[thirdparty/openssl.git] / test / recipes / 70-test_sslextension.t

#! /usr/bin/env perl
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License").  You may not use
# this file except in compliance with the License.  You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html

use strict;
use feature 'state';

use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
use OpenSSL::Test::Utils;
use TLSProxy::Proxy;

my $test_name = "test_sslextension";
setup($test_name);

plan skip_all => "TLSProxy isn't usable on $^O"
    if $^O =~ /^(VMS)$/;

plan skip_all => "$test_name needs the dynamic engine feature enabled"
    if disabled("engine") || disabled("dynamic-engine");

plan skip_all => "$test_name needs the sock feature enabled"
    if disabled("sock");

plan skip_all => "$test_name needs TLS enabled"
    if alldisabled(available_protocols("tls"));

my $no_below_tls13 = alldisabled(("tls1", "tls1_1", "tls1_2"))
                     || (!disabled("tls1_3") && disabled("tls1_2"));

use constant {
    UNSOLICITED_SERVER_NAME => 0,
    UNSOLICITED_SERVER_NAME_TLS13 => 1,
    UNSOLICITED_SCT => 2,
    NONCOMPLIANT_SUPPORTED_GROUPS => 3
};

my $testtype;
my $fatal_alert = 0;    # set by filter on fatal alert

$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
my $proxy = TLSProxy::Proxy->new(
    \&inject_duplicate_extension_clienthello,
    cmdstr(app(["openssl"]), display => 1),
    srctop_file("apps", "server.pem"),
    (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
);


sub extension_filter
{
    my $proxy = shift;

    if ($proxy->flight == 1) {
        # Change the ServerRandom so that the downgrade sentinel doesn't cause
        # the connection to fail
        my $message = ${$proxy->message_list}[1];
        $message->random("\0"x32);
        $message->repack();
        return;
    }

    # We're only interested in the initial ClientHello
    if ($proxy->flight != 0) {
        return;
    }

    foreach my $message (@{$proxy->message_list}) {
        if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) {
            # Remove all extensions and set the extension len to zero
            $message->extension_data({});
            $message->extensions_len(0);
            # Extensions have been removed so make sure we don't try to use them
            $message->process_extensions();

            $message->repack();
        }
    }
}

sub inject_duplicate_extension
{
  my ($proxy, $message_type) = @_;

    foreach my $message (@{$proxy->message_list}) {
        if ($message->mt == $message_type) {
          my %extensions = %{$message->extension_data};
            # Add a duplicate extension. We use cryptopro_bug since we never
            # normally write that one, and it is allowed as unsolicited in the
            # ServerHello
            $message->set_extension(TLSProxy::Message::EXT_CRYPTOPRO_BUG_EXTENSION, "");
            $message->dupext(TLSProxy::Message::EXT_CRYPTOPRO_BUG_EXTENSION);
            $message->repack();
        }
    }
}

sub inject_duplicate_extension_clienthello
{
    my $proxy = shift;

    # We're only interested in the initial ClientHello
    if ($proxy->flight == 0) {
        inject_duplicate_extension($proxy, TLSProxy::Message::MT_CLIENT_HELLO);
        return;
    }

    my $last_record = @{$proxy->{record_list}}[-1];
    $fatal_alert = 1 if $last_record->is_fatal_alert(1);
}

sub inject_duplicate_extension_serverhello
{
    my $proxy = shift;

    # We're only interested in the initial ServerHello
    if ($proxy->flight == 0) {
        return;
    } elsif ($proxy->flight == 1) {
        inject_duplicate_extension($proxy, TLSProxy::Message::MT_SERVER_HELLO);
        return;
    }

    my $last_record = @{$proxy->{record_list}}[-1];
    $fatal_alert = 1 if $last_record->is_fatal_alert(0);
}

sub inject_unsolicited_extension
{
    my $proxy = shift;
    my $message;
    state $sent_unsolisited_extension;

    if ($proxy->flight == 0) {
        $sent_unsolisited_extension = 0;
        return;
    }

