Gitiles
Code Review Sign In
gerrit.openfyde.cn / boringssl.googlesource.com / boringssl / 55a436497f7fa0320060e501a10e57821981af57 / . / ssl / test / runner / runner.go
blob: e5834288cd753b26a5f9a0788b5017b7819a11ad [file] [log] [blame]
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1package main
2
3import (
4 "bytes"
David Benjamina08e49d2014-08-24 01:46:07 -0400[diff] [blame]5 "crypto/ecdsa"
6 "crypto/elliptic"
David Benjamin407a10c2014-07-16 12:58:59 -0400[diff] [blame]7 "crypto/x509"
David Benjamin2561dc32014-08-24 01:25:27 -0400[diff] [blame]8 "encoding/base64"
David Benjamina08e49d2014-08-24 01:46:07 -0400[diff] [blame]9 "encoding/pem"
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]10 "flag"
11 "fmt"
12 "io"
Kenny Root7fdeaf12014-08-05 15:23:37 -0700[diff] [blame]13 "io/ioutil"
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]14 "net"
15 "os"
16 "os/exec"
David Benjamin884fdf12014-08-02 15:28:23 -0400[diff] [blame]17 "path"
David Benjamin2bc8e6f2014-08-02 15:22:37 -0400[diff] [blame]18 "runtime"
Adam Langley69a01602014-11-17 17:26:55 -0800[diff] [blame]19 "strconv"
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]20 "strings"
21 "sync"
22 "syscall"
David Benjamin83f90402015-01-27 01:09:43 -0500[diff] [blame]23 "time"
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]24)
25
Adam Langley69a01602014-11-17 17:26:55 -0800[diff] [blame]26var (
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]27 useValgrind = flag.Bool("valgrind", false, "If true, run code under valgrind")
28 useGDB = flag.Bool("gdb", false, "If true, run BoringSSL code under gdb")
29 flagDebug = flag.Bool("debug", false, "Hexdump the contents of the connection")
30 mallocTest = flag.Int64("malloc-test", -1, "If non-negative, run each test with each malloc in turn failing from the given number onwards.")
31 mallocTestDebug = flag.Bool("malloc-test-debug", false, "If true, ask bssl_shim to abort rather than fail a malloc. This can be used with a specific value for --malloc-test to identity the malloc failing that is causing problems.")
32 jsonOutput = flag.String("json-output", "", "The file to output JSON results to.")
33 pipe = flag.Bool("pipe", false, "If true, print status output suitable for piping into another program.")
Adam Langley69a01602014-11-17 17:26:55 -0800[diff] [blame]34)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]35
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]36const (
37 rsaCertificateFile = "cert.pem"
38 ecdsaCertificateFile = "ecdsa_cert.pem"
39)
40
41const (
David Benjamina08e49d2014-08-24 01:46:07 -0400[diff] [blame]42 rsaKeyFile = "key.pem"
43 ecdsaKeyFile = "ecdsa_key.pem"
44 channelIDKeyFile = "channel_id_key.pem"
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]45)
46
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]47var rsaCertificate, ecdsaCertificate Certificate
David Benjamina08e49d2014-08-24 01:46:07 -0400[diff] [blame]48var channelIDKey *ecdsa.PrivateKey
49var channelIDBytes []byte
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]50
David Benjamin61f95272014-11-25 01:55:35 -0500[diff] [blame]51var testOCSPResponse = []byte{1, 2, 3, 4}
52var testSCTList = []byte{5, 6, 7, 8}
53
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]54func initCertificates() {
55 var err error
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]56 rsaCertificate, err = LoadX509KeyPair(rsaCertificateFile, rsaKeyFile)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]57 if err != nil {
58 panic(err)
59 }
David Benjamin61f95272014-11-25 01:55:35 -0500[diff] [blame]60 rsaCertificate.OCSPStaple = testOCSPResponse
61 rsaCertificate.SignedCertificateTimestampList = testSCTList
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]62
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]63 ecdsaCertificate, err = LoadX509KeyPair(ecdsaCertificateFile, ecdsaKeyFile)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]64 if err != nil {
65 panic(err)
66 }
