#include <openssl/provider.h>
#include <openssl/param_build.h>
#include <openssl/x509v3.h>
+#include <openssl/dh.h>
#include "helpers/ssltestlib.h"
#include "testutil.h"
if (!TEST_ptr(token = strtok(NULL, " \n")))
return 0;
-
- /*
- * TODO(TLS1.3): test that application traffic secrets are what
- * we expect */
} else {
TEST_info("Unexpected token %s\n", token);
return 0;
#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_KTLS) && \
!(defined(OSSL_NO_USABLE_TLS1_3) && defined(OPENSSL_NO_TLS1_2))
-#define TLS_CIPHER_MAX_REC_SEQ_SIZE 8
/* sock must be connected */
static int ktls_chk_platform(int sock)
{
return 1;
}
-static int ping_pong_query(SSL *clientssl, SSL *serverssl, int cfd, int sfd, int rec_seq_size)
+static int ping_pong_query(SSL *clientssl, SSL *serverssl)
{
static char count = 1;
unsigned char cbuf[16000] = {0};
unsigned char sbuf[16000];
size_t err = 0;
- char crec_wseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
- char crec_wseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
- char crec_rseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
- char crec_rseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
- char srec_wseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
- char srec_wseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
- char srec_rseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
- char srec_rseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
+ char crec_wseq_before[SEQ_NUM_SIZE];
+ char crec_wseq_after[SEQ_NUM_SIZE];
+ char crec_rseq_before[SEQ_NUM_SIZE];
+ char crec_rseq_after[SEQ_NUM_SIZE];
+ char srec_wseq_before[SEQ_NUM_SIZE];
+ char srec_wseq_after[SEQ_NUM_SIZE];
+ char srec_rseq_before[SEQ_NUM_SIZE];
+ char srec_rseq_after[SEQ_NUM_SIZE];
cbuf[0] = count++;
- memcpy(crec_wseq_before, &clientssl->rlayer.write_sequence, rec_seq_size);
- memcpy(crec_rseq_before, &clientssl->rlayer.read_sequence, rec_seq_size);
- memcpy(srec_wseq_before, &serverssl->rlayer.write_sequence, rec_seq_size);
- memcpy(srec_rseq_before, &serverssl->rlayer.read_sequence, rec_seq_size);
+ memcpy(crec_wseq_before, &clientssl->rlayer.write_sequence, SEQ_NUM_SIZE);
+ memcpy(crec_rseq_before, &clientssl->rlayer.read_sequence, SEQ_NUM_SIZE);
+ memcpy(srec_wseq_before, &serverssl->rlayer.write_sequence, SEQ_NUM_SIZE);
+ memcpy(srec_rseq_before, &serverssl->rlayer.read_sequence, SEQ_NUM_SIZE);
if (!TEST_true(SSL_write(clientssl, cbuf, sizeof(cbuf)) == sizeof(cbuf)))
goto end;
}
}
- memcpy(crec_wseq_after, &clientssl->rlayer.write_sequence, rec_seq_size);
- memcpy(crec_rseq_after, &clientssl->rlayer.read_sequence, rec_seq_size);
- memcpy(srec_wseq_after, &serverssl->rlayer.write_sequence, rec_seq_size);
- memcpy(srec_rseq_after, &serverssl->rlayer.read_sequence, rec_seq_size);
+ memcpy(crec_wseq_after, &clientssl->rlayer.write_sequence, SEQ_NUM_SIZE);
+ memcpy(crec_rseq_after, &clientssl->rlayer.read_sequence, SEQ_NUM_SIZE);
+ memcpy(srec_wseq_after, &serverssl->rlayer.write_sequence, SEQ_NUM_SIZE);
+ memcpy(srec_rseq_after, &serverssl->rlayer.read_sequence, SEQ_NUM_SIZE);
/* verify the payload */
if (!TEST_mem_eq(cbuf, sizeof(cbuf), sbuf, sizeof(sbuf)))
goto end;
- /* ktls is used then kernel sequences are used instead of OpenSSL sequences */
- if ((SSL_get_options(clientssl) & SSL_OP_ENABLE_KTLS) == 0) {
- if (!TEST_mem_ne(crec_wseq_before, rec_seq_size,
- crec_wseq_after, rec_seq_size))
+ /*
+ * If ktls is used then kernel sequences are used instead of
+ * OpenSSL sequences
+ */
+ if (!BIO_get_ktls_send(clientssl->wbio)) {
+ if (!TEST_mem_ne(crec_wseq_before, SEQ_NUM_SIZE,
+ crec_wseq_after, SEQ_NUM_SIZE))
goto end;
} else {
- if (!TEST_mem_eq(crec_wseq_before, rec_seq_size,
- crec_wseq_after, rec_seq_size))
+ if (!TEST_mem_eq(crec_wseq_before, SEQ_NUM_SIZE,
+ crec_wseq_after, SEQ_NUM_SIZE))
goto end;
}
- if ((SSL_get_options(serverssl) & SSL_OP_ENABLE_KTLS) == 0) {
- if (!TEST_mem_ne(srec_wseq_before, rec_seq_size,
- srec_wseq_after, rec_seq_size))
+ if (!BIO_get_ktls_send(serverssl->wbio)) {
+ if (!TEST_mem_ne(srec_wseq_before, SEQ_NUM_SIZE,
+ srec_wseq_after, SEQ_NUM_SIZE))
goto end;
} else {
- if (!TEST_mem_eq(srec_wseq_before, rec_seq_size,
- srec_wseq_after, rec_seq_size))
+ if (!TEST_mem_eq(srec_wseq_before, SEQ_NUM_SIZE,
+ srec_wseq_after, SEQ_NUM_SIZE))
goto end;
}
- if ((SSL_get_options(clientssl) & SSL_OP_ENABLE_KTLS) == 0
-#if defined(OPENSSL_NO_KTLS_RX)
- || 1
-#endif
- ) {
- if (!TEST_mem_ne(crec_rseq_before, rec_seq_size,
- crec_rseq_after, rec_seq_size))
+ if (!BIO_get_ktls_recv(clientssl->wbio)) {
+ if (!TEST_mem_ne(crec_rseq_before, SEQ_NUM_SIZE,
+ crec_rseq_after, SEQ_NUM_SIZE))
goto end;
} else {
- if (!TEST_mem_eq(crec_rseq_before, rec_seq_size,
- crec_rseq_after, rec_seq_size))
+ if (!TEST_mem_eq(crec_rseq_before, SEQ_NUM_SIZE,
+ crec_rseq_after, SEQ_NUM_SIZE))
goto end;
}
- if ((SSL_get_options(serverssl) & SSL_OP_ENABLE_KTLS) == 0
-#if defined(OPENSSL_NO_KTLS_RX)
- || 1
-#endif
- ) {
- if (!TEST_mem_ne(srec_rseq_before, rec_seq_size,
- srec_rseq_after, rec_seq_size))
+ if (!BIO_get_ktls_recv(serverssl->wbio)) {
+ if (!TEST_mem_ne(srec_rseq_before, SEQ_NUM_SIZE,
+ srec_rseq_after, SEQ_NUM_SIZE))
goto end;
} else {
- if (!TEST_mem_eq(srec_rseq_before, rec_seq_size,
- srec_rseq_after, rec_seq_size))
+ if (!TEST_mem_eq(srec_rseq_before, SEQ_NUM_SIZE,
+ srec_rseq_after, SEQ_NUM_SIZE))
goto end;
}
}
static int execute_test_ktls(int cis_ktls, int sis_ktls,
- int tls_version, const char *cipher,
- int rec_seq_size)
+ int tls_version, const char *cipher)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
SSL *clientssl = NULL, *serverssl = NULL;
- int testresult = 0;
- int cfd, sfd;
+ int ktls_used = 0, testresult = 0;
+ int cfd = -1, sfd = -1;
+ int rx_supported;
if (!TEST_true(create_test_sockets(&cfd, &sfd)))
goto end;
/* Skip this test if the platform does not support ktls */
- if (!ktls_chk_platform(cfd))
- return 1;
+ if (!ktls_chk_platform(cfd)) {
+ testresult = TEST_skip("Kernel does not support KTLS");
+ goto end;
+ }
+
+ if (is_fips && strstr(cipher, "CHACHA") != NULL) {
+ testresult = TEST_skip("CHACHA is not supported in FIPS");
+ goto end;
+ }
/* Create a session based on SHA-256 */
if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
TLS_client_method(),
tls_version, tls_version,
- &sctx, &cctx, cert, privkey))
- || !TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
- || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher))
- || !TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
- &clientssl, sfd, cfd)))
+ &sctx, &cctx, cert, privkey)))
+ goto end;
+
+ if (tls_version == TLS1_3_VERSION) {
+ if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, cipher))
+ || !TEST_true(SSL_CTX_set_ciphersuites(sctx, cipher)))
+ goto end;
+ } else {
+ if (!TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
+ || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher)))
+ goto end;
+ }
+
+ if (!TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
+ &clientssl, sfd, cfd)))
goto end;
if (cis_ktls) {
}
if (sis_ktls) {
- if (!TEST_true(SSL_set_mode(serverssl, SSL_OP_ENABLE_KTLS)))
+ if (!TEST_true(SSL_set_options(serverssl, SSL_OP_ENABLE_KTLS)))
goto end;
}
- if (!TEST_true(create_ssl_connection(serverssl, clientssl,
- SSL_ERROR_NONE)))
+ if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)))
goto end;
+ /*
+ * The running kernel may not support a given cipher suite
+ * or direction, so just check that KTLS isn't used when it
+ * isn't enabled.
