]>
Commit | Line | Data |
---|---|---|
2cb4b5f6 MC |
1 | /* |
2 | * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the OpenSSL license (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
ba881d3b MC |
10 | #include <string.h> |
11 | ||
2cb4b5f6 MC |
12 | #include <openssl/opensslconf.h> |
13 | #include <openssl/bio.h> | |
14 | #include <openssl/crypto.h> | |
15 | #include <openssl/ssl.h> | |
ba881d3b | 16 | #include <openssl/ocsp.h> |
2cb4b5f6 MC |
17 | |
18 | #include "ssltestlib.h" | |
c887104f | 19 | #include "testutil.h" |
e364c3b2 | 20 | #include "test_main_custom.h" |
f1b25aae | 21 | #include "e_os.h" |
2cb4b5f6 MC |
22 | |
23 | static char *cert = NULL; | |
24 | static char *privkey = NULL; | |
25 | ||
6acdd3e5 CB |
26 | #define LOG_BUFFER_SIZE 1024 |
27 | static char server_log_buffer[LOG_BUFFER_SIZE + 1] = {0}; | |
28 | static int server_log_buffer_index = 0; | |
29 | static char client_log_buffer[LOG_BUFFER_SIZE + 1] = {0}; | |
30 | static int client_log_buffer_index = 0; | |
31 | static int error_writing_log = 0; | |
32 | ||
8f8c11d8 | 33 | #ifndef OPENSSL_NO_OCSP |
ba881d3b MC |
34 | static const unsigned char orespder[] = "Dummy OCSP Response"; |
35 | static int ocsp_server_called = 0; | |
36 | static int ocsp_client_called = 0; | |
37 | ||
38 | static int cdummyarg = 1; | |
39 | static X509 *ocspcert = NULL; | |
8f8c11d8 | 40 | #endif |
ba881d3b | 41 | |
84d5549e MC |
42 | #define NUM_EXTRA_CERTS 40 |
43 | ||
f1a5939f CB |
44 | /* |
45 | * This structure is used to validate that the correct number of log messages | |
46 | * of various types are emitted when emitting secret logs. | |
47 | */ | |
48 | struct sslapitest_log_counts { | |
49 | unsigned int rsa_key_exchange_count; | |
50 | unsigned int master_secret_count; | |
51 | unsigned int client_handshake_secret_count; | |
52 | unsigned int server_handshake_secret_count; | |
53 | unsigned int client_application_secret_count; | |
54 | unsigned int server_application_secret_count; | |
55 | }; | |
56 | ||
6acdd3e5 CB |
57 | static void client_keylog_callback(const SSL *ssl, const char *line) { |
58 | int line_length = strlen(line); | |
59 | ||
60 | /* If the log doesn't fit, error out. */ | |
61 | if ((client_log_buffer_index + line_length) > LOG_BUFFER_SIZE) { | |
62 | printf("No room in client log\n"); | |
63 | error_writing_log = 1; | |
64 | return; | |
65 | } | |
66 | ||
67 | strcat(client_log_buffer, line); | |
68 | client_log_buffer_index += line_length; | |
69 | client_log_buffer[client_log_buffer_index] = '\n'; | |
70 | client_log_buffer_index += 1; | |
71 | ||
72 | return; | |
73 | } | |
74 | ||
75 | static void server_keylog_callback(const SSL *ssl, const char *line) { | |
76 | int line_length = strlen(line); | |
77 | ||
78 | /* If the log doesn't fit, error out. */ | |
79 | if ((server_log_buffer_index + line_length) > LOG_BUFFER_SIZE) { | |
80 | printf("No room in server log\n"); | |
81 | error_writing_log = 1; | |
82 | return; | |
83 | } | |
84 | ||
85 | strcat(server_log_buffer, line); | |
86 | server_log_buffer_index += line_length; | |
87 | server_log_buffer[server_log_buffer_index] = '\n'; | |
88 | server_log_buffer_index += 1; | |
89 | ||
90 | return; | |
91 | } | |
92 | ||
93 | static int compare_hex_encoded_buffer(const char *hex_encoded, | |
94 | size_t hex_length, | |
95 | const uint8_t *raw, | |
96 | size_t raw_length) { | |
97 | size_t i; | |
98 | size_t j; | |
99 | ||
100 | /* One byte too big, just to be safe. */ | |
101 | char hexed[3] = {0}; | |
102 | ||
103 | if ((raw_length * 2) != hex_length) { | |
104 | printf("Inconsistent hex encoded lengths.\n"); | |
105 | return 1; | |
106 | } | |
107 | ||
108 | for (i = j = 0; (i < raw_length) && ((j + 1) < hex_length); i++) { | |
109 | sprintf(hexed, "%02x", raw[i]); | |
110 | if ((hexed[0] != hex_encoded[j]) || (hexed[1] != hex_encoded[j + 1])) { | |
111 | printf("Hex output does not match.\n"); | |
112 | return 1; | |
113 | } | |
114 | j += 2; | |
115 | } | |
116 | ||
117 | return 0; | |
118 | } | |
119 | ||
120 | static int test_keylog_output(char *buffer, const SSL *ssl, | |
f1a5939f CB |
121 | const SSL_SESSION *session, |
122 | struct sslapitest_log_counts *expected) { | |
6acdd3e5 CB |
123 | char *token = NULL; |
124 | unsigned char actual_client_random[SSL3_RANDOM_SIZE] = {0}; | |
125 | size_t client_random_size = SSL3_RANDOM_SIZE; | |
126 | unsigned char actual_master_key[SSL_MAX_MASTER_KEY_LENGTH] = {0}; | |
127 | size_t master_key_size = SSL_MAX_MASTER_KEY_LENGTH; | |
f1a5939f CB |
128 | unsigned int rsa_key_exchange_count = 0; |
129 | unsigned int master_secret_count = 0; | |
130 | unsigned int client_handshake_secret_count = 0; | |
131 | unsigned int server_handshake_secret_count = 0; | |
132 | unsigned int client_application_secret_count = 0; | |
133 | unsigned int server_application_secret_count = 0; | |
6acdd3e5 CB |
134 | |
135 | token = strtok(buffer, " \n"); | |
136 | while (token) { | |
137 | if (strcmp(token, "RSA") == 0) { | |
f1a5939f CB |
138 | /* |
139 | * Premaster secret. Tokens should be: 16 ASCII bytes of | |
6acdd3e5 CB |
140 | * hex-encoded encrypted secret, then the hex-encoded pre-master |
141 | * secret. | |
142 | */ | |
143 | token = strtok(NULL, " \n"); | |
144 | if (!token) { | |
145 | printf("Unexpectedly short premaster secret log.\n"); | |
f1a5939f | 146 | return 0; |
6acdd3e5 CB |
147 | } |
148 | if (strlen(token) != 16) { | |
149 | printf("Bad value for encrypted secret: %s\n", token); | |
f1a5939f | 150 | return 0; |
6acdd3e5 CB |
151 | } |
152 | token = strtok(NULL, " \n"); | |
153 | if (!token) { | |
154 | printf("Unexpectedly short premaster secret log.\n"); | |
f1a5939f | 155 | return 0; |
6acdd3e5 | 156 | } |
f1a5939f CB |
157 | /* |
158 | * We can't sensibly check the log because the premaster secret is | |
159 | * transient, and OpenSSL doesn't keep hold of it once the master | |
160 | * secret is generated. | |
161 | */ | |
162 | rsa_key_exchange_count++; | |
6acdd3e5 | 163 | } else if (strcmp(token, "CLIENT_RANDOM") == 0) { |
f1a5939f CB |
164 | /* |
165 | * Master secret. Tokens should be: 64 ASCII bytes of hex-encoded | |
6acdd3e5 CB |
166 | * client random, then the hex-encoded master secret. |
167 | */ | |
168 | client_random_size = SSL_get_client_random(ssl, | |
169 | actual_client_random, | |
170 | SSL3_RANDOM_SIZE); | |
171 | if (client_random_size != SSL3_RANDOM_SIZE) { | |
172 | printf("Unexpected short client random.\n"); | |
f1a5939f | 173 | return 0; |
6acdd3e5 CB |
174 | } |
175 | ||
176 | token = strtok(NULL, " \n"); | |
177 | if (!token) { | |
178 | printf("Unexpected short master secret log.\n"); | |
f1a5939f | 179 | return 0; |
6acdd3e5 CB |
180 | } |
181 | if (strlen(token) != 64) { | |
182 | printf("Bad value for client random: %s\n", token); | |
f1a5939f | 183 | return 0; |
6acdd3e5 CB |
184 | } |
185 | if (compare_hex_encoded_buffer(token, 64, actual_client_random, | |
186 | client_random_size)) { | |
187 | printf("Bad value for client random: %s\n", token); | |
f1a5939f | 188 | return 0; |
6acdd3e5 CB |
189 | } |
190 | ||
191 | token = strtok(NULL, " \n"); | |
192 | if (!token) { | |
193 | printf("Unexpectedly short master secret log.\n"); | |
f1a5939f | 194 | return 0; |
6acdd3e5 CB |
195 | } |
196 | ||
197 | master_key_size = SSL_SESSION_get_master_key(session, | |
198 | actual_master_key, | |
199 | master_key_size); | |
200 | if (!master_key_size) { | |
201 | printf("Error getting master key to compare.\n"); | |
f1a5939f | 202 | return 0; |
6acdd3e5 CB |
203 | } |
204 | if (compare_hex_encoded_buffer(token, strlen(token), | |
205 | actual_master_key, | |
206 | master_key_size)) { | |
207 | printf("Bad value for master key: %s\n", token); | |
f1a5939f CB |
208 | return 0; |
209 | } | |
210 | ||
211 | master_secret_count++; | |
212 | } else if ((strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0) || | |
213 | (strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0) || | |
214 | (strcmp(token, "CLIENT_TRAFFIC_SECRET_0") == 0) || | |
215 | (strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0)) { | |
216 | /* | |
217 | * TLSv1.3 secret. Tokens should be: 64 ASCII bytes of hex-encoded | |
218 | * client random, and then the hex-encoded secret. In this case, | |
219 | * we treat all of these secrets identically and then just | |
220 | * distinguish between them when counting what we saw. | |
221 | */ | |
222 | if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0) | |
223 | client_handshake_secret_count++; | |
224 | else if (strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0) | |
225 | server_handshake_secret_count++; | |
226 | else if (strcmp(token, "CLIENT_TRAFFIC_SECRET_0") == 0) | |
227 | client_application_secret_count++; | |
228 | else if (strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0) | |
229 | server_application_secret_count++; | |
230 | ||
231 | client_random_size = SSL_get_client_random(ssl, | |
232 | actual_client_random, | |
233 | SSL3_RANDOM_SIZE); | |
234 | if (client_random_size != SSL3_RANDOM_SIZE) { | |
235 | printf("Unexpected short client random.\n"); | |
236 | return 0; | |
237 | } | |
238 | ||
239 | token = strtok(NULL, " \n"); | |
240 | if (!token) { | |
241 | printf("Unexpected short client handshake secret log.\n"); | |
242 | return 0; | |
243 | } | |
244 | if (strlen(token) != 64) { | |
245 | printf("Bad value for client random: %s\n", token); | |
246 | return 0; | |
247 | } | |
248 | if (compare_hex_encoded_buffer(token, 64, actual_client_random, | |
249 | client_random_size)) { | |
250 | printf("Bad value for client random: %s\n", token); | |
251 | return 0; | |
6acdd3e5 CB |
252 | } |
253 | ||
f1a5939f CB |
254 | token = strtok(NULL, " \n"); |
255 | if (!token) { | |
256 | printf("Unexpectedly short master secret log.\n"); | |
257 | return 0; | |
258 | } | |
259 | ||
260 | /* | |
261 | * TODO(TLS1.3): test that application traffic secrets are what | |
262 | * we expect */ | |
6acdd3e5 CB |
263 | } else { |
264 | printf("Unexpected token in buffer: %s\n", token); | |
f1a5939f | 265 | return 0; |
6acdd3e5 CB |
266 | } |
267 | ||
268 | token = strtok(NULL, " \n"); | |