David Benjamin61f95272014-11-25 01:55:35 -0500[diff] [blame]67 ecdsaCertificate.OCSPStaple = testOCSPResponse
68 ecdsaCertificate.SignedCertificateTimestampList = testSCTList
David Benjamina08e49d2014-08-24 01:46:07 -0400[diff] [blame]69
70 channelIDPEMBlock, err := ioutil.ReadFile(channelIDKeyFile)
71 if err != nil {
72 panic(err)
73 }
74 channelIDDERBlock, _ := pem.Decode(channelIDPEMBlock)
75 if channelIDDERBlock.Type != "EC PRIVATE KEY" {
76 panic("bad key type")
77 }
78 channelIDKey, err = x509.ParseECPrivateKey(channelIDDERBlock.Bytes)
79 if err != nil {
80 panic(err)
81 }
82 if channelIDKey.Curve != elliptic.P256() {
83 panic("bad curve")
84 }
85
86 channelIDBytes = make([]byte, 64)
87 writeIntPadded(channelIDBytes[:32], channelIDKey.X)
88 writeIntPadded(channelIDBytes[32:], channelIDKey.Y)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]89}
90
91var certificateOnce sync.Once
92
93func getRSACertificate() Certificate {
94 certificateOnce.Do(initCertificates)
95 return rsaCertificate
96}
97
98func getECDSACertificate() Certificate {
99 certificateOnce.Do(initCertificates)
100 return ecdsaCertificate
101}
102
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]103type testType int
104
105const (
106 clientTest testType = iota
107 serverTest
108)
109
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]110type protocol int
111
112const (
113 tls protocol = iota
114 dtls
115)
116
David Benjaminfc7b0862014-09-06 13:21:53 -0400[diff] [blame]117const (
118 alpn = 1
119 npn = 2
120)
121
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]122type testCase struct {
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]123 testType testType
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]124 protocol protocol
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]125 name string
126 config Config
127 shouldFail bool
128 expectedError string
Adam Langleyac61fa32014-06-23 12:03:11 -0700[diff] [blame]129 // expectedLocalError, if not empty, contains a substring that must be
130 // found in the local error.
131 expectedLocalError string
David Benjamin7e2e6cf2014-08-07 17:44:24 -0400[diff] [blame]132 // expectedVersion, if non-zero, specifies the TLS version that must be
133 // negotiated.
134 expectedVersion uint16
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]135 // expectedResumeVersion, if non-zero, specifies the TLS version that
136 // must be negotiated on resumption. If zero, expectedVersion is used.
137 expectedResumeVersion uint16
David Benjamina08e49d2014-08-24 01:46:07 -0400[diff] [blame]138 // expectChannelID controls whether the connection should have
139 // negotiated a Channel ID with channelIDKey.
140 expectChannelID bool
David Benjaminae2888f2014-09-06 12:58:58 -0400[diff] [blame]141 // expectedNextProto controls whether the connection should
142 // negotiate a next protocol via NPN or ALPN.
143 expectedNextProto string
David Benjaminfc7b0862014-09-06 13:21:53 -0400[diff] [blame]144 // expectedNextProtoType, if non-zero, is the expected next
145 // protocol negotiation mechanism.
146 expectedNextProtoType int
David Benjaminca6c8262014-11-15 19:06:08 -0500[diff] [blame]147 // expectedSRTPProtectionProfile is the DTLS-SRTP profile that
148 // should be negotiated. If zero, none should be negotiated.
149 expectedSRTPProtectionProfile uint16
Adam Langley80842bd2014-06-20 12:00:00 -0700[diff] [blame]150 // messageLen is the length, in bytes, of the test message that will be
151 // sent.
152 messageLen int
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]153 // certFile is the path to the certificate to use for the server.
154 certFile string
155 // keyFile is the path to the private key to use for the server.
156 keyFile string
David Benjamin1d5c83e2014-07-22 19:20:02 -0400[diff] [blame]157 // resumeSession controls whether a second connection should be tested
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]158 // which attempts to resume the first session.
