[thirdparty/openssl.git] / test / ssl_test.c

/*
 * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <string.h>

#include <openssl/conf.h>
#include <openssl/err.h>
#include <openssl/ssl.h>

#include "handshake_helper.h"
#include "ssl_test_ctx.h"
#include "testutil.h"

static CONF *conf = NULL;

/* Currently the section names are of the form test-<number>, e.g. test-15. */
#define MAX_TESTCASE_NAME_LENGTH 100

static const char *print_alert(int alert)
{
    return alert ? SSL_alert_desc_string_long(alert) : "no alert";
}

static int check_result(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->result, test_ctx->expected_result)) {
        TEST_info("ExpectedResult mismatch: expected %s, got %s.",
                  ssl_test_result_name(test_ctx->expected_result),
                  ssl_test_result_name(result->result));
        return 0;
    }
    return 1;
}

static int check_alerts(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->client_alert_sent,
                     result->client_alert_received)) {
        TEST_info("Client sent alert %s but server received %s.",
                  print_alert(result->client_alert_sent),
                  print_alert(result->client_alert_received));
        /*
         * We can't bail here because the peer doesn't always get far enough
         * to process a received alert. Specifically, in protocol version
         * negotiation tests, we have the following scenario.
         * Client supports TLS v1.2 only; Server supports TLS v1.1.
         * Client proposes TLS v1.2; server responds with 1.1;
         * Client now sends a protocol alert, using TLS v1.2 in the header.
         * The server, however, rejects the alert because of version mismatch
         * in the record layer; therefore, the server appears to never
         * receive the alert.
         */
        /* return 0; */
    }

    if (!TEST_int_eq(result->server_alert_sent,
                     result->server_alert_received)) {
        TEST_info("Server sent alert %s but client received %s.",
                  print_alert(result->server_alert_sent),
                  print_alert(result->server_alert_received));
        /* return 0; */
    }

    /* Tolerate an alert if one wasn't explicitly specified in the test. */
    if (test_ctx->expected_client_alert
        /*
         * The info callback alert value is computed as
         * (s->s3->send_alert[0] << 8) | s->s3->send_alert[1]
         * where the low byte is the alert code and the high byte is other stuff.
         */
        && (result->client_alert_sent & 0xff) != test_ctx->expected_client_alert) {
        TEST_error("ClientAlert mismatch: expected %s, got %s.",
                   print_alert(test_ctx->expected_client_alert),
                   print_alert(result->client_alert_sent));
        return 0;
    }

    if (test_ctx->expected_server_alert
        && (result->server_alert_sent & 0xff) != test_ctx->expected_server_alert) {
        TEST_error("ServerAlert mismatch: expected %s, got %s.",
                   print_alert(test_ctx->expected_server_alert),
                   print_alert(result->server_alert_sent));
        return 0;
    }

    if (!TEST_int_le(result->client_num_fatal_alerts_sent, 1))
        return 0;
    if (!TEST_int_le(result->server_num_fatal_alerts_sent, 1))
        return 0;
    return 1;
}

static int check_protocol(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->client_protocol, result->server_protocol)) {
        TEST_info("Client has protocol %s but server has %s.",
                  ssl_protocol_name(result->client_protocol),
                  ssl_protocol_name(result->server_protocol));
        return 0;
    }

    if (test_ctx->expected_protocol) {
        if (!TEST_int_eq(result->client_protocol,
                         test_ctx->expected_protocol)) {
            TEST_info("Protocol mismatch: expected %s, got %s.\n",
                      ssl_protocol_name(test_ctx->expected_protocol),
                      ssl_protocol_name(result->client_protocol));
            return 0;
        }
    }
    return 1;
}

static int check_servername(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->servername, test_ctx->expected_servername)) {
      TEST_info("Client ServerName mismatch, expected %s, got %s.",
                ssl_servername_name(test_ctx->expected_servername),
                ssl_servername_name(result->servername));
      return 0;
    }
  return 1;
}

static int check_session_ticket(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_IGNORE)
        return 1;
    if (!TEST_int_eq(result->session_ticket,
                     test_ctx->session_ticket_expected)) {
        TEST_info("Client SessionTicketExpected mismatch, expected %s, got %s.",
                  ssl_session_ticket_name(test_ctx->session_ticket_expected),
                  ssl_session_ticket_name(result->session_ticket));
        return 0;
    }
    return 1;
}

static int check_session_id(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (test_ctx->session_id_expected == SSL_TEST_SESSION_ID_IGNORE)
        return 1;
    if (!TEST_int_eq(result->session_id, test_ctx->session_id_expected)) {
        TEST_info("Client SessionIdExpected mismatch, expected %s, got %s\n.",
                ssl_session_id_name(test_ctx->session_id_expected),
                ssl_session_id_name(result->session_id));
        return 0;
    }
    return 1;
}

