123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259 |
- /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
- #include <openssl/bio.h>
- #include <openssl/crypto.h>
- #include <openssl/ssl.h>
- #include <openssl/err.h>
- #include "ssltestlib.h"
- #include "testutil.h"
- static char *cert = NULL;
- static char *privkey = NULL;
- static unsigned int timer_cb_count;
- #define NUM_TESTS 2
- #define DUMMY_CERT_STATUS_LEN 12
- static unsigned char certstatus[] = {
- SSL3_RT_HANDSHAKE, /* Content type */
- 0xfe, 0xfd, /* Record version */
- 0, 1, /* Epoch */
- 0, 0, 0, 0, 0, 0x0f, /* Record sequence number */
- 0, DTLS1_HM_HEADER_LENGTH + DUMMY_CERT_STATUS_LEN - 2,
- SSL3_MT_CERTIFICATE_STATUS, /* Cert Status handshake message type */
- 0, 0, DUMMY_CERT_STATUS_LEN, /* Message len */
- 0, 5, /* Message sequence */
- 0, 0, 0, /* Fragment offset */
- 0, 0, DUMMY_CERT_STATUS_LEN - 2, /* Fragment len */
- 0x80, 0x80, 0x80, 0x80, 0x80,
- 0x80, 0x80, 0x80, 0x80, 0x80 /* Dummy data */
- };
- #define RECORD_SEQUENCE 10
- static unsigned int timer_cb(SSL *s, unsigned int timer_us)
- {
- ++timer_cb_count;
- if (timer_us == 0)
- return 50000;
- else
- return 2 * timer_us;
- }
- static int test_dtls_unprocessed(int testidx)
- {
- SSL_CTX *sctx = NULL, *cctx = NULL;
- SSL *serverssl1 = NULL, *clientssl1 = NULL;
- BIO *c_to_s_fbio, *c_to_s_mempacket;
- int testresult = 0;
- timer_cb_count = 0;
- if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(),
- DTLS_client_method(),
- DTLS1_VERSION, DTLS_MAX_VERSION,
- &sctx, &cctx, cert, privkey)))
- return 0;
- if (!TEST_true(SSL_CTX_set_cipher_list(cctx, "AES128-SHA")))
- goto end;
- c_to_s_fbio = BIO_new(bio_f_tls_dump_filter());
- if (!TEST_ptr(c_to_s_fbio))
- goto end;
- /* BIO is freed by create_ssl_connection on error */
- if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1,
- NULL, c_to_s_fbio)))
- goto end;
- DTLS_set_timer_cb(clientssl1, timer_cb);
- if (testidx == 1)
- certstatus[RECORD_SEQUENCE] = 0xff;
- /*
- * Inject a dummy record from the next epoch. In test 0, this should never
- * get used because the message sequence number is too big. In test 1 we set
- * the record sequence number to be way off in the future. This should not
- * have an impact on the record replay protection because the record should
- * be dropped before it is marked as arrived
- */
- c_to_s_mempacket = SSL_get_wbio(clientssl1);
- c_to_s_mempacket = BIO_next(c_to_s_mempacket);
- mempacket_test_inject(c_to_s_mempacket, (char *)certstatus,
- sizeof(certstatus), 1, INJECT_PACKET_IGNORE_REC_SEQ);
- if (!TEST_true(create_ssl_connection(serverssl1, clientssl1,
- SSL_ERROR_NONE)))
- goto end;
- if (timer_cb_count == 0) {
- printf("timer_callback was not called.\n");
- goto end;
- }
- testresult = 1;
- end:
- SSL_free(serverssl1);
- SSL_free(clientssl1);
- SSL_CTX_free(sctx);
- SSL_CTX_free(cctx);
- return testresult;
- }
- #define CLI_TO_SRV_EPOCH_0_RECS 3
- #define CLI_TO_SRV_EPOCH_1_RECS 1
- #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
- # define SRV_TO_CLI_EPOCH_0_RECS 12
- #else
- /*
- * In this case we have no ServerKeyExchange message, because we don't have
- * ECDHE or DHE. When it is present it gets fragmented into 3 records in this
- * test.