David Benjamin1d5c83e2014-07-22 19:20:02 -0400[diff] [blame]159 resumeSession bool
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]160 // resumeConfig, if not nil, points to a Config to be used on
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]161 // resumption. Unless newSessionsOnResume is set,
162 // SessionTicketKey, ServerSessionCache, and
163 // ClientSessionCache are copied from the initial connection's
164 // config. If nil, the initial connection's config is used.
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]165 resumeConfig *Config
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]166 // newSessionsOnResume, if true, will cause resumeConfig to
167 // use a different session resumption context.
168 newSessionsOnResume bool
David Benjamin98e882e2014-08-08 13:24:34 -0400[diff] [blame]169 // sendPrefix sends a prefix on the socket before actually performing a
170 // handshake.
171 sendPrefix string
David Benjamine58c4f52014-08-24 03:47:07 -0400[diff] [blame]172 // shimWritesFirst controls whether the shim sends an initial "hello"
173 // message before doing a roundtrip with the runner.
174 shimWritesFirst bool
Adam Langleycf2d4f42014-10-28 19:06:14 -0700[diff] [blame]175 // renegotiate indicates the the connection should be renegotiated
176 // during the exchange.
177 renegotiate bool
178 // renegotiateCiphers is a list of ciphersuite ids that will be
179 // switched in just before renegotiation.
180 renegotiateCiphers []uint16
David Benjamin5e961c12014-11-07 01:48:35 -0500[diff] [blame]181 // replayWrites, if true, configures the underlying transport
182 // to replay every write it makes in DTLS tests.
183 replayWrites bool
David Benjamin5fa3eba2015-01-22 16:35:40 -0500[diff] [blame]184 // damageFirstWrite, if true, configures the underlying transport to
185 // damage the final byte of the first application data write.
186 damageFirstWrite bool
David Benjaminc565ebb2015-04-03 04:06:36 -0400[diff] [blame]187 // exportKeyingMaterial, if non-zero, configures the test to exchange
188 // keying material and verify they match.
189 exportKeyingMaterial int
190 exportLabel string
191 exportContext string
192 useExportContext bool
David Benjamin325b5c32014-07-01 19:40:31 -0400[diff] [blame]193 // flags, if not empty, contains a list of command-line flags that will
194 // be passed to the shim program.
195 flags []string
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]196}
197
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]198var testCases = []testCase{
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]199 {
200 name: "BadRSASignature",
201 config: Config{
202 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
203 Bugs: ProtocolBugs{
204 InvalidSKXSignature: true,
205 },
206 },
207 shouldFail: true,
David Benjamin25f08462015-04-15 16:13:49 -0400[diff] [blame]208 expectedError: ":BAD_SIGNATURE:",
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]209 },
210 {
211 name: "BadECDSASignature",
212 config: Config{
213 CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
214 Bugs: ProtocolBugs{
215 InvalidSKXSignature: true,
216 },
217 Certificates: []Certificate{getECDSACertificate()},
218 },
219 shouldFail: true,
220 expectedError: ":BAD_SIGNATURE:",
221 },
222 {
223 name: "BadECDSACurve",