static int check_compression(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->compression, test_ctx->compression_expected))
        return 0;
    return 1;
}
#ifndef OPENSSL_NO_NEXTPROTONEG
static int check_npn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    int ret = 1;
    if (!TEST_str_eq(result->client_npn_negotiated,
                     result->server_npn_negotiated))
        ret = 0;
    if (!TEST_str_eq(test_ctx->expected_npn_protocol,
                     result->client_npn_negotiated))
        ret = 0;
    return ret;
}
#endif

static int check_alpn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    int ret = 1;
    if (!TEST_str_eq(result->client_alpn_negotiated,
                     result->server_alpn_negotiated))
        ret = 0;
    if (!TEST_str_eq(test_ctx->expected_alpn_protocol,
                     result->client_alpn_negotiated))
        ret = 0;
    return ret;
}

static int check_session_ticket_app_data(HANDSHAKE_RESULT *result,
                                         SSL_TEST_CTX *test_ctx)
{
    size_t result_len = 0;
    size_t expected_len = 0;

    /* consider empty and NULL strings to be the same */
    if (result->result_session_ticket_app_data != NULL)
        result_len = strlen(result->result_session_ticket_app_data);
    if (test_ctx->expected_session_ticket_app_data != NULL)
        expected_len = strlen(test_ctx->expected_session_ticket_app_data);
    if (result_len == 0 && expected_len == 0)
        return 1;

    if (!TEST_str_eq(result->result_session_ticket_app_data,
                     test_ctx->expected_session_ticket_app_data))
        return 0;

    return 1;
}

static int check_resumption(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (!TEST_int_eq(result->client_resumed, result->server_resumed))
        return 0;
    if (!TEST_int_eq(result->client_resumed, test_ctx->resumption_expected))
        return 0;
    return 1;
}

static int check_nid(const char *name, int expected_nid, int nid)
{
    if (expected_nid == 0 || expected_nid == nid)
        return 1;
    TEST_error("%s type mismatch, %s vs %s\n",
               name, OBJ_nid2ln(expected_nid),
               nid == NID_undef ? "absent" : OBJ_nid2ln(nid));
    return 0;
}

static void print_ca_names(STACK_OF(X509_NAME) *names)
{
    int i;

    if (names == NULL || sk_X509_NAME_num(names) == 0) {
        TEST_note("    <empty>");
        return;
    }
    for (i = 0; i < sk_X509_NAME_num(names); i++) {
        X509_NAME_print_ex(bio_err, sk_X509_NAME_value(names, i), 4,
                           XN_FLAG_ONELINE);
        BIO_puts(bio_err, "\n");
    }
}

static int check_ca_names(const char *name,
                          STACK_OF(X509_NAME) *expected_names,
                          STACK_OF(X509_NAME) *names)
{
    int i;

    if (expected_names == NULL)
        return 1;
    if (names == NULL || sk_X509_NAME_num(names) == 0) {
        if (TEST_int_eq(sk_X509_NAME_num(expected_names), 0))
            return 1;
        goto err;
    }
    if (sk_X509_NAME_num(names) != sk_X509_NAME_num(expected_names))
        goto err;
    for (i = 0; i < sk_X509_NAME_num(names); i++) {
        if (!TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(names, i),
                                       sk_X509_NAME_value(expected_names, i)),
                         0)) {
            goto err;
        }
    }
    return 1;
err:
    TEST_info("%s: list mismatch", name);
    TEST_note("Expected Names:");
    print_ca_names(expected_names);
    TEST_note("Received Names:");
    print_ca_names(names);
    return 0;
}

static int check_tmp_key(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    return check_nid("Tmp key", test_ctx->expected_tmp_key_type,
                     result->tmp_key_type);
}

static int check_server_cert_type(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Server certificate", test_ctx->expected_server_cert_type,
                     result->server_cert_type);
}

static int check_server_sign_hash(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Server signing hash", test_ctx->expected_server_sign_hash,
                     result->server_sign_hash);
}

static int check_server_sign_type(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Server signing", test_ctx->expected_server_sign_type,
                     result->server_sign_type);
}

static int check_server_ca_names(HANDSHAKE_RESULT *result,
                                 SSL_TEST_CTX *test_ctx)
{
    return check_ca_names("Server CA names",
                          test_ctx->expected_server_ca_names,
                          result->server_ca_names);
}

static int check_client_cert_type(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Client certificate", test_ctx->expected_client_cert_type,
                     result->client_cert_type);
}

static int check_client_sign_hash(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Client signing hash", test_ctx->expected_client_sign_hash,
                     result->client_sign_hash);
}

static int check_client_sign_type(HANDSHAKE_RESULT *result,
                                  SSL_TEST_CTX *test_ctx)
{
    return check_nid("Client signing", test_ctx->expected_client_sign_type,
                     result->client_sign_type);
}

static int check_client_ca_names(HANDSHAKE_RESULT *result,
                                 SSL_TEST_CTX *test_ctx)
{
    return check_ca_names("Client CA names",
                          test_ctx->expected_client_ca_names,
                          result->client_ca_names);
}

static int check_cipher(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    if (test_ctx->expected_cipher == NULL)
        return 1;
    if (!TEST_ptr(result->cipher))
        return 0;
    if (!TEST_str_eq(test_ctx->expected_cipher,
                     result->cipher))
        return 0;
    return 1;
}