- */
- # define SRV_TO_CLI_EPOCH_0_RECS 9
- #endif
- #define SRV_TO_CLI_EPOCH_1_RECS 1
- #define TOTAL_FULL_HAND_RECORDS \
- (CLI_TO_SRV_EPOCH_0_RECS + CLI_TO_SRV_EPOCH_1_RECS + \
- SRV_TO_CLI_EPOCH_0_RECS + SRV_TO_CLI_EPOCH_1_RECS)
- #define CLI_TO_SRV_RESUME_EPOCH_0_RECS 3
- #define CLI_TO_SRV_RESUME_EPOCH_1_RECS 1
- #define SRV_TO_CLI_RESUME_EPOCH_0_RECS 2
- #define SRV_TO_CLI_RESUME_EPOCH_1_RECS 1
- #define TOTAL_RESUME_HAND_RECORDS \
- (CLI_TO_SRV_RESUME_EPOCH_0_RECS + CLI_TO_SRV_RESUME_EPOCH_1_RECS + \
- SRV_TO_CLI_RESUME_EPOCH_0_RECS + SRV_TO_CLI_RESUME_EPOCH_1_RECS)
- #define TOTAL_RECORDS (TOTAL_FULL_HAND_RECORDS + TOTAL_RESUME_HAND_RECORDS)
- static int test_dtls_drop_records(int idx)
- {
- SSL_CTX *sctx = NULL, *cctx = NULL;
- SSL *serverssl = NULL, *clientssl = NULL;
- BIO *c_to_s_fbio, *mempackbio;
- int testresult = 0;
- int epoch = 0;
- SSL_SESSION *sess = NULL;
- int cli_to_srv_epoch0, cli_to_srv_epoch1, srv_to_cli_epoch0;
- if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(),
- DTLS_client_method(),
- DTLS1_VERSION, DTLS_MAX_VERSION,
- &sctx, &cctx, cert, privkey)))
- return 0;
- if (idx >= TOTAL_FULL_HAND_RECORDS) {
- /* We're going to do a resumption handshake. Get a session first. */
- if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
- NULL, NULL))
- || !TEST_true(create_ssl_connection(serverssl, clientssl,
- SSL_ERROR_NONE))
- || !TEST_ptr(sess = SSL_get1_session(clientssl)))
- goto end;
- SSL_shutdown(clientssl);
- SSL_shutdown(serverssl);
- SSL_free(serverssl);
- SSL_free(clientssl);
- serverssl = clientssl = NULL;
- cli_to_srv_epoch0 = CLI_TO_SRV_RESUME_EPOCH_0_RECS;
- cli_to_srv_epoch1 = CLI_TO_SRV_RESUME_EPOCH_1_RECS;
- srv_to_cli_epoch0 = SRV_TO_CLI_RESUME_EPOCH_0_RECS;
- idx -= TOTAL_FULL_HAND_RECORDS;
- } else {
- cli_to_srv_epoch0 = CLI_TO_SRV_EPOCH_0_RECS;
- cli_to_srv_epoch1 = CLI_TO_SRV_EPOCH_1_RECS;
- srv_to_cli_epoch0 = SRV_TO_CLI_EPOCH_0_RECS;
- }
- c_to_s_fbio = BIO_new(bio_f_tls_dump_filter());
- if (!TEST_ptr(c_to_s_fbio))
- goto end;
- /* BIO is freed by create_ssl_connection on error */
- if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
- NULL, c_to_s_fbio)))
- goto end;
- if (sess != NULL) {
- if (!TEST_true(SSL_set_session(clientssl, sess)))
- goto end;
- }
- DTLS_set_timer_cb(clientssl, timer_cb);
- DTLS_set_timer_cb(serverssl, timer_cb);
- /* Work out which record to drop based on the test number */
- if (idx >= cli_to_srv_epoch0 + cli_to_srv_epoch1) {
- mempackbio = SSL_get_wbio(serverssl);
- idx -= cli_to_srv_epoch0 + cli_to_srv_epoch1;
- if (idx >= srv_to_cli_epoch0) {
- epoch = 1;
- idx -= srv_to_cli_epoch0;
- }
- } else {
- mempackbio = SSL_get_wbio(clientssl);
- if (idx >= cli_to_srv_epoch0) {
- epoch = 1;
- idx -= cli_to_srv_epoch0;
- }
- mempackbio = BIO_next(mempackbio);
- }
- BIO_ctrl(mempackbio, MEMPACKET_CTRL_SET_DROP_EPOCH, epoch, NULL);
- BIO_ctrl(mempackbio, MEMPACKET_CTRL_SET_DROP_REC, idx, NULL);
- if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)))
- goto end;
- if (sess != NULL && !TEST_true(SSL_session_reused(clientssl)))
- goto end;
- /* If the test did what we planned then it should have dropped a record */
- if (!TEST_int_eq((int)BIO_ctrl(mempackbio, MEMPACKET_CTRL_GET_DROP_REC, 0,
- NULL), -1))
- goto end;
- testresult = 1;
- end:
- SSL_SESSION_free(sess);
- SSL_free(serverssl);
- SSL_free(clientssl);
- SSL_CTX_free(sctx);
- SSL_CTX_free(cctx);
- return testresult;
- }
- int setup_tests(void)
- {
- if (!TEST_ptr(cert = test_get_argument(0))
- || !TEST_ptr(privkey = test_get_argument(1)))
- return 0;
- ADD_ALL_TESTS(test_dtls_unprocessed, NUM_TESTS);
- ADD_ALL_TESTS(test_dtls_drop_records, TOTAL_RECORDS);
- return 1;
- }
- void cleanup_tests(void)
- {
- bio_f_tls_dump_filter_free();
- bio_s_mempacket_test_free();
- }
|