From: Peter Wu Date: Wed, 21 Mar 2018 13:00:42 +0000 (+0100) Subject: Add test for CLIENT_EARLY_TRAFFIC_SECRET key logging X-Git-Tag: OpenSSL_1_1_1-pre6~97 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=cffe973c45491b14d980e3b578da28e4a79a8705 Add test for CLIENT_EARLY_TRAFFIC_SECRET key logging Reviewed-by: Rich Salz Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/5702) --- diff --git a/test/sslapitest.c b/test/sslapitest.c index 1d57f7173a..a71a1a9074 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -28,7 +28,7 @@ static char *privkey = NULL; static char *srpvfile = NULL; static char *tmpfilename = NULL; -#define LOG_BUFFER_SIZE 1024 +#define LOG_BUFFER_SIZE 2048 static char server_log_buffer[LOG_BUFFER_SIZE + 1] = {0}; static size_t server_log_buffer_index = 0; static char client_log_buffer[LOG_BUFFER_SIZE + 1] = {0}; @@ -54,6 +54,7 @@ static X509 *ocspcert = NULL; struct sslapitest_log_counts { unsigned int rsa_key_exchange_count; unsigned int master_secret_count; + unsigned int client_early_secret_count; unsigned int client_handshake_secret_count; unsigned int server_handshake_secret_count; unsigned int client_application_secret_count; @@ -140,6 +141,7 @@ static int test_keylog_output(char *buffer, const SSL *ssl, size_t master_key_size = SSL_MAX_MASTER_KEY_LENGTH; unsigned int rsa_key_exchange_count = 0; unsigned int master_secret_count = 0; + unsigned int client_early_secret_count = 0; unsigned int client_handshake_secret_count = 0; unsigned int server_handshake_secret_count = 0; unsigned int client_application_secret_count = 0; @@ -198,7 +200,8 @@ static int test_keylog_output(char *buffer, const SSL *ssl, master_key_size))) return 0; master_secret_count++; - } else if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0 + } else if (strcmp(token, "CLIENT_EARLY_TRAFFIC_SECRET") == 0 + || strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0 || strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0 || strcmp(token, "CLIENT_TRAFFIC_SECRET_0") == 0 || strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0 @@ -209,7 +212,9 @@ static int test_keylog_output(char *buffer, const SSL *ssl, * we treat all of these secrets identically and then just * distinguish between them when counting what we saw. */ - if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0) + if (strcmp(token, "CLIENT_EARLY_TRAFFIC_SECRET") == 0) + client_early_secret_count++; + else if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0) client_handshake_secret_count++; else if (strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0) server_handshake_secret_count++; @@ -252,6 +257,8 @@ static int test_keylog_output(char *buffer, const SSL *ssl, expected->rsa_key_exchange_count) || !TEST_size_t_eq(master_secret_count, expected->master_secret_count) + || !TEST_size_t_eq(client_early_secret_count, + expected->client_early_secret_count) || !TEST_size_t_eq(client_handshake_secret_count, expected->client_handshake_secret_count) || !TEST_size_t_eq(server_handshake_secret_count, @@ -351,8 +358,11 @@ static int test_keylog_no_master_key(void) { SSL_CTX *cctx = NULL, *sctx = NULL; SSL *clientssl = NULL, *serverssl = NULL; + SSL_SESSION *sess = NULL; int testresult = 0; struct sslapitest_log_counts expected = {0}; + unsigned char buf[1]; + size_t readbytes, written; /* Clean up logging space */ memset(client_log_buffer, 0, sizeof(client_log_buffer)); @@ -363,7 +373,11 @@ static int test_keylog_no_master_key(void) if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), TLS1_VERSION, TLS_MAX_VERSION, - &sctx, &cctx, cert, privkey))) + &sctx, &cctx, cert, privkey)) + || !TEST_true(SSL_CTX_set_max_early_data(sctx, + SSL3_RT_MAX_PLAIN_LENGTH)) + || !TEST_true(SSL_CTX_set_max_early_data(cctx, + SSL3_RT_MAX_PLAIN_LENGTH))) return 0; if (!TEST_true(SSL_CTX_get_keylog_callback(cctx) == NULL) @@ -405,9 +419,48 @@ static int test_keylog_no_master_key(void) &expected))) goto end; + /* Terminate old session and resume with early data. */ + sess = SSL_get1_session(clientssl); + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + + /* Reset key log */ + memset(client_log_buffer, 0, sizeof(client_log_buffer)); + memset(server_log_buffer, 0, sizeof(server_log_buffer)); + client_log_buffer_index = 0; + server_log_buffer_index = 0; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl, sess)) + /* Here writing 0 length early data is enough. */ + || !TEST_true(SSL_write_early_data(clientssl, NULL, 0, &written)) + || !TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_ERROR) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_ACCEPTED) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_true(SSL_session_reused(clientssl))) + goto end; + + /* In addition to the previous entries, expect early secrets. */ + expected.client_early_secret_count = 1; + if (!TEST_true(test_keylog_output(client_log_buffer, clientssl, + SSL_get_session(clientssl), &expected)) + || !TEST_true(test_keylog_output(server_log_buffer, serverssl, + SSL_get_session(serverssl), + &expected))) + goto end; + testresult = 1; end: + SSL_SESSION_free(sess); SSL_free(serverssl); SSL_free(clientssl); SSL_CTX_free(sctx);