/*
 * This could be further simplified by constructing an expected
 * HANDSHAKE_RESULT, and implementing comparison methods for
 * its fields.
 */
static int check_test(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
{
    int ret = 1;
    ret &= check_result(result, test_ctx);
    ret &= check_alerts(result, test_ctx);
    if (result->result == SSL_TEST_SUCCESS) {
        ret &= check_protocol(result, test_ctx);
        ret &= check_servername(result, test_ctx);
        ret &= check_session_ticket(result, test_ctx);
        ret &= check_compression(result, test_ctx);
        ret &= check_session_id(result, test_ctx);
        ret &= (result->session_ticket_do_not_call == 0);
#ifndef OPENSSL_NO_NEXTPROTONEG
        ret &= check_npn(result, test_ctx);
#endif
        ret &= check_cipher(result, test_ctx);
        ret &= check_alpn(result, test_ctx);
        ret &= check_session_ticket_app_data(result, test_ctx);
        ret &= check_resumption(result, test_ctx);
        ret &= check_tmp_key(result, test_ctx);
        ret &= check_server_cert_type(result, test_ctx);
        ret &= check_server_sign_hash(result, test_ctx);
        ret &= check_server_sign_type(result, test_ctx);
        ret &= check_server_ca_names(result, test_ctx);
        ret &= check_client_cert_type(result, test_ctx);
        ret &= check_client_sign_hash(result, test_ctx);
        ret &= check_client_sign_type(result, test_ctx);
        ret &= check_client_ca_names(result, test_ctx);
    }
    return ret;
}

static int test_handshake(int idx)
{
    int ret = 0;
    SSL_CTX *server_ctx = NULL, *server2_ctx = NULL, *client_ctx = NULL,
        *resume_server_ctx = NULL, *resume_client_ctx = NULL;
    SSL_TEST_CTX *test_ctx = NULL;
    HANDSHAKE_RESULT *result = NULL;
    char test_app[MAX_TESTCASE_NAME_LENGTH];

    BIO_snprintf(test_app, sizeof(test_app), "test-%d", idx);

    test_ctx = SSL_TEST_CTX_create(conf, test_app);
    if (!TEST_ptr(test_ctx))
        goto err;

#ifndef OPENSSL_NO_DTLS
    if (test_ctx->method == SSL_TEST_METHOD_DTLS) {
        server_ctx = SSL_CTX_new(DTLS_server_method());
        if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
            goto err;
        if (test_ctx->extra.server.servername_callback !=
            SSL_TEST_SERVERNAME_CB_NONE) {
            if (!TEST_ptr(server2_ctx = SSL_CTX_new(DTLS_server_method())))
                goto err;
        }
        client_ctx = SSL_CTX_new(DTLS_client_method());
        if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
            goto err;
        if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
            resume_server_ctx = SSL_CTX_new(DTLS_server_method());
            if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
                goto err;
            resume_client_ctx = SSL_CTX_new(DTLS_client_method());
            if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
                goto err;
            if (!TEST_ptr(resume_server_ctx)
                    || !TEST_ptr(resume_client_ctx))
                goto err;
        }
    }
#endif
    if (test_ctx->method == SSL_TEST_METHOD_TLS) {
        server_ctx = SSL_CTX_new(TLS_server_method());
        if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
            goto err;
        /* SNI on resumption isn't supported/tested yet. */
        if (test_ctx->extra.server.servername_callback !=
            SSL_TEST_SERVERNAME_CB_NONE) {
            if (!TEST_ptr(server2_ctx = SSL_CTX_new(TLS_server_method())))
                goto err;
            if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, 0)))
                goto err;
        }
        client_ctx = SSL_CTX_new(TLS_client_method());
        if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
            goto err;

        if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
            resume_server_ctx = SSL_CTX_new(TLS_server_method());
            if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
                goto err;
            resume_client_ctx = SSL_CTX_new(TLS_client_method());
            if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
                goto err;
            if (!TEST_ptr(resume_server_ctx)
                    || !TEST_ptr(resume_client_ctx))
                goto err;
        }
    }

#ifdef OPENSSL_NO_AUTOLOAD_CONFIG
    if (!TEST_true(OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL)))
        goto err;
#endif

    if (!TEST_ptr(server_ctx)
            || !TEST_ptr(client_ctx)
            || !TEST_int_gt(CONF_modules_load(conf, test_app, 0),  0))
        goto err;

    if (!SSL_CTX_config(server_ctx, "server")
        || !SSL_CTX_config(client_ctx, "client")) {
        goto err;
    }

    if (server2_ctx != NULL && !SSL_CTX_config(server2_ctx, "server2"))
        goto err;
    if (resume_server_ctx != NULL
        && !SSL_CTX_config(resume_server_ctx, "resume-server"))
        goto err;
    if (resume_client_ctx != NULL
        && !SSL_CTX_config(resume_client_ctx, "resume-client"))
        goto err;

    result = do_handshake(server_ctx, server2_ctx, client_ctx,
                          resume_server_ctx, resume_client_ctx, test_ctx);

    if (result != NULL)
        ret = check_test(result, test_ctx);

err:
    CONF_modules_unload(0);
    SSL_CTX_free(server_ctx);
    SSL_CTX_free(server2_ctx);
    SSL_CTX_free(client_ctx);
    SSL_CTX_free(resume_server_ctx);
    SSL_CTX_free(resume_client_ctx);
    SSL_TEST_CTX_free(test_ctx);
    HANDSHAKE_RESULT_free(result);
    return ret;
}

