Convert clienthellotest for the new test framework (a105d560) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

test/clienthellotest.c

+46 −64

Original line number	Original line	Diff line number	Diff line
	@@ -60,7 +60,7 @@ static int test_client_hello(int currtest)
	unsigned char *data;		unsigned char *data;
	PACKET pkt, pkt2, pkt3;		PACKET pkt, pkt2, pkt3;
	char *dummytick = "Hello World!";		char *dummytick = "Hello World!";
	unsigned int type;		unsigned int type = 0;
	int testresult = 0;		int testresult = 0;
	size_t msglen;		size_t msglen;
	BIO *sessbio = NULL;		BIO *sessbio = NULL;
	@@ -76,13 +76,13 @@ static int test_client_hello(int currtest)
	* produced when we try to connect		* produced when we try to connect
	*/		*/
	ctx = SSL_CTX_new(TLS_method());		ctx = SSL_CTX_new(TLS_method());
	if (ctx == NULL)		if (!TEST_ptr(ctx))
	goto end;		goto end;

	switch(currtest) {		switch(currtest) {
	case TEST_SET_SESSION_TICK_DATA_VER_NEG:		case TEST_SET_SESSION_TICK_DATA_VER_NEG:
	/* Testing for session tickets <= TLS1.2; not relevant for 1.3 */		/* Testing for session tickets <= TLS1.2; not relevant for 1.3 */
	if (!SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION))		if (!TEST_true(SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION)))
	goto end;		goto end;
	break;		break;

	@@ -95,17 +95,14 @@ static int test_client_hello(int currtest)
	* F5_WORKAROUND_MIN_MSG_LEN bytes long - meaning padding will be		* F5_WORKAROUND_MIN_MSG_LEN bytes long - meaning padding will be
	* needed. Also add some dummy ALPN protocols in case we still don't		* needed. Also add some dummy ALPN protocols in case we still don't
	* have enough.		* have enough.
	* In the padding not needed case we assume the test will pass, but then
	* set testresult to 0 if we see the padding extension.
	*/		*/
	if (currtest == TEST_ADD_PADDING		if (currtest == TEST_ADD_PADDING
	&& (!SSL_CTX_set_cipher_list(ctx, "ALL")		&& (!TEST_true(SSL_CTX_set_cipher_list(ctx, "ALL"))
	\|\| SSL_CTX_set_alpn_protos(ctx,		\|\| !TEST_false(SSL_CTX_set_alpn_protos(ctx,
	(unsigned char *)alpn_prots,		(unsigned char *)alpn_prots,
	sizeof(alpn_prots) - 1)))		sizeof(alpn_prots) - 1))))
	goto end;		goto end;
	else if (currtest == TEST_PADDING_NOT_NEEDED)
	testresult = 1;
	break;		break;

	default:		default:
	@@ -113,37 +110,32 @@ static int test_client_hello(int currtest)
	}		}

	con = SSL_new(ctx);		con = SSL_new(ctx);
	if (con == NULL)		if (!TEST_ptr(con))
	goto end;		goto end;

	if (currtest == TEST_ADD_PADDING_AND_PSK) {		if (currtest == TEST_ADD_PADDING_AND_PSK) {
	sessbio = BIO_new_file(sessionfile, "r");		sessbio = BIO_new_file(sessionfile, "r");
	if (sessbio == NULL) {		if (!TEST_ptr(sessbio)) {
	printf("Unable to open session.pem\n");		TEST_info("Unable to open session.pem");
	goto end;		goto end;
	}		}
	sess = PEM_read_bio_SSL_SESSION(sessbio, NULL, NULL, NULL);		sess = PEM_read_bio_SSL_SESSION(sessbio, NULL, NULL, NULL);
	if (sess == NULL) {		if (!TEST_ptr(sess)) {
	printf("Unable to load SSL_SESSION\n");		TEST_info("Unable to load SSL_SESSION");
	goto end;		goto end;
	}		}
	/*		/*
	* We reset the creation time so that we don't discard the session as		* We reset the creation time so that we don't discard the session as
	* too old.		* too old.
	*/		*/
	if (!SSL_SESSION_set_time(sess, time(NULL))) {		if (!TEST_true(SSL_SESSION_set_time(sess, time(NULL)))
	printf("Unable to set creation time on SSL_SESSION\n");		\|\| !TEST_true(SSL_set_session(con, sess)))
	goto end;
	}
	if (!SSL_set_session(con, sess)) {
	printf("Unable to set the session on the connection\n");
	goto end;		goto end;
	}		}
	}

	rbio = BIO_new(BIO_s_mem());		rbio = BIO_new(BIO_s_mem());
	wbio = BIO_new(BIO_s_mem());		wbio = BIO_new(BIO_s_mem());
	if (rbio == NULL \|\| wbio == NULL) {		if (!TEST_ptr(rbio)\|\| !TEST_ptr(wbio)) {
	BIO_free(rbio);		BIO_free(rbio);
	BIO_free(wbio);		BIO_free(wbio);
	goto end;		goto end;
	@@ -153,83 +145,73 @@ static int test_client_hello(int currtest)
	SSL_set_connect_state(con);		SSL_set_connect_state(con);