269 | } | |
270 | ||
f1a5939f CB |
271 | /* Return whether we got what we expected. */ |
272 | return ((rsa_key_exchange_count == expected->rsa_key_exchange_count) && | |
273 | (master_secret_count == expected->master_secret_count) && | |
274 | (client_handshake_secret_count == expected->client_handshake_secret_count) && | |
275 | (server_handshake_secret_count == expected->server_handshake_secret_count) && | |
276 | (client_application_secret_count == expected->client_application_secret_count) && | |
277 | (server_application_secret_count == expected->server_application_secret_count)); | |
6acdd3e5 CB |
278 | } |
279 | ||
280 | static int test_keylog(void) { | |
281 | SSL_CTX *cctx = NULL, *sctx = NULL; | |
282 | SSL *clientssl = NULL, *serverssl = NULL; | |
283 | int testresult = 0; | |
f0deb4d3 | 284 | int rc; |
f1a5939f | 285 | struct sslapitest_log_counts expected = {0}; |
6acdd3e5 CB |
286 | |
287 | /* Clean up logging space */ | |
288 | memset(client_log_buffer, 0, LOG_BUFFER_SIZE + 1); | |
289 | memset(server_log_buffer, 0, LOG_BUFFER_SIZE + 1); | |
290 | client_log_buffer_index = 0; | |
291 | server_log_buffer_index = 0; | |
292 | error_writing_log = 0; | |
293 | ||
294 | if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx, | |
295 | &cctx, cert, privkey)) { | |
296 | printf("Unable to create SSL_CTX pair\n"); | |
297 | return 0; | |
298 | } | |
299 | ||
300 | /* We cannot log the master secret for TLSv1.3, so we should forbid it. */ | |
301 | SSL_CTX_set_options(cctx, SSL_OP_NO_TLSv1_3); | |
302 | SSL_CTX_set_options(sctx, SSL_OP_NO_TLSv1_3); | |
303 | ||
f0deb4d3 CB |
304 | /* We also want to ensure that we use RSA-based key exchange. */ |
305 | rc = SSL_CTX_set_cipher_list(cctx, "RSA"); | |
306 | if (rc == 0) { | |
307 | printf("Unable to restrict to RSA key exchange.\n"); | |
308 | goto end; | |
309 | } | |
310 | ||
6acdd3e5 CB |
311 | if (SSL_CTX_get_keylog_callback(cctx)) { |
312 | printf("Unexpected initial value for client " | |
313 | "SSL_CTX_get_keylog_callback()\n"); | |
314 | goto end; | |
315 | } | |
316 | if (SSL_CTX_get_keylog_callback(sctx)) { | |
317 | printf("Unexpected initial value for server " | |
318 | "SSL_CTX_get_keylog_callback()\n"); | |
319 | goto end; | |
320 | } | |
321 | ||
322 | SSL_CTX_set_keylog_callback(cctx, client_keylog_callback); | |
323 | SSL_CTX_set_keylog_callback(sctx, server_keylog_callback); | |
324 | ||
325 | if (SSL_CTX_get_keylog_callback(cctx) != client_keylog_callback) { | |
326 | printf("Unexpected set value for client " | |
327 | "SSL_CTX_get_keylog_callback()\n"); | |
328 | } | |
329 | ||
330 | if (SSL_CTX_get_keylog_callback(sctx) != server_keylog_callback) { | |
331 | printf("Unexpected set value for server " | |
332 | "SSL_CTX_get_keylog_callback()\n"); | |
333 | } | |
334 | ||
335 | /* Now do a handshake and check that the logs have been written to. */ | |
336 | if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { | |
337 | printf("Unable to create SSL objects\n"); | |
338 | goto end; | |
339 | } | |
340 | ||
8e2236ef | 341 | if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) { |
6acdd3e5 CB |
342 | printf("Unable to create SSL connection\n"); |
343 | goto end; | |
344 | } | |
345 | ||
346 | if (error_writing_log) { | |
347 | printf("Error encountered while logging\n"); | |
348 | goto end; | |
349 | } | |
350 | ||
351 | if ((client_log_buffer_index == 0) || (server_log_buffer_index == 0)) { | |
352 | printf("No logs written\n"); | |
353 | goto end; | |
354 | } | |
355 | ||
f1a5939f CB |
356 | /* |
357 | * Now we want to test that our output data was vaguely sensible. We | |
6acdd3e5 | 358 | * do that by using strtok and confirming that we have more or less the |
f1a5939f CB |
359 | * data we expect. For both client and server, we expect to see one master |
360 | * secret. The client should also see a RSA key exchange. | |
6acdd3e5 | 361 | */ |
f1a5939f CB |
362 | expected.rsa_key_exchange_count = 1; |
363 | expected.master_secret_count = 1; | |
364 | if (!test_keylog_output(client_log_buffer, clientssl, | |
365 | SSL_get_session(clientssl), &expected)) { | |
6acdd3e5 CB |
366 | printf("Error encountered in client log buffer\n"); |
367 | goto end; | |
368 | } | |
f1a5939f CB |
369 | |
370 | expected.rsa_key_exchange_count = 0; | |
371 | if (!test_keylog_output(server_log_buffer, serverssl, | |
372 | SSL_get_session(serverssl), &expected)) { | |
6acdd3e5 CB |
373 | printf("Error encountered in server log buffer\n"); |
374 | goto end; | |
375 | } | |
376 | ||
377 | testresult = 1; | |
378 | ||
379 | end: | |
380 | SSL_free(serverssl); | |
381 | SSL_free(clientssl); | |
382 | SSL_CTX_free(sctx); | |
383 | SSL_CTX_free(cctx); | |
384 | ||
385 | return testresult; | |
386 | } | |
387 | ||
388 | #ifndef OPENSSL_NO_TLS1_3 | |
389 | static int test_keylog_no_master_key(void) { | |
390 | SSL_CTX *cctx = NULL, *sctx = NULL; | |
391 | SSL *clientssl = NULL, *serverssl = NULL; | |
392 | int testresult = 0; | |
f1a5939f | 393 | struct sslapitest_log_counts expected = {0}; |
6acdd3e5 CB |
394 | |
395 | /* Clean up logging space */ | |
396 | memset(client_log_buffer, 0, LOG_BUFFER_SIZE + 1); | |
397 | memset(server_log_buffer, 0, LOG_BUFFER_SIZE + 1); | |
398 | client_log_buffer_index = 0; | |
399 | server_log_buffer_index = 0; | |
400 | error_writing_log = 0; | |
401 | ||
402 | if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx, | |
403 | &cctx, cert, privkey)) { | |
404 | printf("Unable to create SSL_CTX pair\n"); | |
405 | return 0; | |
406 | } | |
407 | ||
408 | if (SSL_CTX_get_keylog_callback(cctx)) { | |
409 | printf("Unexpected initial value for client " | |
410 | "SSL_CTX_get_keylog_callback()\n"); | |
411 | goto end; | |
412 | } | |
413 | if (SSL_CTX_get_keylog_callback(sctx)) { | |
414 | printf("Unexpected initial value for server " | |
415 | "SSL_CTX_get_keylog_callback()\n"); | |
416 | goto end; | |
417 | } | |
418 | ||
419 | SSL_CTX_set_keylog_callback(cctx, client_keylog_callback); | |
420 | SSL_CTX_set_keylog_callback(sctx, server_keylog_callback); | |
421 | ||
422 | if (SSL_CTX_get_keylog_callback(cctx) != client_keylog_callback) { | |
423 | printf("Unexpected set value for client " | |
424 | "SSL_CTX_get_keylog_callback()\n"); | |
425 | } | |
426 | ||
427 | if (SSL_CTX_get_keylog_callback(sctx) != server_keylog_callback) { | |
428 | printf("Unexpected set value for server " | |
429 | "SSL_CTX_get_keylog_callback()\n"); | |
430 | } | |
431 | ||
432 | /* Now do a handshake and check that the logs have been written to. */ | |
433 | if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { | |
434 | printf("Unable to create SSL objects\n"); | |
435 | goto end; | |
436 | } | |
437 | ||
8e2236ef | 438 | if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) { |
6acdd3e5 CB |
439 | printf("Unable to create SSL connection\n"); |
440 | goto end; | |
441 | } | |
442 | ||
443 | if (error_writing_log) { | |
444 | printf("Error encountered while logging\n"); | |
445 | goto end; | |
446 | } | |
447 | ||
f1a5939f CB |
448 | /* |
449 | * Now we want to test that our output data was vaguely sensible. For this | |
450 | * test, we expect no CLIENT_RANDOM entry becuase it doesn't make sense for | |
451 | * TLSv1.3, but we do expect both client and server to emit keys. | |
6acdd3e5 | 452 | */ |
f1a5939f CB |
453 | expected.client_handshake_secret_count = 1; |
454 | expected.server_handshake_secret_count = 1; | |
455 | expected.client_application_secret_count = 1; | |
456 | expected.server_application_secret_count = 1; | |
457 | if (!test_keylog_output(client_log_buffer, clientssl, | |
458 | SSL_get_session(clientssl), &expected)) { | |
6acdd3e5 CB |
459 | printf("Error encountered in client log buffer\n"); |
460 | goto end; | |
461 | } | |
f1a5939f CB |
462 | if (!test_keylog_output(server_log_buffer, serverssl, |
463 | SSL_get_session(serverssl), &expected)) { | |
6acdd3e5 CB |
464 | printf("Error encountered in server log buffer\n"); |
465 | goto end; | |
466 | } | |
467 | ||
468 | testresult = 1; | |
469 | ||
470 | end: | |
471 | SSL_free(serverssl); | |
472 | SSL_free(clientssl); | |
473 | SSL_CTX_free(sctx); | |
474 | SSL_CTX_free(cctx); | |
475 | ||
476 | return testresult; | |
477 | } | |
478 | #endif | |
479 | ||
e9ee6536 | 480 | #ifndef OPENSSL_NO_TLS1_2 |
2afaee51 BK |
481 | static int full_early_callback(SSL *s, int *al, void *arg) |
482 | { | |
483 | int *ctr = arg; | |
484 | const unsigned char *p; | |
485 | /* We only configure two ciphers, but the SCSV is added automatically. */ | |
486 | #ifdef OPENSSL_NO_EC | |
487 | const unsigned char expected_ciphers[] = {0x00, 0x9d, 0x00, 0xff}; | |
488 | #else | |
489 | const unsigned char expected_ciphers[] = {0x00, 0x9d, 0xc0, | |
490 | 0x2c, 0x00, 0xff}; | |
491 | #endif | |
492 | size_t len; | |
493 | ||
494 | /* Make sure we can defer processing and get called back. */ | |
495 | if ((*ctr)++ == 0) | |
496 | return -1; | |
497 | ||
498 | len = SSL_early_get0_ciphers(s, &p); | |
499 | if (len != sizeof(expected_ciphers) || | |
500 | memcmp(p, expected_ciphers, len) != 0) { | |
501 | printf("Early callback expected ciphers mismatch\n"); | |
502 | return 0; | |
503 | } | |
504 | len = SSL_early_get0_compression_methods(s, &p); | |
505 | if (len != 1 || *p != 0) { | |
506 | printf("Early callback expected comperssion methods mismatch\n"); | |
507 | return 0; | |
508 | } | |
509 | return 1; | |
510 | } | |
511 | ||
512 | static int test_early_cb(void) { | |
513 | SSL_CTX *cctx = NULL, *sctx = NULL; | |
514 | SSL *clientssl = NULL, *serverssl = NULL; | |
515 | int testctr = 0, testresult = 0; | |
516 | ||
517 | if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx, | |
518 | &cctx, cert, privkey)) { | |
519 | printf("Unable to create SSL_CTX pair\n"); | |
520 | goto end; | |
521 | } | |
522 | ||
523 | SSL_CTX_set_early_cb(sctx, full_early_callback, &testctr); | |
524 | /* The gimpy cipher list we configure can't do TLS 1.3. */ | |
525 | SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION); | |
526 | if (!SSL_CTX_set_cipher_list(cctx, | |
527 | "AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384")) { | |
