[thirdparty/openssl.git] / test / ssl_test.c

/*
 * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <string.h>

#include <openssl/conf.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <openssl/provider.h>

#include "handshake_helper.h"
#include "ssl_test_ctx.h"
#include "testutil.h"

DEFINE_STACK_OF(X509_NAME)

static CONF *conf = NULL;
static OSSL_PROVIDER *defctxnull = NULL, *thisprov = NULL;
static OPENSSL_CTX *libctx = NULL;

/* Currently the section names are of the form test-<number>, e.g. test-15. */
#define MAX_TESTCASE_NAME_LENGTH 100

static const char *print_alert(int alert)
{
    return alert ? SSL_alert_desc_string_long(alert) : "no alert";
}

static int check_result(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->result, test_ctx->expected_result)) {
        TEST_info("ExpectedResult mismatch: expected %s, got %s.",
                  ssl_test_result_name(test_ctx->expected_result),
                  ssl_test_result_name(result->result));
        return 0;
    }
    return 1;
}

static int check_alerts(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->client_alert_sent,
                     result->client_alert_received)) {
        TEST_info("Client sent alert %s but server received %s.",
                  print_alert(result->client_alert_sent),
                  print_alert(result->client_alert_received));
        /*
         * We can't bail here because the peer doesn't always get far enough
         * to process a received alert. Specifically, in protocol version
         * negotiation tests, we have the following scenario.
         * Client supports TLS v1.2 only; Server supports TLS v1.1.
         * Client proposes TLS v1.2; server responds with 1.1;
         * Client now sends a protocol alert, using TLS v1.2 in the header.
         * The server, however, rejects the alert because of version mismatch
         * in the record layer; therefore, the server appears to never
         * receive the alert.
         */
        /* return 0; */
    }

    if (!TEST_int_eq(result->server_alert_sent,
                     result->server_alert_received)) {
        TEST_info("Server sent alert %s but client received %s.",
                  print_alert(result->server_alert_sent),
                  print_alert(result->server_alert_received));
        /* return 0; */
    }

    /* Tolerate an alert if one wasn't explicitly specified in the test. */
    if (test_ctx->expected_client_alert
        /*
         * The info callback alert value is computed as
         * (s->s3->send_alert[0] << 8) | s->s3->send_alert[1]
         * where the low byte is the alert code and the high byte is other stuff.
         */
        && (result->client_alert_sent & 0xff) != test_ctx->expected_client_alert) {
        TEST_error("ClientAlert mismatch: expected %s, got %s.",
                   print_alert(test_ctx->expected_client_alert),
                   print_alert(result->client_alert_sent));
        return 0;
    }

    if (test_ctx->expected_server_alert
        && (result->server_alert_sent & 0xff) != test_ctx->expected_server_alert) {
        TEST_error("ServerAlert mismatch: expected %s, got %s.",
                   print_alert(test_ctx->expected_server_alert),
                   print_alert(result->server_alert_sent));
        return 0;
    }

    if (!TEST_int_le(result->client_num_fatal_alerts_sent, 1))
        return 0;
    if (!TEST_int_le(result->server_num_fatal_alerts_sent, 1))
        return 0;
    return 1;
}

static int check_protocol(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->client_protocol, result->server_protocol)) {
        TEST_info("Client has protocol %s but server has %s.",
                  ssl_protocol_name(result->client_protocol),
                  ssl_protocol_name(result->server_protocol));
        return 0;
    }

    if (test_ctx->expected_protocol) {
        if (!TEST_int_eq(result->client_protocol,
                         test_ctx->expected_protocol)) {
            TEST_info("Protocol mismatch: expected %s, got %s.\n",
                      ssl_protocol_name(test_ctx->expected_protocol),
                      ssl_protocol_name(result->client_protocol));
            return 0;
        }
    }
    return 1;
}

static int check_servername(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->servername, test_ctx->expected_servername)) {
      TEST_info("Client ServerName mismatch, expected %s, got %s.",
                ssl_servername_name(test_ctx->expected_servername),
                ssl_servername_name(result->servername));
      return 0;
    }
  return 1;
}

static int check_session_ticket(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_IGNORE)
        return 1;
    if (!TEST_int_eq(result->session_ticket,
                     test_ctx->session_ticket_expected)) {
        TEST_info("Client SessionTicketExpected mismatch, expected %s, got %s.",
                  ssl_session_ticket_name(test_ctx->session_ticket_expected),
                  ssl_session_ticket_name(result->session_ticket));
        return 0;
    }
    return 1;
}

static int check_session_id(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (test_ctx->session_id_expected == SSL_TEST_SESSION_ID_IGNORE)
        return 1;
    if (!TEST_int_eq(result->session_id, test_ctx->session_id_expected)) {
        TEST_info("Client SessionIdExpected mismatch, expected %s, got %s\n.",
                ssl_session_id_name(test_ctx->session_id_expected),
                ssl_session_id_name(result->session_id));
        return 0;
    }
    return 1;
}

static int check_compression(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->compression, test_ctx->compression_expected))
        return 0;
    return 1;
}
#ifndef OPENSSL_NO_NEXTPROTONEG
static int check_npn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    int ret = 1;
    if (!TEST_str_eq(result->client_npn_negotiated,
                     result->server_npn_negotiated))
        ret = 0;
    if (!TEST_str_eq(test_ctx->expected_npn_protocol,
                     result->client_npn_negotiated))
        ret = 0;
    return ret;
}
#endif

static int check_alpn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    int ret = 1;
    if (!TEST_str_eq(result->client_alpn_negotiated,
                     result->server_alpn_negotiated))
        ret = 0;
    if (!TEST_str_eq(test_ctx->expected_alpn_protocol,
                     result->client_alpn_negotiated))
        ret = 0;
    return ret;
}

static int check_session_ticket_app_data(HANDSHAKE_RESULT *result,
                                         SSL_TEST_CTX *test_ctx)
{
    size_t result_len = 0;
    size_t expected_len = 0;

