *server = NULL; - ssl_func *connect_func, *accept_func; - struct sockaddr_in server_sin; - struct pollfd pfd[2]; - int client_sock = -1; - int server_sock = -1; - int failed = 1; - - fprintf(stderr, "\n== Testing %s... ==\n", dt->desc); - - if (!datagram_pair(&client_sock, &server_sock, &server_sin)) - goto failure; - - if ((client = dtls_client(client_sock, &server_sin, dt->mtu)) == NULL) - goto failure; - - if ((server = dtls_server(server_sock, dt->ssl_options, dt->mtu)) == NULL) - goto failure; - - tls12_record_layer_set_initial_epoch(client->internal->rl, - dt->initial_epoch); - tls12_record_layer_set_initial_epoch(server->internal->rl, - dt->initial_epoch); - - if (dt->client_bbio_off) - SSL_set_info_callback(client, dtls_info_callback); - if (dt->server_bbio_off) - SSL_set_info_callback(server, dtls_info_callback); - - dtlstest_packet_monkey(client, dt->client_delays, dt->client_drops); - dtlstest_packet_monkey(server, dt->server_delays, dt->server_drops); - - pfd[0].fd = client_sock; - pfd[0].events = POLLOUT; - pfd[1].fd = server_sock; - pfd[1].events = POLLIN; - - accept_func = do_accept; - connect_func = do_connect; - - if (dt->write_after_accept) { - accept_func = do_accept_write; - connect_func = do_connect_read; - } else if (dt->shutdown_after_accept) { - accept_func = do_accept_shutdown; - connect_func = do_connect_shutdown; - } - - if (!do_client_server_loop(client, connect_func, server, accept_func, pfd)) { - fprintf(stderr, "FAIL: client and server handshake failed\n"); - goto failure; - } - - if (dt->write_after_accept || dt->shutdown_after_accept) - goto done; - - pfd[0].events = POLLIN; - pfd[1].events = POLLOUT; - - if (!do_client_server_loop(client, do_read, server, do_write, pfd)) { - fprintf(stderr, "FAIL: client read and server write I/O failed\n"); - goto failure; - } - - pfd[0].events = POLLOUT; - pfd[1].events = POLLIN; - - if (!do_client_server_loop(client, do_write, server, do_read, pfd)) { - fprintf(stderr, "FAIL: client write and server read I/O failed\n"); - goto failure; - } - - pfd[0].events = POLLOUT; - pfd[1].events = POLLOUT; - - if (!do_client_server_loop(client, do_shutdown, server, do_shutdown, pfd)) { - fprintf(stderr, "FAIL: client and server shutdown failed\n"); - goto failure; - } - - done: - fprintf(stderr, "INFO: Done!\n"); - - failed = 0; - - failure: - if (client_sock != -1) - close(client_sock); - if (server_sock != -1) - close(server_sock); - - SSL_free(client); - SSL_free(server); - - return failed; -} - -int -main(int argc, char **argv) -{ - int failed = 0; - size_t i; - - if (argc != 4) { - fprintf(stderr, "usage: %s keyfile certfile cafile\n", - argv[0]); - exit(1); - } - - server_key_file = argv[1]; - server_cert_file = argv[2]; - server_ca_file = argv[3]; - - for (i = 0; i < N_DTLS_TESTS; i++) - failed |= dtlstest(&dtls_tests[i]); - - return failed; -} diff --git a/src/regress/lib/libssl/handshake/Makefile b/src/regress/lib/libssl/handshake/Makefile deleted file mode 100644 index aa0f70bd3b..0000000000 --- a/src/regress/lib/libssl/handshake/Makefile +++ /dev/null @@ -1,44 +0,0 @@ -# $OpenBSD: Makefile,v 1.8 2020/12/17 00:51:11 bluhm Exp $ - -PROGS += handshake_table -PROGS += valid_handshakes_terminate - -.for p in ${PROGS} -REGRESS_TARGETS += run-$p -.endfor - -LDADD = ${SSL_INT} -lcrypto -DPADD = ${LIBCRYPTO} ${LIBSSL} -WARNINGS = Yes -CFLAGS += -DLIBRESSL_INTERNAL -Wundef -Werror -I${BSDSRCDIR}/lib/libssl - -print: handshake_table - @./handshake_table -C - -handshake.gv: handshake_table - ./handshake_table -g > $@.tmp - mv $@.tmp $@ - -CLEANFILES += handshake.gv - -.for _FMT in png ps svg -handshake.${_FMT}: handshake.gv - @if [ ! -x /usr/local/bin/dot ]; then \ - echo "pkg_add graphviz to generate png"; \ - false; \ - fi - dot -T${_FMT} handshake.gv -o $@ - -CLEANFILES += handshake.${_FMT} -.endfor - -.for p in ${PROGS} -run-$p: $p - ./$p - -.PHONY: run-$p -.endfor - -.PHONY: print - -.include diff --git a/src/regress/lib/libssl/handshake/handshake_table.c b/src/regress/lib/libssl/handshake/handshake_table.c deleted file mode 100644 index 88777f6fa8..0000000000 --- a/src/regress/lib/libssl/handshake/handshake_table.c +++ /dev/null @@ -1,514 +0,0 @@ -/* $OpenBSD: handshake_table.c,v 1.15 2020/05/14 18:04:19 tb Exp $ */ -/* - * Copyright (c) 2019 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include -#include - -#include "tls13_handshake.h" - -#define MAX_FLAGS (UINT8_MAX + 1) - -/* - * From RFC 8446: - * - * Appendix A. State Machine - * - * This appendix provides a summary of the legal state transitions for - * the client and server handshakes. State names (in all capitals, - * e.g., START) have no formal meaning but are provided for ease of - * comprehension. Actions which are taken only in certain circumstances - * are indicated in []. The notation "K_{send,recv} = foo" means "set - * the send/recv key to the given key". - * - * A.1. Client - * - * START <----+ - * Send ClientHello | | Recv HelloRetryRequest - * [K_send = early data] | | - * v | - * / WAIT_SH ----+ - * | | Recv ServerHello - * | | K_recv = handshake - * Can | V - * send | WAIT_EE - * early | | Recv EncryptedExtensions - * data | +--------+--------+ - * | Using | | Using certificate - * | PSK | v - * | | WAIT_CERT_CR - * | | Recv | | Recv CertificateRequest - * | | Certificate | v - * | | | WAIT_CERT - * | | | | Recv Certificate - * | | v v - * | | WAIT_CV - * | | | Recv CertificateVerify - * | +> WAIT_FINISHED <+ - * | | Recv Finished - * \ | [Send EndOfEarlyData] - * | K_send = handshake - * | [Send Certificate [+ CertificateVerify]] - * Can send | Send Finished - * app data --> | K_send = K_recv = application - * after here v - * CONNECTED - * - * Note that with the transitions as shown above, clients may send - * alerts that derive from post-ServerHello messages in the clear or - * with the early data keys. If clients need to send such alerts, they - * SHOULD first rekey to the handshake keys if possible. - * - */ - -struct child { - enum tls13_message_type mt; - uint8_t flag; - uint8_t forced; - uint8_t illegal; -}; - -#define DEFAULT 0x00 - -static struct child stateinfo[][TLS13_NUM_MESSAGE_TYPES] = { - [CLIENT_HELLO] = { - {SERVER_HELLO_RETRY_REQUEST, DEFAULT, 0, 0}, - {SERVER_HELLO, WITHOUT_HRR, 0, 0}, - }, - [SERVER_HELLO_RETRY_REQUEST] = { - {CLIENT_HELLO_RETRY, DEFAULT, 0, 0}, - }, - [CLIENT_HELLO_RETRY] = { - {SERVER_HELLO, DEFAULT, 0, 0}, - }, - [SERVER_HELLO] = { - {SERVER_ENCRYPTED_EXTENSIONS, DEFAULT, 0, 0}, - }, - [SERVER_ENCRYPTED_EXTENSIONS] = { - {SERVER_CERTIFICATE_REQUEST, DEFAULT, 0, 0}, - {SERVER_CERTIFICATE, WITHOUT_CR, 0, 0}, - {SERVER_FINISHED, WITH_PSK, 0, 0}, - }, - [SERVER_CERTIFICATE_REQUEST] = { - {SERVER_CERTIFICATE, DEFAULT, 0, 0}, - }, - [SERVER_CERTIFICATE] = { - {SERVER_CERTIFICATE_VERIFY, DEFAULT, 0, 0}, - }, - [SERVER_CERTIFICATE_VERIFY] = { - {SERVER_FINISHED, DEFAULT, 0, 0}, - }, - [SERVER_FINISHED] = { - {CLIENT_FINISHED, DEFAULT, WITHOUT_CR | WITH_PSK, 0}, - {CLIENT_CERTIFICATE, DEFAULT, 0, WITHOUT_CR | WITH_PSK}, - }, - [CLIENT_CERTIFICATE] = { - {CLIENT_FINISHED, DEFAULT, 0, 0}, - {CLIENT_CERTIFICATE_VERIFY, WITH_CCV, 0, 0}, - }, - [CLIENT_CERTIFICATE_VERIFY] = { - {CLIENT_FINISHED, DEFAULT, 0, 0}, - }, - [CLIENT_FINISHED] = { - {APPLICATION_DATA, DEFAULT, 0, 0}, - }, - [APPLICATION_DATA] = { - {0, DEFAULT, 0, 0}, - }, -}; - -const size_t stateinfo_count = sizeof(stateinfo) / sizeof(stateinfo[0]); - -void build_table(enum tls13_message_type - table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES], - struct child current, struct child end, - struct child path[], uint8_t flags, unsigned int depth); -size_t count_handshakes(void); -void edge(enum tls13_message_type start, - enum tls13_message_type end, uint8_t flag); -const char *flag2str(uint8_t flag); -void flag_label(uint8_t flag); -void forced_edges(enum tls13_message_type start, - enum tls13_message_type end, uint8_t forced); -int generate_graphics(void); -void fprint_entry(FILE *stream, - enum tls13_message_type path[TLS13_NUM_MESSAGE_TYPES], - uint8_t flags); -void fprint_flags(FILE *stream, uint8_t flags); -const char *mt2str(enum tls13_message_type mt); -__dead void usage(void); -int verify_table(enum tls13_message_type - table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES], int print); - -const char * -flag2str(uint8_t flag) -{ - const char *ret; - - if (flag & (flag - 1)) - errx(1, "more than one bit is set"); - - switch (flag) { - case INITIAL: - ret = "INITIAL"; - break; - case NEGOTIATED: - ret = "NEGOTIATED"; - break; - case WITHOUT_CR: - ret = "WITHOUT_CR"; - break; - case WITHOUT_HRR: - ret = "WITHOUT_HRR"; - break; - case WITH_PSK: - ret = "WITH_PSK"; - break; - case WITH_CCV: - ret = "WITH_CCV"; - break; - case WITH_0RTT: - ret = "WITH_0RTT"; - break; - default: - ret = "UNKNOWN"; - } - - return ret; -} - -const char * -mt2str(enum tls13_message_type mt) -{ - const char *ret; - - switch (mt) { - case INVALID: - ret = "INVALID"; - break; - case CLIENT_HELLO: - ret = "CLIENT_HELLO"; - break; - case CLIENT_HELLO_RETRY: - ret = "CLIENT_HELLO_RETRY"; - break; - case CLIENT_END_OF_EARLY_DATA: - ret = "CLIENT_END_OF_EARLY_DATA"; - break; - case CLIENT_CERTIFICATE: - ret = "CLIENT_CERTIFICATE"; - break; - case CLIENT_CERTIFICATE_VERIFY: - ret = "CLIENT_CERTIFICATE_VERIFY"; - break; - case CLIENT_FINISHED: - ret = "CLIENT_FINISHED"; - break; - case SERVER_HELLO: - ret = "SERVER_HELLO"; - break; - case SERVER_HELLO_RETRY_REQUEST: - ret = "SERVER_HELLO_RETRY_REQUEST"; - break; - case SERVER_ENCRYPTED_EXTENSIONS: - ret = "SERVER_ENCRYPTED_EXTENSIONS"; - break; - case SERVER_CERTIFICATE: - ret = "SERVER_CERTIFICATE"; - break; - case SERVER_CERTIFICATE_VERIFY: - ret = "SERVER_CERTIFICATE_VERIFY"; - break; - case SERVER_CERTIFICATE_REQUEST: - ret = "SERVER_CERTIFICATE_REQUEST"; - break; - case SERVER_FINISHED: - ret = "SERVER_FINISHED"; - break; - case APPLICATION_DATA: - ret = "APPLICATION_DATA"; - break; - case TLS13_NUM_MESSAGE_TYPES: - ret = "TLS13_NUM_MESSAGE_TYPES"; - break; - default: - ret = "UNKNOWN"; - break; - } - - return ret; -} - -void -fprint_flags(FILE *stream, uint8_t flags) -{ - int first = 1, i; - - if (flags == 0) { - fprintf(stream, "%s", flag2str(flags)); - return; - } - - for (i = 0; i < 8; i++) { - uint8_t set = flags & (1U << i); - - if (set) { - fprintf(stream, "%s%s", first ? "" : " | ", - flag2str(set)); - first = 0; - } - } -} - -void -fprint_entry(FILE *stream, - enum tls13_message_type path[TLS13_NUM_MESSAGE_TYPES], uint8_t flags) -{ - int i; - - fprintf(stream, "\t["); - fprint_flags(stream, flags); - fprintf(stream, "] = {\n"); - - for (i = 0; i < TLS13_NUM_MESSAGE_TYPES; i++) { - if (path[i] == 0) - break; - fprintf(stream, "\t\t%s,\n", mt2str(path[i])); - } - fprintf(stream, "\t},\n"); -} - -void -edge(enum tls13_message_type start, enum tls13_message_type end, - uint8_t flag) -{ - printf("\t%s -> %s", mt2str(start), mt2str(end)); - flag_label(flag); - printf(";\n"); -} - -void -flag_label(uint8_t flag) -{ - if (flag) - printf(" [label=\"%s\"]", flag2str(flag)); -} - -void -forced_edges(enum tls13_message_type start, enum tls13_message_type end, - uint8_t forced) -{ - uint8_t forced_flag, i; - - if (forced == 0) - return; - - for (i = 0; i < 8; i++) { - forced_flag = forced & (1U << i); - if (forced_flag) - edge(start, end, forced_flag); - } -} - -int -generate_graphics(void) -{ - enum tls13_message_type start, end; - unsigned int child; - uint8_t flag; - uint8_t forced; - - printf("digraph G {\n"); - printf("\t%s [shape=box];\n", mt2str(CLIENT_HELLO)); - printf("\t%s [shape=box];\n", mt2str(APPLICATION_DATA)); - - for (start = CLIENT_HELLO; start < APPLICATION_DATA; start++) { - for (child = 0; stateinfo[start][child].mt != 0; child++) { - end = stateinfo[start][child].mt; - flag = stateinfo[start][child].flag; - forced = stateinfo[start][child].forced; - - if (forced == 0) - edge(start, end, flag); - else - forced_edges(start, end, forced); - } - } - - printf("}\n"); - return 0; -} - -extern enum tls13_message_type handshakes[][TLS13_NUM_MESSAGE_TYPES]; -extern size_t handshake_count; - -size_t -count_handshakes(void) -{ - size_t ret = 0, i; - - for (i = 0; i < handshake_count; i++) { - if (handshakes[i][0] != INVALID) - ret++; - } - - return ret; -} - -void -build_table(enum tls13_message_type table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES], - struct child current, struct child end, struct child path[], uint8_t flags, - unsigned int depth) -{ - unsigned int i; - - if (depth >= TLS13_NUM_MESSAGE_TYPES - 1) - errx(1, "recursed too deeply"); - - /* Record current node. */ - path[depth++] = current; - flags |= current.flag; - - /* If we haven't reached the end, recurse over the children. */ - if (current.mt != end.mt) { - for (i = 0; stateinfo[current.mt][i].mt != 0; i++) { - struct child child = stateinfo[current.mt][i]; - int forced = stateinfo[current.mt][i].forced; - int illegal = stateinfo[current.mt][i].illegal; - - if ((forced == 0 || (forced & flags)) && - (illegal == 0 || !(illegal & flags))) - build_table(table, child, end, path, flags, - depth); - } - return; - } - - if (flags == 0) - errx(1, "path does not set flags"); - - if (table[flags][0] != 0) - errx(1, "path traversed twice"); - - for (i = 0; i < depth; i++) - table[flags][i] = path[i].mt; -} - -int -verify_table(enum tls13_message_type table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES], - int print) -{ - int success = 1, i; - size_t num_valid, num_found = 0; - uint8_t flags = 0; - - do { - if (table[flags][0] == 0) - continue; - - num_found++; - - for (i = 0; i < TLS13_NUM_MESSAGE_TYPES; i++) { - if (table[flags][i] != handshakes[flags][i]) { - fprintf(stderr, - "incorrect entry %d of handshake ", i); - fprint_flags(stderr, flags); - fprintf(stderr, "\n"); - success = 0; - } - } - - if (print) - fprint_entry(stdout, table[flags], flags); - } while(++flags != 0); - - num_valid = count_handshakes(); - if (num_valid != num_found) { - fprintf(stderr, - "incorrect number of handshakes: want %zu, got %zu.\n", - num_valid, num_found); - success = 0; - } - - return success; -} - -__dead void -usage(void) -{ - fprintf(stderr, "usage: handshake_table [-C | -g]\n"); - exit(1); -} - -int -main(int argc, char *argv[]) -{ - static enum tls13_message_type - hs_table[MAX_FLAGS][TLS13_NUM_MESSAGE_TYPES] = { - [INITIAL] = { - CLIENT_HELLO, - SERVER_HELLO_RETRY_REQUEST, - CLIENT_HELLO_RETRY, - SERVER_HELLO, - }, - }; - struct child start = { - CLIENT_HELLO, DEFAULT, 0, 0, - }; - struct child end = { - APPLICATION_DATA, DEFAULT, 0, 0, - }; - struct child path[TLS13_NUM_MESSAGE_TYPES] = {{0}}; - uint8_t flags = NEGOTIATED; - unsigned int depth = 0; - int ch, graphviz = 0, print = 0; - - while ((ch = getopt(argc, argv, "Cg")) != -1) { - switch (ch) { - case 'C': - print = 1; - break; - case 'g': - graphviz = 1; - break; - default: - usage(); - } - } - argc -= optind; - argv += optind; - - if (argc != 0) - usage(); - - if (graphviz && print) - usage(); - - if (graphviz) - return generate_graphics(); - - build_table(hs_table, start, end, path, flags, depth); - if (!verify_table(hs_table, print)) - return 1; - - if (!print) - printf("SUCCESS\n"); - - return 0; -} diff --git a/src/regress/lib/libssl/handshake/valid_handshakes_terminate.c b/src/regress/lib/libssl/handshake/valid_handshakes_terminate.c deleted file mode 100644 index 5f0e4f2c18..0000000000 --- a/src/regress/lib/libssl/handshake/valid_handshakes_terminate.c +++ /dev/null @@ -1,57 +0,0 @@ -/* $OpenBSD: valid_handshakes_terminate.c,v 1.3 2019/04/05 20:25:42 tb Exp $ */ -/* - * Copyright (c) 2019 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include "tls13_handshake.c" - -int -main(int argc, char *argv[]) -{ - size_t i, j; - int terminates; - int fail = 0; - - for (i = 1; i < handshake_count; i++) { - enum tls13_message_type mt = handshakes[i][0]; - - if (mt == INVALID) - continue; - - terminates = 0; - - for (j = 0; j < TLS13_NUM_MESSAGE_TYPES; j++) { - mt = handshakes[i][j]; - if (state_machine[mt].handshake_complete) { - terminates = 1; - break; - } - } - - if (!terminates) { - fail = 1; - printf("FAIL: handshake_complete never true in " - "handshake %zu\n", i); - } - } - - if (!fail) - printf("SUCCESS\n"); - - return fail; -} diff --git a/src/regress/lib/libssl/interop/LICENSE b/src/regress/lib/libssl/interop/LICENSE deleted file mode 100644 index 838e7f45cc..0000000000 --- a/src/regress/lib/libssl/interop/LICENSE +++ /dev/null @@ -1,15 +0,0 @@ -/* - * Copyright (c) 2018-2019 Alexander Bluhm - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ diff --git a/src/regress/lib/libssl/interop/Makefile b/src/regress/lib/libssl/interop/Makefile deleted file mode 100644 index aa9c3adf56..0000000000 --- a/src/regress/lib/libssl/interop/Makefile +++ /dev/null @@ -1,19 +0,0 @@ -# $OpenBSD: Makefile,v 1.13 2020/09/21 15:13:24 beck Exp $ - -SUBDIR = libressl openssl openssl11 - -# the above binaries must have been built before we can continue -SUBDIR += netcat -SUBDIR += session -SUBDIR += botan - -# What is below takes a long time. -# setting REGRESS_SKIP_SLOW to "yes" in mk.conf -# will skip the tests that do not test libressl -# but do things like test openssl to openssl11 -SUBDIR += version -SUBDIR += cipher -# This takes a really long time. -SUBDIR += cert - -.include diff --git a/src/regress/lib/libssl/interop/Makefile.inc b/src/regress/lib/libssl/interop/Makefile.inc deleted file mode 100644 index ed5fe26147..0000000000 --- a/src/regress/lib/libssl/interop/Makefile.inc +++ /dev/null @@ -1,90 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.8 2020/12/17 00:51:11 bluhm Exp $ - -.PATH: ${.CURDIR}/.. - -SRCS_client ?= client.c util.c -SRCS_server ?= server.c util.c -WARNINGS = yes -CLEANFILES += *.out *.fstat - -.for p in ${PROGS} -ldd-$p.out: $p - # programs must be linked with correct libraries - LD_LIBRARY_PATH=${LD_LIBRARY_PATH} ldd $p >$@ -.endfor - -client-self.out server-self.out: run-self-client-server - -run-self-client-server: client server 127.0.0.1.crt - # check that tls client and server work together - LD_LIBRARY_PATH=${LD_LIBRARY_PATH} \ - ./server >server-self.out \ - 127.0.0.1 0 - LD_LIBRARY_PATH=${LD_LIBRARY_PATH} \ - ./client >client-self.out \ - `sed -n 's/listen sock: //p' server-self.out` - # check that the client run successfully to the end - grep -q '^success$$' client-self.out - # client must have read server greeting - grep -q '^<<< greeting$$' client-self.out - # check that the server child run successfully to the end - grep -q '^success$$' server-self.out - # server must have read client hello - grep -q '^<<< hello$$' server-self.out - -# create certificates for TLS - -CLEANFILES += 127.0.0.1.{crt,key} \ - ca.{crt,key,srl} fake-ca.{crt,key} \ - {client,server}.{req,crt,key} \ - {dsa,ec,gost,rsa}.{key,req,crt} \ - dh.param - -127.0.0.1.crt: - openssl req -batch -new \ - -subj /L=OpenBSD/O=tls-regress/OU=server/CN=${@:R}/ \ - -nodes -newkey rsa -keyout ${@:R}.key -x509 -out $@ - -ca.crt fake-ca.crt: - openssl req -batch -new \ - -subj /L=OpenBSD/O=tls-regress/OU=ca/CN=root/ \ - -nodes -newkey rsa -keyout ${@:R}.key -x509 -out $@ - -client.req server.req: - openssl req -batch -new \ - -subj /L=OpenBSD/O=tls-regress/OU=${@:R}/CN=localhost/ \ - -nodes -newkey rsa -keyout ${@:R}.key -out $@ - -client.crt server.crt: ca.crt ${@:R}.req - openssl x509 -CAcreateserial -CAkey ca.key -CA ca.crt \ - -req -in ${@:R}.req -out $@ - -dh.param: - openssl dhparam -out $@ 1024 - -dsa.key: - openssl dsaparam -genkey -out $@ 2048 - -ec.key: - openssl ecparam -genkey -name secp256r1 -out $@ - -gost.key: - openssl genpkey -algorithm gost2001 \ - -pkeyopt paramset:A -pkeyopt dgst:md_gost94 -out $@ - -rsa.key: - openssl genrsa -out $@ 2048 - -dsa.req ec.req rsa.req: ${@:R}.key - openssl req -batch -new \ - -subj /L=OpenBSD/O=tls-regress/OU=${@:R}/CN=localhost/ \ - -nodes -key ${@:R}.key -out $@ - -gost.req: ${@:R}.key - openssl req -batch -new -md_gost94 \ - -subj /L=OpenBSD/O=tls-regress/OU=${@:R}/CN=localhost/ \ - -nodes -key ${@:R}.key -out $@ - -dsa.crt ec.crt gost.crt rsa.crt: ca.crt ${@:R}.req - openssl x509 -CAcreateserial -CAkey ca.key -CA ca.crt \ - -req -in ${@:R}.req -out $@ diff --git a/src/regress/lib/libssl/interop/README b/src/regress/lib/libssl/interop/README deleted file mode 100644 index 54910e554d..0000000000 --- a/src/regress/lib/libssl/interop/README +++ /dev/null @@ -1,22 +0,0 @@ -Test TLS interoperability between LibreSSL and OpenSSL. - -Implement simple SSL client and server in C. Create six binaries -by linking them with LibreSSL or OpenSSL 1.0.2 or OpenSSL 1.1. This -way API compatibility is tested. - -To self test each SSL library, connect client with server. Check -that the highest available TLS version is selected. LibreSSL TLS -1.3 check has to be enabled when the feature becomes available. - -Currently OpenSSL 1.0.2p and OpenSSL 1.1.1 from ports are used. As -soon as LibreSSL supports TLS 1.3, it should be used automatically -when netcat is communicating with OpenSSL 1.1. - -Connect and accept with netcat to test protocol compatibility with -libtls. Test TLS session reuse multiple times with different library -combinations. The cert subdir is testing all combinations of -certificate validation. Having the three libraries, client and -server certificates, missing or invalid CA or certificates, and -enforcing peer certificate results in 1944 test cases. The cipher -test establishes connections between implementations for each -supported cipher. diff --git a/src/regress/lib/libssl/interop/botan/Makefile b/src/regress/lib/libssl/interop/botan/Makefile deleted file mode 100644 index a162ee9e17..0000000000 --- a/src/regress/lib/libssl/interop/botan/Makefile +++ /dev/null @@ -1,82 +0,0 @@ -# $OpenBSD: Makefile,v 1.4 2020/12/17 00:51:11 bluhm Exp $ - -.include - -.if ! exists(/usr/local/bin/botan) -regress: - # install botan2 from ports for interop tests - @echo SKIPPED -.elif (${COMPILER_VERSION:L} != "clang" && ! exists(/usr/local/bin/eg++)) -regress: - # on gcc-archs install g++ from ports for botan2 interop tests - @echo SKIPPED -.else - -# C++11 -.if ${COMPILER_VERSION:L} != "clang" && ${CXX} == "c++" -CXX = /usr/local/bin/eg++ -.endif - -LIBRARIES = libressl -.if exists(/usr/local/bin/eopenssl) -LIBRARIES += openssl -.endif -.if exists(/usr/local/bin/eopenssl11) -LIBRARIES += openssl11 -.endif - -PROGS = client -SRCS_client = client.cpp -CXXFLAGS = -I/usr/local/include/botan-2 -Wall -LDFLAGS = -L/usr/local/lib -LDADD = -lbotan-2 -DPADD = /usr/local/lib/libbotan-2.a - -.for lib in ${LIBRARIES} - -REGRESS_TARGETS += run-client-botan-server-${lib} - -run-client-botan-server-${lib}: client server.crt - LD_LIBRARY_PATH=/usr/local/lib/e${lib} \ - ../${lib}/server >server-${lib}.out \ - -c server.crt -k server.key \ - 127.0.0.1 0 - ./client >client-botan.out \ - -C ca.crt \ - 127.0.0.1 \ - `sed -n 's/listen sock: 127.0.0.1 //p' server-${lib}.out` - # check that the server child run successfully to the end - grep -q '^success$$' server-${lib}.out || \ - { sleep 1; grep -q '^success$$' server-${lib}.out; } - # server must have read client hello - grep -q '^<<< hello$$' server-${lib}.out - # check that the client run successfully to the end - grep -q '^success$$' client-botan.out - # client must have read server greeting - grep -q '^<<< greeting$$' client-botan.out - # currently botan supports TLS 1.2, adapt later - grep -q ' Protocol *: TLSv1.2$$' server-${lib}.out - -.endfor - -server.key ca.key: - /usr/local/bin/botan keygen >$@.tmp - mv $@.tmp $@ - -ca.crt: ${@:R}.key - /usr/local/bin/botan gen_self_signed ${@:R}.key ${@:R} >$@.tmp \ - --organization=tls-regress --ca - mv $@.tmp $@ - -server.req: ${@:R}.key - /usr/local/bin/botan gen_pkcs10 ${@:R}.key localhost >$@.tmp \ - --organization=tls-regress --dns=127.0.0.1 - mv $@.tmp $@ - -server.crt: ca.crt ${@:R}.req - /usr/local/bin/botan sign_cert ca.crt ca.key ${@:R}.req >$@.tmp - mv $@.tmp $@ - -.endif # exists(/usr/local/bin/botan) - -.include diff --git a/src/regress/lib/libssl/interop/botan/client.cpp b/src/regress/lib/libssl/interop/botan/client.cpp deleted file mode 100644 index 2352d7bba2..0000000000 --- a/src/regress/lib/libssl/interop/botan/client.cpp +++ /dev/null @@ -1,228 +0,0 @@ -/* $OpenBSD: client.cpp,v 1.1 2020/09/15 01:45:16 bluhm Exp $ */ -/* - * Copyright (c) 2019-2020 Alexander Bluhm - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include -#include -using namespace std; - -class Callbacks : public Botan::TLS::Callbacks { -public: - Callbacks(int socket) : - m_socket(socket) - {} - - void print_sockname() - { - struct sockaddr_storage ss; - char host[NI_MAXHOST], port[NI_MAXSERV]; - socklen_t slen; - - slen = sizeof(ss); - if (getsockname(m_socket, (struct sockaddr *)&ss, &slen) == -1) - err(1, "getsockname"); - if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host, - sizeof(host), port, sizeof(port), - NI_NUMERICHOST | NI_NUMERICSERV)) - errx(1, "getnameinfo"); - cout <<"sock: " < 0) { - ssize_t n; - - n = send(m_socket, data + off, len, 0); - if (n < 0) - err(1, "send"); - off += n; - len -= n; - } - } - - void tls_record_received(uint64_t seq_no, const uint8_t data[], - size_t size) override - { - cout <<"<<< " <>> " <send(str); - m_channel->close(); - } - - void tls_alert(Botan::TLS::Alert alert) override - { - errx(1, "alert: %s", alert.type_string().c_str()); - } - - bool tls_session_established(const Botan::TLS::Session& session) - override - { - cout <<"established" < trusted_certificate_authorities( - const std::string &type, const std::string &context) - override - { - std::vector cs { &m_ca }; - return cs; - } - - void add_certificate_file(const std::string &file) { - Botan::X509_Certificate cert(file); - m_ca.add_certificate(cert); - } -private: - Botan::Certificate_Store_In_Memory m_ca; -}; - -class Policy : public Botan::TLS::Strict_Policy { -public: - bool require_cert_revocation_info() const override { - return false; - } -}; - -void __dead -usage(void) -{ - fprintf(stderr, "usage: client [-C CA] host port\n"); - exit(2); -} - -int -main(int argc, char *argv[]) -{ - struct addrinfo hints, *res; - int ch, s, error; - char buf[256]; - char *cafile = NULL; - char *host, *port; - - while ((ch = getopt(argc, argv, "C:")) != -1) { - switch (ch) { - case 'C': - cafile = optarg; - break; - default: - usage(); - } - } - argc -= optind; - argv += optind; - if (argc == 2) { - host = argv[0]; - port = argv[1]; - } else { - usage(); - } - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = AF_INET; - hints.ai_socktype = SOCK_STREAM; - error = getaddrinfo(host, port, &hints, &res); - if (error) - errx(1, "getaddrinfo: %s", gai_strerror(error)); - if (res == NULL) - errx(1, "getaddrinfo empty"); - s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); - if (s == -1) - err(1, "socket"); - if (connect(s, res->ai_addr, res->ai_addrlen) == -1) - err(1, "connect"); - freeaddrinfo(res); - - { - Callbacks callbacks(s); - Botan::AutoSeeded_RNG rng; - Botan::TLS::Session_Manager_In_Memory session_mgr(rng); - Credentials creds; - if (cafile != NULL) - creds.add_certificate_file(cafile); - Policy policy; - - callbacks.print_sockname(); - callbacks.print_peername(); - Botan::TLS::Client client(callbacks, session_mgr, creds, - policy, rng); - callbacks.set_channel(client); - - while (!client.is_closed()) { - ssize_t n; - - n = recv(s, buf, sizeof(buf), 0); - if (n < 0) - err(1, "recv"); - if (n == 0) - errx(1, "eof"); - client.received_data((uint8_t *)&buf, n); - } - } - - if (close(s) == -1) - err(1, "close"); - - cout <<"success" <${@:S/^run/server/}.out \ - ${sca:S/^noca//:S/^fakeca/-C fake-ca.crt/:S/^ca/-C ca.crt/} \ - ${scert:S/^nocert//:S/^cert/-c server.crt -k server.key/} \ - ${sv:S/^noverify//:S/^verify/-v/:S/^certverify/-vv/} \ - 127.0.0.1 0 - ${FAIL_${cca}_${sca}_${ccert}_${scert}_${cv}_${sv}} \ - LD_LIBRARY_PATH=/usr/local/lib/e${clib} \ - ../${clib}/client >${@:S/^run/client/}.out \ - ${cca:S/^noca//:S/^fakeca/-C fake-ca.crt/:S/^ca/-C ca.crt/} \ - ${ccert:S/^nocert//:S/^cert/-c server.crt -k server.key/} \ - ${cv:S/^noverify//:S/^verify/-v/} \ - `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out` -.if empty(${FAIL_${cca}_${sca}_${ccert}_${scert}_${cv}_${sv}}) - grep '^success$$' ${@:S/^run/server/}.out || \ - { sleep 1; grep '^success$$' ${@:S/^run/server/}.out; } - grep '^success$$' ${@:S/^run/client/}.out -.elif ! ("${sv}" == certverify && "${ccert}" == nocert) || \ - ("${cv}" == verify && "${scert}" != cert) - grep '^verify: fail' ${@:S/^run/client/}.out ${@:S/^run/server/}.out -.endif - -.endfor -.endfor -.endfor -.endfor -.endfor -.endfor -.endfor -.endfor - -# argument list too long for a single rm * - -clean: _SUBDIRUSE - rm -f client-*.out - rm -f server-*.out - rm -f a.out [Ee]rrs mklog *.core y.tab.h \ - ${PROG} ${PROGS} ${OBJS} ${_LEXINTM} ${_YACCINTM} ${CLEANFILES} - -.include diff --git a/src/regress/lib/libssl/interop/cipher/Makefile b/src/regress/lib/libssl/interop/cipher/Makefile deleted file mode 100644 index c88309962d..0000000000 --- a/src/regress/lib/libssl/interop/cipher/Makefile +++ /dev/null @@ -1,170 +0,0 @@ -# $OpenBSD: Makefile,v 1.7 2020/12/17 00:51:11 bluhm Exp $ - -# Connect a client to a server. Both can be current libressl, or -# openssl 1.0.2, or openssl 1.1. Create lists of supported ciphers -# and pin client and server to one of the ciphers. Use server -# certificate with compatible type. Check that client and server -# have used correct cipher by grepping in their session print out. - -run-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl \ -run-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl \ -client-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl.out \ -client-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl.out \ -server-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl.out \ -server-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl.out \ -check-cipher-GOST2001-GOST89-GOST89-client-libressl-server-libressl \ -check-cipher-GOST2012256-GOST89-GOST89-client-libressl-server-libressl: - # gost does not work with libressl TLS 1.3 right now - @echo DISABLED - -LIBRARIES = libressl -.if exists(/usr/local/bin/eopenssl) -LIBRARIES += openssl -.endif -.if exists(/usr/local/bin/eopenssl11) -LIBRARIES += openssl11 -.endif - -CLEANFILES = *.tmp *.ciphers ciphers.mk - -.for clib in ${LIBRARIES} -client-${clib}.ciphers: - LD_LIBRARY_PATH=/usr/local/lib/e${clib} \ - ../${clib}/client -l ALL -L >$@.tmp - sed -n 's/^cipher //p' <$@.tmp | sort -u >$@ - rm $@.tmp -.endfor -.for slib in ${LIBRARIES} -server-${slib}.ciphers: 127.0.0.1.crt dsa.crt ec.crt rsa.crt - LD_LIBRARY_PATH=/usr/local/lib/e${slib} \ - ../${slib}/server -l ALL -L >$@.tmp - sed -n 's/^cipher //p' <$@.tmp | sort -u >$@ - rm $@.tmp -.endfor - -.for clib in ${LIBRARIES} -.for slib in ${LIBRARIES} -ciphers.mk: client-${clib}-server-${slib}.ciphers -client-${clib}-server-${slib}.ciphers: \ - client-${clib}.ciphers server-${slib}.ciphers client-libressl.ciphers - # get ciphers shared between client and server - sort client-${clib}.ciphers server-${slib}.ciphers >$@.tmp - uniq -d <$@.tmp >$@ - # we are only interested in ciphers supported by libressl - sort $@ client-libressl.ciphers >$@.tmp - uniq -d <$@.tmp >$@ - rm $@.tmp -.endfor -.endfor - -ciphers.mk: - rm -f $@ $@.tmp -.for clib in ${LIBRARIES} -.for slib in ${LIBRARIES} - echo 'CIPHERS_${clib}_${slib} =' >>$@.tmp \ - `cat client-${clib}-server-${slib}.ciphers` -.endfor -.endfor - mv $@.tmp $@ - -# hack to convert generated lists into usable make variables -.if exists(ciphers.mk) -.include "ciphers.mk" -.else -regress: ciphers.mk - ${MAKE} -C ${.CURDIR} regress -.endif - -LEVEL_libressl = -LEVEL_openssl = -LEVEL_openssl11 = ,@SECLEVEL=0 - -.for clib in ${LIBRARIES} -.for slib in ${LIBRARIES} -.for cipher in ${CIPHERS_${clib}_${slib}} - -.if "${cipher:M*-DSS-*}" != "" -TYPE_${cipher} = dsa -.elif "${cipher:M*-ECDSA-*}" != "" -TYPE_${cipher} = ec -.elif "${cipher:M*-GOST89-*}" != "" -TYPE_${cipher} = gost -.elif "${cipher:M*-RSA-*}" != "" -TYPE_${cipher} = rsa -.else -TYPE_${cipher} = 127.0.0.1 -.endif - -.if "${slib}" == "openssl" && \ - "${cipher:MADH-*}${cipher:MEDH-*}${cipher:MDHE-*}" != "" -DHPARAM_${cipher}_${slib} = -p dh.param -.else -DHPARAM_${cipher}_${slib} = -.endif - -.if ("${clib}" == "libressl" || "${slib}" == "libressl") -REGRESS_TARGETS += run-cipher-${cipher}-client-${clib}-server-${slib} -.else -REGRESS_SLOW_TARGETS += run-cipher-${cipher}-client-${clib}-server-${slib} -.endif -run-cipher-${cipher}-client-${clib}-server-${slib} \ -client-cipher-${cipher}-client-${clib}-server-${slib}.out \ -server-cipher-${cipher}-client-${clib}-server-${slib}.out: dh.param \ - 127.0.0.1.crt ${TYPE_${cipher}}.crt ../${clib}/client ../${slib}/server - LD_LIBRARY_PATH=/usr/local/lib/e${slib} \ - ../${slib}/server >${@:S/^run/server/}.out \ - -c ${TYPE_${cipher}}.crt -k ${TYPE_${cipher}}.key \ - -l ${cipher}${LEVEL_${slib}} ${DHPARAM_${cipher}_${slib}} \ - 127.0.0.1 0 - LD_LIBRARY_PATH=/usr/local/lib/e${clib} \ - ../${clib}/client >${@:S/^run/client/}.out \ - -l ${cipher}${LEVEL_${clib}} \ - `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out` - grep -q '^success$$' ${@:S/^run/server/}.out || \ - { sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; } - grep -q '^success$$' ${@:S/^run/client/}.out - -.if ("${clib}" == "libressl" || "${slib}" == "libressl") -REGRESS_TARGETS += check-cipher-${cipher}-client-${clib}-server-${slib} -.else -REGRESS_SLOW_TARGETS += check-cipher-${cipher}-client-${clib}-server-${slib} -.endif -check-cipher-${cipher}-client-${clib}-server-${slib}: \ - client-cipher-${cipher}-client-${clib}-server-${slib}.out \ - server-cipher-${cipher}-client-${clib}-server-${slib}.out -.if "${clib}" != "openssl" && "${slib}" != "openssl" && \ - "${cipher:C/AEAD-(AES.*-GCM|CHACHA.*-POLY.*)-SHA.*/TLS1_3/}" != TLS1_3 - # client and server 1.3 capable, not TLS 1.3 cipher -. if "${clib}" == "libressl" - # libressl client may prefer chacha-poly if aes-ni is not supported - egrep -q ' Cipher *: AEAD-(AES256-GCM-SHA384|CHACHA20-POLY1305-SHA256)$$' ${@:S/^check/client/}.out -. else - # openssl 1.1 generic client cipher - grep -q ' Cipher *: TLS_AES_256_GCM_SHA384$$' ${@:S/^check/client/}.out -. endif -. if "${clib}" == "libressl" - # libressl client may prefer chacha-poly if aes-ni is not supported -. if "${slib}" == "openssl11" - egrep -q ' Cipher *: TLS_(AES_256_GCM_SHA384|CHACHA20_POLY1305_SHA256)$$' ${@:S/^check/server/}.out -. else - egrep -q ' Cipher *: AEAD-(AES256-GCM-SHA384|CHACHA20-POLY1305-SHA256)$$' ${@:S/^check/server/}.out -. endif -. else -. if "${slib}" == "openssl11" - # openssl 1.1 generic server cipher - grep -q ' Cipher *: TLS_AES_256_GCM_SHA384$$' ${@:S/^check/server/}.out -. else - # libressl generic server cipher - grep -q ' Cipher *: AEAD-AES256-GCM-SHA384$$' ${@:S/^check/server/}.out -. endif -. endif -.else - grep -q ' Cipher *: ${cipher}$$' ${@:S/^check/client/}.out - grep -q ' Cipher *: ${cipher}$$' ${@:S/^check/server/}.out -.endif - -.endfor -.endfor -.endfor - -.include diff --git a/src/regress/lib/libssl/interop/client.c b/src/regress/lib/libssl/interop/client.c deleted file mode 100644 index a8e66c2876..0000000000 --- a/src/regress/lib/libssl/interop/client.c +++ /dev/null @@ -1,273 +0,0 @@ -/* $OpenBSD: client.c,v 1.10 2020/09/14 00:51:04 bluhm Exp $ */ -/* - * Copyright (c) 2018-2019 Alexander Bluhm - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include -#include - -#include "util.h" - -void __dead usage(void); - -void __dead -usage(void) -{ - fprintf(stderr, "usage: client [-Lsv] [-C CA] [-c crt -k key] " - "[-l ciphers] [-V version] host port\n"); - exit(2); -} - -int -main(int argc, char *argv[]) -{ - const SSL_METHOD *method; - SSL_CTX *ctx; - SSL *ssl; - BIO *bio; - SSL_SESSION *session = NULL; - int ch, error, listciphers = 0, sessionreuse = 0, verify = 0; - int version = 0; - char buf[256]; - char *ca = NULL, *crt = NULL, *key = NULL, *ciphers = NULL; - char *host_port, *host = "127.0.0.1", *port = "0"; - - while ((ch = getopt(argc, argv, "C:c:k:Ll:p:sV:v")) != -1) { - switch (ch) { - case 'C': - ca = optarg; - break; - case 'c': - crt = optarg; - break; - case 'k': - key = optarg; - break; - case 'L': - listciphers = 1; - break; - case 'l': - ciphers = optarg; - break; - case 's': - /* multiple reueses are possible */ - sessionreuse++; - break; - case 'V': - if (strcmp(optarg, "TLS1") == 0) { - version = TLS1_VERSION; - } else if (strcmp(optarg, "TLS1_1") == 0) { - version = TLS1_1_VERSION; - } else if (strcmp(optarg, "TLS1_2") == 0) { - version = TLS1_2_VERSION; -#ifdef TLS1_3_VERSION - } else if (strcmp(optarg, "TLS1_3") == 0) { - version = TLS1_3_VERSION; -#endif - } else { - errx(1, "unknown protocol version: %s", optarg); - } - break; - case 'v': - verify = 1; - break; - default: - usage(); - } - } - argc -= optind; - argv += optind; - if (argc == 2) { - host = argv[0]; - port = argv[1]; - } else if (!listciphers) { - usage(); - } - if (asprintf(&host_port, strchr(host, ':') ? "[%s]:%s" : "%s:%s", - host, port) == -1) - err(1, "asprintf host port"); - if ((crt == NULL && key != NULL) || (crt != NULL && key == NULL)) - errx(1, "certificate and private key must be used together"); - - SSL_library_init(); - SSL_load_error_strings(); - print_version(); - - /* setup method and context */ -#if OPENSSL_VERSION_NUMBER >= 0x1010000f - method = TLS_client_method(); - if (method == NULL) - err_ssl(1, "TLS_client_method"); -#else - switch (version) { - case TLS1_VERSION: - method = TLSv1_client_method(); - break; - case TLS1_1_VERSION: - method = TLSv1_1_client_method(); - break; - case TLS1_2_VERSION: - method = TLSv1_2_client_method(); - break; -#ifdef TLS1_3_VERSION - case TLS1_3_VERSION: - err(1, "TLS1_3 not supported"); -#endif - default: - method = SSLv23_client_method(); - break; - } - if (method == NULL) - err_ssl(1, "SSLv23_client_method"); -#endif - ctx = SSL_CTX_new(method); - if (ctx == NULL) - err_ssl(1, "SSL_CTX_new"); - -#if OPENSSL_VERSION_NUMBER >= 0x1010000f - if (version) { - if (SSL_CTX_set_min_proto_version(ctx, version) != 1) - err_ssl(1, "SSL_CTX_set_min_proto_version"); - if (SSL_CTX_set_max_proto_version(ctx, version) != 1) - err_ssl(1, "SSL_CTX_set_max_proto_version"); - } -#endif - - /* load client certificate */ - if (crt != NULL) { - if (SSL_CTX_use_certificate_file(ctx, crt, - SSL_FILETYPE_PEM) <= 0) - err_ssl(1, "SSL_CTX_use_certificate_file"); - if (SSL_CTX_use_PrivateKey_file(ctx, key, - SSL_FILETYPE_PEM) <= 0) - err_ssl(1, "SSL_CTX_use_PrivateKey_file"); - if (SSL_CTX_check_private_key(ctx) <= 0) - err_ssl(1, "SSL_CTX_check_private_key"); - } - - /* verify server certificate */ - if (ca != NULL) { - if (SSL_CTX_load_verify_locations(ctx, ca, NULL) <= 0) - err_ssl(1, "SSL_CTX_load_verify_locations"); - } - SSL_CTX_set_verify(ctx, verify ? SSL_VERIFY_PEER : SSL_VERIFY_NONE, - verify_callback); - - if (sessionreuse) { - SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT); - } - - if (ciphers) { - if (SSL_CTX_set_cipher_list(ctx, ciphers) <= 0) - err_ssl(1, "SSL_CTX_set_cipher_list"); - } - - if (listciphers) { - ssl = SSL_new(ctx); - if (ssl == NULL) - err_ssl(1, "SSL_new"); - print_ciphers(SSL_get_ciphers(ssl)); - return 0; - } - - do { - /* setup bio for socket operations */ - bio = BIO_new_connect(host_port); - if (bio == NULL) - err_ssl(1, "BIO_new_connect"); - - /* connect */ - if (BIO_do_connect(bio) <= 0) - err_ssl(1, "BIO_do_connect"); - printf("connect "); - print_sockname(bio); - printf("connect "); - print_peername(bio); - - /* do ssl client handshake */ - ssl = SSL_new(ctx); - if (ssl == NULL) - err_ssl(1, "SSL_new"); - SSL_set_bio(ssl, bio, bio); - /* resuse session if possible */ - if (session != NULL) { - if (SSL_set_session(ssl, session) <= 0) - err_ssl(1, "SSL_set_session"); - } - if ((error = SSL_connect(ssl)) <= 0) - err_ssl(1, "SSL_connect %d", error); - printf("session %d: %s\n", sessionreuse, - SSL_session_reused(ssl) ? "reuse" : "new"); - if (fflush(stdout) != 0) - err(1, "fflush stdout"); - - /* print session statistics */ - if (sessionreuse) { - session = SSL_get1_session(ssl); - if (session == NULL) - err_ssl(1, "SSL1_get_session"); - } else { - session = SSL_get_session(ssl); - if (session == NULL) - err_ssl(1, "SSL_get_session"); - } - if (SSL_SESSION_print_fp(stdout, session) <= 0) - err_ssl(1, "SSL_SESSION_print_fp"); - - /* read server greeting and write client hello over TLS */ - if ((error = SSL_read(ssl, buf, 9)) <= 0) - err_ssl(1, "SSL_read %d", error); - if (error != 9) - errx(1, "read not 9 bytes greeting: %d", error); - buf[9] = '\0'; - printf("<<< %s", buf); - if (fflush(stdout) != 0) - err(1, "fflush stdout"); - strlcpy(buf, "hello\n", sizeof(buf)); - printf(">>> %s", buf); - if (fflush(stdout) != 0) - err(1, "fflush stdout"); - if ((error = SSL_write(ssl, buf, 6)) <= 0) - err_ssl(1, "SSL_write %d", error); - if (error != 6) - errx(1, "write not 6 bytes hello: %d", error); - - /* shutdown connection */ - if ((error = SSL_shutdown(ssl)) < 0) - err_ssl(1, "SSL_shutdown unidirectional %d", error); - if (error <= 0) { - if ((error = SSL_shutdown(ssl)) <= 0) - err_ssl(1, "SSL_shutdown bidirectional %d", - error); - } - - SSL_free(ssl); - } while (sessionreuse--); - - SSL_CTX_free(ctx); - - printf("success\n"); - - return 0; -} diff --git a/src/regress/lib/libssl/interop/libressl/Makefile b/src/regress/lib/libssl/interop/libressl/Makefile deleted file mode 100644 index d8e20ca122..0000000000 --- a/src/regress/lib/libssl/interop/libressl/Makefile +++ /dev/null @@ -1,34 +0,0 @@ -# $OpenBSD: Makefile,v 1.9 2020/12/25 10:50:08 tb Exp $ - -PROGS = client server -CFLAGS += -DLIBRESSL_HAS_TLS1_3 -CPPFLAGS += -LDFLAGS += -LDADD += -lssl -lcrypto -DPADD += ${LIBSSL} ${LIBCRYPTO} -LD_LIBRARY_PATH = -REGRESS_TARGETS = run-self-client-server -.for p in ${PROGS} -REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p -.endfor - -.for p in ${PROGS} - -run-ldd-$p: ldd-$p.out - # check that $p is linked with LibreSSL - grep -q /usr/lib/libcrypto.so ldd-$p.out - grep -q /usr/lib/libssl.so ldd-$p.out - # check that $p is not linked with OpenSSL - ! grep /usr/local/lib/ ldd-$p.out - -run-version-$p: $p-self.out - # check that runtime version is LibreSSL - grep 'SSLEAY_VERSION: LibreSSL' $p-self.out - -run-protocol-$p: $p-self.out - # check that LibreSSL protocol version is TLS 1.3 - grep 'Protocol *: TLSv1.3' $p-self.out - -.endfor - -.include diff --git a/src/regress/lib/libssl/interop/netcat/Makefile b/src/regress/lib/libssl/interop/netcat/Makefile deleted file mode 100644 index f337d4aae8..0000000000 --- a/src/regress/lib/libssl/interop/netcat/Makefile +++ /dev/null @@ -1,84 +0,0 @@ -# $OpenBSD: Makefile,v 1.5 2020/12/17 00:51:11 bluhm Exp $ - -LIBRARIES = libressl -.if exists(/usr/local/bin/eopenssl) -LIBRARIES += openssl -.endif -.if exists(/usr/local/bin/eopenssl11) -LIBRARIES += openssl11 -.endif - -# run netcat server and connect with test client - -.for clib in ${LIBRARIES} - -REGRESS_TARGETS += run-netcat-client-${clib}-server-nc -REGRESS_TARGETS += run-protocol-client-${clib} - -run-netcat-client-${clib}-server-nc: ../${clib}/client 127.0.0.1.crt - echo "greeting" | \ - nc >${@:S/^run/server/}.out \ - -l -c -C 127.0.0.1.crt -K 127.0.0.1.key \ - 127.0.0.1 0 & \ - for i in `jot 1000`; do fstat -p $$! >netcat.fstat; \ - grep -q ' stream tcp .*:[1-9][0-9]*$$' netcat.fstat && \ - exit 0; done; exit 1 - LD_LIBRARY_PATH=/usr/local/lib/e${clib} \ - ../${clib}/client >${@:S/^run/client/}.out \ - `sed -n 's/.* stream tcp .*:/127.0.0.1 /p' netcat.fstat` - # check that the client run successfully to the end - grep -q '^success$$' ${@:S/^run/client/}.out - # client must have read server greeting - grep -q '^<<< greeting$$' ${@:S/^run/client/}.out - # netstat server must have read client hello - grep -q '^hello$$' ${@:S/^run/server/}.out - -.endfor - -# run test server and connect with netcat client - -.for slib in ${LIBRARIES} - -REGRESS_TARGETS += run-netcat-client-nc-server-${slib} - -run-netcat-client-nc-server-${slib}: ../${slib}/server 127.0.0.1.crt - LD_LIBRARY_PATH=/usr/local/lib/e${slib} \ - ../${slib}/server >${@:S/^run/server/}.out \ - 127.0.0.1 0 - echo "hello" | \ - nc >${@:S/^run/client/}.out \ - -c -R 127.0.0.1.crt \ - `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out` - # check that the server child run successfully to the end - grep -q '^success$$' ${@:S/^run/server/}.out || \ - { sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; } - # server must have read client hello - grep -q '^<<< hello$$' ${@:S/^run/server/}.out - # client must have read server greeting - grep -q '^greeting$$' ${@:S/^run/client/}.out - -.endfor - -# check the TLS protocol version in client and server logs - -.for clib in ${LIBRARIES} - -REGRESS_TARGETS += run-protocol-client-${clib} - -run-protocol-client-${clib}: client-netcat-client-${clib}-server-nc.out - # check that LibTLS protocol version is TLS 1.2 or TLS 1.3 - grep 'Protocol *: TLSv1.