X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Fsslapitest.c;h=b3aa5633ab18e69d61ee12d2194198d48536e1f0;hp=15fe0037ced73e87d60994714f01669782f20f1f;hb=37857e9b5258da148e5d3699b6acdf8787417eb2;hpb=aff58ee3828fec3bba8ffaeeba39bc77984fded4 diff --git a/test/sslapitest.c b/test/sslapitest.c index 15fe0037ce..b3aa5633ab 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -4028,20 +4028,25 @@ static int test_serverinfo(int tst) * no test vectors so all we do is test that both sides of the communication * produce the same results for different protocol versions. */ +#define SMALL_LABEL_LEN 10 +#define LONG_LABEL_LEN 249 static int test_export_key_mat(int tst) { int testresult = 0; SSL_CTX *cctx = NULL, *sctx = NULL, *sctx2 = NULL; SSL *clientssl = NULL, *serverssl = NULL; - const char label[] = "test label"; + const char label[LONG_LABEL_LEN + 1] = "test label"; const unsigned char context[] = "context"; const unsigned char *emptycontext = NULL; unsigned char ckeymat1[80], ckeymat2[80], ckeymat3[80]; unsigned char skeymat1[80], skeymat2[80], skeymat3[80]; + size_t labellen; const int protocols[] = { TLS1_VERSION, TLS1_1_VERSION, TLS1_2_VERSION, + TLS1_3_VERSION, + TLS1_3_VERSION, TLS1_3_VERSION }; @@ -4058,7 +4063,7 @@ static int test_export_key_mat(int tst) return 1; #endif #ifdef OPENSSL_NO_TLS1_3 - if (tst == 3) + if (tst >= 3) return 1; #endif if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), @@ -4076,33 +4081,52 @@ static int test_export_key_mat(int tst) SSL_ERROR_NONE))) goto end; + if (tst == 5) { + /* + * TLSv1.3 imposes a maximum label len of 249 bytes. Check we fail if we + * go over that. + */ + if (!TEST_int_le(SSL_export_keying_material(clientssl, ckeymat1, + sizeof(ckeymat1), label, + LONG_LABEL_LEN + 1, context, + sizeof(context) - 1, 1), 0)) + goto end; + + testresult = 1; + goto end; + } else if (tst == 4) { + labellen = LONG_LABEL_LEN; + } else { + labellen = SMALL_LABEL_LEN; + } + if (!TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat1, sizeof(ckeymat1), label, - sizeof(label) - 1, context, + labellen, context, sizeof(context) - 1, 1), 1) || !TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat2, sizeof(ckeymat2), label, - sizeof(label) - 1, + labellen, emptycontext, 0, 1), 1) || !TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat3, sizeof(ckeymat3), label, - sizeof(label) - 1, + labellen, NULL, 0, 0), 1) || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat1, sizeof(skeymat1), label, - sizeof(label) - 1, + labellen, context, sizeof(context) -1, 1), 1) || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat2, sizeof(skeymat2), label, - sizeof(label) - 1, + labellen, emptycontext, 0, 1), 1) || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat3, sizeof(skeymat3), label, - sizeof(label) - 1, + labellen, NULL, 0, 0), 1) /* * Check that both sides created the same key material with the @@ -4131,10 +4155,10 @@ static int test_export_key_mat(int tst) * Check that an empty context and no context produce different results in * protocols less than TLSv1.3. In TLSv1.3 they should be the same. */ - if ((tst != 3 && !TEST_mem_ne(ckeymat2, sizeof(ckeymat2), ckeymat3, + if ((tst < 3 && !TEST_mem_ne(ckeymat2, sizeof(ckeymat2), ckeymat3, sizeof(ckeymat3))) - || (tst ==3 && !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), ckeymat3, - sizeof(ckeymat3)))) + || (tst >= 3 && !