    /* consider empty and NULL strings to be the same */
    if (result->result_session_ticket_app_data != NULL)
        result_len = strlen(result->result_session_ticket_app_data);
    if (test_ctx->expected_session_ticket_app_data != NULL)
        expected_len = strlen(test_ctx->expected_session_ticket_app_data);
    if (result_len == 0 && expected_len == 0)
        return 1;

    if (!TEST_str_eq(result->result_session_ticket_app_data,
                     test_ctx->expected_session_ticket_app_data))
        return 0;

    return 1;
}

static int check_resumption(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->client_resumed, result->server_resumed))
        return 0;
    if (!TEST_int_eq(result->client_resumed, test_ctx->resumption_expected))
        return 0;
    return 1;
}

static int check_nid(const char *name, int expected_nid, int nid)
{
    if (expected_nid == 0 || expected_nid == nid)
        return 1;
    TEST_error("%s type mismatch, %s vs %s\n",
               name, OBJ_nid2ln(expected_nid),
               nid == NID_undef ? "absent" : OBJ_nid2ln(nid));
    return 0;
}

static void print_ca_names(STACK_OF(X509_NAME) *names)
{
    int i;

    if (names == NULL || sk_X509_NAME_num(names) == 0) {
        TEST_note("    <empty>");
        return;
    }
    for (i = 0; i < sk_X509_NAME_num(names); i++) {
        X509_NAME_print_ex(bio_err, sk_X509_NAME_value(names, i), 4,
                           XN_FLAG_ONELINE);
        BIO_puts(bio_err, "\n");
    }
}

static int check_ca_names(const char *name,
                          STACK_OF(X509_NAME) *expected_names,
                          STACK_OF(X509_NAME) *names)
{
    int i;

    if (expected_names == NULL)
        return 1;
    if (names == NULL || sk_X509_NAME_num(names) == 0) {
        if (TEST_int_eq(sk_X509_NAME_num(expected_names), 0))
            return 1;
        goto err;
    }
    if (sk_X509_NAME_num(names) != sk_X509_NAME_num(expected_names))
        goto err;
    for (i = 0; i < sk_X509_NAME_num(names); i++) {
        if (!TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(names, i),
                                       sk_X509_NAME_value(expected_names, i)),
                         0)) {
            goto err;
        }
    }
    return 1;
err:
    TEST_info("%s: list mismatch", name);
    TEST_note("Expected Names:");
    print_ca_names(expected_names);
    TEST_note("Received Names:");
    print_ca_names(names);
    return 0;
}

static int check_tmp_key(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    return check_nid("Tmp key", test_ctx->expected_tmp_key_type,
                     result->tmp_key_type);
}

static int check_server_cert_type(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Server certificate", test_ctx->expected_server_cert_type,
                     result->server_cert_type);
}

static int check_server_sign_hash(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Server signing hash", test_ctx->expected_server_sign_hash,
                     result->server_sign_hash);
}

static int check_server_sign_type(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Server signing", test_ctx->expected_server_sign_type,
                     result->server_sign_type);
}

static int check_server_ca_names(HANDSHAKE_RESULT *result,
                                 SSL_TEST_CTX *test_ctx)
{
    return check_ca_names("Server CA names",
                          test_ctx->expected_server_ca_names,
                          result->server_ca_names);
}

static int check_client_cert_type(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Client certificate", test_ctx->expected_client_cert_type,
                     result->client_cert_type);
}

static int check_client_sign_hash(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Client signing hash", test_ctx->expected_client_sign_hash,
                     result->client_sign_hash);
}

static int check_client_sign_type(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Client signing", test_ctx->expected_client_sign_type,
                     result->client_sign_type);
}

static int check_client_ca_names(HANDSHAKE_RESULT *result,
                                 SSL_TEST_CTX *test_ctx)
{
    return check_ca_names("Client CA names",
                          test_ctx->expected_client_ca_names,
                          result->client_ca_names);
}

static int check_cipher(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (test_ctx->expected_cipher == NULL)
        return 1;
    if (!TEST_ptr(result->cipher))
        return 0;
    if (!TEST_str_eq(test_ctx->expected_cipher,
                     result->cipher))
        return 0;
    return 1;
}

