Introduce SSL_CTX_set_stateless_cookie_{generate,verify}_cb
[openssl.git] / test / ssl-tests / protocol_version.pm
1 # -*- mode: perl; -*-
2 # Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
3 #
4 # Licensed under the OpenSSL license (the "License").  You may not use
5 # this file except in compliance with the License.  You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
8
9
10 ## Test version negotiation
11
12 package ssltests;
13
14 use strict;
15 use warnings;
16
17 use List::Util qw/max min/;
18
19 use OpenSSL::Test;
20 use OpenSSL::Test::Utils qw/anydisabled alldisabled disabled/;
21 setup("no_test_here");
22
23 my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3");
24 # undef stands for "no limit".
25 my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3");
26 my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3", undef);
27
28 my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3");
29
30 my $min_tls_enabled; my $max_tls_enabled;
31
32 # Protocol configuration works in cascades, i.e.,
33 # $no_tls1_1 disables TLSv1.1 and below.
34 #
35 # $min_enabled and $max_enabled will be correct if there is at least one
36 # protocol enabled.
37 foreach my $i (0..$#tls_protocols) {
38     if (!$is_tls_disabled[$i]) {
39         $min_tls_enabled = $i;
40         last;
41     }
42 }
43
44 foreach my $i (0..$#tls_protocols) {
45     if (!$is_tls_disabled[$i]) {
46         $max_tls_enabled = $i;
47     }
48 }
49
50 my @dtls_protocols = ("DTLSv1", "DTLSv1.2");
51 # undef stands for "no limit".
52 my @min_dtls_protocols = (undef, "DTLSv1", "DTLSv1.2");
53 my @max_dtls_protocols = ("DTLSv1", "DTLSv1.2", undef);
54
55 my @is_dtls_disabled = anydisabled("dtls1", "dtls1_2");
56
57 my $min_dtls_enabled; my $max_dtls_enabled;
58
59 # $min_enabled and $max_enabled will be correct if there is at least one
60 # protocol enabled.
61 foreach my $i (0..$#dtls_protocols) {
62     if (!$is_dtls_disabled[$i]) {
63         $min_dtls_enabled = $i;
64         last;
65     }
66 }
67
68 foreach my $i (0..$#dtls_protocols) {
69     if (!$is_dtls_disabled[$i]) {
70         $max_dtls_enabled = $i;
71     }
72 }
73
74 sub no_tests {
75     my ($dtls) = @_;
76     return $dtls ? alldisabled("dtls1", "dtls1_2") :
77       alldisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3");
78 }
79
80 sub generate_version_tests {
81     my ($method) = @_;
82
83     my $dtls = $method eq "DTLS";
84     # Don't write the redundant "Method = TLS" into the configuration.
85     undef $method if !$dtls;
86
87     my @protocols = $dtls ? @dtls_protocols : @tls_protocols;
88     my @min_protocols = $dtls ? @min_dtls_protocols : @min_tls_protocols;
89     my @max_protocols = $dtls ? @max_dtls_protocols : @max_tls_protocols;
90     my $min_enabled  = $dtls ? $min_dtls_enabled : $min_tls_enabled;
91     my $max_enabled  = $dtls ? $max_dtls_enabled : $max_tls_enabled;
92
93     if (no_tests($dtls)) {
94         return;
95     }
96
97     my @tests = ();
98
99     for (my $sctp = 0; $sctp < ($dtls && !disabled("sctp") ? 2 : 1); $sctp++) {
100         foreach my $c_min (0..$#min_protocols) {
101             my $c_max_min = $c_min == 0 ? 0 : $c_min - 1;
102             foreach my $c_max ($c_max_min..$#max_protocols) {
103                 foreach my $s_min (0..$#min_protocols) {
104                     my $s_max_min = $s_min == 0 ? 0 : $s_min - 1;
105                     foreach my $s_max ($s_max_min..$#max_protocols) {
106                         my ($result, $protocol) =
107                             expected_result($c_min, $c_max, $s_min, $s_max,
108                                             $min_enabled, $max_enabled,
109                                             \@protocols);
110                         push @tests, {
111                             "name" => "version-negotiation",
112                             "client" => {
113                                 "MinProtocol" => $min_protocols[$c_min],
114                                 "MaxProtocol" => $max_protocols[$c_max],
115                             },
116                             "server" => {
117                                 "MinProtocol" => $min_protocols[$s_min],
118                                 "MaxProtocol" => $max_protocols[$s_max],
119                             },
120                             "test" => {
121                                 "ExpectedResult" => $result,
122                                 "ExpectedProtocol" => $protocol,
123                                 "Method" => $method,
124                             }
125                         };
126                         $tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp;
127                     }
128                 }
129             }
130         }
131     }
132     return @tests if disabled("tls1_3") || disabled("tls1_2") || $dtls;
133
134     #Add some version/ciphersuite sanity check tests
135     push @tests, {
136         "name" => "ciphersuite-sanity-check-client",
137         "client" => {
138             #Offering only <=TLSv1.2 ciphersuites with TLSv1.3 should fail
139             "CipherString" => "AES128-SHA",
140         },
141         "server" => {
142             "MaxProtocol" => "TLSv1.2"
143         },
144         "test" => {
145             "ExpectedResult" => "ClientFail",
146         }
147     };
148     push @tests, {
149         "name" => "ciphersuite-sanity-check-server",
150         "client" => {
151             "CipherString" => "AES128-SHA",
152             "MaxProtocol" => "TLSv1.2"
153         },
154         "server" => {
155             #Allowing only <=TLSv1.2 ciphersuites with TLSv1.3 should fail
156             "CipherString" => "AES128-SHA",
157         },
158         "test" => {
159             "ExpectedResult" => "ServerFail",
160         }
161     };
162
163     return @tests;
164 }
165
166 sub generate_resumption_tests {
167     my ($method) = @_;
168
169     my $dtls = $method eq "DTLS";
170     # Don't write the redundant "Method = TLS" into the configuration.