+ */
if (!cis_ktls) {
if (!TEST_false(BIO_get_ktls_send(clientssl->wbio)))
goto end;
} else {
- if (!TEST_true(BIO_get_ktls_send(clientssl->wbio)))
- goto end;
+ if (BIO_get_ktls_send(clientssl->wbio))
+ ktls_used = 1;
}
if (!sis_ktls) {
if (!TEST_false(BIO_get_ktls_send(serverssl->wbio)))
goto end;
} else {
- if (!TEST_true(BIO_get_ktls_send(serverssl->wbio)))
- goto end;
+ if (BIO_get_ktls_send(serverssl->wbio))
+ ktls_used = 1;
}
- if (!cis_ktls
#if defined(OPENSSL_NO_KTLS_RX)
- || 1
+ rx_supported = 0;
+#else
+ rx_supported = (tls_version != TLS1_3_VERSION);
#endif
- ) {
+ if (!cis_ktls || !rx_supported) {
if (!TEST_false(BIO_get_ktls_recv(clientssl->rbio)))
goto end;
} else {
- if (!TEST_true(BIO_get_ktls_recv(clientssl->rbio)))
- goto end;
+ if (BIO_get_ktls_send(clientssl->rbio))
+ ktls_used = 1;
}
- if (!sis_ktls
-#if defined(OPENSSL_NO_KTLS_RX)
- || 1
-#endif
- ) {
+ if (!sis_ktls || !rx_supported) {
if (!TEST_false(BIO_get_ktls_recv(serverssl->rbio)))
goto end;
} else {
- if (!TEST_true(BIO_get_ktls_recv(serverssl->rbio)))
- goto end;
+ if (BIO_get_ktls_send(serverssl->rbio))
+ ktls_used = 1;
+ }
+
+ if ((cis_ktls || sis_ktls) && !ktls_used) {
+ testresult = TEST_skip("KTLS not supported for %s cipher %s",
+ tls_version == TLS1_3_VERSION ? "TLS 1.3" :
+ "TLS 1.2", cipher);
+ goto end;
}
- if (!TEST_true(ping_pong_query(clientssl, serverssl, cfd, sfd,
- rec_seq_size)))
+ if (!TEST_true(ping_pong_query(clientssl, serverssl)))
goto end;
testresult = 1;
SSL_CTX_free(sctx);
SSL_CTX_free(cctx);
serverssl = clientssl = NULL;
+ if (cfd != -1)
+ close(cfd);
+ if (sfd != -1)
+ close(sfd);
return testresult;
}
#define SENDFILE_CHUNK (4 * 4096)
#define min(a,b) ((a) > (b) ? (b) : (a))
-static int test_ktls_sendfile(int tls_version, const char *cipher)
+static int execute_test_ktls_sendfile(int tls_version, const char *cipher)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
SSL *clientssl = NULL, *serverssl = NULL;
unsigned char *buf, *buf_dst;
BIO *out = NULL, *in = NULL;
- int cfd, sfd, ffd, err;
+ int cfd = -1, sfd = -1, ffd, err;
ssize_t chunk_size = 0;
off_t chunk_off = 0;
int testresult = 0;
/* Skip this test if the platform does not support ktls */
if (!ktls_chk_platform(sfd)) {
- testresult = 1;
+ testresult = TEST_skip("Kernel does not support KTLS");
+ goto end;
+ }
+
+ if (is_fips && strstr(cipher, "CHACHA") != NULL) {
+ testresult = TEST_skip("CHACHA is not supported in FIPS");
goto end;
}
if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
TLS_client_method(),
tls_version, tls_version,
- &sctx, &cctx, cert, privkey))
- || !TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
- || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher))
- || !TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
- &clientssl, sfd, cfd)))
+ &sctx, &cctx, cert, privkey)))
+ goto end;
+
+ if (tls_version == TLS1_3_VERSION) {
+ if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, cipher))
+ || !TEST_true(SSL_CTX_set_ciphersuites(sctx, cipher)))
+ goto end;
+ } else {
+ if (!TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
+ || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher)))
+ goto end;
+ }
+
+ if (!TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
+ &clientssl, sfd, cfd)))
+ goto end;
+
+ if (!TEST_true(SSL_set_options(serverssl, SSL_OP_ENABLE_KTLS)))
goto end;
if (!TEST_true(create_ssl_connection(serverssl, clientssl,
- SSL_ERROR_NONE))
- || !TEST_true(BIO_get_ktls_send(serverssl->wbio)))
+ SSL_ERROR_NONE)))
+ goto end;
+
+ if (!BIO_get_ktls_send(serverssl->wbio)) {
+ testresult = TEST_skip("Failed to enable KTLS for %s cipher %s",
+ tls_version == TLS1_3_VERSION ? "TLS 1.3" :
+ "TLS 1.2", cipher);
goto end;
+ }
- if (!TEST_true(RAND_bytes_ex(libctx, buf, SENDFILE_SZ)))
+ if (!TEST_int_gt(RAND_bytes_ex(libctx, buf, SENDFILE_SZ, 0), 0))
goto end;
out = BIO_new_file(tmpfilename, "wb");
serverssl = clientssl = NULL;
BIO_free(out);
BIO_free(in);
+ if (cfd != -1)
+ close(cfd);
+ if (sfd != -1)
+ close(sfd);
OPENSSL_free(buf);
OPENSSL_free(buf_dst);
return testresult;
}
-#if !defined(OPENSSL_NO_TLS1_2) || !defined(OSSL_NO_USABLE_TLS1_3)
+static struct ktls_test_cipher {
+ int tls_version;
+ const char *cipher;
+} ktls_test_ciphers[] = {
+# if !defined(OPENSSL_NO_TLS1_2)
+# ifdef OPENSSL_KTLS_AES_GCM_128
+ { TLS1_2_VERSION, "AES128-GCM-SHA256" },
+# endif
+# ifdef OPENSSL_KTLS_AES_CCM_128
+ { TLS1_2_VERSION, "AES128-CCM"},
+# endif
+# ifdef OPENSSL_KTLS_AES_GCM_256
+ { TLS1_2_VERSION, "AES256-GCM-SHA384"},
+# endif
+# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
+ { TLS1_2_VERSION, "ECDHE-RSA-CHACHA20-POLY1305"},
+# endif
+# endif
+# if !defined(OSSL_NO_USABLE_TLS1_3)
+# ifdef OPENSSL_KTLS_AES_GCM_128
+ { TLS1_3_VERSION, "TLS_AES_128_GCM_SHA256" },
+# endif
+# ifdef OPENSSL_KTLS_AES_CCM_128
+ { TLS1_3_VERSION, "TLS_AES_128_CCM_SHA256" },
+# endif
+# ifdef OPENSSL_KTLS_AES_GCM_256
+ { TLS1_3_VERSION, "TLS_AES_256_GCM_SHA384" },
+# endif
+# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
+ { TLS1_3_VERSION, "TLS_CHACHA20_POLY1305_SHA256" },
+# endif
+# endif
+};
+
+#define NUM_KTLS_TEST_CIPHERS \
+ (sizeof(ktls_test_ciphers) / sizeof(ktls_test_ciphers[0]))
+
static int test_ktls(int test)
{
+ struct ktls_test_cipher *cipher;
int cis_ktls, sis_ktls;
- int tlsver, testresult;
- if (test > 3) {
-#if defined(OSSL_NO_USABLE_TLS1_3)
- return 1;
-#else
- test -= 4;
- tlsver = TLS1_3_VERSION;
-#endif
- } else {
-#if defined(OPENSSL_NO_TLS1_2)
- return 1;
-#else
- tlsver = TLS1_2_VERSION;
-#endif
- }
+ OPENSSL_assert(test / 4 < (int)NUM_KTLS_TEST_CIPHERS);
+ cipher = &ktls_test_ciphers[test / 4];
cis_ktls = (test & 1) != 0;
sis_ktls = (test & 2) != 0;
- testresult = 1;
-#ifdef OPENSSL_KTLS_AES_GCM_128
- testresult &= execute_test_ktls(cis_ktls, sis_ktls, tlsver,
- "AES128-GCM-SHA256",
- TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_CCM_128
- testresult &= execute_test_ktls(cis_ktls, sis_ktls, tlsver, "AES128-CCM",
- TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
-#endif
-#ifdef OPENSSL_KTLS_AES_GCM_256
- testresult &= execute_test_ktls(cis_ktls, sis_ktls, tlsver,
- "AES256-GCM-SHA384",
- TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
-#endif
- return testresult;
+ return execute_test_ktls(cis_ktls, sis_ktls, cipher->tls_version,
+ cipher->cipher);
}
-static int test_ktls_sendfile_anytls(int tst)
+static int test_ktls_sendfile(int tst)
{
- char *cipher[] = {"AES128-GCM-SHA256","AES128-CCM","AES256-GCM-SHA384"};
- int tlsver;
+ struct ktls_test_cipher *cipher;
- if (tst > 2) {
-#if defined(OSSL_NO_USABLE_TLS1_3)
- return 1;
-#else
- tst -= 3;