/*
 * This could be further simplified by constructing an expected
 * HANDSHAKE_RESULT, and implementing comparison methods for
 * its fields.
 */
static int check_test(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    int ret = 1;
    ret &= check_result(result, test_ctx);
    ret &= check_alerts(result, test_ctx);
    if (result->result == SSL_TEST_SUCCESS) {
        ret &= check_protocol(result, test_ctx);
        ret &= check_servername(result, test_ctx);
        ret &= check_session_ticket(result, test_ctx);
        ret &= check_compression(result, test_ctx);
        ret &= check_session_id(result, test_ctx);
        ret &= (result->session_ticket_do_not_call == 0);
#ifndef OPENSSL_NO_NEXTPROTONEG
        ret &= check_npn(result, test_ctx);
#endif
        ret &= check_cipher(result, test_ctx);
        ret &= check_alpn(result, test_ctx);
        ret &= check_session_ticket_app_data(result, test_ctx);
        ret &= check_resumption(result, test_ctx);
        ret &= check_tmp_key(result, test_ctx);
        ret &= check_server_cert_type(result, test_ctx);
        ret &= check_server_sign_hash(result, test_ctx);
        ret &= check_server_sign_type(result, test_ctx);
        ret &= check_server_ca_names(result, test_ctx);
        ret &= check_client_cert_type(result, test_ctx);
        ret &= check_client_sign_hash(result, test_ctx);
        ret &= check_client_sign_type(result, test_ctx);
        ret &= check_client_ca_names(result, test_ctx);
    }
    return ret;
}

static int test_handshake(int idx)
{
    int ret = 0;
    SSL_CTX *server_ctx = NULL, *server2_ctx = NULL, *client_ctx = NULL,
        *resume_server_ctx = NULL, *resume_client_ctx = NULL;
    SSL_TEST_CTX *test_ctx = NULL;
    HANDSHAKE_RESULT *result = NULL;
    char test_app[MAX_TESTCASE_NAME_LENGTH];

    BIO_snprintf(test_app, sizeof(test_app), "test-%d", idx);

    test_ctx = SSL_TEST_CTX_create(conf, test_app, libctx);
    if (!TEST_ptr(test_ctx))
        goto err;

#ifndef OPENSSL_NO_DTLS
    if (test_ctx->method == SSL_TEST_METHOD_DTLS) {
        server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, DTLS_server_method());
        if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
            goto err;
        if (test_ctx->extra.server.servername_callback !=
            SSL_TEST_SERVERNAME_CB_NONE) {
            if (!TEST_ptr(server2_ctx =
                            SSL_CTX_new_with_libctx(libctx, NULL,
                                                    DTLS_server_method())))
                goto err;
        }
        client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, DTLS_client_method());
        if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
            goto err;
        if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
            resume_server_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
                                                        DTLS_server_method());
            if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
                goto err;
            resume_client_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
                                                        DTLS_client_method());
            if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
                goto err;
            if (!TEST_ptr(resume_server_ctx)
                    || !TEST_ptr(resume_client_ctx))
                goto err;
        }
    }
#endif
    if (test_ctx->method == SSL_TEST_METHOD_TLS) {
        server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_server_method());
        if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
            goto err;
        /* SNI on resumption isn't supported/tested yet. */
        if (test_ctx->extra.server.servername_callback !=
            SSL_TEST_SERVERNAME_CB_NONE) {
            if (!TEST_ptr(server2_ctx =
                            SSL_CTX_new_with_libctx(libctx, NULL,
                                                    TLS_server_method())))
                goto err;
            if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, 0)))
                goto err;
        }
        client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_client_method());
        if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
            goto err;

        if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
            resume_server_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
                                                        TLS_server_method());
            if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
                goto err;
            resume_client_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
                                                        TLS_client_method());
            if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
                goto err;
            if (!TEST_ptr(resume_server_ctx)
                    || !TEST_ptr(resume_client_ctx))
                goto err;
        }
    }

#ifdef OPENSSL_NO_AUTOLOAD_CONFIG
    if (!TEST_true(OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL)))
        goto err;
#endif

    if (!TEST_ptr(server_ctx)
            || !TEST_ptr(client_ctx)
            || !TEST_int_gt(CONF_modules_load(conf, test_app, 0),  0))
        goto err;

    if (!SSL_CTX_config(server_ctx, "server")
        || !SSL_CTX_config(client_ctx, "client")) {
        goto err;
    }

    if (server2_ctx != NULL && !SSL_CTX_config(server2_ctx, "server2"))
        goto err;
    if (resume_server_ctx != NULL
        && !SSL_CTX_config(resume_server_ctx, "resume-server"))
        goto err;
    if (resume_client_ctx != NULL
        && !SSL_CTX_config(resume_client_ctx, "resume-client"))
        goto err;

    result = do_handshake(server_ctx, server2_ctx, client_ctx,
                          resume_server_ctx, resume_client_ctx, test_ctx);

    if (result != NULL)
        ret = check_test(result, test_ctx);

err:
    CONF_modules_unload(0);
    SSL_CTX_free(server_ctx);
    SSL_CTX_free(server2_ctx);
    SSL_CTX_free(client_ctx);
    SSL_CTX_free(resume_server_ctx);
    SSL_CTX_free(resume_client_ctx);
    SSL_TEST_CTX_free(test_ctx);
    HANDSHAKE_RESULT_free(result);
    return ret;
}