	if (currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) {		if (currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) {
	if (!SSL_set_session_ticket_ext(con, dummytick, strlen(dummytick)))		if (!TEST_true(SSL_set_session_ticket_ext(con, dummytick,
			strlen(dummytick))))
	goto end;		goto end;
	}		}

	if (SSL_connect(con) > 0) {		if (!TEST_int_le(SSL_connect(con), 0)) {
	/* This shouldn't succeed because we don't have a server! */		/* This shouldn't succeed because we don't have a server! */
	goto end;		goto end;
	}		}

	len = BIO_get_mem_data(wbio, (char **)&data);		len = BIO_get_mem_data(wbio, (char **)&data);
	if (!PACKET_buf_init(&pkt, data, len))		if (!TEST_true(PACKET_buf_init(&pkt, data, len))
	goto end;

	/* Skip the record header */		/* Skip the record header */
	if (!PACKET_forward(&pkt, SSL3_RT_HEADER_LENGTH))		\|\| !PACKET_forward(&pkt, SSL3_RT_HEADER_LENGTH))
	goto end;		goto end;

	msglen = PACKET_remaining(&pkt);		msglen = PACKET_remaining(&pkt);

	/* Skip the handshake message header */		/* Skip the handshake message header */
	if (!PACKET_forward(&pkt, SSL3_HM_HEADER_LENGTH))		if (!TEST_true(PACKET_forward(&pkt, SSL3_HM_HEADER_LENGTH))
	goto end;

	/* Skip client version and random */		/* Skip client version and random */
	if (!PACKET_forward(&pkt, CLIENT_VERSION_LEN + SSL3_RANDOM_SIZE))		\|\| !TEST_true(PACKET_forward(&pkt, CLIENT_VERSION_LEN
	goto end;		+ SSL3_RANDOM_SIZE))

	/* Skip session id */		/* Skip session id */
	if (!PACKET_get_length_prefixed_1(&pkt, &pkt2))		\|\| !TEST_true(PACKET_get_length_prefixed_1(&pkt, &pkt2))
	goto end;

	/* Skip ciphers */		/* Skip ciphers */
	if (!PACKET_get_length_prefixed_2(&pkt, &pkt2))		\|\| !TEST_true(PACKET_get_length_prefixed_2(&pkt, &pkt2))
	goto end;

	/* Skip compression */		/* Skip compression */
	if (!PACKET_get_length_prefixed_1(&pkt, &pkt2))		\|\| !TEST_true(PACKET_get_length_prefixed_1(&pkt, &pkt2))
	goto end;

	/* Extensions len */		/* Extensions len */
	if (!PACKET_as_length_prefixed_2(&pkt, &pkt2))		\|\| !TEST_true(PACKET_as_length_prefixed_2(&pkt, &pkt2)))
	goto end;		goto end;

	/* Loop through all extensions */		/* Loop through all extensions */
	while (PACKET_remaining(&pkt2)) {		while (PACKET_remaining(&pkt2)) {

	if (!PACKET_get_net_2(&pkt2, &type) \|\|		if (!TEST_true(PACKET_get_net_2(&pkt2, &type))
	!PACKET_get_length_prefixed_2(&pkt2, &pkt3))		\|\| !TEST_true(PACKET_get_length_prefixed_2(&pkt2, &pkt3)))
	goto end;		goto end;

	if (type == TLSEXT_TYPE_session_ticket) {		if (type == TLSEXT_TYPE_session_ticket) {
	if (currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) {		if (currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) {
	if (PACKET_equal(&pkt3, dummytick, strlen(dummytick))) {		if (TEST_true(PACKET_equal(&pkt3, dummytick,
			strlen(dummytick)))) {
	/* Ticket data is as we expected */		/* Ticket data is as we expected */
	testresult = 1;		testresult = 1;
	} else {
	printf("Received session ticket is not as expected\n");
	}		}
	break;		goto end;
	}		}
	}		}
	if (type == TLSEXT_TYPE_padding) {		if (type == TLSEXT_TYPE_padding) {
	if (currtest == TEST_ADD_PADDING		if (!TEST_false(currtest == TEST_PADDING_NOT_NEEDED))
	\|\| currtest == TEST_ADD_PADDING_AND_PSK)		goto end;
	testresult = (msglen == F5_WORKAROUND_MAX_MSG_LEN);		else if (TEST_true(currtest == TEST_ADD_PADDING
	else		\|\| currtest == TEST_ADD_PADDING_AND_PSK))
	testresult = 0;		testresult = TEST_true(msglen == F5_WORKAROUND_MAX_MSG_LEN);
	}		}
	}		}

			if (currtest == TEST_PADDING_NOT_NEEDED)
			testresult = 1;

	end:		end:
	SSL_free(con);		SSL_free(con);
	SSL_CTX_free(ctx);		SSL_CTX_free(ctx);
	SSL_SESSION_free(sess);		SSL_SESSION_free(sess);
	BIO_free(sessbio);		BIO_free(sessbio);
	if (!testresult)
	printf("ClientHello test: FAILED (Test %d)\n", currtest);

	return testresult;		return testresult;
	}		}