528 | printf("Failed to set cipher list\n"); | |
529 | goto end; | |
530 | } | |
531 | ||
532 | if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { | |
533 | printf("Unable to create SSL objects\n"); | |
534 | goto end; | |
535 | } | |
536 | ||
537 | if (create_ssl_connection(serverssl, clientssl, SSL_ERROR_WANT_EARLY)) { | |
538 | printf("Creating SSL connection succeeded with async early return\n"); | |
539 | goto end; | |
540 | } | |
541 | ||
542 | /* Passing a -1 literal is a hack since the real value was lost. */ | |
543 | if (SSL_get_error(serverssl, -1) != SSL_ERROR_WANT_EARLY) { | |
544 | printf("Early callback failed to make state SSL_ERROR_WANT_EARLY\n"); | |
545 | goto end; | |
546 | } | |
547 | ||
548 | if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) { | |
549 | printf("Restarting SSL connection failed\n"); | |
550 | goto end; | |
551 | } | |
552 | ||
553 | testresult = 1; | |
554 | ||
555 | end: | |
556 | SSL_free(serverssl); | |
557 | SSL_free(clientssl); | |
558 | SSL_CTX_free(sctx); | |
559 | SSL_CTX_free(cctx); | |
560 | ||
561 | return testresult; | |
562 | } | |
e9ee6536 | 563 | #endif |
2afaee51 | 564 | |
84d5549e | 565 | static int execute_test_large_message(const SSL_METHOD *smeth, |
7856332e | 566 | const SSL_METHOD *cmeth, int read_ahead) |
84d5549e MC |
567 | { |
568 | SSL_CTX *cctx = NULL, *sctx = NULL; | |
569 | SSL *clientssl = NULL, *serverssl = NULL; | |
570 | int testresult = 0; | |
571 | int i; | |
572 | BIO *certbio = BIO_new_file(cert, "r"); | |
573 | X509 *chaincert = NULL; | |
574 | int certlen; | |
575 | ||
576 | if (certbio == NULL) { | |
577 | printf("Can't load the certficate file\n"); | |
578 | goto end; | |
579 | } | |
580 | chaincert = PEM_read_bio_X509(certbio, NULL, NULL, NULL); | |
fa454945 MC |
581 | BIO_free(certbio); |
582 | certbio = NULL; | |
583 | if (chaincert == NULL) { | |
584 | printf("Unable to load certificate for chain\n"); | |
585 | goto end; | |
586 | } | |
84d5549e MC |
587 | |
588 | if (!create_ssl_ctx_pair(smeth, cmeth, &sctx, | |
589 | &cctx, cert, privkey)) { | |
590 | printf("Unable to create SSL_CTX pair\n"); | |
591 | goto end; | |
592 | } | |
84d5549e | 593 | |
7856332e MC |
594 | if(read_ahead) { |
595 | /* | |
596 | * Test that read_ahead works correctly when dealing with large | |
597 | * records | |
598 | */ | |
599 | SSL_CTX_set_read_ahead(cctx, 1); | |
600 | } | |
601 | ||
84d5549e MC |
602 | /* |
603 | * We assume the supplied certificate is big enough so that if we add | |
604 | * NUM_EXTRA_CERTS it will make the overall message large enough. The | |
605 | * default buffer size is requested to be 16k, but due to the way BUF_MEM | |
606 | * works, it ends up allocing a little over 21k (16 * 4/3). So, in this test | |
607 | * we need to have a message larger than that. | |
608 | */ | |
609 | certlen = i2d_X509(chaincert, NULL); | |
610 | OPENSSL_assert((certlen * NUM_EXTRA_CERTS) | |
611 | > ((SSL3_RT_MAX_PLAIN_LENGTH * 4) / 3)); | |
612 | for (i = 0; i < NUM_EXTRA_CERTS; i++) { | |
613 | if (!X509_up_ref(chaincert)) { | |
614 | printf("Unable to up ref cert\n"); | |
615 | goto end; | |
616 | } | |
617 | if (!SSL_CTX_add_extra_chain_cert(sctx, chaincert)) { | |
618 | printf("Unable to add extra chain cert %d\n", i); | |
619 | X509_free(chaincert); | |
620 | goto end; | |
621 | } | |
622 | } | |
623 | ||
624 | if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { | |
625 | printf("Unable to create SSL objects\n"); | |
626 | goto end; | |
627 | } | |
628 | ||
8e2236ef | 629 | if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) { |
84d5549e MC |
630 | printf("Unable to create SSL connection\n"); |
631 | goto end; | |
632 | } | |
633 | ||
4bf08600 MC |
634 | /* |
635 | * Calling SSL_clear() first is not required but this tests that SSL_clear() | |
636 | * doesn't leak (when using enable-crypto-mdebug). | |
637 | */ | |
638 | if (!SSL_clear(serverssl)) { | |
639 | printf("Unexpected failure from SSL_clear()\n"); | |
640 | goto end; | |
641 | } | |
84d5549e | 642 | |
4bf08600 | 643 | testresult = 1; |
84d5549e MC |
644 | end: |
645 | X509_free(chaincert); | |
646 | SSL_free(serverssl); | |
647 | SSL_free(clientssl); | |
648 | SSL_CTX_free(sctx); | |
649 | SSL_CTX_free(cctx); | |
650 | ||
651 | return testresult; | |
652 | } | |
653 | ||
654 | static int test_large_message_tls(void) | |
655 | { | |
7856332e MC |
656 | return execute_test_large_message(TLS_server_method(), TLS_client_method(), |
657 | 0); | |
658 | } | |
659 | ||
660 | static int test_large_message_tls_read_ahead(void) | |
661 | { | |
662 | return execute_test_large_message(TLS_server_method(), TLS_client_method(), | |
663 | 1); | |
84d5549e MC |
664 | } |
665 | ||
55386bef | 666 | #ifndef OPENSSL_NO_DTLS |
84d5549e MC |
667 | static int test_large_message_dtls(void) |
668 | { | |
7856332e MC |
669 | /* |
670 | * read_ahead is not relevant to DTLS because DTLS always acts as if | |
671 | * read_ahead is set. | |
672 | */ | |
84d5549e | 673 | return execute_test_large_message(DTLS_server_method(), |
7856332e | 674 | DTLS_client_method(), 0); |
84d5549e | 675 | } |
55386bef | 676 | #endif |
84d5549e | 677 | |
8f8c11d8 | 678 | #ifndef OPENSSL_NO_OCSP |
ba881d3b MC |
679 | static int ocsp_server_cb(SSL *s, void *arg) |
680 | { | |
681 | int *argi = (int *)arg; | |
682 | unsigned char *orespdercopy = NULL; | |
683 | STACK_OF(OCSP_RESPID) *ids = NULL; | |
684 | OCSP_RESPID *id = NULL; | |
685 | ||
686 | if (*argi == 2) { | |
687 | /* In this test we are expecting exactly 1 OCSP_RESPID */ | |
688 | SSL_get_tlsext_status_ids(s, &ids); | |
689 | if (ids == NULL || sk_OCSP_RESPID_num(ids) != 1) | |
690 | return SSL_TLSEXT_ERR_ALERT_FATAL; | |
691 | ||
692 | id = sk_OCSP_RESPID_value(ids, 0); | |
693 | if (id == NULL || !OCSP_RESPID_match(id, ocspcert)) | |
694 | return SSL_TLSEXT_ERR_ALERT_FATAL; | |
695 | } else if (*argi != 1) { | |
696 | return SSL_TLSEXT_ERR_ALERT_FATAL; | |
697 | } | |
698 | ||
699 | ||
700 | orespdercopy = OPENSSL_memdup(orespder, sizeof(orespder)); | |
701 | if (orespdercopy == NULL) | |
702 | return SSL_TLSEXT_ERR_ALERT_FATAL; | |
703 | ||
704 | SSL_set_tlsext_status_ocsp_resp(s, orespdercopy, sizeof(orespder)); | |
705 | ||
706 | ocsp_server_called = 1; | |
707 | ||
708 | return SSL_TLSEXT_ERR_OK; | |
709 | } | |
710 | ||
711 | static int ocsp_client_cb(SSL *s, void *arg) | |
712 | { | |
713 | int *argi = (int *)arg; | |
714 | const unsigned char *respderin; | |
715 | size_t len; | |
716 | ||
717 | if (*argi != 1 && *argi != 2) | |
718 | return 0; | |
719 | ||
720 | len = SSL_get_tlsext_status_ocsp_resp(s, &respderin); | |
721 | ||
722 | if (memcmp(orespder, respderin, len) != 0) | |
723 | return 0; | |
724 | ||
725 | ocsp_client_called = 1; | |
726 | ||
727 | return 1; | |
728 | } | |
729 | ||
2cb4b5f6 MC |
730 | static int test_tlsext_status_type(void) |
731 | { | |
ba881d3b MC |
732 | SSL_CTX *cctx = NULL, *sctx = NULL; |
733 | SSL *clientssl = NULL, *serverssl = NULL; | |
2cb4b5f6 | 734 | int testresult = 0; |
ba881d3b MC |
735 | STACK_OF(OCSP_RESPID) *ids = NULL; |
736 | OCSP_RESPID *id = NULL; | |
737 | BIO *certbio = NULL; | |
2cb4b5f6 | 738 | |
ba881d3b MC |
739 | if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx, |
740 | &cctx, cert, privkey)) { | |
741 | printf("Unable to create SSL_CTX pair\n"); | |
742 | return 0; | |
743 | } | |
2cb4b5f6 | 744 | |
ba881d3b | 745 | if (SSL_CTX_get_tlsext_status_type(cctx) != -1) { |
2cb4b5f6 MC |
746 | printf("Unexpected initial value for " |
747 | "SSL_CTX_get_tlsext_status_type()\n"); | |
748 | goto end; | |
749 | } | |
750 | ||
ba881d3b | 751 | /* First just do various checks getting and setting tlsext_status_type */ |
2cb4b5f6 | 752 | |
ba881d3b MC |
753 | clientssl = SSL_new(cctx); |
754 | if (SSL_get_tlsext_status_type(clientssl) != -1) { | |
2cb4b5f6 MC |
755 | printf("Unexpected initial value for SSL_get_tlsext_status_type()\n"); |
756 | goto end; | |
757 | } | |
758 | ||
ba881d3b | 759 | if (!SSL_set_tlsext_status_type(clientssl, TLSEXT_STATUSTYPE_ocsp)) { |
2cb4b5f6 MC |
760 | printf("Unexpected fail for SSL_set_tlsext_status_type()\n"); |
761 | goto end; | |
762 | } | |
763 | ||
ba881d3b | 764 | if (SSL_get_tlsext_status_type(clientssl) != TLSEXT_STATUSTYPE_ocsp) { |
2cb4b5f6 MC |
765 | printf("Unexpected result for SSL_get_tlsext_status_type()\n"); |
766 | goto end; | |
767 | } | |
768 | ||
ba881d3b MC |
769 | SSL_free(clientssl); |
770 | clientssl = NULL; | |
2cb4b5f6 | 771 | |
ba881d3b | 772 | if (!SSL_CTX_set_tlsext_status_type(cctx, TLSEXT_STATUSTYPE_ocsp)) { |
2cb4b5f6 MC |
773 | printf("Unexpected fail for SSL_CTX_set_tlsext_status_type()\n"); |
774 | goto end; | |
775 | } | |
776 | ||
ba881d3b | 777 | if (SSL_CTX_get_tlsext_status_type(cctx) != TLSEXT_STATUSTYPE_ocsp) { |
2cb4b5f6 MC |
778 | printf("Unexpected result for SSL_CTX_get_tlsext_status_type()\n"); |
779 | goto end; | |
780 | } | |
781 | ||
ba881d3b | 782 | clientssl = SSL_new(cctx); |
2cb4b5f6 | 783 | |
ba881d3b | 784 | if (SSL_get_tlsext_status_type(clientssl) != TLSEXT_STATUSTYPE_ocsp) { |
2cb4b5f6 MC |
785 | printf("Unexpected result for SSL_get_tlsext_status_type() (test 2)\n"); |
786 | goto end; | |
787 | } | |
788 | ||
ba881d3b MC |
789 | SSL_free(clientssl); |
790 | clientssl = NULL; | |
791 | ||
792 | /* | |
793 | * Now actually do a handshake and check OCSP information is exchanged and | |
794 | * the callbacks get called | |
795 | */ | |
796 | ||
797 | SSL_CTX_set_tlsext_status_cb(cctx, ocsp_client_cb); | |
798 | SSL_CTX_set_tlsext_status_arg(cctx, &cdummyarg); | |
799 | SSL_CTX_set_tlsext_status_cb(sctx, ocsp_server_cb); | |
800 | SSL_CTX_set_tlsext_status_arg(sctx, &cdummyarg); | |
801 | ||
802 | if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { | |
803 | printf("Unable to create SSL objects\n"); | |
804 | goto end; | |
805 | } | |
806 | ||
8e2236ef | 807 | if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) { |
ba881d3b MC |
808 | printf("Unable to create SSL connection\n"); |
809 | goto end; | |
810 | } | |
811 | ||
812 | if (!ocsp_client_called || !ocsp_server_called) { | |