OPT_TEST_DECLARE_USAGE("conf_file modulename [fips_conf_file]\n")

int setup_tests(void)
{
    long num_tests;
    const char *modulename;

    if (!test_skip_common_options()) {
        TEST_error("Error parsing test options\n");
        return 0;
    }

    if (!TEST_ptr(conf = NCONF_new(NULL))
            /* argv[1] should point to the test conf file */
            || !TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)
            || !TEST_int_ne(NCONF_get_number_e(conf, NULL, "num_tests",
                                               &num_tests), 0))
        return 0;

    if (!TEST_ptr(modulename = test_get_argument(1)))
        return 0;

    if (strcmp(modulename, "none") != 0) {
        const char *configfile = test_get_argument(2);

        defctxnull = OSSL_PROVIDER_load(NULL, "null");
        libctx = OPENSSL_CTX_new();
        if (!TEST_ptr(libctx))
            return 0;

        if (configfile != NULL
                && !TEST_true(OPENSSL_CTX_load_config(libctx, configfile)))
            return 0;

        thisprov = OSSL_PROVIDER_load(libctx, modulename);
        if (!TEST_ptr(thisprov))
            return 0;
    }

    ADD_ALL_TESTS(test_handshake, (int)num_tests);
    return 1;
}

void cleanup_tests(void)
{
    NCONF_free(conf);
    OSSL_PROVIDER_unload(defctxnull);
    OSSL_PROVIDER_unload(thisprov);
    OPENSSL_CTX_free(libctx);
}
Commit	Line	Data
453dfd8d	1	/*
33388b44	2	* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
453dfd8d	3	*
909f1a2e	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
440e5d80 RS	5	* this file except in compliance with the License. You can obtain a copy
440e5d80 RS	6	* in the file LICENSE in the source distribution or at
453dfd8d	7	* https://www.openssl.org/source/license.html
453dfd8d EK	8	*/
	9
	10	#include <stdio.h>
5c753de6	11	#include <string.h>
453dfd8d EK	12
	13	#include <openssl/conf.h>
	14	#include <openssl/err.h>
	15	#include <openssl/ssl.h>
fea4e2bd	16	#include <openssl/provider.h>
453dfd8d EK	17
	18	#include "handshake_helper.h"
	19	#include "ssl_test_ctx.h"
	20	#include "testutil.h"
	21
852c2ed2 RS	22	DEFINE_STACK_OF(X509_NAME)
852c2ed2 RS	23
453dfd8d	24	static CONF *conf = NULL;
fea4e2bd MC	25	static OSSL_PROVIDER defctxnull = NULL, thisprov = NULL;
fea4e2bd MC	26	static OPENSSL_CTX *libctx = NULL;
453dfd8d EK	27
	28	/* Currently the section names are of the form test-<number>, e.g. test-15. */
	29	#define MAX_TESTCASE_NAME_LENGTH 100
	30
453dfd8d EK	31	static const char *print_alert(int alert)
	32	{
	33	return alert ? SSL_alert_desc_string_long(alert) : "no alert";
	34	}
	35
ce2cdac2	36	static int check_result(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
453dfd8d	37	{
2fae041d P	38	if (!TEST_int_eq(result->result, test_ctx->expected_result)) {
	39	TEST_info("ExpectedResult mismatch: expected %s, got %s.",
	40	ssl_test_result_name(test_ctx->expected_result),
	41	ssl_test_result_name(result->result));
453dfd8d EK	42	return 0;
	43	}
	44	return 1;
	45	}
	46
ce2cdac2	47	static int check_alerts(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
453dfd8d	48	{
2fae041d P	49	if (!TEST_int_eq(result->client_alert_sent,
	50	result->client_alert_received)) {
	51	TEST_info("Client sent alert %s but server received %s.",
	52	print_alert(result->client_alert_sent),
	53	print_alert(result->client_alert_received));
453dfd8d EK	54	/*
	55	* We can't bail here because the peer doesn't always get far enough
	56	* to process a received alert. Specifically, in protocol version
	57	* negotiation tests, we have the following scenario.
	58	* Client supports TLS v1.2 only; Server supports TLS v1.1.
	59	* Client proposes TLS v1.2; server responds with 1.1;
	60	* Client now sends a protocol alert, using TLS v1.2 in the header.
	61	* The server, however, rejects the alert because of version mismatch
	62	* in the record layer; therefore, the server appears to never
	63	* receive the alert.
	64	*/
	65	/* return 0; */
	66	}
	67
2fae041d P	68	if (!TEST_int_eq(result->server_alert_sent,
	69	result->server_alert_received)) {
	70	TEST_info("Server sent alert %s but client received %s.",
	71	print_alert(result->server_alert_sent),
	72	print_alert(result->server_alert_received));
453dfd8d EK	73	/* return 0; */
	74	}
	75
	76	/* Tolerate an alert if one wasn't explicitly specified in the test. */
9f48bbac	77	if (test_ctx->expected_client_alert
453dfd8d EK	78	/*
	79	* The info callback alert value is computed as
	80	* (s->s3->send_alert[0] << 8) \| s->s3->send_alert[1]