- tlsver = TLS1_3_VERSION;
-#endif
- } else {
-#if defined(OPENSSL_NO_TLS1_2)
- return 1;
-#else
- tlsver = TLS1_2_VERSION;
-#endif
- }
+ OPENSSL_assert(tst < (int)NUM_KTLS_TEST_CIPHERS);
+ cipher = &ktls_test_ciphers[tst];
-#ifndef OPENSSL_KTLS_AES_GCM_128
- if(tst == 0) return 1;
-#endif
-#ifndef OPENSSL_KTLS_AES_CCM_128
- if(tst == 1) return 1;
-#endif
-#ifndef OPENSSL_KTLS_AES_GCM_256
- if(tst == 2) return 1;
-#endif
- return test_ktls_sendfile(tlsver, cipher[tst]);
+ return execute_test_ktls_sendfile(cipher->tls_version, cipher->cipher);
}
-
-#endif
#endif
static int test_large_message_tls(void)
if (!TEST_ptr(copy = OPENSSL_memdup(orespder, sizeof(orespder))))
return SSL_TLSEXT_ERR_ALERT_FATAL;
- SSL_set_tlsext_status_ocsp_resp(s, copy, sizeof(orespder));
+ if (!TEST_true(SSL_set_tlsext_status_ocsp_resp(s, copy,
+ sizeof(orespder)))) {
+ OPENSSL_free(copy);
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
ocsp_server_called = 1;
return SSL_TLSEXT_ERR_OK;
}
|| !TEST_int_eq(4, new_called))
goto end;
+ /* Once more, but with SSL_do_handshake() to drive the ticket generation */
+ c = '4';
+ new_called = 0;
+ if (!TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_true(SSL_do_handshake(serverssl))
+ || !TEST_int_eq(2, new_called)
+ || !TEST_false(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes))
+ || !TEST_int_eq(4, new_called))
+ goto end;
+
/*
* Use the always-retry BIO to exercise the logic that forces ticket
* generation to wait until a record boundary.
*/
- c = '4';
+ c = '5';
new_called = 0;
tmp = SSL_get_wbio(serverssl);
if (!TEST_ptr(tmp) || !TEST_true(BIO_up_ref(tmp))) {
/* Restore a BIO that will let the write succeed */
SSL_set0_wbio(serverssl, tmp);
tmp = NULL;
- /* These calls should just queue the request and not send anything. */
+ /*
+ * These calls should just queue the request and not send anything
+ * even if we explicitly try to hit the state machine.
+ */
if (!TEST_true(SSL_new_session_ticket(serverssl))
|| !TEST_true(SSL_new_session_ticket(serverssl))
+ || !TEST_int_eq(0, new_called)
+ || !TEST_true(SSL_do_handshake(serverssl))
|| !TEST_int_eq(0, new_called))
goto end;
/* Re-do the write; still no tickets sent */
|| !TEST_int_eq(c, buf[0])
|| !TEST_false(SSL_read_ex(clientssl, buf, sizeof(buf), &nbytes)))
goto end;
+ /* Even trying to hit the state machine now will still not send tickets */
+ if (!TEST_true(SSL_do_handshake(serverssl))
+ || !TEST_int_eq(0, new_called))
+ goto end;
/* Now the *next* write should send the tickets */
- c = '5';
+ c = '6';
if (!TEST_true(SSL_write_ex(serverssl, &c, 1, &nbytes))
|| !TEST_size_t_eq(1, nbytes)
|| !TEST_int_eq(2, new_called)
&sctx, &cctx, cert, privkey)))
return 0;
- /*
- * TODO(TLS1.3): These APIs cannot set TLSv1.3 sig algs so we just test it
- * for TLSv1.2 for now until we add a new API.
- */
SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION);
if (testctx) {
&serverssl, &sess, 2)))
goto end;
+ if (idx == 4) {
+ /* CCM8 ciphers are considered low security due to their short tag */
+ SSL_set_security_level(clientssl, 0);
+ SSL_set_security_level(serverssl, 0);
+ }
+
if (!TEST_true(SSL_set_ciphersuites(clientssl, cipher_str[idx]))
|| !TEST_true(SSL_set_ciphersuites(serverssl, cipher_str[idx])))
goto end;
"TLS_AES_256_GCM_SHA384:"
"TLS_AES_128_CCM_SHA256"))
|| !TEST_true(SSL_CTX_set_ciphersuites(cctx,
- "TLS_AES_128_GCM_SHA256"))
- || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl,
- &clientssl, NULL, NULL))
+ "TLS_AES_128_GCM_SHA256")))
+ goto end;
+
+ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+ NULL, NULL))
|| !TEST_true(create_ssl_connection(serverssl, clientssl,
SSL_ERROR_NONE)))
goto end;
* Test 12 = Test all ECDHE with TLSv1.2 client and server
* Test 13 = Test all FFDHE with TLSv1.2 client and server
*/
+# ifndef OPENSSL_NO_EC
+static int ecdhe_kexch_groups[] = {NID_X9_62_prime256v1, NID_secp384r1,
+ NID_secp521r1, NID_X25519, NID_X448};
+# endif
+# ifndef OPENSSL_NO_DH
+static int ffdhe_kexch_groups[] = {NID_ffdhe2048, NID_ffdhe3072, NID_ffdhe4096,
+ NID_ffdhe6144, NID_ffdhe8192};
+# endif
static int test_key_exchange(int idx)
{
SSL_CTX *sctx = NULL, *cctx = NULL;
SSL *serverssl = NULL, *clientssl = NULL;
int testresult = 0;
-# ifndef OPENSSL_NO_EC
- int ecdhe_kexch_groups[] = {NID_X9_62_prime256v1, NID_secp384r1,
- NID_secp521r1, NID_X25519, NID_X448};
-# endif
-# ifndef OPENSSL_NO_DH
- int ffdhe_kexch_groups[] = {NID_ffdhe2048, NID_ffdhe3072, NID_ffdhe4096,
- NID_ffdhe6144, NID_ffdhe8192};
-# endif
int kexch_alg;
int *kexch_groups = &kexch_alg;
int kexch_groups_size = 1;
goto end;
if (!TEST_true(SSL_CTX_set_cipher_list(sctx,
- TLS1_TXT_RSA_WITH_AES_128_SHA)))
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ":"
+ TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256))
+ || !TEST_true(SSL_CTX_set_dh_auto(sctx, 1)))
goto end;
/*
*/
# ifndef OPENSSL_NO_TLS1_2
if (!TEST_true(SSL_CTX_set_cipher_list(cctx,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM ":"
- TLS1_TXT_RSA_WITH_AES_128_SHA)))
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ":"
+ TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256)))
goto end;
# endif
kexch_name0))
goto end;
- if (max_version == TLS1_3_VERSION) {
+ /* We don't implement RFC 7919 named groups for TLS 1.2. */
+ if (idx != 13) {
if (!TEST_int_eq(SSL_get_negotiated_group(serverssl), kexch_groups[0]))
goto end;
if (!TEST_int_eq(SSL_get_negotiated_group(clientssl), kexch_groups[0]))
return testresult;
}
+# if !defined(OPENSSL_NO_TLS1_2) \
+ && !defined(OPENSSL_NO_EC) \
+ && !defined(OPENSSL_NO_DH)
+static int set_ssl_groups(SSL *serverssl, SSL *clientssl, int clientmulti,
+ int isecdhe, int idx)
+{
+ int kexch_alg;
+ int *kexch_groups = &kexch_alg;
+ int numec, numff;
+
+ numec = OSSL_NELEM(ecdhe_kexch_groups);
+ numff = OSSL_NELEM(ffdhe_kexch_groups);
+ if (isecdhe)
+ kexch_alg = ecdhe_kexch_groups[idx];
+ else
+ kexch_alg = ffdhe_kexch_groups[idx];
+
+ if (clientmulti) {
+ if (!TEST_true(SSL_set1_groups(serverssl, kexch_groups, 1)))
+ return 0;
+ if (isecdhe) {
+ if (!TEST_true(SSL_set1_groups(clientssl, ecdhe_kexch_groups,
+ numec)))
+ return 0;
+ } else {
+ if (!TEST_true(SSL_set1_groups(clientssl, ffdhe_kexch_groups,
+ numff)))
+ return 0;
+ }
+ } else {
+ if (!TEST_true(SSL_set1_groups(clientssl, kexch_groups, 1)))
+ return 0;
+ if (isecdhe) {
+ if (!TEST_true(SSL_set1_groups(serverssl, ecdhe_kexch_groups,
+ numec)))
+ return 0;
+ } else {
+ if (!TEST_true(SSL_set1_groups(serverssl, ffdhe_kexch_groups,
+ numff)))
+ return 0;
+ }
+ }
+ return 1;
+}
+
+/*-
+ * Test the SSL_get_negotiated_group() API across a battery of scenarios.