OPT_TEST_DECLARE_USAGE("conf_file\n")

int setup_tests(void)
{
    long num_tests;

    if (!TEST_ptr(conf = NCONF_new(NULL))
            /* argv[1] should point to the test conf file */
            || !TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)
            || !TEST_int_ne(NCONF_get_number_e(conf, NULL, "num_tests",
                                               &num_tests), 0))
        return 0;

    ADD_ALL_TESTS(test_handshake, (int)num_tests);
    return 1;
}

void cleanup_tests(void)
{
    NCONF_free(conf);
}
Commit	Line	Data
453dfd8d	1	/*
b0edda11	2	* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
453dfd8d	3	*
909f1a2e	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
440e5d80 RS	5	* this file except in compliance with the License. You can obtain a copy
440e5d80 RS	6	* in the file LICENSE in the source distribution or at
453dfd8d	7	* https://www.openssl.org/source/license.html
453dfd8d EK	8	*/
	9
	10	#include <stdio.h>
5c753de6	11	#include <string.h>
453dfd8d EK	12
	13	#include <openssl/conf.h>
	14	#include <openssl/err.h>
	15	#include <openssl/ssl.h>
	16
	17	#include "handshake_helper.h"
	18	#include "ssl_test_ctx.h"
	19	#include "testutil.h"
	20
	21	static CONF *conf = NULL;
	22
	23	/* Currently the section names are of the form test-<number>, e.g. test-15. */
	24	#define MAX_TESTCASE_NAME_LENGTH 100
	25
453dfd8d EK	26	static const char *print_alert(int alert)
	27	{
	28	return alert ? SSL_alert_desc_string_long(alert) : "no alert";
	29	}
	30
ce2cdac2	31	static int check_result(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
453dfd8d	32	{
2fae041d P	33	if (!TEST_int_eq(result->result, test_ctx->expected_result)) {
	34	TEST_info("ExpectedResult mismatch: expected %s, got %s.",
	35	ssl_test_result_name(test_ctx->expected_result),
	36	ssl_test_result_name(result->result));
453dfd8d EK	37	return 0;
	38	}
	39	return 1;
	40	}
	41
ce2cdac2	42	static int check_alerts(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
453dfd8d	43	{
2fae041d P	44	if (!TEST_int_eq(result->client_alert_sent,
	45	result->client_alert_received)) {
	46	TEST_info("Client sent alert %s but server received %s.",
	47	print_alert(result->client_alert_sent),
	48	print_alert(result->client_alert_received));
453dfd8d EK	49	/*
	50	* We can't bail here because the peer doesn't always get far enough
	51	* to process a received alert. Specifically, in protocol version
	52	* negotiation tests, we have the following scenario.
	53	* Client supports TLS v1.2 only; Server supports TLS v1.1.
	54	* Client proposes TLS v1.2; server responds with 1.1;
	55	* Client now sends a protocol alert, using TLS v1.2 in the header.
	56	* The server, however, rejects the alert because of version mismatch
	57	* in the record layer; therefore, the server appears to never
	58	* receive the alert.
	59	*/
	60	/* return 0; */
	61	}
	62
2fae041d P	63	if (!TEST_int_eq(result->server_alert_sent,
	64	result->server_alert_received)) {
	65	TEST_info("Server sent alert %s but client received %s.",
	66	print_alert(result->server_alert_sent),
	67	print_alert(result->server_alert_received));
453dfd8d EK	68	/* return 0; */
	69	}
	70
	71	/* Tolerate an alert if one wasn't explicitly specified in the test. */
9f48bbac	72	if (test_ctx->expected_client_alert
453dfd8d EK	73	/*
	74	* The info callback alert value is computed as
	75	* (s->s3->send_alert[0] << 8) \| s->s3->send_alert[1]
	76	* where the low byte is the alert code and the high byte is other stuff.
	77	*/
9f48bbac	78	&& (result->client_alert_sent & 0xff) != test_ctx->expected_client_alert) {
2fae041d P	79	TEST_error("ClientAlert mismatch: expected %s, got %s.",
	80	print_alert(test_ctx->expected_client_alert),
	81	print_alert(result->client_alert_sent));
453dfd8d EK	82	return 0;
	83	}
	84
9f48bbac EK	85	if (test_ctx->expected_server_alert
9f48bbac EK	86	&& (result->server_alert_sent & 0xff) != test_ctx->expected_server_alert) {
2fae041d P	87	TEST_error("ServerAlert mismatch: expected %s, got %s.",
