]>
Commit | Line | Data |
---|---|---|
c5a56992 | 1 | /* |
b0edda11 | 2 | * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. |
c5a56992 AP |
3 | * |
4 | * Licensed under the OpenSSL license (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
b4eee58a | 10 | #include <string.h> |
c5a56992 AP |
11 | #include "ssltestlib.h" |
12 | #include "testutil.h" | |
13 | ||
e60ce9c4 MC |
14 | static int docorrupt = 0; |
15 | ||
c5a56992 AP |
16 | static void copy_flags(BIO *bio) |
17 | { | |
18 | int flags; | |
19 | BIO *next = BIO_next(bio); | |
20 | ||
21 | flags = BIO_test_flags(next, BIO_FLAGS_SHOULD_RETRY | BIO_FLAGS_RWS); | |
22 | BIO_clear_flags(bio, BIO_FLAGS_SHOULD_RETRY | BIO_FLAGS_RWS); | |
23 | BIO_set_flags(bio, flags); | |
24 | } | |
25 | ||
26 | static int tls_corrupt_read(BIO *bio, char *out, int outl) | |
27 | { | |
28 | int ret; | |
29 | BIO *next = BIO_next(bio); | |
30 | ||
31 | ret = BIO_read(next, out, outl); | |
32 | copy_flags(bio); | |
33 | ||
34 | return ret; | |
35 | } | |
36 | ||
37 | static int tls_corrupt_write(BIO *bio, const char *in, int inl) | |
38 | { | |
39 | int ret; | |
40 | BIO *next = BIO_next(bio); | |
41 | char *copy; | |
42 | ||
e60ce9c4 | 43 | if (docorrupt) { |
019e47ce P |
44 | if (!TEST_ptr(copy = BUF_memdup(in, inl))) |
45 | return 0; | |
c5a56992 AP |
46 | /* corrupt last bit of application data */ |
47 | copy[inl-1] ^= 1; | |
48 | ret = BIO_write(next, copy, inl); | |
49 | OPENSSL_free(copy); | |
50 | } else { | |
51 | ret = BIO_write(next, in, inl); | |
52 | } | |
53 | copy_flags(bio); | |
54 | ||
55 | return ret; | |
56 | } | |
57 | ||
58 | static long tls_corrupt_ctrl(BIO *bio, int cmd, long num, void *ptr) | |
59 | { | |
60 | long ret; | |
61 | BIO *next = BIO_next(bio); | |
62 | ||
63 | if (next == NULL) | |
64 | return 0; | |
65 | ||
66 | switch (cmd) { | |
67 | case BIO_CTRL_DUP: | |
68 | ret = 0L; | |
69 | break; | |
70 | default: | |
71 | ret = BIO_ctrl(next, cmd, num, ptr); | |
72 | break; | |
73 | } | |
74 | return ret; | |
75 | } | |
76 | ||
77 | static int tls_corrupt_gets(BIO *bio, char *buf, int size) | |
78 | { | |
79 | /* We don't support this - not needed anyway */ | |
80 | return -1; | |
81 | } | |
82 | ||
83 | static int tls_corrupt_puts(BIO *bio, const char *str) | |
84 | { | |
85 | /* We don't support this - not needed anyway */ | |
86 | return -1; | |
87 | } | |
88 | ||
89 | static int tls_corrupt_new(BIO *bio) | |
90 | { | |
91 | BIO_set_init(bio, 1); | |
92 | ||
93 | return 1; | |
94 | } | |
95 | ||
96 | static int tls_corrupt_free(BIO *bio) | |
97 | { | |
98 | BIO_set_init(bio, 0); | |
99 | ||
100 | return 1; | |
101 | } | |
102 | ||
103 | #define BIO_TYPE_CUSTOM_FILTER (0x80 | BIO_TYPE_FILTER) | |
104 | ||
105 | static BIO_METHOD *method_tls_corrupt = NULL; | |
106 | ||
107 | /* Note: Not thread safe! */ | |
108 | static const BIO_METHOD *bio_f_tls_corrupt_filter(void) | |
109 | { | |
110 | if (method_tls_corrupt == NULL) { | |
111 | method_tls_corrupt = BIO_meth_new(BIO_TYPE_CUSTOM_FILTER, | |
112 | "TLS corrupt filter"); | |
113 | if ( method_tls_corrupt == NULL | |