171     undef $method if !$dtls;
172
173     my @protocols = $dtls ? @dtls_protocols : @tls_protocols;
174     my $min_enabled  = $dtls ? $min_dtls_enabled : $min_tls_enabled;
175     my $max_enabled = $dtls ? $max_dtls_enabled : $max_tls_enabled;
176
177     if (no_tests($dtls)) {
178         return;
179     }
180
181     my @server_tests = ();
182     my @client_tests = ();
183
184     # Obtain the first session against a fixed-version server/client.
185     foreach my $original_protocol($min_enabled..$max_enabled) {
186         # Upgrade or downgrade the server/client max version support and test
187         # that it upgrades, downgrades or resumes the session as well.
188         foreach my $resume_protocol($min_enabled..$max_enabled) {
189             my $resumption_expected;
190             # We should only resume on exact version match.
191             if ($original_protocol eq $resume_protocol) {
192                 $resumption_expected = "Yes";
193             } else {
194                 $resumption_expected = "No";
195             }
196
197             for (my $sctp = 0; $sctp < ($dtls && !disabled("sctp") ? 2 : 1);
198                  $sctp++) {
199                 foreach my $ticket ("SessionTicket", "-SessionTicket") {
200                     # Client is flexible, server upgrades/downgrades.
201                     push @server_tests, {
202                         "name" => "resumption",
203                         "client" => { },
204                         "server" => {
205                             "MinProtocol" => $protocols[$original_protocol],
206                             "MaxProtocol" => $protocols[$original_protocol],
207                             "Options" => $ticket,
208                         },
209                         "resume_server" => {
210                             "MaxProtocol" => $protocols[$resume_protocol],
211                         },
212                         "test" => {
213                             "ExpectedProtocol" => $protocols[$resume_protocol],
214                             "Method" => $method,
215                             "HandshakeMode" => "Resume",
216                             "ResumptionExpected" => $resumption_expected,
217                         }
218                     };
219                     $server_tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp;
220                     # Server is flexible, client upgrades/downgrades.
221                     push @client_tests, {
222                         "name" => "resumption",
223                         "client" => {
224                             "MinProtocol" => $protocols[$original_protocol],
225                             "MaxProtocol" => $protocols[$original_protocol],
226                         },
227                         "server" => {
228                             "Options" => $ticket,
229                         },
230                         "resume_client" => {
231                             "MaxProtocol" => $protocols[$resume_protocol],
232                         },
233                         "test" => {
234                             "ExpectedProtocol" => $protocols[$resume_protocol],
235                             "Method" => $method,
236                             "HandshakeMode" => "Resume",
237                             "ResumptionExpected" => $resumption_expected,
238                         }
239                     };
240                     $client_tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp;
241                 }
242             }
243         }
244     }
245
246     if (!disabled("tls1_3") && !$dtls) {
247         push @client_tests, {
248             "name" => "resumption-with-hrr",
249             "client" => {
250             },
251             "server" => {
252                 "Curves" => "P-256"
253             },
254             "resume_client" => {
255             },
256             "test" => {
257                 "ExpectedProtocol" => "TLSv1.3",
258                 "Method" => "TLS",
259                 "HandshakeMode" => "Resume",
260                 "ResumptionExpected" => "Yes",
261             }
262         };
263     }
264
265     return (@server_tests, @client_tests);
266 }
267
268 sub expected_result {
269     my ($c_min, $c_max, $s_min, $s_max, $min_enabled, $max_enabled,
270         $protocols) = @_;
271
272     # Adjust for "undef" (no limit).
273     $c_min = $c_min == 0 ? 0 : $c_min - 1;
274     $c_max = $c_max == scalar @$protocols ? $c_max - 1 : $c_max;
275     $s_min = $s_min == 0 ? 0 : $s_min - 1;
276     $s_max = $s_max == scalar @$protocols ? $s_max - 1 : $s_max;
277
278     # We now have at least one protocol enabled, so $min_enabled and
279     # $max_enabled are well-defined.
280     $c_min = max $c_min, $min_enabled;
281     $s_min = max $s_min, $min_enabled;
282     $c_max = min $c_max, $max_enabled;
283     $s_max = min $s_max, $max_enabled;
284
285     if ($c_min > $c_max) {
286         # Client should fail to even send a hello.
287         return ("ClientFail", undef);
288     } elsif ($s_min > $s_max) {
289         # Server has no protocols, should always fail.
290         return ("ServerFail", undef);
291     } elsif ($s_min > $c_max) {
292         # Server doesn't support the client range.
293         return ("ServerFail", undef);
294     } elsif ($c_min > $s_max) {
295         my @prots = @$protocols;
296         if ($prots[$c_max] eq "TLSv1.3") {
297             # Client will have sent supported_versions, so server will know
298             # that there are no overlapping versions.
299             return ("ServerFail", undef);
300         } else {
301             # Server will try with a version that is lower than the lowest
302             # supported client version.
303             return ("ClientFail", undef);
304         }
305     } else {
306         # Server and client ranges overlap.
307         my $max_common = $s_max < $c_max ? $s_max : $c_max;
308         return ("Success", $protocols->[$max_common]);
309     }
310 }
311
312 1;