[23]' client-netcat-client-${clib}-server-nc.out - -.endfor - -.for slib in ${LIBRARIES} - -REGRESS_TARGETS += run-protocol-server-${slib} - -run-protocol-server-${slib}: server-netcat-client-nc-server-${slib}.out - # check that LibTLS protocol version is TLS 1.2 or TLS 1.3 - grep 'Protocol *: TLSv1.[23]' server-netcat-client-nc-server-${slib}.out - -.endfor - -.include diff --git a/src/regress/lib/libssl/interop/openssl/Makefile b/src/regress/lib/libssl/interop/openssl/Makefile deleted file mode 100644 index 181d35aa02..0000000000 --- a/src/regress/lib/libssl/interop/openssl/Makefile +++ /dev/null @@ -1,42 +0,0 @@ -# $OpenBSD: Makefile,v 1.8 2020/12/17 00:51:11 bluhm Exp $ - -.if ! exists(/usr/local/bin/eopenssl) -regress: - # install openssl-1.0.2 from ports for interop tests - @echo SKIPPED -.else - -PROGS = client server -CPPFLAGS = -I /usr/local/include/eopenssl -LDFLAGS = -L /usr/local/lib/eopenssl -LDADD = -lssl -lcrypto -DPADD = /usr/local/lib/eopenssl/libssl.a \ - /usr/local/lib/eopenssl/libcrypto.a -LD_LIBRARY_PATH = /usr/local/lib/eopenssl -REGRESS_TARGETS = run-self-client-server -.for p in ${PROGS} -REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p -.endfor - -.for p in ${PROGS} - -run-ldd-$p: ldd-$p.out - # check that $p is linked with OpenSSL - grep -q /usr/local/lib/eopenssl/libcrypto.so ldd-$p.out - grep -q /usr/local/lib/eopenssl/libssl.so ldd-$p.out - # check that $p is not linked with LibreSSL - ! grep -v libc.so ldd-$p.out | grep /usr/lib/ - -run-version-$p: $p-self.out - # check that runtime version is OpenSSL 1.0.2 - grep 'SSLEAY_VERSION: OpenSSL 1.0.2' $p-self.out - -run-protocol-$p: $p-self.out - # check that OpenSSL 1.0.2 protocol version is TLS 1.2 - grep 'Protocol *: TLSv1.2' $p-self.out - -.endfor - -.endif # exists(/usr/local/bin/eopenssl) - -.include diff --git a/src/regress/lib/libssl/interop/openssl11/Makefile b/src/regress/lib/libssl/interop/openssl11/Makefile deleted file mode 100644 index 32fd611ae4..0000000000 --- a/src/regress/lib/libssl/interop/openssl11/Makefile +++ /dev/null @@ -1,42 +0,0 @@ -# $OpenBSD: Makefile,v 1.7 2020/12/17 00:51:11 bluhm Exp $ - -.if ! exists(/usr/local/bin/eopenssl11) -regress: - # install openssl-1.1 from ports for interop tests - @echo SKIPPED -.else - -PROGS = client server -CPPFLAGS = -I /usr/local/include/eopenssl11 -LDFLAGS = -L /usr/local/lib/eopenssl11 -LDADD = -lssl -lcrypto -DPADD = /usr/local/lib/eopenssl11/libssl.a \ - /usr/local/lib/eopenssl11/libcrypto.a -LD_LIBRARY_PATH = /usr/local/lib/eopenssl11 -REGRESS_TARGETS = run-self-client-server -.for p in ${PROGS} -REGRESS_TARGETS += run-ldd-$p run-version-$p run-protocol-$p -.endfor - -.for p in ${PROGS} - -run-ldd-$p: ldd-$p.out - # check that $p is linked with OpenSSL 1.1 - grep -q /usr/local/lib/eopenssl11/libcrypto.so ldd-$p.out - grep -q /usr/local/lib/eopenssl11/libssl.so ldd-$p.out - # check that $p is not linked with LibreSSL - ! grep -v libc.so ldd-$p.out | grep /usr/lib/ - -run-version-$p: $p-self.out - # check that runtime version is OpenSSL 1.1 - grep 'SSLEAY_VERSION: OpenSSL 1.1' $p-self.out - -run-protocol-$p: $p-self.out - # check that OpenSSL 1.1 protocol version is TLS 1.3 - grep 'Protocol *: TLSv1.3' $p-self.out - -.endfor - -.endif # exists(/usr/local/bin/eopenssl11) - -.include diff --git a/src/regress/lib/libssl/interop/server.c b/src/regress/lib/libssl/interop/server.c deleted file mode 100644 index 68e277a87b..0000000000 --- a/src/regress/lib/libssl/interop/server.c +++ /dev/null @@ -1,320 +0,0 @@ -/* $OpenBSD: server.c,v 1.10 2021/07/06 11:50:34 bluhm Exp $ */ -/* - * Copyright (c) 2018-2019 Alexander Bluhm - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include -#include - -#include "util.h" - -void __dead usage(void); - -void __dead -usage(void) -{ - fprintf(stderr, "usage: server [-Lsvv] [-C CA] [-c crt -k key] " - "[-l ciphers] [-p dhparam] [-V version] [host port]\n"); - exit(2); -} - -int -main(int argc, char *argv[]) -{ - const SSL_METHOD *method; - SSL_CTX *ctx; - SSL *ssl; - BIO *abio, *cbio; - SSL_SESSION *session; - int ch, error, listciphers = 0, sessionreuse = 0, verify = 0; - int version = 0; - char buf[256], *dhparam = NULL; - char *ca = NULL, *crt = NULL, *key = NULL, *ciphers = NULL; - char *host_port, *host = "127.0.0.1", *port = "0"; - - while ((ch = getopt(argc, argv, "C:c:k:Ll:p:sV:v")) != -1) { - switch (ch) { - case 'C': - ca = optarg; - break; - case 'c': - crt = optarg; - break; - case 'k': - key = optarg; - break; - case 'L': - listciphers = 1; - break; - case 'l': - ciphers = optarg; - break; - case 'p': - dhparam = optarg; - break; - case 's': - /* multiple reueses are possible */ - sessionreuse++; - break; - case 'V': - if (strcmp(optarg, "TLS1") == 0) { - version = TLS1_VERSION; - } else if (strcmp(optarg, "TLS1_1") == 0) { - version = TLS1_1_VERSION; - } else if (strcmp(optarg, "TLS1_2") == 0) { - version = TLS1_2_VERSION; -#ifdef TLS1_3_VERSION - } else if (strcmp(optarg, "TLS1_3") == 0) { - version = TLS1_3_VERSION; -#endif - } else { - errx(1, "unknown protocol version: %s", optarg); - } - break; - case 'v': - /* use twice to force client cert */ - verify++; - break; - default: - usage(); - } - } - argc -= optind; - argv += optind; - if (argc == 2) { - host = argv[0]; - port = argv[1]; - } else if (argc != 0 && !listciphers) { - usage(); - } - if (asprintf(&host_port, strchr(host, ':') ? "[%s]:%s" : "%s:%s", - host, port) == -1) - err(1, "asprintf host port"); - if ((crt == NULL && key != NULL) || (crt != NULL && key == NULL)) - errx(1, "certificate and private key must be used together"); - if (crt == NULL && asprintf(&crt, "%s.crt", host) == -1) - err(1, "asprintf crt"); - if (key == NULL && asprintf(&key, "%s.key", host) == -1) - err(1, "asprintf key"); - - SSL_library_init(); - SSL_load_error_strings(); - print_version(); - - /* setup method and context */ -#if OPENSSL_VERSION_NUMBER >= 0x1010000f - method = TLS_server_method(); - if (method == NULL) - err_ssl(1, "TLS_server_method"); -#else - switch (version) { - case TLS1_VERSION: - method = TLSv1_server_method(); - break; - case TLS1_1_VERSION: - method = TLSv1_1_server_method(); - break; - case TLS1_2_VERSION: - method = TLSv1_2_server_method(); - break; -#ifdef TLS1_3_VERSION - case TLS1_3_VERSION: - err(1, "TLS1_3 not supported"); -#endif - default: - method = SSLv23_server_method(); - break; - } - if (method == NULL) - err_ssl(1, "SSLv23_server_method"); -#endif - ctx = SSL_CTX_new(method); - if (ctx == NULL) - err_ssl(1, "SSL_CTX_new"); - -#if OPENSSL_VERSION_NUMBER >= 0x1010000f - if (version) { - if (SSL_CTX_set_min_proto_version(ctx, version) != 1) - err_ssl(1, "SSL_CTX_set_min_proto_version"); - if (SSL_CTX_set_max_proto_version(ctx, version) != 1) - err_ssl(1, "SSL_CTX_set_max_proto_version"); - } -#endif - -#if OPENSSL_VERSION_NUMBER >= 0x10100000 - /* needed to use DHE cipher with libressl */ - if (SSL_CTX_set_dh_auto(ctx, 1) <= 0) - err_ssl(1, "SSL_CTX_set_dh_auto"); -#endif - /* needed to use ADH, EDH, DHE cipher with openssl */ - if (dhparam != NULL) { - DH *dh; - FILE *file; - - file = fopen(dhparam, "r"); - if (file == NULL) - err(1, "fopen %s", dhparam); - dh = PEM_read_DHparams(file, NULL, NULL, NULL); - if (dh == NULL) - err_ssl(1, "PEM_read_DHparams"); - if (SSL_CTX_set_tmp_dh(ctx, dh) <= 0) - err_ssl(1, "SSL_CTX_set_tmp_dh"); - fclose(file); - } - - /* needed when linking with OpenSSL 1.0.2p */ - if (SSL_CTX_set_ecdh_auto(ctx, 1) <= 0) - err_ssl(1, "SSL_CTX_set_ecdh_auto"); - - /* load server certificate */ - if (SSL_CTX_use_certificate_file(ctx, crt, SSL_FILETYPE_PEM) <= 0) - err_ssl(1, "SSL_CTX_use_certificate_file"); - if (SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM) <= 0) - err_ssl(1, "SSL_CTX_use_PrivateKey_file"); - if (SSL_CTX_check_private_key(ctx) <= 0) - err_ssl(1, "SSL_CTX_check_private_key"); - - /* request client certificate and verify it */ - if (ca != NULL) { - STACK_OF(X509_NAME) *x509stack; - - x509stack = SSL_load_client_CA_file(ca); - if (x509stack == NULL) - err_ssl(1, "SSL_load_client_CA_file"); - SSL_CTX_set_client_CA_list(ctx, x509stack); - if (SSL_CTX_load_verify_locations(ctx, ca, NULL) <= 0) - err_ssl(1, "SSL_CTX_load_verify_locations"); - } - SSL_CTX_set_verify(ctx, - verify == 0 ? SSL_VERIFY_NONE : - verify == 1 ? SSL_VERIFY_PEER : - SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, - verify_callback); - - if (sessionreuse) { - uint32_t context; - - SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER); - context = arc4random(); - if (SSL_CTX_set_session_id_context(ctx, - (unsigned char *)&context, sizeof(context)) <= 0) - err_ssl(1, "SSL_CTX_set_session_id_context"); - } - - if (ciphers) { - if (SSL_CTX_set_cipher_list(ctx, ciphers) <= 0) - err_ssl(1, "SSL_CTX_set_cipher_list"); - } - - if (listciphers) { - ssl = SSL_new(ctx); - if (ssl == NULL) - err_ssl(1, "SSL_new"); - print_ciphers(SSL_get_ciphers(ssl)); - return 0; - } - - /* setup bio for socket operations */ - abio = BIO_new_accept(host_port); - if (abio == NULL) - err_ssl(1, "BIO_new_accept"); - - /* bind, listen */ - if (BIO_do_accept(abio) <= 0) - err_ssl(1, "BIO_do_accept setup"); - printf("listen "); - print_sockname(abio); - - /* fork to background and set timeout */ - if (daemon(1, 1) == -1) - err(1, "daemon"); - alarm(10); - - do { - /* accept connection */ - if (BIO_do_accept(abio) <= 0) - err_ssl(1, "BIO_do_accept wait"); - cbio = BIO_pop(abio); - printf("accept "); - print_sockname(cbio); - printf("accept "); - print_peername(cbio); - - /* do ssl server handshake */ - ssl = SSL_new(ctx); - if (ssl == NULL) - err_ssl(1, "SSL_new"); - SSL_set_bio(ssl, cbio, cbio); - if ((error = SSL_accept(ssl)) <= 0) - err_ssl(1, "SSL_accept %d", error); - printf("session %d: %s\n", sessionreuse, - SSL_session_reused(ssl) ? "reuse" : "new"); - if (fflush(stdout) != 0) - err(1, "fflush stdout"); - - - /* print session statistics */ - session = SSL_get_session(ssl); - if (session == NULL) - err_ssl(1, "SSL_get_session"); - if (SSL_SESSION_print_fp(stdout, session) <= 0) - err_ssl(1, "SSL_SESSION_print_fp"); - - /* write server greeting and read client hello over TLS */ - strlcpy(buf, "greeting\n", sizeof(buf)); - printf(">>> %s", buf); - if (fflush(stdout) != 0) - err(1, "fflush stdout"); - if ((error = SSL_write(ssl, buf, 9)) <= 0) - err_ssl(1, "SSL_write %d", error); - if (error != 9) - errx(1, "write not 9 bytes greeting: %d", error); - if ((error = SSL_read(ssl, buf, 6)) <= 0) - err_ssl(1, "SSL_read %d", error); - if (error != 6) - errx(1, "read not 6 bytes hello: %d", error); - buf[6] = '\0'; - printf("<<< %s", buf); - if (fflush(stdout) != 0) - err(1, "fflush stdout"); - - /* shutdown connection */ - if ((error = SSL_shutdown(ssl)) < 0) - err_ssl(1, "SSL_shutdown unidirectional %d", error); - if (error <= 0) { - if ((error = SSL_shutdown(ssl)) <= 0) - err_ssl(1, "SSL_shutdown bidirectional %d", - error); - } - - SSL_free(ssl); - } while (sessionreuse--); - - SSL_CTX_free(ctx); - - printf("success\n"); - - return 0; -} diff --git a/src/regress/lib/libssl/interop/session/Makefile b/src/regress/lib/libssl/interop/session/Makefile deleted file mode 100644 index 12d3eb2af7..0000000000 --- a/src/regress/lib/libssl/interop/session/Makefile +++ /dev/null @@ -1,46 +0,0 @@ -# $OpenBSD: Makefile,v 1.6 2020/12/17 00:51:11 bluhm Exp $ - -LIBRARIES = libressl -.if exists(/usr/local/bin/eopenssl) -LIBRARIES += openssl -.endif -.if exists(/usr/local/bin/eopenssl11) -LIBRARIES += openssl11 -.endif - -run-session-client-libressl-server-libressl \ -run-session-client-libressl-server-openssl11 \ -run-session-client-openssl11-server-libressl \ -run-session-client-openssl11-server-openssl11: - # TLS 1.3 needs some extra setup for session reuse - @echo DISABLED - -.for clib in ${LIBRARIES} -.for slib in ${LIBRARIES} - -REGRESS_TARGETS += run-session-client-${clib}-server-${slib} - -run-session-client-${clib}-server-${slib}: \ - 127.0.0.1.crt ../${clib}/client ../${slib}/server - LD_LIBRARY_PATH=/usr/local/lib/e${slib} \ - ../${slib}/server >${@:S/^run/server/}.out \ - -ss \ - 127.0.0.1 0 - LD_LIBRARY_PATH=/usr/local/lib/e${clib} \ - ../${clib}/client >${@:S/^run/client/}.out \ - -ss \ - `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out` - grep '^success$$' ${@:S/^run/server/}.out || \ - { sleep 1; grep '^success$$' ${@:S/^run/server/}.out; } - grep '^success$$' ${@:S/^run/client/}.out - grep '^session 2: new$$' ${@:S/^run/server/}.out - grep '^session 2: new$$' ${@:S/^run/client/}.out - grep '^session 1: reuse$$' ${@:S/^run/server/}.out - grep '^session 1: reuse$$' ${@:S/^run/client/}.out - grep '^session 0: reuse$$' ${@:S/^run/server/}.out - grep '^session 0: reuse$$' ${@:S/^run/client/}.out - -.endfor -.endfor - -.include diff --git a/src/regress/lib/libssl/interop/util.c b/src/regress/lib/libssl/interop/util.c deleted file mode 100644 index 5190e81828..0000000000 --- a/src/regress/lib/libssl/interop/util.c +++ /dev/null @@ -1,145 +0,0 @@ -/* $OpenBSD: util.c,v 1.3 2018/11/09 06:30:41 bluhm Exp $ */ -/* - * Copyright (c) 2018 Alexander Bluhm - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include -#include - -#include -#include -#include -#include - -#include "util.h" - -void -print_version(void) -{ -#ifdef OPENSSL_VERSION_NUMBER - printf("OPENSSL_VERSION_NUMBER: %#08lx\n", OPENSSL_VERSION_NUMBER); -#endif -#ifdef LIBRESSL_VERSION_NUMBER - printf("LIBRESSL_VERSION_NUMBER: %#08lx\n", LIBRESSL_VERSION_NUMBER); -#endif -#ifdef LIBRESSL_VERSION_TEXT - printf("LIBRESSL_VERSION_TEXT: %s\n", LIBRESSL_VERSION_TEXT); -#endif -#if OPENSSL_VERSION_NUMBER >= 0x1010000f - printf("OpenSSL_version_num: %#08lx\n", OpenSSL_version_num()); - printf("OpenSSL_version OPENSSL_VERSION: %s\n", - OpenSSL_version(OPENSSL_VERSION)); - printf("OpenSSL_version OPENSSL_CFLAGS: %s\n", - OpenSSL_version(OPENSSL_CFLAGS)); - printf("OpenSSL_version OPENSSL_BUILT_ON: %s\n", - OpenSSL_version(OPENSSL_BUILT_ON)); - printf("OpenSSL_version OPENSSL_PLATFORM: %s\n", - OpenSSL_version(OPENSSL_PLATFORM)); - printf("OpenSSL_version OPENSSL_DIR: %s\n", - OpenSSL_version(OPENSSL_DIR)); - printf("OpenSSL_version OPENSSL_ENGINES_DIR: %s\n", - OpenSSL_version(OPENSSL_ENGINES_DIR)); -#endif - printf("SSLeay: %#08lx\n", SSLeay()); - printf("SSLeay_version SSLEAY_VERSION: %s\n", - SSLeay_version(SSLEAY_VERSION)); - printf("SSLeay_version SSLEAY_CFLAGS: %s\n", - SSLeay_version(SSLEAY_CFLAGS)); - printf("SSLeay_version SSLEAY_BUILT_ON: %s\n", - SSLeay_version(SSLEAY_BUILT_ON)); - printf("SSLeay_version SSLEAY_PLATFORM: %s\n", - SSLeay_version(SSLEAY_PLATFORM)); - printf("SSLeay_version SSLEAY_DIR: %s\n", - SSLeay_version(SSLEAY_DIR)); -} - -void -print_ciphers(STACK_OF(SSL_CIPHER) *cstack) -{ - const SSL_CIPHER *cipher; - int i; - - for (i = 0; (cipher = sk_SSL_CIPHER_value(cstack, i)) != NULL; i++) - printf("cipher %s\n", SSL_CIPHER_get_name(cipher)); - if (fflush(stdout) != 0) - err(1, "fflush stdout"); -} - -void -print_sockname(BIO *bio) -{ - struct sockaddr_storage ss; - socklen_t slen; - char host[NI_MAXHOST], port[NI_MAXSERV]; - int fd; - - if (BIO_get_fd(bio, &fd) <= 0) - err_ssl(1, "BIO_get_fd"); - slen = sizeof(ss); - if (getsockname(fd, (struct sockaddr *)&ss, &slen) == -1) - err(1, "getsockname"); - if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host, - sizeof(host), port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV)) - errx(1, "getnameinfo"); - printf("sock: %s %s\n", host, port); - if (fflush(stdout) != 0) - err(1, "fflush stdout"); -} - -void -print_peername(BIO *bio) -{ - struct sockaddr_storage ss; - socklen_t slen; - char host[NI_MAXHOST], port[NI_MAXSERV]; - int fd; - - if (BIO_get_fd(bio, &fd) <= 0) - err_ssl(1, "BIO_get_fd"); - slen = sizeof(ss); - if (getpeername(fd, (struct sockaddr *)&ss, &slen) == -1) - err(1, "getpeername"); - if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host, - sizeof(host), port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV)) - errx(1, "getnameinfo"); - printf("peer: %s %s\n", host, port); - if (fflush(stdout) != 0) - err(1, "fflush stdout"); -} - -void -err_ssl(int eval, const char *fmt, ...) -{ - va_list ap; - - ERR_print_errors_fp(stderr); - va_start(ap, fmt); - verrx(eval, fmt, ap); - va_end(ap); -} - -int -verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) -{ - printf("verify: %s\n", preverify_ok ? "pass" : "fail"); - if (fflush(stdout) != 0) - err(1, "fflush stdout"); - - return preverify_ok; -} diff --git a/src/regress/lib/libssl/interop/util.h b/src/regress/lib/libssl/interop/util.h deleted file mode 100644 index 7414a037d7..0000000000 --- a/src/regress/lib/libssl/interop/util.h +++ /dev/null @@ -1,23 +0,0 @@ -/* $OpenBSD: util.h,v 1.3 2018/11/09 06:30:41 bluhm Exp $ */ -/* - * Copyright (c) 2018 Alexander Bluhm - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -void print_version(void); -void print_ciphers(STACK_OF(SSL_CIPHER) *); -void print_sockname(BIO *); -void print_peername(BIO *); -void err_ssl(int, const char *, ...); -int verify_callback(int, X509_STORE_CTX *); diff --git a/src/regress/lib/libssl/interop/version/Makefile b/src/regress/lib/libssl/interop/version/Makefile deleted file mode 100644 index 7ac86ccbeb..0000000000 --- a/src/regress/lib/libssl/interop/version/Makefile +++ /dev/null @@ -1,103 +0,0 @@ -# $OpenBSD: Makefile,v 1.3 2020/12/17 00:51:12 bluhm Exp $ - -# Connect a client to a server. Both can be current libressl, or -# openssl 1.0.2, or openssl 1.1. Pin client or server to a fixed TLS -# version number. Incompatible versions must fail. Check that client -# and server have used correct version by grepping in their session -# print out. - -LIBRARIES = libressl -.if exists(/usr/local/bin/eopenssl) -LIBRARIES += openssl -.endif -.if exists(/usr/local/bin/eopenssl11) -LIBRARIES += openssl11 -.endif - -VERSIONS = any TLS1 TLS1_1 TLS1_2 TLS1_3 - -.for cver in ${VERSIONS} -.for sver in ${VERSIONS} - -.if "${cver}" == any || "${sver}" == any || "${cver}" == "${sver}" -FAIL_${cver}_${sver} = -.else -FAIL_${cver}_${sver} = ! -.endif - -.for clib in ${LIBRARIES} -.for slib in ${LIBRARIES} - -.if ("${clib}" != openssl && "${slib}" != openssl) || \ - ("${cver}" != TLS1_3 && "${sver}" != TLS1_3) - -.if ("${clib}" == "libressl" || "${slib}" == "libressl") -REGRESS_TARGETS += run-version-client-${clib}-${cver}-server-${slib}-${sver} -.else -REGRESS_SLOW_TARGETS += run-version-client-${clib}-${cver}-server-${slib}-${sver} -.endif - -run-version-client-${clib}-${cver}-server-${slib}-${sver} \ -client-version-client-${clib}-${cver}-server-${slib}-${sver}.out \ -server-version-client-${clib}-${cver}-server-${slib}-${sver}.out: \ - 127.0.0.1.crt ../${clib}/client ../${slib}/server - LD_LIBRARY_PATH=/usr/local/lib/e${slib} \ - ../${slib}/server >${@:S/^run/server/}.out \ - -c 127.0.0.1.crt -k 127.0.0.1.key \ - ${sver:Nany:S/^/-V /} \ - 127.0.0.1 0 - ${FAIL_${cver}_${sver}} \ - LD_LIBRARY_PATH=/usr/local/lib/e${clib} \ - ../${clib}/client >${@:S/^run/client/}.out \ - ${cver:Nany:S/^/-V /} \ - `sed -n 's/listen sock: //p' ${@:S/^run/server/}.out` -.if empty(${FAIL_${cver}_${sver}}) - grep -q '^success$$' ${@:S/^run/server/}.out || \ - { sleep 1; grep -q '^success$$' ${@:S/^run/server/}.out; } - grep -q '^success$$' ${@:S/^run/client/}.out -.endif - -.if empty(${FAIL_${cver}_${sver}}) - -.if ("${clib}" == "libressl" || "${slib}" == "libressl") -REGRESS_TARGETS += check-version-client-${clib}-${cver}-server-${slib}-${sver} -.else -REGRESS_SLOW_TARGETS += check-version-client-${clib}-${cver}-server-${slib}-${sver} -.endif - -check-version-client-${clib}-${cver}-server-${slib}-${sver}: \ - client-version-client-${clib}-${cver}-server-${slib}-${sver}.out \ - server-version-client-${clib}-${cver}-server-${slib}-${sver}.out - @grep ' Protocol *: ' ${@:S/^check/client/}.out - @grep ' Protocol *: ' ${@:S/^check/server/}.out -.if "${cver}" == any -.if "${sver}" == any -.if "${clib}" == openssl || "${slib}" == openssl - grep -q ' Protocol *: TLSv1.2$$' ${@:S/^check/client/}.out - grep -q ' Protocol *: TLSv1.2$$' ${@:S/^check/server/}.out -.else - grep -q ' Protocol *: TLSv1.3$$' ${@:S/^check/client/}.out - grep -q ' Protocol *: TLSv1.3$$' ${@:S/^check/server/}.out -.endif -.else - grep -q ' Protocol *: ${sver:S/TLS/TLSv/:S/_/./}$$' \ - ${@:S/^check/client/}.out - grep -q ' Protocol *: ${sver:S/TLS/TLSv/:S/_/./}$$' \ - ${@:S/^check/server/}.out -.endif -.else - grep -q ' Protocol *: ${cver:S/TLS/TLSv/:S/_/./}$$' \ - ${@:S/^check/client/}.out - grep -q ' Protocol *: ${cver:S/TLS/TLSv/:S/_/./}$$' \ - ${@:S/^check/server/}.out -.endif -.endif - -.endif - -.endfor -.endfor -.endfor -.endfor - -.include diff --git a/src/regress/lib/libssl/key_schedule/Makefile b/src/regress/lib/libssl/key_schedule/Makefile deleted file mode 100644 index 24e12b7c36..0000000000 --- a/src/regress/lib/libssl/key_schedule/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -# $OpenBSD: Makefile,v 1.1 2018/11/07 19:43:12 beck Exp $ - -PROG= key_schedule -LDADD= ${SSL_INT} -lcrypto -DPADD= ${LIBCRYPTO} ${LIBSSL} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror -I$(BSDSRCDIR)/lib/libssl - -.include diff --git a/src/regress/lib/libssl/key_schedule/key_schedule.c b/src/regress/lib/libssl/key_schedule/key_schedule.c deleted file mode 100644 index 2746bb593d..0000000000 --- a/src/regress/lib/libssl/key_schedule/key_schedule.c +++ /dev/null @@ -1,317 +0,0 @@ -/* $OpenBSD: key_schedule.c,v 1.9 2019/11/18 02:09:58 beck Exp $ */ -/* - * Copyright (c) 2018-2019 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "ssl_locl.h" - -#include "bytestring.h" -#include "ssl_tlsext.h" -#include "tls13_internal.h" - -static int failures = 0; - -static void -hexdump(const unsigned char *buf, size_t len) -{ - size_t i; - - for (i = 1; i <= len; i++) - fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n"); - - fprintf(stderr, "\n"); -} - -static void -compare_data(const uint8_t *recv, size_t recv_len, const uint8_t *expect, - size_t expect_len) -{ - fprintf(stderr, "received:\n"); - hexdump(recv, recv_len); - - fprintf(stderr, "test data:\n"); - hexdump(expect, expect_len); -} - -#define FAIL(msg, ...) \ -do { \ - fprintf(stderr, "[%s:%d] FAIL: ", __FILE__, __LINE__); \ - fprintf(stderr, msg, ##__VA_ARGS__); \ - failures++; \ -} while(0) - -/* Hashes and secrets from test vector */ - -uint8_t chello[] = { - 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, - 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, - 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, - 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 -}; -const struct tls13_secret chello_hash = { - .data = chello, - .len = 32, -}; - -uint8_t cshello [] = { - 0x86, 0x0c, 0x06, 0xed, 0xc0, 0x78, 0x58, 0xee, - 0x8e, 0x78, 0xf0, 0xe7, 0x42, 0x8c, 0x58, 0xed, - 0xd6, 0xb4, 0x3f, 0x2c, 0xa3, 0xe6, 0xe9, 0x5f, - 0x02, 0xed, 0x06, 0x3c, 0xf0, 0xe1, 0xca, 0xd8 -}; - -const struct tls13_secret cshello_hash = { - .data = cshello, - .len = 32, -}; - -const uint8_t ecdhe [] = { - 0x8b, 0xd4, 0x05, 0x4f, 0xb5, 0x5b, 0x9d, 0x63, - 0xfd, 0xfb, 0xac, 0xf9, 0xf0, 0x4b, 0x9f, 0x0d, - 0x35, 0xe6, 0xd6, 0x3f, 0x53, 0x75, 0x63, 0xef, - 0xd4, 0x62, 0x72, 0x90, 0x0f, 0x89, 0x49, 0x2d -}; - -uint8_t csfhello [] = { - 0x96, 0x08, 0x10, 0x2a, 0x0f, 0x1c, 0xcc, 0x6d, - 0xb6, 0x25, 0x0b, 0x7b, 0x7e, 0x41, 0x7b, 0x1a, - 0x00, 0x0e, 0xaa, 0xda, 0x3d, 0xaa, 0xe4, 0x77, - 0x7a, 0x76, 0x86, 0xc9, 0xff, 0x83, 0xdf, 0x13 -}; - -const struct tls13_secret csfhello_hash = { - .data = csfhello, - .len = 32, -}; - - -/* Expected Values */ - -uint8_t expected_extracted_early[] = { - 0x33, 0xad, 0x0a, 0x1c, 0x60, 0x7e, 0xc0, 0x3b, - 0x09, 0xe6, 0xcd, 0x98, 0x93, 0x68, 0x0c, 0xe2, - 0x10, 0xad, 0xf3, 0x00, 0xaa, 0x1f, 0x26, 0x60, - 0xe1, 0xb2, 0x2e, 0x10, 0xf1, 0x70, 0xf9, 0x2a -}; -uint8_t expected_derived_early[] = { - 0x6f, 0x26, 0x15, 0xa1, 0x08, 0xc7, 0x02, 0xc5, - 0x67, 0x8f, 0x54, 0xfc, 0x9d, 0xba, 0xb6, 0x97, - 0x16, 0xc0, 0x76, 0x18, 0x9c, 0x48, 0x25, 0x0c, - 0xeb, 0xea, 0xc3, 0x57, 0x6c, 0x36, 0x11, 0xba -}; -uint8_t expected_extracted_handshake[] = { - 0x1d, 0xc8, 0x26, 0xe9, 0x36, 0x06, 0xaa, 0x6f, - 0xdc, 0x0a, 0xad, 0xc1, 0x2f, 0x74, 0x1b, 0x01, - 0x04, 0x6a, 0xa6, 0xb9, 0x9f, 0x69, 0x1e, 0xd2, - 0x21, 0xa9, 0xf0, 0xca, 0x04, 0x3f, 0xbe, 0xac -}; -uint8_t expected_client_handshake_traffic[] = { - 0xb3, 0xed, 0xdb, 0x12, 0x6e, 0x06, 0x7f, 0x35, - 0xa7, 0x80, 0xb3, 0xab, 0xf4, 0x5e, 0x2d, 0x8f, - 0x3b, 0x1a, 0x95, 0x07, 0x38, 0xf5, 0x2e, 0x96, - 0x00, 0x74, 0x6a, 0x0e, 0x27, 0xa5, 0x5a, 0x21 -}; - -uint8_t expected_server_handshake_traffic[] = { - 0xb6, 0x7b, 0x7d, 0x69, 0x0c, 0xc1, 0x6c, 0x4e, - 0x75, 0xe5, 0x42, 0x13, 0xcb, 0x2d, 0x37, 0xb4, - 0xe9, 0xc9, 0x12, 0xbc, 0xde, 0xd9, 0x10, 0x5d, - 0x42, 0xbe, 0xfd, 0x59, 0xd3, 0x91, 0xad, 0x38 -}; - -uint8_t expected_derived_handshake[] = { - 0x43, 0xde, 0x77, 0xe0, 0xc7, 0x77, 0x13, 0x85, - 0x9a, 0x94, 0x4d, 0xb9, 0xdb, 0x25, 0x90, 0xb5, - 0x31, 0x90, 0xa6, 0x5b, 0x3e, 0xe2, 0xe4, 0xf1, - 0x2d, 0xd7, 0xa0, 0xbb, 0x7c, 0xe2, 0x54, 0xb4 -}; - -uint8_t expected_extracted_master[] = { - 0x18, 0xdf, 0x06, 0x84, 0x3d, 0x13, 0xa0, 0x8b, - 0xf2, 0xa4, 0x49, 0x84, 0x4c, 0x5f, 0x8a, 0x47, - 0x80, 0x01, 0xbc, 0x4d, 0x4c, 0x62, 0x79, 0x84, - 0xd5, 0xa4, 0x1d, 0xa8, 0xd0, 0x40, 0x29, 0x19 -}; - -uint8_t expected_server_application_traffic[] = { - 0xa1, 0x1a, 0xf9, 0xf0, 0x55, 0x31, 0xf8, 0x56, - 0xad, 0x47, 0x11, 0x6b, 0x45, 0xa9, 0x50, 0x32, - 0x82, 0x04, 0xb4, 0xf4, 0x4b, 0xfb, 0x6b, 0x3a, - 0x4b, 0x4f, 0x1f, 0x3f, 0xcb, 0x63, 0x16, 0x43 -}; - -uint8_t expected_server_application_traffic_updated[] = { - 0x51, 0x92, 0x1b, 0x8a, 0xa3, 0x00, 0x19, 0x76, - 0xeb, 0x40, 0x1d, 0x0a, 0x43, 0x19, 0xa8, 0x51, - 0x64, 0x16, 0xa6, 0xc5, 0x60, 0x01, 0xa3, 0x57, - 0xe5, 0xd1, 0x62, 0x03, 0x1e, 0x84, 0xf9, 0x16, -}; - -uint8_t expected_client_application_traffic[] = { - 0x9e, 0x40, 0x64, 0x6c, 0xe7, 0x9a, 0x7f, 0x9d, - 0xc0, 0x5a, 0xf8, 0x88, 0x9b, 0xce, 0x65, 0x52, - 0x87, 0x5a, 0xfa, 0x0b, 0x06, 0xdf, 0x00, 0x87, - 0xf7, 0x92, 0xeb, 0xb7, 0xc1, 0x75, 0x04, 0xa5, -}; - -uint8_t expected_client_application_traffic_updated[] = { - 0xfc, 0xdf, 0xcc, 0x72, 0x72, 0x5a, 0xae, 0xe4, - 0x8b, 0xf6, 0x4e, 0x4f, 0xd8, 0xb7, 0x49, 0xcd, - 0xbd, 0xba, 0xb3, 0x9d, 0x90, 0xda, 0x0b, 0x26, - 0xe2, 0x24, 0x5c, 0xa6, 0xea, 0x16, 0x72, 0x07, -}; - -uint8_t expected_exporter_master[] = { - 0xfe, 0x22, 0xf8, 0x81, 0x17, 0x6e, 0xda, 0x18, - 0xeb, 0x8f, 0x44, 0x52, 0x9e, 0x67, 0x92, 0xc5, - 0x0c, 0x9a, 0x3f, 0x89, 0x45, 0x2f, 0x68, 0xd8, - 0xae, 0x31, 0x1b, 0x43, 0x09, 0xd3, 0xcf, 0x50 -}; - -int -main (int argc, char **argv) -{ - struct tls13_secrets *secrets; - - if ((secrets = tls13_secrets_create(EVP_sha256(), 0)) == NULL) - errx(1,"failed to create secrets\n"); - - secrets->insecure = 1; /* don't explicit_bzero when done */ - - if (tls13_derive_handshake_secrets(secrets, ecdhe, 32, &cshello_hash)) - FAIL("derive_handshake_secrets worked when it shouldn't\n"); - if (tls13_derive_application_secrets(secrets, - &chello_hash)) - FAIL("derive_application_secrets worked when it shouldn't\n"); - - if (!tls13_derive_early_secrets(secrets, - secrets->zeros.data, secrets->zeros.len, &chello_hash)) - FAIL("derive_early_secrets failed\n"); - if (tls13_derive_early_secrets(secrets, - secrets->zeros.data, secrets->zeros.len, &chello_hash)) - FAIL("derive_early_secrets worked when it shouldn't(2)\n"); - - if (!tls13_derive_handshake_secrets(secrets, ecdhe, 32, &cshello_hash)) - FAIL("derive_handshake_secrets failed\n"); - if (tls13_derive_handshake_secrets(secrets, ecdhe, 32, &cshello_hash)) - FAIL("derive_handshake_secrets worked when it shouldn't(2)\n"); - - /* XXX fix hash here once test vector sorted */ - if (!tls13_derive_application_secrets(secrets, &csfhello_hash)) - FAIL("derive_application_secrets failed\n"); - if (tls13_derive_application_secrets(secrets, &csfhello_hash)) - FAIL("derive_application_secrets worked when it " - "shouldn't(2)\n"); - - fprintf(stderr, "extracted_early:\n"); - compare_data(secrets->extracted_early.data, 32, - expected_extracted_early, 32); - if (memcmp(secrets->extracted_early.data, - expected_extracted_early, 32) != 0) - FAIL("extracted_early does not match\n"); - - fprintf(stderr, "derived_early:\n"); - compare_data(secrets->derived_early.data, 32, - expected_derived_early, 32); - if (memcmp(secrets->derived_early.data, - expected_derived_early, 32) != 0) - FAIL("derived_early does not match\n"); - - fprintf(stderr, "extracted_handshake:\n"); - compare_data(secrets->extracted_handshake.data, 32, - expected_extracted_handshake, 32); - if (memcmp(secrets->extracted_handshake.data, - expected_extracted_handshake, 32) != 0) - FAIL("extracted_handshake does not match\n"); - - fprintf(stderr, "client_handshake_traffic:\n"); - compare_data(secrets->client_handshake_traffic.data, 32, - expected_client_handshake_traffic, 32); - if (memcmp(secrets->client_handshake_traffic.data, - expected_client_handshake_traffic, 32) != 0) - FAIL("client_handshake_traffic does not match\n"); - - fprintf(stderr, "server_handshake_traffic:\n"); - compare_data(secrets->server_handshake_traffic.data, 32, - expected_server_handshake_traffic, 32); - if (memcmp(secrets->server_handshake_traffic.data, - expected_server_handshake_traffic, 32) != 0) - FAIL("server_handshake_traffic does not match\n"); - - fprintf(stderr, "derived_early:\n"); - compare_data(secrets->derived_early.data, 32, - expected_derived_early, 32); - if (memcmp(secrets->derived_early.data, - expected_derived_early, 32) != 0) - FAIL("derived_early does not match\n"); - - fprintf(stderr, "derived_handshake:\n"); - compare_data(secrets->derived_handshake.data, 32, - expected_derived_handshake, 32); - if (memcmp(secrets->derived_handshake.data, - expected_derived_handshake, 32) != 0) - FAIL("derived_handshake does not match\n"); - - fprintf(stderr, "extracted_master:\n"); - compare_data(secrets->extracted_master.data, 32, - expected_extracted_master, 32); - if (memcmp(secrets->extracted_master.data, - expected_extracted_master, 32) != 0) - FAIL("extracted_master does not match\n"); - - fprintf(stderr, "server_application_traffic:\n"); - compare_data(secrets->server_application_traffic.data, 32, - expected_server_application_traffic, 32); - if (memcmp(secrets->server_application_traffic.data, - expected_server_application_traffic, 32) != 0) - FAIL("server_application_traffic does not match\n"); - - fprintf(stderr, "client_application_traffic:\n"); - compare_data(secrets->client_application_traffic.data, 32, - expected_client_application_traffic, 32); - if (memcmp(secrets->client_application_traffic.data, - expected_client_application_traffic, 32) != 0) - FAIL("server_application_traffic does not match\n"); - - fprintf(stderr, "exporter_master:\n"); - compare_data(secrets->exporter_master.data, 32, - expected_exporter_master, 32); - if (memcmp(secrets->exporter_master.data, - expected_exporter_master, 32) != 0) - FAIL("exporter_master does not match\n"); - - tls13_update_server_traffic_secret(secrets); - fprintf(stderr, "server_application_traffic after update:\n"); - compare_data(secrets->server_application_traffic.data, 32, - expected_server_application_traffic_updated, 32); - if (memcmp(secrets->server_application_traffic.data, - expected_server_application_traffic_updated, 32) != 0) - FAIL("server_application_traffic does not match after update\n"); - - - tls13_update_client_traffic_secret(secrets); - fprintf(stderr, "client_application_traffic after update:\n"); - compare_data(secrets->client_application_traffic.data, 32, - expected_client_application_traffic_updated, 32); - if (memcmp(secrets->client_application_traffic.data, - expected_client_application_traffic_updated, 32) != 0) - FAIL("client_application_traffic does not match after update\n"); - - tls13_secrets_destroy(secrets); - - return failures; -} diff --git a/src/regress/lib/libssl/openssl-ruby/Makefile b/src/regress/lib/libssl/openssl-ruby/Makefile deleted file mode 100644 index 7a897157d1..0000000000 --- a/src/regress/lib/libssl/openssl-ruby/Makefile +++ /dev/null @@ -1,72 +0,0 @@ -# $OpenBSD: Makefile,v 1.1 2021/05/03 18:21:00 tb Exp $ - -OPENSSL_RUBY_TESTS = /usr/local/share/openssl-ruby-tests -RUBY_BINREV = 27 -RUBY = ruby${RUBY_BINREV} - -# We work in a subdirectory of obj/ since extconf.rb generates a Makefile whose -# name can't be customized in $PWD. An obj/Makefile in turn confuses either make -# or bsd.*.mk. This hurts when things are in an unexpected state after a signal. -BUILDDIR = build - -.if !exists(${OPENSSL_RUBY_TESTS}) -regress: - @echo package openssl-ruby-tests is required for this regress - @echo SKIPPED -.else - -REGRESS_TARGETS += openssl-ruby-test -REGRESS_EXPECTED_FAILURES += openssl-ruby-test - -openssl-ruby-test: retest - -_BUILDDIR_COOKIE = .builddir -_BUILD_COOKIE = .build -_TEST_COOKIE = .test - -${_BUILDDIR_COOKIE}: - mkdir -p ${BUILDDIR} - touch $@ - -${_BUILD_COOKIE}: ${_BUILDDIR_COOKIE} - cd ${BUILDDIR} && \ - ${RUBY} ${OPENSSL_RUBY_TESTS}/ext/openssl/extconf.rb && \ - make; - touch $@ - -OPENSSL_RUBY_TESTSRC = ${OPENSSL_RUBY_TESTS}/test/openssl/test_*.rb -${_TEST_COOKIE}: ${_BUILD_COOKIE} ${_BUILDDIR_COOKIE} - cd ${BUILDDIR} && \ - ${RUBY} -I. -I${OPENSSL_RUBY_TESTS}/test/openssl \ - -I${OPENSSL_RUBY_TESTS}/lib \ - -e 'Dir["${OPENSSL_RUBY_TESTSRC}"].each{|f| require f}' \ - -- --no-use-color --no-show-detail-immediately - touch $@ - -build: ${_BUILD_COOKIE} -test: ${_TEST_COOKIE} - -_MAKE = cd ${.CURDIR} && exec ${.MAKE} - -rebuild: - rm -f ${_BUILD_COOKIE} - ${_MAKE} build - -retest: - rm -f ${_TEST_COOKIE} - ${_MAKE} test - -CLEANFILES += ${_BUILD_COOKIE} ${_TEST_COOKIE} ${_BUILDDIR_COOKIE} - -. if make(clean) || make(cleandir) -. if exists(${BUILDDIR}) -.BEGIN: - rm -r ${BUILDDIR} -. endif -. endif - -.PHONY: build rebuild test retest - -.endif - -.include diff --git a/src/regress/lib/libssl/pqueue/Makefile b/src/regress/lib/libssl/pqueue/Makefile deleted file mode 100644 index 48c2cb7e61..0000000000 --- a/src/regress/lib/libssl/pqueue/Makefile +++ /dev/null @@ -1,17 +0,0 @@ -# $OpenBSD: Makefile,v 1.1 2016/11/04 19:45:12 jsing Exp $ - -PROG= pq_test -SRC= ${.CURDIR}/../../../../lib/libssl -CFLAGS+= -I${SRC} - -LDADD= ${SSL_INT} -lcrypto -DPADD= ${LIBSSL} ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Werror - -REGRESS_TARGETS= regress-pq_test - -regress-pq_test: ${PROG} - ${.OBJDIR}/pq_test | cmp -s ${.CURDIR}/expected.txt /dev/stdin - -.include diff --git a/src/regress/lib/libssl/pqueue/expected.txt b/src/regress/lib/libssl/pqueue/expected.txt deleted file mode 100644 index c59d6cd838..0000000000 --- a/src/regress/lib/libssl/pqueue/expected.txt +++ /dev/null @@ -1,3 +0,0 @@ -item 6966726167696c69 -item 7374696365787069 -item 737570657263616c diff --git a/src/regress/lib/libssl/pqueue/pq_test.c b/src/regress/lib/libssl/pqueue/pq_test.c deleted file mode 100644 index a078ba5366..0000000000 --- a/src/regress/lib/libssl/pqueue/pq_test.c +++ /dev/null @@ -1,118 +0,0 @@ -/* crypto/pqueue/pq_test.c */ -/* - * DTLS implementation written by Nagendra Modadugu - * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. - */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#include -#include -#include -#include "pqueue.h" - -/* remember to change expected.txt if you change these values */ -unsigned char prio1[8] = "supercal"; -unsigned char prio2[8] = "ifragili"; -unsigned char prio3[8] = "sticexpi"; - -static void -pqueue_print(pqueue pq) -{ - pitem *iter, *item; - - iter = pqueue_iterator(pq); - for (item = pqueue_next(&iter); item != NULL; - item = pqueue_next(&iter)) { - printf("item\t%02x%02x%02x%02x%02x%02x%02x%02x\n", - item->priority[0], item->priority[1], - item->priority[2], item->priority[3], - item->priority[4], item->priority[5], - item->priority[6], item->priority[7]); - } -} - -int -main(void) -{ - pitem *item; - pqueue pq; - - pq = pqueue_new(); - - item = pitem_new(prio3, NULL); - pqueue_insert(pq, item); - - item = pitem_new(prio1, NULL); - pqueue_insert(pq, item); - - item = pitem_new(prio2, NULL); - pqueue_insert(pq, item); - - item = pqueue_find(pq, prio1); - fprintf(stderr, "found %p\n", item->priority); - - item = pqueue_find(pq, prio2); - fprintf(stderr, "found %p\n", item->priority); - - item = pqueue_find(pq, prio3); - fprintf(stderr, "found %p\n", item ? item->priority: 0); - - pqueue_print(pq); - - for (item = pqueue_pop(pq); item != NULL; item = pqueue_pop(pq)) - pitem_free(item); - - pqueue_free(pq); - return 0; -} diff --git a/src/regress/lib/libssl/record/Makefile b/src/regress/lib/libssl/record/Makefile deleted file mode 100644 index f0e2bc52a8..0000000000 --- a/src/regress/lib/libssl/record/Makefile +++ /dev/null @@ -1,10 +0,0 @@ -# $OpenBSD: Makefile,v 1.1 2019/01/19 02:57:04 jsing Exp $ - -PROG= recordtest -LDADD= ${SSL_INT} -lcrypto -DPADD= ${LIBSSL} ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror -CFLAGS+= -I${.CURDIR}/../../../../lib/libssl - -.include diff --git a/src/regress/lib/libssl/record/recordtest.c b/src/regress/lib/libssl/record/recordtest.c deleted file mode 100644 index c345a68c15..0000000000 --- a/src/regress/lib/libssl/record/recordtest.c +++ /dev/null @@ -1,555 +0,0 @@ -/* $OpenBSD: recordtest.c,v 1.4 2020/05/11 18:08:37 jsing Exp $ */ -/* - * Copyright (c) 2019 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include - -#include "tls13_internal.h" -#include "tls13_record.h" - -/* Valid record. */ -static uint8_t test_record_1[] = { - 0x16, 0x03, 0x03, 0x00, 0x7a, 0x02, 0x00, 0x00, - 0x76, 0x03, 0x03, 0x14, 0xae, 0x2b, 0x6d, 0x58, - 0xe9, 0x79, 0x9d, 0xd4, 0x90, 0x52, 0x90, 0x13, - 0x1c, 0x08, 0xaa, 0x3f, 0x5b, 0xfb, 0x64, 0xfe, - 0x9a, 0xca, 0x73, 0x6d, 0x87, 0x8d, 0x8b, 0x3b, - 0x70, 0x14, 0xa3, 0x20, 0xd7, 0x50, 0xa4, 0xe5, - 0x17, 0x42, 0x5d, 0xce, 0xe6, 0xfe, 0x1b, 0x59, - 0x27, 0x6b, 0xff, 0xc8, 0x40, 0xc7, 0xac, 0x16, - 0x32, 0xe6, 0x5b, 0xd2, 0xd9, 0xd4, 0xb5, 0x3f, - 0x8f, 0x74, 0x6e, 0x7d, 0x13, 0x02, 0x00, 0x00, - 0x2e, 0x00, 0x33, 0x00, 0x24, 0x00, 0x1d, 0x00, - 0x20, 0x72, 0xb0, 0xaf, 0x7f, 0xf5, 0x89, 0x0f, - 0xcd, 0x6e, 0x45, 0xb1, 0x51, 0xa0, 0xbd, 0x1e, - 0xee, 0x7e, 0xf1, 0xa5, 0xc5, 0xc6, 0x7e, 0x5f, - 0x6a, 0xca, 0xc9, 0xe4, 0xae, 0xb9, 0x50, 0x76, - 0x0a, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, -}; - -/* Truncated record. */ -static uint8_t test_record_2[] = { - 0x17, 0x03, 0x03, 0x41, 0x00, 0x02, 0x00, 0x00, -}; - -/* Oversized and truncated record. */ -static uint8_t test_record_3[] = { - 0x17, 0x03, 0x03, 0x41, 0x01, 0x02, 0x00, 0x00, -}; - -static void -hexdump(const unsigned char *buf, size_t len) -{ - size_t i; - - for (i = 1; i <= len; i++) - fprintf(stderr, " 0x%02x,%s", buf[i - 1], i % 8 ? "" : "\n"); - if (len % 8 != 0) - fprintf(stderr, "\n"); -} - -struct rw_state { - uint8_t *buf; - size_t len; - size_t offset; - uint8_t eof; -}; - -static ssize_t -read_cb(void *buf, size_t buflen, void *cb_arg) -{ - struct rw_state *rs = cb_arg; - ssize_t n; - - if (rs->eof) - return TLS13_IO_EOF; - - if ((size_t)(n = buflen) > (rs->len - rs->offset)) - n = rs->len - rs->offset; - - if (n == 0) - return TLS13_IO_WANT_POLLIN; - - memcpy(buf, &rs->buf[rs->offset], n); - rs->offset += n; - - return n; -} - -static ssize_t -write_cb(const void *buf, size_t buflen, void *cb_arg) -{ - struct rw_state *ws = cb_arg; - ssize_t n; - - if (ws->eof) - return TLS13_IO_EOF; - - if ((size_t)(n = buflen) > (ws->len - ws->offset)) - n = ws->len - ws->offset; - - if (n == 0) - return TLS13_IO_WANT_POLLOUT; - - memcpy(&ws->buf[ws->offset], buf, n); - ws->offset += n; - - return n; -} - -struct record_test { - size_t rw_len; - int eof; - ssize_t want_ret; -}; - -struct record_recv_test { - uint8_t *read_buf; - struct record_test rt[10]; - uint8_t want_content_type; - uint8_t *want_data; - size_t want_len; -}; - -struct record_recv_test record_recv_tests[] = { - { - .read_buf = test_record_1, - .rt = { - { - .rw_len = sizeof(test_record_1), - .want_ret = sizeof(test_record_1), - }, - }, - .want_content_type = SSL3_RT_HANDSHAKE, - .want_data = test_record_1, - .want_len = sizeof(test_record_1), - }, - { - .read_buf = test_record_1, - .rt = { - { - .rw_len = 0, - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .rw_len = sizeof(test_record_1), - .want_ret = sizeof(test_record_1), - }, - }, - .want_content_type = SSL3_RT_HANDSHAKE, - .want_data = test_record_1, - .want_len = sizeof(test_record_1), - }, - { - .read_buf = test_record_1, - .rt = { - { - .rw_len = 0, - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .rw_len = 5, - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .rw_len = sizeof(test_record_1), - .want_ret = sizeof(test_record_1), - }, - }, - .want_content_type = SSL3_RT_HANDSHAKE, - .want_data = test_record_1, - .want_len = sizeof(test_record_1), - }, - { - .read_buf = test_record_1, - .rt = { - { - .rw_len = 0, - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .rw_len = 2, - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .rw_len = 6, - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .rw_len = sizeof(test_record_1), - .want_ret = sizeof(test_record_1), - }, - }, - .want_content_type = SSL3_RT_HANDSHAKE, - .want_data = test_record_1, - .want_len = sizeof(test_record_1), - }, - { - .read_buf = test_record_1, - .rt = { - { - .rw_len = 4, - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .eof = 1, - .want_ret = TLS13_IO_EOF, - }, - }, - }, - { - .read_buf = test_record_1, - .rt = { - { - .eof = 1, - .want_ret = TLS13_IO_EOF, - }, - }, - }, - { - .read_buf = test_record_2, - .rt = { - { - .rw_len = sizeof(test_record_2), - .want_ret = TLS13_IO_WANT_POLLIN, - }, - { - .eof = 1, - .want_ret = TLS13_IO_EOF, - }, - }, - .want_content_type = SSL3_RT_APPLICATION_DATA, - }, - { - .read_buf = test_record_3, - .rt = { - { - .rw_len = sizeof(test_record_3), - .want_ret = TLS13_IO_RECORD_OVERFLOW, - }, - }, - }, -}; - -#define N_RECORD_RECV_TESTS (sizeof(record_recv_tests) / sizeof(record_recv_tests[0])) - -struct record_send_test { - uint8_t *data; - size_t data_len; - struct record_test rt[10]; - uint8_t *want_data; - size_t want_len; -}; - -struct record_send_test record_send_tests[] = { - { - .data = test_record_1, - .data_len = sizeof(test_record_1), - .rt = { - { - .rw_len = sizeof(test_record_1), - .want_ret = sizeof(test_record_1), - }, - }, - .want_data = test_record_1, - .want_len = sizeof(test_record_1), - }, - { - .data = test_record_1, - .data_len = sizeof(test_record_1), - .rt = { - { - .rw_len = 0, - .want_ret = TLS13_IO_WANT_POLLOUT, - }, - { - .rw_len = sizeof(test_record_1), - .want_ret = sizeof(test_record_1), - }, - }, - .want_data = test_record_1, - .want_len = sizeof(test_record_1), - }, - { - .data = test_record_1, - .data_len = sizeof(test_record_1), - .rt = { - { - .rw_len = 0, - .want_ret = TLS13_IO_WANT_POLLOUT, - }, - { - .rw_len = 5, - .want_ret = TLS13_IO_WANT_POLLOUT, - }, - { - .rw_len = sizeof(test_record_1), - .want_ret = sizeof(test_record_1), - }, - }, - .want_data = test_record_1, - .want_len = sizeof(test_record_1), - }, - { - .data = test_record_1, - .data_len = sizeof(test_record_1), - .rt = { - { - .rw_len = 0, - .want_ret = TLS13_IO_WANT_POLLOUT, - }, - { - .rw_len = 2, - .want_ret = TLS13_IO_WANT_POLLOUT, - }, - { - .rw_len = 6, - .want_ret = TLS13_IO_WANT_POLLOUT, - }, - { - .rw_len = sizeof(test_record_1), - .want_ret = sizeof(test_record_1), - }, - }, - .want_data = test_record_1, - .want_len = sizeof(test_record_1), - }, - { - .data = test_record_1, - .data_len = sizeof(test_record_1), - .rt = { - { - .rw_len = 4, - .want_ret = TLS13_IO_WANT_POLLOUT, - }, - { - .eof = 1, - .want_ret = TLS13_IO_EOF, - }, - }, - .want_data = test_record_1, - .want_len = 4, - }, - { - .data = test_record_1, - .data_len = sizeof(test_record_1), - .rt = { - { - .rw_len = 0, - .want_ret = TLS13_IO_WANT_POLLOUT, - }, - { - .eof = 1, - .want_ret = TLS13_IO_EOF, - }, - }, - .want_data = NULL, - .want_len = 0, - }, -}; - -#define N_RECORD_SEND_TESTS (sizeof(record_send_tests) / sizeof(record_send_tests[0])) - -static int -test_record_recv(size_t test_no, struct record_recv_test *rrt) -{ - struct tls13_record *rec; - struct rw_state rs; - int failed = 1; - ssize_t ret; - size_t i; - CBS cbs; - - rs.buf = rrt->read_buf; - rs.offset = 0; - - if ((rec = tls13_record_new()) == NULL) - errx(1, "tls13_record_new"); - - for (i = 0; rrt->rt[i].rw_len != 0 || rrt->rt[i].want_ret != 0; i++) { - rs.eof = rrt->rt[i].eof; - rs.len = rrt->rt[i].rw_len; - - ret = tls13_record_recv(rec, read_cb, &rs); - if (ret != rrt->rt[i].want_ret) { - fprintf(stderr, "FAIL: Test %zu/%zu - tls_record_recv " - "returned %zi, want %zi\n", test_no, i, ret, - rrt->rt[i].want_ret); - goto failure; - } - } - - if (tls13_record_content_type(rec) != rrt->want_content_type) { - fprintf(stderr, "FAIL: Test %zu - got content type %u, " - "want %u\n", test_no, tls13_record_content_type(rec), - rrt->want_content_type); - goto failure; - } - - tls13_record_data(rec, &cbs); - if (rrt->want_data == NULL) { - if (CBS_data(&cbs) != NULL || CBS_len(&cbs) != 0) { - fprintf(stderr, "FAIL: Test %zu - got CBS with data, " - "want NULL\n", test_no); - goto failure; - } - goto done; - } - if (!CBS_mem_equal(&cbs, rrt->want_data, rrt->want_len)) { - fprintf(stderr, "FAIL: Test %zu - data mismatch\n", test_no); - fprintf(stderr, "Got record data:\n"); - hexdump(CBS_data(&cbs), CBS_len(&cbs)); - fprintf(stderr, "Want record data:\n"); - hexdump(rrt->want_data, rrt->want_len); - goto failure; - } - - if (!tls13_record_header(rec, &cbs)) { - fprintf(stderr, "FAIL: Test %zu - fail to get record " - "header", test_no); - goto failure; - } - if (!CBS_mem_equal(&cbs, rrt->want_data, TLS13_RECORD_HEADER_LEN)) { - fprintf(stderr, "FAIL: Test %zu - header mismatch\n", test_no); - fprintf(stderr, "Got record header:\n"); - hexdump(CBS_data(&cbs), CBS_len(&cbs)); - fprintf(stderr, "Want record header:\n"); - hexdump(rrt->want_data, rrt->want_len); - goto failure; - } - - if (!tls13_record_content(rec, &cbs)) { - fprintf(stderr, "FAIL: Test %zu - fail to get record " - "content", test_no); - goto failure; - } - if (!CBS_mem_equal(&cbs, rrt->want_data + TLS13_RECORD_HEADER_LEN, - rrt->want_len - TLS13_RECORD_HEADER_LEN)) { - fprintf(stderr, "FAIL: Test %zu - content mismatch\n", test_no); - fprintf(stderr, "Got record content:\n"); - hexdump(CBS_data(&cbs), CBS_len(&cbs)); - fprintf(stderr, "Want record content:\n"); - hexdump(rrt->want_data, rrt->want_len); - goto failure; - } - - done: - failed = 0; - - failure: - tls13_record_free(rec); - - return failed; -} - -static int -test_record_send(size_t test_no, struct record_send_test *rst) -{ - uint8_t *data = NULL; - struct tls13_record *rec; - struct rw_state ws; - int failed = 1; - ssize_t ret; - size_t i; - - if ((ws.buf = malloc(TLS13_RECORD_MAX_LEN)) == NULL) - errx(1, "malloc"); - - ws.offset = 0; - - if ((rec = tls13_record_new()) == NULL) - errx(1, "tls13_record_new"); - - if ((data = malloc(rst->data_len)) == NULL) - errx(1, "malloc"); - memcpy(data, rst->data, rst->data_len); - - if (!tls13_record_set_data(rec, data, rst->data_len)) { - fprintf(stderr, "FAIL: Test %zu - failed to set record data\n", - test_no); - goto failure; - } - data = NULL; - - for (i = 0; rst->rt[i].rw_len != 0 || rst->rt[i].want_ret != 0; i++) { - ws.eof = rst->rt[i].eof; - ws.len = rst->rt[i].rw_len; - - ret = tls13_record_send(rec, write_cb, &ws); - if (ret != rst->rt[i].want_ret) { - fprintf(stderr, "FAIL: Test %zu/%zu - tls_record_send " - "returned %zi, want %zi\n", test_no, i, ret, - rst->rt[i].want_ret); - goto failure; - } - } - - if (rst->want_data != NULL && - memcmp(ws.buf, rst->want_data, rst->want_len) != 0) { - fprintf(stderr, "FAIL: Test %zu - content mismatch\n", test_no); - fprintf(stderr, "Got record data:\n"); - hexdump(rst->data, rst->data_len); - fprintf(stderr, "Want record data:\n"); - hexdump(rst->want_data, rst->want_len); - goto failure; - } - - failed = 0; - - failure: - tls13_record_free(rec); - free(ws.buf); - - return failed; -} - -static int -test_recv_records(void) -{ - int failed = 0; - size_t i; - - for (i = 0; i < N_RECORD_RECV_TESTS; i++) - failed |= test_record_recv(i, &record_recv_tests[i]); - - return failed; -} - -static int -test_send_records(void) -{ - int failed = 0; - size_t i; - - for (i = 0; i < N_RECORD_SEND_TESTS; i++) - failed |= test_record_send(i, &record_send_tests[i]); - - return failed; -} - -int -main(int argc, char **argv) -{ - int failed = 0; - - failed |= test_recv_records(); - failed |= test_send_records(); - - return failed; -} diff --git a/src/regress/lib/libssl/record_layer/Makefile b/src/regress/lib/libssl/record_layer/Makefile deleted file mode 100644 index 66c48dd769..0000000000 --- a/src/regress/lib/libssl/record_layer/Makefile +++ /dev/null @@ -1,10 +0,0 @@ -# $OpenBSD: Makefile,v 1.1 2020/03/13 16:04:31 jsing Exp $ - -PROG= record_layer_test -LDADD= ${SSL_INT} -lcrypto -DPADD= ${LIBSSL} ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror -CFLAGS+= -I${.CURDIR}/../../../../lib/libssl - -.include diff --git a/src/regress/lib/libssl/record_layer/record_layer_test.c b/src/regress/lib/libssl/record_layer/record_layer_test.c deleted file mode 100644 index 4e75ba4a25..0000000000 --- a/src/regress/lib/libssl/record_layer/record_layer_test.c +++ /dev/null @@ -1,306 +0,0 @@ -/* $OpenBSD: record_layer_test.c,v 1.4 2021/03/29 16:22:02 jsing Exp $ */ -/* - * Copyright (c) 2019, 2020 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include "ssl_locl.h" -#include "tls13_internal.h" -#include "tls13_record.h" - -int tls12_record_layer_inc_seq_num(struct tls12_record_layer *rl, - uint8_t *seq_num); -int tls13_record_layer_inc_seq_num(uint8_t *seq_num); - -static void -hexdump(const unsigned char *buf, size_t len) -{ - size_t i; - - for (i = 1; i <= len; i++) - fprintf(stderr, " 0x%02x,%s", buf[i - 1], i % 8 ? "" : "\n"); - if (len % 8 != 0) - fprintf(stderr, "\n"); -} - -struct seq_num_test { - uint8_t seq_num[TLS13_RECORD_SEQ_NUM_LEN]; - uint8_t want_num[TLS13_RECORD_SEQ_NUM_LEN]; - int want; -}; - -struct seq_num_test seq_num_dtls_tests[] = { - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfe}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xff}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00}, - .want = 1, - }, - { - .seq_num = {0xab, 0xcd, 0xef, 0x00, 0xfe, 0xff, 0xff, 0xff}, - .want_num = {0xab, 0xcd, 0xef, 0x00, 0xff, 0x00, 0x00, 0x00}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want_num = {0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want = 0, - }, - { - .seq_num = {0x01, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want_num = {0x01, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00}, - .want = 1, - }, - { - .seq_num = {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe}, - .want_num = {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want = 1, - }, - { - .seq_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - .want_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, - .want = 1, - }, - { - .seq_num = {0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want_num = {0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want = 0, - }, - { - .