	81	* where the low byte is the alert code and the high byte is other stuff.
	82	*/
9f48bbac	83	&& (result->client_alert_sent & 0xff) != test_ctx->expected_client_alert) {
2fae041d P	84	TEST_error("ClientAlert mismatch: expected %s, got %s.",
	85	print_alert(test_ctx->expected_client_alert),
	86	print_alert(result->client_alert_sent));
453dfd8d EK	87	return 0;
	88	}
	89
9f48bbac EK	90	if (test_ctx->expected_server_alert
9f48bbac EK	91	&& (result->server_alert_sent & 0xff) != test_ctx->expected_server_alert) {
2fae041d P	92	TEST_error("ServerAlert mismatch: expected %s, got %s.",
	93	print_alert(test_ctx->expected_server_alert),
	94	print_alert(result->server_alert_sent));
453dfd8d EK	95	return 0;
	96	}
	97
2fae041d	98	if (!TEST_int_le(result->client_num_fatal_alerts_sent, 1))
dd8e5a57	99	return 0;
2fae041d	100	if (!TEST_int_le(result->server_num_fatal_alerts_sent, 1))
dd8e5a57	101	return 0;
453dfd8d EK	102	return 1;
	103	}
	104
ce2cdac2	105	static int check_protocol(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
453dfd8d	106	{
2fae041d P	107	if (!TEST_int_eq(result->client_protocol, result->server_protocol)) {
	108	TEST_info("Client has protocol %s but server has %s.",
	109	ssl_protocol_name(result->client_protocol),
	110	ssl_protocol_name(result->server_protocol));
453dfd8d EK	111	return 0;
	112	}
	113
9f48bbac	114	if (test_ctx->expected_protocol) {
2fae041d P	115	if (!TEST_int_eq(result->client_protocol,
	116	test_ctx->expected_protocol)) {
	117	TEST_info("Protocol mismatch: expected %s, got %s.\n",
	118	ssl_protocol_name(test_ctx->expected_protocol),
	119	ssl_protocol_name(result->client_protocol));
453dfd8d EK	120	return 0;
	121	}
	122	}
	123	return 1;
	124	}
	125
ce2cdac2	126	static int check_servername(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
5c753de6	127	{
2fae041d P	128	if (!TEST_int_eq(result->servername, test_ctx->expected_servername)) {
	129	TEST_info("Client ServerName mismatch, expected %s, got %s.",
	130	ssl_servername_name(test_ctx->expected_servername),
	131	ssl_servername_name(result->servername));
d2b23cd2	132	return 0;
5c753de6	133	}
d2b23cd2	134	return 1;
5c753de6 TS	135	}
5c753de6 TS	136
ce2cdac2	137	static int check_session_ticket(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
5c753de6 TS	138	{
	139	if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_IGNORE)
	140	return 1;
2fae041d P	141	if (!TEST_int_eq(result->session_ticket,
	142	test_ctx->session_ticket_expected)) {
	143	TEST_info("Client SessionTicketExpected mismatch, expected %s, got %s.",
	144	ssl_session_ticket_name(test_ctx->session_ticket_expected),
	145	ssl_session_ticket_name(result->session_ticket));
5c753de6 TS	146	return 0;
	147	}
	148	return 1;
	149	}
	150
a84e5c9a TS	151	static int check_session_id(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
	152	{
	153	if (test_ctx->session_id_expected == SSL_TEST_SESSION_ID_IGNORE)
	154	return 1;
	155	if (!TEST_int_eq(result->session_id, test_ctx->session_id_expected)) {
	156	TEST_info("Client SessionIdExpected mismatch, expected %s, got %s\n.",
	157	ssl_session_id_name(test_ctx->session_id_expected),
	158	ssl_session_id_name(result->session_id));
	159	return 0;
	160	}
	161	return 1;
	162	}
	163
439db0c9 MC	164	static int check_compression(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
439db0c9 MC	165	{
2fae041d	166	if (!TEST_int_eq(result->compression, test_ctx->compression_expected))
439db0c9	167	return 0;
439db0c9 MC	168	return 1;
439db0c9 MC	169	}
620c6ad3	170	#ifndef OPENSSL_NO_NEXTPROTONEG
ce2cdac2 EK	171	static int check_npn(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
	172	{
	173	int ret = 1;
2fae041d P	174	if (!TEST_str_eq(result->client_npn_negotiated,
	175	result->server_npn_negotiated))
	176	ret = 0;
	177	if (!TEST_str_eq(test_ctx->expected_npn_protocol,
	178	result->client_npn_negotiated))
	179	ret = 0;
ce2cdac2 EK	180	return ret;
ce2cdac2 EK	181	}
7b7cea6d	182	#endif
ce2cdac2 EK	183
	184	static int check_alpn(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
	185	{
	186	int ret = 1;
2fae041d P	187	if (!TEST_str_eq(result->client_alpn_negotiated,
	188	result->server_alpn_negotiated))
	189	ret = 0;
	190	if (!TEST_str_eq(test_ctx->expected_alpn_protocol,
	191	result->client_alpn_negotiated))
	192	ret = 0;
ce2cdac2 EK	193	return ret;
	194	}
	195
df0fed9a TS	196	static int check_session_ticket_app_data(HANDSHAKE_RESULT *result,
	197	SSL_TEST_CTX *test_ctx)
	198	{
	199	size_t result_len = 0;