813 | printf("OCSP callbacks not called\n"); | |
814 | goto end; | |
815 | } | |
816 | ||
817 | SSL_free(serverssl); | |
818 | SSL_free(clientssl); | |
819 | serverssl = NULL; | |
820 | clientssl = NULL; | |
821 | ||
822 | /* Try again but this time force the server side callback to fail */ | |
823 | ocsp_client_called = 0; | |
824 | ocsp_server_called = 0; | |
825 | cdummyarg = 0; | |
826 | ||
827 | if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { | |
828 | printf("Unable to create SSL objects\n"); | |
829 | goto end; | |
830 | } | |
831 | ||
832 | /* This should fail because the callback will fail */ | |
8e2236ef | 833 | if (create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) { |
ba881d3b MC |
834 | printf("Unexpected success creating the connection\n"); |
835 | goto end; | |
836 | } | |
837 | ||
838 | if (ocsp_client_called || ocsp_server_called) { | |
839 | printf("OCSP callbacks successfully called unexpectedly\n"); | |
840 | goto end; | |
841 | } | |
842 | ||
843 | SSL_free(serverssl); | |
844 | SSL_free(clientssl); | |
845 | serverssl = NULL; | |
846 | clientssl = NULL; | |
847 | ||
848 | /* | |
849 | * This time we'll get the client to send an OCSP_RESPID that it will | |
850 | * accept. | |
851 | */ | |
852 | ocsp_client_called = 0; | |
853 | ocsp_server_called = 0; | |
854 | cdummyarg = 2; | |
855 | ||
856 | if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { | |
857 | printf("Unable to create SSL objects\n"); | |
858 | goto end; | |
859 | } | |
860 | ||
861 | /* | |
862 | * We'll just use any old cert for this test - it doesn't have to be an OCSP | |
863 | * specifc one. We'll use the server cert. | |
864 | */ | |
865 | certbio = BIO_new_file(cert, "r"); | |
866 | if (certbio == NULL) { | |
867 | printf("Can't load the certficate file\n"); | |
868 | goto end; | |
869 | } | |
870 | id = OCSP_RESPID_new(); | |
871 | ids = sk_OCSP_RESPID_new_null(); | |
872 | ocspcert = PEM_read_bio_X509(certbio, NULL, NULL, NULL); | |
873 | if (id == NULL || ids == NULL || ocspcert == NULL | |
874 | || !OCSP_RESPID_set_by_key(id, ocspcert) | |
875 | || !sk_OCSP_RESPID_push(ids, id)) { | |
876 | printf("Unable to set OCSP_RESPIDs\n"); | |
877 | goto end; | |
878 | } | |
879 | id = NULL; | |
880 | SSL_set_tlsext_status_ids(clientssl, ids); | |
881 | /* Control has been transferred */ | |
882 | ids = NULL; | |
883 | ||
884 | BIO_free(certbio); | |
885 | certbio = NULL; | |
886 | ||
8e2236ef | 887 | if (!create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) { |
ba881d3b MC |
888 | printf("Unable to create SSL connection\n"); |
889 | goto end; | |
890 | } | |
891 | ||
892 | if (!ocsp_client_called || !ocsp_server_called) { | |
893 | printf("OCSP callbacks not called\n"); | |
894 | goto end; | |
895 | } | |
896 | ||
2cb4b5f6 MC |
897 | testresult = 1; |
898 | ||
899 | end: | |
ba881d3b MC |
900 | SSL_free(serverssl); |
901 | SSL_free(clientssl); | |
902 | SSL_CTX_free(sctx); | |
903 | SSL_CTX_free(cctx); | |
904 | sk_OCSP_RESPID_pop_free(ids, OCSP_RESPID_free); | |
905 | OCSP_RESPID_free(id); | |
906 | BIO_free(certbio); | |
907 | X509_free(ocspcert); | |
908 | ocspcert = NULL; | |
2cb4b5f6 MC |
909 | |
910 | return testresult; | |
911 | } | |
8f8c11d8 | 912 | #endif |
2cb4b5f6 | 913 | |
eaa776da MC |
914 | typedef struct ssl_session_test_fixture { |
915 | const char *test_case_name; | |
916 | int use_ext_cache; | |
917 | int use_int_cache; | |
918 | } SSL_SESSION_TEST_FIXTURE; | |
919 | ||
920 | static int new_called = 0, remove_called = 0; | |
921 | ||
922 | static SSL_SESSION_TEST_FIXTURE | |
923 | ssl_session_set_up(const char *const test_case_name) | |
924 | { | |
925 | SSL_SESSION_TEST_FIXTURE fixture; | |
926 | ||
927 | fixture.test_case_name = test_case_name; | |
928 | fixture.use_ext_cache = 1; | |
929 | fixture.use_int_cache = 1; | |
930 | ||
931 | new_called = remove_called = 0; | |
932 | ||
933 | return fixture; | |
934 | } | |
935 | ||
936 | static void ssl_session_tear_down(SSL_SESSION_TEST_FIXTURE fixture) | |
937 | { | |
938 | } | |
939 | ||
940 | static int new_session_cb(SSL *ssl, SSL_SESSION *sess) | |
941 | { | |
942 | new_called++; | |
943 | ||
944 | return 1; | |
945 | } | |
946 | ||
947 | static void remove_session_cb(SSL_CTX *ctx, SSL_SESSION *sess) | |
948 | { | |
949 | remove_called++; | |
950 | } | |
951 | ||
952 | static int execute_test_session(SSL_SESSION_TEST_FIXTURE fix) | |
2cb4b5f6 MC |
953 | { |
954 | SSL_CTX *sctx = NULL, *cctx = NULL; | |
955 | SSL *serverssl1 = NULL, *clientssl1 = NULL; | |
956 | SSL *serverssl2 = NULL, *clientssl2 = NULL; | |
b4982125 | 957 | #ifndef OPENSSL_NO_TLS1_1 |
eaa776da | 958 | SSL *serverssl3 = NULL, *clientssl3 = NULL; |
b4982125 | 959 | #endif |
2cb4b5f6 MC |
960 | SSL_SESSION *sess1 = NULL, *sess2 = NULL; |
961 | int testresult = 0; | |
962 | ||
963 | if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx, | |
964 | &cctx, cert, privkey)) { | |
965 | printf("Unable to create SSL_CTX pair\n"); | |
966 | return 0; | |
967 | } | |
968 | ||
eaa776da MC |
969 | #ifndef OPENSSL_NO_TLS1_2 |
970 | /* Only allow TLS1.2 so we can force a connection failure later */ | |
971 | SSL_CTX_set_min_proto_version(cctx, TLS1_2_VERSION); | |
972 | #endif | |
973 | ||
974 | /* Set up session cache */ | |
975 | if (fix.use_ext_cache) { | |
976 | SSL_CTX_sess_set_new_cb(cctx, new_session_cb); | |
977 | SSL_CTX_sess_set_remove_cb(cctx, remove_session_cb); | |
978 | } | |
979 | if (fix.use_int_cache) { | |
980 | /* Also covers instance where both are set */ | |
981 | SSL_CTX_set_session_cache_mode(cctx, SSL_SESS_CACHE_CLIENT); | |
982 | } else { | |
983 | SSL_CTX_set_session_cache_mode(cctx, | |
984 | SSL_SESS_CACHE_CLIENT | |
985 | | SSL_SESS_CACHE_NO_INTERNAL_STORE); | |
986 | } | |
2cb4b5f6 | 987 | |
b4982125 | 988 | if (!create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1, NULL, |
2cb4b5f6 | 989 | NULL)) { |
b4982125 MC |
990 | printf("Unable to create SSL objects\n"); |
991 | goto end; | |
992 | } | |
993 | ||
8e2236ef | 994 | if (!create_ssl_connection(serverssl1, clientssl1, SSL_ERROR_NONE)) { |
2cb4b5f6 MC |
995 | printf("Unable to create SSL connection\n"); |
996 | goto end; | |
997 | } | |
2cb4b5f6 MC |
998 | sess1 = SSL_get1_session(clientssl1); |
999 | if (sess1 == NULL) { | |
1000 | printf("Unexpected NULL session\n"); | |
1001 | goto end; | |
1002 | } | |
1003 | ||
eaa776da | 1004 | if (fix.use_int_cache && SSL_CTX_add_session(cctx, sess1)) { |
2cb4b5f6 MC |
1005 | /* Should have failed because it should already be in the cache */ |
1006 | printf("Unexpected success adding session to cache\n"); | |
1007 | goto end; | |
1008 | } | |
1009 | ||
eaa776da MC |
1010 | if (fix.use_ext_cache && (new_called != 1 || remove_called != 0)) { |
1011 | printf("Session not added to cache\n"); | |
1012 | goto end; | |
1013 | } | |
1014 | ||
b4982125 MC |
1015 | if (!create_ssl_objects(sctx, cctx, &serverssl2, &clientssl2, NULL, NULL)) { |
1016 | printf("Unable to create second SSL objects\n"); | |
1017 | goto end; | |
1018 | } | |
1019 | ||
8e2236ef | 1020 | if (!create_ssl_connection(serverssl2, clientssl2, SSL_ERROR_NONE)) { |
2cb4b5f6 MC |
1021 | printf("Unable to create second SSL connection\n"); |
1022 | goto end; | |
1023 | } | |
1024 | ||
1025 | sess2 = SSL_get1_session(clientssl2); | |
1026 | if (sess2 == NULL) { | |
1027 | printf("Unexpected NULL session from clientssl2\n"); | |
1028 | goto end; | |
1029 | } | |
1030 | ||
eaa776da MC |
1031 | if (fix.use_ext_cache && (new_called != 2 || remove_called != 0)) { |
1032 | printf("Remove session callback unexpectedly called\n"); | |
1033 | goto end; | |
1034 | } | |
1035 | ||
2cb4b5f6 MC |
1036 | /* |
1037 | * This should clear sess2 from the cache because it is a "bad" session. See | |
1038 | * SSL_set_session() documentation. | |
1039 | */ | |
1040 | if (!SSL_set_session(clientssl2, sess1)) { | |
1041 | printf("Unexpected failure setting session\n"); | |
1042 | goto end; | |
1043 | } | |
1044 | ||
eaa776da MC |
1045 | if (fix.use_ext_cache && (new_called != 2 || remove_called != 1)) { |
1046 | printf("Failed to call callback to remove session\n"); | |
1047 | goto end; | |
1048 | } | |
1049 | ||
1050 | ||
2cb4b5f6 MC |
1051 | if (SSL_get_session(clientssl2) != sess1) { |
1052 | printf("Unexpected session found\n"); | |
1053 | goto end; | |
1054 | } | |
1055 | ||
eaa776da MC |
1056 | if (fix.use_int_cache) { |
1057 | if (!SSL_CTX_add_session(cctx, sess2)) { | |
1058 | /* | |
1059 | * Should have succeeded because it should not already be in the cache | |
1060 | */ | |
1061 | printf("Unexpected failure adding session to cache\n"); | |
1062 | goto end; | |
1063 | } | |
1064 | ||
1065 | if (!SSL_CTX_remove_session(cctx, sess2)) { | |
1066 | printf("Unexpected failure removing session from cache\n"); | |
1067 | goto end; | |
1068 | } | |
1069 | ||
1070 | /* This is for the purposes of internal cache testing...ignore the | |
1071 | * counter for external cache | |
2cb4b5f6 | 1072 | */ |
eaa776da MC |
1073 | if (fix.use_ext_cache) |
1074 | remove_called--; | |
1075 | } | |
1076 | ||
1077 | /* This shouldn't be in the cache so should fail */ | |
1078 | if (SSL_CTX_remove_session(cctx, sess2)) { | |
1079 | printf("Unexpected success removing session from cache\n"); | |
2cb4b5f6 MC |
1080 | goto end; |
1081 | } | |
1082 | ||
eaa776da MC |
1083 | if (fix.use_ext_cache && (new_called != 2 || remove_called != 2)) { |
1084 | printf("Failed to call callback to remove session #2\n"); | |
2cb4b5f6 MC |
1085 | goto end; |
1086 | } | |
1087 | ||
80f397e2 | 1088 | #if !defined(OPENSSL_NO_TLS1_1) && !defined(OPENSSL_NO_TLS1_2) |
eaa776da MC |
1089 | /* Force a connection failure */ |
1090 | SSL_CTX_set_max_proto_version(sctx, TLS1_1_VERSION); | |
b4982125 MC |
1091 | |
1092 | if (!create_ssl_objects(sctx, cctx, &serverssl3, &clientssl3, NULL, NULL)) { | |
1093 | printf("Unable to create third SSL objects\n"); | |
eaa776da MC |
1094 | goto end; |
1095 | } | |
b4982125 | 1096 | |
eaa776da MC |
1097 | if (!SSL_set_session(clientssl3, sess1)) { |
1098 | printf("Unable to set session for third connection\n"); | |
1099 | goto end; | |