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe}, - .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want = 1, - }, - { - .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want = 0, - }, -}; - -#define N_SEQ_NUM_DTLS_TESTS \ - (sizeof(seq_num_dtls_tests) / sizeof(seq_num_dtls_tests[0])) - -struct seq_num_test seq_num_tls_tests[] = { - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfe}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xff}, - .want_num = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00}, - .want = 1, - }, - { - .seq_num = {0xab, 0xcd, 0xef, 0x00, 0xfe, 0xff, 0xff, 0xff}, - .want_num = {0xab, 0xcd, 0xef, 0x00, 0xff, 0x00, 0x00, 0x00}, - .want = 1, - }, - { - .seq_num = {0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want_num = {0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - .want = 1, - }, - { - .seq_num = {0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - .want = 1, - }, - { - .seq_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - .want_num = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}, - .want = 1, - }, - { - .seq_num = {0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want_num = {0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - .want = 1, - }, - { - .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe}, - .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want = 1, - }, - { - .seq_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want_num = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, - .want = 0, - }, -}; - -#define N_SEQ_NUM_TLS_TESTS \ - (sizeof(seq_num_tls_tests) / sizeof(seq_num_tls_tests[0])) - -#ifndef TLS12_RECORD_SEQ_NUM_LEN -#define TLS12_RECORD_SEQ_NUM_LEN 8 -#endif - -static int -do_seq_num_test_tls12(size_t test_no, int dtls, struct seq_num_test *snt) -{ - uint8_t seq_num[TLS12_RECORD_SEQ_NUM_LEN]; - struct tls12_record_layer *rl; - int failed = 1; - int ret; - - if ((rl = tls12_record_layer_new()) == NULL) - errx(1, "tls12_record_layer_new"); - - if (dtls) - tls12_record_layer_set_version(rl, DTLS1_2_VERSION); - - memcpy(seq_num, snt->seq_num, sizeof(seq_num)); - - if ((ret = tls12_record_layer_inc_seq_num(rl, seq_num)) != snt->want) { - fprintf(stderr, "FAIL: Test %zu - got return %i, want %i\n", - test_no, ret, snt->want); - goto failure; - } - - if (memcmp(seq_num, snt->want_num, sizeof(seq_num)) != 0) { - fprintf(stderr, "FAIL: Test %zu - got sequence number:\n", - test_no); - hexdump(seq_num, sizeof(seq_num)); - fprintf(stderr, "want:\n"); - hexdump(snt->want_num, sizeof(snt->want_num)); - goto failure; - } - - failed = 0; - - failure: - tls12_record_layer_free(rl); - - return failed; -} - -static int -test_seq_num_tls12(void) -{ - int failed = 0; - size_t i; - - fprintf(stderr, "Running TLSv1.2 sequence number tests...\n"); - for (i = 0; i < N_SEQ_NUM_TLS_TESTS; i++) - failed |= do_seq_num_test_tls12(i, 0, &seq_num_tls_tests[i]); - - fprintf(stderr, "Running DTLSv1.2 sequence number tests...\n"); - for (i = 0; i < N_SEQ_NUM_DTLS_TESTS; i++) - failed |= do_seq_num_test_tls12(i, 1, &seq_num_dtls_tests[i]); - - return failed; -} - -static int -do_seq_num_test_tls13(size_t test_no, struct seq_num_test *snt) -{ - uint8_t seq_num[TLS13_RECORD_SEQ_NUM_LEN]; - int failed = 1; - int ret; - - memcpy(seq_num, snt->seq_num, sizeof(seq_num)); - - if ((ret = tls13_record_layer_inc_seq_num(seq_num)) != snt->want) { - fprintf(stderr, "FAIL: Test %zu - got return %i, want %i\n", - test_no, ret, snt->want); - goto failure; - } - - if (memcmp(seq_num, snt->want_num, sizeof(seq_num)) != 0) { - fprintf(stderr, "FAIL: Test %zu - got sequence number:\n", - test_no); - hexdump(seq_num, sizeof(seq_num)); - fprintf(stderr, "want:\n"); - hexdump(snt->want_num, sizeof(snt->want_num)); - goto failure; - } - - failed = 0; - - failure: - return failed; -} - -static int -test_seq_num_tls13(void) -{ - int failed = 0; - size_t i; - - fprintf(stderr, "Running TLSv1.3 sequence number tests...\n"); - - for (i = 0; i < N_SEQ_NUM_TLS_TESTS; i++) - failed |= do_seq_num_test_tls13(i, &seq_num_tls_tests[i]); - - return failed; -} - -int -main(int argc, char **argv) -{ - int failed = 0; - - failed |= test_seq_num_tls12(); - failed |= test_seq_num_tls13(); - - return failed; -} diff --git a/src/regress/lib/libssl/server/Makefile b/src/regress/lib/libssl/server/Makefile deleted file mode 100644 index 0621a5f243..0000000000 --- a/src/regress/lib/libssl/server/Makefile +++ /dev/null @@ -1,18 +0,0 @@ -# $OpenBSD: Makefile,v 1.2 2020/05/11 18:18:21 jsing Exp $ - -PROG= servertest -LDADD= ${SSL_INT} -lcrypto -DPADD= ${LIBSSL} ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Werror - -REGRESS_TARGETS= \ - regress-servertest - -regress-servertest: ${PROG} - ./servertest \ - ${.CURDIR}/../../libssl/certs/server.pem \ - ${.CURDIR}/../../libssl/certs/server.pem \ - ${.CURDIR}/../../libssl/certs/ca.pem - -.include diff --git a/src/regress/lib/libssl/server/servertest.c b/src/regress/lib/libssl/server/servertest.c deleted file mode 100644 index a71c5f8c66..0000000000 --- a/src/regress/lib/libssl/server/servertest.c +++ /dev/null @@ -1,209 +0,0 @@ -/* $OpenBSD: servertest.c,v 1.5 2021/01/22 15:56:17 tb Exp $ */ -/* - * Copyright (c) 2015, 2016, 2017 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include -#include -#include - -#include -#include -#include - -const SSL_METHOD *tls_legacy_method(void); - -char *server_ca_file; -char *server_cert_file; -char *server_key_file; - -static unsigned char sslv2_client_hello_tls10[] = { - 0x80, 0x6a, 0x01, 0x03, 0x01, 0x00, 0x51, 0x00, - 0x00, 0x00, 0x10, 0x00, 0x00, 0x39, 0x00, 0x00, - 0x38, 0x00, 0x00, 0x35, 0x00, 0x00, 0x16, 0x00, - 0x00, 0x13, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x33, - 0x00, 0x00, 0x32, 0x00, 0x00, 0x2f, 0x00, 0x00, - 0x07, 0x00, 0x00, 0x66, 0x00, 0x00, 0x05, 0x00, - 0x00, 0x04, 0x00, 0x00, 0x63, 0x00, 0x00, 0x62, - 0x00, 0x00, 0x61, 0x00, 0x00, 0x15, 0x00, 0x00, - 0x12, 0x00, 0x00, 0x09, 0x00, 0x00, 0x65, 0x00, - 0x00, 0x64, 0x00, 0x00, 0x60, 0x00, 0x00, 0x14, - 0x00, 0x00, 0x11, 0x00, 0x00, 0x08, 0x00, 0x00, - 0x06, 0x00, 0x00, 0x03, 0xdd, 0xb6, 0x59, 0x26, - 0x46, 0xe6, 0x79, 0x77, 0xf4, 0xec, 0x42, 0x76, - 0xc8, 0x73, 0xad, 0x9c, -}; - -static unsigned char sslv2_client_hello_tls12[] = { - 0x80, 0xcb, 0x01, 0x03, 0x03, 0x00, 0xa2, 0x00, - 0x00, 0x00, 0x20, 0x00, 0x00, 0xa5, 0x00, 0x00, - 0xa3, 0x00, 0x00, 0xa1, 0x00, 0x00, 0x9f, 0x00, - 0x00, 0x6b, 0x00, 0x00, 0x6a, 0x00, 0x00, 0x69, - 0x00, 0x00, 0x68, 0x00, 0x00, 0x39, 0x00, 0x00, - 0x38, 0x00, 0x00, 0x37, 0x00, 0x00, 0x36, 0x00, - 0x00, 0x88, 0x00, 0x00, 0x87, 0x00, 0x00, 0x86, - 0x00, 0x00, 0x85, 0x00, 0x00, 0x9d, 0x00, 0x00, - 0x3d, 0x00, 0x00, 0x35, 0x00, 0x00, 0x84, 0x00, - 0x00, 0xa4, 0x00, 0x00, 0xa2, 0x00, 0x00, 0xa0, - 0x00, 0x00, 0x9e, 0x00, 0x00, 0x67, 0x00, 0x00, - 0x40, 0x00, 0x00, 0x3f, 0x00, 0x00, 0x3e, 0x00, - 0x00, 0x33, 0x00, 0x00, 0x32, 0x00, 0x00, 0x31, - 0x00, 0x00, 0x30, 0x00, 0x00, 0x9a, 0x00, 0x00, - 0x99, 0x00, 0x00, 0x98, 0x00, 0x00, 0x97, 0x00, - 0x00, 0x45, 0x00, 0x00, 0x44, 0x00, 0x00, 0x43, - 0x00, 0x00, 0x42, 0x00, 0x00, 0x9c, 0x00, 0x00, - 0x3c, 0x00, 0x00, 0x2f, 0x00, 0x00, 0x96, 0x00, - 0x00, 0x41, 0x00, 0x00, 0x07, 0x00, 0x00, 0x05, - 0x00, 0x00, 0x04, 0x00, 0x00, 0x16, 0x00, 0x00, - 0x13, 0x00, 0x00, 0x10, 0x00, 0x00, 0x0d, 0x00, - 0x00, 0x0a, 0x00, 0x00, 0xff, 0x1d, 0xfd, 0x90, - 0x03, 0x61, 0x3c, 0x5a, 0x22, 0x83, 0xed, 0x11, - 0x85, 0xf4, 0xea, 0x36, 0x59, 0xd9, 0x1b, 0x27, - 0x22, 0x01, 0x14, 0x07, 0x66, 0xb2, 0x24, 0xf5, - 0x4e, 0x7d, 0x9d, 0x9c, 0x52, -}; - -struct server_hello_test { - const unsigned char *desc; - unsigned char *client_hello; - const size_t client_hello_len; - const SSL_METHOD *(*ssl_method)(void); - const long ssl_clear_options; - const long ssl_set_options; -}; - -static struct server_hello_test server_hello_tests[] = { - { - .desc = "TLSv1.0 in SSLv2 record", - .client_hello = sslv2_client_hello_tls10, - .client_hello_len = sizeof(sslv2_client_hello_tls10), - .ssl_method = tls_legacy_method, - .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, - .ssl_set_options = 0, - }, - { - .desc = "TLSv1.2 in SSLv2 record", - .client_hello = sslv2_client_hello_tls12, - .client_hello_len = sizeof(sslv2_client_hello_tls12), - .ssl_method = tls_legacy_method, - .ssl_clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, - .ssl_set_options = 0, - }, -}; - -#define N_SERVER_HELLO_TESTS \ - (sizeof(server_hello_tests) / sizeof(*server_hello_tests)) - -static int -server_hello_test(int testno, struct server_hello_test *sht) -{ - BIO *rbio = NULL, *wbio = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int ret = 1; - - fprintf(stderr, "Test %i - %s\n", testno, sht->desc); - - if ((rbio = BIO_new_mem_buf(sht->client_hello, - sht->client_hello_len)) == NULL) { - fprintf(stderr, "Failed to setup rbio\n"); - goto failure; - } - if ((wbio = BIO_new(BIO_s_mem())) == NULL) { - fprintf(stderr, "Failed to setup wbio\n"); - goto failure; - } - - if ((ssl_ctx = SSL_CTX_new(sht->ssl_method())) == NULL) { - fprintf(stderr, "SSL_CTX_new() returned NULL\n"); - goto failure; - } - - if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert_file, - SSL_FILETYPE_PEM) != 1) { - fprintf(stderr, "Failed to load server certificate"); - goto failure; - } - if (SSL_CTX_use_PrivateKey_file(ssl_ctx, server_key_file, - SSL_FILETYPE_PEM) != 1) { - fprintf(stderr, "Failed to load server private key"); - goto failure; - } - - SSL_CTX_set_dh_auto(ssl_ctx, 1); - SSL_CTX_set_ecdh_auto(ssl_ctx, 1); - - SSL_CTX_clear_options(ssl_ctx, sht->ssl_clear_options); - SSL_CTX_set_options(ssl_ctx, sht->ssl_set_options); - - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new() returned NULL\n"); - goto failure; - } - - rbio->references = 2; - wbio->references = 2; - - SSL_set_bio(ssl, rbio, wbio); - - if (SSL_accept(ssl) != 0) { - fprintf(stderr, "SSL_accept() returned non-zero\n"); - ERR_print_errors_fp(stderr); - goto failure; - } - - ret = 0; - - failure: - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - - if (rbio != NULL) - rbio->references = 1; - if (wbio != NULL) - wbio->references = 1; - - BIO_free(rbio); - BIO_free(wbio); - - return (ret); -} - -int -main(int argc, char **argv) -{ - int failed = 0; - size_t i; - - if (argc != 4) { - fprintf(stderr, "usage: %s keyfile certfile cafile\n", - argv[0]); - exit(1); - } - - server_key_file = argv[1]; - server_cert_file = argv[2]; - server_ca_file = argv[3]; - - SSL_library_init(); - SSL_load_error_strings(); - - for (i = 0; i < N_SERVER_HELLO_TESTS; i++) - failed |= server_hello_test(i, &server_hello_tests[i]); - - return (failed); -} diff --git a/src/regress/lib/libssl/ssl/Makefile b/src/regress/lib/libssl/ssl/Makefile deleted file mode 100644 index 581341c310..0000000000 --- a/src/regress/lib/libssl/ssl/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# $OpenBSD: Makefile,v 1.3 2014/07/08 15:53:53 jsing Exp $ - -PROG= ssltest -LDADD= -lcrypto -lssl -DPADD= ${LIBCRYPTO} ${LIBSSL} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Werror - -REGRESS_TARGETS=regress-ssltest - -regress-ssltest: ${PROG} - sh ${.CURDIR}/testssl \ - ${.CURDIR}/../certs/server.pem ${.CURDIR}/../certs/server.pem \ - ${.CURDIR}/../certs/ca.pem - -.include diff --git a/src/regress/lib/libssl/ssl/ssltest.c b/src/regress/lib/libssl/ssl/ssltest.c deleted file mode 100644 index 97caf523ac..0000000000 --- a/src/regress/lib/libssl/ssl/ssltest.c +++ /dev/null @@ -1,1911 +0,0 @@ -/* ssl/ssltest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECC cipher suite support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ -/* ==================================================================== - * Copyright 2005 Nokia. All rights reserved. - * - * The portions of the attached software ("Contribution") is developed by - * Nokia Corporation and is licensed pursuant to the OpenSSL open source - * license. - * - * The Contribution, originally written by Mika Kousa and Pasi Eronen of - * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites - * support (see RFC 4279) to OpenSSL. - * - * No patent licenses or other rights except those expressly stated in - * the OpenSSL open source license shall be deemed granted or received - * expressly, by implication, estoppel, or otherwise. - * - * No assurances are provided by Nokia that the Contribution does not - * infringe the patent or other intellectual property rights of any third - * party or that the license provides you with all the necessary rights - * to make use of the Contribution. - * - * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN - * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA - * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY - * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR - * OTHERWISE. - */ - -#define _BSD_SOURCE 1 /* Or gethostname won't be declared properly - on Linux and GNU platforms. */ -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#ifndef OPENSSL_NO_ENGINE -#include -#endif -#include -#include -#include -#include -#include -#include - -#define TEST_SERVER_CERT "../apps/server.pem" -#define TEST_CLIENT_CERT "../apps/client.pem" - -static int verify_callback(int ok, X509_STORE_CTX *ctx); -static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); -#define APP_CALLBACK_STRING "Test Callback Argument" -struct app_verify_arg { - char *string; - int app_verify; - int allow_proxy_certs; - char *proxy_auth; - char *proxy_cond; -}; - -static DH *get_dh1024(void); -static DH *get_dh1024dsa(void); - -static BIO *bio_err = NULL; -static BIO *bio_stdout = NULL; - -static const char *alpn_client; -static const char *alpn_server; -static const char *alpn_expected; -static unsigned char *alpn_selected; - -/* - * next_protos_parse parses a comma separated list of strings into a string - * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. - * outlen: (output) set to the length of the resulting buffer on success. - * err: (maybe NULL) on failure, an error message line is written to this BIO. - * in: a NUL terminated string like "abc,def,ghi" - * - * returns: a malloced buffer or NULL on failure. - */ -static unsigned char * -next_protos_parse(unsigned short *outlen, const char *in) -{ - size_t i, len, start = 0; - unsigned char *out; - - len = strlen(in); - if (len >= 65535) - return (NULL); - - if ((out = malloc(strlen(in) + 1)) == NULL) - return (NULL); - - for (i = 0; i <= len; ++i) { - if (i == len || in[i] == ',') { - if (i - start > 255) { - free(out); - return (NULL); - } - out[start] = i - start; - start = i + 1; - } else - out[i+1] = in[i]; - } - *outlen = len + 1; - return (out); -} - -static int -cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, - const unsigned char *in, unsigned int inlen, void *arg) -{ - unsigned char *protos; - unsigned short protos_len; - - if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) { - fprintf(stderr, - "failed to parser ALPN server protocol string: %s\n", - alpn_server); - abort(); - } - - if (SSL_select_next_proto((unsigned char **)out, outlen, protos, - protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) { - free(protos); - return (SSL_TLSEXT_ERR_NOACK); - } - - /* - * Make a copy of the selected protocol which will be freed in - * verify_alpn. - */ - if ((alpn_selected = malloc(*outlen)) == NULL) { - fprintf(stderr, "malloc failed\n"); - abort(); - } - memcpy(alpn_selected, *out, *outlen); - *out = alpn_selected; - free(protos); - - return (SSL_TLSEXT_ERR_OK); -} - -static int -verify_alpn(SSL *client, SSL *server) -{ - const unsigned char *client_proto, *server_proto; - unsigned int client_proto_len = 0, server_proto_len = 0; - - SSL_get0_alpn_selected(client, &client_proto, &client_proto_len); - SSL_get0_alpn_selected(server, &server_proto, &server_proto_len); - - free(alpn_selected); - alpn_selected = NULL; - - if (client_proto_len != server_proto_len || - memcmp(client_proto, server_proto, client_proto_len) != 0) { - BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); - goto err; - } - - if (client_proto_len > 0 && alpn_expected == NULL) { - BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n"); - goto err; - } - - if (alpn_expected != NULL && - (client_proto_len != strlen(alpn_expected) || - memcmp(client_proto, alpn_expected, client_proto_len) != 0)) { - BIO_printf(bio_stdout, "ALPN selected protocols not equal to " - "expected protocol: %s\n", alpn_expected); - goto err; - } - - return (0); - -err: - BIO_printf(bio_stdout, "ALPN results: client: '"); - BIO_write(bio_stdout, client_proto, client_proto_len); - BIO_printf(bio_stdout, "', server: '"); - BIO_write(bio_stdout, server_proto, server_proto_len); - BIO_printf(bio_stdout, "'\n"); - BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", - alpn_client, alpn_server); - - return (-1); -} - -static char *cipher = NULL; -static int verbose = 0; -static int debug = 0; - -int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, - clock_t *c_time); -int doit(SSL *s_ssl, SSL *c_ssl, long bytes); - -static void -sv_usage(void) -{ - fprintf(stderr, "usage: ssltest [args ...]\n"); - fprintf(stderr, "\n"); - fprintf(stderr, " -server_auth - check server certificate\n"); - fprintf(stderr, " -client_auth - do client authentication\n"); - fprintf(stderr, " -proxy - allow proxy certificates\n"); - fprintf(stderr, " -proxy_auth - set proxy policy rights\n"); - fprintf(stderr, " -proxy_cond - experssion to test proxy policy rights\n"); - fprintf(stderr, " -v - more output\n"); - fprintf(stderr, " -d - debug output\n"); - fprintf(stderr, " -reuse - use session-id reuse\n"); - fprintf(stderr, " -num - number of connections to perform\n"); - fprintf(stderr, " -bytes - number of bytes to swap between client/server\n"); - fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); - fprintf(stderr, " -no_dhe - disable DHE\n"); - fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); - fprintf(stderr, " -dtls1 - use DTLSv1\n"); - fprintf(stderr, " -tls1 - use TLSv1\n"); - fprintf(stderr, " -tls1_2 - use TLSv1.2\n"); - fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); - fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); - fprintf(stderr, " -cert arg - Server certificate file\n"); - fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n"); - fprintf(stderr, " -c_cert arg - Client certificate file\n"); - fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n"); - fprintf(stderr, " -cipher arg - The cipher list\n"); - fprintf(stderr, " -bio_pair - Use BIO pairs\n"); - fprintf(stderr, " -f - Test even cases that can't work\n"); - fprintf(stderr, " -time - measure processor time used by client and server\n"); - fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ - " Use \"openssl ecparam -list_curves\" for all names\n" \ - " (default is sect163r2).\n"); - fprintf(stderr, " -alpn_client - have client side offer ALPN\n"); - fprintf(stderr, " -alpn_server - have server side offer ALPN\n"); - fprintf(stderr, " -alpn_expected - the ALPN protocol that should be negotiated\n"); -} - -static void -print_details(SSL *c_ssl, const char *prefix) -{ - const SSL_CIPHER *ciph; - X509 *cert; - - ciph = SSL_get_current_cipher(c_ssl); - BIO_printf(bio_stdout, "%s%s, cipher %s %s", - prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph), - SSL_CIPHER_get_name(ciph)); - cert = SSL_get_peer_certificate(c_ssl); - if (cert != NULL) { - EVP_PKEY *pkey = X509_get_pubkey(cert); - if (pkey != NULL) { - if (pkey->type == EVP_PKEY_RSA && - pkey->pkey.rsa != NULL && - pkey->pkey.rsa->n != NULL) { - BIO_printf(bio_stdout, ", %d bit RSA", - BN_num_bits(pkey->pkey.rsa->n)); - } else if (pkey->type == EVP_PKEY_DSA && - pkey->pkey.dsa != NULL && - pkey->pkey.dsa->p != NULL) { - BIO_printf(bio_stdout, ", %d bit DSA", - BN_num_bits(pkey->pkey.dsa->p)); - } - EVP_PKEY_free(pkey); - } - X509_free(cert); - } - /* The SSL API does not allow us to look at temporary RSA/DH keys, - * otherwise we should print their lengths too */ - BIO_printf(bio_stdout, "\n"); -} - -int -main(int argc, char *argv[]) -{ - char *CApath = NULL, *CAfile = NULL; - int badop = 0; - int bio_pair = 0; - int force = 0; - int tls1 = 0, tls1_2 = 0, dtls1 = 0, ret = 1; - int client_auth = 0; - int server_auth = 0, i; - struct app_verify_arg app_verify_arg = - { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; - char *server_cert = TEST_SERVER_CERT; - char *server_key = NULL; - char *client_cert = TEST_CLIENT_CERT; - char *client_key = NULL; - char *named_curve = NULL; - SSL_CTX *s_ctx = NULL; - SSL_CTX *c_ctx = NULL; - const SSL_METHOD *meth = NULL; - SSL *c_ssl, *s_ssl; - int number = 1, reuse = 0; - long bytes = 256L; - DH *dh; - int dhe1024dsa = 0; - EC_KEY *ecdh = NULL; - int no_dhe = 0; - int no_ecdhe = 0; - int print_time = 0; - clock_t s_time = 0, c_time = 0; - - verbose = 0; - debug = 0; - cipher = 0; - - bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); - - bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); - - argc--; - argv++; - - while (argc >= 1) { - if (!strcmp(*argv, "-F")) { - fprintf(stderr, "not compiled with FIPS support, so exiting without running.\n"); - exit(0); - } else if (strcmp(*argv, "-server_auth") == 0) - server_auth = 1; - else if (strcmp(*argv, "-client_auth") == 0) - client_auth = 1; - else if (strcmp(*argv, "-proxy_auth") == 0) { - if (--argc < 1) - goto bad; - app_verify_arg.proxy_auth= *(++argv); - } else if (strcmp(*argv, "-proxy_cond") == 0) { - if (--argc < 1) - goto bad; - app_verify_arg.proxy_cond= *(++argv); - } else if (strcmp(*argv, "-v") == 0) - verbose = 1; - else if (strcmp(*argv, "-d") == 0) - debug = 1; - else if (strcmp(*argv, "-reuse") == 0) - reuse = 1; - else if (strcmp(*argv, "-dhe1024dsa") == 0) { - dhe1024dsa = 1; - } else if (strcmp(*argv, "-no_dhe") == 0) - no_dhe = 1; - else if (strcmp(*argv, "-no_ecdhe") == 0) - no_ecdhe = 1; - else if (strcmp(*argv, "-dtls1") == 0) - dtls1 = 1; - else if (strcmp(*argv, "-tls1") == 0) - tls1 = 1; - else if (strcmp(*argv, "-tls1_2") == 0) - tls1_2 = 1; - else if (strncmp(*argv, "-num", 4) == 0) { - if (--argc < 1) - goto bad; - number = atoi(*(++argv)); - if (number == 0) - number = 1; - } else if (strcmp(*argv, "-bytes") == 0) { - if (--argc < 1) - goto bad; - bytes = atol(*(++argv)); - if (bytes == 0L) - bytes = 1L; - i = strlen(argv[0]); - if (argv[0][i - 1] == 'k') - bytes*=1024L; - if (argv[0][i - 1] == 'm') - bytes*=1024L*1024L; - } else if (strcmp(*argv, "-cert") == 0) { - if (--argc < 1) - goto bad; - server_cert= *(++argv); - } else if (strcmp(*argv, "-s_cert") == 0) { - if (--argc < 1) - goto bad; - server_cert= *(++argv); - } else if (strcmp(*argv, "-key") == 0) { - if (--argc < 1) - goto bad; - server_key= *(++argv); - } else if (strcmp(*argv, "-s_key") == 0) { - if (--argc < 1) - goto bad; - server_key= *(++argv); - } else if (strcmp(*argv, "-c_cert") == 0) { - if (--argc < 1) - goto bad; - client_cert= *(++argv); - } else if (strcmp(*argv, "-c_key") == 0) { - if (--argc < 1) - goto bad; - client_key= *(++argv); - } else if (strcmp(*argv, "-cipher") == 0) { - if (--argc < 1) - goto bad; - cipher= *(++argv); - } else if (strcmp(*argv, "-CApath") == 0) { - if (--argc < 1) - goto bad; - CApath= *(++argv); - } else if (strcmp(*argv, "-CAfile") == 0) { - if (--argc < 1) - goto bad; - CAfile= *(++argv); - } else if (strcmp(*argv, "-bio_pair") == 0) { - bio_pair = 1; - } else if (strcmp(*argv, "-f") == 0) { - force = 1; - } else if (strcmp(*argv, "-time") == 0) { - print_time = 1; - } else if (strcmp(*argv, "-named_curve") == 0) { - if (--argc < 1) - goto bad; - named_curve = *(++argv); - } else if (strcmp(*argv, "-app_verify") == 0) { - app_verify_arg.app_verify = 1; - } else if (strcmp(*argv, "-proxy") == 0) { - app_verify_arg.allow_proxy_certs = 1; - } else if (strcmp(*argv, "-alpn_client") == 0) { - if (--argc < 1) - goto bad; - alpn_client = *(++argv); - } else if (strcmp(*argv, "-alpn_server") == 0) { - if (--argc < 1) - goto bad; - alpn_server = *(++argv); - } else if (strcmp(*argv, "-alpn_expected") == 0) { - if (--argc < 1) - goto bad; - alpn_expected = *(++argv); - } else { - fprintf(stderr, "unknown option %s\n", *argv); - badop = 1; - break; - } - argc--; - argv++; - } - if (badop) { -bad: - sv_usage(); - goto end; - } - - if (!dtls1 && !tls1 && !tls1_2 && number > 1 && !reuse && !force) { - fprintf(stderr, - "This case cannot work. Use -f to perform " - "the test anyway (and\n-d to see what happens), " - "or add one of -dtls1, -tls1, -tls1_2, -reuse\n" - "to avoid protocol mismatch.\n"); - exit(1); - } - - if (print_time) { - if (!bio_pair) { - fprintf(stderr, "Using BIO pair (-bio_pair)\n"); - bio_pair = 1; - } - if (number < 50 && !force) - fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); - } - -/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ - - SSL_library_init(); - SSL_load_error_strings(); - - if (dtls1) - meth = DTLSv1_method(); - else if (tls1) - meth = TLSv1_method(); - else if (tls1_2) - meth = TLSv1_2_method(); - else - meth = TLS_method(); - - c_ctx = SSL_CTX_new(meth); - s_ctx = SSL_CTX_new(meth); - if ((c_ctx == NULL) || (s_ctx == NULL)) { - ERR_print_errors(bio_err); - goto end; - } - - if (cipher != NULL) { - SSL_CTX_set_cipher_list(c_ctx, cipher); - SSL_CTX_set_cipher_list(s_ctx, cipher); - } - - if (!no_dhe) { - if (dhe1024dsa) { - /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ - SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); - dh = get_dh1024dsa(); - } else - dh = get_dh1024(); - SSL_CTX_set_tmp_dh(s_ctx, dh); - DH_free(dh); - } - - if (!no_ecdhe) { - int nid; - - if (named_curve != NULL) { - nid = OBJ_sn2nid(named_curve); - if (nid == 0) { - BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); - goto end; - } - } else - nid = NID_X9_62_prime256v1; - - ecdh = EC_KEY_new_by_curve_name(nid); - if (ecdh == NULL) { - BIO_printf(bio_err, "unable to create curve\n"); - goto end; - } - - SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); - SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); - EC_KEY_free(ecdh); - } - - if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, - SSL_FILETYPE_PEM)) { - ERR_print_errors(bio_err); - } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, - (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) { - ERR_print_errors(bio_err); - goto end; - } - - if (client_auth) { - SSL_CTX_use_certificate_file(c_ctx, client_cert, - SSL_FILETYPE_PEM); - SSL_CTX_use_PrivateKey_file(c_ctx, - (client_key ? client_key : client_cert), - SSL_FILETYPE_PEM); - } - - if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || - (!SSL_CTX_set_default_verify_paths(s_ctx)) || - (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || - (!SSL_CTX_set_default_verify_paths(c_ctx))) { - /* fprintf(stderr,"SSL_load_verify_locations\n"); */ - ERR_print_errors(bio_err); - /* goto end; */ - } - - if (client_auth) { - BIO_printf(bio_err, "client authentication\n"); - SSL_CTX_set_verify(s_ctx, - SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, - verify_callback); - SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, - &app_verify_arg); - } - if (server_auth) { - BIO_printf(bio_err, "server authentication\n"); - SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, - verify_callback); - SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, - &app_verify_arg); - } - - { - int session_id_context = 0; - SSL_CTX_set_session_id_context(s_ctx, - (void *)&session_id_context, sizeof(session_id_context)); - } - - if (alpn_server != NULL) - SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL); - - if (alpn_client != NULL) { - unsigned short alpn_len; - unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client); - - if (alpn == NULL) { - BIO_printf(bio_err, "Error parsing -alpn_client argument\n"); - goto end; - } - SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len); - free(alpn); - } - - c_ssl = SSL_new(c_ctx); - s_ssl = SSL_new(s_ctx); - - for (i = 0; i < number; i++) { - if (!reuse) - SSL_set_session(c_ssl, NULL); - if (bio_pair) - ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, - &c_time); - else - ret = doit(s_ssl, c_ssl, bytes); - } - - if (!verbose) { - print_details(c_ssl, ""); - } - if ((number > 1) || (bytes > 1L)) - BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", - number, bytes); - if (print_time) { -#ifdef CLOCKS_PER_SEC - /* "To determine the time in seconds, the value returned - * by the clock function should be divided by the value - * of the macro CLOCKS_PER_SEC." - * -- ISO/IEC 9899 */ - BIO_printf(bio_stdout, - "Approximate total server time: %6.2f s\n" - "Approximate total client time: %6.2f s\n", - (double)s_time/CLOCKS_PER_SEC, - (double)c_time/CLOCKS_PER_SEC); -#else - /* "`CLOCKS_PER_SEC' undeclared (first use this function)" - * -- cc on NeXTstep/OpenStep */ - BIO_printf(bio_stdout, - "Approximate total server time: %6.2f units\n" - "Approximate total client time: %6.2f units\n", - (double)s_time, - (double)c_time); -#endif - } - - SSL_free(s_ssl); - SSL_free(c_ssl); - -end: - SSL_CTX_free(s_ctx); - SSL_CTX_free(c_ctx); - BIO_free(bio_stdout); - -#ifndef OPENSSL_NO_ENGINE - ENGINE_cleanup(); -#endif - CRYPTO_cleanup_all_ex_data(); - ERR_free_strings(); - ERR_remove_thread_state(NULL); - EVP_cleanup(); - CRYPTO_mem_leaks(bio_err); - BIO_free(bio_err); - - exit(ret); - return ret; -} - -int -doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time, - clock_t *c_time) -{ - long cw_num = count, cr_num = count, sw_num = count, sr_num = count; - BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; - BIO *server = NULL, *server_io = NULL; - BIO *client = NULL, *client_io = NULL; - int ret = 1; - - size_t bufsiz = 256; /* small buffer for testing */ - - if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) - goto err; - if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) - goto err; - - s_ssl_bio = BIO_new(BIO_f_ssl()); - if (!s_ssl_bio) - goto err; - - c_ssl_bio = BIO_new(BIO_f_ssl()); - if (!c_ssl_bio) - goto err; - - SSL_set_connect_state(c_ssl); - SSL_set_bio(c_ssl, client, client); - (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); - - SSL_set_accept_state(s_ssl); - SSL_set_bio(s_ssl, server, server); - (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); - - do { - /* c_ssl_bio: SSL filter BIO - * - * client: pseudo-I/O for SSL library - * - * client_io: client's SSL communication; usually to be - * relayed over some I/O facility, but in this - * test program, we're the server, too: - * - * server_io: server's SSL communication - * - * server: pseudo-I/O for SSL library - * - * s_ssl_bio: SSL filter BIO - * - * The client and the server each employ a "BIO pair": - * client + client_io, server + server_io. - * BIO pairs are symmetric. A BIO pair behaves similar - * to a non-blocking socketpair (but both endpoints must - * be handled by the same thread). - * [Here we could connect client and server to the ends - * of a single BIO pair, but then this code would be less - * suitable as an example for BIO pairs in general.] - * - * Useful functions for querying the state of BIO pair endpoints: - * - * BIO_ctrl_pending(bio) number of bytes we can read now - * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil - * other side's read attempt - * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now - * - * ..._read_request is never more than ..._write_guarantee; - * it depends on the application which one you should use. - */ - - /* We have non-blocking behaviour throughout this test program, but - * can be sure that there is *some* progress in each iteration; so - * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE - * -- we just try everything in each iteration - */ - - { - /* CLIENT */ - - char cbuf[1024*8]; - int i, r; - clock_t c_clock = clock(); - - memset(cbuf, 0, sizeof(cbuf)); - - if (debug) - if (SSL_in_init(c_ssl)) - printf("client waiting in SSL_connect - %s\n", - SSL_state_string_long(c_ssl)); - - if (cw_num > 0) { - /* Write to server. */ - - if (cw_num > (long)sizeof cbuf) - i = sizeof cbuf; - else - i = (int)cw_num; - r = BIO_write(c_ssl_bio, cbuf, i); - if (r < 0) { - if (!BIO_should_retry(c_ssl_bio)) { - fprintf(stderr, "ERROR in CLIENT\n"); - goto err; - } - /* BIO_should_retry(...) can just be ignored here. - * The library expects us to call BIO_write with - * the same arguments again, and that's what we will - * do in the next iteration. */ - } else if (r == 0) { - fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); - goto err; - } else { - if (debug) - printf("client wrote %d\n", r); - cw_num -= r; - - } - } - - if (cr_num > 0) { - /* Read from server. */ - - r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); - if (r < 0) { - if (!BIO_should_retry(c_ssl_bio)) { - fprintf(stderr, "ERROR in CLIENT\n"); - goto err; - } - /* Again, "BIO_should_retry" can be ignored. */ - } else if (r == 0) { - fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); - goto err; - } else { - if (debug) - printf("client read %d\n", r); - cr_num -= r; - } - } - - /* c_time and s_time increments will typically be very small - * (depending on machine speed and clock tick intervals), - * but sampling over a large number of connections should - * result in fairly accurate figures. We cannot guarantee - * a lot, however -- if each connection lasts for exactly - * one clock tick, it will be counted only for the client - * or only for the server or even not at all. - */ - *c_time += (clock() - c_clock); - } - - { - /* SERVER */ - - char sbuf[1024*8]; - int i, r; - clock_t s_clock = clock(); - - memset(sbuf, 0, sizeof(sbuf)); - - if (debug) - if (SSL_in_init(s_ssl)) - printf("server waiting in SSL_accept - %s\n", - SSL_state_string_long(s_ssl)); - - if (sw_num > 0) { - /* Write to client. */ - - if (sw_num > (long)sizeof sbuf) - i = sizeof sbuf; - else - i = (int)sw_num; - r = BIO_write(s_ssl_bio, sbuf, i); - if (r < 0) { - if (!BIO_should_retry(s_ssl_bio)) { - fprintf(stderr, "ERROR in SERVER\n"); - goto err; - } - /* Ignore "BIO_should_retry". */ - } else if (r == 0) { - fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); - goto err; - } else { - if (debug) - printf("server wrote %d\n", r); - sw_num -= r; - - } - } - - if (sr_num > 0) { - /* Read from client. */ - - r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); - if (r < 0) { - if (!BIO_should_retry(s_ssl_bio)) { - fprintf(stderr, "ERROR in SERVER\n"); - goto err; - } - /* blah, blah */ - } else if (r == 0) { - fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); - goto err; - } else { - if (debug) - printf("server read %d\n", r); - sr_num -= r; - } - } - - *s_time += (clock() - s_clock); - } - - { - /* "I/O" BETWEEN CLIENT AND SERVER. */ - - size_t r1, r2; - BIO *io1 = server_io, *io2 = client_io; - /* we use the non-copying interface for io1 - * and the standard BIO_write/BIO_read interface for io2 - */ - - static int prev_progress = 1; - int progress = 0; - - /* io1 to io2 */ - do { - size_t num; - int r; - - r1 = BIO_ctrl_pending(io1); - r2 = BIO_ctrl_get_write_guarantee(io2); - - num = r1; - if (r2 < num) - num = r2; - if (num) { - char *dataptr; - - if (INT_MAX < num) /* yeah, right */ - num = INT_MAX; - - r = BIO_nread(io1, &dataptr, (int)num); - assert(r > 0); - assert(r <= (int)num); - /* possibly r < num (non-contiguous data) */ - num = r; - r = BIO_write(io2, dataptr, (int)num); - if (r != (int)num) /* can't happen */ - { - fprintf(stderr, "ERROR: BIO_write could not write " - "BIO_ctrl_get_write_guarantee() bytes"); - goto err; - } - progress = 1; - - if (debug) - printf((io1 == client_io) ? - "C->S relaying: %d bytes\n" : - "S->C relaying: %d bytes\n", - (int)num); - } - } while (r1 && r2); - - /* io2 to io1 */ - { - size_t num; - int r; - - r1 = BIO_ctrl_pending(io2); - r2 = BIO_ctrl_get_read_request(io1); - /* here we could use ..._get_write_guarantee instead of - * ..._get_read_request, but by using the latter - * we test restartability of the SSL implementation - * more thoroughly */ - num = r1; - if (r2 < num) - num = r2; - if (num) { - char *dataptr; - - if (INT_MAX < num) - num = INT_MAX; - - if (num > 1) - --num; /* test restartability even more thoroughly */ - - r = BIO_nwrite0(io1, &dataptr); - assert(r > 0); - if (r < (int)num) - num = r; - r = BIO_read(io2, dataptr, (int)num); - if (r != (int)num) /* can't happen */ - { - fprintf(stderr, "ERROR: BIO_read could not read " - "BIO_ctrl_pending() bytes"); - goto err; - } - progress = 1; - r = BIO_nwrite(io1, &dataptr, (int)num); - if (r != (int)num) /* can't happen */ - { - fprintf(stderr, "ERROR: BIO_nwrite() did not accept " - "BIO_nwrite0() bytes"); - goto err; - } - - if (debug) - printf((io2 == client_io) ? - "C->S relaying: %d bytes\n" : - "S->C relaying: %d bytes\n", - (int)num); - } - } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */ - - if (!progress && !prev_progress) { - if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { - fprintf(stderr, "ERROR: got stuck\n"); - goto err; - } - } - prev_progress = progress; - } - } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); - - if (verbose) - print_details(c_ssl, "DONE via BIO pair: "); - - if (verify_alpn(c_ssl, s_ssl) < 0) { - ret = 1; - goto err; - } - - ret = 0; - -err: - ERR_print_errors(bio_err); - - BIO_free(server); - BIO_free(server_io); - BIO_free(client); - BIO_free(client_io); - BIO_free(s_ssl_bio); - BIO_free(c_ssl_bio); - - return ret; -} - - -#define W_READ 1 -#define W_WRITE 2 -#define C_DONE 1 -#define S_DONE 2 - -int -doit(SSL *s_ssl, SSL *c_ssl, long count) -{ - char cbuf[1024*8], sbuf[1024*8]; - long cw_num = count, cr_num = count; - long sw_num = count, sr_num = count; - int ret = 1; - BIO *c_to_s = NULL; - BIO *s_to_c = NULL; - BIO *c_bio = NULL; - BIO *s_bio = NULL; - int c_r, c_w, s_r, s_w; - int i, j; - int done = 0; - int c_write, s_write; - int do_server = 0, do_client = 0; - - memset(cbuf, 0, sizeof(cbuf)); - memset(sbuf, 0, sizeof(sbuf)); - - c_to_s = BIO_new(BIO_s_mem()); - s_to_c = BIO_new(BIO_s_mem()); - if ((s_to_c == NULL) || (c_to_s == NULL)) { - ERR_print_errors(bio_err); - goto err; - } - - c_bio = BIO_new(BIO_f_ssl()); - s_bio = BIO_new(BIO_f_ssl()); - if ((c_bio == NULL) || (s_bio == NULL)) { - ERR_print_errors(bio_err); - goto err; - } - - SSL_set_connect_state(c_ssl); - SSL_set_bio(c_ssl, s_to_c, c_to_s); - BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); - - SSL_set_accept_state(s_ssl); - SSL_set_bio(s_ssl, c_to_s, s_to_c); - BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); - - c_r = 0; - s_r = 1; - c_w = 1; - s_w = 0; - c_write = 1, s_write = 0; - - /* We can always do writes */ - for (;;) { - do_server = 0; - do_client = 0; - - i = (int)BIO_pending(s_bio); - if ((i && s_r) || s_w) - do_server = 1; - - i = (int)BIO_pending(c_bio); - if ((i && c_r) || c_w) - do_client = 1; - - if (do_server && debug) { - if (SSL_in_init(s_ssl)) - printf("server waiting in SSL_accept - %s\n", - SSL_state_string_long(s_ssl)); - } - - if (do_client && debug) { - if (SSL_in_init(c_ssl)) - printf("client waiting in SSL_connect - %s\n", - SSL_state_string_long(c_ssl)); - } - - if (!do_client && !do_server) { - fprintf(stdout, "ERROR in STARTUP\n"); - ERR_print_errors(bio_err); - goto err; - } - - if (do_client && !