]>
Commit | Line | Data |
---|---|---|
f50306c2 | 1 | #! /usr/bin/env perl |
6738bf14 | 2 | # Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. |
f50306c2 MC |
3 | # |
4 | # Licensed under the OpenSSL license (the "License"). You may not use | |
5 | # this file except in compliance with the License. You can obtain a copy | |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
1e566129 | 9 | package checkhandshake; |
f50306c2 MC |
10 | |
11 | use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/; | |
12 | use OpenSSL::Test::Utils; | |
13 | use TLSProxy::Proxy; | |
14 | ||
15 | use Exporter; | |
16 | our @ISA = 'Exporter'; | |
17 | our @EXPORT = qw(@handmessages @extensions checkhandshake); | |
18 | ||
19 | use constant { | |
20 | DEFAULT_HANDSHAKE => 1, | |
21 | OCSP_HANDSHAKE => 2, | |
22 | RESUME_HANDSHAKE => 4, | |
23 | CLIENT_AUTH_HANDSHAKE => 8, | |
24 | RENEG_HANDSHAKE => 16, | |
60ea0034 | 25 | NPN_HANDSHAKE => 32, |
397f4f78 | 26 | EC_HANDSHAKE => 64, |
d542790b MC |
27 | HRR_HANDSHAKE => 128, |
28 | HRR_RESUME_HANDSHAKE => 256, | |
f50306c2 | 29 | |
d542790b | 30 | ALL_HANDSHAKES => 511 |
f50306c2 MC |
31 | }; |
32 | ||
33 | use constant { | |
11ba87f2 MC |
34 | #DEFAULT also includes SESSION_TICKET_SRV_EXTENSION and SERVER_NAME_CLI |
35 | DEFAULT_EXTENSIONS => 0x00000007, | |
f50306c2 MC |
36 | SESSION_TICKET_SRV_EXTENSION => 0x00000002, |
37 | SERVER_NAME_CLI_EXTENSION => 0x00000004, | |
38 | SERVER_NAME_SRV_EXTENSION => 0x00000008, | |
39 | STATUS_REQUEST_CLI_EXTENSION => 0x00000010, | |
40 | STATUS_REQUEST_SRV_EXTENSION => 0x00000020, | |
41 | ALPN_CLI_EXTENSION => 0x00000040, | |
42 | ALPN_SRV_EXTENSION => 0x00000080, | |
43 | SCT_CLI_EXTENSION => 0x00000100, | |
60ea0034 MC |
44 | SCT_SRV_EXTENSION => 0x00000200, |
45 | RENEGOTIATE_CLI_EXTENSION => 0x00000400, | |
46 | NPN_CLI_EXTENSION => 0x00000800, | |
47 | NPN_SRV_EXTENSION => 0x00001000, | |
48 | SRP_CLI_EXTENSION => 0x00002000, | |
397f4f78 MC |
49 | #Client side for ec point formats is a default extension |
50 | EC_POINT_FORMAT_SRV_EXTENSION => 0x00004000, | |
a23bb15a | 51 | PSK_CLI_EXTENSION => 0x00008000, |
3ae6b5f8 MC |
52 | PSK_SRV_EXTENSION => 0x00010000, |
53 | KEY_SHARE_SRV_EXTENSION => 0x00020000, | |
d542790b | 54 | PSK_KEX_MODES_EXTENSION => 0x00040000, |
de65f7b9 | 55 | KEY_SHARE_HRR_EXTENSION => 0x00080000, |
9d75dce3 TS |
56 | SUPPORTED_GROUPS_SRV_EXTENSION => 0x00100000, |
57 | POST_HANDSHAKE_AUTH_CLI_EXTENSION => 0x00200000 | |
f50306c2 MC |
58 | }; |
59 | ||
60 | our @handmessages = (); | |
61 | our @extensions = (); | |
62 | ||
63 | sub checkhandshake($$$$) | |
64 | { | |
65 | my ($proxy, $handtype, $exttype, $testname) = @_; | |
66 | ||
67 | subtest $testname => sub { | |
68 | my $loop = 0; | |
69 | my $numtests; | |
70 | my $extcount; | |
71 | my $clienthelloseen = 0; | |
72 | ||
597c51bc MC |
73 | my $lastmt = 0; |
74 | my $numsh = 0; | |
75 | if (TLSProxy::Proxy::is_tls13()) { | |
76 | #How many ServerHellos are we expecting? | |
77 | for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) { | |
78 | next if (($handmessages[$loop][1] & $handtype) == 0); | |
79 | $numsh++ if ($lastmt != TLSProxy::Message::MT_SERVER_HELLO | |
80 | && $handmessages[$loop][0] == TLSProxy::Message::MT_SERVER_HELLO); | |
81 | $lastmt = $handmessages[$loop][0]; | |
82 | } | |
83 | } | |
84 | ||
f50306c2 | 85 | #First count the number of tests |
f6cec2d8 MC |
86 | my $nextmess = 0; |
87 | my $message = undef; | |
d542790b | 88 | my $chnum = 0; |
597c51bc MC |
89 | my $shnum = 0; |
90 | if (!TLSProxy::Proxy::is_tls13()) { | |
91 | # In non-TLSv1.3 we always treat reneg CH and SH like the first CH | |
92 | # and SH | |
93 | $chnum = 1; | |
94 | $shnum = 1; | |
95 | } | |
96 | #If we're only expecting one ServerHello out of two then we skip the | |
97 | #first ServerHello in the list completely | |
98 | $shnum++ if ($numsh == 1 && TLSProxy::Proxy::is_tls13()); | |
99 | $loop = 0; | |
f50306c2 | 100 | for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) { |
f6cec2d8 MC |
101 | next if (($handmessages[$loop][1] & $handtype) == 0); |
102 | if (scalar @{$proxy->message_list} > $nextmess) { | |
103 | $message = ${$proxy->message_list}[$nextmess]; | |
104 | $nextmess++; | |
105 | } else { | |
106 | $message = undef; | |
107 | } | |
108 | $numtests++; | |
109 | ||
110 | next if (!defined $message); | |
597c51bc MC |
111 | if (TLSProxy::Proxy::is_tls13()) { |
112 | $chnum++ if $message->mt() == TLSProxy::Message::MT_CLIENT_HELLO; | |
113 | $shnum++ if $message->mt() == TLSProxy::Message::MT_SERVER_HELLO; | |
114 | } | |
f6cec2d8 MC |
115 | next if ($message->mt() != TLSProxy::Message::MT_CLIENT_HELLO |
116 | && $message->mt() != TLSProxy::Message::MT_SERVER_HELLO | |
117 | && $message->mt() != | |
118 | TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS | |
119 | && $message->mt() != TLSProxy::Message::MT_CERTIFICATE); | |
120 | ||
121 | next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE | |
122 | && !TLSProxy::Proxy::is_tls13(); | |
f50306c2 | 123 | |
597c51bc MC |
124 | my $extchnum = 1; |
125 | my $extshnum = 1; | |
f6cec2d8 MC |
126 | for (my $extloop = 0; |
127 | $extensions[$extloop][2] != 0; | |
128 | $extloop++) { | |
597c51bc | 129 | $extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO |
d542790b | 130 | && TLSProxy::Proxy::is_tls13(); |
597c51bc MC |
131 | $extshnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_SERVER_HELLO |
132 | && $extchnum == 2; | |
d542790b MC |
133 | next if $extensions[$extloop][0] == TLSProxy::Message::MT_CLIENT_HELLO |
134 | && $extchnum != $chnum; | |
597c51bc MC |
135 | next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO |
136 | && $extshnum != $shnum; | |
f6cec2d8 MC |
137 | next if ($message->mt() != $extensions[$extloop][0]); |
138 | $numtests++; | |
139 | } | |
140 | $numtests++; | |
f50306c2 | 141 | } |
f50306c2 MC |
142 | |
143 | plan tests => $numtests; | |
144 | ||
f6cec2d8 MC |
145 | $nextmess = 0; |
146 | $message = undef; | |
597c51bc MC |
147 | if (TLSProxy::Proxy::is_tls13()) { |
148 | $chnum = 0; | |
149 | $shnum = 0; | |
150 | } else { | |
151 | # In non-TLSv1.3 we always treat reneg CH and SH like the first CH | |
152 | # and SH | |
153 | $chnum = 1; | |
154 | $shnum = 1; | |
155 | } | |
156 | #If we're only expecting one ServerHello out of two then we skip the | |
157 | #first ServerHello in the list completely | |
158 | $shnum++ if ($numsh == 1 && TLSProxy::Proxy::is_tls13()); | |
f50306c2 MC |
159 | for ($loop = 0; $handmessages[$loop][1] != 0; $loop++) { |
160 | next if (($handmessages[$loop][1] & $handtype) == 0); | |
161 | if (scalar @{$proxy->message_list} > $nextmess) { | |
162 | $message = ${$proxy->message_list}[$nextmess]; | |
163 | $nextmess++; | |
164 | } else { | |
165 | $message = undef; | |
166 | } | |
167 | if (!defined $message) { | |
168 | fail("Message type check. Got nothing, expected " | |
169 | .$handmessages[$loop][0]); | |
170 | next; | |
171 | } else { | |
172 | ok($message->mt == $handmessages[$loop][0], | |
173 | "Message type check. Got ".$message->mt | |
174 | .", expected ".$handmessages[$loop][0]); | |
175 | } | |
597c51bc MC |
176 | if (TLSProxy::Proxy::is_tls13()) { |
177 | $chnum++ if $message->mt() == TLSProxy::Message::MT_CLIENT_HELLO; | |
178 | $shnum++ if $message->mt() == TLSProxy::Message::MT_SERVER_HELLO; | |
179 | } | |
f50306c2 MC |
180 | |
181 | next if ($message->mt() != TLSProxy::Message::MT_CLIENT_HELLO | |
182 | && $message->mt() != TLSProxy::Message::MT_SERVER_HELLO | |
183 | && $message->mt() != | |
e96e0f8e MC |
184 | TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS |
185 | && $message->mt() != TLSProxy::Message::MT_CERTIFICATE); | |
186 | ||
187 | next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE | |
188 | && !TLSProxy::Proxy::is_tls13(); | |
f50306c2 MC |
189 | |
190 | if ($message->mt() == TLSProxy::Message::MT_CLIENT_HELLO) { | |
191 | #Add renegotiate extension we will expect if renegotiating | |
f6cec2d8 MC |
192 | $exttype |= RENEGOTIATE_CLI_EXTENSION |
193 | if ($clienthelloseen && !TLSProxy::Proxy::is_tls13()); | |
f50306c2 MC |
194 | $clienthelloseen = 1; |
195 | } | |
196 | #Now check that we saw the extensions we expected | |
197 | my $msgexts = $message->extension_data(); | |
597c51bc MC |
198 | my $extchnum = 1; |
199 | my $extshnum = 1; | |
f50306c2 MC |
200 | for (my $extloop = 0, $extcount = 0; $extensions[$extloop][2] != 0; |
201 | $extloop++) { | |
d542790b MC |
202 | #In TLSv1.3 we can have two ClientHellos if there has been a |
203 | #HelloRetryRequest, and they may have different extensions. Skip | |
204 | #if these are extensions for a different ClientHello | |
597c51bc | 205 | $extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO |
d542790b | 206 | && TLSProxy::Proxy::is_tls13(); |
597c51bc MC |
207 | $extshnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_SERVER_HELLO |
208 | && $extchnum == 2; | |
d542790b MC |
209 | next if $extensions[$extloop][0] == TLSProxy::Message::MT_CLIENT_HELLO |
210 | && $extchnum != $chnum; | |
597c51bc MC |
211 | next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO |
212 | && $extshnum != $shnum; | |
f50306c2 MC |
213 | next if ($message->mt() != $extensions[$extloop][0]); |
214 | ok (($extensions[$extloop][2] & $exttype) == 0 | |
215 | || defined ($msgexts->{$extensions[$extloop][1]}), | |
216 | "Extension presence check (Message: ".$message->mt() | |
217 | ." Extension: ".($extensions[$extloop][2] & $exttype).", " | |
218 | .$extloop.")"); | |
219 | $extcount++ if (($extensions[$extloop][2] & $exttype) != 0); | |
f6cec2d8 | 220 | } |
f50306c2 MC |
221 | ok($extcount == keys %$msgexts, "Extensions count mismatch (" |
222 | .$extcount.", ".(keys %$msgexts) | |
223 | .")"); | |
224 | } | |
225 | } | |
226 | } | |
227 | ||
228 | 1; |