/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* Note that unlike other SSL tests, we don't test against our own SSL
* server method. Firstly because we don't have one; we *only* support
* DTLS1_BAD_VER as a client. And secondly because even if that were
- * fixed up it's the wrong thing to test against — because if changes
+ * fixed up it's the wrong thing to test against - because if changes
* are made in generic DTLS code which don't take DTLS1_BAD_VER into
* account, there's plenty of scope for making those changes such that
* they break *both* the client and the server in the same way.
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/kdf.h>
-
#include "../ssl/packet_locl.h"
-#include "../e_os.h" /* for OSSL_NELEM() */
+#include "internal/nelem.h"
+#include "testutil.h"
/* For DTLS1_BAD_VER packets the MAC doesn't include the handshake header */
#define MAC_OFFSET (DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH)
long len;
unsigned char *data;
int cookie_found = 0;
- unsigned int u;
+ unsigned int u = 0;
len = BIO_get_mem_data(wbio, (char **)&data);
if (!PACKET_buf_init(&pkt, data, len))
/* Update handshake MAC for second ClientHello (with cookie) */
if (cookie_found && !EVP_DigestUpdate(handshake_md, data + MAC_OFFSET,
len - MAC_OFFSET))
- printf("EVP_DigestUpdate() failed\n");
+ return 0;
(void)BIO_reset(wbio);
if (!EVP_DigestUpdate(handshake_md, server_hello + MAC_OFFSET,
sizeof(server_hello) - MAC_OFFSET))
- printf("EVP_DigestUpdate() failed\n");
+ return 0;
BIO_write(rbio, server_hello, sizeof(server_hello));
BIO_write(rbio, change_cipher_spec, sizeof(change_cipher_spec));
}
/* Create header, HMAC, pad, encrypt and send a record */
-static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr,
+static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
const void *msg, size_t len)
{
/* Note that the order of the record header fields on the wire,
unsigned char pad;
unsigned char *enc;
-#ifdef SIXTY_FOUR_BIT_LONG
seq[0] = (seqnr >> 40) & 0xff;
seq[1] = (seqnr >> 32) & 0xff;
-#endif
seq[2] = (seqnr >> 24) & 0xff;
seq[3] = (seqnr >> 16) & 0xff;
seq[4] = (seqnr >> 8) & 0xff;
HMAC_Update(ctx, seq, 6);
HMAC_Update(ctx, &type, 1);
HMAC_Update(ctx, ver, 2); /* Version */
- lenbytes[0] = len >> 8;
- lenbytes[1] = len & 0xff;
+ lenbytes[0] = (unsigned char)(len >> 8);
+ lenbytes[1] = (unsigned char)(len);
HMAC_Update(ctx, lenbytes, 2); /* Length */
HMAC_Update(ctx, enc, len); /* Finally the data itself */
HMAC_Final(ctx, enc + len, NULL);
BIO_write(rbio, ver, 2);
BIO_write(rbio, epoch, 2);
BIO_write(rbio, seq, 6);
- lenbytes[0] = (len + sizeof(iv)) >> 8;
- lenbytes[1] = (len + sizeof(iv)) & 0xff;
+ lenbytes[0] = (unsigned char)((len + sizeof(iv)) >> 8);
+ lenbytes[1] = (unsigned char)(len + sizeof(iv));
BIO_write(rbio, lenbytes, 2);
BIO_write(rbio, iv, sizeof(iv));
/* Generate Finished MAC */
if (!EVP_DigestFinal_ex(handshake_md, handshake_hash, NULL))
- printf("EVP_DigestFinal_ex() failed\n");
+ return 0;
do_PRF(TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
handshake_hash, EVP_MD_CTX_size(handshake_md),
#define DROP(x) { x##UL, 1 }
static struct {
- unsigned long seq;
+ uint64_t seq;
int drop;
} tests[] = {
NODROP(1), NODROP(3), NODROP(2),
/* The last test should be NODROP, because a DROP wouldn't get tested. */
};
-int main(int argc, char *argv[])
+static int test_bad_dtls(void)