    # We're only interested in the initial ServerHello/EncryptedExtensions
    if ($proxy->flight != 1) {
        if ($sent_unsolisited_extension) {
            my $last_record = @{$proxy->record_list}[-1];
            $fatal_alert = 1 if $last_record->is_fatal_alert(0);
        }
        return;
    }

    if ($testtype == UNSOLICITED_SERVER_NAME_TLS13) {
        return if (!defined($message = ${$proxy->message_list}[2]));
        die "Expecting EE message ".($message->mt).","
                                   .${$proxy->message_list}[1]->mt.", "
                                   .${$proxy->message_list}[3]->mt
            if $message->mt != TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS;
    } else {
        $message = ${$proxy->message_list}[1];
    }

    my $ext = pack "C2",
        0x00, 0x00; #Extension length

    my $type;
    if ($testtype == UNSOLICITED_SERVER_NAME
            || $testtype == UNSOLICITED_SERVER_NAME_TLS13) {
        $type = TLSProxy::Message::EXT_SERVER_NAME;
    } elsif ($testtype == UNSOLICITED_SCT) {
        $type = TLSProxy::Message::EXT_SCT;
    } elsif ($testtype == NONCOMPLIANT_SUPPORTED_GROUPS) {
        $type = TLSProxy::Message::EXT_SUPPORTED_GROUPS;
    }
    $message->set_extension($type, $ext);
    $message->repack();
    $sent_unsolisited_extension = 1;
}

sub inject_cryptopro_extension
{
    my $proxy = shift;

    # We're only interested in the initial ClientHello
    if ($proxy->flight != 0) {
        return;
    }

    my $message = ${$proxy->message_list}[0];
    $message->set_extension(TLSProxy::Message::EXT_CRYPTOPRO_BUG_EXTENSION, "");
    $message->repack();
}

# Test 1-2: Sending a duplicate extension should fail.
$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
plan tests => 8;
ok($fatal_alert, "Duplicate ClientHello extension");

$fatal_alert = 0;
$proxy->clear();
$proxy->filter(\&inject_duplicate_extension_serverhello);
$proxy->start();
ok($fatal_alert, "Duplicate ServerHello extension");

SKIP: {
    skip "TLS <= 1.2 disabled", 3 if $no_below_tls13;

    #Test 3: Sending a zero length extension block should pass
    $proxy->clear();
    $proxy->filter(\&extension_filter);
    $proxy->start();
    ok(TLSProxy::Message->success, "Zero extension length test");

    #Test 4: Inject an unsolicited extension (<= TLSv1.2)
    $fatal_alert = 0;
    $proxy->clear();
    $proxy->filter(\&inject_unsolicited_extension);
    $testtype = UNSOLICITED_SERVER_NAME;
    $proxy->clientflags("-no_tls1_3 -noservername");
    $proxy->start();
    ok($fatal_alert, "Unsolicited server name extension");
}
SKIP: {
    skip "TLS <= 1.2 disabled or EC disabled", 1
        if $no_below_tls13 || disabled("ec");
    #Test 5: Inject a noncompliant supported_groups extension (<= TLSv1.2)
    $proxy->clear();
    $proxy->filter(\&inject_unsolicited_extension);
    $testtype = NONCOMPLIANT_SUPPORTED_GROUPS;
    $proxy->clientflags("-no_tls1_3");
    $proxy->start();
    ok(TLSProxy::Message->success(), "Noncompliant supported_groups extension");
}

SKIP: {
    skip "TLS <= 1.2 or CT disabled", 1
        if $no_below_tls13 || disabled("ct");
    #Test 6: Same as above for the SCT extension which has special handling
    $fatal_alert = 0;
    $proxy->clear();
    $testtype = UNSOLICITED_SCT;
    $proxy->clientflags("-no_tls1_3");
    $proxy->start();
    ok($fatal_alert, "Unsolicited sct extension");
}

SKIP: {
    skip "TLS 1.3 disabled", 1 if disabled("tls1_3");
    #Test 7: Inject an unsolicited extension (TLSv1.3)
    $fatal_alert = 0;
    $proxy->clear();
    $proxy->filter(\&inject_unsolicited_extension);
    $testtype = UNSOLICITED_SERVER_NAME_TLS13;
    $proxy->clientflags("-noservername");
    $proxy->start();
    ok($fatal_alert, "Unsolicited server name extension (TLSv1.3)");
}