114 | || !BIO_meth_set_write(method_tls_corrupt, tls_corrupt_write) | |
115 | || !BIO_meth_set_read(method_tls_corrupt, tls_corrupt_read) | |
116 | || !BIO_meth_set_puts(method_tls_corrupt, tls_corrupt_puts) | |
117 | || !BIO_meth_set_gets(method_tls_corrupt, tls_corrupt_gets) | |
118 | || !BIO_meth_set_ctrl(method_tls_corrupt, tls_corrupt_ctrl) | |
119 | || !BIO_meth_set_create(method_tls_corrupt, tls_corrupt_new) | |
120 | || !BIO_meth_set_destroy(method_tls_corrupt, tls_corrupt_free)) | |
121 | return NULL; | |
122 | } | |
123 | return method_tls_corrupt; | |
124 | } | |
125 | ||
126 | static void bio_f_tls_corrupt_filter_free(void) | |
127 | { | |
128 | BIO_meth_free(method_tls_corrupt); | |
129 | } | |
130 | ||
131 | /* | |
132 | * The test is supposed to be executed with RSA key, customarily | |
133 | * with apps/server.pem used even in other tests. For this reason | |
134 | * |cipher_list| is initialized with RSA ciphers' names. This | |
135 | * naturally means that if test is to be re-purposed for other | |
70d8b304 | 136 | * type of key, then NID_auth_* filter below would need adjustment. |
c5a56992 AP |
137 | */ |
138 | static const char **cipher_list = NULL; | |
139 | ||
3cb7c5cf | 140 | static int setup_cipher_list(void) |
c5a56992 AP |
141 | { |
142 | SSL_CTX *ctx = NULL; | |
143 | SSL *ssl = NULL; | |
019e47ce P |
144 | STACK_OF(SSL_CIPHER) *sk_ciphers = NULL; |
145 | int i, j, numciphers = 0; | |
c5a56992 | 146 | |
019e47ce P |
147 | if (!TEST_ptr(ctx = SSL_CTX_new(TLS_server_method())) |
148 | || !TEST_ptr(ssl = SSL_new(ctx)) | |
149 | || !TEST_ptr(sk_ciphers = SSL_get1_supported_ciphers(ssl))) | |
150 | goto err; | |
c5a56992 AP |
151 | |
152 | /* | |
153 | * The |cipher_list| will be filled only with names of RSA ciphers, | |
154 | * so that some of the allocated space will be wasted, but the loss | |
155 | * is deemed acceptable... | |
156 | */ | |
157 | cipher_list = OPENSSL_malloc(sk_SSL_CIPHER_num(sk_ciphers) * | |
158 | sizeof(cipher_list[0])); | |
019e47ce P |
159 | if (!TEST_ptr(cipher_list)) |
160 | goto err; | |
c5a56992 | 161 | |
019e47ce | 162 | for (j = 0, i = 0; i < sk_SSL_CIPHER_num(sk_ciphers); i++) { |
c5a56992 AP |
163 | const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(sk_ciphers, i); |
164 | ||
165 | if (SSL_CIPHER_get_auth_nid(cipher) == NID_auth_rsa) | |
019e47ce | 166 | cipher_list[j++] = SSL_CIPHER_get_name(cipher); |
c5a56992 | 167 | } |
019e47ce P |
168 | if (TEST_int_ne(j, 0)) |
169 | numciphers = j; | |
c5a56992 | 170 | |
019e47ce | 171 | err: |
c5a56992 AP |
172 | sk_SSL_CIPHER_free(sk_ciphers); |
173 | SSL_free(ssl); | |
174 | SSL_CTX_free(ctx); | |
175 | ||
176 | return numciphers; | |
177 | } | |
178 | ||
179 | static char *cert = NULL; | |
180 | static char *privkey = NULL; | |
181 | ||
182 | static int test_ssl_corrupt(int testidx) | |
183 | { | |
f3ab6c16 | 184 | static unsigned char junk[16000] = { 0 }; |
c5a56992 AP |
185 | SSL_CTX *sctx = NULL, *cctx = NULL; |
186 | SSL *server = NULL, *client = NULL; | |
187 | BIO *c_to_s_fbio; | |
188 | int testresult = 0; | |
b4eee58a MC |
