Home | History | Annotate | Line # | Download | only in recipes 
      1 #! /usr/bin/env perl
      2 # Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
      3 #
      4 # Licensed under the OpenSSL license (the "License").  You may not use
      5 # this file except in compliance with the License.  You can obtain a copy
      6 # in the file LICENSE in the source distribution or at
      7 # https://www.openssl.org/source/license.html
      8 
      9 use strict;
     10 use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
     11 use OpenSSL::Test::Utils;
     12 use TLSProxy::Proxy;
     13 
     14 my $test_name = "test_tls13hrr";
     15 setup($test_name);
     16 
     17 plan skip_all => "TLSProxy isn't usable on $^O"
     18     if $^O =~ /^(VMS)$/;
     19 
     20 plan skip_all => "$test_name needs the dynamic engine feature enabled"
     21     if disabled("engine") || disabled("dynamic-engine");
     22 
     23 plan skip_all => "$test_name needs the sock feature enabled"
     24     if disabled("sock");
     25 
     26 plan skip_all => "$test_name needs TLS1.3 enabled"
     27     if disabled("tls1_3");
     28 
     29 $ENV{OPENSSL_ia32cap} = '~0x200000200000000';
     30 
     31 my $proxy = TLSProxy::Proxy->new(
     32     undef,
     33     cmdstr(app(["openssl"]), display => 1),
     34     srctop_file("apps", "server.pem"),
     35     (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
     36 );
     37 
     38 use constant {
     39     CHANGE_HRR_CIPHERSUITE => 0,
     40     CHANGE_CH1_CIPHERSUITE => 1,
     41     DUPLICATE_HRR => 2
     42 };
     43 
     44 #Test 1: A client should fail if the server changes the ciphersuite between the
     45 #        HRR and the SH
     46 $proxy->filter(\&hrr_filter);
     47 $proxy->serverflags("-curves P-256");
     48 my $testtype = CHANGE_HRR_CIPHERSUITE;
     49 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
     50 plan tests => 3;
     51 ok(TLSProxy::Message->fail(), "Server ciphersuite changes");
     52 
     53 #Test 2: It is an error if the client changes the offered ciphersuites so that
     54 #        we end up selecting a different ciphersuite between HRR and the SH
     55 $proxy->clear();
     56 $proxy->serverflags("-curves P-256");
     57 $proxy->ciphersuitess("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384");
     58 $testtype = CHANGE_CH1_CIPHERSUITE;
     59 $proxy->start();
     60 ok(TLSProxy::Message->fail(), "Client ciphersuite changes");
     61 
     62 #Test 3: A client should fail with unexpected_message alert if the server
     63 #        sends more than 1 HRR
     64 my $fatal_alert = 0;
     65 $proxy->clear();
     66 if (disabled("ec")) {
     67     $proxy->serverflags("-curves ffdhe3072");
     68 } else {
     69     $proxy->serverflags("-curves P-256");
     70 }
     71 $testtype = DUPLICATE_HRR;
     72 $proxy->start();
     73 ok($fatal_alert, "Server duplicated HRR");
     74 
     75 sub hrr_filter
     76 {
     77     my $proxy = shift;
     78 
     79     if ($testtype == CHANGE_HRR_CIPHERSUITE) {
     80         # We're only interested in the HRR
     81         if ($proxy->flight != 1) {
     82             return;
     83         }
     84 
     85         my $hrr = ${$proxy->message_list}[1];
     86 
     87         # We will normally only ever select CIPHER_TLS13_AES_128_GCM_SHA256
     88         # because that's what Proxy tells s_server to do. Setting as below means
     89         # the ciphersuite will change will we get the ServerHello
     90         $hrr->ciphersuite(TLSProxy::Message::CIPHER_TLS13_AES_256_GCM_SHA384);
     91         $hrr->repack();
     92         return;
     93     }
     94 
     95     if ($testtype == DUPLICATE_HRR) {
     96         # We're only interested in the HRR
     97         # and the unexpected_message alert from client
     98         if ($proxy->flight == 4) {
     99             $fatal_alert = 1
    100                 if @{$proxy->record_list}[-1]->is_fatal_alert(0) == 10;
    101             return;
    102         }
    103         if ($proxy->flight != 3) {
    104             return;
    105         }
    106 
    107         # Find ServerHello record (HRR actually) and insert after that
    108         my $i;
    109         for ($i = 0; ${$proxy->record_list}[$i]->flight() < 1; $i++) {
    110             next;
    111         }
    112         my $hrr_record = ${$proxy->record_list}[$i];
    113         my $dup_hrr = TLSProxy::Record->new(3,
    114             $hrr_record->content_type(),
    115             $hrr_record->version(),
    116             $hrr_record->len(),
    117             $hrr_record->sslv2(),
    118             $hrr_record->len_real(),
    119             $hrr_record->decrypt_len(),
    120             $hrr_record->data(),
    121             $hrr_record->decrypt_data());
    122 
    123         $i++;
    124         splice @{$proxy->record_list}, $i, 0, $dup_hrr;
    125         return;
    126     }
    127 
    128     # CHANGE_CH1_CIPHERSUITE
    129     if ($proxy->flight != 0) {
    130         return;
    131     }
    132 
    133     my $ch1 = ${$proxy->message_list}[0];
    134 
    135     # The server will always pick TLS_AES_256_GCM_SHA384
    136     my @ciphersuites = (TLSProxy::Message::CIPHER_TLS13_AES_128_GCM_SHA256);
    137     $ch1->ciphersuite_len(2 * scalar @ciphersuites);
    138     $ch1->ciphersuites(\@ciphersuites);
    139     $ch1->repack();
    140 }
    141