(done & C_DONE)) { - if (c_write) { - j = (cw_num > (long)sizeof(cbuf)) ? - (int)sizeof(cbuf) : (int)cw_num; - i = BIO_write(c_bio, cbuf, j); - if (i < 0) { - c_r = 0; - c_w = 0; - if (BIO_should_retry(c_bio)) { - if (BIO_should_read(c_bio)) - c_r = 1; - if (BIO_should_write(c_bio)) - c_w = 1; - } else { - fprintf(stderr, "ERROR in CLIENT\n"); - ERR_print_errors(bio_err); - goto err; - } - } else if (i == 0) { - fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); - goto err; - } else { - if (debug) - printf("client wrote %d\n", i); - /* ok */ - s_r = 1; - c_write = 0; - cw_num -= i; - } - } else { - i = BIO_read(c_bio, cbuf, sizeof(cbuf)); - if (i < 0) { - c_r = 0; - c_w = 0; - if (BIO_should_retry(c_bio)) { - if (BIO_should_read(c_bio)) - c_r = 1; - if (BIO_should_write(c_bio)) - c_w = 1; - } else { - fprintf(stderr, "ERROR in CLIENT\n"); - ERR_print_errors(bio_err); - goto err; - } - } else if (i == 0) { - fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); - goto err; - } else { - if (debug) - printf("client read %d\n", i); - cr_num -= i; - if (sw_num > 0) { - s_write = 1; - s_w = 1; - } - if (cr_num <= 0) { - s_write = 1; - s_w = 1; - done = S_DONE|C_DONE; - } - } - } - } - - if (do_server && !(done & S_DONE)) { - if (!s_write) { - i = BIO_read(s_bio, sbuf, sizeof(cbuf)); - if (i < 0) { - s_r = 0; - s_w = 0; - if (BIO_should_retry(s_bio)) { - if (BIO_should_read(s_bio)) - s_r = 1; - if (BIO_should_write(s_bio)) - s_w = 1; - } else { - fprintf(stderr, "ERROR in SERVER\n"); - ERR_print_errors(bio_err); - goto err; - } - } else if (i == 0) { - ERR_print_errors(bio_err); - fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n"); - goto err; - } else { - if (debug) - printf("server read %d\n", i); - sr_num -= i; - if (cw_num > 0) { - c_write = 1; - c_w = 1; - } - if (sr_num <= 0) { - s_write = 1; - s_w = 1; - c_write = 0; - } - } - } else { - j = (sw_num > (long)sizeof(sbuf)) ? - (int)sizeof(sbuf) : (int)sw_num; - i = BIO_write(s_bio, sbuf, j); - if (i < 0) { - s_r = 0; - s_w = 0; - if (BIO_should_retry(s_bio)) { - if (BIO_should_read(s_bio)) - s_r = 1; - if (BIO_should_write(s_bio)) - s_w = 1; - } else { - fprintf(stderr, "ERROR in SERVER\n"); - ERR_print_errors(bio_err); - goto err; - } - } else if (i == 0) { - ERR_print_errors(bio_err); - fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n"); - goto err; - } else { - if (debug) - printf("server wrote %d\n", i); - sw_num -= i; - s_write = 0; - c_r = 1; - if (sw_num <= 0) - done |= S_DONE; - } - } - } - - if ((done & S_DONE) && (done & C_DONE)) - break; - } - - if (verbose) - print_details(c_ssl, "DONE: "); - - if (verify_alpn(c_ssl, s_ssl) < 0) { - ret = 1; - goto err; - } - - ret = 0; -err: - /* We have to set the BIO's to NULL otherwise they will be - * free()ed twice. Once when th s_ssl is SSL_free()ed and - * again when c_ssl is SSL_free()ed. - * This is a hack required because s_ssl and c_ssl are sharing the same - * BIO structure and SSL_set_bio() and SSL_free() automatically - * BIO_free non NULL entries. - * You should not normally do this or be required to do this */ - if (s_ssl != NULL) { - s_ssl->rbio = NULL; - s_ssl->wbio = NULL; - } - if (c_ssl != NULL) { - c_ssl->rbio = NULL; - c_ssl->wbio = NULL; - } - - BIO_free(c_to_s); - BIO_free(s_to_c); - BIO_free_all(c_bio); - BIO_free_all(s_bio); - - return (ret); -} - -static int -get_proxy_auth_ex_data_idx(void) -{ - static volatile int idx = -1; - if (idx < 0) { - CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); - if (idx < 0) { - idx = X509_STORE_CTX_get_ex_new_index(0, - "SSLtest for verify callback", NULL, NULL, NULL); - } - CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); - } - return idx; -} - -static int -verify_callback(int ok, X509_STORE_CTX *ctx) -{ - char *s, buf[256]; - - s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, - sizeof buf); - if (s != NULL) { - if (ok) - fprintf(stderr, "depth=%d %s\n", - ctx->error_depth, buf); - else { - fprintf(stderr, "depth=%d error=%d %s\n", - ctx->error_depth, ctx->error, buf); - } - } - - if (ok == 0) { - fprintf(stderr, "Error string: %s\n", - X509_verify_cert_error_string(ctx->error)); - switch (ctx->error) { - case X509_V_ERR_CERT_NOT_YET_VALID: - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: - fprintf(stderr, " ... ignored.\n"); - ok = 1; - } - } - - if (ok == 1) { - X509 *xs = ctx->current_cert; -#if 0 - X509 *xi = ctx->current_issuer; -#endif - - if (xs->ex_flags & EXFLAG_PROXY) { - unsigned int *letters = - X509_STORE_CTX_get_ex_data(ctx, - get_proxy_auth_ex_data_idx()); - - if (letters) { - int found_any = 0; - int i; - PROXY_CERT_INFO_EXTENSION *pci = - X509_get_ext_d2i(xs, NID_proxyCertInfo, - NULL, NULL); - - switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { - case NID_Independent: - /* Completely meaningless in this - program, as there's no way to - grant explicit rights to a - specific PrC. Basically, using - id-ppl-Independent is the perfect - way to grant no rights at all. */ - fprintf(stderr, " Independent proxy certificate"); - for (i = 0; i < 26; i++) - letters[i] = 0; - break; - case NID_id_ppl_inheritAll: - /* This is basically a NOP, we - simply let the current rights - stand as they are. */ - fprintf(stderr, " Proxy certificate inherits all"); - break; - default: - s = (char *) - pci->proxyPolicy->policy->data; - i = pci->proxyPolicy->policy->length; - - /* The algorithm works as follows: - it is assumed that previous - iterations or the initial granted - rights has already set some elements - of `letters'. What we need to do is - to clear those that weren't granted - by the current PrC as well. The - easiest way to do this is to add 1 - to all the elements whose letters - are given with the current policy. - That way, all elements that are set - by the current policy and were - already set by earlier policies and - through the original grant of rights - will get the value 2 or higher. - The last thing to do is to sweep - through `letters' and keep the - elements having the value 2 as set, - and clear all the others. */ - - fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s); - while (i-- > 0) { - int c = *s++; - if (isascii(c) && isalpha(c)) { - if (islower(c)) - c = toupper(c); - letters[c - 'A']++; - } - } - for (i = 0; i < 26; i++) - if (letters[i] < 2) - letters[i] = 0; - else - letters[i] = 1; - } - - found_any = 0; - fprintf(stderr, ", resulting proxy rights = "); - for (i = 0; i < 26; i++) - if (letters[i]) { - fprintf(stderr, "%c", i + 'A'); - found_any = 1; - } - if (!found_any) - fprintf(stderr, "none"); - fprintf(stderr, "\n"); - - PROXY_CERT_INFO_EXTENSION_free(pci); - } - } - } - - return (ok); -} - -static void -process_proxy_debug(int indent, const char *format, ...) -{ - static const char indentation[] = - ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" - ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ - char my_format[256]; - va_list args; - - (void) snprintf(my_format, sizeof(my_format), "%*.*s %s", - indent, indent, indentation, format); - - va_start(args, format); - vfprintf(stderr, my_format, args); - va_end(args); -} -/* Priority levels: - 0 [!]var, () - 1 & ^ - 2 | -*/ -static int process_proxy_cond_adders(unsigned int letters[26], - const char *cond, const char **cond_end, int *pos, int indent); - -static int -process_proxy_cond_val(unsigned int letters[26], const char *cond, - const char **cond_end, int *pos, int indent) -{ - int c; - int ok = 1; - int negate = 0; - - while (isspace((int)*cond)) { - cond++; - (*pos)++; - } - c = *cond; - - if (debug) - process_proxy_debug(indent, - "Start process_proxy_cond_val at position %d: %s\n", - *pos, cond); - - while (c == '!') { - negate = !negate; - cond++; - (*pos)++; - while (isspace((int)*cond)) { - cond++; - (*pos)++; - } - c = *cond; - } - - if (c == '(') { - cond++; - (*pos)++; - ok = process_proxy_cond_adders(letters, cond, cond_end, pos, - indent + 1); - cond = *cond_end; - if (ok < 0) - goto end; - while (isspace((int)*cond)) { - cond++; - (*pos)++; - } - c = *cond; - if (c != ')') { - fprintf(stderr, - "Weird condition character in position %d: " - "%c\n", *pos, c); - ok = -1; - goto end; - } - cond++; - (*pos)++; - } else if (isascii(c) && isalpha(c)) { - if (islower(c)) - c = toupper(c); - ok = letters[c - 'A']; - cond++; - (*pos)++; - } else { - fprintf(stderr, - "Weird condition character in position %d: " - "%c\n", *pos, c); - ok = -1; - goto end; - } -end: - *cond_end = cond; - if (ok >= 0 && negate) - ok = !ok; - - if (debug) - process_proxy_debug(indent, - "End process_proxy_cond_val at position %d: %s, returning %d\n", - *pos, cond, ok); - - return ok; -} - -static int -process_proxy_cond_multipliers(unsigned int letters[26], const char *cond, - const char **cond_end, int *pos, int indent) -{ - int ok; - char c; - - if (debug) - process_proxy_debug(indent, - "Start process_proxy_cond_multipliers at position %d: %s\n", - *pos, cond); - - ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); - cond = *cond_end; - if (ok < 0) - goto end; - - while (ok >= 0) { - while (isspace((int)*cond)) { - cond++; - (*pos)++; - } - c = *cond; - - switch (c) { - case '&': - case '^': - { - int save_ok = ok; - - cond++; - (*pos)++; - ok = process_proxy_cond_val(letters, - cond, cond_end, pos, indent + 1); - cond = *cond_end; - if (ok < 0) - break; - - switch (c) { - case '&': - ok &= save_ok; - break; - case '^': - ok ^= save_ok; - break; - default: - fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" - " STOPPING\n"); - exit(1); - } - } - break; - default: - goto end; - } - } -end: - if (debug) - process_proxy_debug(indent, - "End process_proxy_cond_multipliers at position %d: %s, " - "returning %d\n", - *pos, cond, ok); - - *cond_end = cond; - return ok; -} - -static int -process_proxy_cond_adders(unsigned int letters[26], const char *cond, - const char **cond_end, int *pos, int indent) -{ - int ok; - char c; - - if (debug) - process_proxy_debug(indent, - "Start process_proxy_cond_adders at position %d: %s\n", - *pos, cond); - - ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, - indent + 1); - cond = *cond_end; - if (ok < 0) - goto end; - - while (ok >= 0) { - while (isspace((int)*cond)) { - cond++; - (*pos)++; - } - c = *cond; - - switch (c) { - case '|': - { - int save_ok = ok; - - cond++; - (*pos)++; - ok = process_proxy_cond_multipliers(letters, - cond, cond_end, pos, indent + 1); - cond = *cond_end; - if (ok < 0) - break; - - switch (c) { - case '|': - ok |= save_ok; - break; - default: - fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" - " STOPPING\n"); - exit(1); - } - } - break; - default: - goto end; - } - } -end: - if (debug) - process_proxy_debug(indent, - "End process_proxy_cond_adders at position %d: %s, returning %d\n", - *pos, cond, ok); - - *cond_end = cond; - return ok; -} - -static int -process_proxy_cond(unsigned int letters[26], const char *cond, - const char **cond_end) -{ - int pos = 1; - return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); -} - -static int -app_verify_callback(X509_STORE_CTX *ctx, void *arg) -{ - int ok = 1; - struct app_verify_arg *cb_arg = arg; - unsigned int letters[26]; /* only used with proxy_auth */ - - if (cb_arg->app_verify) { - char *s = NULL, buf[256]; - - fprintf(stderr, "In app_verify_callback, allowing cert. "); - fprintf(stderr, "Arg is: %s\n", cb_arg->string); - fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n", - (void *)ctx, (void *)ctx->cert); - if (ctx->cert) - s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256); - if (s != NULL) { - fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf); - } - return (1); - } - if (cb_arg->proxy_auth) { - int found_any = 0, i; - char *sp; - - for (i = 0; i < 26; i++) - letters[i] = 0; - for (sp = cb_arg->proxy_auth; *sp; sp++) { - int c = *sp; - if (isascii(c) && isalpha(c)) { - if (islower(c)) - c = toupper(c); - letters[c - 'A'] = 1; - } - } - - fprintf(stderr, " Initial proxy rights = "); - for (i = 0; i < 26; i++) - if (letters[i]) { - fprintf(stderr, "%c", i + 'A'); - found_any = 1; - } - if (!found_any) - fprintf(stderr, "none"); - fprintf(stderr, "\n"); - - X509_STORE_CTX_set_ex_data(ctx, - get_proxy_auth_ex_data_idx(), letters); - } - if (cb_arg->allow_proxy_certs) { - X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); - } - - ok = X509_verify_cert(ctx); - - if (cb_arg->proxy_auth) { - if (ok > 0) { - const char *cond_end = NULL; - - ok = process_proxy_cond(letters, - cb_arg->proxy_cond, &cond_end); - - if (ok < 0) - exit(3); - if (*cond_end) { - fprintf(stderr, "Stopped processing condition before it's end.\n"); - ok = 0; - } - if (!ok) - fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n", - cb_arg->proxy_cond); - else - fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n", - cb_arg->proxy_cond); - } - } - return (ok); -} - -/* These DH parameters have been generated as follows: - * $ openssl dhparam -C -noout 1024 - * $ openssl dhparam -C -noout -dsaparam 1024 - * (The second function has been renamed to avoid name conflicts.) - */ -static DH * -get_dh1024() -{ - static unsigned char dh1024_p[] = { - 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A, - 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2, - 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0, - 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2, - 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C, - 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8, - 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52, - 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1, - 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1, - 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB, - 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, - }; - static unsigned char dh1024_g[] = { - 0x02, - }; - DH *dh; - - if ((dh = DH_new()) == NULL) - return (NULL); - dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); - dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); - if ((dh->p == NULL) || (dh->g == NULL)) { - DH_free(dh); - return (NULL); - } - return (dh); -} - -static DH * -get_dh1024dsa() -{ - static unsigned char dh1024_p[] = { - 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00, - 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19, - 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2, - 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55, - 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC, - 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97, - 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D, - 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB, - 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6, - 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E, - 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, - }; - static unsigned char dh1024_g[] = { - 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05, - 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3, - 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9, - 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C, - 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65, - 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60, - 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6, - 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7, - 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1, - 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60, - 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, - }; - DH *dh; - - if ((dh = DH_new()) == NULL) - return (NULL); - dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); - dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); - if ((dh->p == NULL) || (dh->g == NULL)) { - DH_free(dh); - return (NULL); - } - dh->length = 160; - return (dh); -} diff --git a/src/regress/lib/libssl/ssl/testssl b/src/regress/lib/libssl/ssl/testssl deleted file mode 100644 index fe633e8797..0000000000 --- a/src/regress/lib/libssl/ssl/testssl +++ /dev/null @@ -1,152 +0,0 @@ -#!/bin/sh - -key="$1" -cert="$2" -CA="-CAfile $3" -ssltest="${4-./ssltest} -key $key -cert $cert -c_key $key -c_cert $cert" -openssl=${5-openssl} -extra="$6" - -$openssl version || exit 1 - -if $openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then - dsa_cert=YES -else - dsa_cert=NO -fi - -############################################################################# - -echo test sslv2/sslv3 -$ssltest $extra || exit 1 - -echo test sslv2/sslv3 with server authentication -$ssltest -server_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with client authentication -$ssltest -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with both client and server authentication -$ssltest -server_auth -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 via BIO pair -$ssltest $extra || exit 1 - -if [ $dsa_cert = NO ]; then - echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair' - $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1 -fi - -echo test sslv2/sslv3 with 1024bit DHE via BIO pair -$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 - -echo test sslv2/sslv3 with server authentication -$ssltest -bio_pair -server_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with client authentication via BIO pair -$ssltest -bio_pair -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with both client and server authentication via BIO pair -$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify -$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 - -echo "Testing ciphersuites" -for protocol in SSLv3 TLSv1.2; do - echo "Testing ciphersuites for $protocol" - for cipher in `$openssl ciphers -v "$protocol+aRSA" | - awk "/ $protocol / { print \\$1 }"`; do - echo "Testing $cipher" - $ssltest -cipher $cipher -tls1_2 - if [ $? -ne 0 ] ; then - echo "Failed $cipher" - exit 1 - fi - done -done -for protocol in TLSv1.3; do - echo "Testing ciphersuites for $protocol" - for cipher in `$openssl ciphers -v "$protocol" | - awk "/ $protocol / { print \\$1 }"`; do - echo "Testing $cipher" - $ssltest -cipher $cipher - if [ $? -ne 0 ] ; then - echo "Failed $cipher" - exit 1 - fi - done -done - -############################################################################# - -if $openssl no-dh; then - echo skipping anonymous DH tests -else - echo test tls1 with 1024bit anonymous DH, multiple handshakes - $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 -fi - -#if $openssl no-rsa; then -# echo skipping RSA tests -#else -# echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes' -# ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1 -# -# if $openssl no-dh; then -# echo skipping RSA+DHE tests -# else -# echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes -# ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 -# fi -#fi - -# -# DTLS tests -# - -echo test dtlsv1 -$ssltest -dtls1 $extra || exit 1 - -echo test dtlsv1 with server authentication -$ssltest -dtls1 -server_auth $CA $extra || exit 1 - -echo test dtlsv1 with client authentication -$ssltest -dtls1 -client_auth $CA $extra || exit 1 - -echo test dtlsv1 with both client and server authentication -$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1 - -echo "Testing DTLS ciphersuites" -for protocol in SSLv3; do - echo "Testing ciphersuites for $protocol" - for cipher in `$openssl ciphers -v "RSA+$protocol" | - awk "/ $protocol / { print \\$1 }" | - grep -v RC4`; do - echo "Testing $cipher" - $ssltest -cipher $cipher -dtls1 - if [ $? -ne 0 ] ; then - echo "Failed $cipher" - exit 1 - fi - done -done - -# -# ALPN tests -# -echo "Testing ALPN..." -$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server bar || exit 1 -$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server foo \ - -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo \ - -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo \ - -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar \ - -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo \ - -alpn_expected bar || exit 1 -$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo \ - -alpn_expected bar || exit 1 -$ssltest -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo || exit 1 diff --git a/src/regress/lib/libssl/tlsext/Makefile b/src/regress/lib/libssl/tlsext/Makefile deleted file mode 100644 index 48b5bc1e25..0000000000 --- a/src/regress/lib/libssl/tlsext/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -# $OpenBSD: Makefile,v 1.1 2017/07/16 18:18:10 jsing Exp $ - -PROG= tlsexttest -LDADD= ${SSL_INT} -lcrypto -DPADD= ${LIBCRYPTO} ${LIBSSL} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Wundef -Werror -I$(BSDSRCDIR)/lib/libssl - -.include diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c deleted file mode 100644 index 4d7d22de8e..0000000000 --- a/src/regress/lib/libssl/tlsext/tlsexttest.c +++ /dev/null @@ -1,3650 +0,0 @@ -/* $OpenBSD: tlsexttest.c,v 1.49 2021/03/24 21:36:26 tb Exp $ */ -/* - * Copyright (c) 2017 Joel Sing - * Copyright (c) 2017 Doug Hogan - * Copyright (c) 2019 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "ssl_locl.h" - -#include "bytestring.h" -#include "ssl_tlsext.h" - -static void -hexdump(const unsigned char *buf, size_t len) -{ - size_t i; - - for (i = 1; i <= len; i++) - fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n"); - - fprintf(stderr, "\n"); -} - -static void -hexdump2(const uint16_t *buf, size_t len) -{ - size_t i; - - for (i = 1; i <= len / 2; i++) - fprintf(stderr, " 0x%04hx,%s", buf[i - 1], i % 8 ? "" : "\n"); - - fprintf(stderr, "\n"); -} - -static void -compare_data(const uint8_t *recv, size_t recv_len, const uint8_t *expect, - size_t expect_len) -{ - fprintf(stderr, "received:\n"); - hexdump(recv, recv_len); - - fprintf(stderr, "test data:\n"); - hexdump(expect, expect_len); -} - -static void -compare_data2(const uint16_t *recv, size_t recv_len, const uint16_t *expect, - size_t expect_len) -{ - fprintf(stderr, "received:\n"); - hexdump2(recv, recv_len); - - fprintf(stderr, "test data:\n"); - hexdump2(expect, expect_len); -} - -#define FAIL(msg, ...) \ -do { \ - fprintf(stderr, "[%s:%d] FAIL: ", __FILE__, __LINE__); \ - fprintf(stderr, msg, ##__VA_ARGS__); \ -} while(0) - -/* - * Supported Application-Layer Protocol Negotiation - RFC 7301 - * - * There are already extensive unit tests for this so this just - * tests the state info. - */ - -const uint8_t tlsext_alpn_multiple_protos_val[] = { - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, - /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */ - 0x09, /* len */ - 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e -}; - -const uint8_t tlsext_alpn_multiple_protos[] = { - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x13, /* len of all names */ - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, - /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */ - 0x09, /* len */ - 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e -}; - -const uint8_t tlsext_alpn_single_proto_val[] = { - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 -}; - -const uint8_t tlsext_alpn_single_proto_name[] = { - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* 'http/1.1' */ -}; - -const uint8_t tlsext_alpn_single_proto[] = { - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x09, /* len of all names */ - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 -}; - -static int -test_tlsext_alpn_client(void) -{ - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - uint8_t *data = NULL; - CBB cbb; - CBS cbs; - int failure, alert; - size_t dlen; - - CBB_init(&cbb, 0); - - failure = 1; - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - /* By default, we don't need this */ - if (tlsext_alpn_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need ALPN by default\n"); - goto err; - } - - /* - * Prereqs: - * 1) Set s->internal->alpn_client_proto_list - * - Using SSL_set_alpn_protos() - * 2) We have not finished or renegotiated. - * - S3I(s)->tmp.finish_md_len == 0 - */ - if (SSL_set_alpn_protos(ssl, tlsext_alpn_single_proto_val, - sizeof(tlsext_alpn_single_proto_val)) != 0) { - FAIL("should be able to set ALPN to http/1.1\n"); - goto err; - } - if (!tlsext_alpn_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need ALPN by now\n"); - goto err; - } - - /* Make sure we can build the client with a single proto. */ - - if (!tlsext_alpn_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build ALPN\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_alpn_single_proto)) { - FAIL("got client ALPN with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_alpn_single_proto)); - compare_data(data, dlen, tlsext_alpn_single_proto, - sizeof(tlsext_alpn_single_proto)); - goto err; - } - if (memcmp(data, tlsext_alpn_single_proto, dlen) != 0) { - FAIL("client ALPN differs:\n"); - compare_data(data, dlen, tlsext_alpn_single_proto, - sizeof(tlsext_alpn_single_proto)); - goto err; - } - - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - /* Make sure we can parse the single proto. */ - - CBS_init(&cbs, tlsext_alpn_single_proto, - sizeof(tlsext_alpn_single_proto)); - if (!tlsext_alpn_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse ALPN\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (ssl->internal->alpn_client_proto_list_len != - sizeof(tlsext_alpn_single_proto_val)) { - FAIL("got client ALPN with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_alpn_single_proto_val)); - compare_data(ssl->internal->alpn_client_proto_list, - ssl->internal->alpn_client_proto_list_len, - tlsext_alpn_single_proto_val, - sizeof(tlsext_alpn_single_proto_val)); - goto err; - } - if (memcmp(ssl->internal->alpn_client_proto_list, - tlsext_alpn_single_proto_val, - sizeof(tlsext_alpn_single_proto_val)) != 0) { - FAIL("client ALPN differs:\n"); - compare_data(data, dlen, tlsext_alpn_single_proto_val, - sizeof(tlsext_alpn_single_proto_val)); - goto err; - } - - /* Make sure we can build the clienthello with multiple entries. */ - - if (SSL_set_alpn_protos(ssl, tlsext_alpn_multiple_protos_val, - sizeof(tlsext_alpn_multiple_protos_val)) != 0) { - FAIL("should be able to set ALPN to http/1.1\n"); - goto err; - } - if (!tlsext_alpn_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need ALPN by now\n"); - goto err; - } - - if (!tlsext_alpn_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build ALPN\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_alpn_multiple_protos)) { - FAIL("got client ALPN with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_alpn_multiple_protos)); - compare_data(data, dlen, tlsext_alpn_multiple_protos, - sizeof(tlsext_alpn_multiple_protos)); - goto err; - } - if (memcmp(data, tlsext_alpn_multiple_protos, dlen) != 0) { - FAIL("client ALPN differs:\n"); - compare_data(data, dlen, tlsext_alpn_multiple_protos, - sizeof(tlsext_alpn_multiple_protos)); - goto err; - } - - /* Make sure we can parse multiple protos */ - - CBS_init(&cbs, tlsext_alpn_multiple_protos, - sizeof(tlsext_alpn_multiple_protos)); - if (!tlsext_alpn_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse ALPN\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (ssl->internal->alpn_client_proto_list_len != - sizeof(tlsext_alpn_multiple_protos_val)) { - FAIL("got client ALPN with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_alpn_multiple_protos_val)); - compare_data(ssl->internal->alpn_client_proto_list, - ssl->internal->alpn_client_proto_list_len, - tlsext_alpn_multiple_protos_val, - sizeof(tlsext_alpn_multiple_protos_val)); - goto err; - } - if (memcmp(ssl->internal->alpn_client_proto_list, - tlsext_alpn_multiple_protos_val, - sizeof(tlsext_alpn_multiple_protos_val)) != 0) { - FAIL("client ALPN differs:\n"); - compare_data(data, dlen, tlsext_alpn_multiple_protos_val, - sizeof(tlsext_alpn_multiple_protos_val)); - goto err; - } - - /* Make sure we can remove the list and avoid ALPN */ - - free(ssl->internal->alpn_client_proto_list); - ssl->internal->alpn_client_proto_list = NULL; - ssl->internal->alpn_client_proto_list_len = 0; - - if (tlsext_alpn_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need ALPN by default\n"); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -static int -test_tlsext_alpn_server(void) -{ - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - uint8_t *data = NULL; - CBB cbb; - CBS cbs; - int failure, alert; - size_t dlen; - - CBB_init(&cbb, 0); - - failure = 1; - - if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - /* By default, ALPN isn't needed. */ - if (tlsext_alpn_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need ALPN by default\n"); - goto err; - } - - /* - * The server has a single ALPN selection which is set by - * SSL_CTX_set_alpn_select_cb() and calls SSL_select_next_proto(). - * - * This will be a plain name and separate length. - */ - if ((S3I(ssl)->alpn_selected = malloc(sizeof(tlsext_alpn_single_proto_name))) == NULL) { - errx(1, "failed to malloc"); - } - memcpy(S3I(ssl)->alpn_selected, tlsext_alpn_single_proto_name, - sizeof(tlsext_alpn_single_proto_name)); - S3I(ssl)->alpn_selected_len = sizeof(tlsext_alpn_single_proto_name); - - if (!tlsext_alpn_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should need ALPN after a protocol is selected\n"); - goto err; - } - - /* Make sure we can build a server with one protocol */ - - if (!tlsext_alpn_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("server should be able to build a response\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_alpn_single_proto)) { - FAIL("got client ALPN with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_alpn_single_proto)); - compare_data(data, dlen, tlsext_alpn_single_proto, - sizeof(tlsext_alpn_single_proto)); - goto err; - } - if (memcmp(data, tlsext_alpn_single_proto, dlen) != 0) { - FAIL("client ALPN differs:\n"); - compare_data(data, dlen, tlsext_alpn_single_proto, - sizeof(tlsext_alpn_single_proto)); - goto err; - } - - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - /* Make sure we can parse the single proto. */ - - CBS_init(&cbs, tlsext_alpn_single_proto, - sizeof(tlsext_alpn_single_proto)); - - /* Shouldn't be able to parse without requesting */ - if (tlsext_alpn_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("Should only parse server if we requested it\n"); - goto err; - } - - /* Should be able to parse once requested. */ - if (SSL_set_alpn_protos(ssl, tlsext_alpn_single_proto_val, - sizeof(tlsext_alpn_single_proto_val)) != 0) { - FAIL("should be able to set ALPN to http/1.1\n"); - goto err; - } - if (!tlsext_alpn_server_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("Should be able to parse server when we request it\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (S3I(ssl)->alpn_selected_len != - sizeof(tlsext_alpn_single_proto_name)) { - FAIL("got server ALPN with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_alpn_single_proto_name)); - compare_data(S3I(ssl)->alpn_selected, - S3I(ssl)->alpn_selected_len, - tlsext_alpn_single_proto_name, - sizeof(tlsext_alpn_single_proto_name)); - goto err; - } - if (memcmp(S3I(ssl)->alpn_selected, - tlsext_alpn_single_proto_name, - sizeof(tlsext_alpn_single_proto_name)) != 0) { - FAIL("server ALPN differs:\n"); - compare_data(S3I(ssl)->alpn_selected, - S3I(ssl)->alpn_selected_len, - tlsext_alpn_single_proto_name, - sizeof(tlsext_alpn_single_proto_name)); - goto err; - } - - /* - * We should NOT be able to build a server with multiple - * protocol names. However, the existing code did not check for this - * case because it is passed in as an encoded value. - */ - - /* Make sure we can remove the list and avoid ALPN */ - - free(S3I(ssl)->alpn_selected); - S3I(ssl)->alpn_selected = NULL; - S3I(ssl)->alpn_selected_len = 0; - - if (tlsext_alpn_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should need ALPN by default\n"); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); - -} - -/* - * Supported Elliptic Curves - RFC 4492 section 5.1.1. - * - * This extension is only used by the client. - */ - -static uint8_t tlsext_supportedgroups_client_default[] = { - 0x00, 0x08, - 0x00, 0x1d, /* X25519 (29) */ - 0x00, 0x17, /* secp256r1 (23) */ - 0x00, 0x18, /* secp384r1 (24) */ - 0x00, 0x19, /* secp521r1 (25) */ -}; - -static uint16_t tlsext_supportedgroups_client_secp384r1_val[] = { - 0x0018 /* tls1_ec_nid2curve_id(NID_secp384r1) */ -}; -static uint8_t tlsext_supportedgroups_client_secp384r1[] = { - 0x00, 0x02, - 0x00, 0x18 /* secp384r1 (24) */ -}; - -/* Example from RFC 4492 section 5.1.1 */ -static uint16_t tlsext_supportedgroups_client_nistp192and224_val[] = { - 0x0013, /* tls1_ec_nid2curve_id(NID_X9_62_prime192v1) */ - 0x0015 /* tls1_ec_nid2curve_id(NID_secp224r1) */ -}; -static uint8_t tlsext_supportedgroups_client_nistp192and224[] = { - 0x00, 0x04, - 0x00, 0x13, /* secp192r1 aka NIST P-192 */ - 0x00, 0x15 /* secp224r1 aka NIST P-224 */ -}; - -static int -test_tlsext_supportedgroups_client(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - size_t dlen; - int failure, alert; - CBB cbb; - CBS cbs; - - failure = 1; - - if (!CBB_init(&cbb, 0)) - errx(1, "failed to create CBB"); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - /* - * Default ciphers include EC so we need it by default. - */ - if (!tlsext_supportedgroups_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need Ellipticcurves for default " - "ciphers\n"); - goto err; - } - - /* - * Exclude cipher suites so we can test not including it. - */ - if (!SSL_set_cipher_list(ssl, "TLSv1.2:!ECDHE:!ECDSA")) { - FAIL("client should be able to set cipher list\n"); - goto err; - } - if (tlsext_supportedgroups_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need Ellipticcurves\n"); - goto err; - } - - /* - * Use libtls default for the rest of the testing - */ - if (!SSL_set_cipher_list(ssl, "TLSv1.2+AEAD+ECDHE")) { - FAIL("client should be able to set cipher list\n"); - goto err; - } - if (!tlsext_supportedgroups_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need Ellipticcurves\n"); - goto err; - } - - /* - * Test with a session secp384r1. The default is used instead. - */ - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - if ((SSI(ssl)->tlsext_supportedgroups = malloc(sizeof(uint16_t))) - == NULL) { - FAIL("client could not malloc\n"); - goto err; - } - SSI(ssl)->tlsext_supportedgroups[0] = tls1_ec_nid2curve_id(NID_secp384r1); - SSI(ssl)->tlsext_supportedgroups_length = 1; - - if (!tlsext_supportedgroups_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need Ellipticcurves\n"); - goto err; - } - - if (!tlsext_supportedgroups_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build Ellipticcurves\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_supportedgroups_client_default)) { - FAIL("got client Ellipticcurves with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_supportedgroups_client_default)); - compare_data(data, dlen, tlsext_supportedgroups_client_default, - sizeof(tlsext_supportedgroups_client_default)); - goto err; - } - - if (memcmp(data, tlsext_supportedgroups_client_default, dlen) != 0) { - FAIL("client Ellipticcurves differs:\n"); - compare_data(data, dlen, tlsext_supportedgroups_client_default, - sizeof(tlsext_supportedgroups_client_default)); - goto err; - } - - /* - * Test parsing secp384r1 - */ - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - SSL_SESSION_free(ssl->session); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - CBS_init(&cbs, tlsext_supportedgroups_client_secp384r1, - sizeof(tlsext_supportedgroups_client_secp384r1)); - if (!tlsext_supportedgroups_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse client Ellipticcurves\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (SSI(ssl)->tlsext_supportedgroups_length != - sizeof(tlsext_supportedgroups_client_secp384r1_val) / sizeof(uint16_t)) { - FAIL("no tlsext_ellipticcurves from client " - "Ellipticcurves\n"); - goto err; - } - - if (memcmp(SSI(ssl)->tlsext_supportedgroups, - tlsext_supportedgroups_client_secp384r1_val, - sizeof(tlsext_supportedgroups_client_secp384r1_val)) != 0) { - FAIL("client had an incorrect Ellipticcurves " - "entry\n"); - compare_data2(SSI(ssl)->tlsext_supportedgroups, - SSI(ssl)->tlsext_supportedgroups_length * 2, - tlsext_supportedgroups_client_secp384r1_val, - sizeof(tlsext_supportedgroups_client_secp384r1_val)); - goto err; - } - - /* - * Use a custom order. - */ - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - - SSL_SESSION_free(ssl->session); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - if ((ssl->internal->tlsext_supportedgroups = malloc(sizeof(uint16_t) * 2)) == NULL) { - FAIL("client could not malloc\n"); - goto err; - } - ssl->internal->tlsext_supportedgroups[0] = tls1_ec_nid2curve_id(NID_X9_62_prime192v1); - ssl->internal->tlsext_supportedgroups[1] = tls1_ec_nid2curve_id(NID_secp224r1); - ssl->internal->tlsext_supportedgroups_length = 2; - - if (!tlsext_supportedgroups_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need Ellipticcurves\n"); - goto err; - } - - if (!tlsext_supportedgroups_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build Ellipticcurves\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_supportedgroups_client_nistp192and224)) { - FAIL("got client Ellipticcurves with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_supportedgroups_client_nistp192and224)); - fprintf(stderr, "received:\n"); - hexdump(data, dlen); - fprintf(stderr, "test data:\n"); - hexdump(tlsext_supportedgroups_client_nistp192and224, - sizeof(tlsext_supportedgroups_client_nistp192and224)); - goto err; - } - - if (memcmp(data, tlsext_supportedgroups_client_nistp192and224, dlen) != 0) { - FAIL("client Ellipticcurves differs:\n"); - fprintf(stderr, "received:\n"); - hexdump(data, dlen); - fprintf(stderr, "test data:\n"); - hexdump(tlsext_supportedgroups_client_nistp192and224, - sizeof(tlsext_supportedgroups_client_nistp192and224)); - goto err; - } - - /* - * Parse non-default curves to session. - */ - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - SSL_SESSION_free(ssl->session); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - /* Reset back to the default list. */ - free(ssl->internal->tlsext_supportedgroups); - ssl->internal->tlsext_supportedgroups = NULL; - ssl->internal->tlsext_supportedgroups_length = 0; - - CBS_init(&cbs, tlsext_supportedgroups_client_nistp192and224, - sizeof(tlsext_supportedgroups_client_nistp192and224)); - if (!tlsext_supportedgroups_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse client Ellipticcurves\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (SSI(ssl)->tlsext_supportedgroups_length != - sizeof(tlsext_supportedgroups_client_nistp192and224_val) / sizeof(uint16_t)) { - FAIL("no tlsext_ellipticcurves from client Ellipticcurves\n"); - goto err; - } - - if (memcmp(SSI(ssl)->tlsext_supportedgroups, - tlsext_supportedgroups_client_nistp192and224_val, - sizeof(tlsext_supportedgroups_client_nistp192and224_val)) != 0) { - FAIL("client had an incorrect Ellipticcurves entry\n"); - compare_data2(SSI(ssl)->tlsext_supportedgroups, - SSI(ssl)->tlsext_supportedgroups_length * 2, - tlsext_supportedgroups_client_nistp192and224_val, - sizeof(tlsext_supportedgroups_client_nistp192and224_val)); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - - -/* elliptic_curves is only used by the client so this doesn't test much. */ -static int -test_tlsext_supportedgroups_server(void) -{ - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure; - - failure = 1; - - if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - if (tlsext_supportedgroups_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need elliptic_curves\n"); - goto err; - } - - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - if (tlsext_supportedgroups_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need elliptic_curves\n"); - goto err; - } - - failure = 0; - - err: - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - - return (failure); - -} - -/* - * Supported Point Formats - RFC 4492 section 5.1.2. - * - * Examples are from the RFC. Both client and server have the same build and - * parse but the needs differ. - */ - -static uint8_t tlsext_ecpf_hello_uncompressed_val[] = { - TLSEXT_ECPOINTFORMAT_uncompressed -}; -static uint8_t tlsext_ecpf_hello_uncompressed[] = { - 0x01, - 0x00 /* TLSEXT_ECPOINTFORMAT_uncompressed */ -}; - -static uint8_t tlsext_ecpf_hello_prime[] = { - 0x01, - 0x01 /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime */ -}; - -static uint8_t tlsext_ecpf_hello_prefer_order_val[] = { - TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime, - TLSEXT_ECPOINTFORMAT_uncompressed, - TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 -}; -static uint8_t tlsext_ecpf_hello_prefer_order[] = { - 0x03, - 0x01, /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime */ - 0x00, /* TLSEXT_ECPOINTFORMAT_uncompressed */ - 0x02 /* TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 */ -}; - -static int -test_tlsext_ecpf_client(void) -{ - uint8_t *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - size_t dlen; - int failure, alert; - CBB cbb; - CBS cbs; - - failure = 1; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - /* - * Default ciphers include EC so we need it by default. - */ - if (!tlsext_ecpf_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need ECPointFormats for default " - "ciphers\n"); - goto err; - } - - /* - * Exclude EC cipher suites so we can test not including it. - */ - if (!SSL_set_cipher_list(ssl, "ALL:!ECDHE:!ECDH")) { - FAIL("client should be able to set cipher list\n"); - goto err; - } - if (tlsext_ecpf_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need ECPointFormats\n"); - goto err; - } - - /* - * Use libtls default for the rest of the testing - */ - if (!SSL_set_cipher_list(ssl, "TLSv1.2+AEAD+ECDHE")) { - FAIL("client should be able to set cipher list\n"); - goto err; - } - if (!tlsext_ecpf_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need ECPointFormats\n"); - goto err; - } - - /* - * The default ECPointFormats should only have uncompressed - */ - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - if (!tlsext_ecpf_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build ECPointFormats\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_ecpf_hello_uncompressed)) { - FAIL("got client ECPointFormats with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_ecpf_hello_uncompressed)); - compare_data(data, dlen, tlsext_ecpf_hello_uncompressed, - sizeof(tlsext_ecpf_hello_uncompressed)); - goto err; - } - - if (memcmp(data, tlsext_ecpf_hello_uncompressed, dlen) != 0) { - FAIL("client ECPointFormats differs:\n"); - compare_data(data, dlen, tlsext_ecpf_hello_uncompressed, - sizeof(tlsext_ecpf_hello_uncompressed)); - goto err; - } - - /* - * Make sure we can parse the default. - */ - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - SSL_SESSION_free(ssl->session); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - CBS_init(&cbs, tlsext_ecpf_hello_uncompressed, - sizeof(tlsext_ecpf_hello_uncompressed)); - if (!tlsext_ecpf_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse client ECPointFormats\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (SSI(ssl)->tlsext_ecpointformatlist_length != - sizeof(tlsext_ecpf_hello_uncompressed_val)) { - FAIL("no tlsext_ecpointformats from client " - "ECPointFormats\n"); - goto err; - } - - if (memcmp(SSI(ssl)->tlsext_ecpointformatlist, - tlsext_ecpf_hello_uncompressed_val, - sizeof(tlsext_ecpf_hello_uncompressed_val)) != 0) { - FAIL("client had an incorrect ECPointFormats entry\n"); - goto err; - } - - /* - * Test with a custom order. - */ - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - SSL_SESSION_free(ssl->session); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - if ((ssl->internal->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) { - FAIL("client could not malloc\n"); - goto err; - } - ssl->internal->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; - ssl->internal->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed; - ssl->internal->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; - ssl->internal->tlsext_ecpointformatlist_length = 3; - - if (!tlsext_ecpf_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need ECPointFormats with a custom " - "format\n"); - goto err; - } - - if (!tlsext_ecpf_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build ECPointFormats\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_ecpf_hello_prefer_order)) { - FAIL("got