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), ckeymat3, + sizeof(ckeymat3)))) goto end; testresult = 1; @@ -4710,18 +4734,14 @@ static struct info_cb_states_st { {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWEE"}, {SSL_CB_LOOP, "TWSC"}, {SSL_CB_LOOP, "TRSCV"}, {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_LOOP, "TED"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TRFIN"}, - {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, - {SSL_CB_LOOP, "TWST"}, {SSL_CB_HANDSHAKE_DONE, NULL}, - {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "TWST"}, - {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, - {SSL_CB_ALERT, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, - {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, - {SSL_CB_LOOP, "TWSH"}, {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWEE"}, - {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_LOOP, "TED"}, {SSL_CB_EXIT, NULL}, - {SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TRFIN"}, - {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, - {SSL_CB_LOOP, "TWST"}, {SSL_CB_HANDSHAKE_DONE, NULL}, - {SSL_CB_EXIT, NULL}, {0, NULL}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_LOOP, "TWST"}, + {SSL_CB_LOOP, "TWST"}, {SSL_CB_EXIT, NULL}, {SSL_CB_ALERT, NULL}, + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, + {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"}, + {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWEE"}, {SSL_CB_LOOP, "TWFIN"}, + {SSL_CB_LOOP, "TED"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TED"}, + {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL}, + {SSL_CB_LOOP, "TWST"}, {SSL_CB_EXIT, NULL}, {0, NULL}, }, { /* TLSv1.3 client followed by resumption */ {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, @@ -4729,20 +4749,16 @@ static struct info_cb_states_st { {SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TREE"}, {SSL_CB_LOOP, "TRSC"}, {SSL_CB_LOOP, "TRSCV"}, {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL}, - {SSL_CB_EXIT, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, - {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, - {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, - {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "SSLOK "}, - {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, - {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, + {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "SSLOK "}, + {SSL_CB_LOOP, "TRST"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "SSLOK "}, + {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, {SSL_CB_EXIT, NULL}, {SSL_CB_ALERT, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TWCH"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWCH"}, {SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TREE"}, {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, - {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "SSLOK "}, - {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, - {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, {0, NULL}, + {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, + {SSL_CB_EXIT, NULL}, {0, NULL}, }, { /* TLSv1.3 server, early_data */ {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, @@ -4751,8 +4767,7 @@ static struct info_cb_states_st { {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TWEOED"}, {SSL_CB_LOOP, "TRFIN"}, - {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, - {SSL_CB_LOOP, "TWST"}, {SSL_CB_HANDSHAKE_DONE, NULL}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_LOOP, "TWST"}, {SSL_CB_EXIT, NULL}, {0, NULL}, }, { /* TLSv1.3 client, early_data */ @@ -4763,9 +4778,8 @@ static struct info_cb_states_st { {SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TREE"}, {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TPEDE"}, {SSL_CB_LOOP, "TWEOED"}, {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL}, - {SSL_CB_EXIT, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, - {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, - {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, {0, NULL}, + {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "SSLOK "}, + {SSL_CB_LOOP, "TRST"}, {SSL_CB_EXIT, NULL}, {0, NULL}, }, { {0, NULL}, } @@ -4804,8 +4818,11 @@ static void sslapi_info_callback(const SSL *s, int where, int ret) return; } - /* Check that, if we've got SSL_CB_HANDSHAKE_DONE we are not in init */ - if ((where & SSL_CB_HANDSHAKE_DONE) && SSL_in_init((SSL *)s) != 0) { + /* + * Check that, if we've got SSL_CB_HANDSHAKE_DONE we are not in init + */ + if ((where & SSL_CB_HANDSHAKE_DONE) + && SSL_in_init((SSL *)s) != 0) { info_cb_failed = 1; return; } @@ -5384,7 +5401,7 @@ static int test_shutdown(int tst) if (tst == 3) { if (!TEST_true(create_bare_ssl_connection(serverssl, clientssl, - SSL_ERROR_NONE)) + SSL_ERROR_NONE, 1)) || !TEST_ptr_ne(sess = SSL_get_session(clientssl), NULL) || !TEST_false(SSL_SESSION_is_resumable(sess))) goto end; @@ -5497,6 +5514,7 @@ static int test_shutdown(int tst) return testresult; } +#if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3) static int cert_cb_cnt; static int cert_cb(SSL *s, void *arg) @@ -5576,6 +5594,7 @@ static int test_cert_cb_int(int prot, int tst) return testresult; } +#endif static int test_cert_cb(int tst) { @@ -5584,13 +5603,241 @@ static int test_cert_cb(int tst) #ifndef OPENSSL_NO_TLS1_2 testresult &= test_cert_cb_int(TLS1_2_VERSION, tst); #endif -#ifdef OPENSSL_NO_TLS1_3 +#ifndef OPENSSL_NO_TLS1_3 testresult &= test_cert_cb_int(TLS1_3_VERSION, tst); #endif return testresult; } +static int client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey) +{ + X509 *xcert, *peer; + EVP_PKEY *privpkey; + BIO *in = NULL; + + /* Check that SSL_get_peer_certificate() returns something sensible */ + peer = SSL_get_peer_certificate(ssl); + if (!TEST_ptr(peer)) + return 0; + X509_free(peer); + + in = BIO_new_file(cert, "r"); + if (!TEST_ptr(in)) + return 0; + + xcert = PEM_read_bio_X509(in, NULL, NULL, NULL); + BIO_free(in); + if (!TEST_ptr(xcert)) + return 0; + + in = BIO_new_file(privkey, "r"); + if (!TEST_ptr(in)) { + X509_free(xcert); + return 0; + } + + privpkey = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL); + BIO_free(in); + if (!TEST_ptr(privpkey)) { + X509_free(xcert); + return 0; + } + + *x509 = xcert; + *pkey = privpkey; + + return 1; +} + +static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) +{ + return 1; +} + +static int test_client_cert_cb(int tst) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + +#ifdef OPENSSL_NO_TLS1_2 + if (tst == 0) + return 1; +#endif +#ifdef OPENSSL_NO_TLS1_3 + if (tst == 1) + return 1; +#endif + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, + tst == 0 ? TLS1_2_VERSION + : TLS1_3_VERSION, + &sctx, &cctx, cert, privkey))) + goto end; + + /* + * Test that setting a client_cert_cb results in a client certificate being + * sent. + */ + SSL_CTX_set_client_cert_cb(cctx, client_cert_cb); + SSL_CTX_set_verify(sctx, + SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, + verify_cb); + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +#if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3) +/* + * Test setting certificate authorities on both client and server. + * + * Test 0: SSL_CTX_set0_CA_list() only + * Test 1: Both SSL_CTX_set0_CA_list() and SSL_CTX_set_client_CA_list() + * Test 2: Only SSL_CTX_set_client_CA_list() + */ +static int test_ca_names_int(int prot, int tst) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + size_t i; + X509_NAME *name[] = { NULL, NULL, NULL, NULL }; + char *strnames[] = { "Jack", "Jill", "John", "Joanne" }; + STACK_OF(X509_NAME) *sk1 = NULL, *sk2 = NULL; + const STACK_OF(X509_NAME) *sktmp = NULL; + + for (i = 0; i < OSSL_NELEM(name); i++) { + name[i] = X509_NAME_new(); + if (!TEST_ptr(name[i]) + || !TEST_true(X509_NAME_add_entry_by_txt(name[i], "CN", + MBSTRING_ASC, + (unsigned char *) + strnames[i], + -1, -1, 0))) + goto end; + } + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, + prot, + &sctx, &cctx, cert, privkey))) + goto end; + + SSL_CTX_set_verify(sctx, SSL_VERIFY_PEER, NULL); + + if (tst == 0 || tst == 1) { + if (!TEST_ptr(sk1 = sk_X509_NAME_new_null()) + || !TEST_true(sk_X509_NAME_push(sk1, X509_NAME_dup(name[0]))) + || !TEST_true(sk_X509_NAME_push(sk1, X509_NAME_dup(name[1]))) + || !TEST_ptr(sk2 = sk_X509_NAME_new_null()) + || !TEST_true(sk_X509_NAME_push(sk2, X509_NAME_dup(name[0]))) + || !TEST_true(sk_X509_NAME_push(sk2, X509_NAME_dup(name[1])))) + goto end; + + SSL_CTX_set0_CA_list(sctx, sk1); + SSL_CTX_set0_CA_list(cctx, sk2); + sk1 = sk2 = NULL; + } + if (tst == 1 || tst == 2) { + if (!TEST_ptr(sk1 = sk_X509_NAME_new_null()) + || !TEST_true(sk_X509_NAME_push(sk1, X509_NAME_dup(name[2]))) + || !TEST_true(sk_X509_NAME_push(sk1, X509_NAME_dup(name[3]))) + || !TEST_ptr(sk2 = sk_X509_NAME_new_null()) + || !TEST_true(sk_X509_NAME_push(sk2, X509_NAME_dup(name[2]))) + || !TEST_true(sk_X509_NAME_push(sk2, X509_NAME_dup(name[3])))) + goto end; + + SSL_CTX_set_client_CA_list(sctx, sk1); + SSL_CTX_set_client_CA_list(cctx, sk2); + sk1 = sk2 = NULL; + } + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + /* + * We only expect certificate authorities to have been sent to the server + * if we are using TLSv1.3 and SSL_set0_CA_list() was used + */ + sktmp = SSL_get0_peer_CA_list(serverssl); + if (prot == TLS1_3_VERSION + && (tst == 0 || tst == 1)) { + if (!TEST_ptr(sktmp) + || !TEST_int_eq(sk_X509_NAME_num(sktmp), 2) + || !TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(sktmp, 0), + name[0]), 0) + || !TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(sktmp, 1), + name[1]), 0)) + goto end; + } else if (!TEST_ptr_null(sktmp)) { + goto end; + } + + /* + * In all tests we expect certificate authorities to have been sent to the + * client. However, SSL_set_client_CA_list() should override + * SSL_set0_CA_list() + */ + sktmp = SSL_get0_peer_CA_list(clientssl); + if (!TEST_ptr(sktmp) + || !TEST_int_eq(sk_X509_NAME_num(sktmp), 2) + || !TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(sktmp, 0), + name[tst == 0 ? 0 : 2]), 0) + || !TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(sktmp, 1), + name[tst == 0 ? 1 : 3]), 0)) + goto end; + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + for (i = 0; i < OSSL_NELEM(name); i++) + X509_NAME_free(name[i]); + sk_X509_NAME_pop_free(sk1, X509_NAME_free); + sk_X509_NAME_pop_free(sk2, X509_NAME_free); + + return testresult; +} +#endif + +static int test_ca_names(int tst) +{ + int testresult = 1; + +#ifndef OPENSSL_NO_TLS1_2 + testresult &= test_ca_names_int(TLS1_2_VERSION, tst); +#endif +#ifndef OPENSSL_NO_TLS1_3 + testresult &= test_ca_names_int(TLS1_3_VERSION, tst); +#endif + + return testresult; +} + int setup_tests(void) { if (!TEST_ptr(cert = test_get_argument(0)) @@ -5679,7 +5926,7 @@ int setup_tests(void) ADD_ALL_TESTS(test_custom_exts, 3); #endif ADD_ALL_TESTS(test_serverinfo, 8); - ADD_ALL_TESTS(test_export_key_mat, 4); + ADD_ALL_TESTS(test_export_key_mat, 6); #ifndef OPENSSL_NO_TLS1_3 ADD_ALL_TESTS(test_export_key_mat_early, 3); #endif @@ -5694,6 +5941,8 @@ int setup_tests(void) ADD_ALL_TESTS(test_ticket_callbacks, 12); ADD_ALL_TESTS(test_shutdown, 7); ADD_ALL_TESTS(test_cert_cb, 3); + ADD_ALL_TESTS(test_client_cert_cb, 2); + ADD_ALL_TESTS(test_ca_names, 3); return 1; }