1100 | } | |
1101 | ||
1102 | /* This should fail because of the mismatched protocol versions */ | |
8e2236ef | 1103 | if (create_ssl_connection(serverssl3, clientssl3, SSL_ERROR_NONE)) { |
b4982125 | 1104 | printf("Unable to create third SSL connection\n"); |
eaa776da MC |
1105 | goto end; |
1106 | } | |
1107 | ||
b4982125 | 1108 | |
eaa776da MC |
1109 | /* We should have automatically removed the session from the cache */ |
1110 | if (fix.use_ext_cache && (new_called != 2 || remove_called != 3)) { | |
1111 | printf("Failed to call callback to remove session #2\n"); | |
2cb4b5f6 MC |
1112 | goto end; |
1113 | } | |
1114 | ||
eaa776da MC |
1115 | if (fix.use_int_cache && !SSL_CTX_add_session(cctx, sess2)) { |
1116 | /* | |
1117 | * Should have succeeded because it should not already be in the cache | |
1118 | */ | |
1119 | printf("Unexpected failure adding session to cache #2\n"); | |
1120 | goto end; | |
1121 | } | |
1122 | #endif | |
1123 | ||
2cb4b5f6 | 1124 | testresult = 1; |
eaa776da | 1125 | |
2cb4b5f6 MC |
1126 | end: |
1127 | SSL_free(serverssl1); | |
1128 | SSL_free(clientssl1); | |
1129 | SSL_free(serverssl2); | |
1130 | SSL_free(clientssl2); | |
b4982125 | 1131 | #ifndef OPENSSL_NO_TLS1_1 |
eaa776da MC |
1132 | SSL_free(serverssl3); |
1133 | SSL_free(clientssl3); | |
b4982125 | 1134 | #endif |
2cb4b5f6 MC |
1135 | SSL_SESSION_free(sess1); |
1136 | SSL_SESSION_free(sess2); | |
eaa776da MC |
1137 | /* |
1138 | * Check if we need to remove any sessions up-refed for the external cache | |
1139 | */ | |
1140 | if (new_called >= 1) | |
1141 | SSL_SESSION_free(sess1); | |
1142 | if (new_called >= 2) | |
1143 | SSL_SESSION_free(sess2); | |
2cb4b5f6 MC |
1144 | SSL_CTX_free(sctx); |
1145 | SSL_CTX_free(cctx); | |
1146 | ||
1147 | return testresult; | |
1148 | } | |
1149 | ||
7fb4c820 MC |
1150 | static int test_session_with_only_int_cache(void) |
1151 | { | |
eaa776da MC |
1152 | SETUP_TEST_FIXTURE(SSL_SESSION_TEST_FIXTURE, ssl_session_set_up); |
1153 | ||
1154 | fixture.use_ext_cache = 0; | |
1155 | ||
1156 | EXECUTE_TEST(execute_test_session, ssl_session_tear_down); | |
1157 | } | |
1158 | ||
7fb4c820 MC |
1159 | static int test_session_with_only_ext_cache(void) |
1160 | { | |
eaa776da MC |
1161 | SETUP_TEST_FIXTURE(SSL_SESSION_TEST_FIXTURE, ssl_session_set_up); |
1162 | ||
1163 | fixture.use_int_cache = 0; | |
1164 | ||
1165 | EXECUTE_TEST(execute_test_session, ssl_session_tear_down); | |
1166 | } | |
1167 | ||
7fb4c820 MC |
1168 | static int test_session_with_both_cache(void) |
1169 | { | |
eaa776da MC |
1170 | SETUP_TEST_FIXTURE(SSL_SESSION_TEST_FIXTURE, ssl_session_set_up); |
1171 | ||
1172 | EXECUTE_TEST(execute_test_session, ssl_session_tear_down); | |
1173 | } | |
1174 | ||
7fb4c820 MC |
1175 | #define USE_NULL 0 |
1176 | #define USE_BIO_1 1 | |
1177 | #define USE_BIO_2 2 | |
1178 | ||
1179 | #define TOTAL_SSL_SET_BIO_TESTS (3 * 3 * 3 * 3) | |
1180 | ||
1181 | static void setupbio(BIO **res, BIO *bio1, BIO *bio2, int type) | |
1182 | { | |
1183 | switch (type) { | |
1184 | case USE_NULL: | |
1185 | *res = NULL; | |
1186 | break; | |
1187 | case USE_BIO_1: | |
1188 | *res = bio1; | |
1189 | break; | |
1190 | case USE_BIO_2: | |
1191 | *res = bio2; | |
1192 | break; | |
1193 | } | |
1194 | } | |
1195 | ||
1196 | static int test_ssl_set_bio(int idx) | |
1197 | { | |
1198 | SSL_CTX *ctx = SSL_CTX_new(TLS_method()); | |
1199 | BIO *bio1 = NULL; | |
1200 | BIO *bio2 = NULL; | |
0fae8150 | 1201 | BIO *irbio = NULL, *iwbio = NULL, *nrbio = NULL, *nwbio = NULL; |
7fb4c820 MC |
1202 | SSL *ssl = NULL; |
1203 | int initrbio, initwbio, newrbio, newwbio; | |
1204 | int testresult = 0; | |
1205 | ||
1206 | if (ctx == NULL) { | |
1207 | printf("Failed to allocate SSL_CTX\n"); | |
1208 | goto end; | |
1209 | } | |
1210 | ||
1211 | ssl = SSL_new(ctx); | |
1212 | if (ssl == NULL) { | |
1213 | printf("Failed to allocate SSL object\n"); | |
1214 | goto end; | |
1215 | } | |
1216 | ||
1217 | initrbio = idx % 3; | |
1218 | idx /= 3; | |
1219 | initwbio = idx % 3; | |
1220 | idx /= 3; | |
1221 | newrbio = idx % 3; | |
1222 | idx /= 3; | |
1223 | newwbio = idx; | |
1224 | OPENSSL_assert(newwbio <= 2); | |
1225 | ||
1226 | if (initrbio == USE_BIO_1 || initwbio == USE_BIO_1 || newrbio == USE_BIO_1 | |
1227 | || newwbio == USE_BIO_1) { | |
1228 | bio1 = BIO_new(BIO_s_mem()); | |
1229 | if (bio1 == NULL) { | |
1230 | printf("Failed to allocate bio1\n"); | |
1231 | goto end; | |
1232 | } | |
1233 | } | |
1234 | ||
1235 | if (initrbio == USE_BIO_2 || initwbio == USE_BIO_2 || newrbio == USE_BIO_2 | |
1236 | || newwbio == USE_BIO_2) { | |
1237 | bio2 = BIO_new(BIO_s_mem()); | |
1238 | if (bio2 == NULL) { | |
1239 | printf("Failed to allocate bio2\n"); | |
1240 | goto end; | |
1241 | } | |
1242 | } | |
1243 | ||
1244 | setupbio(&irbio, bio1, bio2, initrbio); | |
1245 | setupbio(&iwbio, bio1, bio2, initwbio); | |
1246 | ||
1247 | /* | |
1248 | * We want to maintain our own refs to these BIO, so do an up ref for each | |
1249 | * BIO that will have ownersip transferred in the SSL_set_bio() call | |
1250 | */ | |
1251 | if (irbio != NULL) | |
1252 | BIO_up_ref(irbio); | |
1253 | if (iwbio != NULL && iwbio != irbio) | |
1254 | BIO_up_ref(iwbio); | |
1255 | ||
1256 | SSL_set_bio(ssl, irbio, iwbio); | |
1257 | ||
1258 | setupbio(&nrbio, bio1, bio2, newrbio); | |
1259 | setupbio(&nwbio, bio1, bio2, newwbio); | |
1260 | ||
1261 | /* | |
1262 | * We will (maybe) transfer ownership again so do more up refs. | |
1263 | * SSL_set_bio() has some really complicated ownership rules where BIOs have | |
1264 | * already been set! | |
1265 | */ | |
1266 | if (nrbio != NULL && nrbio != irbio && (nwbio != iwbio || nrbio != nwbio)) | |
1267 | BIO_up_ref(nrbio); | |
1268 | if (nwbio != NULL && nwbio != nrbio && (nwbio != iwbio || (nwbio == iwbio && irbio == iwbio))) | |
1269 | BIO_up_ref(nwbio); | |
1270 | ||
1271 | SSL_set_bio(ssl, nrbio, nwbio); | |
1272 | ||
1273 | testresult = 1; | |
1274 | ||
1275 | end: | |
1276 | SSL_free(ssl); | |
1277 | BIO_free(bio1); | |
1278 | BIO_free(bio2); | |
1279 | /* | |
1280 | * This test is checking that the ref counting for SSL_set_bio is correct. | |
1281 | * If we get here and we did too many frees then we will fail in the above | |
1282 | * functions. If we haven't done enough then this will only be detected in | |
1283 | * a crypto-mdebug build | |
1284 | */ | |
1285 | SSL_CTX_free(ctx); | |
1286 | ||
1287 | return testresult; | |
1288 | } | |
1289 | ||
9a716987 MC |
1290 | typedef struct ssl_bio_test_fixture { |
1291 | const char *test_case_name; | |
1292 | int pop_ssl; | |
1293 | enum { NO_BIO_CHANGE, CHANGE_RBIO, CHANGE_WBIO } change_bio; | |
1294 | } SSL_BIO_TEST_FIXTURE; | |
1295 | ||
1296 | static SSL_BIO_TEST_FIXTURE ssl_bio_set_up(const char *const test_case_name) | |
1297 | { | |
1298 | SSL_BIO_TEST_FIXTURE fixture; | |
1299 | ||
1300 | fixture.test_case_name = test_case_name; | |
1301 | fixture.pop_ssl = 0; | |
bee5ee5f | 1302 | fixture.change_bio = NO_BIO_CHANGE; |
9a716987 MC |
1303 | |
1304 | return fixture; | |
1305 | } | |
1306 | ||
1307 | static void ssl_bio_tear_down(SSL_BIO_TEST_FIXTURE fixture) | |
1308 | { | |
1309 | } | |
1310 | ||
1311 | static int execute_test_ssl_bio(SSL_BIO_TEST_FIXTURE fix) | |
1312 | { | |
1313 | BIO *sslbio = NULL, *membio1 = NULL, *membio2 = NULL; | |
1314 | SSL_CTX *ctx = SSL_CTX_new(TLS_method()); | |
1315 | SSL *ssl = NULL; | |
1316 | int testresult = 0; | |
1317 | ||
1318 | if (ctx == NULL) { | |
1319 | printf("Failed to allocate SSL_CTX\n"); | |
1320 | return 0; | |
1321 | } | |
1322 | ||
1323 | ssl = SSL_new(ctx); | |
1324 | if (ssl == NULL) { | |
1325 | printf("Failed to allocate SSL object\n"); | |
1326 | goto end; | |
1327 | } | |
1328 | ||
1329 | sslbio = BIO_new(BIO_f_ssl()); | |
1330 | membio1 = BIO_new(BIO_s_mem()); | |
1331 | ||
1332 | if (sslbio == NULL || membio1 == NULL) { | |
1333 | printf("Malloc failure creating BIOs\n"); | |
1334 | goto end; | |
1335 | } | |
1336 | ||
1337 | BIO_set_ssl(sslbio, ssl, BIO_CLOSE); | |
1338 | ||
1339 | /* | |
1340 | * If anything goes wrong here then we could leak memory, so this will | |
1341 | * be caught in a crypto-mdebug build | |
1342 | */ | |
1343 | BIO_push(sslbio, membio1); | |
1344 | ||
1345 | /* Verify chaning the rbio/wbio directly does not cause leaks */ | |
1346 | if (fix.change_bio != NO_BIO_CHANGE) { | |
1347 | membio2 = BIO_new(BIO_s_mem()); | |
1348 | if (membio2 == NULL) { | |
1349 | printf("Malloc failure creating membio2\n"); | |
1350 | goto end; | |
1351 | } | |
1352 | if (fix.change_bio == CHANGE_RBIO) | |
65e2d672 | 1353 | SSL_set0_rbio(ssl, membio2); |
9a716987 | 1354 | else |
65e2d672 | 1355 | SSL_set0_wbio(ssl, membio2); |
9a716987 MC |
1356 | } |
1357 | ssl = NULL; | |
1358 | ||
1359 | if (fix.pop_ssl) | |
1360 | BIO_pop(sslbio); | |
1361 | else | |
1362 | BIO_pop(membio1); | |
1363 | ||
1364 | testresult = 1; | |
1365 | end: | |
1366 | BIO_free(membio1); | |
1367 | BIO_free(sslbio); | |
1368 | SSL_free(ssl); | |
1369 | SSL_CTX_free(ctx); | |
1370 | ||
1371 | return testresult; | |
1372 | } | |
1373 | ||
1374 | static int test_ssl_bio_pop_next_bio(void) | |
1375 | { | |
1376 | SETUP_TEST_FIXTURE(SSL_BIO_TEST_FIXTURE, ssl_bio_set_up); | |
1377 | ||
1378 | EXECUTE_TEST(execute_test_ssl_bio, ssl_bio_tear_down); | |
1379 | } | |
1380 | ||
1381 | static int test_ssl_bio_pop_ssl_bio(void) | |
1382 | { | |
1383 | SETUP_TEST_FIXTURE(SSL_BIO_TEST_FIXTURE, ssl_bio_set_up); | |
1384 | ||
1385 | fixture.pop_ssl = 1; | |
1386 | ||
1387 | EXECUTE_TEST(execute_test_ssl_bio, ssl_bio_tear_down); | |
1388 | } | |
1389 | ||
1390 | static int test_ssl_bio_change_rbio(void) | |
1391 | { | |
1392 | SETUP_TEST_FIXTURE(SSL_BIO_TEST_FIXTURE, ssl_bio_set_up); | |
1393 | ||
1394 | fixture.change_bio = CHANGE_RBIO; | |
1395 | ||
1396 | EXECUTE_TEST(execute_test_ssl_bio, ssl_bio_tear_down); | |
1397 | } | |
1398 | ||
1399 | static int test_ssl_bio_change_wbio(void) | |
1400 | { | |
1401 | SETUP_TEST_FIXTURE(SSL_BIO_TEST_FIXTURE, ssl_bio_set_up); | |
1402 | ||
1403 | fixture.change_bio = CHANGE_WBIO; | |
1404 | ||