{
- SSL_SESSION *sess;
- SSL_CTX *ctx;
- SSL *con;
- BIO *rbio;
- BIO *wbio;
- BIO *err;
+ SSL_SESSION *sess = NULL;
+ SSL_CTX *ctx = NULL;
+ SSL *con = NULL;
+ BIO *rbio = NULL;
+ BIO *wbio = NULL;
+ time_t now = 0;
int testresult = 0;
int ret;
int i;
- err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
-
- CRYPTO_set_mem_debug(1);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
RAND_bytes(session_id, sizeof(session_id));
RAND_bytes(master_secret, sizeof(master_secret));
RAND_bytes(cookie, sizeof(cookie));
RAND_bytes(server_random + 4, sizeof(server_random) - 4);
- time((void *)server_random);
+
+ now = time(NULL);
+ memcpy(server_random, &now, sizeof(now));
sess = client_session();
- if (sess == NULL) {
- printf("Failed to generate SSL_SESSION\n");
+ if (!TEST_ptr(sess))
goto end;
- }
handshake_md = EVP_MD_CTX_new();
- if (handshake_md == NULL ||
- !EVP_DigestInit_ex(handshake_md, EVP_md5_sha1(), NULL)) {
- printf("Failed to initialise handshake_md\n");
+ if (!TEST_ptr(handshake_md)
+ || !TEST_true(EVP_DigestInit_ex(handshake_md, EVP_md5_sha1(),
+ NULL)))
goto end;
- }
ctx = SSL_CTX_new(DTLS_client_method());
- if (ctx == NULL) {
- printf("Failed to allocate SSL_CTX\n");
- goto end_md;
- }
- if (!SSL_CTX_set_min_proto_version(ctx, DTLS1_BAD_VER)) {
- printf("SSL_CTX_set_min_proto_version() failed\n");
- goto end_ctx;
- }
- if (!SSL_CTX_set_max_proto_version(ctx, DTLS1_BAD_VER)) {
- printf("SSL_CTX_set_max_proto_version() failed\n");
- goto end_ctx;
- }
-
- if (!SSL_CTX_set_cipher_list(ctx, "AES128-SHA")) {
- printf("SSL_CTX_set_cipher_list() failed\n");
- goto end_ctx;
- }
+ if (!TEST_ptr(ctx)
+ || !TEST_true(SSL_CTX_set_min_proto_version(ctx, DTLS1_BAD_VER))
+ || !TEST_true(SSL_CTX_set_max_proto_version(ctx, DTLS1_BAD_VER))
+ || !TEST_true(SSL_CTX_set_cipher_list(ctx, "AES128-SHA")))
+ goto end;
con = SSL_new(ctx);
- if (!SSL_set_session(con, sess)) {
- printf("SSL_set_session() failed\n");
- goto end_con;
- }
+ if (!TEST_ptr(con)
+ || !TEST_true(SSL_set_session(con, sess)))
+ goto end;
SSL_SESSION_free(sess);
rbio = BIO_new(BIO_s_mem());
wbio = BIO_new(BIO_s_mem());
- BIO_set_nbio(rbio, 1);
- BIO_set_nbio(wbio, 1);
+ if (!TEST_ptr(rbio)
+ || !TEST_ptr(wbio))
+ goto end;
SSL_set_bio(con, rbio, wbio);
+
+ if (!TEST_true(BIO_up_ref(rbio))) {
+ /*
+ * We can't up-ref but we assigned ownership to con, so we shouldn't
+ * free in the "end" block
+ */
+ rbio = wbio = NULL;
+ goto end;
+ }
+
+ if (!TEST_true(BIO_up_ref(wbio))) {
+ wbio = NULL;
+ goto end;
+ }
+
SSL_set_connect_state(con);
/* Send initial ClientHello */
ret = SSL_do_handshake(con);
- if (ret > 0 || SSL_get_error(con, ret) != SSL_ERROR_WANT_READ) {
- printf("Unexpected handshake result at initial call!\n");
- goto end_con;
- }
+ if (!TEST_int_le(ret, 0)
+ || !TEST_int_eq(SSL_get_error(con, ret), SSL_ERROR_WANT_READ)
+ || !TEST_int_eq(validate_client_hello(wbio), 1)
+ || !TEST_true(send_hello_verify(rbio)))
+ goto end;
- if (validate_client_hello(wbio) != 1) {
- printf("Initial ClientHello failed validation\n");
- goto end_con;
- }
- if (send_hello_verify(rbio) != 1) {
- printf("Failed to send HelloVerify\n");
- goto end_con;
- }
ret = SSL_do_handshake(con);
- if (ret > 0 || SSL_get_error(con, ret) != SSL_ERROR_WANT_READ) {
- printf("Unexpected handshake result after HelloVerify!\n");
- goto end_con;
- }
- if (validate_client_hello(wbio) != 2) {