+ * Run through both the ECDHE and FFDHE group lists used in the previous
+ * test, for both TLS 1.2 and TLS 1.3, negotiating each group in turn,
+ * confirming the expected result; then perform a resumption handshake
+ * while offering the same group list, and another resumption handshake
+ * offering a different group list. The returned value should be the
+ * negotiated group for the initial handshake; for TLS 1.3 resumption
+ * handshakes the returned value will be negotiated on the resumption
+ * handshake itself, but for TLS 1.2 resumption handshakes the value will
+ * be cached in the session from the original handshake, regardless of what
+ * was offered in the resumption ClientHello.
+ *
+ * Using E for the number of EC groups and F for the number of FF groups:
+ * E tests of ECDHE with TLS 1.3, server only has one group
+ * F tests of FFDHE with TLS 1.3, server only has one group
+ * E tests of ECDHE with TLS 1.2, server only has one group
+ * F tests of FFDHE with TLS 1.2, server only has one group
+ * E tests of ECDHE with TLS 1.3, client sends only one group
+ * F tests of FFDHE with TLS 1.3, client sends only one group
+ * E tests of ECDHE with TLS 1.2, client sends only one group
+ * F tests of FFDHE with TLS 1.2, client sends only one group
+ */
+static int test_negotiated_group(int idx)
+{
+ int clientmulti, istls13, isecdhe, numec, numff, numgroups;
+ int expectednid;
+ SSL_CTX *sctx = NULL, *cctx = NULL;
+ SSL *serverssl = NULL, *clientssl = NULL;
+ SSL_SESSION *origsess = NULL;
+ int testresult = 0;
+ int kexch_alg;
+ int max_version = TLS1_3_VERSION;
+
+ numec = OSSL_NELEM(ecdhe_kexch_groups);
+ numff = OSSL_NELEM(ffdhe_kexch_groups);
+ numgroups = numec + numff;
+ clientmulti = (idx < 2 * numgroups);
+ idx = idx % (2 * numgroups);
+ istls13 = (idx < numgroups);
+ idx = idx % numgroups;
+ isecdhe = (idx < numec);
+ if (!isecdhe)
+ idx -= numec;
+ /* Now 'idx' is an index into ecdhe_kexch_groups or ffdhe_kexch_groups */
+ if (isecdhe)
+ kexch_alg = ecdhe_kexch_groups[idx];
+ else
+ kexch_alg = ffdhe_kexch_groups[idx];
+ /* We expect nothing for the unimplemented TLS 1.2 FFDHE named groups */
+ if (!istls13 && !isecdhe)
+ expectednid = NID_undef;
+ else
+ expectednid = kexch_alg;
+
+ if (!istls13)
+ max_version = TLS1_2_VERSION;
+
+ if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
+ TLS_client_method(), TLS1_VERSION,
+ max_version, &sctx, &cctx, cert,
+ privkey)))
+ goto end;
+
+ /*
+ * Force (EC)DHE ciphers for TLS 1.2.
+ * Be sure to enable auto tmp DH so that FFDHE can succeed.
+ */
+ if (!TEST_true(SSL_CTX_set_cipher_list(sctx,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ":"
+ TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256))
+ || !TEST_true(SSL_CTX_set_dh_auto(sctx, 1)))
+ goto end;
+ if (!TEST_true(SSL_CTX_set_cipher_list(cctx,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ":"
+ TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256)))
+ goto end;
+
+ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+ NULL, NULL)))
+ goto end;
+
+ if (!TEST_true(set_ssl_groups(serverssl, clientssl, clientmulti, isecdhe,
+ idx)))
+ goto end;
+
+ if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)))
+ goto end;
+
+ /* Initial handshake; always the configured one */
+ if (!TEST_uint_eq(SSL_get_negotiated_group(clientssl), expectednid)
+ || !TEST_uint_eq(SSL_get_negotiated_group(serverssl), expectednid))
+ goto end;
+
+ if (!TEST_ptr((origsess = SSL_get1_session(clientssl))))
+ goto end;
+
+ SSL_shutdown(clientssl);
+ SSL_shutdown(serverssl);
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ serverssl = clientssl = NULL;
+
+ /* First resumption attempt; use the same config as initial handshake */
+ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+ NULL, NULL))
+ || !TEST_true(SSL_set_session(clientssl, origsess))
+ || !TEST_true(set_ssl_groups(serverssl, clientssl, clientmulti,
+ isecdhe, idx)))
+ goto end;
+
+ if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE))
+ || !TEST_true(SSL_session_reused(clientssl)))
+ goto end;
+
+ /* Still had better agree, since nothing changed... */
+ if (!TEST_uint_eq(SSL_get_negotiated_group(clientssl), expectednid)
+ || !TEST_uint_eq(SSL_get_negotiated_group(serverssl), expectednid))
+ goto end;
+
+ SSL_shutdown(clientssl);
+ SSL_shutdown(serverssl);
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ serverssl = clientssl = NULL;
+
+ /*-
+ * Second resumption attempt
+ * The party that picks one group changes it, which we effectuate by
+ * changing 'idx' and updating what we expect.