224 config: Config{
225 CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
226 Bugs: ProtocolBugs{
227 InvalidSKXCurve: true,
228 },
229 Certificates: []Certificate{getECDSACertificate()},
230 },
231 shouldFail: true,
232 expectedError: ":WRONG_CURVE:",
233 },
Adam Langleyac61fa32014-06-23 12:03:11 -0700[diff] [blame]234 {
David Benjamina8e3e0e2014-08-06 22:11:10 -0400[diff] [blame]235 testType: serverTest,
236 name: "BadRSAVersion",
237 config: Config{
238 CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA},
239 Bugs: ProtocolBugs{
240 RsaClientKeyExchangeVersion: VersionTLS11,
241 },
242 },
243 shouldFail: true,
244 expectedError: ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:",
245 },
246 {
David Benjamin325b5c32014-07-01 19:40:31 -0400[diff] [blame]247 name: "NoFallbackSCSV",
Adam Langleyac61fa32014-06-23 12:03:11 -0700[diff] [blame]248 config: Config{
249 Bugs: ProtocolBugs{
250 FailIfNotFallbackSCSV: true,
251 },
252 },
253 shouldFail: true,
254 expectedLocalError: "no fallback SCSV found",
255 },
David Benjamin325b5c32014-07-01 19:40:31 -0400[diff] [blame]256 {
David Benjamin2a0c4962014-08-22 23:46:35 -0400[diff] [blame]257 name: "SendFallbackSCSV",
David Benjamin325b5c32014-07-01 19:40:31 -0400[diff] [blame]258 config: Config{
259 Bugs: ProtocolBugs{
260 FailIfNotFallbackSCSV: true,
261 },
262 },
263 flags: []string{"-fallback-scsv"},
264 },
David Benjamin197b3ab2014-07-02 18:37:33 -0400[diff] [blame]265 {
David Benjamin7b030512014-07-08 17:30:11 -0400[diff] [blame]266 name: "ClientCertificateTypes",
267 config: Config{
268 ClientAuth: RequestClientCert,
269 ClientCertificateTypes: []byte{
270 CertTypeDSSSign,
271 CertTypeRSASign,
272 CertTypeECDSASign,
273 },
274 },
David Benjamin2561dc32014-08-24 01:25:27 -0400[diff] [blame]275 flags: []string{
276 "-expect-certificate-types",
277 base64.StdEncoding.EncodeToString([]byte{
278 CertTypeDSSSign,
279 CertTypeRSASign,
280 CertTypeECDSASign,
281 }),
282 },
David Benjamin7b030512014-07-08 17:30:11 -0400[diff] [blame]283 },
David Benjamin636293b2014-07-08 17:59:18 -0400[diff] [blame]284 {
285 name: "NoClientCertificate",
286 config: Config{
287 ClientAuth: RequireAnyClientCert,
288 },
289 shouldFail: true,
290 expectedLocalError: "client didn't provide a certificate",
291 },
David Benjamin1c375dd2014-07-12 00:48:23 -0400[diff] [blame]292 {
293 name: "UnauthenticatedECDH",
294 config: Config{
295 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
296 Bugs: ProtocolBugs{
297 UnauthenticatedECDH: true,
298 },
299 },
300 shouldFail: true,
David Benjamine8f3d662014-07-12 01:10:19 -0400[diff] [blame]301 expectedError: ":UNEXPECTED_MESSAGE:",
David Benjamin1c375dd2014-07-12 00:48:23 -0400[diff] [blame]302 },
David Benjamin9c651c92014-07-12 13:27:45 -0400[diff] [blame]303 {
David Benjamindcd979f2015-04-20 18:26:52 -0400[diff] [blame]304 name: "SkipCertificateStatus",
305 config: Config{
306 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
307 Bugs: ProtocolBugs{
308 SkipCertificateStatus: true,
309 },
310 },
311 flags: []string{
312 "-enable-ocsp-stapling",
313 },
314 },
315 {
David Benjamin9c651c92014-07-12 13:27:45 -0400[diff] [blame]316 name: "SkipServerKeyExchange",
317 config: Config{
318 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