client ECPointFormats with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_ecpf_hello_prefer_order)); - compare_data(data, dlen, tlsext_ecpf_hello_prefer_order, - sizeof(tlsext_ecpf_hello_prefer_order)); - goto err; - } - - if (memcmp(data, tlsext_ecpf_hello_prefer_order, dlen) != 0) { - FAIL("client ECPointFormats differs:\n"); - compare_data(data, dlen, tlsext_ecpf_hello_prefer_order, - sizeof(tlsext_ecpf_hello_prefer_order)); - goto err; - } - - /* - * Make sure that we can parse this custom order. - */ - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - SSL_SESSION_free(ssl->session); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - /* Reset the custom list so we go back to the default uncompressed. */ - free(ssl->internal->tlsext_ecpointformatlist); - ssl->internal->tlsext_ecpointformatlist = NULL; - ssl->internal->tlsext_ecpointformatlist_length = 0; - - CBS_init(&cbs, tlsext_ecpf_hello_prefer_order, - sizeof(tlsext_ecpf_hello_prefer_order)); - if (!tlsext_ecpf_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse client ECPointFormats\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (SSI(ssl)->tlsext_ecpointformatlist_length != - sizeof(tlsext_ecpf_hello_prefer_order_val)) { - FAIL("no tlsext_ecpointformats from client " - "ECPointFormats\n"); - goto err; - } - - if (memcmp(SSI(ssl)->tlsext_ecpointformatlist, - tlsext_ecpf_hello_prefer_order_val, - sizeof(tlsext_ecpf_hello_prefer_order_val)) != 0) { - FAIL("client had an incorrect ECPointFormats entry\n"); - goto err; - } - - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -static int -test_tlsext_ecpf_server(void) -{ - uint8_t *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - size_t dlen; - int failure, alert; - CBB cbb; - CBS cbs; - - failure = 1; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - /* Setup the state so we can call needs. */ - if ((S3I(ssl)->hs.cipher = - ssl3_get_cipher_by_id(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305)) - == NULL) { - FAIL("server cannot find cipher\n"); - goto err; - } - if ((SSI(ssl)->tlsext_ecpointformatlist = malloc(sizeof(uint8_t))) - == NULL) { - FAIL("server could not malloc\n"); - goto err; - } - SSI(ssl)->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; - SSI(ssl)->tlsext_ecpointformatlist_length = 1; - - if (!tlsext_ecpf_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should need ECPointFormats now\n"); - goto err; - } - - /* - * The server will ignore the session list and use either a custom - * list or the default (uncompressed). - */ - if (!tlsext_ecpf_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("server failed to build ECPointFormats\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_ecpf_hello_uncompressed)) { - FAIL("got server ECPointFormats with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_ecpf_hello_uncompressed)); - compare_data(data, dlen, tlsext_ecpf_hello_uncompressed, - sizeof(tlsext_ecpf_hello_uncompressed)); - goto err; - } - - if (memcmp(data, tlsext_ecpf_hello_uncompressed, dlen) != 0) { - FAIL("server ECPointFormats differs:\n"); - compare_data(data, dlen, tlsext_ecpf_hello_uncompressed, - sizeof(tlsext_ecpf_hello_uncompressed)); - goto err; - } - - /* - * Cannot parse a non-default list without at least uncompressed. - */ - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - SSL_SESSION_free(ssl->session); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - CBS_init(&cbs, tlsext_ecpf_hello_prime, - sizeof(tlsext_ecpf_hello_prime)); - if (tlsext_ecpf_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("must include uncompressed in server ECPointFormats\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - /* - * Test with a custom order that replaces the default uncompressed. - */ - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - SSL_SESSION_free(ssl->session); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - /* Add a session list even though it will be ignored. */ - if ((SSI(ssl)->tlsext_ecpointformatlist = malloc(sizeof(uint8_t))) - == NULL) { - FAIL("server could not malloc\n"); - goto err; - } - SSI(ssl)->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; - SSI(ssl)->tlsext_ecpointformatlist_length = 1; - - /* Replace the default list with a custom one. */ - if ((ssl->internal->tlsext_ecpointformatlist = malloc(sizeof(uint8_t) * 3)) == NULL) { - FAIL("server could not malloc\n"); - goto err; - } - ssl->internal->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; - ssl->internal->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_uncompressed; - ssl->internal->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; - ssl->internal->tlsext_ecpointformatlist_length = 3; - - if (!tlsext_ecpf_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should need ECPointFormats\n"); - goto err; - } - - if (!tlsext_ecpf_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("server failed to build ECPointFormats\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_ecpf_hello_prefer_order)) { - FAIL("got server ECPointFormats with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_ecpf_hello_prefer_order)); - compare_data(data, dlen, tlsext_ecpf_hello_prefer_order, - sizeof(tlsext_ecpf_hello_prefer_order)); - goto err; - } - - if (memcmp(data, tlsext_ecpf_hello_prefer_order, dlen) != 0) { - FAIL("server ECPointFormats differs:\n"); - compare_data(data, dlen, tlsext_ecpf_hello_prefer_order, - sizeof(tlsext_ecpf_hello_prefer_order)); - goto err; - } - - /* - * Should be able to parse the custom list into a session list. - */ - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - SSL_SESSION_free(ssl->session); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - /* Reset back to the default (uncompressed) */ - free(ssl->internal->tlsext_ecpointformatlist); - ssl->internal->tlsext_ecpointformatlist = NULL; - ssl->internal->tlsext_ecpointformatlist_length = 0; - - CBS_init(&cbs, tlsext_ecpf_hello_prefer_order, - sizeof(tlsext_ecpf_hello_prefer_order)); - if (!tlsext_ecpf_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("failed to parse server ECPointFormats\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (SSI(ssl)->tlsext_ecpointformatlist_length != - sizeof(tlsext_ecpf_hello_prefer_order_val)) { - FAIL("no tlsext_ecpointformats from server " - "ECPointFormats\n"); - goto err; - } - - if (memcmp(SSI(ssl)->tlsext_ecpointformatlist, - tlsext_ecpf_hello_prefer_order_val, - sizeof(tlsext_ecpf_hello_prefer_order_val)) != 0) { - FAIL("server had an incorrect ECPointFormats entry\n"); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -/* - * Renegotiation Indication - RFC 5746. - */ - -static unsigned char tlsext_ri_prev_client[] = { - 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, - 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, -}; - -static unsigned char tlsext_ri_prev_server[] = { - 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, - 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00, -}; - -static unsigned char tlsext_ri_client[] = { - 0x10, - 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, - 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, -}; - -static unsigned char tlsext_ri_server[] = { - 0x20, - 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, - 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, - 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, - 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00, -}; - -static int -test_tlsext_ri_client(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - failure = 1; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLSv1_2_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - if (tlsext_ri_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need RI\n"); - goto err; - } - - if (!SSL_renegotiate(ssl)) { - FAIL("client failed to set renegotiate\n"); - goto err; - } - - if (!tlsext_ri_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need RI\n"); - goto err; - } - - memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client, - sizeof(tlsext_ri_prev_client)); - S3I(ssl)->previous_client_finished_len = sizeof(tlsext_ri_prev_client); - - S3I(ssl)->renegotiate_seen = 0; - - if (!tlsext_ri_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build RI\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_ri_client)) { - FAIL("got client RI with length %zu, " - "want length %zu\n", dlen, sizeof(tlsext_ri_client)); - goto err; - } - - if (memcmp(data, tlsext_ri_client, dlen) != 0) { - FAIL("client RI differs:\n"); - fprintf(stderr, "received:\n"); - hexdump(data, dlen); - fprintf(stderr, "test data:\n"); - hexdump(tlsext_ri_client, sizeof(tlsext_ri_client)); - goto err; - } - - CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client)); - if (!tlsext_ri_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse client RI\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (S3I(ssl)->renegotiate_seen != 1) { - FAIL("renegotiate seen not set\n"); - goto err; - } - if (S3I(ssl)->send_connection_binding != 1) { - FAIL("send connection binding not set\n"); - goto err; - } - - memset(S3I(ssl)->previous_client_finished, 0, - sizeof(S3I(ssl)->previous_client_finished)); - - S3I(ssl)->renegotiate_seen = 0; - - CBS_init(&cbs, tlsext_ri_client, sizeof(tlsext_ri_client)); - if (tlsext_ri_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("parsed invalid client RI\n"); - failure = 1; - goto err; - } - - if (S3I(ssl)->renegotiate_seen == 1) { - FAIL("renegotiate seen set\n"); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -static int -test_tlsext_ri_server(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - failure = 1; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - ssl->version = TLS1_2_VERSION; - if (tlsext_ri_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need RI\n"); - goto err; - } - - S3I(ssl)->send_connection_binding = 1; - - if (!tlsext_ri_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should need RI\n"); - goto err; - } - - memcpy(S3I(ssl)->previous_client_finished, tlsext_ri_prev_client, - sizeof(tlsext_ri_prev_client)); - S3I(ssl)->previous_client_finished_len = sizeof(tlsext_ri_prev_client); - - memcpy(S3I(ssl)->previous_server_finished, tlsext_ri_prev_server, - sizeof(tlsext_ri_prev_server)); - S3I(ssl)->previous_server_finished_len = sizeof(tlsext_ri_prev_server); - - S3I(ssl)->renegotiate_seen = 0; - - if (!tlsext_ri_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("server failed to build RI\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_ri_server)) { - FAIL("got server RI with length %zu, " - "want length %zu\n", dlen, sizeof(tlsext_ri_server)); - goto err; - } - - if (memcmp(data, tlsext_ri_server, dlen) != 0) { - FAIL("server RI differs:\n"); - fprintf(stderr, "received:\n"); - hexdump(data, dlen); - fprintf(stderr, "test data:\n"); - hexdump(tlsext_ri_server, sizeof(tlsext_ri_server)); - goto err; - } - - CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server)); - if (!tlsext_ri_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("failed to parse server RI\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (S3I(ssl)->renegotiate_seen != 1) { - FAIL("renegotiate seen not set\n"); - goto err; - } - if (S3I(ssl)->send_connection_binding != 1) { - FAIL("send connection binding not set\n"); - goto err; - } - - memset(S3I(ssl)->previous_client_finished, 0, - sizeof(S3I(ssl)->previous_client_finished)); - memset(S3I(ssl)->previous_server_finished, 0, - sizeof(S3I(ssl)->previous_server_finished)); - - S3I(ssl)->renegotiate_seen = 0; - - CBS_init(&cbs, tlsext_ri_server, sizeof(tlsext_ri_server)); - if (tlsext_ri_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("parsed invalid server RI\n"); - goto err; - } - - if (S3I(ssl)->renegotiate_seen == 1) { - FAIL("renegotiate seen set\n"); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -/* - * Signature Algorithms - RFC 5246 section 7.4.1.4.1. - */ - -static unsigned char tlsext_sigalgs_client[] = { - 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, - 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, - 0x04, 0x01, 0x04, 0x03, 0x02, 0x01, 0x02, 0x03, -}; - -static int -test_tlsext_sigalgs_client(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure = 0; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - S3I(ssl)->hs.our_max_tls_version = TLS1_1_VERSION; - - if (tlsext_sigalgs_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - fprintf(stderr, "FAIL: client should not need sigalgs\n"); - failure = 1; - goto done; - } - - S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION; - - if (!tlsext_sigalgs_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - fprintf(stderr, "FAIL: client should need sigalgs\n"); - failure = 1; - goto done; - } - - if (!tlsext_sigalgs_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - fprintf(stderr, "FAIL: client failed to build sigalgs\n"); - failure = 1; - goto done; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_sigalgs_client)) { - fprintf(stderr, "FAIL: got client sigalgs with length %zu, " - "want length %zu\n", dlen, sizeof(tlsext_sigalgs_client)); - failure = 1; - goto done; - } - - if (memcmp(data, tlsext_sigalgs_client, dlen) != 0) { - fprintf(stderr, "FAIL: client SNI differs:\n"); - fprintf(stderr, "received:\n"); - hexdump(data, dlen); - fprintf(stderr, "test data:\n"); - hexdump(tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client)); - failure = 1; - goto done; - } - - CBS_init(&cbs, tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client)); - if (!tlsext_sigalgs_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - fprintf(stderr, "FAIL: failed to parse client SNI\n"); - failure = 1; - goto done; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto done; - } - - done: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -#if 0 -static int -test_tlsext_sigalgs_server(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure = 0; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - if (tlsext_sigalgs_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - fprintf(stderr, "FAIL: server should not need sigalgs\n"); - failure = 1; - goto done; - } - - if (tlsext_sigalgs_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - fprintf(stderr, "FAIL: server should not build sigalgs\n"); - failure = 1; - goto done; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - CBS_init(&cbs, tlsext_sigalgs_client, sizeof(tlsext_sigalgs_client)); - if (tlsext_sigalgs_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - fprintf(stderr, "FAIL: server should not parse sigalgs\n"); - failure = 1; - goto done; - } - - done: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} -#endif - -/* - * Server Name Indication - RFC 6066 section 3. - */ - -#define TEST_SNI_SERVERNAME "www.libressl.org" - -static unsigned char tlsext_sni_client[] = { - 0x00, 0x13, 0x00, 0x00, 0x10, 0x77, 0x77, 0x77, - 0x2e, 0x6c, 0x69, 0x62, 0x72, 0x65, 0x73, 0x73, - 0x6c, 0x2e, 0x6f, 0x72, 0x67, -}; - -static unsigned char tlsext_sni_server[] = { -}; - -static int -test_tlsext_sni_client(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - failure = 1; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - if (tlsext_sni_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need SNI\n"); - goto err; - } - - if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) { - FAIL("client failed to set server name\n"); - goto err; - } - - if (!tlsext_sni_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need SNI\n"); - goto err; - } - - if (!tlsext_sni_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build SNI\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_sni_client)) { - FAIL("got client SNI with length %zu, " - "want length %zu\n", dlen, sizeof(tlsext_sni_client)); - goto err; - } - - if (memcmp(data, tlsext_sni_client, dlen) != 0) { - FAIL("client SNI differs:\n"); - fprintf(stderr, "received:\n"); - hexdump(data, dlen); - fprintf(stderr, "test data:\n"); - hexdump(tlsext_sni_client, sizeof(tlsext_sni_client)); - goto err; - } - - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - ssl->internal->hit = 0; - - CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client)); - if (!tlsext_sni_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse client SNI\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (ssl->session->tlsext_hostname == NULL) { - FAIL("no tlsext_hostname from client SNI\n"); - goto err; - } - - if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) || - strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME, - strlen(TEST_SNI_SERVERNAME)) != 0) { - FAIL("got tlsext_hostname `%s', want `%s'\n", - ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME); - goto err; - } - - ssl->internal->hit = 1; - - if ((ssl->session->tlsext_hostname = strdup("notthesame.libressl.org")) == - NULL) - errx(1, "failed to strdup tlsext_hostname"); - - CBS_init(&cbs, tlsext_sni_client, sizeof(tlsext_sni_client)); - if (tlsext_sni_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("parsed client with mismatched SNI\n"); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -static int -test_tlsext_sni_server(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - failure = 1; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - if (tlsext_sni_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need SNI\n"); - goto err; - } - - if (!SSL_set_tlsext_host_name(ssl, TEST_SNI_SERVERNAME)) { - FAIL("client failed to set server name\n"); - goto err; - } - - if ((ssl->session->tlsext_hostname = strdup(TEST_SNI_SERVERNAME)) == - NULL) - errx(1, "failed to strdup tlsext_hostname"); - - if (!tlsext_sni_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should need SNI\n"); - goto err; - } - - if (!tlsext_sni_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("server failed to build SNI\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_sni_server)) { - FAIL("got server SNI with length %zu, " - "want length %zu\n", dlen, sizeof(tlsext_sni_server)); - goto err; - } - - if (memcmp(data, tlsext_sni_server, dlen) != 0) { - FAIL("server SNI differs:\n"); - fprintf(stderr, "received:\n"); - hexdump(data, dlen); - fprintf(stderr, "test data:\n"); - hexdump(tlsext_sni_server, sizeof(tlsext_sni_server)); - goto err; - } - - free(ssl->session->tlsext_hostname); - ssl->session->tlsext_hostname = NULL; - - CBS_init(&cbs, tlsext_sni_server, sizeof(tlsext_sni_server)); - if (!tlsext_sni_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("failed to parse server SNI\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if (ssl->session->tlsext_hostname == NULL) { - FAIL("no tlsext_hostname after server SNI\n"); - goto err; - } - - if (strlen(ssl->session->tlsext_hostname) != strlen(TEST_SNI_SERVERNAME) || - strncmp(ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME, - strlen(TEST_SNI_SERVERNAME)) != 0) { - FAIL("got tlsext_hostname `%s', want `%s'\n", - ssl->session->tlsext_hostname, TEST_SNI_SERVERNAME); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -static unsigned char tls_ocsp_client_default[] = { - 0x01, 0x00, 0x00, 0x00, 0x00 -}; - -static int -test_tlsext_ocsp_client(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - size_t dlen; - int failure; - int alert; - CBB cbb; - CBS cbs; - - failure = 1; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - if (tlsext_ocsp_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need ocsp\n"); - goto err; - } - SSL_set_tlsext_status_type(ssl, TLSEXT_STATUSTYPE_ocsp); - - if (!tlsext_ocsp_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need ocsp\n"); - goto err; - } - if (!tlsext_ocsp_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build SNI\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tls_ocsp_client_default)) { - FAIL("got ocsp client with length %zu, " - "want length %zu\n", dlen, - sizeof(tls_ocsp_client_default)); - goto err; - } - if (memcmp(data, tls_ocsp_client_default, dlen) != 0) { - FAIL("ocsp client differs:\n"); - fprintf(stderr, "received:\n"); - hexdump(data, dlen); - fprintf(stderr, "test data:\n"); - hexdump(tls_ocsp_client_default, - sizeof(tls_ocsp_client_default)); - goto err; - } - CBS_init(&cbs, tls_ocsp_client_default, - sizeof(tls_ocsp_client_default)); - if (!tlsext_ocsp_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse ocsp client\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -static int -test_tlsext_ocsp_server(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - size_t dlen; - int failure; - CBB cbb; - - failure = 1; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - if (tlsext_ocsp_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need ocsp\n"); - goto err; - } - - ssl->internal->tlsext_status_expected = 1; - - if (!tlsext_ocsp_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should need ocsp\n"); - goto err; - } - if (!tlsext_ocsp_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("server failed to build ocsp\n"); - goto err; - } - - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -/* - * Session ticket - RFC 5077 since no known implementations use 4507. - * - * Session tickets can be length 0 (special case) to 2^16-1. - * - * The state is encrypted by the server so it is opaque to the client. - */ -static uint8_t tlsext_sessionticket_hello_min[1]; -static uint8_t tlsext_sessionticket_hello_max[65535]; - -static int -test_tlsext_sessionticket_client(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure; - CBB cbb; - size_t dlen; - uint8_t dummy[1234]; - - failure = 1; - - CBB_init(&cbb, 0); - - /* Create fake session tickets with random data. */ - arc4random_buf(tlsext_sessionticket_hello_min, - sizeof(tlsext_sessionticket_hello_min)); - arc4random_buf(tlsext_sessionticket_hello_max, - sizeof(tlsext_sessionticket_hello_max)); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - /* Should need a ticket by default. */ - if (!tlsext_sessionticket_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need Sessionticket for default " - "ciphers\n"); - goto err; - } - - /* Test disabling tickets. */ - if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) { - FAIL("Cannot disable tickets in the TLS connection\n"); - return 0; - } - if (tlsext_sessionticket_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need SessionTicket if it was disabled\n"); - goto err; - } - - /* Test re-enabling tickets. */ - if ((SSL_clear_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) != 0) { - FAIL("Cannot re-enable tickets in the TLS connection\n"); - return 0; - } - if (!tlsext_sessionticket_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need SessionTicket if it was disabled\n"); - goto err; - } - - /* Since we don't have a session, we should build an empty ticket. */ - if (!tlsext_sessionticket_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("Cannot build a ticket\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("Cannot finish CBB\n"); - goto err; - } - if (dlen != 0) { - FAIL("Expected 0 length but found %zu\n", dlen); - goto err; - } - - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - /* With a new session (but no ticket), we should still have 0 length */ - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - if (!tlsext_sessionticket_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("Should still want a session ticket with a new session\n"); - goto err; - } - if (!tlsext_sessionticket_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("Cannot build a ticket\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("Cannot finish CBB\n"); - goto err; - } - if (dlen != 0) { - FAIL("Expected 0 length but found %zu\n", dlen); - goto err; - } - - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - /* With a new session (and ticket), we should use that ticket */ - SSL_SESSION_free(ssl->session); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - arc4random_buf(&dummy, sizeof(dummy)); - if ((ssl->session->tlsext_tick = malloc(sizeof(dummy))) == NULL) { - errx(1, "failed to malloc"); - } - memcpy(ssl->session->tlsext_tick, dummy, sizeof(dummy)); - ssl->session->tlsext_ticklen = sizeof(dummy); - - if (!tlsext_sessionticket_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("Should still want a session ticket with a new session\n"); - goto err; - } - if (!tlsext_sessionticket_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("Cannot build a ticket\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("Cannot finish CBB\n"); - goto err; - } - if (dlen != sizeof(dummy)) { - FAIL("Expected %zu length but found %zu\n", sizeof(dummy), dlen); - goto err; - } - if (memcmp(data, dummy, dlen) != 0) { - FAIL("server SNI differs:\n"); - compare_data(data, dlen, - dummy, sizeof(dummy)); - goto err; - } - - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - free(ssl->session->tlsext_tick); - ssl->session->tlsext_tick = NULL; - ssl->session->tlsext_ticklen = 0; - - /* - * Send in NULL to disable session tickets at runtime without going - * through SSL_set_options(). - */ - if (!SSL_set_session_ticket_ext(ssl, NULL, 0)) { - FAIL("Could not set a NULL custom ticket\n"); - goto err; - } - /* Should not need a ticket in this case */ - if (tlsext_sessionticket_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("Should not want to use session tickets with a NULL custom\n"); - goto err; - } - - /* - * If you want to remove the tlsext_session_ticket behavior, you have - * to do it manually. - */ - free(ssl->internal->tlsext_session_ticket); - ssl->internal->tlsext_session_ticket = NULL; - - if (!tlsext_sessionticket_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("Should need a session ticket again when the custom one is removed\n"); - goto err; - } - - /* Test a custom session ticket (not recommended in practice) */ - if (!SSL_set_session_ticket_ext(ssl, tlsext_sessionticket_hello_max, - sizeof(tlsext_sessionticket_hello_max))) { - FAIL("Should be able to set a custom ticket\n"); - goto err; - } - if (!tlsext_sessionticket_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("Should need a session ticket again when the custom one is not empty\n"); - goto err; - } - if (!tlsext_sessionticket_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("Cannot build a ticket with a max length random payload\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("Cannot finish CBB\n"); - goto err; - } - if (dlen != sizeof(tlsext_sessionticket_hello_max)) { - FAIL("Expected %zu length but found %zu\n", - sizeof(tlsext_sessionticket_hello_max), dlen); - goto err; - } - if (memcmp(data, tlsext_sessionticket_hello_max, - sizeof(tlsext_sessionticket_hello_max)) != 0) { - FAIL("Expected to get what we passed in\n"); - compare_data(data, dlen, - tlsext_sessionticket_hello_max, - sizeof(tlsext_sessionticket_hello_max)); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - - -static int -test_tlsext_sessionticket_server(void) -{ - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure; - uint8_t *data; - size_t dlen; - CBB cbb; - - CBB_init(&cbb, 0); - - failure = 1; - - if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - /* - * By default, should not need a session ticket since the ticket - * is not yet expected. - */ - if (tlsext_sessionticket_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need SessionTicket by default\n"); - goto err; - } - - /* Test disabling tickets. */ - if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) { - FAIL("Cannot disable tickets in the TLS connection\n"); - return 0; - } - if (tlsext_sessionticket_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need SessionTicket if it was disabled\n"); - goto err; - } - - /* Test re-enabling tickets. */ - if ((SSL_clear_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) != 0) { - FAIL("Cannot re-enable tickets in the TLS connection\n"); - return 0; - } - if (tlsext_sessionticket_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need SessionTicket yet\n"); - goto err; - } - - /* Set expected to require it. */ - ssl->internal->tlsext_ticket_expected = 1; - if (!tlsext_sessionticket_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should now be required for SessionTicket\n"); - goto err; - } - - /* server hello's session ticket should always be 0 length payload. */ - if (!tlsext_sessionticket_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("Cannot build a ticket with a max length random payload\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("Cannot finish CBB\n"); - goto err; - } - if (dlen != 0) { - FAIL("Expected 0 length but found %zu\n", dlen); - goto err; - } - - failure = 0; - - err: - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - - return (failure); -} - -#ifndef OPENSSL_NO_SRTP -/* - * Supported Secure Real-time Transport Protocol (RFC 5764 section 4.1.1) - */ - -/* Colon separated string values */ -const char *tlsext_srtp_single_profile = "SRTP_AES128_CM_SHA1_80"; -const char *tlsext_srtp_multiple_profiles = "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32"; - -const char *tlsext_srtp_aes128cmsha80 = "SRTP_AES128_CM_SHA1_80"; -const char *tlsext_srtp_aes128cmsha32 = "SRTP_AES128_CM_SHA1_32"; - -const uint8_t tlsext_srtp_single[] = { - /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */ - 0x00, 0x02, /* len */ - 0x00, 0x01, /* SRTP_AES128_CM_SHA1_80 */ - 0x00 /* opaque srtp_mki<0..255> */ -}; - -const uint8_t tlsext_srtp_multiple[] = { - /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */ - 0x00, 0x04, /* len */ - 0x00, 0x01, /* SRTP_AES128_CM_SHA1_80 */ - 0x00, 0x02, /* SRTP_AES128_CM_SHA1_32 */ - 0x00 /* opaque srtp_mki<0..255> */ -}; - -const uint8_t tlsext_srtp_multiple_invalid[] = { - /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */ - 0x00, 0x04, /* len */ - 0x00, 0x08, /* arbitrary value not found in known profiles */ - 0x00, 0x09, /* arbitrary value not found in known profiles */ - 0x00 /* opaque srtp_mki<0..255> */ -}; - -const uint8_t tlsext_srtp_single_invalid[] = { - /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */ - 0x00, 0x02, /* len */ - 0x00, 0x08, /* arbitrary value not found in known profiles */ - 0x00 /* opaque srtp_mki<0..255> */ -}; - -const uint8_t tlsext_srtp_multiple_one_valid[] = { - /* SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1> */ - 0x00, 0x04, /* len */ - 0x00, 0x08, /* arbitrary value not found in known profiles */ - 0x00, 0x02, /* SRTP_AES128_CM_SHA1_32 */ - 0x00 /* opaque srtp_mki<0..255> */ -}; - -static int -test_tlsext_srtp_client(void) -{ - SRTP_PROTECTION_PROFILE *prof; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - uint8_t *data = NULL; - CBB cbb; - CBS cbs; - int failure, alert; - size_t dlen; - - CBB_init(&cbb, 0); - - failure = 1; - - /* SRTP is for DTLS */ - if ((ssl_ctx = SSL_CTX_new(DTLSv1_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - /* By default, we don't need this */ - if (tlsext_srtp_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need SRTP by default\n"); - goto err; - } - - if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_single_profile) != 0) { - FAIL("should be able to set a single SRTP\n"); - goto err; - } - if (!tlsext_srtp_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need SRTP\n"); - goto err; - } - - /* Make sure we can build the client with a single profile. */ - - if (!tlsext_srtp_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build SRTP\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_srtp_single)) { - FAIL("got client SRTP with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_srtp_single)); - compare_data(data, dlen, tlsext_srtp_single, - sizeof(tlsext_srtp_single)); - goto err; - } - if (memcmp(data, tlsext_srtp_single, dlen) != 0) { - FAIL("client SRTP differs:\n"); - compare_data(data, dlen, tlsext_srtp_single, - sizeof(tlsext_srtp_single)); - goto err; - } - - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - /* Make sure we can parse the single profile. */ - - if (SSL_get_selected_srtp_profile(ssl) != NULL) { - FAIL("SRTP profile should not be set yet\n"); - goto err; - } - - CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single)); - if (!tlsext_srtp_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse SRTP\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) { - FAIL("SRTP profile should be set now\n"); - goto err; - } - if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) { - FAIL("SRTP profile was not set properly\n"); - goto err; - } - - if (!tlsext_srtp_server_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("should send server extension when profile selected\n"); - goto err; - } - - /* Make sure we can build the clienthello with multiple entries. */ - - if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_multiple_profiles) != 0) { - FAIL("should be able to set SRTP to multiple profiles\n"); - goto err; - } - if (!tlsext_srtp_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need SRTP by now\n"); - goto err; - } - - if (!tlsext_srtp_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client failed to build SRTP\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_srtp_multiple)) { - FAIL("got client SRTP with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_srtp_multiple)); - compare_data(data, dlen, tlsext_srtp_multiple, - sizeof(tlsext_srtp_multiple)); - goto err; - } - if (memcmp(data, tlsext_srtp_multiple, dlen) != 0) { - FAIL("client SRTP differs:\n"); - compare_data(data, dlen, tlsext_srtp_multiple, - sizeof(tlsext_srtp_multiple)); - goto err; - } - - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - /* Make sure we can parse multiple profiles (selects server preferred) */ - - ssl->internal->srtp_profile = NULL; - - CBS_init(&cbs, tlsext_srtp_multiple, - sizeof(tlsext_srtp_multiple)); - if (!tlsext_srtp_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse SRTP\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) { - FAIL("SRTP profile should be set now\n"); - goto err; - } - if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) { - FAIL("SRTP profile was not set properly\n"); - goto err; - } - - if (!tlsext_srtp_server_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("should send server extension when profile selected\n"); - goto err; - } - - /* - * Make sure we can parse the clienthello with multiple entries - * where one is unknown. - */ - ssl->internal->srtp_profile = NULL; - - CBS_init(&cbs, tlsext_srtp_multiple_one_valid, - sizeof(tlsext_srtp_multiple_one_valid)); - if (!tlsext_srtp_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse SRTP\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) { - FAIL("SRTP profile should be set now\n"); - goto err; - } - if (strcmp(prof->name, tlsext_srtp_aes128cmsha32) != 0) { - FAIL("SRTP profile was not set properly\n"); - goto err; - } - - if (!tlsext_srtp_server_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("should send server extension when profile selected\n"); - goto err; - } - - /* Make sure we fall back to negotiated when none work. */ - - ssl->internal->srtp_profile = NULL; - - CBS_init(&cbs, tlsext_srtp_multiple_invalid, - sizeof(tlsext_srtp_multiple_invalid)); - if (!tlsext_srtp_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("should be able to fall back to negotiated\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - /* If we fallback, the server should NOT send the extension. */ - if (SSL_get_selected_srtp_profile(ssl) != NULL) { - FAIL("should not have selected a profile when none found\n"); - goto err; - } - if (tlsext_srtp_server_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("should not send server tlsext when no profile found\n"); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -static int -test_tlsext_srtp_server(void) -{ - const SRTP_PROTECTION_PROFILE *prof; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - uint8_t *data = NULL; - CBB cbb; - CBS cbs; - int failure, alert; - size_t dlen; - - CBB_init(&cbb, 0); - - failure = 1; - - /* SRTP is for DTLS */ - if ((ssl_ctx = SSL_CTX_new(DTLSv1_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - /* By default, we don't need this */ - if (tlsext_srtp_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need SRTP by default\n"); - goto err; - } - - if (srtp_find_profile_by_name(tlsext_srtp_aes128cmsha80, &prof, - strlen(tlsext_srtp_aes128cmsha80))) { - FAIL("should be able to find the given profile\n"); - goto err; - } - ssl->internal->srtp_profile = prof; - if (!tlsext_srtp_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should need SRTP by now\n"); - goto err; - } - - /* Make sure we can build the server with a single profile. */ - - if (!tlsext_srtp_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("server failed to build SRTP\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_srtp_single)) { - FAIL("got server SRTP with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_srtp_single)); - compare_data(data, dlen, tlsext_srtp_single, - sizeof(tlsext_srtp_single)); - goto err; - } - if (memcmp(data, tlsext_srtp_single, dlen) != 0) { - FAIL("server SRTP differs:\n"); - compare_data(data, dlen, tlsext_srtp_single, - sizeof(tlsext_srtp_single)); - goto err; - } - - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - free(data); - data = NULL; - - /* Make sure we can parse the single profile. */ - ssl->internal->srtp_profile = NULL; - - if (SSL_get_selected_srtp_profile(ssl) != NULL) { - FAIL("SRTP profile should not be set yet\n"); - goto err; - } - - /* Setup the environment as if a client sent a list of profiles. */ - if (SSL_set_tlsext_use_srtp(ssl, tlsext_srtp_multiple_profiles) != 0) { - FAIL("should be able to set multiple profiles in SRTP\n"); - goto err; - } - - CBS_init(&cbs, tlsext_srtp_single, sizeof(tlsext_srtp_single)); - if (!tlsext_srtp_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("failed to parse SRTP\n"); - goto err; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - goto err; - } - - if ((prof = SSL_get_selected_srtp_profile(ssl)) == NULL) { - FAIL("SRTP profile should be set now\n"); - goto err; - } - if (strcmp(prof->name, tlsext_srtp_aes128cmsha80) != 0) { - FAIL("SRTP profile was not set properly\n"); - goto err; - } - - /* Make sure we cannot parse multiple profiles */ - ssl->internal->srtp_profile = NULL; - - CBS_init(&cbs, tlsext_srtp_multiple, - sizeof(tlsext_srtp_multiple)); - if (tlsext_srtp_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("should not find multiple entries from the server\n"); - goto err; - } - - /* Make sure we cannot parse a server with unknown profile */ - ssl->internal->srtp_profile = NULL; - - CBS_init(&cbs, tlsext_srtp_single_invalid, - sizeof(tlsext_srtp_single_invalid)); - if (tlsext_srtp_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("should not be able to parse this\n"); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} -#endif /* OPENSSL_NO_SRTP */ - -unsigned char tlsext_clienthello_default[] = { - 0x00, 0x34, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, - 0x00, 0x0a, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x1d, - 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, 0x23, - 0x00, 0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16, - 0x08, 0x06, 0x06, 0x01, 0x06, 0x03, 0x08, 0x05, - 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01, - 0x04, 0x03, 0x02, 0x01, 0x02, 0x03, -}; - -unsigned char tlsext_clienthello_disabled[] = {}; - -static int -test_tlsext_clienthello_build(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - size_t dlen; - int failure; - CBB cbb; - - failure = 1; - - if (!CBB_init(&cbb, 0)) - errx(1, "failed to create CBB"); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - S3I(ssl)->hs.our_min_tls_version = TLS1_VERSION; - S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION; - - if (!tlsext_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("failed to build clienthello extensions\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_clienthello_default)) { - FAIL("got clienthello extensions with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_clienthello_default)); - compare_data(data, dlen, tlsext_clienthello_default, - sizeof(tlsext_clienthello_default)); - goto err; - } - if (memcmp(data, tlsext_clienthello_default, dlen) != 0) { - FAIL("clienthello extensions differs:\n"); - compare_data(data, dlen, tlsext_clienthello_default, - sizeof(tlsext_clienthello_default)); - goto err; - } - - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - - /* Switch to TLSv1.1, disable EC ciphers and session tickets. */ - S3I(ssl)->hs.our_max_tls_version = TLS1_1_VERSION; - if (!SSL_set_cipher_list(ssl, "TLSv1.2:!ECDHE:!ECDSA")) { - FAIL("failed to set cipher list\n"); - goto err; - } - if ((SSL_set_options(ssl, SSL_OP_NO_TICKET) & SSL_OP_NO_TICKET) == 0) { - FAIL("failed to disable session tickets\n"); - return 0; - } - - if (!tlsext_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("failed to build clienthello extensions\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_clienthello_disabled)) { - FAIL("got clienthello extensions with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_clienthello_disabled)); - compare_data(data, dlen, tlsext_clienthello_disabled, - sizeof(tlsext_clienthello_disabled)); - goto err; - } - if (memcmp(data, tlsext_clienthello_disabled, dlen) != 0) { - FAIL("clienthello extensions differs:\n"); - compare_data(data, dlen, tlsext_clienthello_disabled, - sizeof(tlsext_clienthello_disabled)); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -unsigned char tlsext_serverhello_default[] = { - 0x00, 0x06, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, -}; - -unsigned char tlsext_serverhello_enabled[] = { - 0x00, 0x10, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, - 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, - 0x00, 0x00, -}; - -static int -test_tlsext_serverhello_build(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - size_t dlen; - int failure; - CBB cbb; - - failure = 1; - - if (!CBB_init(&cbb, 0)) - errx(1, "failed to create CBB"); - - if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - if ((ssl->session = SSL_SESSION_new()) == NULL) - errx(1, "failed to create session"); - - S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION; - S3I(ssl)->hs.negotiated_tls_version = TLS1_3_VERSION; - S3I(ssl)->hs.cipher = - ssl3_get_cipher_by_id(TLS1_CK_RSA_WITH_AES_128_SHA256); - - if (!tlsext_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("failed to build serverhello extensions\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_serverhello_default)) { - FAIL("got serverhello extensions with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_serverhello_default)); - compare_data(data, dlen, tlsext_serverhello_default, - sizeof(tlsext_serverhello_default)); - goto err; - } - if (memcmp(data, tlsext_serverhello_default, dlen) != 0) { - FAIL("serverhello extensions differs:\n"); - compare_data(data, dlen, tlsext_serverhello_default, - sizeof(tlsext_serverhello_default)); - goto err; - } - - CBB_cleanup(&cbb); - CBB_init(&cbb, 0); - - /* Turn a few things on so we get extensions... */ - S3I(ssl)->send_connection_binding = 1; - S3I(ssl)->hs.cipher = - ssl3_get_cipher_by_id(TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256); - ssl->internal->tlsext_status_expected = 1; - ssl->internal->tlsext_ticket_expected = 1; - if ((SSI(ssl)->tlsext_ecpointformatlist = malloc(1)) == NULL) - errx(1, "malloc failed"); - SSI(ssl)->tlsext_ecpointformatlist_length = 1; - SSI(ssl)->tlsext_ecpointformatlist[0] = - TLSEXT_ECPOINTFORMAT_uncompressed; - - if (!tlsext_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("failed to build serverhello extensions\n"); - goto err; - } - if (!CBB_finish(&cbb, &data, &dlen)) - errx(1, "failed to finish CBB"); - - if (dlen != sizeof(tlsext_serverhello_enabled)) { - FAIL("got serverhello extensions with length %zu, " - "want length %zu\n", dlen, - sizeof(tlsext_serverhello_enabled)); - compare_data(data, dlen, tlsext_serverhello_enabled, - sizeof(tlsext_serverhello_enabled)); - goto err; - } - if (memcmp(data, tlsext_serverhello_enabled, dlen) != 0) { - FAIL("serverhello extensions differs:\n"); - compare_data(data, dlen, tlsext_serverhello_enabled, - sizeof(tlsext_serverhello_enabled)); - goto err; - } - - failure = 0; - - err: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -const unsigned char tlsext_versions_client[] = { - 0x08, 0x03, 0x04, 0x03, 0x03, 0x03, - 0x02, 0x03, 0x01, -}; - -const unsigned char tlsext_versions_server[] = { - 0x03, 0x04, -}; - -static int -test_tlsext_versions_client(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure = 0; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - S3I(ssl)->hs.our_max_tls_version = TLS1_1_VERSION; - - if (tlsext_versions_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need versions\n"); - failure = 1; - goto done; - } - - S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION; - - if (tlsext_versions_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need