+ */
+ if (idx == 0)
+ idx = 1;
+ else
+ idx--;
+ if (istls13) {
+ if (isecdhe)
+ expectednid = ecdhe_kexch_groups[idx];
+ else
+ expectednid = ffdhe_kexch_groups[idx];
+ /* Verify that we are changing what we expect. */
+ if (!TEST_int_ne(expectednid, kexch_alg))
+ goto end;
+ } else {
+ /* TLS 1.2 only supports named groups for ECDHE. */
+ if (isecdhe)
+ expectednid = kexch_alg;
+ else
+ expectednid = 0;
+ }
+ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+ NULL, NULL))
+ || !TEST_true(SSL_set_session(clientssl, origsess))
+ || !TEST_true(set_ssl_groups(serverssl, clientssl, clientmulti,
+ isecdhe, idx)))
+ goto end;
+
+ if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE))
+ || !TEST_true(SSL_session_reused(clientssl)))
+ goto end;
+
+ /* Check that we get what we expected */
+ if (!TEST_uint_eq(SSL_get_negotiated_group(clientssl), expectednid)
+ || !TEST_uint_eq(SSL_get_negotiated_group(serverssl), expectednid))
+ goto end;
+
+ testresult = 1;
+ end:
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ SSL_CTX_free(sctx);
+ SSL_CTX_free(cctx);
+ SSL_SESSION_free(origsess);
+ return testresult;
+}
+# endif /* !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DH) */
+
/*
* Test TLSv1.3 Cipher Suite
* Test 0 = Set TLS1.3 cipher on context
static const struct {
const char *ciphername;
int fipscapable;
+ int low_security;
} t13_ciphers[] = {
- { TLS1_3_RFC_AES_128_GCM_SHA256, 1 },
- { TLS1_3_RFC_AES_256_GCM_SHA384, 1 },
- { TLS1_3_RFC_AES_128_CCM_SHA256, 1 },
+ { TLS1_3_RFC_AES_128_GCM_SHA256, 1, 0 },
+ { TLS1_3_RFC_AES_256_GCM_SHA384, 1, 0 },
+ { TLS1_3_RFC_AES_128_CCM_SHA256, 1, 0 },
# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
- { TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 0 },
+ { TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 0, 0 },
{ TLS1_3_RFC_AES_256_GCM_SHA384
- ":" TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 0 },
+ ":" TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 0, 0 },
# endif
- { TLS1_3_RFC_AES_128_CCM_8_SHA256 ":" TLS1_3_RFC_AES_128_CCM_SHA256, 1 }
+ /* CCM8 ciphers are considered low security due to their short tag */
+ { TLS1_3_RFC_AES_128_CCM_8_SHA256
+ ":" TLS1_3_RFC_AES_128_CCM_SHA256, 1, 1 }
};
const char *t13_cipher = NULL;
const char *t12_cipher = NULL;
&sctx, &cctx, cert, privkey)))
goto end;
+ if (t13_ciphers[i].low_security) {
+ SSL_CTX_set_security_level(sctx, 0);
+ SSL_CTX_set_security_level(cctx, 0);
+ }
+
if (set_at_ctx) {
if (!TEST_true(SSL_CTX_set_ciphersuites(sctx, t13_cipher))
|| !TEST_true(SSL_CTX_set_ciphersuites(cctx, t13_cipher)))
return SSL_TLSEXT_ERR_OK;
}
+static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx)
+{
+ return 1;
+}
+
/*
* Custom call back tests.
* Test 0: Old style callbacks in TLSv1.2
* Test 2: New style callbacks in TLSv1.2 with SNI
* Test 3: New style callbacks in TLSv1.3. Extensions in CH and EE
* Test 4: New style callbacks in TLSv1.3. Extensions in CH, SH, EE, Cert + NST
+ * Test 5: New style callbacks in TLSv1.3. Extensions in CR + Client Cert
*/
static int test_custom_exts(int tst)
{
SSL_CTX_set_options(sctx2, SSL_OP_NO_TLSv1_3);
}
- if (tst == 4) {
+ if (tst == 5) {
+ context = SSL_EXT_TLS1_3_CERTIFICATE_REQUEST
+ | SSL_EXT_TLS1_3_CERTIFICATE;
+ SSL_CTX_set_verify(sctx,
+ SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_cb);
+ if (!TEST_int_eq(SSL_CTX_use_certificate_file(cctx, cert,
+ SSL_FILETYPE_PEM), 1)
+ || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(cctx, privkey,
+ SSL_FILETYPE_PEM), 1)
+ || !TEST_int_eq(SSL_CTX_check_private_key(cctx), 1))
+ goto end;
+ } else if (tst == 4) {
context = SSL_EXT_CLIENT_HELLO
| SSL_EXT_TLS1_2_SERVER_HELLO
| SSL_EXT_TLS1_3_SERVER_HELLO
|| (tst != 2 && snicb != 0)
|| (tst == 2 && snicb != 1))
goto end;
+ } else if (tst == 5) {
+ if (clntaddnewcb != 1
+ || clntparsenewcb != 1
+ || srvaddnewcb != 1
+ || srvparsenewcb != 1)
+ goto end;
} else {
/* In this case there 2 NewSessionTicket messages created */
if (clntaddnewcb != 1
SSL_free(clientssl);
serverssl = clientssl = NULL;
- if (tst == 3) {
- /* We don't bother with the resumption aspects for this test */
+ if (tst == 3 || tst == 5) {
+ /* We don't bother with the resumption aspects for these tests */
testresult = 1;
goto end;
}
}
/*
- * Test we can handle a KeyUpdate (update requested) message while write data
- * is pending.
+ * Test we can handle a KeyUpdate (update requested) message while
+ * write data is pending in peer.
* Test 0: Client sends KeyUpdate while Server is writing
* Test 1: Server sends KeyUpdate while Client is writing
*/
-static int test_key_update_in_write(int tst)
+static int test_key_update_peer_in_write(int tst)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
SSL *clientssl = NULL, *serverssl = NULL;
peerwrite = tst == 0 ? serverssl : clientssl;
if (!TEST_true(SSL_key_update(peerupdate, SSL_KEY_UPDATE_REQUESTED))
- || !TEST_true(SSL_do_handshake(peerupdate)))
+ || !TEST_int_eq(SSL_do_handshake(peerupdate), 1))
goto end;
/* Swap the writing endpoint's write BIO to force a retry */
return testresult;
}
+
+/*
+ * Test we can handle a KeyUpdate (update requested) message while
+ * peer read data is pending after peer accepted keyupdate(the msg header
+ * had been read 5 bytes).
+ * Test 0: Client sends KeyUpdate while Server is reading
+ * Test 1: Server sends KeyUpdate while Client is reading
+ */
+static int test_key_update_peer_in_read(int tst)
+{
+ SSL_CTX *cctx = NULL, *sctx = NULL;
+ SSL *clientssl = NULL, *serverssl = NULL;
+ int testresult = 0;
+ char prbuf[515], lwbuf[515] = {0};
+ static char *mess = "A test message";
+ BIO *lbio = NULL, *pbio = NULL;
+ SSL *local = NULL, *peer = NULL;
+
+ if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
+ TLS_client_method(),
+ TLS1_3_VERSION,
+ 0,
+ &sctx, &cctx, cert, privkey))
+ || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+ NULL, NULL))
+ || !TEST_true(create_ssl_connection(serverssl, clientssl,
+ SSL_ERROR_NONE)))
+ goto end;
+
+ local = tst == 0 ? clientssl : serverssl;
+ peer = tst == 0 ? serverssl : clientssl;
+
+ if (!TEST_int_eq(BIO_new_bio_pair(&lbio, 512, &pbio, 512), 1))
+ goto end;
+
+ SSL_set_bio(local, lbio, lbio);
+ SSL_set_bio(peer, pbio, pbio);
+
+ /*
+ * we first write keyupdate msg then appdata in local
+ * write data in local will fail with SSL_ERROR_WANT_WRITE,because
+ * lwbuf app data msg size + key updata msg size > 512(the size of
+ * the bio pair buffer)
+ */
+ if (!TEST_true(SSL_key_update(local, SSL_KEY_UPDATE_REQUESTED))
+ || !TEST_int_eq(SSL_write(local, lwbuf, sizeof(lwbuf)), -1)
+ || !TEST_int_eq(SSL_get_error(local, -1), SSL_ERROR_WANT_WRITE))
+ goto end;
+
+ /*
+ * first read keyupdate msg in peer in peer
+ * then read appdata that we know will fail with SSL_ERROR_WANT_READ
+ */
+ if (!TEST_int_eq(SSL_read(peer, prbuf, sizeof(prbuf)), -1)
+ || !TEST_int_eq(SSL_get_error(peer, -1), SSL_ERROR_WANT_READ))
+ goto end;
+
+ /* Now write some data in peer - we will write the key update */
+ if (!TEST_int_eq(SSL_write(peer, mess, strlen(mess)), strlen(mess)))
+ goto end;
+
+ /*
+ * write data in local previously that we will complete
+ * read data in peer previously that we will complete
+ */
+ if (!TEST_int_eq(SSL_write(local, lwbuf, sizeof(lwbuf)), sizeof(lwbuf))
+ || !TEST_int_eq(SSL_read(peer, prbuf, sizeof(prbuf)), sizeof(prbuf)))
+ goto end;
+
+ /* check that sending and receiving appdata ok */
+ if (!TEST_int_eq(SSL_write(local, mess, strlen(mess)), strlen(mess))
+ || !TEST_int_eq(SSL_read(peer, prbuf, sizeof(prbuf)), strlen(mess)))
+ goto end;
+
+ testresult = 1;
+
+ end:
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ SSL_CTX_free(sctx);
+ SSL_CTX_free(cctx);
+
+ return testresult;
+}
+
+/*
+ * Test we can't send a KeyUpdate (update requested) message while
+ * local write data is pending.