#Test 8: Send the cryptopro extension in a ClientHello. Normally this is an
#        unsolicited extension only ever seen in the ServerHello. We should
#        ignore it in a ClientHello
$proxy->clear();
$proxy->filter(\&inject_cryptopro_extension);
$proxy->start();
ok(TLSProxy::Message->success(), "Cryptopro extension in ClientHello");
Commit	Line	Data
596d6b7e	1	#! /usr/bin/env perl
3c7d0945	2	# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
011467ee	3	#
909f1a2e	4	# Licensed under the Apache License 2.0 (the "License"). You may not use
596d6b7e RS	5	# this file except in compliance with the License. You can obtain a copy
	6	# in the file LICENSE in the source distribution or at
	7	# https://www.openssl.org/source/license.html
011467ee MC	8
011467ee MC	9	use strict;
c4220c0f AP	10	use feature 'state';
c4220c0f AP	11
42e0ccdf	12	use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
3f22ed2f	13	use OpenSSL::Test::Utils;
011467ee MC	14	use TLSProxy::Proxy;
011467ee MC	15
25be5f44 RL	16	my $test_name = "test_sslextension";
	17	setup($test_name);
	18
60f9f1e1	19	plan skip_all => "TLSProxy isn't usable on $^O"
c5856878	20	if $^O =~ /^(VMS)$/;
60f9f1e1	21
2dd400bd	22	plan skip_all => "$test_name needs the dynamic engine feature enabled"
19ab5790	23	if disabled("engine") \|\| disabled("dynamic-engine");
25be5f44	24
f9e55034 MC	25	plan skip_all => "$test_name needs the sock feature enabled"
	26	if disabled("sock");
	27
b273fcc5 MC	28	plan skip_all => "$test_name needs TLS enabled"
	29	if alldisabled(available_protocols("tls"));
	30
c423ecaa MC	31	my $no_below_tls13 = alldisabled(("tls1", "tls1_1", "tls1_2"))
	32	\|\| (!disabled("tls1_3") && disabled("tls1_2"));
	33
56c2a6d7 MC	34	use constant {
	35	UNSOLICITED_SERVER_NAME => 0,
	36	UNSOLICITED_SERVER_NAME_TLS13 => 1,
767938fa BK	37	UNSOLICITED_SCT => 2,
767938fa BK	38	NONCOMPLIANT_SUPPORTED_GROUPS => 3
56c2a6d7 MC	39	};
	40
	41	my $testtype;
c4220c0f	42	my $fatal_alert = 0; # set by filter on fatal alert
56c2a6d7	43
25be5f44	44	$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
011467ee	45	my $proxy = TLSProxy::Proxy->new(
c423ecaa	46	\&inject_duplicate_extension_clienthello,
25c78440	47	cmdstr(app(["openssl"]), display => 1),
b44b935e RL	48	srctop_file("apps", "server.pem"),
b44b935e RL	49	(!$ENV{HARNESS_ACTIVE} \|\| $ENV{HARNESS_VERBOSE})
011467ee MC	50	);
011467ee MC	51
011467ee MC	52
	53	sub extension_filter
	54	{
	55	my $proxy = shift;
	56
b9647e34 MC	57	if ($proxy->flight == 1) {
	58	# Change the ServerRandom so that the downgrade sentinel doesn't cause
	59	# the connection to fail
	60	my $message = ${$proxy->message_list}[1];
	61	$message->random("\0"x32);
	62	$message->repack();
	63	return;
	64	}
	65
011467ee MC	66	# We're only interested in the initial ClientHello
	67	if ($proxy->flight != 0) {
	68	return;
	69	}
	70
	71	foreach my $message (@{$proxy->message_list}) {
	72	if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) {
aa474d1f	73	# Remove all extensions and set the extension len to zero
011467ee MC	74	$message->extension_data({});
011467ee MC	75	$message->extensions_len(0);
aa474d1f	76	# Extensions have been removed so make sure we don't try to use them
011467ee MC	77	$message->process_extensions();
	78
	79	$message->repack();
	80	}
	81	}