	88	print_alert(test_ctx->expected_server_alert),
	89	print_alert(result->server_alert_sent));
453dfd8d EK	90	return 0;
	91	}
	92
2fae041d	93	if (!TEST_int_le(result->client_num_fatal_alerts_sent, 1))
dd8e5a57	94	return 0;
2fae041d	95	if (!TEST_int_le(result->server_num_fatal_alerts_sent, 1))
dd8e5a57	96	return 0;
453dfd8d EK	97	return 1;
	98	}
	99
ce2cdac2	100	static int check_protocol(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
453dfd8d	101	{
2fae041d P	102	if (!TEST_int_eq(result->client_protocol, result->server_protocol)) {
	103	TEST_info("Client has protocol %s but server has %s.",
	104	ssl_protocol_name(result->client_protocol),
	105	ssl_protocol_name(result->server_protocol));
453dfd8d EK	106	return 0;
	107	}
	108
9f48bbac	109	if (test_ctx->expected_protocol) {
2fae041d P	110	if (!TEST_int_eq(result->client_protocol,
	111	test_ctx->expected_protocol)) {
	112	TEST_info("Protocol mismatch: expected %s, got %s.\n",
	113	ssl_protocol_name(test_ctx->expected_protocol),
	114	ssl_protocol_name(result->client_protocol));
453dfd8d EK	115	return 0;
	116	}
	117	}
	118	return 1;
	119	}
	120
ce2cdac2	121	static int check_servername(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
5c753de6	122	{
2fae041d P	123	if (!TEST_int_eq(result->servername, test_ctx->expected_servername)) {
	124	TEST_info("Client ServerName mismatch, expected %s, got %s.",
	125	ssl_servername_name(test_ctx->expected_servername),
	126	ssl_servername_name(result->servername));
d2b23cd2	127	return 0;
5c753de6	128	}
d2b23cd2	129	return 1;
5c753de6 TS	130	}
5c753de6 TS	131
ce2cdac2	132	static int check_session_ticket(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
5c753de6 TS	133	{
	134	if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_IGNORE)
	135	return 1;
2fae041d P	136	if (!TEST_int_eq(result->session_ticket,
	137	test_ctx->session_ticket_expected)) {
	138	TEST_info("Client SessionTicketExpected mismatch, expected %s, got %s.",
	139	ssl_session_ticket_name(test_ctx->session_ticket_expected),
	140	ssl_session_ticket_name(result->session_ticket));
5c753de6 TS	141	return 0;
	142	}
	143	return 1;
	144	}
	145
a84e5c9a TS	146	static int check_session_id(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
	147	{
	148	if (test_ctx->session_id_expected == SSL_TEST_SESSION_ID_IGNORE)
	149	return 1;
	150	if (!TEST_int_eq(result->session_id, test_ctx->session_id_expected)) {
	151	TEST_info("Client SessionIdExpected mismatch, expected %s, got %s\n.",
	152	ssl_session_id_name(test_ctx->session_id_expected),
	153	ssl_session_id_name(result->session_id));
	154	return 0;
	155	}
	156	return 1;
	157	}
	158
439db0c9 MC	159	static int check_compression(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
439db0c9 MC	160	{
2fae041d	161	if (!TEST_int_eq(result->compression, test_ctx->compression_expected))
439db0c9	162	return 0;
439db0c9 MC	163	return 1;
439db0c9 MC	164	}
620c6ad3	165	#ifndef OPENSSL_NO_NEXTPROTONEG
ce2cdac2 EK	166	static int check_npn(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
	167	{
	168	int ret = 1;
2fae041d P	169	if (!TEST_str_eq(result->client_npn_negotiated,
	170	result->server_npn_negotiated))
	171	ret = 0;
	172	if (!TEST_str_eq(test_ctx->expected_npn_protocol,
	173	result->client_npn_negotiated))
	174	ret = 0;
ce2cdac2 EK	175	return ret;
ce2cdac2 EK	176	}
7b7cea6d	177	#endif
ce2cdac2 EK	178
	179	static int check_alpn(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
	180	{
	181	int ret = 1;
2fae041d P	182	if (!TEST_str_eq(result->client_alpn_negotiated,
	183	result->server_alpn_negotiated))
	184	ret = 0;
	185	if (!TEST_str_eq(test_ctx->expected_alpn_protocol,
	186	result->client_alpn_negotiated))
	187	ret = 0;
ce2cdac2 EK	188	return ret;
	189	}
	190
df0fed9a TS	191	static int check_session_ticket_app_data(HANDSHAKE_RESULT *result,
	192	SSL_TEST_CTX *test_ctx)
	193	{
	194	size_t result_len = 0;
	195	size_t expected_len = 0;
	196
	197	/* consider empty and NULL strings to be the same */