+ * Test 0: Client sends KeyUpdate while Client is writing
+ * Test 1: Server sends KeyUpdate while Server is writing
+ */
+static int test_key_update_local_in_write(int tst)
+{
+ SSL_CTX *cctx = NULL, *sctx = NULL;
+ SSL *clientssl = NULL, *serverssl = NULL;
+ int testresult = 0;
+ char buf[20];
+ static char *mess = "A test message";
+ BIO *bretry = BIO_new(bio_s_always_retry());
+ BIO *tmp = NULL;
+ SSL *local = NULL, *peer = NULL;
+
+ if (!TEST_ptr(bretry)
+ || !TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
+ TLS_client_method(),
+ TLS1_3_VERSION,
+ 0,
+ &sctx, &cctx, cert, privkey))
+ || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+ NULL, NULL))
+ || !TEST_true(create_ssl_connection(serverssl, clientssl,
+ SSL_ERROR_NONE)))
+ goto end;
+
+ local = tst == 0 ? clientssl : serverssl;
+ peer = tst == 0 ? serverssl : clientssl;
+
+ /* Swap the writing endpoint's write BIO to force a retry */
+ tmp = SSL_get_wbio(local);
+ if (!TEST_ptr(tmp) || !TEST_true(BIO_up_ref(tmp))) {
+ tmp = NULL;
+ goto end;
+ }
+ SSL_set0_wbio(local, bretry);
+ bretry = NULL;
+
+ /* write data in local will fail with SSL_ERROR_WANT_WRITE */
+ if (!TEST_int_eq(SSL_write(local, mess, strlen(mess)), -1)
+ || !TEST_int_eq(SSL_get_error(local, -1), SSL_ERROR_WANT_WRITE))
+ goto end;
+
+ /* Reinstate the original writing endpoint's write BIO */
+ SSL_set0_wbio(local, tmp);
+ tmp = NULL;
+
+ /* SSL_key_update will fail, because writing in local*/
+ if (!TEST_false(SSL_key_update(local, SSL_KEY_UPDATE_REQUESTED))
+ || !TEST_int_eq(ERR_GET_REASON(ERR_peek_error()), SSL_R_BAD_WRITE_RETRY))
+ goto end;
+
+ ERR_clear_error();
+ /* write data in local previously that we will complete */
+ if (!TEST_int_eq(SSL_write(local, mess, strlen(mess)), strlen(mess)))
+ goto end;
+
+ /* SSL_key_update will succeed because there is no pending write data */
+ if (!TEST_true(SSL_key_update(local, SSL_KEY_UPDATE_REQUESTED))
+ || !TEST_int_eq(SSL_do_handshake(local), 1))
+ goto end;
+
+ /*
+ * we write some appdata in local
+ * read data in peer - we will read the keyupdate msg
+ */
+ if (!TEST_int_eq(SSL_write(local, mess, strlen(mess)), strlen(mess))
+ || !TEST_int_eq(SSL_read(peer, buf, sizeof(buf)), strlen(mess)))
+ goto end;
+
+ /* Write more peer more data to ensure we send the keyupdate message back */
+ if (!TEST_int_eq(SSL_write(peer, mess, strlen(mess)), strlen(mess))
+ || !TEST_int_eq(SSL_read(local, buf, sizeof(buf)), strlen(mess)))
+ goto end;
+
+ testresult = 1;
+
+ end:
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ SSL_CTX_free(sctx);
+ SSL_CTX_free(cctx);
+ BIO_free(bretry);
+ BIO_free(tmp);
+
+ return testresult;
+}
+
+/*
+ * Test we can handle a KeyUpdate (update requested) message while
+ * local read data is pending(the msg header had been read 5 bytes).
+ * Test 0: Client sends KeyUpdate while Client is reading
+ * Test 1: Server sends KeyUpdate while Server is reading
+ */
+static int test_key_update_local_in_read(int tst)
+{
+ SSL_CTX *cctx = NULL, *sctx = NULL;
+ SSL *clientssl = NULL, *serverssl = NULL;
+ int testresult = 0;
+ char lrbuf[515], pwbuf[515] = {0}, prbuf[20];
+ static char *mess = "A test message";
+ BIO *lbio = NULL, *pbio = NULL;
+ SSL *local = NULL, *peer = NULL;
+
+ if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
+ TLS_client_method(),
+ TLS1_3_VERSION,
+ 0,
+ &sctx, &cctx, cert, privkey))
+ || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+ NULL, NULL))
+ || !TEST_true(create_ssl_connection(serverssl, clientssl,
+ SSL_ERROR_NONE)))
+ goto end;
+
+ local = tst == 0 ? clientssl : serverssl;
+ peer = tst == 0 ? serverssl : clientssl;
+
+ if (!TEST_int_eq(BIO_new_bio_pair(&lbio, 512, &pbio, 512), 1))
+ goto end;
+
+ SSL_set_bio(local, lbio, lbio);
+ SSL_set_bio(peer, pbio, pbio);
+
+ /* write app data in peer will fail with SSL_ERROR_WANT_WRITE */
+ if (!TEST_int_eq(SSL_write(peer, pwbuf, sizeof(pwbuf)), -1)
+ || !TEST_int_eq(SSL_get_error(peer, -1), SSL_ERROR_WANT_WRITE))
+ goto end;
+
+ /* read appdata in local will fail with SSL_ERROR_WANT_READ */
+ if (!TEST_int_eq(SSL_read(local, lrbuf, sizeof(lrbuf)), -1)
+ || !TEST_int_eq(SSL_get_error(local, -1), SSL_ERROR_WANT_READ))
+ goto end;
+
+ /* SSL_do_handshake will send keyupdate msg */
+ if (!TEST_true(SSL_key_update(local, SSL_KEY_UPDATE_REQUESTED))
+ || !TEST_int_eq(SSL_do_handshake(local), 1))
+ goto end;
+
+ /*
+ * write data in peer previously that we will complete
+ * read data in local previously that we will complete
+ */
+ if (!TEST_int_eq(SSL_write(peer, pwbuf, sizeof(pwbuf)), sizeof(pwbuf))
+ || !TEST_int_eq(SSL_read(local, lrbuf, sizeof(lrbuf)), sizeof(lrbuf)))
+ goto end;
+
+ /*
+ * write data in local
+ * read data in peer - we will read the key update
+ */
+ if (!TEST_int_eq(SSL_write(local, mess, strlen(mess)), strlen(mess))
+ || !TEST_int_eq(SSL_read(peer, prbuf, sizeof(prbuf)), strlen(mess)))
+ goto end;
+
+ /* Write more peer data to ensure we send the keyupdate message back */
+ if (!TEST_int_eq(SSL_write(peer, mess, strlen(mess)), strlen(mess))
+ || !TEST_int_eq(SSL_read(local, lrbuf, sizeof(lrbuf)), strlen(mess)))
+ goto end;
+
+ testresult = 1;
+
+ end:
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ SSL_CTX_free(sctx);
+ SSL_CTX_free(cctx);
+
+ return testresult;
+}
#endif /* OSSL_NO_USABLE_TLS1_3 */
static int test_ssl_clear(int idx)
PACKET pkt, pkt2, pkt3;
unsigned int MFL_code = 0, type = 0;
- if (!TEST_uint_gt( len = BIO_get_mem_data( bio, (char **) &data ), 0 ) )
+ if (!TEST_uint_gt(len = BIO_get_mem_data(bio, (char **) &data), 0))
goto end;
memset(&pkt, 0, sizeof(pkt));
memset(&pkt3, 0, sizeof(pkt3));
if (!TEST_long_gt(len, 0)
- || !TEST_true( PACKET_buf_init( &pkt, data, len ) )
+ || !TEST_true(PACKET_buf_init(&pkt, data, len))
/* Skip the record header */
|| !PACKET_forward(&pkt, SSL3_RT_HEADER_LENGTH)
/* Skip the handshake message header */
row = NULL;
- if (!TXT_DB_write(out, db))
+ if (TXT_DB_write(out, db) <= 0)
goto end;
ret = 1;
} info_cb_states[][60] = {
{
/* TLSv1.2 server followed by resumption */
- {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "},
- {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"},
+ {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT"},
+ {SSL_CB_LOOP, "PINIT"}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"},
{SSL_CB_LOOP, "TWSC"}, {SSL_CB_LOOP, "TWSKE"}, {SSL_CB_LOOP, "TWSD"},
{SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWSD"}, {SSL_CB_LOOP, "TRCKE"},
{SSL_CB_LOOP, "TRCCS"}, {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TWST"},
{SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWFIN"},
{SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL},
{SSL_CB_ALERT, NULL}, {SSL_CB_HANDSHAKE_START, NULL},
- {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"},
+ {SSL_CB_LOOP, "PINIT"}, {SSL_CB_LOOP, "PINIT"}, {SSL_CB_LOOP, "TRCH"},
{SSL_CB_LOOP, "TWSH"}, {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWFIN"},
{SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_LOOP, "TRCCS"},
