[thirdparty/openssl.git] / test / recipes / 70-test_renegotiation.t

#! /usr/bin/env perl
# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License").  You may not use
# this file except in compliance with the License.  You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html

use strict;
use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
use OpenSSL::Test::Utils;
use TLSProxy::Proxy;

my $test_name = "test_renegotiation";
setup($test_name);

plan skip_all => "TLSProxy isn't usable on $^O"
    if $^O =~ /^(VMS)$/;

plan skip_all => "$test_name needs the dynamic engine feature enabled"
    if disabled("engine") || disabled("dynamic-engine");

plan skip_all => "$test_name needs the sock feature enabled"
    if disabled("sock");

plan skip_all => "$test_name needs TLS <= 1.2 enabled"
    if alldisabled(("ssl3", "tls1", "tls1_1", "tls1_2"));

$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
my $proxy = TLSProxy::Proxy->new(
    undef,
    cmdstr(app(["openssl"]), display => 1),
    srctop_file("apps", "server.pem"),
    (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
);

#Test 1: A basic renegotiation test
$proxy->clientflags("-no_tls1_3");
$proxy->reneg(1);
$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
plan tests => 4;
ok(TLSProxy::Message->success(), "Basic renegotiation");

#Test 2: Client does not send the Reneg SCSV. Reneg should fail
$proxy->clear();
$proxy->filter(\&reneg_filter);
$proxy->clientflags("-no_tls1_3");
$proxy->reneg(1);
$proxy->start();
ok(TLSProxy::Message->fail(), "No client SCSV");

SKIP: {
    skip "TLSv1.2 or TLSv1.1 disabled", 1
        if disabled("tls1_2") || disabled("tls1_1");
    #Test 3: Check that the ClientHello version remains the same in the reneg
    #        handshake
    $proxy->clear();
    $proxy->filter(undef);
    $proxy->ciphers("DEFAULT:\@SECLEVEL=0");
    $proxy->clientflags("-no_tls1_3 -cipher AES128-SHA:\@SECLEVEL=0");
    $proxy->serverflags("-no_tls1_3 -no_tls1_2");
    $proxy->reneg(1);
    $proxy->start();
    my $chversion;
    my $chmatch = 0;
    foreach my $message (@{$proxy->message_list}) {
        if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) {
            if (!defined $chversion) {
                $chversion = $message->client_version;
            } else {
                if ($chversion == $message->client_version) {
                    $chmatch = 1;
                }
            }
        }
    }
    ok(TLSProxy::Message->success() && $chmatch,
       "Check ClientHello version is the same");
}

SKIP: {
    skip "TLSv1.2 disabled", 1
        if disabled("tls1_2");

    #Test 4: Test for CVE-2021-3449. client_sig_algs instead of sig_algs in
    #        resumption ClientHello
    $proxy->clear();
    $proxy->filter(\&sigalgs_filter);
    $proxy->clientflags("-tls1_2");
    $proxy->reneg(1);
    $proxy->start();
    ok(TLSProxy::Message->fail(), "client_sig_algs instead of sig_algs");
}

sub reneg_filter
{
    my $proxy = shift;

    # We're only interested in the initial ClientHello message
    if ($proxy->flight != 0) {
        return;
    }

    foreach my $message (@{$proxy->message_list}) {
        if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) {
            #Remove any SCSV ciphersuites - just leave AES128-SHA (0x002f)
            my @ciphersuite = (0x002f);
            $message->ciphersuites(\@ciphersuite);
            $message->ciphersuite_len(2);
            $message->repack();
        }
    }
}

sub sigalgs_filter
{
    my $proxy = shift;
    my $cnt = 0;

    # We're only interested in the second ClientHello message
    foreach my $message (@{$proxy->message_list}) {
        if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) {
            next if ($cnt++ == 0);