	82	}
aa474d1f	83
aa474d1f EK	84	sub inject_duplicate_extension
	85	{
	86	my ($proxy, $message_type) = @_;
	87
	88	foreach my $message (@{$proxy->message_list}) {
	89	if ($message->mt == $message_type) {
	90	my %extensions = %{$message->extension_data};
9effc496 MC	91	# Add a duplicate extension. We use cryptopro_bug since we never
	92	# normally write that one, and it is allowed as unsolicited in the
	93	# ServerHello
	94	$message->set_extension(TLSProxy::Message::EXT_CRYPTOPRO_BUG_EXTENSION, "");
	95	$message->dupext(TLSProxy::Message::EXT_CRYPTOPRO_BUG_EXTENSION);
aa474d1f EK	96	$message->repack();
	97	}
	98	}
	99	}
	100
	101	sub inject_duplicate_extension_clienthello
	102	{
	103	my $proxy = shift;
	104
	105	# We're only interested in the initial ClientHello
c4220c0f AP	106	if ($proxy->flight == 0) {
c4220c0f AP	107	inject_duplicate_extension($proxy, TLSProxy::Message::MT_CLIENT_HELLO);
aa474d1f EK	108	return;
	109	}
	110
c4220c0f AP	111	my $last_record = @{$proxy->{record_list}}[-1];
c4220c0f AP	112	$fatal_alert = 1 if $last_record->is_fatal_alert(1);
aa474d1f EK	113	}
	114
	115	sub inject_duplicate_extension_serverhello
	116	{
	117	my $proxy = shift;
	118
	119	# We're only interested in the initial ServerHello
c4220c0f AP	120	if ($proxy->flight == 0) {
	121	return;
	122	} elsif ($proxy->flight == 1) {
	123	inject_duplicate_extension($proxy, TLSProxy::Message::MT_SERVER_HELLO);
aa474d1f EK	124	return;
	125	}
	126
c4220c0f AP	127	my $last_record = @{$proxy->{record_list}}[-1];
c4220c0f AP	128	$fatal_alert = 1 if $last_record->is_fatal_alert(0);
aa474d1f EK	129	}
aa474d1f EK	130
56c2a6d7 MC	131	sub inject_unsolicited_extension
	132	{
	133	my $proxy = shift;
	134	my $message;
c4220c0f AP	135	state $sent_unsolisited_extension;
	136
	137	if ($proxy->flight == 0) {
	138	$sent_unsolisited_extension = 0;
	139	return;
	140	}
56c2a6d7 MC	141
	142	# We're only interested in the initial ServerHello/EncryptedExtensions
	143	if ($proxy->flight != 1) {
c4220c0f AP	144	if ($sent_unsolisited_extension) {
	145	my $last_record = @{$proxy->record_list}[-1];
	146	$fatal_alert = 1 if $last_record->is_fatal_alert(0);
	147	}
56c2a6d7 MC	148	return;
	149	}
	150
	151	if ($testtype == UNSOLICITED_SERVER_NAME_TLS13) {
c4220c0f AP	152	return if (!defined($message = ${$proxy->message_list}[2]));
	153	die "Expecting EE message ".($message->mt).","
	154	.${$proxy->message_list}[1]->mt.", "
	155	.${$proxy->message_list}[3]->mt
	156	if $message->mt != TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS;
56c2a6d7 MC	157	} else {
	158	$message = ${$proxy->message_list}[1];
	159	}
	160
	161	my $ext = pack "C2",
	162	0x00, 0x00; #Extension length
	163
	164	my $type;
	165	if ($testtype == UNSOLICITED_SERVER_NAME
	166	\|\| $testtype == UNSOLICITED_SERVER_NAME_TLS13) {
	167	$type = TLSProxy::Message::EXT_SERVER_NAME;
	168	} elsif ($testtype == UNSOLICITED_SCT) {
	169	$type = TLSProxy::Message::EXT_SCT;
767938fa BK	170	} elsif ($testtype == NONCOMPLIANT_SUPPORTED_GROUPS) {
767938fa BK	171	$type = TLSProxy::Message::EXT_SUPPORTED_GROUPS;
56c2a6d7 MC	172	}
	173	$message->set_extension($type, $ext);
	174	$message->repack();
c4220c0f	175	$sent_unsolisited_extension = 1;
56c2a6d7 MC	176	}
56c2a6d7 MC	177
9effc496 MC	178	sub inject_cryptopro_extension