versions\n"); - failure = 1; - goto done; - } - - S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION; - - if (!tlsext_versions_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need versions\n"); - failure = 1; - goto done; - } - - S3I(ssl)->hs.our_min_tls_version = TLS1_VERSION; - S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION; - - if (!tlsext_versions_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client should have built versions\n"); - failure = 1; - goto done; - } - - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("failed to finish CBB\n"); - failure = 1; - goto done; - } - - if (dlen != sizeof(tlsext_versions_client)) { - FAIL("got versions with length %zu, " - "want length %zu\n", dlen, sizeof(tlsext_versions_client)); - failure = 1; - goto done; - } - - CBS_init(&cbs, data, dlen); - if (!tlsext_versions_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse client versions\n"); - failure = 1; - goto done; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - failure = 1; - goto done; - } - done: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - - -static int -test_tlsext_versions_server(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure = 0; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - S3I(ssl)->hs.negotiated_tls_version = TLS1_2_VERSION; - - if (tlsext_versions_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need versions\n"); - failure = 1; - goto done; - } - - S3I(ssl)->hs.negotiated_tls_version = TLS1_3_VERSION; - - if (!tlsext_versions_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should need versions\n"); - failure = 1; - goto done; - } - - if (!tlsext_versions_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("server should have built versions\n"); - failure = 1; - goto done; - } - - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("failed to finish CBB\n"); - failure = 1; - goto done; - } - - if (dlen != sizeof(tlsext_versions_server)) { - FAIL("got versions with length %zu, " - "want length %zu\n", dlen, sizeof(tlsext_versions_server)); - failure = 1; - goto done; - } - - CBS_init(&cbs, data, dlen); - if (!tlsext_versions_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("failed to parse client versions\n"); - failure = 1; - goto done; - } - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - failure = 1; - goto done; - } - done: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -const unsigned char tlsext_keyshare_client[] = { - 0x00, 0x24, 0x00, 0x1d, 0x00, 0x20, 0xba, 0x83, - 0x2e, 0x4a, 0x18, 0xbe, 0x96, 0xd2, 0x71, 0x70, - 0x18, 0x04, 0xf9, 0x9d, 0x76, 0x98, 0xef, 0xe8, - 0x4f, 0x8b, 0x85, 0x41, 0xa4, 0xd9, 0x61, 0x57, - 0xad, 0x5b, 0xa4, 0xe9, 0x8b, 0x6b, -}; - -const unsigned char tlsext_keyshare_server[] = { - 0x00, 0x1d, 0x00, 0x20, 0xe5, 0xe8, 0x5a, 0xb9, - 0x7e, 0x12, 0x62, 0xe3, 0xd8, 0x7f, 0x6e, 0x3c, - 0xec, 0xa6, 0x8b, 0x99, 0x45, 0x77, 0x8e, 0x11, - 0xb3, 0xb9, 0x12, 0xb6, 0xbe, 0x35, 0xca, 0x51, - 0x76, 0x1e, 0xe8, 0x22 -}; - -static int -test_tlsext_keyshare_client(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure = 0; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - if ((S3I(ssl)->hs.tls13.key_share = - tls13_key_share_new_nid(NID_X25519)) == NULL) - errx(1, "failed to create key share"); - if (!tls13_key_share_generate(S3I(ssl)->hs.tls13.key_share)) - errx(1, "failed to generate key share"); - - S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION; - if (tlsext_keyshare_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need keyshare\n"); - failure = 1; - goto done; - } - - S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION; - if (!tlsext_keyshare_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need keyshare\n"); - failure = 1; - goto done; - } - - S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION; - if (!tlsext_keyshare_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client should have built keyshare\n"); - failure = 1; - goto done; - } - - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("failed to finish CBB\n"); - failure = 1; - goto done; - } - - if (dlen != sizeof(tlsext_keyshare_client)) { - FAIL("got client keyshare with length %zu, " - "want length %zu\n", dlen, (size_t) sizeof(tlsext_keyshare_client)); - failure = 1; - goto done; - } - - (ssl)->version = TLS1_3_VERSION; - CBS_init(&cbs, data, dlen); - - if (!tlsext_keyshare_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse client keyshare\n"); - failure = 1; - goto done; - } - - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - failure = 1; - goto done; - } - - - done: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -static int -test_tlsext_keyshare_server(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure = 0; - size_t dlen, idx; - int alert; - CBB cbb; - CBS cbs; - uint8_t bogokey[] = { - 0xe5, 0xe8, 0x5a, 0xb9, 0x7e, 0x12, 0x62, 0xe3, - 0xd8, 0x7f, 0x6e, 0x3c, 0xec, 0xa6, 0x8b, 0x99, - 0x45, 0x77, 0x8e, 0x11, 0xb3, 0xb9, 0x12, 0xb6, - 0xbe, 0x35, 0xca, 0x51, 0x76, 0x1e, 0xe8, 0x22, - }; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - S3I(ssl)->hs.negotiated_tls_version = TLS1_2_VERSION; - if (tlsext_keyshare_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need keyshare\n"); - failure = 1; - goto done; - } - - S3I(ssl)->hs.negotiated_tls_version = TLS1_3_VERSION; - if (tlsext_keyshare_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("client should not need keyshare\n"); - failure = 1; - goto done; - } - - if (tls_extension_find(TLSEXT_TYPE_key_share, &idx) == NULL) { - FAIL("failed to find keyshare extension\n"); - failure = 1; - goto done; - } - S3I(ssl)->hs.extensions_seen |= (1 << idx); - - if (!tlsext_keyshare_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should need keyshare\n"); - failure = 1; - goto done; - } - - if (tlsext_keyshare_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("server should not have built a keyshare response\n"); - failure = 1; - goto done; - } - - if ((S3I(ssl)->hs.tls13.key_share = - tls13_key_share_new_nid(NID_X25519)) == NULL) - errx(1, "failed to create key share"); - if (!tls13_key_share_generate(S3I(ssl)->hs.tls13.key_share)) - errx(1, "failed to generate key share"); - - CBS_init(&cbs, bogokey, sizeof(bogokey)); - if (!tls13_key_share_peer_public(S3I(ssl)->hs.tls13.key_share, - 0x001d, &cbs)) { - FAIL("failed to load peer public key\n"); - failure = 1; - goto done; - } - - if (!tlsext_keyshare_server_build(ssl, SSL_TLSEXT_MSG_SH, &cbb)) { - FAIL("server should be able to build a keyshare response\n"); - failure = 1; - goto done; - } - - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("failed to finish CBB\n"); - failure = 1; - goto done; - } - - if (dlen != sizeof(tlsext_keyshare_server)) { - FAIL("got server keyshare with length %zu, " - "want length %zu\n", dlen, sizeof(tlsext_keyshare_server)); - failure = 1; - goto done; - } - - if ((S3I(ssl)->hs.tls13.key_share = - tls13_key_share_new_nid(NID_X25519)) == NULL) - errx(1, "failed to create key share"); - if (!tls13_key_share_generate(S3I(ssl)->hs.tls13.key_share)) - errx(1, "failed to generate key share"); - - CBS_init(&cbs, data, dlen); - - if (!tlsext_keyshare_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("failed to parse server keyshare\n"); - failure = 1; - goto done; - } - - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - failure = 1; - goto done; - } - -done: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -/* One day I hope to be the only Muppet in this codebase */ -const uint8_t cookie[] = "\n" - " (o)(o) \n" - " m' 'm \n" - " M -****- M \n" - " 'm m' \n" - " m''''''''''m \n" - " M M BB \n"; - -static int -test_tlsext_cookie_client(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure = 0; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION; - if (tlsext_cookie_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need cookie\n"); - failure = 1; - goto done; - } - - - S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION; - if (tlsext_cookie_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should not need cookie\n"); - failure = 1; - goto done; - } - - /* Normally would be set by receiving a server cookie in an HRR */ - S3I(ssl)->hs.tls13.cookie = strdup(cookie); - S3I(ssl)->hs.tls13.cookie_len = strlen(cookie); - - if (!tlsext_cookie_client_needs(ssl, SSL_TLSEXT_MSG_CH)) { - FAIL("client should need cookie\n"); - failure = 1; - goto done; - } - - if (!tlsext_cookie_client_build(ssl, SSL_TLSEXT_MSG_CH, &cbb)) { - FAIL("client should have built a cookie response\n"); - failure = 1; - goto done; - } - - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("failed to finish CBB\n"); - failure = 1; - goto done; - } - - if (dlen != strlen(cookie) + sizeof(uint16_t)) { - FAIL("got cookie with length %zu, " - "want length %zu\n", dlen, strlen(cookie) + - sizeof(uint16_t)); - failure = 1; - goto done; - } - - CBS_init(&cbs, data, dlen); - - /* Checks cookie against what's in the hs.tls13 */ - if (!tlsext_cookie_server_parse(ssl, SSL_TLSEXT_MSG_CH, &cbs, &alert)) { - FAIL("failed to parse client cookie\n"); - failure = 1; - goto done; - } - - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - failure = 1; - goto done; - } - - done: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -static int -test_tlsext_cookie_server(void) -{ - unsigned char *data = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure = 0; - size_t dlen; - int alert; - CBB cbb; - CBS cbs; - - CBB_init(&cbb, 0); - - if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) - errx(1, "failed to create SSL_CTX"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL"); - - S3I(ssl)->hs.our_max_tls_version = TLS1_2_VERSION; - if (tlsext_cookie_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need cookie\n"); - failure = 1; - goto done; - } - - S3I(ssl)->hs.our_max_tls_version = TLS1_3_VERSION; - if (tlsext_cookie_server_needs(ssl, SSL_TLSEXT_MSG_SH)) { - FAIL("server should not need cookie\n"); - failure = 1; - goto done; - } - - /* Normally would be set by server before sending HRR */ - S3I(ssl)->hs.tls13.cookie = strdup(cookie); - S3I(ssl)->hs.tls13.cookie_len = strlen(cookie); - - if (!tlsext_cookie_server_needs(ssl, SSL_TLSEXT_MSG_HRR)) { - FAIL("server should need cookie\n"); - failure = 1; - goto done; - } - - if (!tlsext_cookie_server_build(ssl, SSL_TLSEXT_MSG_HRR, &cbb)) { - FAIL("server should have built a cookie response\n"); - failure = 1; - goto done; - } - - if (!CBB_finish(&cbb, &data, &dlen)) { - FAIL("failed to finish CBB\n"); - failure = 1; - goto done; - } - - if (dlen != strlen(cookie) + sizeof(uint16_t)) { - FAIL("got cookie with length %zu, " - "want length %zu\n", dlen, strlen(cookie) + - sizeof(uint16_t)); - failure = 1; - goto done; - } - - CBS_init(&cbs, data, dlen); - - if (tlsext_cookie_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("client should not have parsed server cookie\n"); - failure = 1; - goto done; - } - - freezero(S3I(ssl)->hs.tls13.cookie, S3I(ssl)->hs.tls13.cookie_len); - S3I(ssl)->hs.tls13.cookie = NULL; - S3I(ssl)->hs.tls13.cookie_len = 0; - - if (!tlsext_cookie_client_parse(ssl, SSL_TLSEXT_MSG_SH, &cbs, &alert)) { - FAIL("failed to parse server cookie\n"); - failure = 1; - goto done; - } - - if (memcmp(cookie, S3I(ssl)->hs.tls13.cookie, - S3I(ssl)->hs.tls13.cookie_len) != 0) { - FAIL("parsed server cookie does not match sent cookie\n"); - failure = 1; - goto done; - } - - if (CBS_len(&cbs) != 0) { - FAIL("extension data remaining\n"); - failure = 1; - goto done; - } - -done: - CBB_cleanup(&cbb); - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - free(data); - - return (failure); -} - -unsigned char *valid_hostnames[] = { - "openbsd.org", - "op3nbsd.org", - "org", - "3openbsd.com", - "3-0penb-d.c-m", - "a", - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com", - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa." - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa." - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa." - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - NULL, -}; - -static int -test_tlsext_valid_hostnames(void) -{ - int i, failure = 0; - - for (i = 0; valid_hostnames[i] != NULL; i++) { - CBS cbs; - CBS_init(&cbs, valid_hostnames[i], strlen(valid_hostnames[i])); - if (!tlsext_sni_is_valid_hostname(&cbs)) { - FAIL("Valid hostname '%s' rejected\n", - valid_hostnames[i]); - failure = 1; - goto done; - } - } - done: - return failure; -} - -unsigned char *invalid_hostnames[] = { - "openbsd.org.", - "openbsd..org", - "openbsd.org-", - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.com", - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa." - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa." - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa." - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.a", - "-p3nbsd.org", - "openbs-.org", - "openbsd\n.org", - "open_bsd.org", - "open\178bsd.org", - "open\255bsd.org", - NULL, -}; - -static int -test_tlsext_invalid_hostnames(void) -{ - int i, failure = 0; - CBS cbs; - - for (i = 0; invalid_hostnames[i] != NULL; i++) { - CBS_init(&cbs, invalid_hostnames[i], - strlen(invalid_hostnames[i])); - if (tlsext_sni_is_valid_hostname(&cbs)) { - FAIL("Invalid hostname '%s' accepted\n", - invalid_hostnames[i]); - failure = 1; - goto done; - } - } - CBS_init(&cbs, valid_hostnames[0], - strlen(valid_hostnames[0]) + 1); - if (tlsext_sni_is_valid_hostname(&cbs)) { - FAIL("hostname with NUL byte accepted\n"); - failure = 1; - goto done; - } - done: - return failure; -} - - -int -main(int argc, char **argv) -{ - int failed = 0; - - SSL_library_init(); - SSL_load_error_strings(); - - failed |= test_tlsext_alpn_client(); - failed |= test_tlsext_alpn_server(); - - failed |= test_tlsext_supportedgroups_client(); - failed |= test_tlsext_supportedgroups_server(); - - failed |= test_tlsext_ecpf_client(); - failed |= test_tlsext_ecpf_server(); - - failed |= test_tlsext_ri_client(); - failed |= test_tlsext_ri_server(); - - failed |= test_tlsext_sigalgs_client(); - - failed |= test_tlsext_sni_client(); - failed |= test_tlsext_sni_server(); - - failed |= test_tlsext_ocsp_client(); - failed |= test_tlsext_ocsp_server(); - - failed |= test_tlsext_sessionticket_client(); - failed |= test_tlsext_sessionticket_server(); - - failed |= test_tlsext_versions_client(); - failed |= test_tlsext_versions_server(); - - failed |= test_tlsext_keyshare_client(); - failed |= test_tlsext_keyshare_server(); - - failed |= test_tlsext_cookie_client(); - failed |= test_tlsext_cookie_server(); - -#ifndef OPENSSL_NO_SRTP - failed |= test_tlsext_srtp_client(); - failed |= test_tlsext_srtp_server(); -#else - fprintf(stderr, "Skipping SRTP tests due to OPENSSL_NO_SRTP\n"); -#endif - - failed |= test_tlsext_clienthello_build(); - failed |= test_tlsext_serverhello_build(); - - failed |= test_tlsext_valid_hostnames(); - failed |= test_tlsext_invalid_hostnames(); - - return (failed); -} diff --git a/src/regress/lib/libssl/tlsfuzzer/Makefile b/src/regress/lib/libssl/tlsfuzzer/Makefile deleted file mode 100644 index 64c5970a27..0000000000 --- a/src/regress/lib/libssl/tlsfuzzer/Makefile +++ /dev/null @@ -1,47 +0,0 @@ -# $OpenBSD: Makefile,v 1.2 2020/05/23 17:33:51 tb Exp $ - -.if !exists(/usr/local/share/tlsfuzzer) -regress: - @echo package py3-tlsfuzzer is required for this regress - @echo SKIPPED -.else - -REGRESS_TARGETS=regress-tlsfuzzer - -localhost.key localhost.crt: - openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt \ - -subj /CN=localhost -nodes -batch - -certs: localhost.key localhost.crt - -CLEANFILES += localhost.key localhost.crt - -PORT ?= 4433 -SLOW = -s -TIMING = # -t -VERBOSE = # -v - -regress-tlsfuzzer: certs - python3 ${.CURDIR}/tlsfuzzer.py ${SLOW} ${TIMING} ${VERBOSE} - -failing: certs - python3 ${.CURDIR}/tlsfuzzer.py -f ${SLOW} ${TIMING} ${VERBOSE} - - -port: certs - python3 ${.CURDIR}/tlsfuzzer.py ${SLOW} ${TIMING} ${VERBOSE} -p ${PORT} - -list: - @python3 ${.CURDIR}/tlsfuzzer.py -l - -list-failing: - @python3 ${.CURDIR}/tlsfuzzer.py -l -f - -missing: - @python3 ${.CURDIR}/tlsfuzzer.py -m - -.PHONY: all certs failing list list-failing missing port - -.endif - -.include diff --git a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py b/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py deleted file mode 100644 index 846252f1c2..0000000000 --- a/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py +++ /dev/null @@ -1,876 +0,0 @@ -# $OpenBSD: tlsfuzzer.py,v 1.40 2021/08/11 19:45:08 tb Exp $ -# -# Copyright (c) 2020 Theo Buehler -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -import getopt -import os -import subprocess -import sys -from timeit import default_timer as timer - -tlsfuzzer_scriptdir = "/usr/local/share/tlsfuzzer/scripts/" - -class Test: - """ - Represents a tlsfuzzer test script. - name: the script's name - args: arguments to feed to the script - tls12_args: override args for a TLSv1.2 server - tls13_args: override args for a TLSv1.3 server - - XXX Add client cert support. - """ - def __init__(self, name="", args=[], tls12_args=[], tls13_args=[]): - self.name = name - self.tls12_args = args - self.tls13_args = args - if tls12_args: - self.tls12_args = tls12_args - if tls13_args: - self.tls13_args = tls13_args - - def args(self, has_tls1_3: True): - if has_tls1_3: - return self.tls13_args - else: - return self.tls12_args - - def __repr__(self): - return "" % ( - self.name, self.tls12_args, tls13_args - ) - -class TestGroup: - """ A group of Test objects to be run by TestRunner.""" - def __init__(self, title="Tests", tests=[]): - self.title = title - self.tests = tests - - def __iter__(self): - return iter(self.tests) - -# argument to pass to several tests -tls13_unsupported_ciphers = [ - "-e", "TLS 1.3 with ffdhe2048", - "-e", "TLS 1.3 with ffdhe3072", - "-e", "TLS 1.3 with x448", -] - -def substitute_alert(want, got): - return f"Expected alert description \"{want}\" " \ - + f"does not match received \"{got}\"" - -# test-tls13-finished.py has 70 failing tests that expect a "decode_error" -# instead of the "decrypt_error" sent by tls13_server_finished_recv(). -# Both alerts appear to be reasonable in this context, so work around this -# in the test instead of the library. -def generate_test_tls13_finished_args(): - assertion = substitute_alert("decode_error", "decrypt_error"); - paddings = [ - ("TLS_AES_128_GCM_SHA256", 0, 1), - ("TLS_AES_128_GCM_SHA256", 0, 2), - ("TLS_AES_128_GCM_SHA256", 0, 4), - ("TLS_AES_128_GCM_SHA256", 0, 8), - ("TLS_AES_128_GCM_SHA256", 0, 16), - ("TLS_AES_128_GCM_SHA256", 0, 32), - ("TLS_AES_128_GCM_SHA256", 0, 48), - ("TLS_AES_128_GCM_SHA256", 0, 2**14-4-32), - ("TLS_AES_128_GCM_SHA256", 0, 0x20000), - ("TLS_AES_128_GCM_SHA256", 0, 0x30000), - ("TLS_AES_128_GCM_SHA256", 1, 0), - ("TLS_AES_128_GCM_SHA256", 2, 0), - ("TLS_AES_128_GCM_SHA256", 4, 0), - ("TLS_AES_128_GCM_SHA256", 8, 0), - ("TLS_AES_128_GCM_SHA256", 16, 0), - ("TLS_AES_128_GCM_SHA256", 32, 0), - ("TLS_AES_128_GCM_SHA256", 48, 0), - ("TLS_AES_128_GCM_SHA256", 2**14-4-32, 0), - ("TLS_AES_128_GCM_SHA256", 12, 0), - ("TLS_AES_128_GCM_SHA256", 1, 1), - ("TLS_AES_128_GCM_SHA256", 8, 8), - ("TLS_AES_256_GCM_SHA384", 0, 1), - ("TLS_AES_256_GCM_SHA384", 0, 2), - ("TLS_AES_256_GCM_SHA384", 0, 4), - ("TLS_AES_256_GCM_SHA384", 0, 8), - ("TLS_AES_256_GCM_SHA384", 0, 16), - ("TLS_AES_256_GCM_SHA384", 0, 32), - ("TLS_AES_256_GCM_SHA384", 0, 48), - ("TLS_AES_256_GCM_SHA384", 0, 2**14-4-48), - ("TLS_AES_256_GCM_SHA384", 0, 0x20000), - ("TLS_AES_256_GCM_SHA384", 0, 0x30000), - ("TLS_AES_256_GCM_SHA384", 0, 12), - ("TLS_AES_256_GCM_SHA384", 1, 0), - ("TLS_AES_256_GCM_SHA384", 2, 0), - ("TLS_AES_256_GCM_SHA384", 4, 0), - ("TLS_AES_256_GCM_SHA384", 8, 0), - ("TLS_AES_256_GCM_SHA384", 16, 0), - ("TLS_AES_256_GCM_SHA384", 32, 0), - ("TLS_AES_256_GCM_SHA384", 48, 0), - ("TLS_AES_256_GCM_SHA384", 2**14-4-48, 0), - ("TLS_AES_256_GCM_SHA384", 1, 1), - ("TLS_AES_256_GCM_SHA384", 8, 8), - ] - truncations = [ - ("TLS_AES_128_GCM_SHA256", 0, -1), - ("TLS_AES_128_GCM_SHA256", 0, -2), - ("TLS_AES_128_GCM_SHA256", 0, -4), - ("TLS_AES_128_GCM_SHA256", 0, -8), - ("TLS_AES_128_GCM_SHA256", 0, -16), - ("TLS_AES_128_GCM_SHA256", 0, -32), - ("TLS_AES_128_GCM_SHA256", 0, 12), - ("TLS_AES_128_GCM_SHA256", 1, None), - ("TLS_AES_128_GCM_SHA256", 2, None), - ("TLS_AES_128_GCM_SHA256", 4, None), - ("TLS_AES_128_GCM_SHA256", 8, None), - ("TLS_AES_128_GCM_SHA256", 16, None), - ("TLS_AES_128_GCM_SHA256", 32, None), - ("TLS_AES_256_GCM_SHA384", 0, -1), - ("TLS_AES_256_GCM_SHA384", 0, -2), - ("TLS_AES_256_GCM_SHA384", 0, -4), - ("TLS_AES_256_GCM_SHA384", 0, -8), - ("TLS_AES_256_GCM_SHA384", 0, -16), - ("TLS_AES_256_GCM_SHA384", 0, -32), - ("TLS_AES_256_GCM_SHA384", 0, 12), - ("TLS_AES_256_GCM_SHA384", 1, None), - ("TLS_AES_256_GCM_SHA384", 2, None), - ("TLS_AES_256_GCM_SHA384", 4, None), - ("TLS_AES_256_GCM_SHA384", 8, None), - ("TLS_AES_256_GCM_SHA384", 16, None), - ("TLS_AES_256_GCM_SHA384", 32, None), - ] - - args = [ - "-x", "empty - cipher TLS_AES_128_GCM_SHA256", "-X", assertion, - "-x", "empty - cipher TLS_AES_256_GCM_SHA384", "-X", assertion, - ] - padding_fmt = "padding - cipher %s, pad_byte 0, pad_left %d, pad_right %d" - for padding in paddings: - args += ["-x", padding_fmt % padding, "-X", assertion] - truncation_fmt = "truncation - cipher %s, start %d, end %s" - for truncation in truncations: - args += ["-x", truncation_fmt % truncation, "-X", assertion] - return args - -tls13_tests = TestGroup("TLSv1.3 tests", [ - Test("test-tls13-ccs.py"), - Test("test-tls13-conversation.py"), - Test("test-tls13-count-tickets.py"), - Test("test-tls13-empty-alert.py"), - Test("test-tls13-finished.py", generate_test_tls13_finished_args()), - Test("test-tls13-finished-plaintext.py"), - Test("test-tls13-hrr.py"), - Test("test-tls13-keyshare-omitted.py"), - Test("test-tls13-legacy-version.py"), - Test("test-tls13-nociphers.py"), - Test("test-tls13-record-padding.py"), - Test("test-tls13-shuffled-extentions.py"), - Test("test-tls13-zero-content-type.py"), - - # The skipped tests fail due to a bug in BIO_gets() which masks the retry - # signalled from an SSL_read() failure. Testing with httpd(8) shows we're - # handling these corner cases correctly since tls13_record_layer.c -r1.47. - Test("test-tls13-zero-length-data.py", [ - "-e", "zero-length app data", - "-e", "zero-length app data with large padding", - "-e", "zero-length app data with padding", - ]), -]) - -# Tests that take a lot of time (> ~30s on an x280) -tls13_slow_tests = TestGroup("slow TLSv1.3 tests", [ - # XXX: Investigate the occasional message - # "Got shared secret with 1 most significant bytes equal to zero." - Test("test-tls13-dhe-shared-secret-padding.py", tls13_unsupported_ciphers), - - Test("test-tls13-invalid-ciphers.py"), - Test("test-tls13-serverhello-random.py", tls13_unsupported_ciphers), - - # Mark two tests cases as xfail for now. The tests expect an arguably - # correct decode_error while we send a decrypt_error (like fizz/boring). - Test("test-tls13-record-layer-limits.py", [ - "-x", "max size payload (2**14) of Finished msg, with 16348 bytes of left padding, cipher TLS_AES_128_GCM_SHA256", - "-X", substitute_alert("decode_error", "decrypt_error"), - "-x", "max size payload (2**14) of Finished msg, with 16348 bytes of left padding, cipher TLS_CHACHA20_POLY1305_SHA256", - "-X", substitute_alert("decode_error", "decrypt_error"), - ]), - # We don't accept an empty ECPF extension since it must advertise the - # uncompressed point format. Exclude this extension type from the test. - Test( - "test-tls13-large-number-of-extensions.py", - tls13_args = ["--exc", "11"], - ), -]) - -tls13_extra_cert_tests = TestGroup("TLSv1.3 certificate tests", [ - # need to set up client certs to run these - Test("test-tls13-certificate-request.py"), - Test("test-tls13-certificate-verify.py"), - Test("test-tls13-ecdsa-in-certificate-verify.py"), - Test("test-tls13-eddsa-in-certificate-verify.py"), - - # Test expects the server to have installed three certificates: - # with P-256, P-384 and P-521 curve. Also SHA1+ECDSA is verified - # to not work. - Test("test-tls13-ecdsa-support.py"), -]) - -tls13_failing_tests = TestGroup("failing TLSv1.3 tests", [ - # Some tests fail because we fail later than the scripts expect us to. - # With X25519, we accept weak peer public keys and fail when we actually - # compute the keyshare. Other tests seem to indicate that we could be - # stricter about what keyshares we accept. - Test("test-tls13-crfg-curves.py", [ - '-e', 'all zero x448 key share', - '-e', 'empty x448 key share', - '-e', 'sanity x448 with compression ansiX962_compressed_char2', - '-e', 'sanity x448 with compression ansiX962_compressed_prime', - '-e', 'sanity x448 with compression uncompressed', - '-e', 'too big x448 key share', - '-e', 'too small x448 key share', - '-e', 'x448 key share of "1"', - ]), - Test("test-tls13-ecdhe-curves.py", [ - '-e', 'sanity - x448', - '-e', 'x448 - key share from other curve', - '-e', 'x448 - point at infinity', - '-e', 'x448 - right 0-padded key_share', - '-e', 'x448 - right-truncated key_share', - ]), - - # The test sends records with protocol version 0x0300 instead of 0x0303 - # and currently fails with OpenSSL and LibreSSL for this reason. - # We have the logic corresponding to NSS's fix for CVE-2020-25648 - # https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361 - # so should not be affected by this issue. - Test("test-tls13-multiple-ccs-messages.py"), - - # https://github.com/openssl/openssl/issues/8369 - Test("test-tls13-obsolete-curves.py"), - - # 3 failing rsa_pss_pss tests - Test("test-tls13-rsa-signatures.py"), - - # The failing tests all expect an ri extension. What's up with that? - Test("test-tls13-version-negotiation.py"), -]) - -tls13_slow_failing_tests = TestGroup("slow, failing TLSv1.3 tests", [ - # Other test failures bugs in keyshare/tlsext negotiation? - Test("test-tls13-unrecognised-groups.py"), # unexpected closure - - # 5 occasional failures: - # 'app data split, conversation with KeyUpdate msg' - # 'fragmented keyupdate msg' - # 'multiple KeyUpdate messages' - # 'post-handshake KeyUpdate msg with update_not_request' - # 'post-handshake KeyUpdate msg with update_request' - Test("test-tls13-keyupdate.py"), - - Test("test-tls13-symetric-ciphers.py"), # unexpected message from peer - - # 6 tests fail: 'rsa_pkcs1_{md5,sha{1,224,256,384,512}} signature' - # We send server hello, but the test expects handshake_failure - Test("test-tls13-pkcs-signature.py"), - # 8 tests fail: 'tls13 signature rsa_pss_{pss,rsae}_sha{256,384,512} - Test("test-tls13-rsapss-signatures.py"), -]) - -tls13_unsupported_tests = TestGroup("TLSv1.3 tests for unsupported features", [ - # Tests for features we don't support - Test("test-tls13-0rtt-garbage.py"), - Test("test-tls13-ffdhe-groups.py"), - Test("test-tls13-ffdhe-sanity.py"), - Test("test-tls13-psk_dhe_ke.py"), - Test("test-tls13-psk_ke.py"), - - # need server to react to HTTP GET for /keyupdate - Test("test-tls13-keyupdate-from-server.py"), - - # Weird test: tests servers that don't support 1.3 - Test("test-tls13-non-support.py"), - - # broken test script - # UnboundLocalError: local variable 'cert' referenced before assignment - Test("test-tls13-post-handshake-auth.py"), - - # ExpectNewSessionTicket - Test("test-tls13-session-resumption.py"), - - # Server must be configured to support only rsa_pss_rsae_sha512 - Test("test-tls13-signature-algorithms.py"), -]) - -tls12_exclude_legacy_protocols = [ - # all these have BIO_read timeouts against TLSv1.3 - "-e", "Protocol (3, 0)", - "-e", "Protocol (3, 0) in SSLv2 compatible ClientHello", - # the following only fail with TLSv1.3 - "-e", "Protocol (3, 1) in SSLv2 compatible ClientHello", - "-e", "Protocol (3, 2) in SSLv2 compatible ClientHello", - "-e", "Protocol (3, 3) in SSLv2 compatible ClientHello", - "-e", "Protocol (3, 1) with x448 group", - "-e", "Protocol (3, 2) with x448 group", - "-e", "Protocol (3, 3) with x448 group", -] - -tls12_tests = TestGroup("TLSv1.2 tests", [ - # Tests that pass as they are. - Test("test-TLSv1_2-rejected-without-TLSv1_2.py"), - Test("test-aes-gcm-nonces.py"), - Test("test-chacha20.py"), - Test("test-conversation.py"), - Test("test-cve-2016-2107.py"), - Test("test-cve-2016-6309.py"), - Test("test-dhe-rsa-key-exchange.py"), - Test("test-dhe-rsa-key-exchange-with-bad-messages.py"), - Test("test-early-application-data.py"), - Test("test-empty-extensions.py"), - Test("test-fuzzed-MAC.py"), - Test("test-fuzzed-ciphertext.py"), - Test("test-fuzzed-finished.py"), - Test("test-fuzzed-padding.py"), - Test("test-fuzzed-plaintext.py"), # fails once in a while - Test("test-hello-request-by-client.py"), - Test("test-invalid-cipher-suites.py"), - Test("test-invalid-content-type.py"), - Test("test-invalid-session-id.py"), - Test("test-invalid-version.py"), - Test("test-lucky13.py"), - Test("test-message-skipping.py"), - Test("test-no-heartbeat.py"), - Test("test-record-layer-fragmentation.py"), - Test("test-sessionID-resumption.py"), - Test("test-sslv2-connection.py"), - Test("test-truncating-of-finished.py"), - Test("test-truncating-of-kRSA-client-key-exchange.py"), - Test("test-unsupported-curve-fallback.py"), - Test("test-version-numbers.py"), - Test("test-zero-length-data.py"), - - # Tests that need tweaking for unsupported features and ciphers. - Test( - "test-atypical-padding.py", [ - "-e", "sanity - encrypt then MAC", - "-e", "2^14 bytes of AppData with 256 bytes of padding (SHA1 + Encrypt then MAC)", - ] - ), - Test( - "test-dhe-rsa-key-exchange-signatures.py", [ - "-e", "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA sha224 signature", - "-e", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 sha224 signature", - "-e", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA sha224 signature", - "-e", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 sha224 signature", - "-e", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA sha224 signature", - ] - ), - Test("test-dhe-key-share-random.py", tls12_exclude_legacy_protocols), - Test("test-export-ciphers-rejected.py", ["--min-ver", "TLSv1.0"]), - Test( - "test-downgrade-protection.py", - tls12_args = ["--server-max-protocol", "TLSv1.2"], - tls13_args = ["--server-max-protocol", "TLSv1.3"], - ), - Test("test-fallback-scsv.py", tls13_args = ["--tls-1.3"] ), - - Test("test-invalid-compression-methods.py", [ - "-x", "invalid compression methods", - "-X", substitute_alert("illegal_parameter", "decode_error"), - "-x", "only deflate compression method", - "-X", substitute_alert("illegal_parameter", "decode_error"), - ]), - - # Skip extended_master_secret test. Since we don't support this - # extension, we don't notice that it was dropped. - Test("test-renegotiation-changed-clienthello.py", [ - "-e", "drop extended_master_secret in renegotiation", - ]), - - # Without --sig-algs-drop-ok, two tests fail since we do not currently - # implement the signature_algorithms_cert extension (although we MUST). - Test("test-sig-algs-renegotiation-resumption.py", ["--sig-algs-drop-ok"]), - - Test("test-serverhello-random.py", args = tls12_exclude_legacy_protocols), -]) - -tls12_slow_tests = TestGroup("slow TLSv1.2 tests", [ - Test("test-cve-2016-7054.py"), - Test("test-dhe-no-shared-secret-padding.py", tls12_exclude_legacy_protocols), - Test("test-ecdhe-padded-shared-secret.py", tls12_exclude_legacy_protocols), - Test("test-ecdhe-rsa-key-share-random.py", tls12_exclude_legacy_protocols), - Test("test-large-hello.py"), -]) - -tls12_failing_tests = TestGroup("failing TLSv1.2 tests", [ - # no shared cipher - Test("test-aesccm.py"), - # need server to set up alpn - Test("test-alpn-negotiation.py"), - # many tests fail due to unexpected server_name extension - Test("test-bleichenbacher-workaround.py"), - - # need client key and cert plus extra server setup - Test("test-certificate-malformed.py"), - Test("test-certificate-request.py"), - Test("test-certificate-verify-malformed-sig.py"), - Test("test-certificate-verify-malformed.py"), - Test("test-certificate-verify.py"), - Test("test-ecdsa-in-certificate-verify.py"), - Test("test-eddsa-in-certificate-verify.py"), - Test("test-renegotiation-disabled-client-cert.py"), - Test("test-rsa-pss-sigs-on-certificate-verify.py"), - Test("test-rsa-sigs-on-certificate-verify.py"), - - # test doesn't expect session ticket - Test("test-client-compatibility.py"), - # abrupt closure - Test("test-client-hello-max-size.py"), - # unknown signature algorithms - Test("test-clienthello-md5.py"), - - # Tests expect an illegal_parameter or a decode_error alert. Should be - # added to ssl3_get_client_key_exchange on kex function failure. - Test("test-ecdhe-rsa-key-exchange-with-bad-messages.py"), - - # We send a handshake_failure due to no shared ciphers while the - # test expects to succeed. - Test("test-ecdhe-rsa-key-exchange.py"), - - # no shared cipher - Test("test-ecdsa-sig-flexibility.py"), - - # 29 succeed, 263 fail: - # 'n extensions', 'n extensions last empty' n in 4086, 4096, 8192, 16383 - # 'fuzz ext length to n' n in [0..255] with the exception of 41... - Test("test-extensions.py"), - - # Tests expect SH but we send unexpected_message or handshake_failure - # 'Application data inside Client Hello' - # 'Application data inside Client Key Exchange' - # 'Application data inside Finished' - Test("test-interleaved-application-data-and-fragmented-handshakes-in-renegotiation.py"), - # Tests expect SH but we send handshake_failure - # 'Application data before Change Cipher Spec' - # 'Application data before Client Key Exchange' - # 'Application data before Finished' - Test("test-interleaved-application-data-in-renegotiation.py"), - - # broken test script - # TypeError: '<' not supported between instances of 'int' and 'NoneType' - Test("test-invalid-client-hello-w-record-overflow.py"), - - # Lots of failures. abrupt closure - Test("test-invalid-client-hello.py"), - - # abrupt closure - # 'encrypted premaster set to all zero (n)' n in 256 384 512 - Test("test-invalid-rsa-key-exchange-messages.py"), - - # test expects illegal_parameter, we send unrecognized_name (which seems - # correct according to rfc 6066?) - Test("test-invalid-server-name-extension-resumption.py"), - # let through some server names without sending an alert - # again illegal_parameter vs unrecognized_name - Test("test-invalid-server-name-extension.py"), - - # 14 pass - # 7 fail - # 'n extensions', n in 4095, 4096, 4097, 8191, 8192, 8193, 16383, - Test("test-large-number-of-extensions.py"), - - # 4 failures: - # 'insecure (legacy) renegotiation with GET after 2nd handshake' - # 'insecure (legacy) renegotiation with incomplete GET' - # 'secure renegotiation with GET after 2nd handshake' - # 'secure renegotiation with incomplete GET' - Test("test-legacy-renegotiation.py"), - - # 1 failure (timeout): we don't send the unexpected_message alert - # 'duplicate change cipher spec after Finished' - Test("test-message-duplication.py"), - - # server should send status_request - Test("test-ocsp-stapling.py"), - - # unexpected closure - Test("test-openssl-3712.py"), - - # failed: 3 (expect an alert, we send AD) - # 'try insecure (legacy) renegotiation with incomplete GET' - # 'try secure renegotiation with GET after 2nd CH' - # 'try secure renegotiation with incomplete GET' - Test("test-renegotiation-disabled.py"), - - # 'resumption of safe session with NULL cipher' - # 'resumption with cipher from old CH but not selected by server' - Test("test-resumption-with-wrong-ciphers.py"), - - # 5 failures: - # 'empty sigalgs' - # 'only undefined sigalgs' - # 'rsa_pss_pss_sha256 only' - # 'rsa_pss_pss_sha384 only' - # 'rsa_pss_pss_sha512 only' - Test("test-sig-algs.py"), - - # 13 failures: - # 'duplicated n non-rsa schemes' for n in 202 2342 8119 23741 32744 - # 'empty list of signature methods' - # 'tolerance n RSA or ECDSA methods' for n in 215 2355 8132 23754 - # 'tolerance 32758 methods with sig_alg_cert' - # 'tolerance max 32744 number of methods with sig_alg_cert' - # 'tolerance max (32760) number of methods' - Test("test-signature-algorithms.py"), - - # times out - Test("test-ssl-death-alert.py"), - - # 17 pass, 13 fail. padding and truncation - Test("test-truncating-of-client-hello.py"), - - # x448 tests need disabling plus x25519 corner cases need sorting out - Test("test-x25519.py"), -]) - -tls12_unsupported_tests = TestGroup("TLSv1.2 for unsupported features", [ - # protocol_version - Test("test-SSLv3-padding.py"), - # we don't do RSA key exchanges - Test("test-bleichenbacher-timing.py"), - # no encrypt-then-mac - Test("test-encrypt-then-mac-renegotiation.py"), - Test("test-encrypt-then-mac.py"), - # no EME support - Test("test-extended-master-secret-extension-with-client-cert.py"), - Test("test-extended-master-secret-extension.py"), - # no ffdhe - Test("test-ffdhe-expected-params.py"), - Test("test-ffdhe-negotiation.py"), - # record_size_limit/max_fragment_length extension (RFC 8449) - Test("test-record-size-limit.py"), - # expects the server to send the heartbeat extension - Test("test-heartbeat.py"), -]) - -# These tests take a ton of time to fail against an 1.3 server, -# so don't run them against 1.3 pending further investigation. -legacy_tests = TestGroup("Legacy protocol tests", [ - Test("test-sslv2-force-cipher-3des.py"), - Test("test-sslv2-force-cipher-non3des.py"), - Test("test-sslv2-force-cipher.py"), - Test("test-sslv2-force-export-cipher.py"), - Test("test-sslv2hello-protocol.py"), -]) - -all_groups = [ - tls13_tests, - tls13_slow_tests, - tls13_extra_cert_tests, - tls13_failing_tests, - tls13_slow_failing_tests, - tls13_unsupported_tests, - tls12_tests, - tls12_slow_tests, - tls12_failing_tests, - tls12_unsupported_tests, - legacy_tests, -] - -failing_groups = [ - tls13_failing_tests, - tls13_slow_failing_tests, - tls12_failing_tests, -] - -class TestRunner: - """ Runs the given tests troups against a server and displays stats. """ - - def __init__( - self, timing=False, verbose=False, port=4433, use_tls1_3=True, - dry_run=False, tests=[], scriptdir=tlsfuzzer_scriptdir, - ): - self.tests = [] - - self.dryrun = dry_run - self.use_tls1_3 = use_tls1_3 - self.port = str(port) - self.scriptdir = scriptdir - - self.stats = [] - self.failed = [] - self.missing = [] - - self.timing = timing - self.verbose = verbose - - def add(self, title="tests", tests=[]): - # tests.sort(key=lambda test: test.name) - self.tests.append(TestGroup(title, tests)) - - def add_group(self, group): - self.tests.append(group) - - def run_script(self, test): - script = test.name - args = ["-p"] + [self.port] + test.args(self.use_tls1_3) - - if self.dryrun: - if not self.verbose: - args = [] - print(script , end=' ' if args else '') - print(' '.join([f"\"{arg}\"" for arg in args])) - return - - if self.verbose: - print(script) - else: - print(f"{script[:68]:<72}", end=" ", flush=True) - start = timer() - scriptpath = os.path.join(self.scriptdir, script) - if not os.path.exists(scriptpath): - self.missing.append(script) - print("MISSING") - return - test = subprocess.run( - ["python3", scriptpath] + args, - capture_output=not self.verbose, - text=True, - ) - end = timer() - self.stats.append((script, end - start)) - if test.returncode == 0: - print("OK") - return - print("FAILED") - self.failed.append(script) - - if self.verbose: - return - - print('\n'.join(test.stdout.split("Test end\n", 1)[1:]), end="") - - def run(self): - for group in self: - print(f"Running {group.title} ...") - for test in group: - self.run_script(test) - return not self.failed - - def __iter__(self): - return iter(self.tests) - - def __del__(self): - if self.timing and self.stats: - total = 0.0 - for (script, time) in self.stats: - print(f"{round(time, 2):6.2f} {script}") - total += time - print(f"{round(total, 2):6.2f} total") - - if self.failed: - print("Failed tests:") - print('\n'.join(self.failed)) - - if self.missing: - print("Missing tests (outdated package?):") - print('\n'.join(self.missing)) - -class TlsServer: - """ Spawns an s_server listening on localhost:port if necessary. """ - - def __init__(self, port=4433): - self.spawn = True - # Check whether a server is already listening on localhost:port - self.spawn = subprocess.run( - ["nc", "-c", "-z", "-T", "noverify", "localhost", str(port)], - stderr=subprocess.DEVNULL, - ).returncode != 0 - - if self.spawn: - self.server = subprocess.Popen( - [ - "openssl", - "s_server", - "-accept", - str(port), - "-groups", - "X25519:P-256:P-521:P-384", - "-key", - "localhost.key", - "-cert", - "localhost.crt", - "-www", - ], - stdout=subprocess.DEVNULL, - stderr=subprocess.PIPE, - text=True, - ) - - # Check whether the server talks TLSv1.3 - self.has_tls1_3 = True or subprocess.run( - [ - "nc", - "-c", - "-z", - "-T", - "noverify", - "-T", - "protocols=TLSv1.3", - "localhost", - str(port), - ], - stderr=subprocess.DEVNULL, - ).returncode == 0 - - self.check() - - def check(self): - if self.spawn and self.server.poll() is not None: - print(self.server.stderr.read()) - raise RuntimeError( - f"openssl s_server died. Return code: {self.server.returncode}." - ) - if self.spawn: - self.server.stderr.detach() - - def __del__(self): - if self.spawn: - self.server.terminate() - -# Extract the arguments we pass to script -def defaultargs(script, has_tls1_3): - return next( - (test for group in all_groups for test in group if test.name == script), - Test() - ).args(has_tls1_3) - -def list_or_missing(missing=True): - tests = [test.name for group in all_groups for test in group] - - if missing: - scripts = { - f for f in os.listdir(tlsfuzzer_scriptdir) if f != "__pycache__" - } - missing = scripts - set(tests) - if missing: - print('\n'.join(sorted(missing))) - exit(0) - - tests.sort() - print('\n'.join(tests)) - exit(0) - -def usage(): - print("Usage: python3 tlsfuzzer.py [-lmnstv] [-p port] [script [test...]]") - print(" --help help") - print(" -f run failing tests") - print(" -l list tests") - print(" -m list new tests after package update") - print(" -n do not run tests, but list the ones that would be run") - print(" -p port connect to this port - defaults to 4433") - print(" -s run slow tests") - print(" -t show timing stats at end") - print(" -v verbose output") - exit(0) - -def main(): - failing = False - list = False - missing = False - dryrun = False - port = 4433 - slow = False - timing = False - verbose = False - - argv = sys.argv[1:] - opts, args = getopt.getopt(argv, "flmnp:stv", ["help"]) - for opt, arg in opts: - if opt == '--help': - usage() - elif opt == '-f': - failing = True - elif opt == '-l': - list = True - elif opt == '-m': - missing = True - elif opt == '-n': - dryrun = True - elif opt == '-p': - port = int(arg) - elif opt == '-s': - slow = True - elif opt == '-t': - timing = True - elif opt == '-v': - verbose = True - else: - raise ValueError(f"Unknown option: {opt}") - - if not os.path.exists(tlsfuzzer_scriptdir): - print("package py3-tlsfuzzer is required for this regress") - exit(1) - - if list and failing: - failing = [test.name for group in failing_groups for test in group] - failing.sort() - print('\n'.join(failing)) - exit(0) - - if list or missing: - list_or_missing(missing) - - tls_server = TlsServer(port) - - tests = TestRunner(timing, verbose, port, tls_server.has_tls1_3, dryrun) - - if args: - (dir, script) = os.path.split(args[0]) - if dir and not dir == '.': - tests.scriptdir = dir - - testargs = defaultargs(script, tls_server.has_tls1_3) - - tests.verbose = True - tests.add("test from command line", [Test(script, testargs + args[1:])]) - - exit(not tests.run()) - - if failing: - if tls_server.has_tls1_3: - tests.add_group(tls13_failing_tests) - if slow: - tests.add_group(tls13_slow_failing_tests) - tests.add_group(tls12_failing_tests) - - if tls_server.has_tls1_3: - tests.add_group(tls13_tests) - if slow: - tests.add_group(tls13_slow_tests) - else: - tests.add_group(legacy_tests) - - tests.add_group(tls12_tests) - if slow: - tests.add_group(tls12_slow_tests) - - success = tests.run() - del tests - - if not success: - print("FAILED") - exit(1) - -if __name__ == "__main__": - main() diff --git a/src/regress/lib/libssl/tlslegacy/Makefile b/src/regress/lib/libssl/tlslegacy/Makefile deleted file mode 100644 index c39981f0b8..0000000000 --- a/src/regress/lib/libssl/tlslegacy/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -# $OpenBSD: Makefile,v 1.1 2020/10/07 07:52:17 jsing Exp $ - -PROG= tlslegacytest -LDADD= -lssl -lcrypto -DPADD= ${LIBSSL} ${LIBCRYPTO} -WARNINGS= Yes -CFLAGS+= -DLIBRESSL_INTERNAL -Werror - -.include diff --git a/src/regress/lib/libssl/tlslegacy/tlslegacytest.c b/src/regress/lib/libssl/tlslegacy/tlslegacytest.c deleted file mode 100644 index 70d89f8e75..0000000000 --- a/src/regress/lib/libssl/tlslegacy/tlslegacytest.c +++ /dev/null @@ -1,633 +0,0 @@ -/* $OpenBSD: tlslegacytest.c,v 1.2 2020/10/07 17:39:43 tb Exp $ */ -/* - * Copyright (c) 2015, 2016, 2017, 2020 