            my $sigs = pack "C10", 0x00, 0x08,
                            # rsa_pkcs_sha{256,384,512,1}
                            0x04, 0x01,  0x05, 0x01,  0x06, 0x01,  0x02, 0x01;
            $message->set_extension(TLSProxy::Message::EXT_SIG_ALGS_CERT, $sigs);
            $message->delete_extension(TLSProxy::Message::EXT_SIG_ALGS);
            $message->repack();
        }
    }
}
Commit	Line	Data
bc349281	1	#! /usr/bin/env perl
3c2bdd7d	2	# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
bc349281	3	#
909f1a2e	4	# Licensed under the Apache License 2.0 (the "License"). You may not use
bc349281 MC	5	# this file except in compliance with the License. You can obtain a copy
	6	# in the file LICENSE in the source distribution or at
	7	# https://www.openssl.org/source/license.html
	8
	9	use strict;
	10	use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
	11	use OpenSSL::Test::Utils;
	12	use TLSProxy::Proxy;
	13
	14	my $test_name = "test_renegotiation";
	15	setup($test_name);
	16
	17	plan skip_all => "TLSProxy isn't usable on $^O"
c5856878	18	if $^O =~ /^(VMS)$/;
bc349281 MC	19
	20	plan skip_all => "$test_name needs the dynamic engine feature enabled"
	21	if disabled("engine") \|\| disabled("dynamic-engine");
	22
	23	plan skip_all => "$test_name needs the sock feature enabled"
	24	if disabled("sock");
	25
	26	plan skip_all => "$test_name needs TLS <= 1.2 enabled"
	27	if alldisabled(("ssl3", "tls1", "tls1_1", "tls1_2"));
	28
	29	$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
	30	my $proxy = TLSProxy::Proxy->new(
	31	undef,
	32	cmdstr(app(["openssl"]), display => 1),
	33	srctop_file("apps", "server.pem"),
	34	(!$ENV{HARNESS_ACTIVE} \|\| $ENV{HARNESS_VERBOSE})
	35	);
	36
	37	#Test 1: A basic renegotiation test
	38	$proxy->clientflags("-no_tls1_3");
	39	$proxy->reneg(1);
	40	$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
112580c2	41	plan tests => 4;
bc349281 MC	42	ok(TLSProxy::Message->success(), "Basic renegotiation");
	43
	44	#Test 2: Client does not send the Reneg SCSV. Reneg should fail
	45	$proxy->clear();
	46	$proxy->filter(\&reneg_filter);
	47	$proxy->clientflags("-no_tls1_3");
	48	$proxy->reneg(1);
	49	$proxy->start();
	50	ok(TLSProxy::Message->fail(), "No client SCSV");
	51
6862de63 MC	52	SKIP: {
	53	skip "TLSv1.2 or TLSv1.1 disabled", 1
	54	if disabled("tls1_2") \|\| disabled("tls1_1");
	55	#Test 3: Check that the ClientHello version remains the same in the reneg
	56	# handshake
	57	$proxy->clear();
	58	$proxy->filter(undef);
aba03ae5 KR	59	$proxy->ciphers("DEFAULT:\@SECLEVEL=0");
aba03ae5 KR	60	$proxy->clientflags("-no_tls1_3 -cipher AES128-SHA:\@SECLEVEL=0");
6862de63 MC	61	$proxy->serverflags("-no_tls1_3 -no_tls1_2");
	62	$proxy->reneg(1);
	63	$proxy->start();
	64	my $chversion;
	65	my $chmatch = 0;
	66	foreach my $message (@{$proxy->message_list}) {
	67	if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) {
	68	if (!defined $chversion) {
	69	$chversion = $message->client_version;
	70	} else {
	71	if ($chversion == $message->client_version) {
	72	$chmatch = 1;
	73	}
	74	}
	75	}
	76	}
	77	ok(TLSProxy::Message->success() && $chmatch,
	78	"Check ClientHello version is the same");
	79	}
	80
112580c2 MC	81	SKIP: {
	82	skip "TLSv1.2 disabled", 1
	83	if disabled("tls1_2");
	84
	85	#Test 4: Test for CVE-2021-3449. client_sig_algs instead of sig_algs in
	86	# resumption ClientHello
	87	$proxy->clear();
	88	$proxy->filter(\&sigalgs_filter);
	89	$proxy->clientflags("-tls1_2");
	90	$proxy->reneg(1);
	91	$proxy->start();
	92	ok(TLSProxy::Message->fail(), "client_sig_algs instead of sig_algs");
	93	}
	94
bc349281 MC	95	sub reneg_filter
	96	{
	97	my $proxy = shift;
	98
	99	# We're only interested in the initial ClientHello message
	100	if ($proxy->flight != 0) {
	101	return;
	102	}
	103
	104	foreach my $message (@{$proxy->message_list}) {
	105	if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) {
	106	#Remove any SCSV ciphersuites - just leave AES128-SHA (0x002f)
	107	my @ciphersuite = (0x002f);
	108	$message->ciphersuites(\@ciphersuite);
	109	$message->ciphersuite_len(2);
	110	$message->repack();
	111	}
	112	}
	113	}
112580c2 MC	114
	115	sub sigalgs_filter
	116	{
	117	my $proxy = shift;
	118	my $cnt = 0;
	119
	120	# We're only interested in the second ClientHello message
	121	foreach my $message (@{$proxy->message_list}) {
	122	if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) {
	123	next if ($cnt++ == 0);
	124
	125	my $sigs = pack "C10", 0x00, 0x08,
	126	# rsa_pkcs_sha{256,384,512,1}
	127	0x04, 0x01, 0x05, 0x01, 0x06, 0x01, 0x02, 0x01;
	128	$message->set_extension(TLSProxy::Message::EXT_SIG_ALGS_CERT, $sigs);
	129	$message->delete_extension(TLSProxy::Message::EXT_SIG_ALGS);
	130	$message->repack();
	131	}
	132	}
	133	}