	179	{
	180	my $proxy = shift;
	181
	182	# We're only interested in the initial ClientHello
	183	if ($proxy->flight != 0) {
	184	return;
	185	}
	186
	187	my $message = ${$proxy->message_list}[0];
	188	$message->set_extension(TLSProxy::Message::EXT_CRYPTOPRO_BUG_EXTENSION, "");
	189	$message->repack();
	190	}
	191
c423ecaa MC	192	# Test 1-2: Sending a duplicate extension should fail.
c423ecaa MC	193	$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
9effc496	194	plan tests => 8;
c4220c0f	195	ok($fatal_alert, "Duplicate ClientHello extension");
c423ecaa	196
c4220c0f	197	$fatal_alert = 0;
c423ecaa MC	198	$proxy->clear();
	199	$proxy->filter(\&inject_duplicate_extension_serverhello);
	200	$proxy->start();
c4220c0f	201	ok($fatal_alert, "Duplicate ServerHello extension");
c423ecaa	202
56c2a6d7	203	SKIP: {
c423ecaa MC	204	skip "TLS <= 1.2 disabled", 3 if $no_below_tls13;
	205
	206	#Test 3: Sending a zero length extension block should pass
	207	$proxy->clear();
	208	$proxy->filter(\&extension_filter);
	209	$proxy->start();
	210	ok(TLSProxy::Message->success, "Zero extension length test");
	211
56c2a6d7	212	#Test 4: Inject an unsolicited extension (<= TLSv1.2)
c4220c0f	213	$fatal_alert = 0;
56c2a6d7 MC	214	$proxy->clear();
	215	$proxy->filter(\&inject_unsolicited_extension);
	216	$testtype = UNSOLICITED_SERVER_NAME;
	217	$proxy->clientflags("-no_tls1_3 -noservername");
	218	$proxy->start();
c4220c0f	219	ok($fatal_alert, "Unsolicited server name extension");
dbc6268f MC	220	}
	221	SKIP: {
	222	skip "TLS <= 1.2 disabled or EC disabled", 1
	223	if $no_below_tls13 \|\| disabled("ec");
767938fa BK	224	#Test 5: Inject a noncompliant supported_groups extension (<= TLSv1.2)
	225	$proxy->clear();
	226	$proxy->filter(\&inject_unsolicited_extension);
	227	$testtype = NONCOMPLIANT_SUPPORTED_GROUPS;
	228	$proxy->clientflags("-no_tls1_3");
	229	$proxy->start();
	230	ok(TLSProxy::Message->success(), "Noncompliant supported_groups extension");
a5e65f7c	231	}
56c2a6d7	232
a5e65f7c MC	233	SKIP: {
a5e65f7c MC	234	skip "TLS <= 1.2 or CT disabled", 1
c423ecaa	235	if $no_below_tls13 \|\| disabled("ct");
767938fa	236	#Test 6: Same as above for the SCT extension which has special handling
c4220c0f	237	$fatal_alert = 0;
56c2a6d7 MC	238	$proxy->clear();
	239	$testtype = UNSOLICITED_SCT;
	240	$proxy->clientflags("-no_tls1_3");
	241	$proxy->start();
c4220c0f	242	ok($fatal_alert, "Unsolicited sct extension");
56c2a6d7 MC	243	}
	244
	245	SKIP: {
	246	skip "TLS 1.3 disabled", 1 if disabled("tls1_3");
767938fa	247	#Test 7: Inject an unsolicited extension (TLSv1.3)
c4220c0f	248	$fatal_alert = 0;
56c2a6d7 MC	249	$proxy->clear();
	250	$proxy->filter(\&inject_unsolicited_extension);
	251	$testtype = UNSOLICITED_SERVER_NAME_TLS13;
	252	$proxy->clientflags("-noservername");
	253	$proxy->start();
c4220c0f	254	ok($fatal_alert, "Unsolicited server name extension (TLSv1.3)");
56c2a6d7	255	}
9effc496 MC	256
	257	#Test 8: Send the cryptopro extension in a ClientHello. Normally this is an
	258	# unsolicited extension only ever seen in the ServerHello. We should
	259	# ignore it in a ClientHello
	260	$proxy->clear();
	261	$proxy->filter(\&inject_cryptopro_extension);
	262	$proxy->start();
	263	ok(TLSProxy::Message->success(), "Cryptopro extension in ClientHello");