	198	if (result->result_session_ticket_app_data != NULL)
	199	result_len = strlen(result->result_session_ticket_app_data);
	200	if (test_ctx->expected_session_ticket_app_data != NULL)
	201	expected_len = strlen(test_ctx->expected_session_ticket_app_data);
	202	if (result_len == 0 && expected_len == 0)
	203	return 1;
	204
	205	if (!TEST_str_eq(result->result_session_ticket_app_data,
	206	test_ctx->expected_session_ticket_app_data))
	207	return 0;
	208
	209	return 1;
	210	}
	211
590ed3d7 EK	212	static int check_resumption(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
590ed3d7 EK	213	{
2fae041d	214	if (!TEST_int_eq(result->client_resumed, result->server_resumed))
590ed3d7	215	return 0;
2fae041d	216	if (!TEST_int_eq(result->client_resumed, test_ctx->resumption_expected))
590ed3d7	217	return 0;
590ed3d7 EK	218	return 1;
	219	}
	220
ee5b6a42	221	static int check_nid(const char *name, int expected_nid, int nid)
b93ad05d	222	{
ee5b6a42	223	if (expected_nid == 0 \|\| expected_nid == nid)
b93ad05d	224	return 1;
2fae041d P	225	TEST_error("%s type mismatch, %s vs %s\n",
	226	name, OBJ_nid2ln(expected_nid),
	227	nid == NID_undef ? "absent" : OBJ_nid2ln(nid));
b93ad05d DSH	228	return 0;
	229	}
	230
2e21539b DSH	231	static void print_ca_names(STACK_OF(X509_NAME) *names)
2e21539b DSH	232	{
2e21539b DSH	233	int i;
	234
	235	if (names == NULL \|\| sk_X509_NAME_num(names) == 0) {
8fe3127c	236	TEST_note(" <empty>");
2e21539b DSH	237	return;
2e21539b DSH	238	}
2e21539b	239	for (i = 0; i < sk_X509_NAME_num(names); i++) {
8fe3127c	240	X509_NAME_print_ex(bio_err, sk_X509_NAME_value(names, i), 4,
2e21539b	241	XN_FLAG_ONELINE);
8fe3127c	242	BIO_puts(bio_err, "\n");
2e21539b	243	}
2e21539b DSH	244	}
	245
	246	static int check_ca_names(const char *name,
	247	STACK_OF(X509_NAME) *expected_names,
	248	STACK_OF(X509_NAME) *names)
	249	{
	250	int i;
	251
	252	if (expected_names == NULL)
	253	return 1;
	254	if (names == NULL \|\| sk_X509_NAME_num(names) == 0) {
8fe3127c	255	if (TEST_int_eq(sk_X509_NAME_num(expected_names), 0))
2e21539b DSH	256	return 1;
	257	goto err;
	258	}
	259	if (sk_X509_NAME_num(names) != sk_X509_NAME_num(expected_names))
	260	goto err;
	261	for (i = 0; i < sk_X509_NAME_num(names); i++) {
8fe3127c P	262	if (!TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(names, i),
	263	sk_X509_NAME_value(expected_names, i)),
	264	0)) {
2e21539b DSH	265	goto err;
	266	}
	267	}
	268	return 1;
8fe3127c P	269	err:
	270	TEST_info("%s: list mismatch", name);
	271	TEST_note("Expected Names:");
2e21539b	272	print_ca_names(expected_names);
8fe3127c	273	TEST_note("Received Names:");
2e21539b DSH	274	print_ca_names(names);
	275	return 0;
	276	}
	277
f15b50c4 DSH	278	static int check_tmp_key(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
	279	{
	280	return check_nid("Tmp key", test_ctx->expected_tmp_key_type,
	281	result->tmp_key_type);
	282	}
	283
	284	static int check_server_cert_type(HANDSHAKE_RESULT *result,
	285	SSL_TEST_CTX *test_ctx)
	286	{
	287	return check_nid("Server certificate", test_ctx->expected_server_cert_type,
	288	result->server_cert_type);
	289	}
	290
	291	static int check_server_sign_hash(HANDSHAKE_RESULT *result,
	292	SSL_TEST_CTX *test_ctx)
	293	{
	294	return check_nid("Server signing hash", test_ctx->expected_server_sign_hash,
	295	result->server_sign_hash);
	296	}
	297
	298	static int check_server_sign_type(HANDSHAKE_RESULT *result,
	299	SSL_TEST_CTX *test_ctx)
	300	{
	301	return check_nid("Server signing", test_ctx->expected_server_sign_type,
	302	result->server_sign_type);
	303	}
	304
	305	static int check_server_ca_names(HANDSHAKE_RESULT *result,
	306	SSL_TEST_CTX *test_ctx)
	307	{
	308	return check_ca_names("Server CA names",
	309	test_ctx->expected_server_ca_names,
	310	result->server_ca_names);
	311	}
	312
	313	static int check_client_cert_type(HANDSHAKE_RESULT *result,
	314	SSL_TEST_CTX *test_ctx)
	315	{
	316	return check_nid("Client certificate", test_ctx->expected_client_cert_type,