{SSL_CB_LOOP, "TRFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL},
{SSL_CB_EXIT, NULL}, {0, NULL},
}, {
/* TLSv1.2 client followed by resumption */
- {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "},
+ {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT"},
{SSL_CB_LOOP, "TWCH"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWCH"},
{SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TRSC"}, {SSL_CB_LOOP, "TRSKE"},
{SSL_CB_LOOP, "TRSD"}, {SSL_CB_LOOP, "TWCKE"}, {SSL_CB_LOOP, "TWCCS"},
{SSL_CB_LOOP, "TWFIN"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWFIN"},
{SSL_CB_LOOP, "TRST"}, {SSL_CB_LOOP, "TRCCS"}, {SSL_CB_LOOP, "TRFIN"},
{SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, {SSL_CB_ALERT, NULL},
- {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "},
+ {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT"},
{SSL_CB_LOOP, "TWCH"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWCH"},
{SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TRCCS"}, {SSL_CB_LOOP, "TRFIN"},
{SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWFIN"},
{SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, {0, NULL},
}, {
/* TLSv1.3 server followed by resumption */
- {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "},
- {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"},
+ {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT"},
+ {SSL_CB_LOOP, "PINIT"}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"},
{SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWEE"}, {SSL_CB_LOOP, "TWSC"},
- {SSL_CB_LOOP, "TRSCV"}, {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_LOOP, "TED"},
+ {SSL_CB_LOOP, "TWSCV"}, {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_LOOP, "TED"},
{SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TRFIN"},
{SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_LOOP, "TWST"},
{SSL_CB_LOOP, "TWST"}, {SSL_CB_EXIT, NULL}, {SSL_CB_ALERT, NULL},
- {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "},
- {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"},
+ {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT"},
+ {SSL_CB_LOOP, "PINIT"}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"},
{SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWEE"}, {SSL_CB_LOOP, "TWFIN"},
{SSL_CB_LOOP, "TED"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TED"},
{SSL_CB_LOOP, "TRFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL},
{SSL_CB_LOOP, "TWST"}, {SSL_CB_EXIT, NULL}, {0, NULL},
}, {
/* TLSv1.3 client followed by resumption */
- {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "},
+ {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT"},
{SSL_CB_LOOP, "TWCH"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWCH"},
{SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TREE"}, {SSL_CB_LOOP, "TRSC"},
{SSL_CB_LOOP, "TRSCV"}, {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TWCCS"},
{SSL_CB_LOOP, "TWFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL},
- {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "SSLOK "},
- {SSL_CB_LOOP, "TRST"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "SSLOK "},
- {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, {SSL_CB_EXIT, NULL},
+ {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "SSLOK"}, {SSL_CB_LOOP, "SSLOK"},
+ {SSL_CB_LOOP, "TRST"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "SSLOK"},
+ {SSL_CB_LOOP, "SSLOK"}, {SSL_CB_LOOP, "TRST"}, {SSL_CB_EXIT, NULL},
{SSL_CB_ALERT, NULL}, {SSL_CB_HANDSHAKE_START, NULL},
- {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TWCH"}, {SSL_CB_EXIT, NULL},
+ {SSL_CB_LOOP, "PINIT"}, {SSL_CB_LOOP, "TWCH"}, {SSL_CB_EXIT, NULL},
{SSL_CB_LOOP, "TWCH"}, {SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TREE"},
{SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWFIN"},
{SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL},
- {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"},
+ {SSL_CB_LOOP, "SSLOK"}, {SSL_CB_LOOP, "SSLOK"}, {SSL_CB_LOOP, "TRST"},
{SSL_CB_EXIT, NULL}, {0, NULL},
}, {
/* TLSv1.3 server, early_data */
- {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "},
- {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"},
+ {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT"},
+ {SSL_CB_LOOP, "PINIT"}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"},
{SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWEE"}, {SSL_CB_LOOP, "TWFIN"},
{SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL},
{SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "TED"},
{SSL_CB_EXIT, NULL}, {0, NULL},
}, {
/* TLSv1.3 client, early_data */
- {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "},
+ {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT"},
{SSL_CB_LOOP, "TWCH"}, {SSL_CB_LOOP, "TWCCS"},
{SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL},
{SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "TED"},
{SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TREE"},
{SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TPEDE"}, {SSL_CB_LOOP, "TWEOED"},
{SSL_CB_LOOP, "TWFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL},
- {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "SSLOK "},
+ {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "SSLOK"}, {SSL_CB_LOOP, "SSLOK"},
{SSL_CB_LOOP, "TRST"}, {SSL_CB_EXIT, NULL}, {0, NULL},
}, {
{0, NULL},
if (!TEST_ptr(chain))
goto out;
if (!TEST_ptr(in = BIO_new(BIO_s_file()))
- || !TEST_int_ge(BIO_read_filename(in, rootfile), 0)
+ || !TEST_int_gt(BIO_read_filename(in, rootfile), 0)
|| !TEST_ptr(rootx = X509_new_ex(libctx, NULL))
|| !TEST_ptr(PEM_read_bio_X509(in, &rootx, NULL, NULL))
|| !TEST_true(sk_X509_push(chain, rootx)))
rootx = NULL;
BIO_free(in);
if (!TEST_ptr(in = BIO_new(BIO_s_file()))
- || !TEST_int_ge(BIO_read_filename(in, ecdsacert), 0)
+ || !TEST_int_gt(BIO_read_filename(in, ecdsacert), 0)
|| !TEST_ptr(x509 = X509_new_ex(libctx, NULL))
|| !TEST_ptr(PEM_read_bio_X509(in, &x509, NULL, NULL)))
goto out;
BIO_free(in);
if (!TEST_ptr(in = BIO_new(BIO_s_file()))
- || !TEST_int_ge(BIO_read_filename(in, ecdsakey), 0)
+ || !TEST_int_gt(BIO_read_filename(in, ecdsakey), 0)
|| !TEST_ptr(pkey = PEM_read_bio_PrivateKey_ex(in, NULL,
NULL, NULL,
libctx, NULL)))
EVP_PKEY_free(pkey);
X509_free(x509);
X509_free(rootx);
- sk_X509_pop_free(chain, X509_free);
+ OSSL_STACK_OF_X509_free(chain);
return ret;
}
return 0;
}
-static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx)
-{
- return 1;
-}
-
static int test_client_cert_cb(int tst)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
}
#endif /* OPENSSL_NO_TLS1_2 */
+static int test_session_timeout(int test)
+{
+ /*
+ * Test session ordering and timeout
+ * Can't explicitly test performance of the new code,
+ * but can test to see if the ordering of the sessions
+ * are correct, and they they are removed as expected
+ */
+ SSL_SESSION *early = NULL;
+ SSL_SESSION *middle = NULL;
+ SSL_SESSION *late = NULL;
+ SSL_CTX *ctx;
+ int testresult = 0;