1405 | EXECUTE_TEST(execute_test_ssl_bio, ssl_bio_tear_down); | |
1406 | } | |
1407 | ||
f1b25aae MC |
1408 | typedef struct { |
1409 | /* The list of sig algs */ | |
1410 | const int *list; | |
1411 | /* The length of the list */ | |
1412 | size_t listlen; | |
1413 | /* A sigalgs list in string format */ | |
1414 | const char *liststr; | |
1415 | /* Whether setting the list should succeed */ | |
1416 | int valid; | |
1417 | /* Whether creating a connection with the list should succeed */ | |
1418 | int connsuccess; | |
1419 | } sigalgs_list; | |
1420 | ||
1421 | static const int validlist1[] = {NID_sha256, EVP_PKEY_RSA}; | |
5eeb6c6e | 1422 | #ifndef OPENSSL_NO_EC |
f1b25aae MC |
1423 | static const int validlist2[] = {NID_sha256, EVP_PKEY_RSA, NID_sha512, EVP_PKEY_EC}; |
1424 | static const int validlist3[] = {NID_sha512, EVP_PKEY_EC}; | |
5eeb6c6e | 1425 | #endif |
f1b25aae MC |
1426 | static const int invalidlist1[] = {NID_undef, EVP_PKEY_RSA}; |
1427 | static const int invalidlist2[] = {NID_sha256, NID_undef}; | |
1428 | static const int invalidlist3[] = {NID_sha256, EVP_PKEY_RSA, NID_sha256}; | |
1429 | static const int invalidlist4[] = {NID_sha256}; | |
1430 | static const sigalgs_list testsigalgs[] = { | |
1431 | {validlist1, OSSL_NELEM(validlist1), NULL, 1, 1}, | |
5eeb6c6e | 1432 | #ifndef OPENSSL_NO_EC |
f1b25aae MC |
1433 | {validlist2, OSSL_NELEM(validlist2), NULL, 1, 1}, |
1434 | {validlist3, OSSL_NELEM(validlist3), NULL, 1, 0}, | |
5eeb6c6e | 1435 | #endif |
f1b25aae | 1436 | {NULL, 0, "RSA+SHA256", 1, 1}, |
5eeb6c6e | 1437 | #ifndef OPENSSL_NO_EC |
f1b25aae MC |
1438 | {NULL, 0, "RSA+SHA256:ECDSA+SHA512", 1, 1}, |
1439 | {NULL, 0, "ECDSA+SHA512", 1, 0}, | |
5eeb6c6e | 1440 | #endif |
f1b25aae MC |
1441 | {invalidlist1, OSSL_NELEM(invalidlist1), NULL, 0, 0}, |
1442 | {invalidlist2, OSSL_NELEM(invalidlist2), NULL, 0, 0}, | |
1443 | {invalidlist3, OSSL_NELEM(invalidlist3), NULL, 0, 0}, | |
1444 | {invalidlist4, OSSL_NELEM(invalidlist4), NULL, 0, 0}, | |
1445 | {NULL, 0, "RSA", 0, 0}, | |
1446 | {NULL, 0, "SHA256", 0, 0}, | |
1447 | {NULL, 0, "RSA+SHA256:SHA256", 0, 0}, | |
1448 | {NULL, 0, "Invalid", 0, 0}}; | |
1449 | ||
1450 | static int test_set_sigalgs(int idx) | |
1451 | { | |
1452 | SSL_CTX *cctx = NULL, *sctx = NULL; | |
1453 | SSL *clientssl = NULL, *serverssl = NULL; | |
1454 | int testresult = 0; | |
1455 | const sigalgs_list *curr; | |
1456 | int testctx; | |
1457 | ||
1458 | /* Should never happen */ | |
1459 | if ((size_t)idx >= OSSL_NELEM(testsigalgs) * 2) | |
1460 | return 0; | |
1461 | ||
1462 | testctx = ((size_t)idx < OSSL_NELEM(testsigalgs)); | |
1463 | curr = testctx ? &testsigalgs[idx] | |
1464 | : &testsigalgs[idx - OSSL_NELEM(testsigalgs)]; | |
1465 | ||
1466 | if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx, | |
1467 | &cctx, cert, privkey)) { | |
1468 | printf("Unable to create SSL_CTX pair\n"); | |
1469 | return 0; | |
1470 | } | |
1471 | ||
d2e491f2 MC |
1472 | /* |
1473 | * TODO(TLS1.3): These APIs cannot set TLSv1.3 sig algs so we just test it | |
1474 | * for TLSv1.2 for now until we add a new API. | |
1475 | */ | |
1476 | SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION); | |
1477 | ||
f1b25aae MC |
1478 | if (testctx) { |
1479 | int ret; | |
1480 | if (curr->list != NULL) | |
1481 | ret = SSL_CTX_set1_sigalgs(cctx, curr->list, curr->listlen); | |
1482 | else | |
1483 | ret = SSL_CTX_set1_sigalgs_list(cctx, curr->liststr); | |
1484 | ||
1485 | if (!ret) { | |
1486 | if (curr->valid) | |
1487 | printf("Unexpected failure setting sigalgs in SSL_CTX (%d)\n", | |
1488 | idx); | |
1489 | else | |
1490 | testresult = 1; | |
1491 | goto end; | |
1492 | } | |
1493 | if (!curr->valid) { | |
1494 | printf("Unexpected success setting sigalgs in SSL_CTX (%d)\n", idx); | |
1495 | goto end; | |
1496 | } | |
1497 | } | |
1498 | ||
1499 | if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { | |
1500 | printf("Unable to create SSL objects\n"); | |
1501 | goto end; | |
1502 | } | |
1503 | ||
1504 | if (!testctx) { | |
1505 | int ret; | |
1506 | ||
1507 | if (curr->list != NULL) | |
1508 | ret = SSL_set1_sigalgs(clientssl, curr->list, curr->listlen); | |
1509 | else | |
1510 | ret = SSL_set1_sigalgs_list(clientssl, curr->liststr); | |
1511 | if (!ret) { | |
1512 | if (curr->valid) | |
1513 | printf("Unexpected failure setting sigalgs in SSL (%d)\n", idx); | |
1514 | else | |
1515 | testresult = 1; | |
1516 | goto end; | |
1517 | } | |
1518 | if (!curr->valid) { | |
1519 | printf("Unexpected success setting sigalgs in SSL (%d)\n", idx); | |
1520 | goto end; | |
1521 | } | |
1522 | } | |
1523 | ||
8e2236ef | 1524 | if (curr->connsuccess != create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) { |
f1b25aae MC |
1525 | printf("Unexpected return value creating SSL connection (%d)\n", idx); |
1526 | goto end; | |
1527 | } | |
1528 | ||
1529 | testresult = 1; | |
1530 | ||
1531 | end: | |
1532 | SSL_free(serverssl); | |
1533 | SSL_free(clientssl); | |
1534 | SSL_CTX_free(sctx); | |
1535 | SSL_CTX_free(cctx); | |
1536 | ||
1537 | return testresult; | |
1538 | } | |
1539 | ||
5f982038 MC |
1540 | #ifndef OPENSSL_NO_TLS1_3 |
1541 | ||
1542 | #define MSG1 "Hello" | |
1543 | #define MSG2 "World." | |
1544 | #define MSG3 "This" | |
1545 | #define MSG4 "is" | |
1546 | #define MSG5 "a" | |
1547 | #define MSG6 "test." | |
1548 | ||
1549 | /* | |
1550 | * Helper method to setup objects for early data test. Caller frees objects on | |
1551 | * error. | |
1552 | */ | |
1553 | static int setupearly_data_test(SSL_CTX **cctx, SSL_CTX **sctx, SSL **clientssl, | |
1554 | SSL **serverssl, SSL_SESSION **sess) | |
1555 | { | |
1556 | if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), sctx, | |
1557 | cctx, cert, privkey)) { | |
1558 | printf("Unable to create SSL_CTX pair\n"); | |
1559 | return 0; | |
1560 | } | |
1561 | ||
1562 | if (!create_ssl_objects(*sctx, *cctx, serverssl, clientssl, NULL, NULL)) { | |
1563 | printf("Unable to create SSL objects\n"); | |
1564 | return 0; | |
1565 | } | |
1566 | ||
1567 | if (!create_ssl_connection(*serverssl, *clientssl, SSL_ERROR_NONE)) { | |
1568 | printf("Unable to create SSL connection\n"); | |
1569 | return 0; | |
1570 | } | |
1571 | ||
1572 | *sess = SSL_get1_session(*clientssl); | |
1573 | ||
1574 | SSL_shutdown(*clientssl); | |
1575 | SSL_shutdown(*serverssl); | |
1576 | ||
1577 | SSL_free(*serverssl); | |
1578 | SSL_free(*clientssl); | |
1579 | *serverssl = *clientssl = NULL; | |
1580 | ||
1581 | if (!create_ssl_objects(*sctx, *cctx, serverssl, clientssl, NULL, NULL)) { | |
1582 | printf("Unable to create SSL objects (2)\n"); | |
1583 | return 0; | |
1584 | } | |
1585 | ||
1586 | if (!SSL_set_session(*clientssl, *sess)) { | |
1587 | printf("Failed setting session\n"); | |
1588 | return 0; | |
1589 | } | |
1590 | ||
1591 | return 1; | |
1592 | } | |
1593 | ||
1594 | static int test_early_data_read_write(void) | |
1595 | { | |
1596 | SSL_CTX *cctx = NULL, *sctx = NULL; | |
1597 | SSL *clientssl = NULL, *serverssl = NULL; | |
1598 | int testresult = 0; | |
1599 | SSL_SESSION *sess = NULL; | |
1600 | unsigned char buf[20]; | |
1601 | size_t readbytes, written; | |
1602 | ||
1603 | if (!setupearly_data_test(&cctx, &sctx, &clientssl, &serverssl, &sess)) | |
1604 | goto end; | |
1605 | ||
1606 | /* Write and read some early data */ | |
0665b4ed | 1607 | if (!SSL_write_early_data(clientssl, MSG1, strlen(MSG1), &written) |
5f982038 MC |
1608 | || written != strlen(MSG1)) { |
1609 | printf("Failed writing early data message 1\n"); | |
1610 | goto end; | |
1611 | } | |
1612 | ||
f533fbd4 MC |
1613 | if (SSL_read_early_data(serverssl, buf, sizeof(buf), &readbytes) |
1614 | != SSL_READ_EARLY_DATA_SUCCESS | |
5f982038 MC |
1615 | || readbytes != strlen(MSG1) |
1616 | || memcmp(MSG1, buf, strlen(MSG1))) { | |
1617 | printf("Failed reading early data message 1\n"); | |
1618 | goto end; | |
1619 | } | |
1620 | ||
1621 | if (SSL_get_early_data_status(serverssl) != SSL_EARLY_DATA_ACCEPTED) { | |
1622 | printf("Unexpected early data status\n"); | |
1623 | goto end; | |
1624 | } | |
1625 | ||
1626 | /* | |
1627 | * Server should be able to write normal data, and client should be able to | |
1628 | * read it. | |
1629 | */ | |
1630 | if (!SSL_write_ex(serverssl, MSG2, strlen(MSG2), &written) | |
1631 | || written != strlen(MSG2)) { | |
1632 | printf("Failed writing message 2\n"); | |
1633 | goto end; | |
1634 | } | |
1635 | ||
1636 | if (!SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes) | |
1637 | || readbytes != strlen(MSG2) | |
1638 | || memcmp(MSG2, buf, strlen(MSG2))) { | |
1639 | printf("Failed reading message 2\n"); | |
1640 | goto end; | |
1641 | } | |
1642 | ||
1643 | /* Even after reading normal data, client should be able write early data */ | |
0665b4ed | 1644 | if (!SSL_write_early_data(clientssl, MSG3, strlen(MSG3), &written) |
5f982038 MC |
1645 | || written != strlen(MSG3)) { |
1646 | printf("Failed writing early data message 3\n"); | |
1647 | goto end; | |
1648 | } | |
1649 | ||
1650 | /* Server should still be able read early data after writing normal data */ | |
f533fbd4 MC |
1651 | if (SSL_read_early_data(serverssl, buf, sizeof(buf), &readbytes) |
1652 | != SSL_READ_EARLY_DATA_SUCCESS | |
5f982038 MC |
1653 | || readbytes != strlen(MSG3) |
1654 | || memcmp(MSG3, buf, strlen(MSG3))) { | |
1655 | printf("Failed reading early data message 3\n"); | |
1656 | goto end; | |
1657 | } | |
1658 | ||
1659 | /* Write more normal data from server and read it from client */ | |
1660 | if (!SSL_write_ex(serverssl, MSG4, strlen(MSG4), &written) | |
1661 | || written != strlen(MSG4)) { | |
1662 | printf("Failed writing message 4\n"); | |
1663 | goto end; | |
1664 | } | |
1665 | ||
1666 | if (!SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes) | |
1667 | || readbytes != strlen(MSG4) | |
1668 | || memcmp(MSG4, buf, strlen(MSG4))) { | |
1669 | printf("Failed reading message 4\n"); | |
1670 | goto end; | |
1671 | } | |
1672 | ||
1673 | /* | |
1674 | * If client writes normal data it should mean writing early data is no | |
1675 | * longer possible. | |
1676 | */ | |
1677 | if (!SSL_write_ex(clientssl, MSG5, strlen(MSG5), &written) | |
1678 | || written != strlen(MSG5)) { | |
1679 | printf("Failed writing message 5\n"); | |
1680 | goto end; | |
1681 | } | |
1682 | ||
1683 | if (SSL_get_early_data_status(clientssl) != SSL_EARLY_DATA_ACCEPTED) { | |
1684 | printf("Unexpected early data status(2)\n"); | |
1685 | goto end; | |
1686 | } | |
1687 | ||
1688 | /* Server should be told that there is no more early data */ | |
f533fbd4 MC |
1689 | if (SSL_read_early_data(serverssl, buf, sizeof(buf), &readbytes) |
1690 | != SSL_READ_EARLY_DATA_FINISH | |
5f982038 MC |
1691 | || readbytes != 0) { |
1692 | printf("Failed finishing read of early data\n"); | |
1693 | goto end; | |
1694 | } | |
1695 | ||
1696 | /* Server should be able to read normal data */ | |
1697 | if (!SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes) | |
1698 | || readbytes != strlen(MSG5)) { | |
1699 | printf("Failed reading message 5\n"); | |
1700 | goto end; | |
1701 | } | |
1702 | ||
1703 | /* Client and server should not be able to write early data now */ | |
0665b4ed | 1704 | if (SSL_write_early_data(clientssl, MSG6, strlen(MSG6), &written)) { |
5f982038 MC |
1705 | printf("Unexpected success writing early data\n"); |
1706 | goto end; | |
1707 | } | |
1708 | ERR_clear_error(); | |
1709 | ||
f533fbd4 MC |
1710 | if (SSL_read_early_data(serverssl, buf, sizeof(buf), &readbytes) |
1711 | != SSL_READ_EARLY_DATA_ERROR) { | |
5f982038 MC |
1712 | printf("Unexpected success reading early data\n"); |
1713 | goto end; | |
1714 | } | |
1715 | ERR_clear_error(); | |
1716 | ||
1717 | /* | |
1718 | * Make sure we process the NewSessionTicket. This arrives post-handshake | |
1719 | * so we must make sure we attempt a read - even though we don't expect to | |
1720 | * actually get any application data. | |
1721 | */ | |
1722 | if (SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) { | |
1723 | printf("Unexpected success doing final client read\n"); | |
1724 | goto end; | |
1725 | } | |
1726 | ||
1727 | SSL_SESSION_free(sess); | |
1728 | sess = SSL_get1_session(clientssl); | |
1729 | ||
1730 | SSL_shutdown(clientssl); | |
1731 | SSL_shutdown(serverssl); | |
1732 | ||
1733 | SSL_free(serverssl); | |
1734 | SSL_free(clientssl); | |
1735 | serverssl = clientssl = NULL; | |
1736 | ||
1737 | if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { | |
1738 | printf("Unable to create SSL objects (3)\n"); | |
1739 | goto end; | |
1740 | } | |
1741 | ||
1742 | if (!SSL_set_session(clientssl, sess)) { | |
1743 | printf("Failed setting session (2)\n"); | |
1744 | goto end; | |
1745 | } | |
1746 | ||
1747 | /* Write and read some early data */ | |
0665b4ed | 1748 | if (!SSL_write_early_data(clientssl, MSG1, strlen(MSG1), &written) |
5f982038 MC |
1749 | || written != strlen(MSG1)) { |
1750 | printf("Failed writing early data message 1\n"); | |
1751 | goto end; | |
1752 | } | |
1753 | ||
f533fbd4 MC |
1754 | if (SSL_read_early_data(serverssl, buf, sizeof(buf), &readbytes) |
1755 | != SSL_READ_EARLY_DATA_SUCCESS | |
5f982038 MC |
1756 | || readbytes != strlen(MSG1) |
1757 | || memcmp(MSG1, buf, strlen(MSG1))) { | |
1758 | printf("Failed reading early data message 1\n"); | |
1759 | goto end; | |
1760 | } | |
1761 | ||
1762 | if (SSL_connect(clientssl) <= 0) { | |
1763 | printf("Unable to complete client handshake\n"); | |
1764 | goto end; | |
1765 | } | |
1766 | ||
1767 | /* | |
1768 | * We expect SSL_accept() to initially block as it handles the end of early | |
1769 | * data alert | |
1770 | */ | |
1771 | if (SSL_accept(serverssl) > 0) { | |
1772 | printf("Unexpected success completing server handshake\n"); | |
1773 | goto end; | |
1774 | } | |
1775 | ||
1776 | if (SSL_accept(serverssl) <= 0) { | |
1777 | printf("Unable to complete server handshake\n"); | |
1778 | goto end; | |
1779 | } | |
1780 | ||
1781 | /* Client and server should not be able to write early data now */ | |
0665b4ed | 1782 | if (SSL_write_early_data(clientssl, MSG6, strlen(MSG6), &written)) { |
5f982038 MC |
1783 | printf("Unexpected success writing early data (2)\n"); |
1784 | goto end; | |
1785 | } | |
1786 | ERR_clear_error(); | |
1787 | ||
f533fbd4 MC |
1788 | if (SSL_read_early_data(serverssl, buf, sizeof(buf), &readbytes) |
1789 | != SSL_READ_EARLY_DATA_ERROR) { | |
5f982038 MC |
1790 | printf("Unexpected success reading early data (2)\n"); |
1791 | goto end; | |
1792 | } | |
1793 | ERR_clear_error(); | |
1794 | ||
1795 | /* Client and server should be able to write/read normal data */ | |
1796 | if (!SSL_write_ex(clientssl, MSG5, strlen(MSG5), &written) | |
1797 | || written != strlen(MSG5)) { | |
1798 | printf("Failed writing message 5 (2)\n"); | |
1799 | goto end; | |
1800 | } | |
1801 | ||
1802 | if (!SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes) | |
1803 | || readbytes != strlen(MSG5)) { | |
1804 | printf("Failed reading message 5 (2)\n"); | |
1805 | goto end; | |
1806 | } | |
1807 | ||
1808 | testresult = 1; | |
1809 | ||
1810 | end: | |
1811 | if(!testresult) | |
1812 | ERR_print_errors_fp(stdout); | |
1813 | SSL_SESSION_free(sess); | |
1814 | SSL_free(serverssl); | |
1815 | SSL_free(clientssl); | |
1816 | SSL_CTX_free(sctx); | |
1817 | SSL_CTX_free(cctx); | |
1818 | ||
1819 | return testresult; | |
1820 | } | |
1821 | ||
1822 | static int test_early_data_skip(void) | |
1823 | { | |
1824 | SSL_CTX *cctx = NULL, *sctx = NULL; | |
1825 | SSL *clientssl = NULL, *serverssl = NULL; | |
1826 | int testresult = 0; | |
1827 | SSL_SESSION *sess; | |
1828 | unsigned char buf[20]; | |
1829 | size_t readbytes, written; | |
1830 | ||
1831 | /* | |
1832 | * Test that a server attempting to read early data can handle a connection | |
1833 | * from a client where the early data is not acceptable. | |
1834 | */ | |
1835 | ||
1836 | if (!setupearly_data_test(&cctx, &sctx, &clientssl, &serverssl, &sess)) | |
1837 | goto end; | |
1838 | ||
1839 | /* | |
1840 | * Deliberately corrupt the creation time. We take 20 seconds off the time. | |
1841 | * It could be any value as long as it is not within tolerance. This should | |
1842 | * mean the ticket is rejected. | |
1843 | */ | |
1844 | if (!SSL_SESSION_set_time(sess, time(NULL) - 20)) { | |
1845 | printf("Unexpected failure setting session creation time\n"); | |
1846 | goto end; | |
1847 | } | |
1848 | ||
1849 | /* Write some early data */ | |
0665b4ed | 1850 | if (!SSL_write_early_data(clientssl, MSG1, strlen(MSG1), &written) |
5f982038 MC |
1851 | || written != strlen(MSG1)) { |
1852 | printf("Failed writing early data message 1\n"); | |
1853 | goto end; | |
1854 | } | |
1855 | ||
1856 | /* Server should reject the early data and skip over it */ | |
f533fbd4 MC |
1857 | if (SSL_read_early_data(serverssl, buf, sizeof(buf), &readbytes) |
1858 | != SSL_READ_EARLY_DATA_FINISH | |
5f982038 MC |
1859 | || readbytes != 0) { |
1860 | printf("Failed reading early data\n"); | |
1861 | goto end; | |
1862 | } | |
1863 | ||
1864 | if (SSL_get_early_data_status(serverssl) != SSL_EARLY_DATA_REJECTED) { | |
1865 | printf("Unexpected early data status\n"); | |
1866 | goto end; | |
1867 | } | |
1868 | ||
1869 | /* | |
1870 | * We should be able to send normal data despite rejection of early data | |
1871 | */ | |
1872 | if (!SSL_write_ex(clientssl, MSG2, strlen(MSG2), &written) | |
1873 | || written != strlen(MSG2)) { | |
1874 | printf("Failed writing message 2\n"); | |
1875 | goto end; | |
1876 | } | |
1877 | ||
1878 | if (SSL_get_early_data_status(clientssl) != SSL_EARLY_DATA_REJECTED) { | |
1879 | printf("Unexpected early data status (2)\n"); | |
1880 | goto end; | |
1881 | } | |
1882 | ||
1883 | if (!SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes) | |
1884 | || readbytes != strlen(MSG2) | |
1885 | || memcmp(MSG2, buf, strlen(MSG2))) { | |
1886 | printf("Failed reading message 2\n"); | |
1887 | goto end; | |
1888 | } | |
1889 | ||
1890 | testresult = 1; | |
1891 | ||
1892 | end: | |
1893 | if(!testresult) | |
1894 | ERR_print_errors_fp(stdout); | |
1895 | SSL_SESSION_free(sess); | |
1896 | SSL_free(serverssl); | |
1897 | SSL_free(clientssl); | |
1898 | SSL_CTX_free(sctx); | |
1899 | SSL_CTX_free(cctx); | |
1900 | ||
1901 | return testresult; | |
1902 | } | |
1903 | ||
1904 | static int test_early_data_not_sent(void) | |
1905 | { | |
1906 | SSL_CTX *cctx = NULL, *sctx = NULL; | |
1907 | SSL *clientssl = NULL, *serverssl = NULL; | |
1908 | int testresult = 0; | |
1909 | SSL_SESSION *sess; | |
1910 | unsigned char buf[20]; | |
1911 | size_t readbytes, written; | |
1912 | ||
1913 | /* | |
1914 | * Test that a server attempting to read early data can handle a connection | |
1915 | * from a client that doesn't send any. | |
1916 | */ | |
1917 | ||
1918 | if (!setupearly_data_test(&cctx, &sctx, &clientssl, &serverssl, &sess)) | |
1919 | goto end; | |
1920 | ||
1921 | /* Write some data - should block due to handshake with server */ | |
1922 | SSL_set_connect_state(clientssl); | |
1923 | if (SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written)) { | |
1924 | printf("Unexpected success writing message 1\n"); | |
1925 | goto end; | |
1926 | } | |
1927 | ||
1928 | /* Server should detect that early data has not been sent */ | |
f533fbd4 MC |
1929 | if (SSL_read_early_data(serverssl, buf, sizeof(buf), &readbytes) |
1930 | != SSL_READ_EARLY_DATA_FINISH | |
5f982038 MC |
1931 | || readbytes != 0) { |
1932 | printf("Failed reading early data\n"); | |
1933 | goto end; | |
1934 | } | |
1935 | ||
1936 | if (SSL_get_early_data_status(serverssl) != SSL_EARLY_DATA_NOT_SENT) { | |
1937 | printf("Unexpected early data status\n"); | |
1938 | goto end; | |
1939 | } | |
1940 | ||
1941 | if (SSL_get_early_data_status(clientssl) != SSL_EARLY_DATA_NOT_SENT) { | |
1942 | printf("Unexpected early data status (2)\n"); | |
1943 | goto end; | |
1944 | } | |
1945 | ||
1946 | /* Continue writing the message we started earlier */ | |
1947 | if (!SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written) | |
1948 | || written != strlen(MSG1)) { | |
1949 | printf("Failed writing message 1\n"); | |
1950 | goto end; | |
1951 | } | |
1952 | ||
1953 | if (!SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes) | |
1954 | || readbytes != strlen(MSG1) | |
1955 | || memcmp(MSG1, buf, strlen(MSG1))) { | |
1956 | printf("Failed reading message 1\n"); | |
1957 | goto end; | |
1958 | } | |
1959 | ||
1960 | if (!SSL_write_ex(serverssl, MSG2, strlen(MSG2), &written) | |
1961 | || written != strlen(MSG2)) { | |
1962 | printf("Failed writing message 2\n"); | |
1963 | goto end; | |
1964 | } | |
1965 | ||
1966 | /* Should block due to the NewSessionTicket arrival */ | |
1967 | if (SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) { | |
1968 | printf("Unexpected success reading message 2\n"); | |
1969 | goto end; | |
1970 | } | |
1971 | ||
1972 | if (!SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes) | |
1973 | || readbytes != strlen(MSG2) | |
1974 | || memcmp(MSG2, buf, strlen(MSG2))) { | |
1975 | printf("Failed reading message 2\n"); | |
1976 | goto end; | |
1977 | } | |
1978 | ||
1979 | testresult = 1; | |
1980 | ||
1981 | end: | |
1982 | if(!testresult) | |
1983 | ERR_print_errors_fp(stdout); | |
1984 | SSL_SESSION_free(sess); | |
1985 | SSL_free(serverssl); | |
1986 | SSL_free(clientssl); | |
1987 | SSL_CTX_free(sctx); | |
1988 | SSL_CTX_free(cctx); | |
1989 | ||
1990 | return testresult; | |
1991 | } | |
1992 | ||
1993 | static int test_early_data_not_expected(void) | |
1994 | { | |
1995 | SSL_CTX *cctx = NULL, *sctx = NULL; | |
1996 | SSL *clientssl = NULL, *serverssl = NULL; | |
1997 | int testresult = 0; | |
1998 | SSL_SESSION *sess; | |
1999 | unsigned char buf[20]; | |
2000 | size_t readbytes, written; | |
2001 | ||
2002 | /* | |
2003 | * Test that a server that doesn't try to read early data can handle a | |
2004 | * client sending some. | |
2005 | */ | |
2006 | ||
2007 | if (!setupearly_data_test(&cctx, &sctx, &clientssl, &serverssl, &sess)) | |
2008 | goto end; | |
2009 | ||
2010 | /* Write some early data */ | |
0665b4ed | 2011 | if (!SSL_write_early_data(clientssl, MSG1, strlen(MSG1), &written)) { |
5f982038 MC |
2012 | printf("Unexpected failure writing message 1\n"); |
2013 | goto end; | |
2014 | } | |
2015 | ||
2016 | /* | |
2017 | * Server should skip over early data and then block waiting for client to | |
2018 | * continue handshake | |
2019 | */ | |
2020 | if (SSL_accept(serverssl) > 0) { | |
2021 | printf("Unexpected success setting up server connection\n"); | |
2022 | goto end; | |
2023 | } | |
2024 | ||
2025 | if (SSL_connect(clientssl) <= 0) { | |
2026 | printf("Failed setting up client connection\n"); | |
2027 | goto end; | |
2028 | } | |
2029 | ||
2030 | if (SSL_get_early_data_status(serverssl) != SSL_EARLY_DATA_REJECTED) { | |
2031 | printf("Unexpected early data status\n"); | |
2032 | goto end; | |
2033 | } | |
2034 | ||
2035 | if (SSL_accept(serverssl) <= 0) { | |
2036 | printf("Failed setting up server connection\n"); | |
2037 | goto end; | |
2038 | } | |
2039 | ||
2040 | if (SSL_get_early_data_status(clientssl) != SSL_EARLY_DATA_REJECTED) { | |
2041 | printf("Unexpected early data status (2)\n"); | |
2042 | goto end; | |
2043 | } | |
2044 | ||
2045 | /* Send some normal data from client to server */ | |
2046 | if (!SSL_write_ex(clientssl, MSG2, strlen(MSG2), &written) | |
2047 | || written != strlen(MSG2)) { | |
2048 | printf("Failed writing message 2\n"); | |
2049 | goto end; | |
2050 | } | |
2051 | ||
2052 | if (!SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes) | |
2053 | || readbytes != strlen(MSG2) | |
2054 | || memcmp(MSG2, buf, strlen(MSG2))) { | |
2055 | printf("Failed reading message 2\n"); | |
2056 | goto end; | |
2057 | } | |
2058 | ||
2059 | testresult = 1; | |
2060 | ||
2061 | end: | |
2062 | if(!testresult) | |
2063 | ERR_print_errors_fp(stdout); | |
2064 | SSL_SESSION_free(sess); | |
2065 | SSL_free(serverssl); | |
2066 | SSL_free(clientssl); | |
2067 | SSL_CTX_free(sctx); | |
2068 | SSL_CTX_free(cctx); | |
2069 | ||
2070 | return testresult; | |
2071 | } | |
2072 | ||
2073 | ||
2074 | # ifndef OPENSSL_NO_TLS1_2 | |
2075 | static int test_early_data_tls1_2(void) | |
2076 | { | |
2077 | SSL_CTX *cctx = NULL, *sctx = NULL; | |
2078 | SSL *clientssl = NULL, *serverssl = NULL; | |
2079 | int testresult = 0; | |
2080 | unsigned char buf[20]; | |
2081 | size_t readbytes, written; | |
2082 | ||
2083 | /* | |
2084 | * Test that a server attempting to read early data can handle a connection | |
2085 | * from a TLSv1.2 client. | |
2086 | */ | |
2087 | ||
2088 | if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), &sctx, | |
2089 | &cctx, cert, privkey)) { | |
2090 | printf("Unable to create SSL_CTX pair\n"); | |
2091 | goto end; | |
2092 | } | |
2093 | ||
2094 | if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { | |
2095 | printf("Unable to create SSL objects\n"); | |
2096 | goto end; | |
2097 | } | |
2098 | ||
2099 | /* Write some data - should block due to handshake with server */ | |
2100 | SSL_set_max_proto_version(clientssl, TLS1_2_VERSION); | |
2101 | SSL_set_connect_state(clientssl); | |
2102 | if (SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written)) { | |
2103 | printf("Unexpected success writing message 1\n"); | |
2104 | goto end; | |
2105 | } | |
2106 | ||
2107 | /* | |
2108 | * Server should do TLSv1.2 handshake. First it will block waiting for more | |
f533fbd4 MC |
2109 | * messages from client after ServerDone. Then SSL_read_early_data should |
2110 | * finish and detect that early data has not been sent | |
5f982038 | 2111 | */ |
f533fbd4 MC |
2112 | if (SSL_read_early_data(serverssl, buf, sizeof(buf), &readbytes) |
2113 | != SSL_READ_EARLY_DATA_ERROR) { | |
5f982038 MC |
2114 | printf("Unexpected success reading early data\n"); |
2115 | goto end; | |
2116 | } | |
2117 | ||
2118 | /* | |
2119 | * Continue writing the message we started earlier. Will still block waiting | |
2120 | * for the CCS/Finished from server | |
2121 | */ | |
2122 | if (SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written)) { | |
2123 | printf("Unexpected success writing message 1\n"); | |
2124 | goto end; | |
2125 | } | |
2126 | ||
f533fbd4 MC |
2127 | if (SSL_read_early_data(serverssl, buf, sizeof(buf), &readbytes) |
2128 | != SSL_READ_EARLY_DATA_FINISH | |
5f982038 MC |
2129 | || readbytes != 0) { |
2130 | printf("Failed reading early data\n"); | |
2131 | goto end; | |
2132 | } | |
2133 | ||
2134 | if (SSL_get_early_data_status(serverssl) != SSL_EARLY_DATA_NOT_SENT) { | |
2135 | printf("Unexpected early data status\n"); | |
2136 | goto end; | |
2137 | } | |
2138 | ||
2139 | /* Continue writing the message we started earlier */ | |
2140 | if (!SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written) | |
2141 | || written != strlen(MSG1)) { | |
2142 | printf("Failed writing message 1\n"); | |
2143 | goto end; | |
2144 | } | |
2145 | ||
2146 | if (SSL_get_early_data_status(clientssl) != SSL_EARLY_DATA_NOT_SENT) { | |
2147 | printf("Unexpected early data status (2)\n"); | |
2148 | goto end; | |
2149 | } | |
2150 | ||
2151 | if (!SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes) | |
2152 | || readbytes != strlen(MSG1) | |
2153 | || memcmp(MSG1, buf, strlen(MSG1))) { | |
2154 | printf("Failed reading message 1\n"); | |
2155 | goto end; | |
2156 | } | |
2157 | ||
2158 | if (!SSL_write_ex(serverssl, MSG2, strlen(MSG2), &written) | |
2159 | || written != strlen(MSG2)) { | |
2160 | printf("Failed writing message 2\n"); | |
2161 | goto end; | |
2162 | } | |
2163 | ||
2164 | if (!SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes) | |
2165 | || readbytes != strlen(MSG2) | |
2166 | || memcmp(MSG2, buf, strlen(MSG2))) { | |
2167 | printf("Failed reading message 2\n"); | |
2168 | goto end; | |
2169 | } | |
2170 | ||
2171 | testresult = 1; | |
2172 | ||
2173 | end: | |
2174 | if(!testresult) | |
2175 | ERR_print_errors_fp(stdout); | |
2176 | SSL_free(serverssl); | |
2177 | SSL_free(clientssl); | |
2178 | SSL_CTX_free(sctx); | |
2179 | SSL_CTX_free(cctx); | |
2180 | ||
2181 | return testresult; | |
2182 | } | |
2183 | # endif | |
2184 | #endif | |
2185 | ||
e364c3b2 | 2186 | int test_main(int argc, char *argv[]) |
2cb4b5f6 | 2187 | { |
c887104f | 2188 | int testresult = 1; |
2cb4b5f6 MC |
2189 | |
2190 | if (argc != 3) { | |
2191 | printf("Invalid argument count\n"); | |
c887104f | 2192 | return 1; |
2cb4b5f6 MC |
2193 | } |
2194 | ||
2195 | cert = argv[1]; | |
2196 | privkey = argv[2]; | |
2197 | ||
84d5549e | 2198 | ADD_TEST(test_large_message_tls); |
7856332e | 2199 | ADD_TEST(test_large_message_tls_read_ahead); |
55386bef | 2200 | #ifndef OPENSSL_NO_DTLS |
84d5549e | 2201 | ADD_TEST(test_large_message_dtls); |
55386bef | 2202 | #endif |
8f8c11d8 | 2203 | #ifndef OPENSSL_NO_OCSP |
c887104f | 2204 | ADD_TEST(test_tlsext_status_type); |
8f8c11d8 | 2205 | #endif |
eaa776da MC |
2206 | ADD_TEST(test_session_with_only_int_cache); |
2207 | ADD_TEST(test_session_with_only_ext_cache); | |
2208 | ADD_TEST(test_session_with_both_cache); | |
7fb4c820 | 2209 | ADD_ALL_TESTS(test_ssl_set_bio, TOTAL_SSL_SET_BIO_TESTS); |
9a716987 MC |
2210 | ADD_TEST(test_ssl_bio_pop_next_bio); |
2211 | ADD_TEST(test_ssl_bio_pop_ssl_bio); | |
2212 | ADD_TEST(test_ssl_bio_change_rbio); | |
2213 | ADD_TEST(test_ssl_bio_change_wbio); | |
f1b25aae | 2214 | ADD_ALL_TESTS(test_set_sigalgs, OSSL_NELEM(testsigalgs) * 2); |
6acdd3e5 CB |
2215 | ADD_TEST(test_keylog); |
2216 | #ifndef OPENSSL_NO_TLS1_3 | |
2217 | ADD_TEST(test_keylog_no_master_key); | |
2218 | #endif | |
e9ee6536 | 2219 | #ifndef OPENSSL_NO_TLS1_2 |
2afaee51 | 2220 | ADD_TEST(test_early_cb); |
5f982038 MC |
2221 | #endif |
2222 | #ifndef OPENSSL_NO_TLS1_3 | |
2223 | ADD_TEST(test_early_data_read_write); | |
2224 | ADD_TEST(test_early_data_skip); | |
2225 | ADD_TEST(test_early_data_not_sent); | |
2226 | ADD_TEST(test_early_data_not_expected); | |
2227 | # ifndef OPENSSL_NO_TLS1_2 | |
2228 | ADD_TEST(test_early_data_tls1_2); | |
2229 | # endif | |
e9ee6536 | 2230 | #endif |
2cb4b5f6 | 2231 | |
c887104f | 2232 | testresult = run_tests(argv[0]); |
2cb4b5f6 | 2233 | |
fa454945 MC |
2234 | bio_s_mempacket_test_free(); |
2235 | ||
c887104f | 2236 | return testresult; |
2cb4b5f6 | 2237 | } |