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include -#include -#include - -#include -#include -#include - -/* openssl.org:443 */ -static uint8_t tls12_server_response[] = { - 0x16, 0x03, 0x03, 0x00, 0x3d, 0x02, 0x00, 0x00, - 0x39, 0x03, 0x03, 0x62, 0x0c, 0x8a, 0x7e, 0x29, - 0x60, 0xcb, 0x08, 0xd1, 0xb4, 0x95, 0x68, 0x76, - 0xea, 0x4e, 0x0c, 0x94, 0xf2, 0x42, 0x3d, 0xd1, - 0x7a, 0xc2, 0xfe, 0x6c, 0xb3, 0xe6, 0x12, 0x8a, - 0x33, 0x02, 0x92, 0x00, 0xc0, 0x30, 0x00, 0x00, - 0x11, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x0b, - 0x00, 0x04, 0x03, 0x00, 0x01, 0x02, 0x00, 0x23, - 0x00, 0x00, -}; - -/* - * outlook.office365.com:587 with starttls - this server response includes - * multiple handshake messages contained in a single TLS record. - */ -static uint8_t tls12_server_response_with_cert[] = { - 0x16, 0x03, 0x03, 0x0f, 0x2b, 0x02, 0x00, 0x00, - 0x4d, 0x03, 0x03, 0x5f, 0x7c, 0x69, 0x42, 0xe1, - 0x19, 0xf0, 0x22, 0xfb, 0x71, 0x9a, 0xf1, 0x63, - 0x34, 0xbb, 0x61, 0x46, 0xea, 0x5f, 0x0b, 0x5e, - 0xb1, 0x4e, 0x37, 0x96, 0x67, 0xff, 0x83, 0xea, - 0x0e, 0x16, 0x85, 0x20, 0x3a, 0x1b, 0x00, 0x00, - 0x17, 0xe9, 0xac, 0xca, 0x19, 0x61, 0xaf, 0x70, - 0x28, 0x3b, 0x18, 0xaa, 0x6c, 0xa0, 0x0f, 0x78, - 0xd0, 0x83, 0xfc, 0x5d, 0x78, 0xf9, 0x6d, 0xdb, - 0x16, 0x21, 0x15, 0xa2, 0xc0, 0x30, 0x00, 0x00, - 0x05, 0xff, 0x01, 0x00, 0x01, 0x00, 0x0b, 0x00, - 0x0d, 0x47, 0x00, 0x0d, 0x44, 0x00, 0x08, 0xaf, - 0x30, 0x82, 0x08, 0xab, 0x30, 0x82, 0x07, 0x93, - 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0c, 0x6d, - 0xea, 0x0b, 0xe1, 0x97, 0x27, 0x60, 0xa1, 0x59, - 0xb1, 0x85, 0x60, 0x30, 0x0d, 0x06, 0x09, 0x2a, - 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, - 0x05, 0x00, 0x30, 0x66, 0x31, 0x0b, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x42, - 0x45, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, - 0x04, 0x0a, 0x13, 0x10, 0x47, 0x6c, 0x6f, 0x62, - 0x61, 0x6c, 0x53, 0x69, 0x67, 0x6e, 0x20, 0x6e, - 0x76, 0x2d, 0x73, 0x61, 0x31, 0x3c, 0x30, 0x3a, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x33, 0x47, - 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x53, 0x69, 0x67, - 0x6e, 0x20, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, - 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x56, - 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x20, 0x43, 0x41, 0x20, 0x2d, 0x20, 0x53, - 0x48, 0x41, 0x32, 0x35, 0x36, 0x20, 0x2d, 0x20, - 0x47, 0x33, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x30, - 0x30, 0x38, 0x31, 0x33, 0x32, 0x33, 0x31, 0x38, - 0x34, 0x39, 0x5a, 0x17, 0x0d, 0x32, 0x32, 0x30, - 0x38, 0x31, 0x34, 0x32, 0x33, 0x31, 0x38, 0x34, - 0x39, 0x5a, 0x30, 0x6a, 0x31, 0x0b, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, - 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, - 0x04, 0x08, 0x13, 0x0a, 0x57, 0x61, 0x73, 0x68, - 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, - 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, - 0x07, 0x52, 0x65, 0x64, 0x6d, 0x6f, 0x6e, 0x64, - 0x31, 0x1e, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x04, - 0x0a, 0x13, 0x15, 0x4d, 0x69, 0x63, 0x72, 0x6f, - 0x73, 0x6f, 0x66, 0x74, 0x20, 0x43, 0x6f, 0x72, - 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x13, 0x0b, 0x6f, 0x75, 0x74, 0x6c, 0x6f, - 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, - 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, - 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, - 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, - 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc9, - 0x20, 0x3f, 0x57, 0xb9, 0xf9, 0x71, 0xaa, 0x3c, - 0x6a, 0x0a, 0x5d, 0x3f, 0xc9, 0x8d, 0x99, 0xa5, - 0x50, 0x26, 0x25, 0x4e, 0xdc, 0x69, 0x52, 0xb3, - 0x33, 0x70, 0xe7, 0x72, 0xa2, 0x83, 0x92, 0x54, - 0xd1, 0xd4, 0x86, 0x15, 0xf2, 0xc4, 0x65, 0xf8, - 0xbc, 0xe5, 0xd2, 0x1e, 0x12, 0x25, 0x9e, 0x75, - 0x8e, 0x77, 0xd2, 0x8e, 0x94, 0xca, 0x03, 0x4b, - 0xf4, 0xc8, 0xca, 0xe3, 0xe3, 0x9b, 0x66, 0xa3, - 0xa1, 0x37, 0x74, 0xcc, 0xfe, 0xc4, 0x1e, 0x64, - 0xdc, 0xe3, 0x18, 0xba, 0xc1, 0x7b, 0x39, 0x5b, - 0xb1, 0x47, 0xe9, 0x11, 0x92, 0xef, 0xee, 0xe6, - 0x08, 0xcd, 0x93, 0x7b, 0x09, 0xc7, 0x39, 0xfe, - 0xe5, 0xe2, 0x47, 0x3f, 0x68, 0x78, 0xa4, 0x17, - 0x78, 0x13, 0xcb, 0x12, 0x38, 0x9d, 0x89, 0x2b, - 0x1f, 0x75, 0x9b, 0x87, 0x5d, 0x53, 0xfc, 0xb0, - 0x2a, 0xaf, 0x2d, 0x86, 0x8a, 0x76, 0x3b, 0xce, - 0x5e, 0xae, 0x43, 0x74, 0x68, 0xc3, 0x28, 0xbf, - 0x10, 0x2f, 0xdd, 0xd9, 0x43, 0x4b, 0x2d, 0xa6, - 0xdc, 0x1f, 0x6d, 0x90, 0xd0, 0xce, 0x14, 0x1e, - 0x6c, 0xdc, 0x7b, 0x06, 0xe4, 0x7b, 0xa9, 0x81, - 0x40, 0xed, 0xde, 0x18, 0xb7, 0xdf, 0x53, 0x61, - 0xbc, 0x18, 0x83, 0x11, 0xc7, 0xb4, 0x1b, 0x99, - 0xef, 0x14, 0xe4, 0x63, 0x39, 0xe3, 0x5c, 0x2f, - 0xe7, 0x89, 0x58, 0x5b, 0xda, 0x03, 0x3a, 0x39, - 0x96, 0x8a, 0xca, 0x4f, 0xd8, 0xe3, 0x6c, 0x7f, - 0x6e, 0xd3, 0xe7, 0x30, 0x34, 0x9c, 0xdb, 0x8b, - 0xe8, 0x6a, 0xa6, 0x08, 0x77, 0x1d, 0x63, 0xd6, - 0x57, 0x9d, 0xcd, 0xa7, 0x47, 0x05, 0x39, 0x96, - 0x7b, 0xfd, 0x9a, 0x09, 0x99, 0xef, 0x49, 0xb1, - 0x89, 0x02, 0xbe, 0x4f, 0xb8, 0xef, 0xa0, 0x04, - 0x29, 0x74, 0xfb, 0x9a, 0x7e, 0x9d, 0xa8, 0x10, - 0xfb, 0x7e, 0xb0, 0x6c, 0x60, 0x4f, 0x57, 0x02, - 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x05, 0x53, - 0x30, 0x82, 0x05, 0x4f, 0x30, 0x0e, 0x06, 0x03, - 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, - 0x03, 0x02, 0x05, 0xa0, 0x30, 0x81, 0x9e, 0x06, - 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, - 0x01, 0x04, 0x81, 0x91, 0x30, 0x81, 0x8e, 0x30, - 0x4b, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x30, 0x02, 0x86, 0x3f, 0x68, 0x74, 0x74, - 0x70, 0x3a, 0x2f, 0x2f, 0x73, 0x65, 0x63, 0x75, - 0x72, 0x65, 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61, - 0x6c, 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, - 0x6d, 0x2f, 0x63, 0x61, 0x63, 0x65, 0x72, 0x74, - 0x2f, 0x67, 0x73, 0x6f, 0x72, 0x67, 0x61, 0x6e, - 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x76, - 0x61, 0x6c, 0x73, 0x68, 0x61, 0x32, 0x67, 0x33, - 0x2e, 0x63, 0x72, 0x74, 0x30, 0x3f, 0x06, 0x08, - 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, - 0x86, 0x33, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, - 0x2f, 0x6f, 0x63, 0x73, 0x70, 0x32, 0x2e, 0x67, - 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x73, 0x69, 0x67, - 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x73, - 0x6f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x76, 0x61, 0x6c, 0x73, - 0x68, 0x61, 0x32, 0x67, 0x33, 0x30, 0x56, 0x06, - 0x03, 0x55, 0x1d, 0x20, 0x04, 0x4f, 0x30, 0x4d, - 0x30, 0x41, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x04, - 0x01, 0xa0, 0x32, 0x01, 0x14, 0x30, 0x34, 0x30, - 0x32, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x02, 0x01, 0x16, 0x26, 0x68, 0x74, 0x74, - 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, - 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x73, - 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, - 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x6f, - 0x72, 0x79, 0x2f, 0x30, 0x08, 0x06, 0x06, 0x67, - 0x81, 0x0c, 0x01, 0x02, 0x02, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, - 0x30, 0x46, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, - 0x3f, 0x30, 0x3d, 0x30, 0x3b, 0xa0, 0x39, 0xa0, - 0x37, 0x86, 0x35, 0x68, 0x74, 0x74, 0x70, 0x3a, - 0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x67, 0x6c, - 0x6f, 0x62, 0x61, 0x6c, 0x73, 0x69, 0x67, 0x6e, - 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x73, 0x6f, - 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x76, 0x61, 0x6c, 0x73, 0x68, - 0x61, 0x32, 0x67, 0x33, 0x2e, 0x63, 0x72, 0x6c, - 0x30, 0x82, 0x02, 0x10, 0x06, 0x03, 0x55, 0x1d, - 0x11, 0x04, 0x82, 0x02, 0x07, 0x30, 0x82, 0x02, - 0x03, 0x82, 0x0b, 0x6f, 0x75, 0x74, 0x6c, 0x6f, - 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x16, - 0x2a, 0x2e, 0x63, 0x6c, 0x6f, 0x2e, 0x66, 0x6f, - 0x6f, 0x74, 0x70, 0x72, 0x69, 0x6e, 0x74, 0x64, - 0x6e, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x0d, - 0x2a, 0x2e, 0x68, 0x6f, 0x74, 0x6d, 0x61, 0x69, - 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x16, 0x2a, - 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, - 0x6c, 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f, - 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x0a, 0x2a, - 0x2e, 0x6c, 0x69, 0x76, 0x65, 0x2e, 0x63, 0x6f, - 0x6d, 0x82, 0x16, 0x2a, 0x2e, 0x6e, 0x72, 0x62, - 0x2e, 0x66, 0x6f, 0x6f, 0x74, 0x70, 0x72, 0x69, - 0x6e, 0x74, 0x64, 0x6e, 0x73, 0x2e, 0x63, 0x6f, - 0x6d, 0x82, 0x0c, 0x2a, 0x2e, 0x6f, 0x66, 0x66, - 0x69, 0x63, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x82, - 0x0f, 0x2a, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, - 0x65, 0x33, 0x36, 0x35, 0x2e, 0x63, 0x6f, 0x6d, - 0x82, 0x0d, 0x2a, 0x2e, 0x6f, 0x75, 0x74, 0x6c, - 0x6f, 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x82, - 0x17, 0x2a, 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f, - 0x6f, 0x6b, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, - 0x65, 0x33, 0x36, 0x35, 0x2e, 0x63, 0x6f, 0x6d, - 0x82, 0x1b, 0x61, 0x74, 0x74, 0x61, 0x63, 0x68, - 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x6f, 0x75, 0x74, - 0x6c, 0x6f, 0x6f, 0x6b, 0x2e, 0x6c, 0x69, 0x76, - 0x65, 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x1d, 0x61, - 0x74, 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65, 0x6e, - 0x74, 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f, - 0x6b, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, - 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x20, 0x61, 0x74, - 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65, 0x6e, 0x74, - 0x2e, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f, 0x6b, - 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, 0x70, - 0x70, 0x65, 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x16, - 0x61, 0x74, 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65, - 0x6e, 0x74, 0x73, 0x2e, 0x6f, 0x66, 0x66, 0x69, - 0x63, 0x65, 0x2e, 0x6e, 0x65, 0x74, 0x82, 0x1a, - 0x61, 0x74, 0x74, 0x61, 0x63, 0x68, 0x6d, 0x65, - 0x6e, 0x74, 0x73, 0x2d, 0x73, 0x64, 0x66, 0x2e, - 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, 0x2e, 0x6e, - 0x65, 0x74, 0x82, 0x1d, 0x63, 0x63, 0x73, 0x2e, - 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x2e, 0x6d, 0x69, - 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x6f, - 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x2e, 0x63, 0x6f, - 0x6d, 0x82, 0x21, 0x63, 0x63, 0x73, 0x2d, 0x73, - 0x64, 0x66, 0x2e, 0x6c, 0x6f, 0x67, 0x69, 0x6e, - 0x2e, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, - 0x66, 0x74, 0x6f, 0x6e, 0x6c, 0x69, 0x6e, 0x65, - 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x0b, 0x68, 0x6f, - 0x74, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63, 0x6f, - 0x6d, 0x82, 0x16, 0x6d, 0x61, 0x69, 0x6c, 0x2e, - 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, - 0x2e, 0x6c, 0x69, 0x76, 0x65, 0x2e, 0x63, 0x6f, - 0x6d, 0x82, 0x0d, 0x6f, 0x66, 0x66, 0x69, 0x63, - 0x65, 0x33, 0x36, 0x35, 0x2e, 0x63, 0x6f, 0x6d, - 0x82, 0x12, 0x6f, 0x75, 0x74, 0x6c, 0x6f, 0x6f, - 0x6b, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, - 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x14, 0x73, 0x75, - 0x62, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x2e, - 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, 0x2e, 0x63, - 0x6f, 0x6d, 0x82, 0x18, 0x73, 0x75, 0x62, 0x73, - 0x74, 0x72, 0x61, 0x74, 0x65, 0x2d, 0x73, 0x64, - 0x66, 0x2e, 0x6f, 0x66, 0x66, 0x69, 0x63, 0x65, - 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1d, 0x06, 0x03, - 0x55, 0x1d, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, - 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, - 0x01, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x02, 0x30, 0x1f, 0x06, 0x03, 0x55, - 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, - 0x68, 0x86, 0xb8, 0x7d, 0x7a, 0xd9, 0x6d, 0x49, - 0x6b, 0x87, 0x2f, 0x18, 0x8b, 0x15, 0x34, 0x6c, - 0xd7, 0xb4, 0x7a, 0x0e, 0x30, 0x1d, 0x06, 0x03, - 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x8a, - 0x7c, 0x73, 0x44, 0x70, 0xa8, 0x4d, 0x83, 0x25, - 0x6f, 0xa6, 0x53, 0xda, 0x42, 0x52, 0x96, 0xc9, - 0x15, 0x71, 0x21, 0x30, 0x82, 0x01, 0x7c, 0x06, - 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, - 0x02, 0x04, 0x02, 0x04, 0x82, 0x01, 0x6c, 0x04, - 0x82, 0x01, 0x68, 0x01, 0x66, 0x00, 0x76, 0x00, - 0x22, 0x45, 0x45, 0x07, 0x59, 0x55, 0x24, 0x56, - 0x96, 0x3f, 0xa1, 0x2f, 0xf1, 0xf7, 0x6d, 0x86, - 0xe0, 0x23, 0x26, 0x63, 0xad, 0xc0, 0x4b, 0x7f, - 0x5d, 0xc6, 0x83, 0x5c, 0x6e, 0xe2, 0x0f, 0x02, - 0x00, 0x00, 0x01, 0x73, 0xea, 0x1e, 0x7d, 0x2f, - 0x00, 0x00, 0x04, 0x03, 0x00, 0x47, 0x30, 0x45, - 0x02, 0x21, 0x00, 0xf4, 0x50, 0x8f, 0xe7, 0x38, - 0xc9, 0x7a, 0xd1, 0xf7, 0xf7, 0x69, 0xc5, 0x05, - 0xea, 0x8e, 0x03, 0x80, 0x2c, 0x87, 0x06, 0x03, - 0xb6, 0x9b, 0xe6, 0xa5, 0x83, 0x2f, 0xb9, 0xaf, - 0x7b, 0xb4, 0xac, 0x02, 0x20, 0x51, 0xa6, 0x8f, - 0xe8, 0xe5, 0x6c, 0xa7, 0xff, 0x16, 0x01, 0x7e, - 0x15, 0x42, 0x11, 0x31, 0xdc, 0xdc, 0xc7, 0x37, - 0x7c, 0x64, 0x2c, 0xac, 0xdd, 0x42, 0xbb, 0x3c, - 0x79, 0x31, 0x74, 0xcc, 0x9d, 0x00, 0x75, 0x00, - 0x29, 0x79, 0xbe, 0xf0, 0x9e, 0x39, 0x39, 0x21, - 0xf0, 0x56, 0x73, 0x9f, 0x63, 0xa5, 0x77, 0xe5, - 0xbe, 0x57, 0x7d, 0x9c, 0x60, 0x0a, 0xf8, 0xf9, - 0x4d, 0x5d, 0x26, 0x5c, 0x25, 0x5d, 0xc7, 0x84, - 0x00, 0x00, 0x01, 0x73, 0xea, 0x1e, 0x7a, 0xa7, - 0x00, 0x00, 0x04, 0x03, 0x00, 0x46, 0x30, 0x44, - 0x02, 0x20, 0x03, 0xf1, 0x19, 0xd7, 0x0f, 0x2f, - 0xc4, 0xa9, 0x84, 0xa0, 0x33, 0xd4, 0x76, 0xa6, - 0xee, 0xf1, 0xae, 0xe0, 0x03, 0xe7, 0xae, 0x98, - 0x43, 0x17, 0xb0, 0x0f, 0xfb, 0x12, 0xbb, 0x13, - 0xda, 0x34, 0x02, 0x20, 0x10, 0xe6, 0xa9, 0x1d, - 0x8b, 0x1c, 0x64, 0xd4, 0xc9, 0xf7, 0xc0, 0x3d, - 0x3c, 0x77, 0x49, 0xb1, 0x08, 0x3d, 0x1d, 0x5e, - 0x34, 0xf9, 0xd9, 0x10, 0x7c, 0x74, 0x6b, 0x18, - 0xc6, 0x5e, 0x6d, 0x07, 0x00, 0x75, 0x00, 0x55, - 0x81, 0xd4, 0xc2, 0x16, 0x90, 0x36, 0x01, 0x4a, - 0xea, 0x0b, 0x9b, 0x57, 0x3c, 0x53, 0xf0, 0xc0, - 0xe4, 0x38, 0x78, 0x70, 0x25, 0x08, 0x17, 0x2f, - 0xa3, 0xaa, 0x1d, 0x07, 0x13, 0xd3, 0x0c, 0x00, - 0x00, 0x01, 0x73, 0xea, 0x1e, 0x7d, 0xae, 0x00, - 0x00, 0x04, 0x03, 0x00, 0x46, 0x30, 0x44, 0x02, - 0x20, 0x26, 0x21, 0x64, 0xdb, 0xa6, 0xe2, 0x3d, - 0x32, 0x7d, 0x9f, 0xa8, 0xae, 0xb7, 0x29, 0xb7, - 0x42, 0x9b, 0x49, 0xaa, 0xf5, 0xa5, 0xc0, 0x12, - 0x01, 0xa1, 0xb6, 0xe7, 0xf2, 0x01, 0xd4, 0x2f, - 0x45, 0x02, 0x20, 0x4e, 0x19, 0xba, 0x47, 0x75, - 0x8b, 0x49, 0xd7, 0x4b, 0xba, 0x04, 0x62, 0xdd, - 0xa2, 0xb7, 0x6b, 0x05, 0xd0, 0x01, 0x1f, 0x7c, - 0x36, 0x17, 0x27, 0x29, 0xb2, 0x17, 0x1c, 0x7f, - 0x10, 0x81, 0x8a, 0x30, 0x0d, 0x06, 0x09, 0x2a, - 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x26, - 0xf4, 0xa3, 0x77, 0x1d, 0xdc, 0x9e, 0xc4, 0x1a, - 0x88, 0x23, 0x30, 0x8c, 0xe1, 0x14, 0xf9, 0x62, - 0x0e, 0xbf, 0xad, 0x24, 0xc9, 0xab, 0xab, 0xd0, - 0x68, 0x8b, 0xbc, 0xf1, 0xec, 0x1c, 0xd0, 0x96, - 0xad, 0xf9, 0x5f, 0xdd, 0xe0, 0xee, 0xa8, 0xe0, - 0x2c, 0x3a, 0x19, 0xa5, 0x68, 0x0c, 0x6e, 0xfe, - 0xe6, 0x80, 0xce, 0xa3, 0x3b, 0x6c, 0x00, 0x88, - 0x5c, 0xbf, 0x3c, 0xd8, 0x68, 0x08, 0x36, 0xb9, - 0x9e, 0x84, 0x9b, 0x5f, 0x97, 0xfb, 0x77, 0xea, - 0x72, 0xfb, 0x73, 0x47, 0x00, 0xb0, 0xa8, 0x7c, - 0x64, 0x38, 0xf1, 0xcc, 0xc0, 0x29, 0x71, 0x67, - 0x65, 0x76, 0x4c, 0x80, 0x58, 0x97, 0xc8, 0x62, - 0x63, 0x3e, 0xf1, 0x3e, 0xc0, 0x0e, 0x48, 0x5f, - 0x55, 0x21, 0x8f, 0x96, 0x68, 0xbd, 0x41, 0x14, - 0x7a, 0x0b, 0x8c, 0x31, 0x5b, 0x39, 0xac, 0xa3, - 0xa0, 0x99, 0x58, 0x24, 0xfa, 0xd9, 0x19, 0x32, - 0x1c, 0x9f, 0x2d, 0xa9, 0xed, 0xb9, 0x97, 0xa4, - 0x66, 0x30, 0x29, 0xd8, 0x82, 0xa2, 0xf5, 0xfc, - 0x6d, 0x10, 0xf1, 0xac, 0x1d, 0x3f, 0xfb, 0xde, - 0xa1, 0x0e, 0xb6, 0x84, 0x90, 0xd4, 0x55, 0x5c, - 0x21, 0x1b, 0x1f, 0x21, 0x45, 0x92, 0xc5, 0x9a, - 0x47, 0x05, 0x0f, 0xb8, 0x1c, 0x78, 0x6e, 0xb9, - 0x6b, 0xa3, 0xa9, 0x8d, 0xb1, 0x59, 0xff, 0xf4, - 0xe6, 0x71, 0x77, 0x38, 0x12, 0xfe, 0x41, 0x8f, - 0x04, 0x92, 0x08, 0x3f, 0x32, 0x2a, 0x92, 0x5e, - 0x0a, 0x7b, 0x7e, 0x04, 0xee, 0x24, 0x10, 0x39, - 0xf3, 0xac, 0x5e, 0x04, 0x93, 0x91, 0xa2, 0x8f, - 0x90, 0x04, 0x33, 0x5c, 0x5c, 0x94, 0xb3, 0x80, - 0x2b, 0x43, 0xbf, 0xe3, 0x74, 0x64, 0x20, 0xf4, - 0x00, 0xb2, 0x6c, 0x7b, 0xa8, 0x77, 0xfb, 0x74, - 0x35, 0xce, 0xdd, 0xb6, 0x5f, 0x83, 0x18, 0xc4, - 0xe7, 0x31, 0x1a, 0x8d, 0x30, 0x0d, 0xc4, 0x00, - 0x04, 0x8f, 0x30, 0x82, 0x04, 0x8b, 0x30, 0x82, - 0x03, 0x73, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, - 0x0e, 0x47, 0x07, 0xb1, 0x01, 0x9a, 0x0c, 0x57, - 0xad, 0x39, 0xb3, 0xe1, 0x7d, 0xa9, 0xf9, 0x30, - 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, - 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x57, - 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x42, 0x45, 0x31, 0x19, 0x30, - 0x17, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x10, - 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x53, 0x69, - 0x67, 0x6e, 0x20, 0x6e, 0x76, 0x2d, 0x73, 0x61, - 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, - 0x0b, 0x13, 0x07, 0x52, 0x6f, 0x6f, 0x74, 0x20, - 0x43, 0x41, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x13, 0x12, 0x47, 0x6c, 0x6f, - 0x62, 0x61, 0x6c, 0x53, 0x69, 0x67, 0x6e, 0x20, - 0x52, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x30, - 0x1e, 0x17, 0x0d, 0x31, 0x35, 0x30, 0x39, 0x30, - 0x34, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, - 0x17, 0x0d, 0x32, 0x35, 0x30, 0x39, 0x30, 0x34, - 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, - 0x66, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, - 0x04, 0x06, 0x13, 0x02, 0x42, 0x45, 0x31, 0x19, - 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, - 0x10, 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x53, - 0x69, 0x67, 0x6e, 0x20, 0x6e, 0x76, 0x2d, 0x73, - 0x61, 0x31, 0x3c, 0x30, 0x3a, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x13, 0x33, 0x47, 0x6c, 0x6f, 0x62, - 0x61, 0x6c, 0x53, 0x69, 0x67, 0x6e, 0x20, 0x4f, - 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x20, 0x56, 0x61, 0x6c, 0x69, - 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x43, - 0x41, 0x20, 0x2d, 0x20, 0x53, 0x48, 0x41, 0x32, - 0x35, 0x36, 0x20, 0x2d, 0x20, 0x47, 0x33, 0x30, - 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, - 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, - 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, - 0xc9, 0x86, 0xa2, 0x05, 0x3e, 0xec, 0x77, 0x4d, - 0x79, 0x42, 0x81, 0xf2, 0xc5, 0x46, 0xa9, 0xc2, - 0x9b, 0xf9, 0x57, 0xa9, 0x48, 0xdd, 0x3c, 0x3b, - 0xe2, 0x16, 0x47, 0x83, 0x15, 0x0c, 0x36, 0x88, - 0x61, 0xb3, 0xc8, 0xb9, 0xd5, 0x20, 0x97, 0xb6, - 0xfe, 0x07, 0x30, 0x01, 0x9e, 0x01, 0x3a, 0xf9, - 0x50, 0x87, 0xa0, 0x4f, 0x60, 0xcc, 0x90, 0xf6, - 0xdd, 0x1f, 0xa6, 0xc7, 0x55, 0x00, 0x6c, 0x54, - 0x31, 0x5f, 0x02, 0x9a, 0xf7, 0x7f, 0x07, 0x9a, - 0xd2, 0x22, 0x53, 0x05, 0xcd, 0x9f, 0xc7, 0xbb, - 0x7b, 0x59, 0x3b, 0x8a, 0xb2, 0x93, 0x78, 0x0d, - 0x43, 0x02, 0x92, 0x76, 0xa5, 0x29, 0xf8, 0x7c, - 0x9d, 0x5c, 0x3a, 0xa2, 0xf8, 0x52, 0x72, 0x22, - 0x45, 0x91, 0xfd, 0x90, 0x12, 0x28, 0x4d, 0x75, - 0xe4, 0xdd, 0xaa, 0x79, 0x58, 0x68, 0x6f, 0x2a, - 0x7e, 0x7b, 0xef, 0xd1, 0x9e, 0x7f, 0x52, 0xdc, - 0xcb, 0x1c, 0x48, 0xe2, 0x3e, 0x4d, 0x5c, 0x47, - 0x7a, 0xb4, 0xf1, 0xce, 0xff, 0xd9, 0x60, 0x2b, - 0x77, 0xd1, 0x62, 0x22, 0x2d, 0xa9, 0x5a, 0x06, - 0x16, 0xee, 0x37, 0x6a, 0x51, 0xcf, 0x8e, 0xa5, - 0xd1, 0x6e, 0x70, 0x4a, 0xf0, 0xd8, 0x63, 0x60, - 0x6a, 0x72, 0x55, 0xd7, 0xf1, 0x99, 0x38, 0x86, - 0x44, 0x67, 0x18, 0xe0, 0x71, 0x8e, 0xc1, 0x40, - 0x6d, 0x85, 0xda, 0x4b, 0xdd, 0x31, 0x73, 0xbc, - 0x32, 0xcc, 0x6f, 0x8e, 0x7b, 0xb9, 0x8d, 0x4b, - 0x80, 0xda, 0xb9, 0xc7, 0xc6, 0x24, 0x83, 0x5e, - 0x32, 0xfb, 0x87, 0xe9, 0x8b, 0x61, 0x67, 0xa2, - 0x99, 0x76, 0xdb, 0xa5, 0xaa, 0xb4, 0xe8, 0x6c, - 0x41, 0x9f, 0x5f, 0x2a, 0xb3, 0xd5, 0x7d, 0xd7, - 0x92, 0xc8, 0x27, 0x4b, 0xec, 0x1f, 0xda, 0x05, - 0x6d, 0x88, 0x73, 0x8f, 0x06, 0xb2, 0x38, 0x3d, - 0x03, 0xa2, 0xe1, 0x87, 0x86, 0x3c, 0xc6, 0xa1, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x01, - 0x44, 0x30, 0x82, 0x01, 0x40, 0x30, 0x0e, 0x06, - 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, - 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x1d, 0x06, - 0x03, 0x55, 0x1d, 0x25, 0x04, 0x16, 0x30, 0x14, - 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, - 0x03, 0x01, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x02, 0x30, 0x12, 0x06, 0x03, - 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08, - 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x00, - 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, - 0x16, 0x04, 0x14, 0x68, 0x86, 0xb8, 0x7d, 0x7a, - 0xd9, 0x6d, 0x49, 0x6b, 0x87, 0x2f, 0x18, 0x8b, - 0x15, 0x34, 0x6c, 0xd7, 0xb4, 0x7a, 0x0e, 0x30, - 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, - 0x30, 0x16, 0x80, 0x14, 0x60, 0x7b, 0x66, 0x1a, - 0x45, 0x0d, 0x97, 0xca, 0x89, 0x50, 0x2f, 0x7d, - 0x04, 0xcd, 0x34, 0xa8, 0xff, 0xfc, 0xfd, 0x4b, - 0x30, 0x3d, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x01, 0x01, 0x04, 0x31, 0x30, 0x2f, - 0x30, 0x2d, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x30, 0x01, 0x86, 0x21, 0x68, 0x74, - 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x6f, 0x63, 0x73, - 0x70, 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, - 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d, - 0x2f, 0x72, 0x6f, 0x6f, 0x74, 0x72, 0x31, 0x30, - 0x33, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x2c, - 0x30, 0x2a, 0x30, 0x28, 0xa0, 0x26, 0xa0, 0x24, - 0x86, 0x22, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, - 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x67, 0x6c, 0x6f, - 0x62, 0x61, 0x6c, 0x73, 0x69, 0x67, 0x6e, 0x2e, - 0x63, 0x6f, 0x6d, 0x2f, 0x72, 0x6f, 0x6f, 0x74, - 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x47, 0x06, 0x03, - 0x55, 0x1d, 0x20, 0x04, 0x40, 0x30, 0x3e, 0x30, - 0x3c, 0x06, 0x04, 0x55, 0x1d, 0x20, 0x00, 0x30, - 0x34, 0x30, 0x32, 0x06, 0x08, 0x2b, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x02, 0x01, 0x16, 0x26, 0x68, - 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, - 0x77, 0x77, 0x2e, 0x67, 0x6c, 0x6f, 0x62, 0x61, - 0x6c, 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, - 0x6d, 0x2f, 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, - 0x74, 0x6f, 0x72, 0x79, 0x2f, 0x30, 0x0d, 0x06, - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, - 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, - 0x00, 0x9a, 0xb9, 0x82, 0x1c, 0xdd, 0x83, 0x83, - 0x8b, 0x92, 0xc0, 0xc4, 0xed, 0x01, 0xad, 0x84, - 0xfc, 0x4e, 0xee, 0x6d, 0x9c, 0x1d, 0x01, 0xfa, - 0x52, 0x14, 0xdb, 0xd8, 0xc2, 0x10, 0x63, 0x9f, - 0x6b, 0x39, 0x9a, 0xc7, 0x1c, 0x3c, 0xa0, 0xaa, - 0xe3, 0x19, 0x3a, 0xfc, 0x64, 0x46, 0x2a, 0xef, - 0x35, 0x26, 0x03, 0xf6, 0x05, 0x67, 0xfa, 0x6e, - 0x74, 0xe1, 0x46, 0xfb, 0x40, 0xd8, 0x6f, 0xae, - 0x2d, 0x39, 0x21, 0x74, 0x86, 0x9f, 0x00, 0x05, - 0x1a, 0x3f, 0x2f, 0x93, 0x5b, 0xd4, 0xa4, 0x45, - 0xbc, 0x3d, 0x0c, 0x29, 0x17, 0x5a, 0xd3, 0xfb, - 0x68, 0xa6, 0x0f, 0xe0, 0x00, 0x68, 0x79, 0xb0, - 0x4c, 0xb1, 0x45, 0x8b, 0xc8, 0x85, 0x8c, 0x67, - 0x0e, 0x8c, 0x7d, 0x54, 0xf8, 0xb0, 0x75, 0xce, - 0x0a, 0xac, 0x1d, 0xd7, 0x6b, 0x44, 0xac, 0xfe, - 0x1b, 0xd4, 0xa6, 0x98, 0x21, 0x09, 0x3e, 0xa2, - 0x4b, 0x33, 0xba, 0xba, 0x4b, 0x12, 0xa8, 0x6b, - 0x57, 0x27, 0x9d, 0xfa, 0x94, 0x80, 0xb4, 0x68, - 0x4c, 0x77, 0x60, 0xff, 0xd7, 0x29, 0x5a, 0x38, - 0x3d, 0xce, 0x2d, 0x4b, 0x08, 0x56, 0x9f, 0x69, - 0xcb, 0x7b, 0xd8, 0xe2, 0x36, 0xf9, 0x37, 0x69, - 0xc5, 0xce, 0x36, 0x97, 0x1c, 0xba, 0x0d, 0x3f, - 0x15, 0xb3, 0x65, 0xa0, 0xec, 0x74, 0x12, 0xbd, - 0xb3, 0xad, 0xe8, 0xde, 0x9e, 0xa1, 0xec, 0xd3, - 0xbf, 0xa9, 0xe0, 0xa5, 0x91, 0x6d, 0x83, 0x59, - 0x12, 0x56, 0x2f, 0x13, 0xa6, 0x7e, 0x79, 0x73, - 0xa1, 0xa3, 0x89, 0xd5, 0xe1, 0xa5, 0x8c, 0xce, - 0x2d, 0xac, 0x8a, 0xcf, 0x62, 0x16, 0x65, 0xcd, - 0xd9, 0xee, 0xa8, 0xb6, 0x40, 0x08, 0xb5, 0x7c, - 0x50, 0xf9, 0x37, 0x82, 0x7a, 0xa4, 0x0b, 0x34, - 0x66, 0xec, 0xe9, 0x97, 0x57, 0x1f, 0x8a, 0x67, - 0x3e, 0x81, 0xbc, 0x3b, 0x35, 0xd3, 0x2a, 0x48, - 0x0c, 0x0c, 0x00, 0x01, 0x69, 0x03, 0x00, 0x18, - 0x61, 0x04, 0xb7, 0xa9, 0xbd, 0x74, 0x71, 0xd5, - 0x68, 0xbf, 0xd8, 0xa6, 0x84, 0x12, 0xaf, 0x8f, - 0xd4, 0x2c, 0xcf, 0xf9, 0x72, 0x2b, 0x8c, 0x6c, - 0x73, 0xa3, 0x13, 0x74, 0xdb, 0x83, 0x3e, 0xa6, - 0xf4, 0x1b, 0xee, 0xa9, 0x34, 0xe5, 0x65, 0xa7, - 0xaf, 0xef, 0xf2, 0xac, 0xfb, 0x87, 0xb4, 0xdb, - 0x8b, 0x05, 0x4f, 0xe8, 0x25, 0x3d, 0x32, 0x65, - 0xda, 0x47, 0xd8, 0xd2, 0x86, 0xad, 0x9b, 0x37, - 0xbc, 0x45, 0xef, 0xb6, 0x91, 0xa2, 0x71, 0x2f, - 0x13, 0x68, 0xfa, 0xa7, 0x20, 0xe4, 0x8a, 0xa8, - 0x9b, 0xbe, 0xf6, 0x7c, 0xc8, 0x16, 0xd4, 0x50, - 0x9d, 0x63, 0xb3, 0xf4, 0x6e, 0xd3, 0x8f, 0x32, - 0x68, 0x66, 0x04, 0x01, 0x01, 0x00, 0xaa, 0xcb, - 0x90, 0xbd, 0x94, 0x10, 0xab, 0xfc, 0x30, 0x1d, - 0x68, 0x1c, 0xb4, 0x21, 0xcf, 0x73, 0xa5, 0x4b, - 0x20, 0x94, 0xde, 0x66, 0x99, 0x54, 0x3f, 0xba, - 0x40, 0x58, 0x50, 0xe3, 0x64, 0x53, 0x90, 0x9e, - 0xf8, 0x67, 0xcc, 0x85, 0x4a, 0xdc, 0xd8, 0xd7, - 0xc8, 0xb5, 0xe0, 0x92, 0x02, 0x6b, 0xa8, 0x76, - 0x67, 0xc5, 0xae, 0x12, 0x56, 0xff, 0xd1, 0xda, - 0xc0, 0x48, 0x17, 0x99, 0xc9, 0xbe, 0x02, 0xc6, - 0x9e, 0x5c, 0xd9, 0x44, 0x3f, 0x06, 0xbd, 0x98, - 0xe3, 0x4d, 0x46, 0x10, 0xe8, 0x20, 0xed, 0x7b, - 0xcd, 0x73, 0xed, 0x03, 0x6a, 0x4c, 0x49, 0xaf, - 0xbe, 0xa3, 0xe0, 0xab, 0x9a, 0xb8, 0xf8, 0x06, - 0x25, 0x31, 0x8d, 0x32, 0x44, 0xfd, 0xd6, 0xb0, - 0xd4, 0x6c, 0x9a, 0x2a, 0x0f, 0xab, 0xe2, 0x13, - 0x10, 0x6d, 0x41, 0x0b, 0x97, 0x74, 0xa0, 0x04, - 0x16, 0x60, 0xf1, 0x8e, 0x74, 0xf3, 0x91, 0x75, - 0x2b, 0x92, 0x2b, 0xc7, 0x5b, 0x6f, 0x1d, 0x70, - 0xe2, 0xc6, 0x9a, 0x7d, 0x66, 0x55, 0x98, 0x01, - 0x71, 0xb8, 0xdd, 0xf4, 0x70, 0xc9, 0x74, 0x56, - 0xcc, 0xa5, 0x2c, 0x51, 0x70, 0x72, 0xc2, 0x44, - 0xb9, 0x59, 0xc3, 0xc3, 0xf8, 0x29, 0x4e, 0x79, - 0x40, 0x9b, 0x30, 0x35, 0x66, 0xb2, 0xd8, 0x7d, - 0xfe, 0x65, 0x6b, 0xf0, 0x17, 0xa3, 0x13, 0xc7, - 0xc7, 0xc6, 0x48, 0xb2, 0xae, 0x4f, 0x26, 0x0b, - 0x8a, 0x40, 0xaa, 0x06, 0x65, 0x8a, 0x95, 0x00, - 0xc4, 0xc9, 0xfd, 0x69, 0x0a, 0xa9, 0x0a, 0x18, - 0xff, 0x95, 0x40, 0xab, 0x84, 0x75, 0xfe, 0x11, - 0xb1, 0x6f, 0xca, 0x5e, 0xf7, 0xe4, 0x1d, 0x8d, - 0x08, 0x1c, 0xd3, 0x95, 0xf4, 0x9b, 0x17, 0x41, - 0xa8, 0x8f, 0x6e, 0xfa, 0x6c, 0x43, 0x60, 0x39, - 0x0a, 0xa2, 0x7e, 0xdf, 0x3e, 0x74, 0xc2, 0xbf, - 0xaf, 0x96, 0x96, 0xbd, 0x21, 0x4b, 0x0d, 0x00, - 0x00, 0x1a, 0x03, 0x01, 0x02, 0x40, 0x00, 0x12, - 0x04, 0x01, 0x05, 0x01, 0x02, 0x01, 0x04, 0x03, - 0x05, 0x03, 0x02, 0x03, 0x02, 0x02, 0x06, 0x01, - 0x06, 0x03, 0x00, 0x00, 0x0e, 0x00, 0x00, 0x00, -}; - -struct tlslegacy_client_test { - const unsigned char *desc; - unsigned char *server_response; - const size_t server_response_len; - const SSL_METHOD *(*ssl_method)(void); - int want_state; -}; - -static struct tlslegacy_client_test tlslegacy_client_tests[] = { - { - .desc = "TLSv1.2 legacy fallback", - .server_response = tls12_server_response, - .server_response_len = sizeof(tls12_server_response), - .ssl_method = TLS_client_method, - .want_state = SSL3_ST_CR_CERT_A, - }, - { - .desc = "TLSv1.2 legacy fallback with server cert", - .server_response = tls12_server_response_with_cert, - .server_response_len = sizeof(tls12_server_response_with_cert), - .ssl_method = TLS_client_method, - .want_state = SSL3_ST_CR_KEY_EXCH_B, - }, -}; - -#define N_TLSLEGACY_CLIENT_TESTS \ - (sizeof(tlslegacy_client_tests) / sizeof(*tlslegacy_client_tests)) - -static int -tlslegacy_client_test(int testno, struct tlslegacy_client_test *tct) -{ - BIO *rbio = NULL, *wbio = NULL; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int ret = 1; - - fprintf(stderr, "Test %i - %s\n", testno, tct->desc); - - if ((rbio = BIO_new_mem_buf(tct->server_response, - tct->server_response_len)) == NULL) { - fprintf(stderr, "Failed to setup rbio\n"); - goto failure; - } - if ((wbio = BIO_new(BIO_s_mem())) == NULL) { - fprintf(stderr, "Failed to setup wbio\n"); - goto failure; - } - - if ((ssl_ctx = SSL_CTX_new(tct->ssl_method())) == NULL) { - fprintf(stderr, "SSL_CTX_new() returned NULL\n"); - goto failure; - } - - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new() returned NULL\n"); - goto failure; - } - - rbio->references = 2; - wbio->references = 2; - - SSL_set_bio(ssl, rbio, wbio); - - if (SSL_connect(ssl) == 1) { - fprintf(stderr, "SSL_connect() succeeded\n"); - goto failure; - } - - if (SSL_state(ssl) != tct->want_state) { - fprintf(stderr, "FAIL: Got SSL state %x, want %x", - SSL_state(ssl), tct->want_state); - goto failure; - } - - ret = 0; - - failure: - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - - rbio->references = 1; - wbio->references = 1; - - BIO_free(rbio); - BIO_free(wbio); - - return (ret); -} - -int -main(int argc, char **argv) -{ - int failed = 0; - size_t i; - - for (i = 0; i < N_TLSLEGACY_CLIENT_TESTS; i++) - failed |= tlslegacy_client_test(i, &tlslegacy_client_tests[i]); - - return (failed); -} diff --git a/src/regress/lib/libssl/unit/Makefile b/src/regress/lib/libssl/unit/Makefile deleted file mode 100644 index a1935bbd88..0000000000 --- a/src/regress/lib/libssl/unit/Makefile +++ /dev/null @@ -1,27 +0,0 @@ -# $OpenBSD: Makefile,v 1.12 2021/05/03 23:42:04 inoguchi Exp $ - -TEST_CASES+= cipher_list -TEST_CASES+= ssl_get_shared_ciphers -TEST_CASES+= ssl_methods -TEST_CASES+= ssl_versions -TEST_CASES+= tls_ext_alpn -TEST_CASES+= tls_prf - -REGRESS_TARGETS= all_tests - -WARNINGS= Yes -LDLIBS= ${SSL_INT} -lcrypto -CFLAGS+= -DLIBRESSL_INTERNAL -Wall -Wundef -Werror -CFLAGS+= -DCERTSDIR=\"${.CURDIR}/../certs\" -CFLAGS+= -I${.CURDIR}/../../../../lib/libssl - -CLEANFILES+= ${TEST_CASES} - -all_tests: ${TEST_CASES} - @for test in $>; do \ - ./$$test; \ - done - -${TEST_CASES}: ${LIBSSL} ${LIBCRYPTO} - -.include diff --git a/src/regress/lib/libssl/unit/cipher_list.c b/src/regress/lib/libssl/unit/cipher_list.c deleted file mode 100644 index 9a5d978140..0000000000 --- a/src/regress/lib/libssl/unit/cipher_list.c +++ /dev/null @@ -1,204 +0,0 @@ -/* $OpenBSD: cipher_list.c,v 1.10 2021/01/09 12:39:22 tb Exp $ */ -/* - * Copyright (c) 2015 Doug Hogan - * Copyright (c) 2015 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Test TLS ssl bytes (aka cipher suites) to cipher list and back. - * - * TLSv1.0 - RFC 2246 section 7.4.1.2 (ClientHello struct) - * TLSv1.1 - RFC 4346 section 7.4.1.2 (ClientHello struct) - * TLSv1.2 - RFC 5246 section 7.4.1.2 (ClientHello struct) - * - * In all of these standards, the relevant structures are: - * - * uint8 CipherSuite[2]; - * - * struct { - * ... - * CipherSuite cipher_suites<2..2^16-2> - * ... - * } ClientHello; - */ - -#include - -#include -#include - -#include "ssl_locl.h" - -#include "tests.h" - -static uint8_t cipher_bytes[] = { - 0xcc, 0xa8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */ - 0xcc, 0xa9, /* ECDHE-RSA-CHACHA20-POLY1305 */ - 0xcc, 0xaa, /* DHE-RSA-CHACHA20-POLY1305 */ - 0x00, 0x9c, /* AES128-GCM-SHA256 */ - 0x00, 0x3d, /* AES256-SHA256 */ -}; - -static uint16_t cipher_values[] = { - 0xcca8, /* ECDHE-ECDSA-CHACHA20-POLY1305 */ - 0xcca9, /* ECDHE-RSA-CHACHA20-POLY1305 */ - 0xccaa, /* DHE-RSA-CHACHA20-POLY1305 */ - 0x009c, /* AES128-GCM-SHA256 */ - 0x003d, /* AES256-SHA256 */ -}; - -#define N_CIPHERS (sizeof(cipher_bytes) / 2) - -static int -ssl_bytes_to_list_alloc(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) -{ - SSL_CIPHER *cipher; - uint16_t value; - CBS cbs; - int i; - - CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes)); - - *ciphers = ssl_bytes_to_cipher_list(s, &cbs); - CHECK(*ciphers != NULL); - CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS); - for (i = 0; i < sk_SSL_CIPHER_num(*ciphers); i++) { - cipher = sk_SSL_CIPHER_value(*ciphers, i); - CHECK(cipher != NULL); - value = SSL_CIPHER_get_value(cipher); - CHECK(value == cipher_values[i]); - } - - return 1; -} - -static int -ssl_list_to_bytes_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) -{ - CBB cbb; - unsigned char *buf = NULL; - size_t buflen, outlen; - int ret = 0; - - /* Space for cipher bytes, plus reneg SCSV and two spare bytes. */ - CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS); - buflen = sizeof(cipher_bytes) + 2 + 2; - CHECK((buf = calloc(1, buflen)) != NULL); - - CHECK(CBB_init_fixed(&cbb, buf, buflen)); - CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb)); - CHECK(CBB_finish(&cbb, NULL, &outlen)); - - CHECK_GOTO(outlen > 0 && outlen == buflen - 2); - CHECK_GOTO(memcmp(buf, cipher_bytes, sizeof(cipher_bytes)) == 0); - CHECK_GOTO(buf[buflen - 4] == 0x00 && buf[buflen - 3] == 0xff); - CHECK_GOTO(buf[buflen - 2] == 0x00 && buf[buflen - 1] == 0x00); - - ret = 1; - -err: - free(buf); - return ret; -} - -static int -ssl_list_to_bytes_no_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) -{ - CBB cbb; - unsigned char *buf = NULL; - size_t buflen, outlen; - int ret = 0; - - /* Space for cipher bytes and two spare bytes */ - CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS); - buflen = sizeof(cipher_bytes) + 2; - CHECK((buf = calloc(1, buflen)) != NULL); - buf[buflen - 2] = 0xfe; - buf[buflen - 1] = 0xab; - - /* Set renegotiate so it doesn't add SCSV */ - s->internal->renegotiate = 1; - - CHECK(CBB_init_fixed(&cbb, buf, buflen)); - CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb)); - CHECK(CBB_finish(&cbb, NULL, &outlen)); - - CHECK_GOTO(outlen > 0 && outlen == buflen - 2); - CHECK_GOTO(memcmp(buf, cipher_bytes, sizeof(cipher_bytes)) == 0); - CHECK_GOTO(buf[buflen - 2] == 0xfe && buf[buflen - 1] == 0xab); - - ret = 1; - -err: - free(buf); - return ret; -} - -static int -ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) -{ - uint8_t empty_cipher_bytes[] = {0}; - CBS cbs; - - sk_SSL_CIPHER_free(*ciphers); - - /* Invalid length: CipherSuite is 2 bytes so it must be even */ - CBS_init(&cbs, cipher_bytes, sizeof(cipher_bytes) - 1); - *ciphers = ssl_bytes_to_cipher_list(s, &cbs); - CHECK(*ciphers == NULL); - - /* Invalid length: cipher_suites must be at least 2 */ - CBS_init(&cbs, empty_cipher_bytes, sizeof(empty_cipher_bytes)); - *ciphers = ssl_bytes_to_cipher_list(s, &cbs); - CHECK(*ciphers == NULL); - - return 1; -} - -int -main(void) -{ - STACK_OF(SSL_CIPHER) *ciphers = NULL; - SSL_CTX *ctx = NULL; - SSL *s = NULL; - int rv = 1; - - SSL_library_init(); - - /* Use TLSv1.2 client to get all ciphers. */ - CHECK_GOTO((ctx = SSL_CTX_new(TLSv1_2_client_method())) != NULL); - CHECK_GOTO((s = SSL_new(ctx)) != NULL); - - if (!ssl_bytes_to_list_alloc(s, &ciphers)) - goto err; - if (!ssl_list_to_bytes_scsv(s, &ciphers)) - goto err; - if (!ssl_list_to_bytes_no_scsv(s, &ciphers)) - goto err; - if (!ssl_bytes_to_list_invalid(s, &ciphers)) - goto err; - - rv = 0; - -err: - sk_SSL_CIPHER_free(ciphers); - SSL_CTX_free(ctx); - SSL_free(s); - - if (!rv) - printf("PASS %s\n", __FILE__); - - return rv; -} diff --git a/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c b/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c deleted file mode 100644 index 212ea99f30..0000000000 --- a/src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c +++ /dev/null @@ -1,482 +0,0 @@ -/* $OpenBSD: ssl_get_shared_ciphers.c,v 1.10 2021/05/04 18:20:05 tb Exp $ */ -/* - * Copyright (c) 2021 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include - -#include -#include -#include -#include - -struct peer_config { - const char *name; - int server; - uint16_t max_version; - uint16_t min_version; - const char *ciphers; -}; - -struct ssl_shared_ciphers_test_data { - const char *description; - struct peer_config client_config; - struct peer_config server_config; - const char *shared_ciphers; - const char *shared_ciphers_without_aesni; -}; - -char *server_cert; -char *server_key; - -static const struct ssl_shared_ciphers_test_data ssl_shared_ciphers_tests[] = { - { - .description = "TLSv1.3 defaults", - .client_config = { - .name = "client", - .server = 0, - .max_version = TLS1_3_VERSION, - .min_version = TLS1_3_VERSION, - .ciphers = - "AEAD-AES256-GCM-SHA384:" - "AEAD-CHACHA20-POLY1305-SHA256:" - "AEAD-AES128-GCM-SHA256", - }, - .server_config = { - .name = "server", - .server = 1, - .max_version = TLS1_3_VERSION, - .min_version = TLS1_3_VERSION, - .ciphers = - "AEAD-AES256-GCM-SHA384:" - "AEAD-CHACHA20-POLY1305-SHA256:" - "AEAD-AES128-GCM-SHA256", - }, - .shared_ciphers = - "AEAD-AES256-GCM-SHA384:" - "AEAD-CHACHA20-POLY1305-SHA256:" - "AEAD-AES128-GCM-SHA256", - }, - - { - .description = "TLSv1.3, client without ChaCha", - .client_config = { - .name = "client", - .server = 0, - .max_version = TLS1_3_VERSION, - .min_version = TLS1_3_VERSION, - .ciphers = - "AEAD-AES256-GCM-SHA384:" - "AEAD-AES128-GCM-SHA256", - }, - .server_config = { - .name = "server", - .server = 1, - .max_version = TLS1_3_VERSION, - .min_version = TLS1_3_VERSION, - .ciphers = - "AEAD-AES256-GCM-SHA384:" - "AEAD-CHACHA20-POLY1305-SHA256:" - "AEAD-AES128-GCM-SHA256", - }, - .shared_ciphers = - "AEAD-AES256-GCM-SHA384:" - "AEAD-AES128-GCM-SHA256", - }, - - { - .description = "TLSv1.2", - .client_config = { - .name = "client", - .server = 0, - .max_version = TLS1_2_VERSION, - .min_version = TLS1_2_VERSION, - .ciphers = - "ECDHE-RSA-AES256-GCM-SHA384:" - "ECDHE-ECDSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-SHA384:" - "ECDHE-ECDSA-AES256-SHA384:" - "ECDHE-RSA-AES256-SHA:" - "ECDHE-ECDSA-AES256-SHA", - }, - .server_config = { - .name = "server", - .server = 1, - .max_version = TLS1_2_VERSION, - .min_version = TLS1_2_VERSION, - .ciphers = - "ECDHE-RSA-AES256-GCM-SHA384:" - "ECDHE-ECDSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-SHA384:" - "ECDHE-ECDSA-AES256-SHA384:" - "ECDHE-RSA-AES256-SHA:" - "ECDHE-ECDSA-AES256-SHA", - }, - .shared_ciphers = - "ECDHE-RSA-AES256-GCM-SHA384:" - "ECDHE-ECDSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-SHA384:" - "ECDHE-ECDSA-AES256-SHA384:" - "ECDHE-RSA-AES256-SHA:" - "ECDHE-ECDSA-AES256-SHA", - }, - - { - .description = "TLSv1.2, server without ECDSA", - .client_config = { - .name = "client", - .server = 0, - .max_version = TLS1_2_VERSION, - .min_version = TLS1_2_VERSION, - .ciphers = - "ECDHE-RSA-AES256-GCM-SHA384:" - "ECDHE-ECDSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-SHA384:" - "ECDHE-ECDSA-AES256-SHA384:" - "ECDHE-RSA-AES256-SHA:" - "ECDHE-ECDSA-AES256-SHA", - }, - .server_config = { - .name = "server", - .server = 1, - .max_version = TLS1_2_VERSION, - .min_version = TLS1_2_VERSION, - .ciphers = - "ECDHE-RSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-SHA384:" - "ECDHE-RSA-AES256-SHA", - }, - .shared_ciphers = - "ECDHE-RSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-SHA384:" - "ECDHE-RSA-AES256-SHA", - }, - - { - .description = "TLSv1.3 ciphers are prepended", - .client_config = { - .name = "client", - .server = 0, - .max_version = TLS1_3_VERSION, - .min_version = TLS1_2_VERSION, - .ciphers = - "ECDHE-RSA-AES256-GCM-SHA384", - }, - .server_config = { - .name = "server", - .server = 1, - .max_version = TLS1_3_VERSION, - .min_version = TLS1_2_VERSION, - .ciphers = - "ECDHE-RSA-AES256-GCM-SHA384", - }, - .shared_ciphers = - "AEAD-AES256-GCM-SHA384:" - "AEAD-CHACHA20-POLY1305-SHA256:" - "AEAD-AES128-GCM-SHA256:" - "ECDHE-RSA-AES256-GCM-SHA384", - .shared_ciphers_without_aesni = - "AEAD-CHACHA20-POLY1305-SHA256:" - "AEAD-AES256-GCM-SHA384:" - "AEAD-AES128-GCM-SHA256:" - "ECDHE-RSA-AES256-GCM-SHA384", - }, -}; - -static const size_t N_SHARED_CIPHERS_TESTS = - sizeof(ssl_shared_ciphers_tests) / sizeof(ssl_shared_ciphers_tests[0]); - -static SSL_CTX * -peer_config_to_ssl_ctx(const struct peer_config *config) -{ - SSL_CTX *ctx; - - if ((ctx = SSL_CTX_new(TLS_method())) == NULL) { - fprintf(stderr, "SSL_CTX_new(%s) failed\n", config->name); - goto err; - } - if (!SSL_CTX_set_max_proto_version(ctx, config->max_version)) { - fprintf(stderr, "max_proto_version(%s) failed\n", config->name); - goto err; - } - if (!SSL_CTX_set_min_proto_version(ctx, config->min_version)) { - fprintf(stderr, "min_proto_version(%s) failed\n", config->name); - goto err; - } - if (!SSL_CTX_set_cipher_list(ctx, config->ciphers)) { - fprintf(stderr, "set_cipher_list(%s) failed\n", config->name); - goto err; - } - - if (config->server) { - if (!SSL_CTX_use_certificate_file(ctx, server_cert, - SSL_FILETYPE_PEM)) { - fprintf(stderr, "use_certificate_file(%s) failed\n", - config->name); - goto err; - } - if (!SSL_CTX_use_PrivateKey_file(ctx, server_key, - SSL_FILETYPE_PEM)) { - fprintf(stderr, "use_PrivateKey_file(%s) failed\n", - config->name); - goto err; - } - } - - return ctx; - - err: - SSL_CTX_free(ctx); - return NULL; -} - -/* Connect client and server via a pair of "nonblocking" memory BIOs. */ -static int -connect_peers(SSL *client_ssl, SSL *server_ssl, const char *description) -{ - BIO *client_wbio = NULL, *server_wbio = NULL; - int ret = 0; - - if ((client_wbio = BIO_new(BIO_s_mem())) == NULL) { - fprintf(stderr, "%s: failed to create client BIO\n", - description); - goto err; - } - if ((server_wbio = BIO_new(BIO_s_mem())) == NULL) { - fprintf(stderr, "%s: failed to create server BIO\n", - description); - goto err; - } - if (BIO_set_mem_eof_return(client_wbio, -1) <= 0) { - fprintf(stderr, "%s: failed to set client eof return\n", - description); - goto err; - } - if (BIO_set_mem_eof_return(server_wbio, -1) <= 0) { - fprintf(stderr, "%s: failed to set server eof return\n", - description); - goto err; - } - - /* Avoid double free. SSL_set_bio() takes ownership of the BIOs. */ - BIO_up_ref(client_wbio); - BIO_up_ref(server_wbio); - - SSL_set_bio(client_ssl, server_wbio, client_wbio); - SSL_set_bio(server_ssl, client_wbio, server_wbio); - client_wbio = NULL; - server_wbio = NULL; - - ret = 1; - - err: - BIO_free(client_wbio); - BIO_free(server_wbio); - - return ret; -} - -static int -push_data_to_peer(SSL *ssl, int *ret, int (*func)(SSL *), const char *func_name, - const char *description) -{ - int ssl_err = 0; - - if (*ret == 1) - return 1; - - /* - * Do SSL_connect/SSL_accept/SSL_shutdown once and loop while hitting - * WANT_WRITE. If done or on WANT_READ hand off to peer. - */ - - do { - if ((*ret = func(ssl)) <= 0) - ssl_err = SSL_get_error(ssl, *ret); - } while (*ret <= 0 && ssl_err == SSL_ERROR_WANT_WRITE); - - /* Ignore erroneous error - see SSL_shutdown(3)... */ - if (func == SSL_shutdown && ssl_err == SSL_ERROR_SYSCALL) - return 1; - - if (*ret <= 0 && ssl_err != SSL_ERROR_WANT_READ) { - fprintf(stderr, "%s: %s failed\n", description, func_name); - ERR_print_errors_fp(stderr); - return 0; - } - - return 1; -} - -/* - * Alternate between loops of SSL_connect() and SSL_accept() as long as only - * WANT_READ and WANT_WRITE situations are encountered. A function is repeated - * until WANT_READ is returned or it succeeds, then it's the other function's - * turn to make progress. Succeeds if SSL_connect() and SSL_accept() return 1. - */ -static int -handshake(SSL *client_ssl, SSL *server_ssl, const char *description) -{ - int loops = 0, client_ret = 0, server_ret = 0; - - while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) { - if (!push_data_to_peer(client_ssl, &client_ret, SSL_connect, - "SSL_connect", description)) - return 0; - - if (!push_data_to_peer(server_ssl, &server_ret, SSL_accept, - "SSL_accept", description)) - return 0; - } - - if (client_ret != 1 || server_ret != 1) { - fprintf(stderr, "%s: failed\n", __func__); - return 0; - } - - return 1; -} - -static int -shutdown_peers(SSL *client_ssl, SSL *server_ssl, const char *description) -{ - int loops = 0, client_ret = 0, server_ret = 0; - - while (loops++ < 10 && (client_ret <= 0 || server_ret <= 0)) { - if (!push_data_to_peer(client_ssl, &client_ret, SSL_shutdown, - "client shutdown", description)) - return 0; - - if (!push_data_to_peer(server_ssl, &server_ret, SSL_shutdown, - "server shutdown", description)) - return 0; - } - - if (client_ret != 1 || server_ret != 1) { - fprintf(stderr, "%s: failed\n", __func__); - return 0; - } - - return 1; -} - -/* from ssl_ciph.c */ -static inline int -ssl_aes_is_accelerated(void) -{ -#if defined(__i386__) || defined(__x86_64__) - return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0); -#else - return (0); -#endif -} - -static int -check_shared_ciphers(const struct ssl_shared_ciphers_test_data *test, - const char *got) -{ - const char *want = test->shared_ciphers; - int failed; - - if (!ssl_aes_is_accelerated() && - test->shared_ciphers_without_aesni != NULL) - want = test->shared_ciphers_without_aesni; - - failed = strcmp(want, got); - - if (failed) - fprintf(stderr, "%s: want \"%s\", got \"%s\"\n", - test->description, want, got); - - return failed; -} - -static int -test_get_shared_ciphers(const struct ssl_shared_ciphers_test_data *test) -{ - SSL_CTX *client_ctx = NULL, *server_ctx = NULL; - SSL *client_ssl = NULL, *server_ssl = NULL; - char buf[4096]; - int failed = 1; - - if ((client_ctx = peer_config_to_ssl_ctx(&test->client_config)) == NULL) - goto err; - if ((server_ctx = peer_config_to_ssl_ctx(&test->server_config)) == NULL) - goto err; - - if ((client_ssl = SSL_new(client_ctx)) == NULL) { - fprintf(stderr, "%s: failed to create client SSL\n", - test->description); - goto err; - } - if ((server_ssl = SSL_new(server_ctx)) == NULL) { - fprintf(stderr, "%s: failed to create server SSL\n", - test->description); - goto err; - } - - if (!connect_peers(client_ssl, server_ssl, test->description)) - goto err; - - if (!handshake(client_ssl, server_ssl, test->description)) - goto err; - - if (SSL_get_shared_ciphers(server_ssl, buf, sizeof(buf)) == NULL) { - fprintf(stderr, "%s: failed to get shared ciphers\n", - test->description); - goto err; - } - - if (!shutdown_peers(client_ssl, server_ssl, test->description)) - goto err; - - failed = check_shared_ciphers(test, buf); - - err: - SSL_CTX_free(client_ctx); - SSL_CTX_free(server_ctx); - SSL_free(client_ssl); - SSL_free(server_ssl); - - return failed; -} - -int -main(int argc, char **argv) -{ - size_t i; - int failed = 0; - - if (asprintf(&server_cert, "%s/server.pem", CERTSDIR) == -1) { - fprintf(stderr, "asprintf server_cert failed\n"); - failed = 1; - goto err; - } - server_key = server_cert; - - for (i = 0; i < N_SHARED_CIPHERS_TESTS; i++) - failed |= test_get_shared_ciphers(&ssl_shared_ciphers_tests[i]); - - if (failed == 0) - printf("PASS %s\n", __FILE__); - - err: - free(server_cert); - - return failed; -} diff --git a/src/regress/lib/libssl/unit/ssl_methods.c b/src/regress/lib/libssl/unit/ssl_methods.c deleted file mode 100644 index 0fc33a406c..0000000000 --- a/src/regress/lib/libssl/unit/ssl_methods.c +++ /dev/null @@ -1,267 +0,0 @@ -/* $OpenBSD: ssl_methods.c,v 1.4 2021/04/04 20:21:43 tb Exp $ */ -/* - * Copyright (c) 2020 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -struct ssl_method_test_data { - const SSL_METHOD *(*method)(void); - const char *name; - int server; - int dtls; -}; - -struct ssl_method_test_data ssl_method_tests[] = { - { - .method = SSLv23_method, - .name = "SSLv23_method", - .server = 1, - .dtls = 0, - }, - { - .method = SSLv23_server_method, - .name = "SSLv23_server_method", - .server = 1, - .dtls = 0, - }, - { - .method = SSLv23_client_method, - .name = "SSLv23_client_method", - .server = 0, - .dtls = 0, - }, - - { - .method = TLSv1_method, - .name = "TLSv1_method", - .server = 1, - .dtls = 0, - }, - { - .method = TLSv1_server_method, - .name = "TLSv1_server_method", - .server = 1, - .dtls = 0, - }, - { - .method = TLSv1_client_method, - .name = "TLSv1_client_method", - .server = 0, - .dtls = 0, - }, - - { - .method = TLSv1_1_method, - .name = "TLSv1_1_method", - .server = 1, - .dtls = 0, - }, - { - .method = TLSv1_1_server_method, - .name = "TLSv1_1_server_method", - .server = 1, - .dtls = 0, - }, - { - .method = TLSv1_1_client_method, - .name = "TLSv1_1_client_method", - .server = 0, - .dtls = 0, - }, - - { - .method = TLSv1_2_method, - .name = "TLSv1_2_method", - .server = 1, - .dtls = 0, - }, - { - .method = TLSv1_2_server_method, - .name = "TLSv1_2_server_method", - .server = 1, - .dtls = 0, - }, - { - .method = TLSv1_2_client_method, - .name = "TLSv1_2_client_method", - .server = 0, - .dtls = 0, - }, - - { - .method = TLS_method, - .name = "TLS_method", - .server = 1, - .dtls = 0, - }, - { - .method = TLS_server_method, - .name = "TLS_server_method", - .server = 1, - .dtls = 0, - }, - { - .method = TLS_client_method, - .name = "TLS_client_method", - .server = 0, - .dtls = 0, - }, - - { - .method = DTLSv1_method, - .name = "DTLSv1_method", - .server = 1, - .dtls = 1, - }, - { - .method = DTLSv1_server_method, - .name = "DTLSv1_server_method", - .server = 1, - .dtls = 1, - }, - { - .method = DTLSv1_client_method, - .name = "DTLSv1_client_method", - .server = 0, - .dtls = 1, - }, - - { - .method = DTLSv1_2_method, - .name = "DTLSv1_2_method", - .server = 1, - .dtls = 1, - }, - { - .method = DTLSv1_2_server_method, - .name = "DTLSv1_2_server_method", - .server = 1, - .dtls = 1, - }, - { - .method = DTLSv1_2_client_method, - .name = "DTLSv1_2_client_method", - .server = 0, - .dtls = 1, - }, - - { - .method = DTLS_method, - .name = "DTLS_method", - .server = 1, - .dtls = 1, - }, - { - .method = DTLS_server_method, - .name = "DTLS_server_method", - .server = 1, - .dtls = 1, - }, - { - .method = DTLS_client_method, - .name = "DTLS_client_method", - .server = 0, - .dtls = 1, - }, -}; - -#define N_METHOD_TESTS (sizeof(ssl_method_tests) / sizeof(ssl_method_tests[0])) - -int test_client_or_server_method(struct ssl_method_test_data *); -int test_dtls_method(struct ssl_method_test_data *); - -int -test_client_or_server_method(struct ssl_method_test_data *testcase) -{ - SSL_CTX *ssl_ctx; - SSL *ssl = NULL; - int failed = 1; - - if ((ssl_ctx = SSL_CTX_new(testcase->method())) == NULL) { - fprintf(stderr, "SSL_CTX_new returned NULL\n"); - goto err; - } - - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new returned NULL\n"); - goto err; - } - - if (SSL_is_server(ssl) != testcase->server) { - fprintf(stderr, "%s: SSL_is_server: want %d, got %d\n", - testcase->name, testcase->server, SSL_is_server(ssl)); - goto err; - } - - failed = 0; - - err: - SSL_free(ssl); - SSL_CTX_free(ssl_ctx); - - return failed; -} - -int -test_dtls_method(struct ssl_method_test_data *testcase) -{ - SSL_CTX *ssl_ctx; - SSL *ssl = NULL; - int failed = 1; - - if ((ssl_ctx = SSL_CTX_new(testcase->method())) == NULL) { - fprintf(stderr, "SSL_CTX_new returned NULL\n"); - goto err; - } - - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new returned NULL\n"); - goto err; - } - - if (SSL_is_dtls(ssl) != testcase->dtls) { - fprintf(stderr, "%s: SSL_is_dtls: want %d, got %d\n", - testcase->name, testcase->dtls, SSL_is_dtls(ssl)); - goto err; - } - - failed = 0; - - err: - SSL_free(ssl); - SSL_CTX_free(ssl_ctx); - - return failed; -} - -int -main(int argc, char **argv) -{ - size_t i; - int failed = 0; - - for (i = 0; i < N_METHOD_TESTS; i++) { - failed |= test_client_or_server_method(&ssl_method_tests[i]); - failed |= test_dtls_method(&ssl_method_tests[i]); - } - - if (failed == 0) - printf("PASS %s\n", __FILE__); - - return failed; -} diff --git a/src/regress/lib/libssl/unit/ssl_versions.c b/src/regress/lib/libssl/unit/ssl_versions.c deleted file mode 100644 index 2ca72157ab..0000000000 --- a/src/regress/lib/libssl/unit/ssl_versions.c +++ /dev/null @@ -1,910 +0,0 @@ -/* $OpenBSD: ssl_versions.c,v 1.15 2021/06/27 16:54:55 jsing Exp $ */ -/* - * Copyright (c) 2016, 2017 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "ssl_locl.h" - -struct version_range_test { - const long options; - const uint16_t minver; - const uint16_t maxver; - const uint16_t want_minver; - const uint16_t want_maxver; -}; - -static struct version_range_test version_range_tests[] = { - { - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_3_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_3_VERSION, - }, - { - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_2_VERSION, - }, - { - .options = SSL_OP_NO_TLSv1, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_1_VERSION, - .want_maxver = TLS1_2_VERSION, - }, - { - .options = SSL_OP_NO_TLSv1_3, - .minver = TLS1_VERSION, - .maxver = TLS1_3_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_2_VERSION, - }, - { - .options = SSL_OP_NO_TLSv1_2, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_1_VERSION, - }, - { - .options = SSL_OP_NO_TLSv1_1, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_VERSION, - }, - { - .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_2_VERSION, - .want_maxver = TLS1_2_VERSION, - }, - { - .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_VERSION, - }, - { - .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_1_VERSION, - .want_maxver = TLS1_1_VERSION, - }, - { - .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | - SSL_OP_NO_TLSv1_2, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = 0, - .want_maxver = 0, - }, - { - .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | - SSL_OP_NO_TLSv1_2, - .minver = TLS1_VERSION, - .maxver = TLS1_3_VERSION, - .want_minver = TLS1_3_VERSION, - .want_maxver = TLS1_3_VERSION, - }, - { - .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | - SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3, - .minver = TLS1_VERSION, - .maxver = TLS1_3_VERSION, - .want_minver = 0, - .want_maxver = 0, - }, - { - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_2_VERSION, - }, - { - .options = 0, - .minver = TLS1_1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_1_VERSION, - .want_maxver = TLS1_2_VERSION, - }, - { - .options = 0, - .minver = TLS1_2_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_2_VERSION, - .want_maxver = TLS1_2_VERSION, - }, - { - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_3_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_3_VERSION, - }, - { - .options = 0, - .minver = TLS1_1_VERSION, - .maxver = TLS1_3_VERSION, - .want_minver = TLS1_1_VERSION, - .want_maxver = TLS1_3_VERSION, - }, - { - .options = 0, - .minver = TLS1_2_VERSION, - .maxver = TLS1_3_VERSION, - .want_minver = TLS1_2_VERSION, - .want_maxver = TLS1_3_VERSION, - }, - { - .options = 0, - .minver = TLS1_3_VERSION, - .maxver = TLS1_3_VERSION, - .want_minver = TLS1_3_VERSION, - .want_maxver = TLS1_3_VERSION, - }, - { - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_1_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_1_VERSION, - }, - { - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_VERSION, - }, -}; - -#define N_VERSION_RANGE_TESTS \ - (sizeof(version_range_tests) / sizeof(*version_range_tests)) - -static int -test_ssl_enabled_version_range(void) -{ - struct version_range_test *vrt; - uint16_t minver, maxver; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failed = 1; - size_t i; - - fprintf(stderr, "INFO: starting enabled version range tests...\n"); - - if ((ssl_ctx = SSL_CTX_new(TLS_method())) == NULL) { - fprintf(stderr, "SSL_CTX_new() returned NULL\n"); - goto failure; - } - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new() returned NULL\n"); - goto failure; - } - - failed = 0; - - for (i = 0; i < N_VERSION_RANGE_TESTS; i++) { - vrt = &version_range_tests[i]; - - SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | - SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3); - SSL_set_options(ssl, vrt->options); - - minver = maxver = 0xffff; - ssl->internal->min_tls_version = vrt->minver; - ssl->internal->max_tls_version = vrt->maxver; - - if (ssl_enabled_tls_version_range(ssl, &minver, &maxver) != 1) { - if (vrt->want_minver != 0 || vrt->want_maxver != 0) { - fprintf(stderr, "FAIL: test %zu - failed but " - "wanted non-zero versions\n", i); - failed++; - } - continue; - } - if (minver != vrt->want_minver) { - fprintf(stderr, "FAIL: test %zu - got minver %x, " - "want %x\n", i, minver, vrt->want_minver); - failed++; - } - if (maxver != vrt->want_maxver) { - fprintf(stderr, "FAIL: test %zu - got maxver %x, " - "want %x\n", i, maxver, vrt->want_maxver); - failed++; - } - } - - failure: - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - - return (failed); -} - -struct shared_version_test { - const SSL_METHOD *(*ssl_method)(void); - const long options; - const uint16_t minver; - const uint16_t maxver; - const uint16_t peerver; - const uint16_t want_maxver; -}; - -static struct shared_version_test shared_version_tests[] = { - { - .ssl_method = TLS_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = SSL2_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = TLS_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = SSL3_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = TLS_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_VERSION, - .want_maxver = TLS1_VERSION, - }, - { - .ssl_method = TLS_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_1_VERSION, - .want_maxver = TLS1_1_VERSION, - }, - { - .ssl_method = TLS_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_2_VERSION, - .want_maxver = TLS1_2_VERSION, - }, - { - .ssl_method = TLS_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_3_VERSION, - .want_maxver = TLS1_2_VERSION, - }, - { - .ssl_method = TLS_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = 0x7f12, - .want_maxver = TLS1_2_VERSION, - }, - { - .ssl_method = TLS_method, - .options = SSL_OP_NO_TLSv1_2, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_2_VERSION, - .want_maxver = TLS1_1_VERSION, - }, - { - .ssl_method = TLS_method, - .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_2_VERSION, - .want_maxver = TLS1_VERSION, - }, - { - .ssl_method = TLS_method, - .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_2_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = TLS_method, - .options = SSL_OP_NO_TLSv1, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_1_VERSION, - .want_maxver = TLS1_1_VERSION, - }, - { - .ssl_method = TLS_method, - .options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_1_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = TLS_method, - .options = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_1_VERSION, - .want_maxver = TLS1_VERSION, - }, - { - .ssl_method = TLS_method, - .options = SSL_OP_NO_TLSv1, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = TLS_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_1_VERSION, - .peerver = TLS1_2_VERSION, - .want_maxver = TLS1_1_VERSION, - }, - { - .ssl_method = TLS_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_VERSION, - .peerver = TLS1_2_VERSION, - .want_maxver = TLS1_VERSION, - }, - { - .ssl_method = TLSv1_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_VERSION, - .want_maxver = TLS1_VERSION, - }, - { - .ssl_method = TLSv1_method, - .options = 0, - .minver = TLS1_1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = TLSv1_1_method, - .options = 0, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = TLS1_1_VERSION, - .want_maxver = TLS1_1_VERSION, - }, - { - .ssl_method = DTLS_method, - .options = 0, - .minver = TLS1_1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = DTLS1_VERSION, - .want_maxver = DTLS1_VERSION, - }, - { - .ssl_method = DTLS_method, - .options = 0, - .minver = TLS1_1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = DTLS1_2_VERSION, - .want_maxver = DTLS1_2_VERSION, - }, - { - .ssl_method = DTLS_method, - .options = 0, - .minver = TLS1_1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = 0xfefc, /* DTLSv1.3, probably. */ - .want_maxver = DTLS1_2_VERSION, - }, - { - .ssl_method = DTLSv1_method, - .options = 0, - .minver = TLS1_1_VERSION, - .maxver = TLS1_1_VERSION, - .peerver = DTLS1_2_VERSION, - .want_maxver = DTLS1_VERSION, - }, - { - .ssl_method = DTLSv1_2_method, - .options = 0, - .minver = TLS1_2_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = DTLS1_2_VERSION, - .want_maxver = DTLS1_2_VERSION, - }, - { - .ssl_method = DTLSv1_method, - .options = 0, - .minver = TLS1_1_VERSION, - .maxver = TLS1_1_VERSION, - .peerver = TLS1_2_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = DTLS_method, - .options = SSL_OP_NO_DTLSv1, - .minver = TLS1_1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = DTLS1_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = DTLS_method, - .options = SSL_OP_NO_DTLSv1, - .minver = TLS1_1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = DTLS1_2_VERSION, - .want_maxver = DTLS1_2_VERSION, - }, - { - .ssl_method = DTLS_method, - .options = SSL_OP_NO_DTLSv1_2, - .minver = TLS1_1_VERSION, - .maxver = TLS1_2_VERSION, - .peerver = DTLS1_2_VERSION, - .want_maxver = DTLS1_VERSION, - }, -}; - -#define N_SHARED_VERSION_TESTS \ - (sizeof(shared_version_tests) / sizeof(*shared_version_tests)) - -static int -test_ssl_max_shared_version(void) -{ - struct shared_version_test *svt; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - uint16_t maxver; - int failed = 0; - size_t i; - - failed = 0; - - fprintf(stderr, "INFO: starting max shared version tests...\n"); - - for (i = 0; i < N_SHARED_VERSION_TESTS; i++) { - svt = &shared_version_tests[i]; - - if ((ssl_ctx = SSL_CTX_new(svt->ssl_method())) == NULL) { - fprintf(stderr, "SSL_CTX_new() returned NULL\n"); - return 1; - } - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new() returned NULL\n"); - return 1; - } - - SSL_clear_options(ssl, SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | - SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3); - SSL_set_options(ssl, svt->options); - - maxver = 0; - ssl->internal->min_tls_version = svt->minver; - ssl->internal->max_tls_version = svt->maxver; - - if (!ssl_max_shared_version(ssl, svt->peerver, &maxver)) { - if (svt->want_maxver != 0) { - fprintf(stderr, "FAIL: test %zu - failed but " - "wanted non-zero shared version (peer %x)\n", - i, svt->peerver); - failed++; - } - continue; - } - if (maxver != svt->want_maxver) { - fprintf(stderr, "FAIL: test %zu - got shared " - "version %x, want %x\n", i, maxver, - svt->want_maxver); - failed++; - } - - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - } - - return (failed); -} - -struct min_max_version_test { - const SSL_METHOD *(*ssl_method)(void); - const uint16_t minver; - const uint16_t maxver; - const uint16_t want_minver; - const uint16_t want_maxver; - const int want_min_fail; - const int want_max_fail; -}; - -static struct min_max_version_test min_max_version_tests[] = { - { - .ssl_method = TLS_method, - .minver = 0, - .maxver = 0, - .want_minver = 0, - .want_maxver = 0, - }, - { - .ssl_method = TLS_method, - .minver = TLS1_VERSION, - .maxver = 0, - .want_minver = TLS1_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = TLS_method, - .minver = 0, - .maxver = TLS1_2_VERSION, - .want_minver = 0, - .want_maxver = TLS1_2_VERSION, - }, - { - .ssl_method = TLS_method, - .minver = 0, - .maxver = TLS1_3_VERSION, - .want_minver = 0, - .want_maxver = TLS1_3_VERSION, - }, - { - .ssl_method = TLS_method, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_VERSION, - .want_maxver = TLS1_2_VERSION, - }, - { - .ssl_method = TLS_method, - .minver = TLS1_1_VERSION, - .maxver = 0, - .want_minver = TLS1_1_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = TLS_method, - .minver = TLS1_2_VERSION, - .maxver = 0, - .want_minver = TLS1_2_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = TLS_method, - .minver = 0x0300, - .maxver = 0, - .want_minver = TLS1_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = TLS_method, - .minver = 0x0305, - .maxver = 0, - .want_min_fail = 1, - }, - { - .ssl_method = TLS_method, - .minver = 0, - .maxver = 0x0305, - .want_minver = 0, - .want_maxver = TLS1_3_VERSION, - }, - { - .ssl_method = TLS_method, - .minver = 0, - .maxver = TLS1_1_VERSION, - .want_minver = 0, - .want_maxver = TLS1_1_VERSION, - }, - { - .ssl_method = TLS_method, - .minver = 0, - .maxver = TLS1_VERSION, - .want_minver = 0, - .want_maxver = TLS1_VERSION, - }, - { - .ssl_method = TLS_method, - .minver = 0, - .maxver = 0x0300, - .want_max_fail = 1, - }, - { - .ssl_method = TLS_method, - .minver = TLS1_2_VERSION, - .maxver = TLS1_1_VERSION, - .want_minver = TLS1_2_VERSION, - .want_maxver = 0, - .want_max_fail = 1, - }, - { - .ssl_method = TLSv1_1_method, - .minver = 0, - .maxver = 0, - .want_minver = 0, - .want_maxver = 0, - }, - { - .ssl_method = TLSv1_1_method, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = TLS1_1_VERSION, - .want_maxver = TLS1_1_VERSION, - }, - { - .ssl_method = TLSv1_1_method, - .minver = TLS1_2_VERSION, - .maxver = 0, - .want_minver = 0, - .want_maxver = 0, - .want_min_fail = 1, - }, - { - .ssl_method = TLSv1_1_method, - .minver = 0, - .maxver = TLS1_VERSION, - .want_minver = 0, - .want_maxver = 0, - .want_max_fail = 1, - }, - { - .ssl_method = DTLS_method, - .minver = 0, - .maxver = 0, - .want_minver = 0, - .want_maxver = 0, - }, - { - .ssl_method = DTLS_method, - .minver = 0, - .maxver = DTLS1_VERSION, - .want_minver = 0, - .want_maxver = DTLS1_VERSION, - }, - { - .ssl_method = DTLS_method, - .minver = DTLS1_VERSION, - .maxver = 0, - .want_minver = DTLS1_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = DTLS_method, - .minver = DTLS1_VERSION, - .maxver = DTLS1_2_VERSION, - .want_minver = DTLS1_VERSION, - .want_maxver = DTLS1_2_VERSION, - }, - { - .ssl_method = DTLSv1_method, - .minver = 0, - .maxver = 0, - .want_minver = 0, - .want_maxver = 0, - }, - { - .ssl_method = DTLSv1_method, - .minver = DTLS1_VERSION, - .maxver = 0, - .want_minver = DTLS1_VERSION, - .want_maxver = 0, - }, - { - .ssl_method = DTLSv1_method, - .minver = 0, - .maxver = DTLS1_VERSION, - .want_minver = 0, - .want_maxver = DTLS1_VERSION, - }, - { - .ssl_method = DTLSv1_method, - .minver = 0, - .maxver = DTLS1_2_VERSION, - .want_minver = 0, - .want_maxver = DTLS1_VERSION, - }, - { - .ssl_method = DTLSv1_method, - .minver = TLS1_VERSION, - .maxver = TLS1_2_VERSION, - .want_minver = 0, - .want_maxver = 0, - .want_min_fail = 1, - .want_max_fail = 1, - }, -}; - -#define N_MIN_MAX_VERSION_TESTS \ - (sizeof(min_max_version_tests) / sizeof(*min_max_version_tests)) - -static int -test_ssl_min_max_version(void) -{ - struct min_max_version_test *mmvt; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failed = 0; - size_t i; - - failed = 0; - - fprintf(stderr, "INFO: starting min max version tests...\n"); - - for (i = 0; i < N_MIN_MAX_VERSION_TESTS; i++) { - mmvt = &min_max_version_tests[i]; - - if ((ssl_ctx = SSL_CTX_new(mmvt->ssl_method())) == NULL) { - fprintf(stderr, "SSL_CTX_new() returned NULL\n"); - return 1; - } - - if (!SSL_CTX_set_min_proto_version(ssl_ctx, mmvt->minver)) { - if (!mmvt->want_min_fail) { - fprintf(stderr, "FAIL: test %zu - failed to set " - "SSL_CTX min version\n", i); - failed++; - } - goto next; - } - if (!SSL_CTX_set_max_proto_version(ssl_ctx, mmvt->maxver)) { - if (!mmvt->want_max_fail) { - fprintf(stderr, "FAIL: test %zu - failed to set " - "SSL_CTX min version\n", i); - failed++; - } - goto next; - } - - if (mmvt->want_min_fail) { - fprintf(stderr, "FAIL: test %zu - successfully set " - "SSL_CTX min version, should have failed\n", i); - failed++; - goto next; - } - if (mmvt->want_max_fail) { - fprintf(stderr, "FAIL: test %zu - successfully set " - "SSL_CTX max version, should have failed\n", i); - failed++; - goto next; - } - - if (SSL_CTX_get_min_proto_version(ssl_ctx) != mmvt->want_minver) { - fprintf(stderr, "FAIL: test %zu - got SSL_CTX min " - "version 0x%x, want 0x%x\n", i, - SSL_CTX_get_min_proto_version(ssl_ctx), mmvt->want_minver); - failed++; - goto next; - } - if (SSL_CTX_get_max_proto_version(ssl_ctx) != mmvt->want_maxver) { - fprintf(stderr, "FAIL: test %zu - got SSL_CTX max " - "version 0x%x, want 0x%x\n", i, - SSL_CTX_get_max_proto_version(ssl_ctx), mmvt->want_maxver); - failed++; - goto next; - } - - if ((ssl = SSL_new(ssl_ctx)) == NULL) { - fprintf(stderr, "SSL_new() returned NULL\n"); - return 1; - } - - if (SSL_get_min_proto_version(ssl) != mmvt->want_minver) { - fprintf(stderr, "FAIL: test %zu - initial SSL min " - "version 0x%x, want 0x%x\n", i, - SSL_get_min_proto_version(ssl), mmvt->want_minver); - failed++; - goto next; - } - if (SSL_get_max_proto_version(ssl) != mmvt->want_maxver) { - fprintf(stderr, "FAIL: test %zu - initial SSL max " - "version 0x%x, want 0x%x\n", i, - SSL_get_max_proto_version(ssl), mmvt->want_maxver); - failed++; - goto next; - } - - if (!SSL_set_min_proto_version(ssl, mmvt->minver)) { - if (mmvt->want_min_fail) { - fprintf(stderr, "FAIL: test %zu - failed to set " - "SSL min version\n", i); - failed++; - } - goto next; - } - if (!SSL_set_max_proto_version(ssl, mmvt->maxver)) { - if (mmvt->want_max_fail) { - fprintf(stderr, "FAIL: test %zu - failed to set " - "SSL min version\n", i); - failed++; - } - goto next; - } - - if (mmvt->want_min_fail) { - fprintf(stderr, "FAIL: test %zu - successfully set SSL " - "min version, should have failed\n", i); - failed++; - goto next; - } - if (mmvt->want_max_fail) { - fprintf(stderr, "FAIL: test %zu - successfully set SSL " - "max version, should have failed\n", i); - failed++; - goto next; - } - - if (SSL_get_min_proto_version(ssl) != mmvt->want_minver) { - fprintf(stderr, "FAIL: test %zu - got SSL min " - "version 0x%x, want 0x%x\n", i, - SSL_get_min_proto_version(ssl), mmvt->want_minver); - failed++; - goto next; - } - if (SSL_get_max_proto_version(ssl) != mmvt->want_maxver) { - fprintf(stderr, "FAIL: test %zu - got SSL max " - "version 0x%x, want 0x%x\n", i, - SSL_get_max_proto_version(ssl), mmvt->want_maxver); - failed++; - goto next; - } - - next: - SSL_CTX_free(ssl_ctx); - SSL_free(ssl); - - ssl_ctx = NULL; - ssl = NULL; - } - - return (failed); -} - -int -main(int argc, char **argv) -{ - int failed = 0; - - SSL_library_init(); - - /* XXX - Test ssl_supported_version_range() */ - - failed |= test_ssl_enabled_version_range(); - failed |= test_ssl_max_shared_version(); - failed |= test_ssl_min_max_version(); - - if (failed == 0) - printf("PASS %s\n", __FILE__); - - return (failed); -} diff --git a/src/regress/lib/libssl/unit/tests.h b/src/regress/lib/libssl/unit/tests.h deleted file mode 100644 index 287816946a..0000000000 --- a/src/regress/lib/libssl/unit/tests.h +++ /dev/null @@ -1,44 +0,0 @@ -/* $OpenBSD: tests.h,v 1.1 2015/06/27 23:35:52 doug Exp $ */ -/* - * Copyright (c) 2015 Doug Hogan - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef LIBRESSL_REGRESS_TESTS_H__ -#define LIBRESSL_REGRESS_TESTS_H__ 1 - -/* Ugly macros that are useful for regression tests. */ - -#define SKIP(a) do { \ - printf("Skipping test in %s [%s:%d]\n", __func__, __FILE__, \ - __LINE__); \ -} while (0) - -#define CHECK(a) do { \ - if (!(a)) { \ - printf("Error in %s [%s:%d]\n", __func__, __FILE__, \ - __LINE__); \ - return 0; \ - } \ -} while (0) - -#define CHECK_GOTO(a) do { \ - if (!(a)) { \ - printf("Error in %s [%s:%d]\n", __func__, __FILE__, \ - __LINE__); \ - goto err; \ - } \ -} while (0) - -#endif /* LIBRESSL_REGRESS_TESTS_H__ */ diff --git a/src/regress/lib/libssl/unit/tls_ext_alpn.c b/src/regress/lib/libssl/unit/tls_ext_alpn.c deleted file mode 100644 index 378929aa5b..0000000000 --- a/src/regress/lib/libssl/unit/tls_ext_alpn.c +++ /dev/null @@ -1,442 +0,0 @@ -/* $OpenBSD: tls_ext_alpn.c,v 1.7 2020/07/03 04:14:10 tb Exp $ */ -/* - * Copyright (c) 2015 Doug Hogan - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Test TLS extension Application-Layer Protocol Negotiation (RFC 7301). - */ -#include -#include - -#include "ssl_locl.h" -#include "ssl_tlsext.h" - -#include "tests.h" - -/* - * In the ProtocolNameList, ProtocolNames must not include empty strings and - * byte strings must not be truncated. - * - * This uses some of the IANA approved protocol names from: - * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml - */ - -/* Valid for client and server since it only has one name. */ -static uint8_t proto_single[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0f, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x0b, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x09, /* len of all names */ - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 -}; - -/* Valid for client, but NOT server. Server must have exactly one name. */ -static uint8_t proto_multiple1[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x19, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x15, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x13, /* len of all names */ - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, - /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */ - 0x09, /* len */ - 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e -}; - -/* Valid for client, but NOT server. Server must have exactly one name. */ -static uint8_t proto_multiple2[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x1c, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x18, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x16, /* len of all names */ - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, - /* opaque ProtocolName<1..2^8-1> -- 'h2' */ - 0x02, /* len */ - 0x68, 0x32, - /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */ - 0x09, /* len */ - 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e -}; - -/* Valid for client, but NOT server. Server must have exactly one name. */ -static uint8_t proto_multiple3[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x20, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x1c, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x1a, /* len of all names */ - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, - /* opaque ProtocolName<1..2^8-1> -- 'h2' */ - 0x02, /* len */ - 0x68, 0x32, - /* opaque ProtocolName<1..2^8-1> -- 'stun.nat' */ - 0x09, /* len */ - 0x73, 0x74, 0x75, 0x6e, 0x2e, 0x74, 0x75, 0x72, 0x6e, - /* opaque ProtocolName<1..2^8-1> -- 'h2c' */ - 0x03, /* len */ - 0x68, 0x32, 0x63 -}; - -static uint8_t proto_empty[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions. */ - 0x00, 0x00, /* none present. */ -}; - -/* Invalid for both client and server. Length is wrong. */ -static uint8_t proto_invalid_len1[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0a, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x06, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x04, /* len of all names */ - /* opaque ProtocolName<1..2^8-1> -- 'h2c' */ - 0x04, /* XXX len too large */ - 0x68, 0x32, 0x63 -}; -static uint8_t proto_invalid_len2[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0a, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x06, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x04, /* len of all names */ - /* opaque ProtocolName<1..2^8-1> -- 'h2c' */ - 0x02, /* XXX len too small */ - 0x68, 0x32, 0x63 -}; -static uint8_t proto_invalid_len3[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0a, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x06, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x03, /* XXX len too small */ - /* opaque ProtocolName<1..2^8-1> -- 'h2c' */ - 0x03, /* len */ - 0x68, 0x32, 0x63 -}; -static uint8_t proto_invalid_len4[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0a, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x06, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x06, /* XXX len too large */ - /* opaque ProtocolName<1..2^8-1> -- 'h2c' */ - 0x03, /* len */ - 0x68, 0x32, 0x63 -}; -static uint8_t proto_invalid_len5[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0a, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x01, 0x08, /* XXX len too large */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x04, /* len */ - /* opaque ProtocolName<1..2^8-1> -- 'h2c' */ - 0x03, /* len */ - 0x68, 0x32, 0x63 -}; -static uint8_t proto_invalid_len6[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0a, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x05, /* XXX len too small */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x04, /* len */ - /* opaque ProtocolName<1..2^8-1> -- 'h2c' */ - 0x03, /* len */ - 0x68, 0x32, 0x63 -}; -static uint8_t proto_invalid_len7[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x06, /* XXX len too small */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x06, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x04, /* len */ - /* opaque ProtocolName<1..2^8-1> -- 'h2c' */ - 0x03, /* len */ - 0x68, 0x32, 0x63 -}; -static uint8_t proto_invalid_len8[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0b, /* XXX len too large */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x06, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x04, /* len */ - /* opaque ProtocolName<1..2^8-1> -- 'h2c' */ - 0x03, /* len */ - 0x68, 0x32, 0x63 -}; - -/* Invalid for client and server since it is missing data. */ -static uint8_t proto_invalid_missing1[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0a, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x06, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x04, /* len of all names */ - /* opaque ProtocolName<1..2^8-1> -- 'h2c' */ - /* XXX missing */ -}; -static uint8_t proto_invalid_missing2[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0a, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x00, /* XXX missing name list */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ -}; -static uint8_t proto_invalid_missing3[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0a, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x02, /* XXX size is sufficient but missing data for name list */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ -}; -static uint8_t proto_invalid_missing4[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x0a, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - /* XXX missing */ -}; -static uint8_t proto_invalid_missing5[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x1c, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x18, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x16, /* len of all names */ - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, - /* opaque ProtocolName<1..2^8-1> -- 'h2' */ - 0x02, /* len */ - 0x68, 0x32, - /* XXX missing name */ -}; -static uint8_t proto_invalid_missing6[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x07, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x03, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x01, /* XXX len must be at least 2 */ - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x00, /* XXX len cannot be 0 */ -}; -static uint8_t proto_invalid_missing7[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x07, /* len */ - /* ExtensionType extension_type */ - 0x00, 0x10, /* ALPN */ - /* opaque extension_data<0..2^16-1> */ - 0x00, 0x03, /* len */ - /* ProtocolName protocol_name_list<2..2^16-1> -- ALPN names */ - 0x00, 0x02, /* XXX len is at least 2 but not correct. */ - /* opaque ProtocolName<1..2^8-1> -- 'http/1.1' */ - 0x00, /* XXX len cannot be 0 */ -}; -static uint8_t proto_invalid_missing8[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x00, 0x01, /* len */ - /* ExtensionType extension_type */ - 0x00, /* XXX need a 2 byte type */ -}; -static uint8_t proto_invalid_missing9[] = { - /* Extension extensions<0..2^16-1> -- All TLS extensions */ - 0x0a, /* XXX need a 2 byte len */ -}; - - -#define CHECK_BOTH(c_val, s_val, proto) do { \ - { \ - CBS cbs; \ - int al; \ - \ - CBS_init(&cbs, proto, sizeof(proto)); \ - CHECK(c_val == tlsext_server_parse(s, SSL_TLSEXT_MSG_CH, &cbs, &al)); \ - CBS_init(&cbs, proto, sizeof(proto)); \ - CHECK(s_val == tlsext_client_parse(s, SSL_TLSEXT_MSG_SH, &cbs, &al)); \ - } \ -} while (0) - -static int dummy_alpn_cb(SSL *ssl, const unsigned char **out, - unsigned char *outlen, const unsigned char *in, unsigned int inlen, - void *arg); - -static int -check_valid_alpn(SSL *s) -{ - const uint8_t str[] = { - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* http/1.1 */ - }; - - /* Setup in order to test ALPN. */ - CHECK(! SSL_set_alpn_protos(s, str, 9)); - SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL); - - /* Prerequisites to test these. */ - CHECK(s->internal->alpn_client_proto_list != NULL); - CHECK(s->ctx->internal->alpn_select_cb != NULL); - //CHECK(s->s3->tmp.finish_md_len == 0); - - CHECK_BOTH(1, 1, proto_single); - CHECK_BOTH(1, 1, proto_empty); - - /* Multiple protocol names are only valid for client */ - CHECK_BOTH(1, 0, proto_multiple1); - CHECK_BOTH(1, 0, proto_multiple2); - CHECK_BOTH(1, 0, proto_multiple3); - - return 1; -} - -/* - * Some of the IANA approved IDs from: - * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml - */ -static int -check_invalid_alpn(SSL *s) -{ - const uint8_t str[] = { - 0x08, /* len */ - 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31 /* http/1.1 */ - }; - - /* Setup in order to test ALPN. */ - CHECK(! SSL_set_alpn_protos(s, str, 9)); - SSL_CTX_set_alpn_select_cb(s->ctx, dummy_alpn_cb, NULL); - - /* Prerequisites to test these. */ - CHECK(s->internal->alpn_client_proto_list != NULL); - CHECK(s->ctx->internal->alpn_select_cb != NULL); - //CHECK(s->s3->tmp.finish_md_len == 0); - - /* None of these are valid for client or server */ - CHECK_BOTH(0, 0, proto_invalid_len1); - CHECK_BOTH(0, 0, proto_invalid_len2); - CHECK_BOTH(0, 0, proto_invalid_len3); - CHECK_BOTH(0, 0, proto_invalid_len4); - CHECK_BOTH(0, 0, proto_invalid_len5); - CHECK_BOTH(0, 0, proto_invalid_len6); - CHECK_BOTH(0, 0, proto_invalid_len7); - CHECK_BOTH(0, 0, proto_invalid_len8); - CHECK_BOTH(0, 0, proto_invalid_missing1); - CHECK_BOTH(0, 0, proto_invalid_missing2); - CHECK_BOTH(0, 0, proto_invalid_missing3); - CHECK_BOTH(0, 0, proto_invalid_missing4); - CHECK_BOTH(0, 0, proto_invalid_missing5); - CHECK_BOTH(0, 0, proto_invalid_missing6); - CHECK_BOTH(0, 0, proto_invalid_missing7); - CHECK_BOTH(0, 0, proto_invalid_missing8); - CHECK_BOTH(0, 0, proto_invalid_missing9); - - return 1; -} - -int -dummy_alpn_cb(SSL *ssl __attribute__((unused)), const unsigned char **out, - unsigned char *outlen, const unsigned char *in, unsigned int inlen, - void *arg __attribute__((unused))) -{ - *out = in; - *outlen = (unsigned char)inlen; - - return 0; -} - -int -main(void) -{ - SSL_CTX *ctx = NULL; - SSL *s = NULL; - int rv = 1; - - SSL_library_init(); - - CHECK_GOTO((ctx = SSL_CTX_new(TLSv1_2_client_method())) != NULL); - CHECK_GOTO((s = SSL_new(ctx)) != NULL); - - if (!check_valid_alpn(s)) - goto err; - if (!check_invalid_alpn(s)) - goto err; - - rv = 0; - -err: - SSL_CTX_free(ctx); - SSL_free(s); - - if (!rv) - printf("PASS %s\n", __FILE__); - return rv; -} diff --git a/src/regress/lib/libssl/unit/tls_prf.c b/src/regress/lib/libssl/unit/tls_prf.c deleted file mode 100644 index 9e8f5b4053..0000000000 --- a/src/regress/lib/libssl/unit/tls_prf.c +++ /dev/null @@ -1,251 +0,0 @@ -/* $OpenBSD: tls_prf.c,v 1.5 2021/03/24 19:02:35 jsing Exp $ */ -/* - * Copyright (c) 2017 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "ssl_locl.h" - -int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len, - const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len, - const void *seed3, size_t seed3_len, const void *seed4, size_t seed4_len, - const void *seed5, size_t seed5_len, unsigned char *out, size_t out_len); - -#define TLS_PRF_OUT_LEN 128 - -struct tls_prf_test { - const unsigned char *desc; - const SSL_METHOD *(*ssl_method)(void); - const uint16_t cipher_value; - const unsigned char out[TLS_PRF_OUT_LEN]; -}; - -static struct tls_prf_test tls_prf_tests[] = { - { - .desc = "MD5+SHA1", - .ssl_method = TLSv1_method, - .cipher_value = 0x0033, - .out = { - 0x03, 0xa1, 0xc1, 0x7d, 0x2c, 0xa5, 0x3d, 0xe8, - 0x9d, 0x59, 0x5e, 0x30, 0xf5, 0x71, 0xbb, 0x96, - 0xde, 0x5c, 0x8e, 0xdc, 0x25, 0x8a, 0x7c, 0x05, - 0x9f, 0x7d, 0x35, 0x29, 0x45, 0xae, 0x56, 0xad, - 0x9f, 0x57, 0x15, 0x5c, 0xdb, 0x83, 0x3a, 0xac, - 0x19, 0xa8, 0x2b, 0x40, 0x72, 0x38, 0x1e, 0xed, - 0xf3, 0x25, 0xde, 0x84, 0x84, 0xd8, 0xd1, 0xfc, - 0x31, 0x85, 0x81, 0x12, 0x55, 0x4d, 0x12, 0xb5, - 0xed, 0x78, 0x5e, 0xba, 0xc8, 0xec, 0x8d, 0x28, - 0xa1, 0x21, 0x1e, 0x6e, 0x07, 0xf1, 0xfc, 0xf5, - 0xbf, 0xe4, 0x8e, 0x8e, 0x97, 0x15, 0x93, 0x85, - 0x75, 0xdd, 0x87, 0x09, 0xd0, 0x4e, 0xe5, 0xd5, - 0x9e, 0x1f, 0xd6, 0x1c, 0x3b, 0xe9, 0xad, 0xba, - 0xe0, 0x16, 0x56, 0x62, 0x90, 0xd6, 0x82, 0x84, - 0xec, 0x8a, 0x22, 0xbe, 0xdc, 0x6a, 0x5e, 0x05, - 0x12, 0x44, 0xec, 0x60, 0x61, 0xd1, 0x8a, 0x66, - }, - }, - { - .desc = "GOST94", - .ssl_method = TLSv1_2_method, - .cipher_value = 0x0081, - .out = { - 0xcc, 0xd4, 0x89, 0x5f, 0x52, 0x08, 0x9b, 0xc7, - 0xf9, 0xb5, 0x83, 0x58, 0xe8, 0xc7, 0x71, 0x49, - 0x39, 0x99, 0x1f, 0x14, 0x8f, 0x85, 0xbe, 0x64, - 0xee, 0x40, 0x5c, 0xe7, 0x5f, 0x68, 0xaf, 0xf2, - 0xcd, 0x3a, 0x94, 0x52, 0x33, 0x53, 0x46, 0x7d, - 0xb6, 0xc5, 0xe1, 0xb8, 0xa4, 0x04, 0x69, 0x91, - 0x0a, 0x9c, 0x88, 0x86, 0xd9, 0x60, 0x63, 0xdd, - 0xd8, 0xe7, 0x2e, 0xee, 0xce, 0xe2, 0x20, 0xd8, - 0x9a, 0xfa, 0x9c, 0x63, 0x0c, 0x9c, 0xa1, 0x76, - 0xed, 0x78, 0x9a, 0x84, 0x70, 0xb4, 0xd1, 0x51, - 0x1f, 0xde, 0x44, 0xe8, 0x90, 0x21, 0x3f, 0xeb, - 0x05, 0xf4, 0x77, 0x59, 0xf3, 0xad, 0xdd, 0x34, - 0x3d, 0x3a, 0x7c, 0xd0, 0x59, 0x40, 0xe1, 0x3f, - 0x04, 0x4b, 0x8b, 0xd6, 0x95, 0x46, 0xb4, 0x9e, - 0x4c, 0x2d, 0xf7, 0xee, 0xbd, 0xbc, 0xcb, 0x5c, - 0x3a, 0x36, 0x0c, 0xd0, 0x27, 0xcb, 0x45, 0x06, - }, - }, - { - .desc = "SHA256 (via TLSv1.2)", - .ssl_method = TLSv1_2_method, - .cipher_value = 0x0033, - .out = { - 0x37, 0xa7, 0x06, 0x71, 0x6e, 0x19, 0x19, 0xda, - 0x23, 0x8c, 0xcc, 0xb4, 0x2f, 0x31, 0x64, 0x9d, - 0x05, 0x29, 0x1c, 0x33, 0x7e, 0x09, 0x1b, 0x0c, - 0x0e, 0x23, 0xc1, 0xb0, 0x40, 0xcc, 0x31, 0xf7, - 0x55, 0x66, 0x68, 0xd9, 0xa8, 0xae, 0x74, 0x75, - 0xf3, 0x46, 0xe9, 0x3a, 0x54, 0x9d, 0xe0, 0x8b, - 0x7e, 0x6c, 0x63, 0x1c, 0xfa, 0x2f, 0xfd, 0xc9, - 0xd3, 0xf1, 0xd3, 0xfe, 0x7b, 0x9e, 0x14, 0x95, - 0xb5, 0xd0, 0xad, 0x9b, 0xee, 0x78, 0x8c, 0x83, - 0x18, 0x58, 0x7e, 0xa2, 0x23, 0xc1, 0x8b, 0x62, - 0x94, 0x12, 0xcb, 0xb6, 0x60, 0x69, 0x32, 0xfe, - 0x98, 0x0e, 0x93, 0xb0, 0x8e, 0x5c, 0xfb, 0x6e, - 0xdb, 0x9a, 0xc2, 0x9f, 0x8c, 0x5c, 0x43, 0x19, - 0xeb, 0x4a, 0x52, 0xad, 0x62, 0x2b, 0xdd, 0x9f, - 0xa3, 0x74, 0xa6, 0x96, 0x61, 0x4d, 0x98, 0x40, - 0x63, 0xa6, 0xd4, 0xbb, 0x17, 0x11, 0x75, 0xed, - }, - }, - { - .desc = "SHA384", - .ssl_method = TLSv1_2_method, - .cipher_value = 0x009d, - .out = { - 0x00, 0x93, 0xc3, 0xfd, 0xa7, 0xbb, 0xdc, 0x5b, - 0x13, 0x3a, 0xe6, 0x8b, 0x1b, 0xac, 0xf3, 0xfb, - 0x3c, 0x9a, 0x78, 0xf6, 0x19, 0xf0, 0x13, 0x0f, - 0x0d, 0x01, 0x9d, 0xdf, 0x0a, 0x28, 0x38, 0xce, - 0x1a, 0x9b, 0x43, 0xbe, 0x56, 0x12, 0xa7, 0x16, - 0x58, 0xe1, 0x8a, 0xe4, 0xc5, 0xbb, 0x10, 0x4c, - 0x3a, 0xf3, 0x7f, 0xd3, 0xdb, 0xe4, 0xe0, 0x3d, - 0xcc, 0x83, 0xca, 0xf0, 0xf9, 0x69, 0xcc, 0x70, - 0x83, 0x32, 0xf6, 0xfc, 0x81, 0x80, 0x02, 0xe8, - 0x31, 0x1e, 0x7c, 0x3b, 0x34, 0xf7, 0x34, 0xd1, - 0xcf, 0x2a, 0xc4, 0x36, 0x2f, 0xe9, 0xaa, 0x7f, - 0x6d, 0x1f, 0x5e, 0x0e, 0x39, 0x05, 0x15, 0xe1, - 0xa2, 0x9a, 0x4d, 0x97, 0x8c, 0x62, 0x46, 0xf1, - 0x87, 0x65, 0xd8, 0xe9, 0x14, 0x11, 0xa6, 0x48, - 0xd7, 0x0e, 0x6e, 0x70, 0xad, 0xfb, 0x3f, 0x36, - 0x05, 0x76, 0x4b, 0xe4, 0x28, 0x50, 0x4a, 0xf2, - }, - }, - { - .desc = "STREEBOG256", - .ssl_method = TLSv1_2_method, - .cipher_value = 0xff87, - .out = { - 0x3e, 0x13, 0xb9, 0xeb, 0x85, 0x8c, 0xb4, 0x21, - 0x23, 0x40, 0x9b, 0x73, 0x04, 0x56, 0xe2, 0xff, - 0xce, 0x52, 0x1f, 0x82, 0x7f, 0x17, 0x5b, 0x80, - 0x23, 0x71, 0xca, 0x30, 0xdf, 0xfc, 0xdc, 0x2d, - 0xc0, 0xfc, 0x5d, 0x23, 0x5a, 0x54, 0x7f, 0xae, - 0xf5, 0x7d, 0x52, 0x1e, 0x86, 0x95, 0xe1, 0x2d, - 0x28, 0xe7, 0xbe, 0xd7, 0xd0, 0xbf, 0xa9, 0x96, - 0x13, 0xd0, 0x9c, 0x0c, 0x1c, 0x16, 0x05, 0xbb, - 0x26, 0xd7, 0x30, 0x39, 0xb9, 0x53, 0x28, 0x98, - 0x4f, 0x1b, 0x83, 0xc3, 0xce, 0x1c, 0x7c, 0x34, - 0xa2, 0xc4, 0x7a, 0x54, 0x16, 0xc6, 0xa7, 0x9e, - 0xed, 0x4b, 0x7b, 0x83, 0xa6, 0xae, 0xe2, 0x5b, - 0x96, 0xf5, 0x6c, 0xad, 0x1f, 0xa3, 0x83, 0xb2, - 0x84, 0x32, 0xed, 0xe3, 0x2c, 0xf6, 0xd4, 0x73, - 0x30, 0xef, 0x9d, 0xbe, 0xe7, 0x23, 0x9a, 0xbf, - 0x4d, 0x1c, 0xe7, 0xef, 0x3d, 0xea, 0x46, 0xe2, - }, - }, -}; - -#define N_TLS_PRF_TESTS \ - (sizeof(tls_prf_tests) / sizeof(*tls_prf_tests)) - -#define TLS_PRF_SEED1 "tls prf seed 1" -#define TLS_PRF_SEED2 "tls prf seed 2" -#define TLS_PRF_SEED3 "tls prf seed 3" -#define TLS_PRF_SEED4 "tls prf seed 4" -#define TLS_PRF_SEED5 "tls prf seed 5" -#define TLS_PRF_SECRET "tls prf secretz" - -static void -hexdump(const unsigned char *buf, size_t len) -{ - size_t i; - - for (i = 1; i <= len; i++) - fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n"); - - fprintf(stderr, "\n"); -} - -static int -do_tls_prf_test(int test_no, struct tls_prf_test *tpt) -{ - unsigned char *out = NULL; - const SSL_CIPHER *cipher; - SSL_CTX *ssl_ctx = NULL; - SSL *ssl = NULL; - int failure = 1; - int len; - - fprintf(stderr, "Test %i - %s\n", test_no, tpt->desc); - - if ((out = malloc(TLS_PRF_OUT_LEN)) == NULL) - errx(1, "failed to allocate out"); - - if ((ssl_ctx = SSL_CTX_new(tpt->ssl_method())) == NULL) - errx(1, "failed to create SSL context"); - if ((ssl = SSL_new(ssl_ctx)) == NULL) - errx(1, "failed to create SSL context"); - - if ((cipher = ssl3_get_cipher_by_value(tpt->cipher_value)) == NULL) { - fprintf(stderr, "FAIL: no cipher %hx\n", tpt->cipher_value); - goto failure; - } - - S3I(ssl)->hs.cipher = cipher; - - for (len = 1; len <= TLS_PRF_OUT_LEN; len++) { - memset(out, 'A', TLS_PRF_OUT_LEN); - - if (tls1_PRF(ssl, TLS_PRF_SECRET, sizeof(TLS_PRF_SECRET), - TLS_PRF_SEED1, sizeof(TLS_PRF_SEED1), TLS_PRF_SEED2, - sizeof(TLS_PRF_SEED2), TLS_PRF_SEED3, sizeof(TLS_PRF_SEED3), - TLS_PRF_SEED4, sizeof(TLS_PRF_SEED4), TLS_PRF_SEED5, - sizeof(TLS_PRF_SEED5), out, len) != 1) { - fprintf(stderr, "FAIL: tls_PRF failed for len %i\n", - len); - goto failure; - } - - if (memcmp(out, tpt->out, len) != 0) { - fprintf(stderr, "FAIL: tls_PRF output differs for " - "len %i\n", len); - fprintf(stderr, "output:\n"); - hexdump(out, TLS_PRF_OUT_LEN); - fprintf(stderr, "test data:\n"); - hexdump(tpt->out, TLS_PRF_OUT_LEN); - fprintf(stderr, "\n"); - goto failure; - } - } - - failure = 0; - - failure: - SSL_free(ssl); - SSL_CTX_free(ssl_ctx); - - free(out); - - return failure; -} - -int -main(int argc, char **argv) -{ - int failed = 0; - size_t i; - - SSL_library_init(); - SSL_load_error_strings(); - - for (i = 0; i < N_TLS_PRF_TESTS; i++) - failed |= do_tls_prf_test(i, &tls_prf_tests[i]); - - return failed; -} -- cgit v1.2.3-55-g6feb