	317	result->client_cert_type);
	318	}
	319
	320	static int check_client_sign_hash(HANDSHAKE_RESULT *result,
	321	SSL_TEST_CTX *test_ctx)
	322	{
	323	return check_nid("Client signing hash", test_ctx->expected_client_sign_hash,
	324	result->client_sign_hash);
	325	}
	326
	327	static int check_client_sign_type(HANDSHAKE_RESULT *result,
	328	SSL_TEST_CTX *test_ctx)
	329	{
	330	return check_nid("Client signing", test_ctx->expected_client_sign_type,
	331	result->client_sign_type);
	332	}
	333
2e21539b DSH	334	static int check_client_ca_names(HANDSHAKE_RESULT *result,
	335	SSL_TEST_CTX *test_ctx)
	336	{
	337	return check_ca_names("Client CA names",
	338	test_ctx->expected_client_ca_names,
	339	result->client_ca_names);
	340	}
	341
e1c7871d TS	342	static int check_cipher(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
	343	{
	344	if (test_ctx->expected_cipher == NULL)
	345	return 1;
	346	if (!TEST_ptr(result->cipher))
	347	return 0;
	348	if (!TEST_str_eq(test_ctx->expected_cipher,
	349	result->cipher))
	350	return 0;
	351	return 1;
	352	}
	353
453dfd8d EK	354	/*
	355	* This could be further simplified by constructing an expected
	356	* HANDSHAKE_RESULT, and implementing comparison methods for
	357	* its fields.
	358	*/
ce2cdac2	359	static int check_test(HANDSHAKE_RESULT result, SSL_TEST_CTX test_ctx)
453dfd8d EK	360	{
	361	int ret = 1;
	362	ret &= check_result(result, test_ctx);
	363	ret &= check_alerts(result, test_ctx);
ce2cdac2	364	if (result->result == SSL_TEST_SUCCESS) {
453dfd8d	365	ret &= check_protocol(result, test_ctx);
5c753de6	366	ret &= check_servername(result, test_ctx);
81fc33c9	367	ret &= check_session_ticket(result, test_ctx);
439db0c9	368	ret &= check_compression(result, test_ctx);
a84e5c9a	369	ret &= check_session_id(result, test_ctx);
ce2cdac2	370	ret &= (result->session_ticket_do_not_call == 0);
620c6ad3	371	#ifndef OPENSSL_NO_NEXTPROTONEG
ce2cdac2	372	ret &= check_npn(result, test_ctx);
620c6ad3	373	#endif
e1c7871d	374	ret &= check_cipher(result, test_ctx);
7b7cea6d	375	ret &= check_alpn(result, test_ctx);
df0fed9a	376	ret &= check_session_ticket_app_data(result, test_ctx);
590ed3d7	377	ret &= check_resumption(result, test_ctx);
b93ad05d	378	ret &= check_tmp_key(result, test_ctx);
7f5f35af	379	ret &= check_server_cert_type(result, test_ctx);
ee5b6a42	380	ret &= check_server_sign_hash(result, test_ctx);
54b7f2a5	381	ret &= check_server_sign_type(result, test_ctx);
f15b50c4	382	ret &= check_server_ca_names(result, test_ctx);
7f5f35af	383	ret &= check_client_cert_type(result, test_ctx);
ee5b6a42	384	ret &= check_client_sign_hash(result, test_ctx);
54b7f2a5	385	ret &= check_client_sign_type(result, test_ctx);
2e21539b	386	ret &= check_client_ca_names(result, test_ctx);
5c753de6	387	}
453dfd8d EK	388	return ret;
	389	}
	390
d836d71b	391	static int test_handshake(int idx)
453dfd8d	392	{
ababe86b	393	int ret = 0;
590ed3d7	394	SSL_CTX server_ctx = NULL, server2_ctx = NULL, *client_ctx = NULL,
11279b13	395	resume_server_ctx = NULL, resume_client_ctx = NULL;
453dfd8d	396	SSL_TEST_CTX *test_ctx = NULL;
ce2cdac2	397	HANDSHAKE_RESULT *result = NULL;
d836d71b EK	398	char test_app[MAX_TESTCASE_NAME_LENGTH];
	399
	400	BIO_snprintf(test_app, sizeof(test_app), "test-%d", idx);
453dfd8d	401
d836d71b	402	test_ctx = SSL_TEST_CTX_create(conf, test_app);
2fae041d	403	if (!TEST_ptr(test_ctx))
74726750 EK	404	goto err;
	405
	406	#ifndef OPENSSL_NO_DTLS
	407	if (test_ctx->method == SSL_TEST_METHOD_DTLS) {
	408	server_ctx = SSL_CTX_new(DTLS_server_method());
5c587fb6	409	if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
7d7f6834	410	goto err;
9f48bbac EK	411	if (test_ctx->extra.server.servername_callback !=
9f48bbac EK	412	SSL_TEST_SERVERNAME_CB_NONE) {
019e47ce P	413	if (!TEST_ptr(server2_ctx = SSL_CTX_new(DTLS_server_method())))
019e47ce P	414	goto err;
d2b23cd2	415	}
74726750	416	client_ctx = SSL_CTX_new(DTLS_client_method());
5c587fb6	417	if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
7d7f6834	418	goto err;
590ed3d7 EK	419	if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
590ed3d7 EK	420	resume_server_ctx = SSL_CTX_new(DTLS_server_method());
5c587fb6	421	if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
7d7f6834	422	goto err;
11279b13	423	resume_client_ctx = SSL_CTX_new(DTLS_client_method());
5c587fb6	424	if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
7d7f6834	425	goto err;
019e47ce P	426	if (!TEST_ptr(resume_server_ctx)
	427	\|\| !TEST_ptr(resume_client_ctx))
	428	goto err;
590ed3d7	429	}
74726750 EK	430	}
	431	#endif
	432	if (test_ctx->method == SSL_TEST_METHOD_TLS) {
	433	server_ctx = SSL_CTX_new(TLS_server_method());
5c587fb6	434	if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
7d7f6834	435	goto err;
9f48bbac EK	436	/* SNI on resumption isn't supported/tested yet. */
	437	if (test_ctx->extra.server.servername_callback !=
	438	SSL_TEST_SERVERNAME_CB_NONE) {
019e47ce P	439	if (!TEST_ptr(server2_ctx = SSL_CTX_new(TLS_server_method())))
019e47ce P	440	goto err;
5c587fb6	441	if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, 0)))
7d7f6834	442	goto err;
d2b23cd2	443	}
74726750	444	client_ctx = SSL_CTX_new(TLS_client_method());
5c587fb6	445	if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
7d7f6834	446	goto err;
590ed3d7 EK	447
	448	if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
	449	resume_server_ctx = SSL_CTX_new(TLS_server_method());
5c587fb6	450	if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
7d7f6834	451	goto err;
11279b13	452	resume_client_ctx = SSL_CTX_new(TLS_client_method());
5c587fb6	453	if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
7d7f6834	454	goto err;
019e47ce P	455	if (!TEST_ptr(resume_server_ctx)
	456	\|\| !TEST_ptr(resume_client_ctx))
	457	goto err;
590ed3d7	458	}
74726750 EK	459	}
74726750 EK	460
dbabc862 BE	461	#ifdef OPENSSL_NO_AUTOLOAD_CONFIG
	462	if (!TEST_true(OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL)))
	463	goto err;
	464	#endif
	465
019e47ce P	466	if (!TEST_ptr(server_ctx)
	467	\|\| !TEST_ptr(client_ctx)
	468	\|\| !TEST_int_gt(CONF_modules_load(conf, test_app, 0), 0))
	469	goto err;
453dfd8d EK	470
453dfd8d EK	471	if (!SSL_CTX_config(server_ctx, "server")
5c753de6	472	\|\| !SSL_CTX_config(client_ctx, "client")) {
453dfd8d EK	473	goto err;
	474	}
	475
d2b23cd2 EK	476	if (server2_ctx != NULL && !SSL_CTX_config(server2_ctx, "server2"))
d2b23cd2 EK	477	goto err;
590ed3d7 EK	478	if (resume_server_ctx != NULL
	479	&& !SSL_CTX_config(resume_server_ctx, "resume-server"))
	480	goto err;
11279b13 EK	481	if (resume_client_ctx != NULL
	482	&& !SSL_CTX_config(resume_client_ctx, "resume-client"))
	483	goto err;
d2b23cd2	484
590ed3d7	485	result = do_handshake(server_ctx, server2_ctx, client_ctx,
11279b13	486	resume_server_ctx, resume_client_ctx, test_ctx);
453dfd8d	487
ff281ee8 P	488	if (result != NULL)
ff281ee8 P	489	ret = check_test(result, test_ctx);
453dfd8d EK	490
	491	err:
	492	CONF_modules_unload(0);
	493	SSL_CTX_free(server_ctx);
5c753de6	494	SSL_CTX_free(server2_ctx);
453dfd8d	495	SSL_CTX_free(client_ctx);
590ed3d7	496	SSL_CTX_free(resume_server_ctx);
11279b13	497	SSL_CTX_free(resume_client_ctx);
453dfd8d	498	SSL_TEST_CTX_free(test_ctx);
ce2cdac2	499	HANDSHAKE_RESULT_free(result);
453dfd8d EK	500	return ret;
	501	}
	502
a43ce58f SL	503	OPT_TEST_DECLARE_USAGE("conf_file\n")
a43ce58f SL	504
ad887416	505	int setup_tests(void)
453dfd8d	506	{
453dfd8d EK	507	long num_tests;
453dfd8d EK	508
ad887416	509	if (!TEST_ptr(conf = NCONF_new(NULL))
019e47ce	510	/* argv[1] should point to the test conf file */
ad887416	511	\|\| !TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)
019e47ce P	512	\|\| !TEST_int_ne(NCONF_get_number_e(conf, NULL, "num_tests",
019e47ce P	513	&num_tests), 0))
ad887416	514	return 0;
453dfd8d	515
ad887416 P	516	ADD_ALL_TESTS(test_handshake, (int)num_tests);
	517	return 1;
	518	}
453dfd8d	519
ad887416 P	520	void cleanup_tests(void)
ad887416 P	521	{
e364c3b2	522	NCONF_free(conf);
453dfd8d	523	}