319 Bugs: ProtocolBugs{
320 SkipServerKeyExchange: true,
321 },
322 },
323 shouldFail: true,
324 expectedError: ":UNEXPECTED_MESSAGE:",
325 },
David Benjamin1f5f62b2014-07-12 16:18:02 -0400[diff] [blame]326 {
David Benjamina0e52232014-07-19 17:39:58 -0400[diff] [blame]327 name: "SkipChangeCipherSpec-Client",
328 config: Config{
329 Bugs: ProtocolBugs{
330 SkipChangeCipherSpec: true,
331 },
332 },
333 shouldFail: true,
David Benjamin86271ee2014-07-21 16:14:03 -0400[diff] [blame]334 expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:",
David Benjamina0e52232014-07-19 17:39:58 -0400[diff] [blame]335 },
336 {
337 testType: serverTest,
338 name: "SkipChangeCipherSpec-Server",
339 config: Config{
340 Bugs: ProtocolBugs{
341 SkipChangeCipherSpec: true,
342 },
343 },
344 shouldFail: true,
David Benjamin86271ee2014-07-21 16:14:03 -0400[diff] [blame]345 expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:",
David Benjamina0e52232014-07-19 17:39:58 -0400[diff] [blame]346 },
David Benjamin42be6452014-07-21 14:50:23 -0400[diff] [blame]347 {
348 testType: serverTest,
349 name: "SkipChangeCipherSpec-Server-NPN",
350 config: Config{
351 NextProtos: []string{"bar"},
352 Bugs: ProtocolBugs{
353 SkipChangeCipherSpec: true,
354 },
355 },
356 flags: []string{
357 "-advertise-npn", "\x03foo\x03bar\x03baz",
358 },
359 shouldFail: true,
David Benjamin86271ee2014-07-21 16:14:03 -0400[diff] [blame]360 expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:",
361 },
362 {
363 name: "FragmentAcrossChangeCipherSpec-Client",
364 config: Config{
365 Bugs: ProtocolBugs{
366 FragmentAcrossChangeCipherSpec: true,
367 },
368 },
369 shouldFail: true,
370 expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:",
371 },
372 {
373 testType: serverTest,
374 name: "FragmentAcrossChangeCipherSpec-Server",
375 config: Config{
376 Bugs: ProtocolBugs{
377 FragmentAcrossChangeCipherSpec: true,
378 },
379 },
380 shouldFail: true,
381 expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:",
382 },
383 {
384 testType: serverTest,
385 name: "FragmentAcrossChangeCipherSpec-Server-NPN",
386 config: Config{
387 NextProtos: []string{"bar"},
388 Bugs: ProtocolBugs{
389 FragmentAcrossChangeCipherSpec: true,
390 },
391 },
392 flags: []string{
393 "-advertise-npn", "\x03foo\x03bar\x03baz",
394 },
395 shouldFail: true,
396 expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:",
David Benjamin42be6452014-07-21 14:50:23 -0400[diff] [blame]397 },
David Benjaminf3ec83d2014-07-21 22:42:34 -0400[diff] [blame]398 {
399 testType: serverTest,
David Benjamin3fd1fbd2015-02-03 16:07:32 -0500[diff] [blame]400 name: "Alert",
401 config: Config{
402 Bugs: ProtocolBugs{
403 SendSpuriousAlert: alertRecordOverflow,
404 },
405 },
406 shouldFail: true,
407 expectedError: ":TLSV1_ALERT_RECORD_OVERFLOW:",
408 },
409 {
410 protocol: dtls,
411 testType: serverTest,
412 name: "Alert-DTLS",
413 config: Config{
414 Bugs: ProtocolBugs{
415 SendSpuriousAlert: alertRecordOverflow,
416 },
417 },
418 shouldFail: true,
419 expectedError: ":TLSV1_ALERT_RECORD_OVERFLOW:",
420 },
421 {
422 testType: serverTest,
Alex Chernyakhovsky4cd8c432014-11-01 19:39:08 -0400[diff] [blame]423 name: "FragmentAlert",
424 config: Config{
425 Bugs: ProtocolBugs{
David Benjaminca6c8262014-11-15 19:06:08 -0500[diff] [blame]426 FragmentAlert: true,
David Benjamin3fd1fbd2015-02-03 16:07:32 -0500[diff] [blame]427 SendSpuriousAlert: alertRecordOverflow,
Alex Chernyakhovsky4cd8c432014-11-01 19:39:08 -0400[diff] [blame]428 },
429 },
430 shouldFail: true,
431 expectedError: ":BAD_ALERT:",
432 },
433 {
David Benjamin0ea8dda2015-01-31 20:33:40 -0500[diff] [blame]434 protocol: dtls,
435 testType: serverTest,
436 name: "FragmentAlert-DTLS",
437 config: Config{
438 Bugs: ProtocolBugs{
439 FragmentAlert: true,
David Benjamin3fd1fbd2015-02-03 16:07:32 -0500[diff] [blame]440 SendSpuriousAlert: alertRecordOverflow,
David Benjamin0ea8dda2015-01-31 20:33:40 -0500[diff] [blame]441 },
442 },
443 shouldFail: true,
444 expectedError: ":BAD_ALERT:",
445 },
446 {
Alex Chernyakhovsky4cd8c432014-11-01 19:39:08 -0400[diff] [blame]447 testType: serverTest,
David Benjaminf3ec83d2014-07-21 22:42:34 -0400[diff] [blame]448 name: "EarlyChangeCipherSpec-server-1",
449 config: Config{
450 Bugs: ProtocolBugs{
451 EarlyChangeCipherSpec: 1,
452 },
453 },
454 shouldFail: true,
455 expectedError: ":CCS_RECEIVED_EARLY:",
456 },
457 {
458 testType: serverTest,
459 name: "EarlyChangeCipherSpec-server-2",
460 config: Config{
461 Bugs: ProtocolBugs{
462 EarlyChangeCipherSpec: 2,
463 },
464 },
465 shouldFail: true,
466 expectedError: ":CCS_RECEIVED_EARLY:",
467 },
David Benjamind23f4122014-07-23 15:09:48 -0400[diff] [blame]468 {
David Benjamind23f4122014-07-23 15:09:48 -0400[diff] [blame]469 name: "SkipNewSessionTicket",
470 config: Config{
471 Bugs: ProtocolBugs{
472 SkipNewSessionTicket: true,
473 },
474 },
475 shouldFail: true,
476 expectedError: ":CCS_RECEIVED_EARLY:",
477 },
David Benjamin7e3305e2014-07-28 14:52:32 -0400[diff] [blame]478 {
David Benjamind86c7672014-08-02 04:07:12 -0400[diff] [blame]479 testType: serverTest,
David Benjaminbef270a2014-08-02 04:22:02 -0400[diff] [blame]480 name: "FallbackSCSV",
481 config: Config{
482 MaxVersion: VersionTLS11,
483 Bugs: ProtocolBugs{
484 SendFallbackSCSV: true,
485 },
486 },
487 shouldFail: true,
488 expectedError: ":INAPPROPRIATE_FALLBACK:",
489 },
490 {
491 testType: serverTest,
492 name: "FallbackSCSV-VersionMatch",
493 config: Config{
494 Bugs: ProtocolBugs{
495 SendFallbackSCSV: true,
496 },
497 },
498 },
David Benjamin98214542014-08-07 18:02:39 -0400[diff] [blame]499 {
500 testType: serverTest,
501 name: "FragmentedClientVersion",
502 config: Config{
503 Bugs: ProtocolBugs{
504 MaxHandshakeRecordLength: 1,
505 FragmentClientVersion: true,
506 },
507 },
David Benjamin82c9e902014-12-12 15:55:27 -0500[diff] [blame]508 expectedVersion: VersionTLS12,
David Benjamin98214542014-08-07 18:02:39 -0400[diff] [blame]509 },
David Benjamin98e882e2014-08-08 13:24:34 -0400[diff] [blame]510 {
511 testType: serverTest,
512 name: "MinorVersionTolerance",
513 config: Config{
514 Bugs: ProtocolBugs{
515 SendClientVersion: 0x03ff,
516 },
517 },
518 expectedVersion: VersionTLS12,
519 },
520 {
521 testType: serverTest,
522 name: "MajorVersionTolerance",
523 config: Config{
524 Bugs: ProtocolBugs{
525 SendClientVersion: 0x0400,
526 },
527 },
528 expectedVersion: VersionTLS12,
529 },
530 {
531 testType: serverTest,
532 name: "VersionTooLow",
533 config: Config{
534 Bugs: ProtocolBugs{
535 SendClientVersion: 0x0200,
536 },
537 },
