]>
Commit | Line | Data |
---|---|---|
74726750 | 1 | # -*- mode: perl; -*- |
b0edda11 | 2 | # Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. |
74726750 | 3 | # |
909f1a2e | 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use |
74726750 EK |
5 | # this file except in compliance with the License. You can obtain a copy |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
9 | ||
10 | ## Test version negotiation | |
11 | ||
12 | package ssltests; | |
13 | ||
14 | use strict; | |
15 | use warnings; | |
16 | ||
17 | use List::Util qw/max min/; | |
18 | ||
19 | use OpenSSL::Test; | |
1763ab10 | 20 | use OpenSSL::Test::Utils qw/anydisabled alldisabled disabled/; |
74726750 EK |
21 | setup("no_test_here"); |
22 | ||
582a17d6 | 23 | my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"); |
74726750 | 24 | # undef stands for "no limit". |
582a17d6 MC |
25 | my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"); |
26 | my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3", undef); | |
74726750 | 27 | |
582a17d6 | 28 | my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3"); |
74726750 EK |
29 | |
30 | my $min_tls_enabled; my $max_tls_enabled; | |
31 | ||
32 | # Protocol configuration works in cascades, i.e., | |
33 | # $no_tls1_1 disables TLSv1.1 and below. | |
34 | # | |
35 | # $min_enabled and $max_enabled will be correct if there is at least one | |
36 | # protocol enabled. | |
37 | foreach my $i (0..$#tls_protocols) { | |
38 | if (!$is_tls_disabled[$i]) { | |
39 | $min_tls_enabled = $i; | |
40 | last; | |
41 | } | |
42 | } | |
43 | ||
44 | foreach my $i (0..$#tls_protocols) { | |
45 | if (!$is_tls_disabled[$i]) { | |
46 | $max_tls_enabled = $i; | |
47 | } | |
48 | } | |
49 | ||
50 | my @dtls_protocols = ("DTLSv1", "DTLSv1.2"); | |
51 | # undef stands for "no limit". | |
52 | my @min_dtls_protocols = (undef, "DTLSv1", "DTLSv1.2"); | |
53 | my @max_dtls_protocols = ("DTLSv1", "DTLSv1.2", undef); | |
54 | ||
55 | my @is_dtls_disabled = anydisabled("dtls1", "dtls1_2"); | |
56 | ||
57 | my $min_dtls_enabled; my $max_dtls_enabled; | |
58 | ||
59 | # $min_enabled and $max_enabled will be correct if there is at least one | |
60 | # protocol enabled. | |
61 | foreach my $i (0..$#dtls_protocols) { | |
62 | if (!$is_dtls_disabled[$i]) { | |
63 | $min_dtls_enabled = $i; | |
64 | last; | |
65 | } | |
66 | } | |
67 | ||
68 | foreach my $i (0..$#dtls_protocols) { | |
69 | if (!$is_dtls_disabled[$i]) { | |
70 | $max_dtls_enabled = $i; | |
71 | } | |
72 | } | |
73 | ||
590ed3d7 EK |
74 | sub no_tests { |
75 | my ($dtls) = @_; | |
76 | return $dtls ? alldisabled("dtls1", "dtls1_2") : | |
582a17d6 | 77 | alldisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3"); |
590ed3d7 EK |
78 | } |
79 | ||
80 | sub generate_version_tests { | |
74726750 EK |
81 | my ($method) = @_; |
82 | ||
83 | my $dtls = $method eq "DTLS"; | |
84 | # Don't write the redundant "Method = TLS" into the configuration. | |
590ed3d7 | 85 | undef $method if !$dtls; |
74726750 EK |
86 | |
87 | my @protocols = $dtls ? @dtls_protocols : @tls_protocols; | |
88 | my @min_protocols = $dtls ? @min_dtls_protocols : @min_tls_protocols; | |
89 | my @max_protocols = $dtls ? @max_dtls_protocols : @max_tls_protocols; | |
90 | my $min_enabled = $dtls ? $min_dtls_enabled : $min_tls_enabled; | |
91 | my $max_enabled = $dtls ? $max_dtls_enabled : $max_tls_enabled; | |
92 | ||
590ed3d7 | 93 | if (no_tests($dtls)) { |
74726750 EK |
94 | return; |
95 | } | |
96 | ||
97 | my @tests = (); | |
98 | ||
00da4f4d MC |
99 | for (my $sctp = 0; $sctp < ($dtls && !disabled("sctp") ? 2 : 1); $sctp++) { |
100 | foreach my $c_min (0..$#min_protocols) { | |
101 | my $c_max_min = $c_min == 0 ? 0 : $c_min - 1; | |
102 | foreach my $c_max ($c_max_min..$#max_protocols) { | |
103 | foreach my $s_min (0..$#min_protocols) { | |
104 | my $s_max_min = $s_min == 0 ? 0 : $s_min - 1; | |
105 | foreach my $s_max ($s_max_min..$#max_protocols) { | |
106 | my ($result, $protocol) = | |
107 | expected_result($c_min, $c_max, $s_min, $s_max, | |
108 | $min_enabled, $max_enabled, | |
109 | \@protocols); | |
110 | push @tests, { | |
111 | "name" => "version-negotiation", | |
112 | "client" => { | |
113 | "MinProtocol" => $min_protocols[$c_min], | |
114 | "MaxProtocol" => $max_protocols[$c_max], | |
115 | }, | |
116 | "server" => { | |
117 | "MinProtocol" => $min_protocols[$s_min], | |
118 | "MaxProtocol" => $max_protocols[$s_max], | |
119 | }, | |
120 | "test" => { | |
121 | "ExpectedResult" => $result, | |
122 | "ExpectedProtocol" => $protocol, | |
123 | "Method" => $method, | |
124 | } | |
125 | }; | |
126 | $tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; | |
127 | } | |
74726750 EK |
128 | } |
129 | } | |
130 | } | |
131 | } | |
975922fd MC |
132 | return @tests if disabled("tls1_3") || disabled("tls1_2") || $dtls; |
133 | ||
134 | #Add some version/ciphersuite sanity check tests | |
135 | push @tests, { | |
136 | "name" => "ciphersuite-sanity-check-client", | |
137 | "client" => { | |
138 | #Offering only <=TLSv1.2 ciphersuites with TLSv1.3 should fail | |
139 | "CipherString" => "AES128-SHA", | |
f865b081 | 140 | "Ciphersuites" => "", |
975922fd MC |
141 | }, |
142 | "server" => { | |
143 | "MaxProtocol" => "TLSv1.2" | |
144 | }, | |
145 | "test" => { | |
146 | "ExpectedResult" => "ClientFail", | |
147 | } | |
148 | }; | |
149 | push @tests, { | |
150 | "name" => "ciphersuite-sanity-check-server", | |
151 | "client" => { | |
152 | "CipherString" => "AES128-SHA", | |
153 | "MaxProtocol" => "TLSv1.2" | |
154 | }, | |
155 | "server" => { | |
156 | #Allowing only <=TLSv1.2 ciphersuites with TLSv1.3 should fail | |
157 | "CipherString" => "AES128-SHA", | |
f865b081 | 158 | "Ciphersuites" => "", |
975922fd MC |
159 | }, |
160 | "test" => { | |
161 | "ExpectedResult" => "ServerFail", | |
162 | } | |
163 | }; | |
164 | ||
74726750 EK |
165 | return @tests; |
166 | } | |
167 | ||
590ed3d7 EK |
168 | sub generate_resumption_tests { |
169 | my ($method) = @_; | |
170 | ||
171 | my $dtls = $method eq "DTLS"; | |
172 | # Don't write the redundant "Method = TLS" into the configuration. | |
173 | undef $method if !$dtls; | |
174 | ||
175 | my @protocols = $dtls ? @dtls_protocols : @tls_protocols; | |
176 | my $min_enabled = $dtls ? $min_dtls_enabled : $min_tls_enabled; | |
84a68336 | 177 | my $max_enabled = $dtls ? $max_dtls_enabled : $max_tls_enabled; |
590ed3d7 EK |
178 | |
179 | if (no_tests($dtls)) { | |
180 | return; | |
181 | } | |
182 | ||
11279b13 EK |
183 | my @server_tests = (); |
184 | my @client_tests = (); | |
590ed3d7 | 185 | |
11279b13 | 186 | # Obtain the first session against a fixed-version server/client. |
84a68336 | 187 | foreach my $original_protocol($min_enabled..$max_enabled) { |
11279b13 | 188 | # Upgrade or downgrade the server/client max version support and test |
590ed3d7 | 189 | # that it upgrades, downgrades or resumes the session as well. |
84a68336 | 190 | foreach my $resume_protocol($min_enabled..$max_enabled) { |
590ed3d7 EK |
191 | my $resumption_expected; |
192 | # We should only resume on exact version match. | |
193 | if ($original_protocol eq $resume_protocol) { | |
194 | $resumption_expected = "Yes"; | |
195 | } else { | |
196 | $resumption_expected = "No"; | |
197 | } | |
198 | ||
cf156009 MC |
199 | for (my $sctp = 0; $sctp < ($dtls && !disabled("sctp") ? 2 : 1); |
200 | $sctp++) { | |
201 | foreach my $ticket ("SessionTicket", "-SessionTicket") { | |
202 | # Client is flexible, server upgrades/downgrades. | |
203 | push @server_tests, { | |
204 | "name" => "resumption", | |
205 | "client" => { }, | |
206 | "server" => { | |
207 | "MinProtocol" => $protocols[$original_protocol], | |
208 | "MaxProtocol" => $protocols[$original_protocol], | |
209 | "Options" => $ticket, | |
210 | }, | |
211 | "resume_server" => { | |
212 | "MaxProtocol" => $protocols[$resume_protocol], | |
6cc0b3c2 | 213 | "Options" => $ticket, |
cf156009 MC |
214 | }, |
215 | "test" => { | |
216 | "ExpectedProtocol" => $protocols[$resume_protocol], | |
217 | "Method" => $method, | |
218 | "HandshakeMode" => "Resume", | |
219 | "ResumptionExpected" => $resumption_expected, | |
220 | } | |
221 | }; | |
222 | $server_tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; | |
223 | # Server is flexible, client upgrades/downgrades. | |
224 | push @client_tests, { | |
225 | "name" => "resumption", | |
226 | "client" => { | |
227 | "MinProtocol" => $protocols[$original_protocol], | |
228 | "MaxProtocol" => $protocols[$original_protocol], | |
229 | }, | |
230 | "server" => { | |
231 | "Options" => $ticket, | |
232 | }, | |
233 | "resume_client" => { | |
234 | "MaxProtocol" => $protocols[$resume_protocol], | |
235 | }, | |
236 | "test" => { | |
237 | "ExpectedProtocol" => $protocols[$resume_protocol], | |
238 | "Method" => $method, | |
239 | "HandshakeMode" => "Resume", | |
240 | "ResumptionExpected" => $resumption_expected, | |
241 | } | |
242 | }; | |
243 | $client_tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; | |
244 | } | |
590ed3d7 EK |
245 | } |
246 | } | |
247 | } | |
248 | ||
1763ab10 MC |
249 | if (!disabled("tls1_3") && !$dtls) { |
250 | push @client_tests, { | |
251 | "name" => "resumption-with-hrr", | |
252 | "client" => { | |
253 | }, | |
254 | "server" => { | |
dbc6268f | 255 | "Curves" => disabled("ec") ? "ffdhe3072" : "P-256" |
1763ab10 MC |
256 | }, |
257 | "resume_client" => { | |
258 | }, | |
259 | "test" => { | |
260 | "ExpectedProtocol" => "TLSv1.3", | |
261 | "Method" => "TLS", | |
262 | "HandshakeMode" => "Resume", | |
263 | "ResumptionExpected" => "Yes", | |
264 | } | |
265 | }; | |
266 | } | |
267 | ||
11279b13 | 268 | return (@server_tests, @client_tests); |
590ed3d7 EK |
269 | } |
270 | ||
74726750 EK |
271 | sub expected_result { |
272 | my ($c_min, $c_max, $s_min, $s_max, $min_enabled, $max_enabled, | |
273 | $protocols) = @_; | |
274 | ||
275 | # Adjust for "undef" (no limit). | |
276 | $c_min = $c_min == 0 ? 0 : $c_min - 1; | |
277 | $c_max = $c_max == scalar @$protocols ? $c_max - 1 : $c_max; | |
278 | $s_min = $s_min == 0 ? 0 : $s_min - 1; | |
279 | $s_max = $s_max == scalar @$protocols ? $s_max - 1 : $s_max; | |
280 | ||
281 | # We now have at least one protocol enabled, so $min_enabled and | |
282 | # $max_enabled are well-defined. | |
283 | $c_min = max $c_min, $min_enabled; | |
284 | $s_min = max $s_min, $min_enabled; | |
285 | $c_max = min $c_max, $max_enabled; | |
286 | $s_max = min $s_max, $max_enabled; | |
287 | ||
288 | if ($c_min > $c_max) { | |
289 | # Client should fail to even send a hello. | |
83964ca0 | 290 | return ("ClientFail", undef); |
74726750 EK |
291 | } elsif ($s_min > $s_max) { |
292 | # Server has no protocols, should always fail. | |
293 | return ("ServerFail", undef); | |
294 | } elsif ($s_min > $c_max) { | |
295 | # Server doesn't support the client range. | |
296 | return ("ServerFail", undef); | |
297 | } elsif ($c_min > $s_max) { | |
582a17d6 | 298 | my @prots = @$protocols; |
7b21c00e MC |
299 | if ($prots[$c_max] eq "TLSv1.3") { |
300 | # Client will have sent supported_versions, so server will know | |
301 | # that there are no overlapping versions. | |
302 | return ("ServerFail", undef); | |
582a17d6 MC |
303 | } else { |
304 | # Server will try with a version that is lower than the lowest | |
305 | # supported client version. | |
306 | return ("ClientFail", undef); | |
307 | } | |
74726750 EK |
308 | } else { |
309 | # Server and client ranges overlap. | |
310 | my $max_common = $s_max < $c_max ? $s_max : $c_max; | |
311 | return ("Success", $protocols->[$max_common]); | |
312 | } | |
313 | } | |
314 | ||
315 | 1; |