189 | STACK_OF(SSL_CIPHER) *ciphers; |
190 | const SSL_CIPHER *currcipher; | |
c5a56992 | 191 | |
e60ce9c4 MC |
192 | docorrupt = 0; |
193 | ||
f3ab6c16 | 194 | TEST_info("Starting #%d, %s", testidx, cipher_list[testidx]); |
c5a56992 | 195 | |
7d7f6834 RL |
196 | if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), |
197 | TLS1_VERSION, TLS_MAX_VERSION, | |
198 | &sctx, &cctx, cert, privkey))) | |
c5a56992 | 199 | return 0; |
c5a56992 | 200 | |
a53b5be6 | 201 | if (!TEST_true(SSL_CTX_set_cipher_list(cctx, cipher_list[testidx])) |
f865b081 | 202 | || !TEST_true(SSL_CTX_set_ciphersuites(cctx, "")) |
a53b5be6 | 203 | || !TEST_ptr(ciphers = SSL_CTX_get_ciphers(cctx)) |
f3ab6c16 RS |
204 | || !TEST_int_eq(sk_SSL_CIPHER_num(ciphers), 1) |
205 | || !TEST_ptr(currcipher = sk_SSL_CIPHER_value(ciphers, 0))) | |
b4eee58a | 206 | goto end; |
b4eee58a MC |
207 | |
208 | /* | |
f865b081 MC |
209 | * No ciphers we are using are TLSv1.3 compatible so we should not attempt |
210 | * to negotiate TLSv1.3 | |
b4eee58a | 211 | */ |
f865b081 MC |
212 | if (!TEST_true(SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION))) |
213 | goto end; | |
b4eee58a | 214 | |
f3ab6c16 | 215 | if (!TEST_ptr(c_to_s_fbio = BIO_new(bio_f_tls_corrupt_filter()))) |
c5a56992 | 216 | goto end; |
c5a56992 AP |
217 | |
218 | /* BIO is freed by create_ssl_connection on error */ | |
f3ab6c16 RS |
219 | if (!TEST_true(create_ssl_objects(sctx, cctx, &server, &client, NULL, |
220 | c_to_s_fbio))) | |
c5a56992 | 221 | goto end; |
c5a56992 | 222 | |
f3ab6c16 | 223 | if (!TEST_true(create_ssl_connection(server, client, SSL_ERROR_NONE))) |
c5a56992 | 224 | goto end; |
c5a56992 | 225 | |
e60ce9c4 MC |
226 | docorrupt = 1; |
227 | ||
f3ab6c16 | 228 | if (!TEST_int_ge(SSL_write(client, junk, sizeof(junk)), 0)) |
c5a56992 | 229 | goto end; |
c5a56992 | 230 | |
f3ab6c16 | 231 | if (!TEST_int_lt(SSL_read(server, junk, sizeof(junk)), 0)) |
c5a56992 | 232 | goto end; |
c5a56992 | 233 | |
f3ab6c16 RS |
234 | if (!TEST_int_eq(ERR_GET_REASON(ERR_peek_error()), |
235 | SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC)) | |
c5a56992 | 236 | goto end; |
c5a56992 AP |
237 | |
238 | testresult = 1; | |
239 | end: | |
240 | SSL_free(server); | |
241 | SSL_free(client); | |
242 | SSL_CTX_free(sctx); | |
243 | SSL_CTX_free(cctx); | |
c5a56992 AP |
244 | return testresult; |
245 | } | |
246 | ||
ad887416 | 247 | int setup_tests(void) |
c5a56992 | 248 | { |
ad887416 | 249 | int n; |
c5a56992 | 250 | |
ad887416 P |
251 | if (!TEST_ptr(cert = test_get_argument(0)) |
252 | || !TEST_ptr(privkey = test_get_argument(1))) { | |
253 | TEST_note("Usage error: require cert and private key files"); | |
254 | return 0; | |
c5a56992 | 255 | } |
c5a56992 | 256 | |
019e47ce | 257 | n = setup_cipher_list(); |
ad887416 | 258 | if (n > 0) |
019e47ce | 259 | ADD_ALL_TESTS(test_ssl_corrupt, n); |
ad887416 P |
260 | return 1; |
261 | } | |
262 | ||
263 | void cleanup_tests(void) | |
264 | { | |
c5a56992 | 265 | bio_f_tls_corrupt_filter_free(); |
c5a56992 | 266 | OPENSSL_free(cipher_list); |
c5a56992 | 267 | } |