+ long now = (long)time(NULL);
+#define TIMEOUT 10
+
+ if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, TLS_method()))
+ || !TEST_ptr(early = SSL_SESSION_new())
+ || !TEST_ptr(middle = SSL_SESSION_new())
+ || !TEST_ptr(late = SSL_SESSION_new()))
+ goto end;
+
+ /* assign unique session ids */
+ early->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ memset(early->session_id, 1, SSL3_SSL_SESSION_ID_LENGTH);
+ middle->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ memset(middle->session_id, 2, SSL3_SSL_SESSION_ID_LENGTH);
+ late->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+ memset(late->session_id, 3, SSL3_SSL_SESSION_ID_LENGTH);
+
+ if (!TEST_int_eq(SSL_CTX_add_session(ctx, early), 1)
+ || !TEST_int_eq(SSL_CTX_add_session(ctx, middle), 1)
+ || !TEST_int_eq(SSL_CTX_add_session(ctx, late), 1))
+ goto end;
+
+ /* Make sure they are all added */
+ if (!TEST_ptr(early->prev)
+ || !TEST_ptr(middle->prev)
+ || !TEST_ptr(late->prev))
+ goto end;
+
+ if (!TEST_int_ne(SSL_SESSION_set_time(early, now - 10), 0)
+ || !TEST_int_ne(SSL_SESSION_set_time(middle, now), 0)
+ || !TEST_int_ne(SSL_SESSION_set_time(late, now + 10), 0))
+ goto end;
+
+ if (!TEST_int_ne(SSL_SESSION_set_timeout(early, TIMEOUT), 0)
+ || !TEST_int_ne(SSL_SESSION_set_timeout(middle, TIMEOUT), 0)
+ || !TEST_int_ne(SSL_SESSION_set_timeout(late, TIMEOUT), 0))
+ goto end;
+
+ /* Make sure they are all still there */
+ if (!TEST_ptr(early->prev)
+ || !TEST_ptr(middle->prev)
+ || !TEST_ptr(late->prev))
+ goto end;
+
+ /* Make sure they are in the expected order */
+ if (!TEST_ptr_eq(late->next, middle)
+ || !TEST_ptr_eq(middle->next, early)
+ || !TEST_ptr_eq(early->prev, middle)
+ || !TEST_ptr_eq(middle->prev, late))
+ goto end;
+
+ /* This should remove "early" */
+ SSL_CTX_flush_sessions(ctx, now + TIMEOUT - 1);
+ if (!TEST_ptr_null(early->prev)
+ || !TEST_ptr(middle->prev)
+ || !TEST_ptr(late->prev))
+ goto end;
+
+ /* This should remove "middle" */
+ SSL_CTX_flush_sessions(ctx, now + TIMEOUT + 1);
+ if (!TEST_ptr_null(early->prev)
+ || !TEST_ptr_null(middle->prev)
+ || !TEST_ptr(late->prev))
+ goto end;
+
+ /* This should remove "late" */
+ SSL_CTX_flush_sessions(ctx, now + TIMEOUT + 11);
+ if (!TEST_ptr_null(early->prev)
+ || !TEST_ptr_null(middle->prev)
+ || !TEST_ptr_null(late->prev))
+ goto end;
+
+ /* Add them back in again */
+ if (!TEST_int_eq(SSL_CTX_add_session(ctx, early), 1)
+ || !TEST_int_eq(SSL_CTX_add_session(ctx, middle), 1)
+ || !TEST_int_eq(SSL_CTX_add_session(ctx, late), 1))
+ goto end;
+
+ /* Make sure they are all added */
+ if (!TEST_ptr(early->prev)
+ || !TEST_ptr(middle->prev)
+ || !TEST_ptr(late->prev))
+ goto end;
+
+ /* This should remove all of them */
+ SSL_CTX_flush_sessions(ctx, 0);
+ if (!TEST_ptr_null(early->prev)
+ || !TEST_ptr_null(middle->prev)
+ || !TEST_ptr_null(late->prev))
+ goto end;
+
+ (void)SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_UPDATE_TIME
+ | SSL_CTX_get_session_cache_mode(ctx));
+
+ /* make sure |now| is NOT equal to the current time */
+ now -= 10;
+ if (!TEST_int_ne(SSL_SESSION_set_time(early, now), 0)
+ || !TEST_int_eq(SSL_CTX_add_session(ctx, early), 1)
+ || !TEST_long_ne(SSL_SESSION_get_time(early), now))
+ goto end;
+
+ testresult = 1;
+ end:
+ SSL_CTX_free(ctx);
+ SSL_SESSION_free(early);
+ SSL_SESSION_free(middle);
+ SSL_SESSION_free(late);
+ return testresult;
+}
+
/*
* Test 0: Client sets servername and server acknowledges it (TLSv1.2)
* Test 1: Client sets servername and server does not acknowledge it (TLSv1.2)
pctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL);
if (!TEST_ptr(pctx)
- || !TEST_true(EVP_PKEY_fromdata_init(pctx)))
+ || !TEST_int_eq(EVP_PKEY_fromdata_init(pctx), 1))
goto end;
tmpl = OSSL_PARAM_BLD_new();
params = OSSL_PARAM_BLD_to_param(tmpl);
if (!TEST_ptr(params)
- || !TEST_true(EVP_PKEY_fromdata(pctx, &dhpkey,
- EVP_PKEY_KEY_PARAMETERS, params)))
+ || !TEST_int_eq(EVP_PKEY_fromdata(pctx, &dhpkey,
+ EVP_PKEY_KEY_PARAMETERS,
+ params), 1))
goto end;
tmp_dh_params = dhpkey;
*/
static int test_dh_auto(int idx)
{
- SSL_CTX *cctx = NULL, *sctx = NULL;
+ SSL_CTX *cctx = SSL_CTX_new_ex(libctx, NULL, TLS_client_method());
+ SSL_CTX *sctx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method());
SSL *clientssl = NULL, *serverssl = NULL;
int testresult = 0;
EVP_PKEY *tmpkey = NULL;
size_t expdhsize = 0;
const char *ciphersuite = "DHE-RSA-AES128-SHA";
+ if (!TEST_ptr(sctx) || !TEST_ptr(cctx))
+ goto end;
+
switch (idx) {
case 0:
/* The FIPS provider doesn't support this DH size - so we ignore it */
- if (is_fips)
- return 1;
+ if (is_fips) {
+ testresult = 1;
+ goto end;
+ }
thiscert = cert1024;
thiskey = privkey1024;
expdhsize = 1024;
+ SSL_CTX_set_security_level(sctx, 1);
+ SSL_CTX_set_security_level(cctx, 1);
break;
case 1:
/* 2048 bit prime */
/* No certificate cases */
case 5:
/* The FIPS provider doesn't support this DH size - so we ignore it */
- if (is_fips)
- return 1;
+ if (is_fips) {
+ testresult = 1;
+ goto end;
+ }
ciphersuite = "ADH-AES128-SHA256:@SECLEVEL=0";
expdhsize = 1024;
break;
goto end;
}
- if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(),
- TLS_client_method(),
+ if (!TEST_true(create_ssl_ctx_pair(libctx, NULL,
+ NULL,
0,
0,
&sctx, &cctx, thiscert, thiskey)))
if (!TEST_int_gt(SSL_get_tmp_key(serverssl, &tmpkey), 0))
goto end;
- if (!TEST_size_t_eq(EVP_PKEY_bits(tmpkey), expdhsize))
+ if (!TEST_size_t_eq(EVP_PKEY_get_bits(tmpkey), expdhsize))
goto end;
if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)))
#if !defined(OPENSSL_NO_KTLS) && !defined(OPENSSL_NO_SOCK)
# if !defined(OPENSSL_NO_TLS1_2) || !defined(OSSL_NO_USABLE_TLS1_3)
- ADD_ALL_TESTS(test_ktls, 8);
- ADD_ALL_TESTS(test_ktls_sendfile_anytls, 6);
+ ADD_ALL_TESTS(test_ktls, NUM_KTLS_TEST_CIPHERS * 4);
+ ADD_ALL_TESTS(test_ktls_sendfile, NUM_KTLS_TEST_CIPHERS);
# endif
#endif
ADD_TEST(test_large_message_tls);
# ifndef OPENSSL_NO_TLS1_2
/* Test with both TLSv1.3 and 1.2 versions */
ADD_ALL_TESTS(test_key_exchange, 14);
+# if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DH)
+ ADD_ALL_TESTS(test_negotiated_group,
+ 4 * (OSSL_NELEM(ecdhe_kexch_groups)
+ + OSSL_NELEM(ffdhe_kexch_groups)));
+# endif
# else
/* Test with only TLSv1.3 versions */
ADD_ALL_TESTS(test_key_exchange, 12);
# endif
- ADD_ALL_TESTS(test_custom_exts, 5);
+ ADD_ALL_TESTS(test_custom_exts, 6);
ADD_TEST(test_stateless);
ADD_TEST(test_pha_key_update);
#else
#ifndef OSSL_NO_USABLE_TLS1_3
ADD_ALL_TESTS(test_export_key_mat_early, 3);
ADD_TEST(test_key_update);
- ADD_ALL_TESTS(test_key_update_in_write, 2);
+ ADD_ALL_TESTS(test_key_update_peer_in_write, 2);
+ ADD_ALL_TESTS(test_key_update_peer_in_read, 2);
+ ADD_ALL_TESTS(test_key_update_local_in_write, 2);
+ ADD_ALL_TESTS(test_key_update_local_in_read, 2);
#endif
ADD_ALL_TESTS(test_ssl_clear, 2);
ADD_ALL_TESTS(test_max_fragment_len_ext, OSSL_NELEM(max_fragment_len_test));
#endif
ADD_TEST(test_inherit_verify_param);
ADD_TEST(test_set_alpn);
+ ADD_ALL_TESTS(test_session_timeout, 1);
return 1;
err: