Add test for CLIENT_EARLY_TRAFFIC_SECRET key logging (cffe973c) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

test/sslapitest.c

+57 −4

Original line number	Diff line number	Diff line
		@@ -28,7 +28,7 @@ static char *privkey = NULL;
		static char *srpvfile = NULL;
		static char *tmpfilename = NULL;

		#define LOG_BUFFER_SIZE 1024
		#define LOG_BUFFER_SIZE 2048
		static char server_log_buffer[LOG_BUFFER_SIZE + 1] = {0};
		static size_t server_log_buffer_index = 0;
		static char client_log_buffer[LOG_BUFFER_SIZE + 1] = {0};
		@@ -54,6 +54,7 @@ static X509 *ocspcert = NULL;
		struct sslapitest_log_counts {
		unsigned int rsa_key_exchange_count;
		unsigned int master_secret_count;
		unsigned int client_early_secret_count;
		unsigned int client_handshake_secret_count;
		unsigned int server_handshake_secret_count;
		unsigned int client_application_secret_count;
		@@ -140,6 +141,7 @@ static int test_keylog_output(char buffer, const SSL ssl,
		size_t master_key_size = SSL_MAX_MASTER_KEY_LENGTH;
		unsigned int rsa_key_exchange_count = 0;
		unsigned int master_secret_count = 0;
		unsigned int client_early_secret_count = 0;
		unsigned int client_handshake_secret_count = 0;
		unsigned int server_handshake_secret_count = 0;
		unsigned int client_application_secret_count = 0;
		@@ -198,7 +200,8 @@ static int test_keylog_output(char buffer, const SSL ssl,
		master_key_size)))
		return 0;
		master_secret_count++;
		} else if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0
		} else if (strcmp(token, "CLIENT_EARLY_TRAFFIC_SECRET") == 0
		\|\| strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0
		\|\| strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0
		\|\| strcmp(token, "CLIENT_TRAFFIC_SECRET_0") == 0
		\|\| strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0
		@@ -209,7 +212,9 @@ static int test_keylog_output(char buffer, const SSL ssl,
		* we treat all of these secrets identically and then just
		* distinguish between them when counting what we saw.
		*/
		if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0)
		if (strcmp(token, "CLIENT_EARLY_TRAFFIC_SECRET") == 0)
		client_early_secret_count++;
		else if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0)
		client_handshake_secret_count++;
		else if (strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0)
		server_handshake_secret_count++;
		@@ -252,6 +257,8 @@ static int test_keylog_output(char buffer, const SSL ssl,
		expected->rsa_key_exchange_count)
		\|\| !TEST_size_t_eq(master_secret_count,
		expected->master_secret_count)
		\|\| !TEST_size_t_eq(client_early_secret_count,
		expected->client_early_secret_count)
		\|\| !TEST_size_t_eq(client_handshake_secret_count,
		expected->client_handshake_secret_count)
		\|\| !TEST_size_t_eq(server_handshake_secret_count,
		@@ -351,8 +358,11 @@ static int test_keylog_no_master_key(void)
		{
		SSL_CTX cctx = NULL, sctx = NULL;
		SSL clientssl = NULL, serverssl = NULL;
		SSL_SESSION *sess = NULL;
		int testresult = 0;
		struct sslapitest_log_counts expected = {0};
		unsigned char buf[1];
		size_t readbytes, written;

		/* Clean up logging space */
		memset(client_log_buffer, 0, sizeof(client_log_buffer));
		@@ -363,7 +373,11 @@ static int test_keylog_no_master_key(void)

		if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(),
		TLS1_VERSION, TLS_MAX_VERSION,
		&sctx, &cctx, cert, privkey)))
		&sctx, &cctx, cert, privkey))
		\|\| !TEST_true(SSL_CTX_set_max_early_data(sctx,
		SSL3_RT_MAX_PLAIN_LENGTH))
		\|\| !TEST_true(SSL_CTX_set_max_early_data(cctx,
		SSL3_RT_MAX_PLAIN_LENGTH)))
		return 0;

		if (!TEST_true(SSL_CTX_get_keylog_callback(cctx) == NULL)
		@@ -405,9 +419,48 @@ static int test_keylog_no_master_key(void)
		&expected)))
		goto end;

		/* Terminate old session and resume with early data. */
		sess = SSL_get1_session(clientssl);
		SSL_shutdown(clientssl);
		SSL_shutdown(serverssl);
		SSL_free(serverssl);
		SSL_free(clientssl);
		serverssl = clientssl = NULL;

		/* Reset key log */
		memset(client_log_buffer, 0, sizeof(client_log_buffer));
		memset(server_log_buffer, 0, sizeof(server_log_buffer));
		client_log_buffer_index = 0;
		server_log_buffer_index = 0;

		if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl,
		&clientssl, NULL, NULL))
		\|\| !TEST_true(SSL_set_session(clientssl, sess))
		/* Here writing 0 length early data is enough. */
		\|\| !TEST_true(SSL_write_early_data(clientssl, NULL, 0, &written))
		\|\| !TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf),
		&readbytes),
		SSL_READ_EARLY_DATA_ERROR)
		\|\| !TEST_int_eq(SSL_get_early_data_status(serverssl),
		SSL_EARLY_DATA_ACCEPTED)
		\|\| !TEST_true(create_ssl_connection(serverssl, clientssl,
		SSL_ERROR_NONE))
		\|\| !TEST_true(SSL_session_reused(clientssl)))
		goto end;

		/* In addition to the previous entries, expect early secrets. */
		expected.client_early_secret_count = 1;
		if (!TEST_true(test_keylog_output(client_log_buffer, clientssl,
		SSL_get_session(clientssl), &expected))
		\|\| !TEST_true(test_keylog_output(server_log_buffer, serverssl,
		SSL_get_session(serverssl),
		&expected)))
		goto end;

		testresult = 1;

		end:
		SSL_SESSION_free(sess);
		SSL_free(serverssl);
		SSL_free(clientssl);
		SSL_CTX_free(sctx);