	200	size_t expected_len = 0;
	201
	202	/* consider empty and NULL strings to be the same */
	203	if (result->result_session_ticket_app_data != NULL)
	204	result_len = strlen(result->result_session_ticket_app_data);
	205	if (test_ctx->expected_session_ticket_app_data != NULL)
	206	expected_len = strlen(test_ctx->expected_session_ticket_app_data);
	207	if (result_len == 0 && expected_len == 0)
	208	return 1;
	209
	210	if (!TEST_str_eq(result->result_session_ticket_app_data,
	211	test_ctx->expected_session_ticket_app_data))
	212	return 0;
	213
	214	return 1;
	215	}
	216
590ed3d7 EK	217	static int check_resumption(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
590ed3d7 EK	218	{
2fae041d	219	if (!TEST_int_eq(result->client_resumed, result->server_resumed))
590ed3d7	220	return 0;
2fae041d	221	if (!TEST_int_eq(result->client_resumed, test_ctx->resumption_expected))
590ed3d7	222	return 0;
590ed3d7 EK	223	return 1;
	224	}
	225
ee5b6a42	226	static int check_nid(const char *name, int expected_nid, int nid)
b93ad05d	227	{
ee5b6a42	228	if (expected_nid == 0 \|\| expected_nid == nid)
b93ad05d	229	return 1;
2fae041d P	230	TEST_error("%s type mismatch, %s vs %s\n",
	231	name, OBJ_nid2ln(expected_nid),
	232	nid == NID_undef ? "absent" : OBJ_nid2ln(nid));
b93ad05d DSH	233	return 0;
	234	}
	235
2e21539b DSH	236	static void print_ca_names(STACK_OF(X509_NAME) *names)
2e21539b DSH	237	{
2e21539b DSH	238	int i;
	239
	240	if (names == NULL \|\| sk_X509_NAME_num(names) == 0) {
8fe3127c	241	TEST_note(" <empty>");
2e21539b DSH	242	return;
2e21539b DSH	243	}
2e21539b	244	for (i = 0; i < sk_X509_NAME_num(names); i++) {
8fe3127c	245	X509_NAME_print_ex(bio_err, sk_X509_NAME_value(names, i), 4,
2e21539b	246	XN_FLAG_ONELINE);
8fe3127c	247	BIO_puts(bio_err, "\n");
2e21539b	248	}
2e21539b DSH	249	}
	250
	251	static int check_ca_names(const char *name,
	252	STACK_OF(X509_NAME) *expected_names,
	253	STACK_OF(X509_NAME) *names)
	254	{
	255	int i;
	256
	257	if (expected_names == NULL)
	258	return 1;
	259	if (names == NULL \|\| sk_X509_NAME_num(names) == 0) {
8fe3127c	260	if (TEST_int_eq(sk_X509_NAME_num(expected_names), 0))
2e21539b DSH	261	return 1;
	262	goto err;
	263	}
	264	if (sk_X509_NAME_num(names) != sk_X509_NAME_num(expected_names))
	265	goto err;
	266	for (i = 0; i < sk_X509_NAME_num(names); i++) {
8fe3127c P	267	if (!TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(names, i),
	268	sk_X509_NAME_value(expected_names, i)),
	269	0)) {
2e21539b DSH	270	goto err;
	271	}
	272	}
	273	return 1;
8fe3127c P	274	err:
	275	TEST_info("%s: list mismatch", name);
	276	TEST_note("Expected Names:");
2e21539b	277	print_ca_names(expected_names);
8fe3127c	278	TEST_note("Received Names:");
2e21539b DSH	279	print_ca_names(names);
	280	return 0;
	281	}
	282
f15b50c4 DSH	283	static int check_tmp_key(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
	284	{
	285	return check_nid("Tmp key", test_ctx->expected_tmp_key_type,
	286	result->tmp_key_type);
	287	}
	288
	289	static int check_server_cert_type(HANDSHAKE_RESULT *result,
	290	SSL_TEST_CTX *test_ctx)
	291	{
	292	return check_nid("Server certificate", test_ctx->expected_server_cert_type,
	293	result->server_cert_type);
	294	}
	295
	296	static int check_server_sign_hash(HANDSHAKE_RESULT *result,
	297	SSL_TEST_CTX *test_ctx)
	298	{
	299	return check_nid("Server signing hash", test_ctx->expected_server_sign_hash,
	300	result->server_sign_hash);
	301	}
	302
	303	static int check_server_sign_type(HANDSHAKE_RESULT *result,
	304	SSL_TEST_CTX *test_ctx)
	305	{
	306	return check_nid("Server signing", test_ctx->expected_server_sign_type,
	307	result->server_sign_type);
	308	}
	309
	310	static int check_server_ca_names(HANDSHAKE_RESULT *result,
	311	SSL_TEST_CTX *test_ctx)
	312	{
	313	return check_ca_names("Server CA names",
	314	test_ctx->expected_server_ca_names,
	315	result->server_ca_names);
	316	}
	317
	318	static int check_client_cert_type(HANDSHAKE_RESULT *result,
	319	SSL_TEST_CTX *test_ctx)
	320	{
	321	return check_nid("Client certificate", test_ctx->expected_client_cert_type,
	322	result->client_cert_type);
	323	}
	324
	325	static int check_client_sign_hash(HANDSHAKE_RESULT *result,
	326	SSL_TEST_CTX *test_ctx)
	327	{
	328	return check_nid("Client signing hash", test_ctx->expected_client_sign_hash,
	329	result->client_sign_hash);
	330	}
	331
	332	static int check_client_sign_type(HANDSHAKE_RESULT *result,
	333	SSL_TEST_CTX *test_ctx)
	334	{
	335	return check_nid("Client signing", test_ctx->expected_client_sign_type,
	336	result->client_sign_type);
	337	}
	338
2e21539b DSH	339	static int check_client_ca_names(HANDSHAKE_RESULT *result,
	340	SSL_TEST_CTX *test_ctx)
	341	{
	342	return check_ca_names("Client CA names",
	343	test_ctx->expected_client_ca_names,
	344	result->client_ca_names);
	345	}
	346
e1c7871d TS	347	static int check_cipher(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
	348	{
	349	if (test_ctx->expected_cipher == NULL)
	350	return 1;
	351	if (!TEST_ptr(result->cipher))
	352	return 0;
	353	if (!TEST_str_eq(test_ctx->expected_cipher,
	354	result->cipher))
	355	return 0;
	356	return 1;
	357	}
	358
453dfd8d EK	359	/*
	360	* This could be further simplified by constructing an expected
	361	* HANDSHAKE_RESULT, and implementing comparison methods for
	362	* its fields.
	363	*/
ce2cdac2	364	static int check_test(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
453dfd8d EK	365	{
	366	int ret = 1;
	367	ret &= check_result(result, test_ctx);
	368	ret &= check_alerts(result, test_ctx);
ce2cdac2	369	if (result->result == SSL_TEST_SUCCESS) {
453dfd8d	370	ret &= check_protocol(result, test_ctx);
5c753de6	371	ret &= check_servername(result, test_ctx);
81fc33c9	372	ret &= check_session_ticket(result, test_ctx);
439db0c9	373	ret &= check_compression(result, test_ctx);
a84e5c9a	374	ret &= check_session_id(result, test_ctx);
ce2cdac2	375	ret &= (result->session_ticket_do_not_call == 0);
620c6ad3	376	#ifndef OPENSSL_NO_NEXTPROTONEG
ce2cdac2	377	ret &= check_npn(result, test_ctx);
620c6ad3	378	#endif
e1c7871d	379	ret &= check_cipher(result, test_ctx);
7b7cea6d	380	ret &= check_alpn(result, test_ctx);
df0fed9a	381	ret &= check_session_ticket_app_data(result, test_ctx);
590ed3d7	382	ret &= check_resumption(result, test_ctx);
b93ad05d	383	ret &= check_tmp_key(result, test_ctx);
7f5f35af	384	ret &= check_server_cert_type(result, test_ctx);
ee5b6a42	385	ret &= check_server_sign_hash(result, test_ctx);
54b7f2a5	386	ret &= check_server_sign_type(result, test_ctx);
f15b50c4	387	ret &= check_server_ca_names(result, test_ctx);
7f5f35af	388	ret &= check_client_cert_type(result, test_ctx);
ee5b6a42	389	ret &= check_client_sign_hash(result, test_ctx);
54b7f2a5	390	ret &= check_client_sign_type(result, test_ctx);
2e21539b	391	ret &= check_client_ca_names(result, test_ctx);
5c753de6	392	}
453dfd8d EK	393	return ret;
	394	}
	395
d836d71b	396	static int test_handshake(int idx)
453dfd8d	397	{
ababe86b	398	int ret = 0;
590ed3d7	399	SSL_CTX server_ctx = NULL, server2_ctx = NULL, *client_ctx = NULL,
11279b13	400	resume_server_ctx = NULL, resume_client_ctx = NULL;
453dfd8d	401	SSL_TEST_CTX *test_ctx = NULL;
ce2cdac2	402	HANDSHAKE_RESULT *result = NULL;
d836d71b EK	403	char test_app[MAX_TESTCASE_NAME_LENGTH];
	404
	405	BIO_snprintf(test_app, sizeof(test_app), "test-%d", idx);
453dfd8d	406
6725682d	407	test_ctx = SSL_TEST_CTX_create(conf, test_app, libctx);
2fae041d	408	if (!TEST_ptr(test_ctx))
74726750 EK	409	goto err;
	410
	411	#ifndef OPENSSL_NO_DTLS
	412	if (test_ctx->method == SSL_TEST_METHOD_DTLS) {
fea4e2bd	413	server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, DTLS_server_method());
5c587fb6	414	if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
7d7f6834	415	goto err;
9f48bbac EK	416	if (test_ctx->extra.server.servername_callback !=
9f48bbac EK	417	SSL_TEST_SERVERNAME_CB_NONE) {
fea4e2bd MC	418	if (!TEST_ptr(server2_ctx =
	419	SSL_CTX_new_with_libctx(libctx, NULL,
	420	DTLS_server_method())))
019e47ce	421	goto err;
d2b23cd2	422	}
fea4e2bd	423	client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, DTLS_client_method());
5c587fb6	424	if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
7d7f6834	425	goto err;
590ed3d7	426	if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
fea4e2bd MC	427	resume_server_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
fea4e2bd MC	428	DTLS_server_method());
5c587fb6	429	if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
7d7f6834	430	goto err;
fea4e2bd MC	431	resume_client_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
fea4e2bd MC	432	DTLS_client_method());
5c587fb6	433	if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
7d7f6834	434	goto err;
019e47ce P	435	if (!TEST_ptr(resume_server_ctx)
	436	\|\| !TEST_ptr(resume_client_ctx))
	437	goto err;
590ed3d7	438	}
74726750 EK	439	}
	440	#endif
	441	if (test_ctx->method == SSL_TEST_METHOD_TLS) {
fea4e2bd	442	server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_server_method());
5c587fb6	443	if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
7d7f6834	444	goto err;
9f48bbac EK	445	/* SNI on resumption isn't supported/tested yet. */
	446	if (test_ctx->extra.server.servername_callback !=
	447	SSL_TEST_SERVERNAME_CB_NONE) {
fea4e2bd MC	448	if (!TEST_ptr(server2_ctx =
	449	SSL_CTX_new_with_libctx(libctx, NULL,
	450	TLS_server_method())))
019e47ce	451	goto err;
5c587fb6	452	if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, 0)))
7d7f6834	453	goto err;
d2b23cd2	454	}
fea4e2bd	455	client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_client_method());
5c587fb6	456	if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
7d7f6834	457	goto err;
590ed3d7 EK	458
590ed3d7 EK	459	if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
fea4e2bd MC	460	resume_server_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
fea4e2bd MC	461	TLS_server_method());
5c587fb6	462	if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
7d7f6834	463	goto err;
fea4e2bd MC	464	resume_client_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
fea4e2bd MC	465	TLS_client_method());
5c587fb6	466	if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
7d7f6834	467	goto err;
019e47ce P	468	if (!TEST_ptr(resume_server_ctx)
	469	\|\| !TEST_ptr(resume_client_ctx))
	470	goto err;
590ed3d7	471	}
74726750 EK	472	}
74726750 EK	473
dbabc862 BE	474	#ifdef OPENSSL_NO_AUTOLOAD_CONFIG
	475	if (!TEST_true(OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL)))
	476	goto err;
	477	#endif
	478
019e47ce P	479	if (!TEST_ptr(server_ctx)
	480	\|\| !TEST_ptr(client_ctx)
	481	\|\| !TEST_int_gt(CONF_modules_load(conf, test_app, 0), 0))
	482	goto err;
453dfd8d EK	483
453dfd8d EK	484	if (!SSL_CTX_config(server_ctx, "server")
5c753de6	485	\|\| !SSL_CTX_config(client_ctx, "client")) {
453dfd8d EK	486	goto err;
	487	}
	488
d2b23cd2 EK	489	if (server2_ctx != NULL && !SSL_CTX_config(server2_ctx, "server2"))
d2b23cd2 EK	490	goto err;
590ed3d7 EK	491	if (resume_server_ctx != NULL
	492	&& !SSL_CTX_config(resume_server_ctx, "resume-server"))
	493	goto err;
11279b13 EK	494	if (resume_client_ctx != NULL
	495	&& !SSL_CTX_config(resume_client_ctx, "resume-client"))
	496	goto err;
d2b23cd2	497
590ed3d7	498	result = do_handshake(server_ctx, server2_ctx, client_ctx,
11279b13	499	resume_server_ctx, resume_client_ctx, test_ctx);
453dfd8d	500
ff281ee8 P	501	if (result != NULL)
ff281ee8 P	502	ret = check_test(result, test_ctx);
453dfd8d EK	503
	504	err:
	505	CONF_modules_unload(0);
	506	SSL_CTX_free(server_ctx);
5c753de6	507	SSL_CTX_free(server2_ctx);
453dfd8d	508	SSL_CTX_free(client_ctx);
590ed3d7	509	SSL_CTX_free(resume_server_ctx);
11279b13	510	SSL_CTX_free(resume_client_ctx);
453dfd8d	511	SSL_TEST_CTX_free(test_ctx);
ce2cdac2	512	HANDSHAKE_RESULT_free(result);
453dfd8d EK	513	return ret;
	514	}
	515
682bc861	516	OPT_TEST_DECLARE_USAGE("conf_file modulename [fips_conf_file]\n")
a43ce58f	517
ad887416	518	int setup_tests(void)
453dfd8d	519	{
453dfd8d	520	long num_tests;
fea4e2bd	521	const char *modulename;
453dfd8d	522
8d242823 MC	523	if (!test_skip_common_options()) {
	524	TEST_error("Error parsing test options\n");
	525	return 0;
	526	}
	527
ad887416	528	if (!TEST_ptr(conf = NCONF_new(NULL))
019e47ce	529	/* argv[1] should point to the test conf file */
ad887416	530	\|\| !TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)
019e47ce P	531	\|\| !TEST_int_ne(NCONF_get_number_e(conf, NULL, "num_tests",
019e47ce P	532	&num_tests), 0))
ad887416	533	return 0;
453dfd8d	534
fea4e2bd MC	535	if (!TEST_ptr(modulename = test_get_argument(1)))
	536	return 0;
	537
ab5a02f7	538	if (strcmp(modulename, "none") != 0) {
682bc861 MC	539	const char *configfile = test_get_argument(2);
682bc861 MC	540
ab5a02f7 MC	541	defctxnull = OSSL_PROVIDER_load(NULL, "null");
	542	libctx = OPENSSL_CTX_new();
	543	if (!TEST_ptr(libctx))
	544	return 0;
fea4e2bd	545
682bc861 MC	546	if (configfile != NULL
	547	&& !TEST_true(OPENSSL_CTX_load_config(libctx, configfile)))
	548	return 0;
	549
ab5a02f7 MC	550	thisprov = OSSL_PROVIDER_load(libctx, modulename);
	551	if (!TEST_ptr(thisprov))
	552	return 0;
	553	}
fea4e2bd	554
ad887416 P	555	ADD_ALL_TESTS(test_handshake, (int)num_tests);
	556	return 1;
	557	}
453dfd8d	558
ad887416 P	559	void cleanup_tests(void)
ad887416 P	560	{
e364c3b2	561	NCONF_free(conf);
fea4e2bd MC	562	OSSL_PROVIDER_unload(defctxnull);
	563	OSSL_PROVIDER_unload(thisprov);
	564	OPENSSL_CTX_free(libctx);
453dfd8d	565	}