- printf("Second ClientHello failed validation\n");
- goto end_con;
- }
- if (send_server_hello(rbio) != 1) {
- printf("Failed to send ServerHello\n");
- goto end_con;
- }
+ if (!TEST_int_le(ret, 0)
+ || !TEST_int_eq(SSL_get_error(con, ret), SSL_ERROR_WANT_READ)
+ || !TEST_int_eq(validate_client_hello(wbio), 2)
+ || !TEST_true(send_server_hello(rbio)))
+ goto end;
+
ret = SSL_do_handshake(con);
- if (ret > 0 || SSL_get_error(con, ret) != SSL_ERROR_WANT_READ) {
- printf("Unexpected handshake result after ServerHello!\n");
- goto end_con;
- }
- if (send_finished(con, rbio) != 1) {
- printf("Failed to send Finished\n");
- goto end_con;
- }
+ if (!TEST_int_le(ret, 0)
+ || !TEST_int_eq(SSL_get_error(con, ret), SSL_ERROR_WANT_READ)
+ || !TEST_true(send_finished(con, rbio)))
+ goto end;
+
ret = SSL_do_handshake(con);
- if (ret < 1) {
- printf("Handshake not successful after Finished!\n");
- goto end_con;
- }
- if (validate_ccs(wbio) != 1) {
- printf("Failed to validate client CCS/Finished\n");
- goto end_con;
- }
+ if (!TEST_int_gt(ret, 0)
+ || !TEST_true(validate_ccs(wbio)))
+ goto end;
/* While we're here and crafting packets by hand, we might as well do a
bit of a stress test on the DTLS record replay handling. Not Cisco-DTLS
before, and in fact was broken even for a basic 0, 2, 1 test case
when this test was first added.... */
for (i = 0; i < (int)OSSL_NELEM(tests); i++) {
- unsigned long recv_buf[2];
+ uint64_t recv_buf[2];
- if (send_record(rbio, SSL3_RT_APPLICATION_DATA, tests[i].seq,
- &tests[i].seq, sizeof(unsigned long)) != 1) {
- printf("Failed to send data seq #0x%lx (%d)\n",
- tests[i].seq, i);
- goto end_con;
+ if (!TEST_true(send_record(rbio, SSL3_RT_APPLICATION_DATA, tests[i].seq,
+ &tests[i].seq, sizeof(uint64_t)))) {
+ TEST_error("Failed to send data seq #0x%x%08x (%d)\n",
+ (unsigned int)(tests[i].seq >> 32), (unsigned int)tests[i].seq, i);
+ goto end;
}
if (tests[i].drop)
continue;
- ret = SSL_read(con, recv_buf, 2 * sizeof(unsigned long));
- if (ret != sizeof(unsigned long)) {
- printf("SSL_read failed or wrong size on seq#0x%lx (%d)\n",
- tests[i].seq, i);
- goto end_con;
+ ret = SSL_read(con, recv_buf, 2 * sizeof(uint64_t));
+ if (!TEST_int_eq(ret, (int)sizeof(uint64_t))) {
+ TEST_error("SSL_read failed or wrong size on seq#0x%x%08x (%d)\n",
+ (unsigned int)(tests[i].seq >> 32), (unsigned int)tests[i].seq, i);
+ goto end;
}
- if (recv_buf[0] != tests[i].seq) {
- printf("Wrong data packet received (0x%lx not 0x%lx) at packet %d\n",
- recv_buf[0], tests[i].seq, i);
- goto end_con;
- }
- }
- if (tests[i-1].drop) {
- printf("Error: last test cannot be DROP()\n");
- goto end_con;
+ if (!TEST_true(recv_buf[0] == tests[i].seq))
+ goto end;
}
- testresult=1;
- end_con:
+ /* The last test cannot be DROP() */
+ if (!TEST_false(tests[i-1].drop))
+ goto end;
+
+ testresult = 1;
+
+ end:
+ BIO_free(rbio);
+ BIO_free(wbio);
SSL_free(con);
- end_ctx:
SSL_CTX_free(ctx);
- end_md:
EVP_MD_CTX_free(handshake_md);
- end:
- ERR_print_errors_fp(stderr);
- if (!testresult) {
- printf("Cisco BadDTLS test: FAILED\n");
- }
-
-
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG
- if (CRYPTO_mem_leaks(err) <= 0)
- testresult = 0;
-#endif
- BIO_free(err);
+ return testresult;
+}
- return testresult?0:1;
+int setup_tests(void)
+{
+ ADD_TEST(test_bad_dtls);
+ return 1;
}
projects / openssl.git / blobdiff