ag/cpython-source-deps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Imported OpenSSL 1.1.1d

Browse Source
This commit is contained in:
Steve Dower
2019-09-16 11:16:33 +01:00
parent ea3c37b9ec
commit 6f2f71e7ea
325 changed files with 5375 additions and 11047 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
test/asn1_time_test.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -24,8 +24,8 @@ struct testdata {
int expected_type; /* expected type after set/set_string_gmt */
int check_result; /* check result */
time_t t; /* expected time_t*/
int cmp_result; /* compariston to baseline result */
int convert_result; /* convertion result */
int cmp_result; /* comparison to baseline result */
int convert_result; /* conversion result */
};
static struct testdata tbl_testdata_pos[] = {

40
test/bio_memleak_test.c
View File

@@ -181,6 +181,45 @@ finish:
return ok;
}
static int test_bio_nonclear_rst(void)
{
int ok = 0;
BIO *bio = NULL;
char data[16];
bio = BIO_new(BIO_s_mem());
if (!TEST_ptr(bio))
goto finish;
if (!TEST_int_eq(BIO_puts(bio, "Hello World\n"), 12))
goto finish;
BIO_set_flags(bio, BIO_FLAGS_NONCLEAR_RST);
if (!TEST_int_eq(BIO_read(bio, data, 16), 12))
goto finish;
if (!TEST_mem_eq(data, 12, "Hello World\n", 12))
goto finish;
if (!TEST_int_gt(BIO_reset(bio), 0))
goto finish;
if (!TEST_int_eq(BIO_read(bio, data, 16), 12))
goto finish;
if (!TEST_mem_eq(data, 12, "Hello World\n", 12))
goto finish;
BIO_clear_flags(bio, BIO_FLAGS_NONCLEAR_RST);
if (!TEST_int_gt(BIO_reset(bio), 0))
goto finish;
if (!TEST_int_lt(BIO_read(bio, data, 16), 1))
goto finish;
ok = 1;
finish:
BIO_free(bio);
return ok;
}
int global_init(void)
{
@@ -196,5 +235,6 @@ int setup_tests(void)
ADD_TEST(test_bio_new_mem_buf);
ADD_TEST(test_bio_rdonly_mem_buf);
ADD_TEST(test_bio_rdwr_rdonly);
ADD_TEST(test_bio_nonclear_rst);
return 1;
}

47
test/bntest.c
View File

@@ -2169,18 +2169,50 @@ static int test_expmodone(void)
return ret;
}
static int test_smallprime(void)
static int test_smallprime(int kBits)
{
static const int kBits = 10;
BIGNUM *r;
int st = 0;
if (!TEST_ptr(r = BN_new())
|| !TEST_true(BN_generate_prime_ex(r, (int)kBits, 0,
NULL, NULL, NULL))
|| !TEST_int_eq(BN_num_bits(r), kBits))
if (!TEST_ptr(r = BN_new()))
goto err;
if (kBits <= 1) {
if (!TEST_false(BN_generate_prime_ex(r, kBits, 0,
NULL, NULL, NULL)))
goto err;
} else {
if (!TEST_true(BN_generate_prime_ex(r, kBits, 0,
NULL, NULL, NULL))
|| !TEST_int_eq(BN_num_bits(r), kBits))
goto err;
}
st = 1;
err:
BN_free(r);
return st;
}
static int test_smallsafeprime(int kBits)
{
BIGNUM *r;
int st = 0;
if (!TEST_ptr(r = BN_new()))
goto err;
if (kBits <= 5 && kBits != 3) {
if (!TEST_false(BN_generate_prime_ex(r, kBits, 1,
NULL, NULL, NULL)))
goto err;
} else {
if (!TEST_true(BN_generate_prime_ex(r, kBits, 1,
NULL, NULL, NULL))
|| !TEST_int_eq(BN_num_bits(r), kBits))
goto err;
}
st = 1;
err:
BN_free(r);
@@ -2405,7 +2437,8 @@ int setup_tests(void)
ADD_TEST(test_badmod);
ADD_TEST(test_expmodzero);
ADD_TEST(test_expmodone);
ADD_TEST(test_smallprime);
ADD_ALL_TESTS(test_smallprime, 16);
ADD_ALL_TESTS(test_smallsafeprime, 16);
ADD_TEST(test_swap);
ADD_TEST(test_ctx_consttime_flag);
#ifndef OPENSSL_NO_EC2M

3
test/build.info
View File

@@ -12,7 +12,8 @@ IF[{- !$disabled{tests} -}]
SOURCE[libtestutil.a]=testutil/basic_output.c testutil/output_helpers.c \
testutil/driver.c testutil/tests.c testutil/cb.c testutil/stanza.c \
testutil/format_output.c testutil/tap_bio.c \
testutil/test_cleanup.c testutil/main.c testutil/init.c
testutil/test_cleanup.c testutil/main.c testutil/init.c \
testutil/random.c
INCLUDE[libtestutil.a]=../include
DEPEND[libtestutil.a]=../libcrypto

31
test/certs/mkcert.sh
View File

@@ -1,6 +1,6 @@
#! /bin/bash
#
# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
# Copyright (c) 2016 Viktor Dukhovni <openssl-users@dukhovni.org>.
# All rights reserved.
#
@@ -233,6 +233,35 @@ genee() {
-set_serial 2 -days "${DAYS}" "$@"
}
geneenocsr() {
local OPTIND=1
local purpose=serverAuth
while getopts p: o
do
case $o in
p) purpose="$OPTARG";;
*) echo "Usage: $0 genee [-p EKU] cn certname cakeyname cacertname" >&2
return 1;;
esac
done
shift $((OPTIND - 1))
local cn=$1; shift
local cert=$1; shift
local cakey=$1; shift
local ca=$1; shift
exts=$(printf "%s\n%s\n%s\n%s\n%s\n[alts]\n%s\n" \
"subjectKeyIdentifier = hash" \
"authorityKeyIdentifier = keyid, issuer" \
"basicConstraints = CA:false" \
"extendedKeyUsage = $purpose" \
"subjectAltName = @alts" "DNS=${cn}")
cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \
-set_serial 2 -days "${DAYS}" "$@"
}
genss() {
local cn=$1; shift
local key=$1; shift

21
test/certs/server-pss-restrict-cert.pem Normal file
View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDYjCCAkqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE5MDgwODEwNDMxMFoYDzIxMTkwODA5MTA0MzEwWjAUMRIwEAYDVQQD
DAlsb2NhbGhvc3QwggFSMD0GCSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIBoRow
GAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgEgA4IBDwAwggEKAoIBAQDDlygk
sUEAajpdVquo9XIAyTd9ZJ+55hNmhBfhn3lHz3ryPD+0XlgCE9qsKwfR7iYaqmnN
ilQnsxWpMGXAgOlC1+w5zh8qHvrI5wX+A6U9N8leIOSgFuFNP0FMMG7I677QzRxG
FqKX1o4V73JWqnHCfnfHRyZY9xM0tYbJKNbRO7Hy4jKBPl3ptPHUoTltr4WYTOpg
stcEamdiiif+0U4bQvVltNg9pzFEjkAktTUGn92W5CgLnsbPXxBo6a/kUlHcgmhY
bpOXEjCPufZLgsQo8iF2Bq8eWMEsByjr0chQjzrfZAUVtD8Hmh2uMVAPQFAHUkaL
j2tHukL+s9tAaWKNAgMBAAGjgY4wgYswHQYDVR0OBBYEFLqlLFaNrS8hbX6voiGi
AfMYfsivMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJMAkGA1UdEwQC
MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwKQYDVR0RBCIwIIIeU2VydmVyIFJTQS1Q
U1MgcmVzdHJpY3RlZCBjZXJ0MA0GCSqGSIb3DQEBCwUAA4IBAQAEhm9Skn2XfEZo
Q+YMu6HIQZovRT3IljHvesjIby7KfS86SU4r+CG7qaPLw7jeIR92YMnihnaXRGGJ
POixpHY6gapEzR2Sqg7c0ApGenDZ3uKnBUjf9LEorPmhrEHUsnHREXoPx5Lt5Nh/
7WRNB/GKvbnAby+5HQBOvU6P8t37/zK1JjJhGNv0uvaYthQGk3r6nEhQG+O6JBSw
H/auU4ClIB4fg8GWaMuupN5VMNP9mxpL9tONH8QRKs+KIQWMOsr83rOKwSHrrkIL
/vDI5hPj9RHvjjta6FQx140wA6c8ZB59x9YIv1alJWf6s3+TM8bv70L/aBBT8+IM
vwjUz9Gp
-----END CERTIFICATE-----

29
test/certs/server-pss-restrict-key.pem Normal file
View File

@@ -0,0 +1,29 @@
-----BEGIN PRIVATE KEY-----
MIIE7wIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3
DQEBCDALBglghkgBZQMEAgGiAwIBIASCBKkwggSlAgEAAoIBAQDDlygksUEAajpd
Vquo9XIAyTd9ZJ+55hNmhBfhn3lHz3ryPD+0XlgCE9qsKwfR7iYaqmnNilQnsxWp
MGXAgOlC1+w5zh8qHvrI5wX+A6U9N8leIOSgFuFNP0FMMG7I677QzRxGFqKX1o4V
73JWqnHCfnfHRyZY9xM0tYbJKNbRO7Hy4jKBPl3ptPHUoTltr4WYTOpgstcEamdi
iif+0U4bQvVltNg9pzFEjkAktTUGn92W5CgLnsbPXxBo6a/kUlHcgmhYbpOXEjCP
ufZLgsQo8iF2Bq8eWMEsByjr0chQjzrfZAUVtD8Hmh2uMVAPQFAHUkaLj2tHukL+
s9tAaWKNAgMBAAECggEBAIzgfwWOtmb6HHfGSXY085wlUlZ696EKWsboNdtI5i4W
/1Mimi/sFC/K5SJFDCjlA4UJYZOuItdFYkCun1t8foaqx3cLQ98u2SuDWwmOzqG9
YMjvoDy+viDJgtrBt8n4I0R5t/ezrgD3hPe/s/dAZRfVx6g9Ux2ZOLgqV57kT3X7
6paEz3jrIMvuoXQCsi9Qh+eJQ23/sAcc7OHQ7uD8QJVudEBnSHQ+ttvOPXhr7tba
8NuNVa6E/KewkKHRAZqBTJolCVyPtWmvfaDwdJtunCvyR1w3Rv1adZLK4YRFz+vc
sOMK+K1c2aojA+/Fnba19inNq13j6Dwqmq8Ho7MZwHECgYEA6aSx7/93S1VGpxQ9
KqFE4Fy9ylliC/hanc9qOcfEIo0tDus9lfpuPp+aOXML0msVkIfhCnaru32qtnaI
AQkIbPhSZFvC/i6BibpArXINbDzTS/46zZHehXskjWFGw+iRm/YI7MBuCmWzSnFO
YUwSKRIPKZKyXswFzP8RsQO/QbsCgYEA1k5SamQheuKdo/X40ShWTTOoDlpL4Sir
b2zTnEqlHyMv8c7w880hPf4P+0pqrKyf7jmEykJvp1qSAmyMUCWzrKTr8gQ2sMyb
zj90cEm++M5YIQh5lPJy4pGqmCliJXqkt+zT1xmnRASwMNQOnU2bBmXkve/ofb4M
dEwyig/nZFcCgYBLWPilTD6dhce+NBGxwMZkkKQIMKEk+RfIEs7QCXNgLSUdzZFT
36pT+caTxl1Go5AVxyw04qZpVZKLO1iK9O3Jrp9rjAgrTrYpw23+QWzAvjDqLfeq
ueMIKvlTus5GeacTo9mm+DvEkJ2sYTQEvrKQmilXn950IdmxDYUYD/xK5wKBgQDQ
5ON9BUGFUSQsUHVLG7CT7EhiRS41ubjyEfhrHm+53Ei9weQpIcjHbsERR8aXrmTu
h26i4QOI88XjSv+ymC19mfzLmcPdrnQpJL1RPvFCAZDyEhrBT1sg8rCBRcV/lv68
scMEpuLecFt2HR5pwt3b7LJ9Wj8bYoctTaDt5va8XQKBgQDCr4hZB5haAcKmNm/g
PjlaLdrDEIuuBjxMzX1t3PXwsEene1cE731v6fbmrDUa8AuJyMY80xhGrTTDQfS3
QOu/6wtcUv/JC/06OwEaUlT/kdYek+zYfBm3b1sKP3HVKSxCLTcPcC4aQoAFqbEy
3kuSVh03vVBdaP//qMPyeue17w==
-----END PRIVATE KEY-----

6
test/certs/setup.sh
View File

@@ -369,3 +369,9 @@ REQMASK=MASK:0x800 ./mkcert.sh req badalt7-key "O = Bad NC Test Certificate 7" \
OPENSSL_KEYALG=ec OPENSSL_KEYBITS=brainpoolP256r1 ./mkcert.sh genee \
"Server ECDSA brainpoolP256r1 cert" server-ecdsa-brainpoolP256r1-key \
server-ecdsa-brainpoolP256r1-cert rootkey rootcert
openssl req -new -nodes -subj "/CN=localhost" \
-newkey rsa-pss -keyout server-pss-restrict-key.pem \
-pkeyopt rsa_pss_keygen_md:sha256 -pkeyopt rsa_pss_keygen_saltlen:32 | \
./mkcert.sh geneenocsr "Server RSA-PSS restricted cert" \
server-pss-restrict-cert rootkey rootcert

4
test/conf_include_test.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -141,7 +141,7 @@ static int test_check_null_numbers(void)
}
/*
* Verify that a NULL config with a missing envrionment variable returns
* Verify that a NULL config with a missing environment variable returns
* a failure code.
*/
if (!TEST_int_eq(unsetenv("FNORD"), 0)

23
test/ct_test.c
View File

@@ -87,29 +87,10 @@ static void tear_down(CT_TEST_FIXTURE *fixture)
OPENSSL_free(fixture);
}
static char *mk_file_path(const char *dir, const char *file)
{
# ifndef OPENSSL_SYS_VMS
const char *sep = "/";
# else
const char *sep = "";
# endif
size_t len = strlen(dir) + strlen(sep) + strlen(file) + 1;
char *full_file = OPENSSL_zalloc(len);
if (full_file != NULL) {
OPENSSL_strlcpy(full_file, dir, len);
OPENSSL_strlcat(full_file, sep, len);
OPENSSL_strlcat(full_file, file, len);
}
return full_file;
}
static X509 *load_pem_cert(const char *dir, const char *file)
{
X509 *cert = NULL;
char *file_path = mk_file_path(dir, file);
char *file_path = test_mk_file_path(dir, file);
if (file_path != NULL) {
BIO *cert_io = BIO_new_file(file_path, "r");
@@ -127,7 +108,7 @@ static int read_text_file(const char *dir, const char *file,
char *buffer, int buffer_length)
{
int len = -1;
char *file_path = mk_file_path(dir, file);
char *file_path = test_mk_file_path(dir, file);
if (file_path != NULL) {
BIO *file_io = BIO_new_file(file_path, "r");

77
test/dhtest.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -17,6 +17,7 @@
#include <openssl/bn.h>
#include <openssl/rand.h>
#include <openssl/err.h>
#include <openssl/obj_mac.h>
#include "testutil.h"
#ifndef OPENSSL_NO_DH
@@ -62,6 +63,17 @@ static int dh_test(void)
|| !TEST_true(DH_set0_pqg(dh, p, q, g)))
goto err1;
if (!DH_check(dh, &i))
goto err2;
if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
|| !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
|| !TEST_false(i & DH_CHECK_INVALID_Q_VALUE)
|| !TEST_false(i & DH_CHECK_Q_NOT_PRIME)
|| !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR)
|| !TEST_false(i & DH_NOT_SUITABLE_GENERATOR)
|| !TEST_false(i))
goto err2;
/* test the combined getter for p, q, and g */
DH_get0_pqg(dh, &p2, &q2, &g2);
if (!TEST_ptr_eq(p2, p)
@@ -130,7 +142,8 @@ static int dh_test(void)
if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
|| !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
|| !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR)
|| !TEST_false(i & DH_NOT_SUITABLE_GENERATOR))
|| !TEST_false(i & DH_NOT_SUITABLE_GENERATOR)
|| !TEST_false(i))
goto err3;
DH_get0_pqg(a, &ap, NULL, &ag);
@@ -193,7 +206,7 @@ static int dh_test(void)
BN_free(q);
BN_free(g);
err2:
/* an error occured before priv_key was assigned to dh */
/* an error occurred before priv_key was assigned to dh */
BN_free(priv_key);
err3:
success:
@@ -609,6 +622,63 @@ static int rfc5114_test(void)
TEST_error("Test failed RFC5114 set %d\n", i + 1);
return 0;
}
static int rfc7919_test(void)
{
DH *a = NULL, *b = NULL;
const BIGNUM *apub_key = NULL, *bpub_key = NULL;
unsigned char *abuf = NULL;
unsigned char *bbuf = NULL;
int i, alen, blen, aout, bout;
int ret = 0;
if (!TEST_ptr(a = DH_new_by_nid(NID_ffdhe2048)))
goto err;
if (!DH_check(a, &i))
goto err;
if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
|| !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
|| !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR)
|| !TEST_false(i & DH_NOT_SUITABLE_GENERATOR)
|| !TEST_false(i))
goto err;
if (!DH_generate_key(a))
goto err;
DH_get0_key(a, &apub_key, NULL);
/* now create another copy of the DH group for the peer */
if (!TEST_ptr(b = DH_new_by_nid(NID_ffdhe2048)))
goto err;
if (!DH_generate_key(b))
goto err;
DH_get0_key(b, &bpub_key, NULL);
alen = DH_size(a);
if (!TEST_ptr(abuf = OPENSSL_malloc(alen))
|| !TEST_true((aout = DH_compute_key(abuf, bpub_key, a)) != -1))
goto err;
blen = DH_size(b);
if (!TEST_ptr(bbuf = OPENSSL_malloc(blen))
|| !TEST_true((bout = DH_compute_key(bbuf, apub_key, b)) != -1))
goto err;
if (!TEST_true(aout >= 20)
|| !TEST_mem_eq(abuf, aout, bbuf, bout))
goto err;
ret = 1;
err:
OPENSSL_free(abuf);
OPENSSL_free(bbuf);
DH_free(a);
DH_free(b);
return ret;
}
#endif
@@ -619,6 +689,7 @@ int setup_tests(void)
#else
ADD_TEST(dh_test);
ADD_TEST(rfc5114_test);
ADD_TEST(rfc7919_test);
#endif
return 1;
}

47
test/drbgtest.c
View File

@@ -22,6 +22,13 @@
# include <windows.h>
#endif
#if defined(OPENSSL_SYS_UNIX)
# include <sys/types.h>
# include <sys/wait.h>
# include <unistd.h>
#endif
#include "testutil.h"
#include "drbgtest.h"
@@ -293,7 +300,7 @@ static int error_check(DRBG_SELFTEST_DATA *td)
* Personalisation string tests
*/
/* Test detection of too large personlisation string */
/* Test detection of too large personalisation string */
if (!init(drbg, td, &t)
|| RAND_DRBG_instantiate(drbg, td->pers, drbg->max_perslen + 1) > 0)
goto err;
@@ -669,6 +676,40 @@ static int test_drbg_reseed(int expect_success,
return 1;
}
#if defined(OPENSSL_SYS_UNIX)
/*
* Test whether master, public and private DRBG are reseeded after
* forking the process.
*/
static int test_drbg_reseed_after_fork(RAND_DRBG *master,
RAND_DRBG *public,
RAND_DRBG *private)
{
pid_t pid;
int status=0;
pid = fork();
if (!TEST_int_ge(pid, 0))
return 0;
if (pid > 0) {
/* I'm the parent; wait for the child and check its exit code */
return TEST_int_eq(waitpid(pid, &status, 0), pid) && TEST_int_eq(status, 0);
}
/* I'm the child; check whether all three DRBGs reseed. */
if (!TEST_true(test_drbg_reseed(1, master, public, private, 1, 1, 1, 0)))
status = 1;
/* Remove hooks */
unhook_drbg(master);
unhook_drbg(public);
unhook_drbg(private);
exit(status);
}
#endif
/*
* Test whether the default rand_method (RAND_OpenSSL()) is
* setup correctly, in particular whether reseeding works
@@ -755,6 +796,10 @@ static int test_rand_drbg_reseed(void)
goto error;
reset_drbg_hook_ctx();
#if defined(OPENSSL_SYS_UNIX)
if (!TEST_true(test_drbg_reseed_after_fork(master, public, private)))
goto error;
#endif
/* fill 'randomness' buffer with some arbitrary data */
memset(rand_add_buf, 'r', sizeof(rand_add_buf));

2
test/dtlstest.c
View File

@@ -96,7 +96,7 @@ static int test_dtls_unprocessed(int testidx)
/*
* Create the connection. We use "create_bare_ssl_connection" here so that
* we can force the connection to not do "SSL_read" once partly conencted.
* we can force the connection to not do "SSL_read" once partly connected.
* We don't want to accidentally read the dummy records we injected because
* they will fail to decrypt.
*/

444
test/ectest.c
View File

@@ -1519,6 +1519,271 @@ static const unsigned char p521_explicit[] = {
0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09, 0x02, 0x01, 0x01,
};
/*
* Sometime we cannot compare nids for equality, as the built-in curve table
* includes aliases with different names for the same curve.
*
* This function returns TRUE (1) if the checked nids are identical, or if they
* alias to the same curve. FALSE (0) otherwise.
*/
static ossl_inline
int are_ec_nids_compatible(int n1d, int n2d)
{
int ret = 0;
switch (n1d) {
# ifndef OPENSSL_NO_EC2M
case NID_sect113r1:
case NID_wap_wsg_idm_ecid_wtls4:
ret = (n2d == NID_sect113r1 || n2d == NID_wap_wsg_idm_ecid_wtls4);
break;
case NID_sect163k1:
case NID_wap_wsg_idm_ecid_wtls3:
ret = (n2d == NID_sect163k1 || n2d == NID_wap_wsg_idm_ecid_wtls3);
break;
case NID_sect233k1:
case NID_wap_wsg_idm_ecid_wtls10:
ret = (n2d == NID_sect233k1 || n2d == NID_wap_wsg_idm_ecid_wtls10);
break;
case NID_sect233r1:
case NID_wap_wsg_idm_ecid_wtls11:
ret = (n2d == NID_sect233r1 || n2d == NID_wap_wsg_idm_ecid_wtls11);
break;
case NID_X9_62_c2pnb163v1:
case NID_wap_wsg_idm_ecid_wtls5:
ret = (n2d == NID_X9_62_c2pnb163v1
|| n2d == NID_wap_wsg_idm_ecid_wtls5);
break;
# endif /* OPENSSL_NO_EC2M */
case NID_secp112r1:
case NID_wap_wsg_idm_ecid_wtls6:
ret = (n2d == NID_secp112r1 || n2d == NID_wap_wsg_idm_ecid_wtls6);
break;
case NID_secp160r2:
case NID_wap_wsg_idm_ecid_wtls7:
ret = (n2d == NID_secp160r2 || n2d == NID_wap_wsg_idm_ecid_wtls7);
break;
# ifdef OPENSSL_NO_EC_NISTP_64_GCC_128
case NID_secp224r1:
case NID_wap_wsg_idm_ecid_wtls12:
ret = (n2d == NID_secp224r1 || n2d == NID_wap_wsg_idm_ecid_wtls12);
break;
# else
/*
* For SEC P-224 we want to ensure that the SECP nid is returned, as
* that is associated with a specialized method.
*/
case NID_wap_wsg_idm_ecid_wtls12:
ret = (n2d == NID_secp224r1);
break;
# endif /* def(OPENSSL_NO_EC_NISTP_64_GCC_128) */
default:
ret = (n1d == n2d);
}
return ret;
}
/*
* This checks that EC_GROUP_bew_from_ecparameters() returns a "named"
* EC_GROUP for built-in curves.
*
* Note that it is possible to retrieve an alternative alias that does not match
* the original nid.
*
* Ensure that the OPENSSL_EC_EXPLICIT_CURVE ASN1 flag is set.
*/
static int check_named_curve_from_ecparameters(int id)
{
int ret = 0, nid, tnid;
EC_GROUP *group = NULL, *tgroup = NULL, *tmpg = NULL;
const EC_POINT *group_gen = NULL;
EC_POINT *other_gen = NULL;
BIGNUM *group_cofactor = NULL, *other_cofactor = NULL;
BIGNUM *other_gen_x = NULL, *other_gen_y = NULL;
const BIGNUM *group_order = NULL;
BIGNUM *other_order = NULL;
BN_CTX *bn_ctx = NULL;
static const unsigned char invalid_seed[] = "THIS IS NOT A VALID SEED";
static size_t invalid_seed_len = sizeof(invalid_seed);
ECPARAMETERS *params = NULL, *other_params = NULL;
EC_GROUP *g_ary[8] = {NULL};
EC_GROUP **g_next = &g_ary[0];
ECPARAMETERS *p_ary[8] = {NULL};
ECPARAMETERS **p_next = &p_ary[0];
/* Do some setup */
nid = curves[id].nid;
TEST_note("Curve %s", OBJ_nid2sn(nid));
if (!TEST_ptr(bn_ctx = BN_CTX_new()))
return ret;
BN_CTX_start(bn_ctx);
if (/* Allocations */
!TEST_ptr(group_cofactor = BN_CTX_get(bn_ctx))
|| !TEST_ptr(other_gen_x = BN_CTX_get(bn_ctx))
|| !TEST_ptr(other_gen_y = BN_CTX_get(bn_ctx))
|| !TEST_ptr(other_order = BN_CTX_get(bn_ctx))
|| !TEST_ptr(other_cofactor = BN_CTX_get(bn_ctx))
/* Generate reference group and params */
|| !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))
|| !TEST_ptr(params = EC_GROUP_get_ecparameters(group, NULL))
|| !TEST_ptr(group_gen = EC_GROUP_get0_generator(group))
|| !TEST_ptr(group_order = EC_GROUP_get0_order(group))
|| !TEST_true(EC_GROUP_get_cofactor(group, group_cofactor, NULL))
/* compute `other_*` values */
|| !TEST_ptr(tmpg = EC_GROUP_dup(group))
|| !TEST_ptr(other_gen = EC_POINT_dup(group_gen, group))
|| !TEST_true(EC_POINT_add(group, other_gen, group_gen, group_gen, NULL))
|| !TEST_true(EC_POINT_get_affine_coordinates(group, other_gen,
other_gen_x, other_gen_y, bn_ctx))
|| !TEST_true(BN_copy(other_order, group_order))
|| !TEST_true(BN_add_word(other_order, 1))
|| !TEST_true(BN_copy(other_cofactor, group_cofactor))
|| !TEST_true(BN_add_word(other_cofactor, 1)))
goto err;
EC_POINT_free(other_gen);
other_gen = NULL;
if (!TEST_ptr(other_gen = EC_POINT_new(tmpg))
|| !TEST_true(EC_POINT_set_affine_coordinates(tmpg, other_gen,
other_gen_x, other_gen_y,
bn_ctx)))
goto err;
/*
* ###########################
* # Actual tests start here #
* ###########################
*/
/*
* Creating a group from built-in explicit parameters returns a
* "named" EC_GROUP
*/
if (!TEST_ptr(tgroup = *g_next++ = EC_GROUP_new_from_ecparameters(params))
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef))
goto err;
/*
* We cannot always guarantee the names match, as the built-in table
* contains aliases for the same curve with different names.
*/
if (!TEST_true(are_ec_nids_compatible(nid, tnid))) {
TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid));
goto err;
}
/* Ensure that the OPENSSL_EC_EXPLICIT_CURVE ASN1 flag is set. */
if (!TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), OPENSSL_EC_EXPLICIT_CURVE))
goto err;
/*
* An invalid seed in the parameters should be ignored: expect a "named"
* group.
*/
if (!TEST_int_eq(EC_GROUP_set_seed(tmpg, invalid_seed, invalid_seed_len),
invalid_seed_len)
|| !TEST_ptr(other_params = *p_next++ =
EC_GROUP_get_ecparameters(tmpg, NULL))
|| !TEST_ptr(tgroup = *g_next++ =
EC_GROUP_new_from_ecparameters(other_params))
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|| !TEST_true(are_ec_nids_compatible(nid, tnid))
|| !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
OPENSSL_EC_EXPLICIT_CURVE)) {
TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid));
goto err;
}
/*
* A null seed in the parameters should be ignored, as it is optional:
* expect a "named" group.
*/
if (!TEST_int_eq(EC_GROUP_set_seed(tmpg, NULL, 0), 1)
|| !TEST_ptr(other_params = *p_next++ =
EC_GROUP_get_ecparameters(tmpg, NULL))
|| !TEST_ptr(tgroup = *g_next++ =
EC_GROUP_new_from_ecparameters(other_params))
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|| !TEST_true(are_ec_nids_compatible(nid, tnid))
|| !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
OPENSSL_EC_EXPLICIT_CURVE)) {
TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid));
goto err;
}
/*
* Check that changing any of the generator parameters does not yield a
* match with the built-in curves
*/
if (/* Other gen, same group order & cofactor */
!TEST_true(EC_GROUP_set_generator(tmpg, other_gen, group_order,
group_cofactor))
|| !TEST_ptr(other_params = *p_next++ =
EC_GROUP_get_ecparameters(tmpg, NULL))
|| !TEST_ptr(tgroup = *g_next++ =
EC_GROUP_new_from_ecparameters(other_params))
|| !TEST_int_eq((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
/* Same gen & cofactor, different order */
|| !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, other_order,
group_cofactor))
|| !TEST_ptr(other_params = *p_next++ =
EC_GROUP_get_ecparameters(tmpg, NULL))
|| !TEST_ptr(tgroup = *g_next++ =
EC_GROUP_new_from_ecparameters(other_params))
|| !TEST_int_eq((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
/* The order is not an optional field, so this should fail */
|| !TEST_false(EC_GROUP_set_generator(tmpg, group_gen, NULL,
group_cofactor))
/* Check that a wrong cofactor is ignored, and we still match */
|| !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order,
other_cofactor))
|| !TEST_ptr(other_params = *p_next++ =
EC_GROUP_get_ecparameters(tmpg, NULL))
|| !TEST_ptr(tgroup = *g_next++ =
EC_GROUP_new_from_ecparameters(other_params))
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|| !TEST_true(are_ec_nids_compatible(nid, tnid))
|| !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
OPENSSL_EC_EXPLICIT_CURVE)
/* Check that if the cofactor is not set then it still matches */
|| !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order,
NULL))
|| !TEST_ptr(other_params = *p_next++ =
EC_GROUP_get_ecparameters(tmpg, NULL))
|| !TEST_ptr(tgroup = *g_next++ =
EC_GROUP_new_from_ecparameters(other_params))
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|| !TEST_true(are_ec_nids_compatible(nid, tnid))
|| !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
OPENSSL_EC_EXPLICIT_CURVE)
/* check that restoring the generator passes */
|| !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order,
group_cofactor))
|| !TEST_ptr(other_params = *p_next++ =
EC_GROUP_get_ecparameters(tmpg, NULL))
|| !TEST_ptr(tgroup = *g_next++ =
EC_GROUP_new_from_ecparameters(other_params))
|| !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
|| !TEST_true(are_ec_nids_compatible(nid, tnid))
|| !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
OPENSSL_EC_EXPLICIT_CURVE))
goto err;
ret = 1;
err:
for (g_next = &g_ary[0]; g_next < g_ary + OSSL_NELEM(g_ary); g_next++)
EC_GROUP_free(*g_next);
for (p_next = &p_ary[0]; p_next < p_ary + OSSL_NELEM(g_ary); p_next++)
ECPARAMETERS_free(*p_next);
ECPARAMETERS_free(params);
EC_POINT_free(other_gen);
EC_GROUP_free(tmpg);
EC_GROUP_free(group);
BN_CTX_end(bn_ctx);
BN_CTX_free(bn_ctx);
return ret;
}
static int parameter_test(void)
{
EC_GROUP *group = NULL, *group2 = NULL;
@@ -1561,6 +1826,179 @@ err:
OPENSSL_free(buf);
return r;
}
/*-
* random 256-bit explicit parameters curve, cofactor absent
* order: 0x0c38d96a9f892b88772ec2e39614a82f4f (132 bit)
* cofactor: 0x12bc94785251297abfafddf1565100da (125 bit)
*/
static const unsigned char params_cf_pass[] = {
0x30, 0x81, 0xcd, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xe5, 0x00, 0x1f, 0xc5,
0xca, 0x71, 0x9d, 0x8e, 0xf7, 0x07, 0x4b, 0x48, 0x37, 0xf9, 0x33, 0x2d,
0x71, 0xbf, 0x79, 0xe7, 0xdc, 0x91, 0xc2, 0xff, 0xb6, 0x7b, 0xc3, 0x93,
0x44, 0x88, 0xe6, 0x91, 0x30, 0x44, 0x04, 0x20, 0xe5, 0x00, 0x1f, 0xc5,
0xca, 0x71, 0x9d, 0x8e, 0xf7, 0x07, 0x4b, 0x48, 0x37, 0xf9, 0x33, 0x2d,
0x71, 0xbf, 0x79, 0xe7, 0xdc, 0x91, 0xc2, 0xff, 0xb6, 0x7b, 0xc3, 0x93,
0x44, 0x88, 0xe6, 0x8e, 0x04, 0x20, 0x18, 0x8c, 0x59, 0x57, 0xc4, 0xbc,
0x85, 0x57, 0xc3, 0x66, 0x9f, 0x89, 0xd5, 0x92, 0x0d, 0x7e, 0x42, 0x27,
0x07, 0x64, 0xaa, 0x26, 0xed, 0x89, 0xc4, 0x09, 0x05, 0x4d, 0xc7, 0x23,
0x47, 0xda, 0x04, 0x41, 0x04, 0x1b, 0x6b, 0x41, 0x0b, 0xf9, 0xfb, 0x77,
0xfd, 0x50, 0xb7, 0x3e, 0x23, 0xa3, 0xec, 0x9a, 0x3b, 0x09, 0x31, 0x6b,
0xfa, 0xf6, 0xce, 0x1f, 0xff, 0xeb, 0x57, 0x93, 0x24, 0x70, 0xf3, 0xf4,
0xba, 0x7e, 0xfa, 0x86, 0x6e, 0x19, 0x89, 0xe3, 0x55, 0x6d, 0x5a, 0xe9,
0xc0, 0x3d, 0xbc, 0xfb, 0xaf, 0xad, 0xd4, 0x7e, 0xa6, 0xe5, 0xfa, 0x1a,
0x58, 0x07, 0x9e, 0x8f, 0x0d, 0x3b, 0xf7, 0x38, 0xca, 0x02, 0x11, 0x0c,
0x38, 0xd9, 0x6a, 0x9f, 0x89, 0x2b, 0x88, 0x77, 0x2e, 0xc2, 0xe3, 0x96,
0x14, 0xa8, 0x2f, 0x4f
};
/*-
* random 256-bit explicit parameters curve, cofactor absent
* order: 0x045a75c0c17228ebd9b169a10e34a22101 (131 bit)
* cofactor: 0x2e134b4ede82649f67a2e559d361e5fe (126 bit)
*/
static const unsigned char params_cf_fail[] = {
0x30, 0x81, 0xcd, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86,
0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xc8, 0x95, 0x27, 0x37,
0xe8, 0xe1, 0xfd, 0xcc, 0xf9, 0x6e, 0x0c, 0xa6, 0x21, 0xc1, 0x7d, 0x6b,
0x9d, 0x44, 0x42, 0xea, 0x73, 0x4e, 0x04, 0xb6, 0xac, 0x62, 0x50, 0xd0,
0x33, 0xc2, 0xea, 0x13, 0x30, 0x44, 0x04, 0x20, 0xc8, 0x95, 0x27, 0x37,
0xe8, 0xe1, 0xfd, 0xcc, 0xf9, 0x6e, 0x0c, 0xa6, 0x21, 0xc1, 0x7d, 0x6b,
0x9d, 0x44, 0x42, 0xea, 0x73, 0x4e, 0x04, 0xb6, 0xac, 0x62, 0x50, 0xd0,
0x33, 0xc2, 0xea, 0x10, 0x04, 0x20, 0xbf, 0xa6, 0xa8, 0x05, 0x1d, 0x09,
0xac, 0x70, 0x39, 0xbb, 0x4d, 0xb2, 0x90, 0x8a, 0x15, 0x41, 0x14, 0x1d,
0x11, 0x86, 0x9f, 0x13, 0xa2, 0x63, 0x1a, 0xda, 0x95, 0x22, 0x4d, 0x02,
0x15, 0x0a, 0x04, 0x41, 0x04, 0xaf, 0x16, 0x71, 0xf9, 0xc4, 0xc8, 0x59,
0x1d, 0xa3, 0x6f, 0xe7, 0xc3, 0x57, 0xa1, 0xfa, 0x9f, 0x49, 0x7c, 0x11,
0x27, 0x05, 0xa0, 0x7f, 0xff, 0xf9, 0xe0, 0xe7, 0x92, 0xdd, 0x9c, 0x24,
0x8e, 0xc7, 0xb9, 0x52, 0x71, 0x3f, 0xbc, 0x7f, 0x6a, 0x9f, 0x35, 0x70,
0xe1, 0x27, 0xd5, 0x35, 0x8a, 0x13, 0xfa, 0xa8, 0x33, 0x3e, 0xd4, 0x73,
0x1c, 0x14, 0x58, 0x9e, 0xc7, 0x0a, 0x87, 0x65, 0x8d, 0x02, 0x11, 0x04,
0x5a, 0x75, 0xc0, 0xc1, 0x72, 0x28, 0xeb, 0xd9, 0xb1, 0x69, 0xa1, 0x0e,
0x34, 0xa2, 0x21, 0x01
};
/*-
* Test two random 256-bit explicit parameters curves with absent cofactor.
* The two curves are chosen to roughly straddle the bounds at which the lib
* can compute the cofactor automatically, roughly 4*sqrt(p). So test that:
*
* - params_cf_pass: order is sufficiently close to p to compute cofactor
* - params_cf_fail: order is too far away from p to compute cofactor
*
* For standards-compliant curves, cofactor is chosen as small as possible.
* So you can see neither of these curves are fit for cryptographic use.
*
* Some standards even mandate an upper bound on the cofactor, e.g. SECG1 v2:
* h <= 2**(t/8) where t is the security level of the curve, for which the lib
* will always succeed in computing the cofactor. Neither of these curves
* conform to that -- this is just robustness testing.
*/
static int cofactor_range_test(void)
{
EC_GROUP *group = NULL;
BIGNUM *cf = NULL;
int ret = 0;
const unsigned char *b1 = (const unsigned char *)params_cf_fail;
const unsigned char *b2 = (const unsigned char *)params_cf_pass;
if (!TEST_ptr(group = d2i_ECPKParameters(NULL, &b1, sizeof(params_cf_fail)))
|| !TEST_BN_eq_zero(EC_GROUP_get0_cofactor(group))
|| !TEST_ptr(group = d2i_ECPKParameters(&group, &b2,
sizeof(params_cf_pass)))
|| !TEST_int_gt(BN_hex2bn(&cf, "12bc94785251297abfafddf1565100da"), 0)
|| !TEST_BN_eq(cf, EC_GROUP_get0_cofactor(group)))
goto err;
ret = 1;
err:
BN_free(cf);
EC_GROUP_free(group);
return ret;
}
/*-
* For named curves, test that:
* - the lib correctly computes the cofactor if passed a NULL or zero cofactor
* - a nonsensical cofactor throws an error (negative test)
* - nonsensical orders throw errors (negative tests)
*/
static int cardinality_test(int n)
{
int ret = 0;
int nid = curves[n].nid;
BN_CTX *ctx = NULL;
EC_GROUP *g1 = NULL, *g2 = NULL;
EC_POINT *g2_gen = NULL;
BIGNUM *g1_p = NULL, *g1_a = NULL, *g1_b = NULL, *g1_x = NULL, *g1_y = NULL,
*g1_order = NULL, *g1_cf = NULL, *g2_cf = NULL;
TEST_info("Curve %s cardinality test", OBJ_nid2sn(nid));
if (!TEST_ptr(ctx = BN_CTX_new())
|| !TEST_ptr(g1 = EC_GROUP_new_by_curve_name(nid))
|| !TEST_ptr(g2 = EC_GROUP_new(EC_GROUP_method_of(g1)))) {
EC_GROUP_free(g1);
EC_GROUP_free(g2);
BN_CTX_free(ctx);
return 0;
}
BN_CTX_start(ctx);
g1_p = BN_CTX_get(ctx);
g1_a = BN_CTX_get(ctx);
g1_b = BN_CTX_get(ctx);
g1_x = BN_CTX_get(ctx);
g1_y = BN_CTX_get(ctx);
g1_order = BN_CTX_get(ctx);
g1_cf = BN_CTX_get(ctx);
if (!TEST_ptr(g2_cf = BN_CTX_get(ctx))
/* pull out the explicit curve parameters */
|| !TEST_true(EC_GROUP_get_curve(g1, g1_p, g1_a, g1_b, ctx))
|| !TEST_true(EC_POINT_get_affine_coordinates(g1,
EC_GROUP_get0_generator(g1), g1_x, g1_y, ctx))
|| !TEST_true(BN_copy(g1_order, EC_GROUP_get0_order(g1)))
|| !TEST_true(EC_GROUP_get_cofactor(g1, g1_cf, ctx))
/* construct g2 manually with g1 parameters */
|| !TEST_true(EC_GROUP_set_curve(g2, g1_p, g1_a, g1_b, ctx))
|| !TEST_ptr(g2_gen = EC_POINT_new(g2))
|| !TEST_true(EC_POINT_set_affine_coordinates(g2, g2_gen, g1_x, g1_y, ctx))
/* pass NULL cofactor: lib should compute it */
|| !TEST_true(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))
|| !TEST_true(EC_GROUP_get_cofactor(g2, g2_cf, ctx))
|| !TEST_BN_eq(g1_cf, g2_cf)
/* pass zero cofactor: lib should compute it */
|| !TEST_true(BN_set_word(g2_cf, 0))
|| !TEST_true(EC_GROUP_set_generator(g2, g2_gen, g1_order, g2_cf))
|| !TEST_true(EC_GROUP_get_cofactor(g2, g2_cf, ctx))
|| !TEST_BN_eq(g1_cf, g2_cf)
/* negative test for invalid cofactor */
|| !TEST_true(BN_set_word(g2_cf, 0))
|| !TEST_true(BN_sub(g2_cf, g2_cf, BN_value_one()))
|| !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, g2_cf))
/* negative test for NULL order */
|| !TEST_false(EC_GROUP_set_generator(g2, g2_gen, NULL, NULL))
/* negative test for zero order */
|| !TEST_true(BN_set_word(g1_order, 0))
|| !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))
/* negative test for negative order */
|| !TEST_true(BN_set_word(g2_cf, 0))
|| !TEST_true(BN_sub(g2_cf, g2_cf, BN_value_one()))
|| !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))
/* negative test for too large order */
|| !TEST_true(BN_lshift(g1_order, g1_p, 2))
|| !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL)))
goto err;
ret = 1;
err:
EC_POINT_free(g2_gen);
EC_GROUP_free(g1);
EC_GROUP_free(g2);
BN_CTX_end(ctx);
BN_CTX_free(ctx);
return ret;
}
#endif
int setup_tests(void)
@@ -1572,6 +2010,8 @@ int setup_tests(void)
return 0;
ADD_TEST(parameter_test);
ADD_TEST(cofactor_range_test);
ADD_ALL_TESTS(cardinality_test, crv_len);
ADD_TEST(prime_field_tests);
# ifndef OPENSSL_NO_EC2M
ADD_TEST(char2_field_tests);
@@ -1583,7 +2023,9 @@ int setup_tests(void)
# endif
ADD_ALL_TESTS(internal_curve_test, crv_len);
ADD_ALL_TESTS(internal_curve_test_method, crv_len);
#endif
ADD_ALL_TESTS(check_named_curve_from_ecparameters, crv_len);
#endif /* OPENSSL_NO_EC */
return 1;
}

19
test/enginetest.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -120,8 +120,12 @@ static int test_engines(void)
display_engine_list();
/*
* Depending on whether there's any hardware support compiled in, this
* remove may be destined to fail.
* At this point, we should have an empty list, unless some hardware
* support engine got added. However, since we don't allow the config
* file to be loaded and don't otherwise load any built in engines,
* that is unlikely. Still, we check, if for nothing else, then to
* notify that something is a little off (and might mean that |new_h1|
* wasn't unloaded when it should have)
*/
if ((ptr = ENGINE_get_first()) != NULL) {
if (!ENGINE_remove(ptr))
@@ -346,6 +350,15 @@ static int test_redirect(void)
}
#endif
int global_init(void)
{
/*
* If the config file gets loaded, the dynamic engine will be loaded,
* and that interferes with our test above.
*/
return OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL);
}
int setup_tests(void)
{
#ifdef OPENSSL_NO_ENGINE

2
test/evp_extra_test.c
View File

@@ -300,7 +300,7 @@ static const unsigned char kExampleECPubKeyDER[] = {
};
/*
* kExampleBadECKeyDER is a sample EC public key with a wrong OID
* kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
* 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
*/
static const unsigned char kExampleBadECPubKeyDER[] = {

34
test/evp_test.c
View File

@@ -403,6 +403,28 @@ static int digest_test_run(EVP_TEST *t)
}
if (EVP_MD_flags(expected->digest) & EVP_MD_FLAG_XOF) {
EVP_MD_CTX *mctx_cpy;
char dont[] = "touch";
if (!TEST_ptr(mctx_cpy = EVP_MD_CTX_new())) {
goto err;
}
if (!EVP_MD_CTX_copy(mctx_cpy, mctx)) {
EVP_MD_CTX_free(mctx_cpy);
goto err;
}
if (!EVP_DigestFinalXOF(mctx_cpy, (unsigned char *)dont, 0)) {
EVP_MD_CTX_free(mctx_cpy);
t->err = "DIGESTFINALXOF_ERROR";
goto err;
}
if (!TEST_str_eq(dont, "touch")) {
EVP_MD_CTX_free(mctx_cpy);
t->err = "DIGESTFINALXOF_ERROR";
goto err;
}
EVP_MD_CTX_free(mctx_cpy);
got_len = expected->output_len;
if (!EVP_DigestFinalXOF(mctx, got, got_len)) {
t->err = "DIGESTFINALXOF_ERROR";
@@ -532,7 +554,7 @@ static int cipher_test_parse(EVP_TEST *t, const char *keyword,
else if (strcmp(value, "FALSE") == 0)
cdat->tag_late = 0;
else
return 0;
return -1;
return 1;
}
}
@@ -543,7 +565,7 @@ static int cipher_test_parse(EVP_TEST *t, const char *keyword,
else if (strcmp(value, "DECRYPT") == 0)
cdat->enc = 0;
else
return 0;
return -1;
return 1;
}
return 0;
@@ -923,7 +945,7 @@ static int mac_test_parse(EVP_TEST *t,
if (strcmp(keyword, "Algorithm") == 0) {
mdata->alg = OPENSSL_strdup(value);
if (!mdata->alg)
return 0;
return -1;
return 1;
}
if (strcmp(keyword, "Input") == 0)
@@ -1270,9 +1292,9 @@ static int pderive_test_parse(EVP_TEST *t,
if (strcmp(keyword, "PeerKey") == 0) {
EVP_PKEY *peer;
if (find_key(&peer, value, public_keys) == 0)
return 0;
return -1;
if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0)
return 0;
return -1;
return 1;
}
if (strcmp(keyword, "SharedSecret") == 0)
@@ -2120,7 +2142,7 @@ static int digestsigver_test_parse(EVP_TEST *t,
}
if (strcmp(keyword, "Ctrl") == 0) {
if (mdata->pctx == NULL)
return 0;
return -1;
return pkey_test_ctrl(t, mdata->pctx, value);
}
return 0;

11
test/recipes/30-test_evp_data/evpciph.txt
View File

@@ -1190,7 +1190,18 @@ Result = CIPHERFINAL_ERROR
Title = AES XTS test vectors from IEEE Std 1619-2007
# Using the same key twice for encryption is always banned.
Cipher = aes-128-xts
Operation = ENCRYPT
Key = 0000000000000000000000000000000000000000000000000000000000000000
IV = 00000000000000000000000000000000
Plaintext = 0000000000000000000000000000000000000000000000000000000000000000
Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
Result = KEY_SET_ERROR
# Using the same key twice for decryption is allowed outside of FIPS mode.
Cipher = aes-128-xts
Operation = DECRYPT
Key = 0000000000000000000000000000000000000000000000000000000000000000
IV = 00000000000000000000000000000000
Plaintext = 0000000000000000000000000000000000000000000000000000000000000000

27
test/recipes/70-test_sslmessages.t
View File

@@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -95,58 +95,81 @@ my $proxy = TLSProxy::Proxy->new(
@extensions = (
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
TLSProxy::Message::CLIENT,
checkhandshake::SERVER_NAME_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
TLSProxy::Message::CLIENT,
checkhandshake::STATUS_REQUEST_CLI_EXTENSION],
(disabled("ec") ? () :
[TLSProxy::Message::MT_CLIENT_HELLO,
TLSProxy::Message::EXT_SUPPORTED_GROUPS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS]),
(disabled("ec") ? () :
[TLSProxy::Message::MT_CLIENT_HELLO,
TLSProxy::Message::EXT_EC_POINT_FORMATS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS]),
(disabled("tls1_2") ? () :
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS]),
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN,
TLSProxy::Message::CLIENT,
checkhandshake::ALPN_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT,
TLSProxy::Message::CLIENT,
checkhandshake::SCT_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_RENEGOTIATE,
TLSProxy::Message::CLIENT,
checkhandshake::RENEGOTIATE_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_NPN,
TLSProxy::Message::CLIENT,
checkhandshake::NPN_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SRP,
TLSProxy::Message::CLIENT,
checkhandshake::SRP_CLI_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_RENEGOTIATE,
TLSProxy::Message::SERVER,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
TLSProxy::Message::SERVER,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
TLSProxy::Message::SERVER,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
TLSProxy::Message::SERVER,
checkhandshake::SESSION_TICKET_SRV_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
TLSProxy::Message::SERVER,
checkhandshake::SERVER_NAME_SRV_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
TLSProxy::Message::SERVER,
checkhandshake::STATUS_REQUEST_SRV_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ALPN,
TLSProxy::Message::SERVER,
checkhandshake::ALPN_SRV_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SCT,
TLSProxy::Message::SERVER,
checkhandshake::SCT_SRV_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_NPN,
TLSProxy::Message::SERVER,
checkhandshake::NPN_SRV_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS,
TLSProxy::Message::SERVER,
checkhandshake::EC_POINT_FORMAT_SRV_EXTENSION],
[0,0,0]
[0,0,0,0]
);
#Test 1: Check we get all the right messages for a default handshake

38
test/recipes/70-test_tls13kexmodes.t
View File

@@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -62,78 +62,112 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");
@extensions = (
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
TLSProxy::Message::CLIENT,
checkhandshake::SERVER_NAME_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
TLSProxy::Message::CLIENT,
checkhandshake::STATUS_REQUEST_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN,
TLSProxy::Message::CLIENT,
checkhandshake::ALPN_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT,
TLSProxy::Message::CLIENT,
checkhandshake::SCT_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES,
TLSProxy::Message::CLIENT,
checkhandshake::PSK_KEX_MODES_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK,
TLSProxy::Message::CLIENT,
checkhandshake::PSK_CLI_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
TLSProxy::Message::SERVER,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
TLSProxy::Message::SERVER,
checkhandshake::KEY_SHARE_HRR_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
TLSProxy::Message::CLIENT,
checkhandshake::SERVER_NAME_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
TLSProxy::Message::CLIENT,
checkhandshake::STATUS_REQUEST_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN,
TLSProxy::Message::CLIENT,
checkhandshake::ALPN_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT,
TLSProxy::Message::CLIENT,
checkhandshake::SCT_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES,
TLSProxy::Message::CLIENT,
checkhandshake::PSK_KEX_MODES_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK,
TLSProxy::Message::CLIENT,
checkhandshake::PSK_CLI_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
TLSProxy::Message::SERVER,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
TLSProxy::Message::SERVER,
checkhandshake::KEY_SHARE_SRV_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_PSK,
TLSProxy::Message::SERVER,
checkhandshake::PSK_SRV_EXTENSION],
[TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST,
TLSProxy::Message::SERVER,
checkhandshake::STATUS_REQUEST_SRV_EXTENSION],
[0,0,0]
[0,0,0,0]
);
use constant {

91
test/recipes/70-test_tls13messages.t
View File

@@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -62,92 +62,136 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");
@extensions = (
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
TLSProxy::Message::CLIENT,
checkhandshake::SERVER_NAME_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
TLSProxy::Message::CLIENT,
checkhandshake::STATUS_REQUEST_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN,
TLSProxy::Message::CLIENT,
checkhandshake::ALPN_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT,
TLSProxy::Message::CLIENT,
checkhandshake::SCT_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK,
TLSProxy::Message::CLIENT,
checkhandshake::PSK_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH,
TLSProxy::Message::CLIENT,
checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
TLSProxy::Message::SERVER,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
TLSProxy::Message::SERVER,
checkhandshake::KEY_SHARE_HRR_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
TLSProxy::Message::CLIENT,
checkhandshake::SERVER_NAME_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
TLSProxy::Message::CLIENT,
checkhandshake::STATUS_REQUEST_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN,
TLSProxy::Message::CLIENT,
checkhandshake::ALPN_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT,
TLSProxy::Message::CLIENT,
checkhandshake::SCT_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES,
TLSProxy::Message::CLIENT,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK,
TLSProxy::Message::CLIENT,
checkhandshake::PSK_CLI_EXTENSION],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH,
TLSProxy::Message::CLIENT,
checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
TLSProxy::Message::SERVER,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
TLSProxy::Message::SERVER,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_PSK,
TLSProxy::Message::SERVER,
checkhandshake::PSK_SRV_EXTENSION],
[TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SERVER_NAME,
TLSProxy::Message::SERVER,
checkhandshake::SERVER_NAME_SRV_EXTENSION],
[TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_ALPN,
TLSProxy::Message::SERVER,
checkhandshake::ALPN_SRV_EXTENSION],
[TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
TLSProxy::Message::SERVER,
checkhandshake::SUPPORTED_GROUPS_SRV_EXTENSION],
[TLSProxy::Message::MT_CERTIFICATE_REQUEST, TLSProxy::Message::EXT_SIG_ALGS,
TLSProxy::Message::SERVER,
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST,
TLSProxy::Message::SERVER,
checkhandshake::STATUS_REQUEST_SRV_EXTENSION],
[TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_SCT,
TLSProxy::Message::SERVER,
checkhandshake::SCT_SRV_EXTENSION],
[0,0,0]
[0,0,0,0]
);
my $proxy = TLSProxy::Proxy->new(
@@ -163,7 +207,7 @@ $proxy->serverconnects(2);
$proxy->clientflags("-sess_out ".$session);
$proxy->sessionfile($session);
$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
plan tests => 16;
plan tests => 17;
checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
checkhandshake::DEFAULT_EXTENSIONS,
"Default handshake test");
@@ -179,7 +223,7 @@ checkhandshake($proxy, checkhandshake::RESUME_HANDSHAKE,
"Resumption handshake test");
SKIP: {
skip "No OCSP support in this OpenSSL build", 3
skip "No OCSP support in this OpenSSL build", 4
if disabled("ct") || disabled("ec") || disabled("ocsp");
#Test 3: A status_request handshake (client request only)
$proxy->clear();
@@ -210,9 +254,23 @@ SKIP: {
| checkhandshake::STATUS_REQUEST_CLI_EXTENSION
| checkhandshake::STATUS_REQUEST_SRV_EXTENSION,
"status_request handshake test");
#Test 6: A status_request handshake (client and server) with client auth
$proxy->clear();
$proxy->clientflags("-status -enable_pha -cert "
.srctop_file("apps", "server.pem"));
$proxy->serverflags("-Verify 5 -status_file "
.srctop_file("test", "recipes", "ocsp-response.der"));
$proxy->start();
checkhandshake($proxy, checkhandshake::CLIENT_AUTH_HANDSHAKE,
checkhandshake::DEFAULT_EXTENSIONS
| checkhandshake::STATUS_REQUEST_CLI_EXTENSION
| checkhandshake::STATUS_REQUEST_SRV_EXTENSION
| checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION,
"status_request handshake with client auth test");
}
#Test 6: A client auth handshake
#Test 7: A client auth handshake
$proxy->clear();
$proxy->clientflags("-enable_pha -cert ".srctop_file("apps", "server.pem"));
$proxy->serverflags("-Verify 5");
@@ -222,7 +280,7 @@ checkhandshake($proxy, checkhandshake::CLIENT_AUTH_HANDSHAKE,
checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION,
"Client auth handshake test");
#Test 7: Server name handshake (no client request)
#Test 8: Server name handshake (no client request)
$proxy->clear();
$proxy->clientflags("-noservername");
$proxy->start();
@@ -231,7 +289,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
& ~checkhandshake::SERVER_NAME_CLI_EXTENSION,
"Server name handshake test (client)");
#Test 8: Server name handshake (server support only)
#Test 9: Server name handshake (server support only)
$proxy->clear();
$proxy->clientflags("-noservername");
$proxy->serverflags("-servername testhost");
@@ -241,7 +299,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
& ~checkhandshake::SERVER_NAME_CLI_EXTENSION,
"Server name handshake test (server)");
#Test 9: Server name handshake (client and server)
#Test 10: Server name handshake (client and server)
$proxy->clear();
$proxy->clientflags("-servername testhost");
$proxy->serverflags("-servername testhost");
@@ -251,7 +309,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
| checkhandshake::SERVER_NAME_SRV_EXTENSION,
"Server name handshake test");
#Test 10: ALPN handshake (client request only)
#Test 11: ALPN handshake (client request only)
$proxy->clear();
$proxy->clientflags("-alpn test");
$proxy->start();
@@ -260,7 +318,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
| checkhandshake::ALPN_CLI_EXTENSION,
"ALPN handshake test (client)");
#Test 11: ALPN handshake (server support only)
#Test 12: ALPN handshake (server support only)
$proxy->clear();
$proxy->serverflags("-alpn test");
$proxy->start();
@@ -268,7 +326,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
checkhandshake::DEFAULT_EXTENSIONS,
"ALPN handshake test (server)");
#Test 12: ALPN handshake (client and server)
#Test 13: ALPN handshake (client and server)
$proxy->clear();
$proxy->clientflags("-alpn test");
$proxy->serverflags("-alpn test");
@@ -283,7 +341,7 @@ SKIP: {
skip "No CT, EC or OCSP support in this OpenSSL build", 1
if disabled("ct") || disabled("ec") || disabled("ocsp");
#Test 13: SCT handshake (client request only)
#Test 14: SCT handshake (client request only)
$proxy->clear();
#Note: -ct also sends status_request
$proxy->clientflags("-ct");
@@ -300,10 +358,7 @@ SKIP: {
"SCT handshake test");
}
#Test 14: HRR Handshake
#Test 15: HRR Handshake
$proxy->clear();
$proxy->serverflags("-curves P-256");
$proxy->start();
@@ -312,7 +367,7 @@ checkhandshake($proxy, checkhandshake::HRR_HANDSHAKE,
| checkhandshake::KEY_SHARE_HRR_EXTENSION,
"HRR handshake test");
#Test 15: Resumption handshake with HRR
#Test 16: Resumption handshake with HRR
$proxy->clear();
$proxy->clientflags("-sess_in ".$session);
$proxy->serverflags("-curves P-256");
@@ -324,7 +379,7 @@ checkhandshake($proxy, checkhandshake::HRR_RESUME_HANDSHAKE,
| checkhandshake::PSK_SRV_EXTENSION),
"Resumption handshake with HRR test");
#Test 16: Acceptable but non preferred key_share
#Test 17: Acceptable but non preferred key_share
$proxy->clear();
$proxy->clientflags("-curves P-256");
$proxy->start();

69
test/recipes/80-test_cms.t
View File

@@ -21,12 +21,13 @@ setup("test_cms");
plan skip_all => "CMS is not supported by this OpenSSL build"
if disabled("cms");
my $datadir = srctop_dir("test", "recipes", "80-test_cms_data");
my $smdir = srctop_dir("test", "smime-certs");
my $smcont = srctop_file("test", "smcont.txt");
my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
= disabled qw/des dh dsa ec ec2m rc2 zlib/;
plan tests => 4;
plan tests => 6;
my @smime_pkcs7_tests = (
@@ -400,6 +401,26 @@ my @smime_cms_param_tests = (
]
);
my @contenttype_cms_test = (
[ "signed content test - check that content type is added to additional signerinfo, RSA keys",
[ "-sign", "-binary", "-nodetach", "-stream", "-in", $smcont, "-outform", "DER",
"-signer", catfile($smdir, "smrsa1.pem"), "-md", "SHA256",
"-out", "test.cms" ],
[ "-resign", "-binary", "-nodetach", "-in", "test.cms", "-inform", "DER", "-outform", "DER",
"-signer", catfile($smdir, "smrsa2.pem"), "-md", "SHA256",
"-out", "test2.cms" ],
[ "-verify", "-in", "test2.cms", "-inform", "DER",
"-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
],
);
my @incorrect_attribute_cms_test = (
"bad_signtime_attr.cms",
"no_ct_attr.cms",
"no_md_attr.cms",
"ct_multiple_attr.cms"
);
subtest "CMS => PKCS#7 compatibility tests\n" => sub {
plan tests => scalar @smime_pkcs7_tests;
@@ -493,6 +514,52 @@ subtest "CMS <=> CMS consistency tests, modified key parameters\n" => sub {
}
};
# Returns the number of matches of a Content Type Attribute in a binary file.
sub contentType_matches {
# Read in a binary file
my ($in) = @_;
open (HEX_IN, "$in") or die("open failed for $in : $!");
binmode(HEX_IN);
local $/;
my $str = <HEX_IN>;
# Find ASN1 data for a Content Type Attribute (with a OID of PKCS7 data)
my @c = $str =~ /\x30\x18\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x09\x03\x31\x0B\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x07\x01/gs;
close(HEX_IN);
return scalar(@c);
}
subtest "CMS Check the content type attribute is added for additional signers\n" => sub {
plan tests =>
(scalar @contenttype_cms_test);
foreach (@contenttype_cms_test) {
SKIP: {
my $skip_reason = check_availability($$_[0]);
skip $skip_reason, 1 if $skip_reason;
ok(run(app(["openssl", "cms", @{$$_[1]}]))
&& run(app(["openssl", "cms", @{$$_[2]}]))
&& contentType_matches("test2.cms") == 2
&& run(app(["openssl", "cms", @{$$_[3]}])),
$$_[0]);
}
}
};
subtest "CMS Check that bad attributes fail when verifying signers\n" => sub {
plan tests =>
(scalar @incorrect_attribute_cms_test);
foreach my $name (@incorrect_attribute_cms_test) {
ok(!run(app(["openssl", "cms", "-verify", "-in",
catfile($datadir, $name), "-inform", "DER", "-CAfile",
catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ])),
$name);
}
};
unlink "test.cms";
unlink "test2.cms";
unlink "smtst.txt";

BIN
test/recipes/80-test_cms_data/bad_signtime_attr.cms Normal file
View File

Binary file not shown.

BIN
test/recipes/80-test_cms_data/ct_multiple_attr.cms Normal file
View File

Binary file not shown.

BIN
test/recipes/80-test_cms_data/no_ct_attr.cms Normal file
View File

Binary file not shown.

BIN
test/recipes/80-test_cms_data/no_md_attr.cms Normal file
View File

Binary file not shown.

7
test/recipes/90-test_sslapi.t
View File

@@ -1,5 +1,5 @@
#! /usr/bin/env perl
# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -8,7 +8,7 @@
use OpenSSL::Test::Utils;
use OpenSSL::Test qw/:DEFAULT srctop_file/;
use OpenSSL::Test qw/:DEFAULT srctop_file srctop_dir/;
use File::Temp qw(tempfile);
setup("test_sslapi");
@@ -20,8 +20,7 @@ plan tests => 1;
(undef, my $tmpfilename) = tempfile();
ok(run(test(["sslapitest", srctop_file("apps", "server.pem"),
srctop_file("apps", "server.pem"),
ok(run(test(["sslapitest", srctop_dir("test", "certs"),
srctop_file("test", "recipes", "90-test_sslapi_data",
"passwd.txt"), $tmpfilename])),
"running sslapitest");

870
test/ssl-tests/20-cert-select.conf
View File

File diff suppressed because it is too large Load Diff

66
test/ssl-tests/20-cert-select.conf.in
View File

@@ -36,6 +36,12 @@ my $server_pss_only = {
"PrivateKey" => test_pem("server-pss-key.pem"),
};
my $server_pss_restrict_only = {
"Certificate" => test_pem("server-pss-restrict-cert.pem"),
"PrivateKey" => test_pem("server-pss-restrict-key.pem"),
};
my $server_rsa_all = {
"PSS.Certificate" => test_pem("server-pss-cert.pem"),
"PSS.PrivateKey" => test_pem("server-pss-key.pem"),
@@ -379,6 +385,19 @@ our @tests = (
"ExpectedResult" => "Success"
},
},
{
name => "Only RSA-PSS Certificate Valid Signature Algorithms",
server => $server_pss_only,
client => {
"SignatureAlgorithms" => "rsa_pss_pss_sha512",
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
"ExpectedServerSignHash" => "SHA512",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Certificate, no PSS signature algorithms",
server => $server_pss_only,
@@ -389,6 +408,53 @@ our @tests = (
"ExpectedResult" => "ServerFail"
},
},
{
name => "Only RSA-PSS Restricted Certificate",
server => $server_pss_restrict_only,
client => {},
test => {
"ExpectedServerCertType" => "RSA-PSS",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
server => $server_pss_restrict_only,
client => {
"SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
server => $server_pss_restrict_only,
client => {
"SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
},
test => {
"ExpectedServerCertType" => "RSA-PSS",
"ExpectedServerSignHash" => "SHA256",
"ExpectedServerSignType" => "RSA-PSS",
"ExpectedResult" => "Success"
},
},
{
name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
server => $server_pss_restrict_only,
client => {
"SignatureAlgorithms" => "rsa_pss_pss_sha512",
},
test => {
"ExpectedResult" => "ServerFail"
},
},
{
name => "RSA key exchange with all RSA certificate types",
server => $server_rsa_all,

345
test/sslapitest.c
View File

@@ -42,6 +42,7 @@ static int find_session_cb_cnt = 0;
static SSL_SESSION *create_a_psk(SSL *ssl);
#endif
static char *certsdir = NULL;
static char *cert = NULL;
static char *privkey = NULL;
static char *srpvfile = NULL;
@@ -3288,6 +3289,142 @@ static int test_ciphersuite_change(void)
return testresult;
}
/*
* Test TLSv1.3 Cipher Suite
* Test 0 = Set TLS1.3 cipher on context
* Test 1 = Set TLS1.3 cipher on SSL
* Test 2 = Set TLS1.3 and TLS1.2 cipher on context
* Test 3 = Set TLS1.3 and TLS1.2 cipher on SSL
*/
static int test_tls13_ciphersuite(int idx)
{
SSL_CTX *sctx = NULL, *cctx = NULL;
SSL *serverssl = NULL, *clientssl = NULL;
static const char *t13_ciphers[] = {
TLS1_3_RFC_AES_128_GCM_SHA256,
TLS1_3_RFC_AES_256_GCM_SHA384,
TLS1_3_RFC_AES_128_CCM_SHA256,
# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
TLS1_3_RFC_AES_256_GCM_SHA384 ":" TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
# endif
TLS1_3_RFC_AES_128_CCM_8_SHA256 ":" TLS1_3_RFC_AES_128_CCM_SHA256
};
const char *t13_cipher = NULL;
const char *t12_cipher = NULL;
const char *negotiated_scipher;
const char *negotiated_ccipher;
int set_at_ctx = 0;
int set_at_ssl = 0;
int testresult = 0;
int max_ver;
size_t i;
switch (idx) {
case 0:
set_at_ctx = 1;
break;
case 1:
set_at_ssl = 1;
break;
case 2:
set_at_ctx = 1;
t12_cipher = TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
break;
case 3:
set_at_ssl = 1;
t12_cipher = TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
break;
}
for (max_ver = TLS1_2_VERSION; max_ver <= TLS1_3_VERSION; max_ver++) {
# ifdef OPENSSL_NO_TLS1_2
if (max_ver == TLS1_2_VERSION)
continue;
# endif
for (i = 0; i < OSSL_NELEM(t13_ciphers); i++) {
t13_cipher = t13_ciphers[i];
if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(),
TLS_client_method(),
TLS1_VERSION, max_ver,
&sctx, &cctx, cert, privkey)))
goto end;
if (set_at_ctx) {
if (!TEST_true(SSL_CTX_set_ciphersuites(sctx, t13_cipher))
|| !TEST_true(SSL_CTX_set_ciphersuites(cctx, t13_cipher)))
goto end;
if (t12_cipher != NULL) {
if (!TEST_true(SSL_CTX_set_cipher_list(sctx, t12_cipher))
|| !TEST_true(SSL_CTX_set_cipher_list(cctx,
t12_cipher)))
goto end;
}
}
if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl,
&clientssl, NULL, NULL)))
goto end;
if (set_at_ssl) {
if (!TEST_true(SSL_set_ciphersuites(serverssl, t13_cipher))
|| !TEST_true(SSL_set_ciphersuites(clientssl, t13_cipher)))
goto end;
if (t12_cipher != NULL) {
if (!TEST_true(SSL_set_cipher_list(serverssl, t12_cipher))
|| !TEST_true(SSL_set_cipher_list(clientssl,
t12_cipher)))
goto end;
}
}
if (!TEST_true(create_ssl_connection(serverssl, clientssl,
SSL_ERROR_NONE)))
goto end;
negotiated_scipher = SSL_CIPHER_get_name(SSL_get_current_cipher(
serverssl));
negotiated_ccipher = SSL_CIPHER_get_name(SSL_get_current_cipher(
clientssl));
if (!TEST_str_eq(negotiated_scipher, negotiated_ccipher))
goto end;
/*
* TEST_strn_eq is used below because t13_cipher can contain
* multiple ciphersuites
*/
if (max_ver == TLS1_3_VERSION
&& !TEST_strn_eq(t13_cipher, negotiated_scipher,
strlen(negotiated_scipher)))
goto end;
# ifndef OPENSSL_NO_TLS1_2
/* Below validation is not done when t12_cipher is NULL */
if (max_ver == TLS1_2_VERSION && t12_cipher != NULL
&& !TEST_str_eq(t12_cipher, negotiated_scipher))
goto end;
# endif
SSL_free(serverssl);
serverssl = NULL;
SSL_free(clientssl);
clientssl = NULL;
SSL_CTX_free(sctx);
sctx = NULL;
SSL_CTX_free(cctx);
cctx = NULL;
}
}
testresult = 1;
end:
SSL_free(serverssl);
SSL_free(clientssl);
SSL_CTX_free(sctx);
SSL_CTX_free(cctx);
return testresult;
}
/*
* Test TLSv1.3 PSKs
* Test 0 = Test new style callbacks
@@ -4290,6 +4427,11 @@ static int test_key_update(void)
|| !TEST_int_eq(SSL_read(serverssl, buf, sizeof(buf)),
strlen(mess)))
goto end;
if (!TEST_int_eq(SSL_write(serverssl, mess, strlen(mess)), strlen(mess))
|| !TEST_int_eq(SSL_read(clientssl, buf, sizeof(buf)),
strlen(mess)))
goto end;
}
testresult = 1;
@@ -4302,6 +4444,91 @@ static int test_key_update(void)
return testresult;
}
/*
* Test we can handle a KeyUpdate (update requested) message while write data
* is pending.
* Test 0: Client sends KeyUpdate while Server is writing
* Test 1: Server sends KeyUpdate while Client is writing
*/
static int test_key_update_in_write(int tst)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
SSL *clientssl = NULL, *serverssl = NULL;
int testresult = 0;
char buf[20];
static char *mess = "A test message";
BIO *bretry = BIO_new(bio_s_always_retry());
BIO *tmp = NULL;
SSL *peerupdate = NULL, *peerwrite = NULL;
if (!TEST_ptr(bretry)
|| !TEST_true(create_ssl_ctx_pair(TLS_server_method(),
TLS_client_method(),
TLS1_3_VERSION,
0,
&sctx, &cctx, cert, privkey))
|| !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
NULL, NULL))
|| !TEST_true(create_ssl_connection(serverssl, clientssl,
SSL_ERROR_NONE)))
goto end;
peerupdate = tst == 0 ? clientssl : serverssl;
peerwrite = tst == 0 ? serverssl : clientssl;
if (!TEST_true(SSL_key_update(peerupdate, SSL_KEY_UPDATE_REQUESTED))
|| !TEST_true(SSL_do_handshake(peerupdate)))
goto end;
/* Swap the writing endpoint's write BIO to force a retry */
tmp = SSL_get_wbio(peerwrite);
if (!TEST_ptr(tmp) || !TEST_true(BIO_up_ref(tmp))) {
tmp = NULL;
goto end;
}
SSL_set0_wbio(peerwrite, bretry);
bretry = NULL;
/* Write data that we know will fail with SSL_ERROR_WANT_WRITE */
if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), -1)
|| !TEST_int_eq(SSL_get_error(peerwrite, 0), SSL_ERROR_WANT_WRITE))
goto end;
/* Reinstate the original writing endpoint's write BIO */
SSL_set0_wbio(peerwrite, tmp);
tmp = NULL;
/* Now read some data - we will read the key update */
if (!TEST_int_eq(SSL_read(peerwrite, buf, sizeof(buf)), -1)
|| !TEST_int_eq(SSL_get_error(peerwrite, 0), SSL_ERROR_WANT_READ))
goto end;
/*
* Complete the write we started previously and read it from the other
* endpoint
*/
if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
|| !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess)))
goto end;
/* Write more data to ensure we send the KeyUpdate message back */
if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
|| !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess)))
goto end;
testresult = 1;
end:
SSL_free(serverssl);
SSL_free(clientssl);
SSL_CTX_free(sctx);
SSL_CTX_free(cctx);
BIO_free(bretry);
BIO_free(tmp);
return testresult;
}
#endif /* OPENSSL_NO_TLS1_3 */
static int test_ssl_clear(int idx)
@@ -5572,6 +5799,12 @@ static int cert_cb_cnt;
static int cert_cb(SSL *s, void *arg)
{
SSL_CTX *ctx = (SSL_CTX *)arg;
BIO *in = NULL;
EVP_PKEY *pkey = NULL;
X509 *x509 = NULL, *rootx = NULL;
STACK_OF(X509) *chain = NULL;
char *rootfile = NULL, *ecdsacert = NULL, *ecdsakey = NULL;
int ret = 0;
if (cert_cb_cnt == 0) {
/* Suspend the handshake */
@@ -5592,10 +5825,60 @@ static int cert_cb(SSL *s, void *arg)
return 0;
cert_cb_cnt++;
return 1;
} else if (cert_cb_cnt == 3) {
int rv;
rootfile = test_mk_file_path(certsdir, "rootcert.pem");
ecdsacert = test_mk_file_path(certsdir, "server-ecdsa-cert.pem");
ecdsakey = test_mk_file_path(certsdir, "server-ecdsa-key.pem");
if (!TEST_ptr(rootfile) || !TEST_ptr(ecdsacert) || !TEST_ptr(ecdsakey))
goto out;
chain = sk_X509_new_null();
if (!TEST_ptr(chain))
goto out;
if (!TEST_ptr(in = BIO_new(BIO_s_file()))
|| !TEST_int_ge(BIO_read_filename(in, rootfile), 0)
|| !TEST_ptr(rootx = PEM_read_bio_X509(in, NULL, NULL, NULL))
|| !TEST_true(sk_X509_push(chain, rootx)))
goto out;
rootx = NULL;
BIO_free(in);
if (!TEST_ptr(in = BIO_new(BIO_s_file()))
|| !TEST_int_ge(BIO_read_filename(in, ecdsacert), 0)
|| !TEST_ptr(x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)))
goto out;
BIO_free(in);
if (!TEST_ptr(in = BIO_new(BIO_s_file()))
|| !TEST_int_ge(BIO_read_filename(in, ecdsakey), 0)
|| !TEST_ptr(pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL)))
goto out;
rv = SSL_check_chain(s, x509, pkey, chain);
/*
* If the cert doesn't show as valid here (e.g., because we don't
* have any shared sigalgs), then we will not set it, and there will
* be no certificate at all on the SSL or SSL_CTX. This, in turn,
* will cause tls_choose_sigalgs() to fail the connection.
*/
if ((rv & (CERT_PKEY_VALID | CERT_PKEY_CA_SIGNATURE))
== (CERT_PKEY_VALID | CERT_PKEY_CA_SIGNATURE)) {
if (!SSL_use_cert_and_key(s, x509, pkey, NULL, 1))
goto out;
}
ret = 1;
}
/* Abort the handshake */
return 0;
out:
OPENSSL_free(ecdsacert);
OPENSSL_free(ecdsakey);
OPENSSL_free(rootfile);
BIO_free(in);
EVP_PKEY_free(pkey);
X509_free(x509);
X509_free(rootx);
sk_X509_pop_free(chain, X509_free);
return ret;
}
/*
@@ -5603,6 +5886,10 @@ static int cert_cb(SSL *s, void *arg)
* Test 0: Callback fails
* Test 1: Success - no SSL_set_SSL_CTX() in the callback
* Test 2: Success - SSL_set_SSL_CTX() in the callback
* Test 3: Success - Call SSL_check_chain from the callback
* Test 4: Failure - SSL_check_chain fails from callback due to bad cert in the
* chain
* Test 5: Failure - SSL_check_chain fails from callback due to bad ee cert
*/
static int test_cert_cb_int(int prot, int tst)
{
@@ -5610,6 +5897,12 @@ static int test_cert_cb_int(int prot, int tst)
SSL *clientssl = NULL, *serverssl = NULL;
int testresult = 0, ret;
#ifdef OPENSSL_NO_EC
/* We use an EC cert in these tests, so we skip in a no-ec build */
if (tst >= 3)
return 1;
#endif
if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(),
TLS_client_method(),
TLS1_VERSION,
@@ -5619,8 +5912,11 @@ static int test_cert_cb_int(int prot, int tst)
if (tst == 0)
cert_cb_cnt = -1;
else if (tst >= 3)
cert_cb_cnt = 3;
else
cert_cb_cnt = 0;
if (tst == 2)
snictx = SSL_CTX_new(TLS_server_method());
SSL_CTX_set_cert_cb(sctx, cert_cb, snictx);
@@ -5629,9 +5925,28 @@ static int test_cert_cb_int(int prot, int tst)
NULL, NULL)))
goto end;
if (tst == 4) {
/*
* We cause SSL_check_chain() to fail by specifying sig_algs that
* the chain doesn't meet (the root uses an RSA cert)
*/
if (!TEST_true(SSL_set1_sigalgs_list(clientssl,
"ecdsa_secp256r1_sha256")))
goto end;
} else if (tst == 5) {
/*
* We cause SSL_check_chain() to fail by specifying sig_algs that
* the ee cert doesn't meet (the ee uses an ECDSA cert)
*/
if (!TEST_true(SSL_set1_sigalgs_list(clientssl,
"rsa_pss_rsae_sha256:rsa_pkcs1_sha256")))
goto end;
}
ret = create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE);
if (!TEST_true(tst == 0 ? !ret : ret)
|| (tst > 0 && !TEST_int_eq(cert_cb_cnt, 2))) {
if (!TEST_true(tst == 0 || tst == 4 || tst == 5 ? !ret : ret)
|| (tst > 0
&& !TEST_int_eq((cert_cb_cnt - 2) * (cert_cb_cnt - 3), 0))) {
goto end;
}
@@ -5892,10 +6207,9 @@ static int test_ca_names(int tst)
int setup_tests(void)
{
if (!TEST_ptr(cert = test_get_argument(0))
|| !TEST_ptr(privkey = test_get_argument(1))
|| !TEST_ptr(srpvfile = test_get_argument(2))
|| !TEST_ptr(tmpfilename = test_get_argument(3)))
if (!TEST_ptr(certsdir = test_get_argument(0))
|| !TEST_ptr(srpvfile = test_get_argument(1))
|| !TEST_ptr(tmpfilename = test_get_argument(2)))
return 0;
if (getenv("OPENSSL_TEST_GETCOUNTS") != NULL) {
@@ -5914,6 +6228,16 @@ int setup_tests(void)
#endif
}
cert = test_mk_file_path(certsdir, "servercert.pem");
if (cert == NULL)
return 0;
privkey = test_mk_file_path(certsdir, "serverkey.pem");
if (privkey == NULL) {
OPENSSL_free(cert);
return 0;
}
ADD_TEST(test_large_message_tls);
ADD_TEST(test_large_message_tls_read_ahead);
#ifndef OPENSSL_NO_DTLS
@@ -5966,6 +6290,7 @@ int setup_tests(void)
#ifndef OPENSSL_NO_TLS1_3
ADD_ALL_TESTS(test_set_ciphersuite, 10);
ADD_TEST(test_ciphersuite_change);
ADD_ALL_TESTS(test_tls13_ciphersuite, 4);
#ifdef OPENSSL_NO_PSK
ADD_ALL_TESTS(test_tls13_psk, 1);
#else
@@ -5982,6 +6307,7 @@ int setup_tests(void)
#ifndef OPENSSL_NO_TLS1_3
ADD_ALL_TESTS(test_export_key_mat_early, 3);
ADD_TEST(test_key_update);
ADD_ALL_TESTS(test_key_update_in_write, 2);
#endif
ADD_ALL_TESTS(test_ssl_clear, 2);
ADD_ALL_TESTS(test_max_fragment_len_ext, OSSL_NELEM(max_fragment_len_test));
@@ -5993,7 +6319,7 @@ int setup_tests(void)
ADD_ALL_TESTS(test_ssl_get_shared_ciphers, OSSL_NELEM(shared_ciphers_data));
ADD_ALL_TESTS(test_ticket_callbacks, 12);
ADD_ALL_TESTS(test_shutdown, 7);
ADD_ALL_TESTS(test_cert_cb, 3);
ADD_ALL_TESTS(test_cert_cb, 6);
ADD_ALL_TESTS(test_client_cert_cb, 2);
ADD_ALL_TESTS(test_ca_names, 3);
return 1;
@@ -6001,5 +6327,8 @@ int setup_tests(void)
void cleanup_tests(void)
{
OPENSSL_free(cert);
OPENSSL_free(privkey);
bio_s_mempacket_test_free();
bio_s_always_retry_free();
}

98
test/ssltestlib.c
View File

@@ -62,9 +62,11 @@ static int tls_dump_puts(BIO *bp, const char *str);
/* Choose a sufficiently large type likely to be unused for this custom BIO */
#define BIO_TYPE_TLS_DUMP_FILTER (0x80 | BIO_TYPE_FILTER)
#define BIO_TYPE_MEMPACKET_TEST 0x81
#define BIO_TYPE_ALWAYS_RETRY 0x82
static BIO_METHOD *method_tls_dump = NULL;
static BIO_METHOD *meth_mem = NULL;
static BIO_METHOD *meth_always_retry = NULL;
/* Note: Not thread safe! */
const BIO_METHOD *bio_f_tls_dump_filter(void)
@@ -612,6 +614,100 @@ static int mempacket_test_puts(BIO *bio, const char *str)
return mempacket_test_write(bio, str, strlen(str));
}
static int always_retry_new(BIO *bi);
static int always_retry_free(BIO *a);
static int always_retry_read(BIO *b, char *out, int outl);
static int always_retry_write(BIO *b, const char *in, int inl);
static long always_retry_ctrl(BIO *b, int cmd, long num, void *ptr);
static int always_retry_gets(BIO *bp, char *buf, int size);
static int always_retry_puts(BIO *bp, const char *str);
const BIO_METHOD *bio_s_always_retry(void)
{
if (meth_always_retry == NULL) {
if (!TEST_ptr(meth_always_retry = BIO_meth_new(BIO_TYPE_ALWAYS_RETRY,
"Always Retry"))
|| !TEST_true(BIO_meth_set_write(meth_always_retry,
always_retry_write))
|| !TEST_true(BIO_meth_set_read(meth_always_retry,
always_retry_read))
|| !TEST_true(BIO_meth_set_puts(meth_always_retry,
always_retry_puts))
|| !TEST_true(BIO_meth_set_gets(meth_always_retry,
always_retry_gets))
|| !TEST_true(BIO_meth_set_ctrl(meth_always_retry,
always_retry_ctrl))
|| !TEST_true(BIO_meth_set_create(meth_always_retry,
always_retry_new))
|| !TEST_true(BIO_meth_set_destroy(meth_always_retry,
always_retry_free)))
return NULL;
}
return meth_always_retry;
}
void bio_s_always_retry_free(void)
{
BIO_meth_free(meth_always_retry);
}
static int always_retry_new(BIO *bio)
{
BIO_set_init(bio, 1);
return 1;
}
static int always_retry_free(BIO *bio)
{
BIO_set_data(bio, NULL);
BIO_set_init(bio, 0);
return 1;
}
static int always_retry_read(BIO *bio, char *out, int outl)
{
BIO_set_retry_read(bio);
return -1;
}
static int always_retry_write(BIO *bio, const char *in, int inl)
{
BIO_set_retry_write(bio);
return -1;
}
static long always_retry_ctrl(BIO *bio, int cmd, long num, void *ptr)
{
long ret = 1;
switch (cmd) {
case BIO_CTRL_FLUSH:
BIO_set_retry_write(bio);
/* fall through */
case BIO_CTRL_EOF:
case BIO_CTRL_RESET:
case BIO_CTRL_DUP:
case BIO_CTRL_PUSH:
case BIO_CTRL_POP:
default:
ret = 0;
break;
}
return ret;
}
static int always_retry_gets(BIO *bio, char *buf, int size)
{
BIO_set_retry_read(bio);
return -1;
}
static int always_retry_puts(BIO *bio, const char *str)
{
BIO_set_retry_write(bio);
return -1;
}
int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm,
int min_proto_version, int max_proto_version,
SSL_CTX **sctx, SSL_CTX **cctx, char *certfile,
@@ -824,7 +920,7 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl, int want)
/*
* We attempt to read some data on the client side which we expect to fail.
* This will ensure we have received the NewSessionTicket in TLSv1.3 where
* appropriate. We do this twice because there are 2 NewSesionTickets.
* appropriate. We do this twice because there are 2 NewSessionTickets.
*/
for (i = 0; i < 2; i++) {
if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) {

3
test/ssltestlib.h
View File

@@ -30,6 +30,9 @@ void bio_f_tls_dump_filter_free(void);
const BIO_METHOD *bio_s_mempacket_test(void);
void bio_s_mempacket_test_free(void);
const BIO_METHOD *bio_s_always_retry(void);
void bio_s_always_retry_free(void);
/* Packet types - value 0 is reserved */
#define INJECT_PACKET 1
#define INJECT_PACKET_IGNORE_REC_SEQ 2

13
test/testutil.h
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -454,4 +454,15 @@ void test_clearstanza(STANZA *s);
*/
char *glue_strings(const char *list[], size_t *out_len);
/*
* Pseudo random number generator of low quality but having repeatability
* across platforms. The two calls are replacements for random(3) and
* srandom(3).
*/
uint32_t test_random(void);
void test_random_seed(uint32_t sd);
/* Create a file path from a directory and a filename */
char *test_mk_file_path(const char *dir, const char *file);
#endif /* HEADER_TESTUTIL_H */

26
test/testutil/driver.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -112,7 +112,7 @@ void setup_test_framework()
seed = (int)time(NULL);
test_printf_stdout("%*s# RAND SEED %d\n", subtest_level(), "", seed);
test_flush_stdout();
srand(seed);
test_random_seed(seed);
}
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
@@ -190,7 +190,7 @@ int run_tests(const char *test_prog_name)
permute[i] = i;
if (seed != 0)
for (i = num_tests - 1; i >= 1; i--) {
j = rand() % (1 + i);
j = test_random() % (1 + i);
ii = permute[j];
permute[j] = permute[i];
permute[i] = ii;
@@ -228,7 +228,7 @@ int run_tests(const char *test_prog_name)
jstep = 1;
else
do
jstep = rand() % all_tests[i].num;
jstep = test_random() % all_tests[i].num;
while (jstep == 0 || gcd(all_tests[i].num, jstep) != 1);
for (jj = 0; jj < all_tests[i].num; jj++) {
@@ -297,3 +297,21 @@ char *glue_strings(const char *list[], size_t *out_len)
return ret;
}
char *test_mk_file_path(const char *dir, const char *file)
{
# ifndef OPENSSL_SYS_VMS
const char *sep = "/";
# else
const char *sep = "";
# endif
size_t len = strlen(dir) + strlen(sep) + strlen(file) + 1;
char *full_file = OPENSSL_zalloc(len);
if (full_file != NULL) {
OPENSSL_strlcpy(full_file, dir, len);
OPENSSL_strlcat(full_file, sep, len);
OPENSSL_strlcat(full_file, file, len);
}
return full_file;
}

40
test/testutil/random.c Normal file
View File

@@ -0,0 +1,40 @@
/*
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "../testutil.h"
/*
* This is an implementation of the algorithm used by the GNU C library's
* random(3) pseudorandom number generator as described:
* https://www.mscs.dal.ca/~selinger/random/
*/
static uint32_t test_random_state[31];
uint32_t test_random(void) {
static unsigned int pos = 3;
if (pos == 31)
pos = 0;
test_random_state[pos] += test_random_state[(pos + 28) % 31];
return test_random_state[pos++] / 2;
}
void test_random_seed(uint32_t sd) {
int i;
int32_t s;
const unsigned int mod = (1u << 31) - 1;
test_random_state[0] = sd;
for (i = 1; i < 31; i++) {
s = (int32_t)test_random_state[i - 1];
test_random_state[i] = (uint32_t)((16807 * (int64_t)s) % mod);
}
for (i = 34; i < 344; i++)
test_random();
}

2
test/tls13secretstest.c
View File

@@ -27,7 +27,7 @@
#define KEYLEN 16
/*
* Based on the test vectors availble in:
* Based on the test vectors available in:
* https://tools.ietf.org/html/draft-ietf-tls-tls13-vectors-06
*/