538 shouldFail: true,
539 expectedError: ":UNSUPPORTED_PROTOCOL:",
540 },
541 {
542 testType: serverTest,
543 name: "HttpGET",
544 sendPrefix: "GET / HTTP/1.0\n",
545 shouldFail: true,
546 expectedError: ":HTTP_REQUEST:",
547 },
548 {
549 testType: serverTest,
550 name: "HttpPOST",
551 sendPrefix: "POST / HTTP/1.0\n",
552 shouldFail: true,
553 expectedError: ":HTTP_REQUEST:",
554 },
555 {
556 testType: serverTest,
557 name: "HttpHEAD",
558 sendPrefix: "HEAD / HTTP/1.0\n",
559 shouldFail: true,
560 expectedError: ":HTTP_REQUEST:",
561 },
562 {
563 testType: serverTest,
564 name: "HttpPUT",
565 sendPrefix: "PUT / HTTP/1.0\n",
566 shouldFail: true,
567 expectedError: ":HTTP_REQUEST:",
568 },
569 {
570 testType: serverTest,
571 name: "HttpCONNECT",
572 sendPrefix: "CONNECT www.google.com:443 HTTP/1.0\n",
573 shouldFail: true,
574 expectedError: ":HTTPS_PROXY_REQUEST:",
575 },
David Benjamin39ebf532014-08-31 02:23:49 -0400[diff] [blame]576 {
David Benjaminf080ecd2014-12-11 18:48:59 -0500[diff] [blame]577 testType: serverTest,
578 name: "Garbage",
579 sendPrefix: "blah",
580 shouldFail: true,
581 expectedError: ":UNKNOWN_PROTOCOL:",
582 },
583 {
David Benjamin39ebf532014-08-31 02:23:49 -0400[diff] [blame]584 name: "SkipCipherVersionCheck",
585 config: Config{
586 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256},
587 MaxVersion: VersionTLS11,
588 Bugs: ProtocolBugs{
589 SkipCipherVersionCheck: true,
590 },
591 },
592 shouldFail: true,
593 expectedError: ":WRONG_CIPHER_RETURNED:",
594 },
David Benjamin9114fae2014-11-08 11:41:14 -0500[diff] [blame]595 {
David Benjamina3e89492015-02-26 15:16:22 -0500[diff] [blame]596 name: "RSAEphemeralKey",
David Benjamin9114fae2014-11-08 11:41:14 -0500[diff] [blame]597 config: Config{
598 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA},
599 Bugs: ProtocolBugs{
David Benjamina3e89492015-02-26 15:16:22 -0500[diff] [blame]600 RSAEphemeralKey: true,
David Benjamin9114fae2014-11-08 11:41:14 -0500[diff] [blame]601 },
602 },
603 shouldFail: true,
604 expectedError: ":UNEXPECTED_MESSAGE:",
605 },
David Benjamin128dbc32014-12-01 01:27:42 -0500[diff] [blame]606 {
607 name: "DisableEverything",
608 flags: []string{"-no-tls12", "-no-tls11", "-no-tls1", "-no-ssl3"},
609 shouldFail: true,
610 expectedError: ":WRONG_SSL_VERSION:",
611 },
612 {
613 protocol: dtls,
614 name: "DisableEverything-DTLS",
615 flags: []string{"-no-tls12", "-no-tls1"},
616 shouldFail: true,
617 expectedError: ":WRONG_SSL_VERSION:",
618 },
David Benjamin780d6dd2015-01-06 12:03:19 -0500[diff] [blame]619 {
620 name: "NoSharedCipher",
621 config: Config{
622 CipherSuites: []uint16{},
623 },
624 shouldFail: true,
625 expectedError: ":HANDSHAKE_FAILURE_ON_CLIENT_HELLO:",
626 },
David Benjamin13be1de2015-01-11 16:29:36 -0500[diff] [blame]627 {
628 protocol: dtls,
629 testType: serverTest,
630 name: "MTU",
631 config: Config{
632 Bugs: ProtocolBugs{
633 MaxPacketLength: 256,
634 },
635 },
636 flags: []string{"-mtu", "256"},
637 },
638 {
639 protocol: dtls,
640 testType: serverTest,
641 name: "MTUExceeded",
642 config: Config{
643 Bugs: ProtocolBugs{
644 MaxPacketLength: 255,
645 },
646 },
647 flags: []string{"-mtu", "256"},
648 shouldFail: true,
649 expectedLocalError: "dtls: exceeded maximum packet length",
650 },
David Benjamin6095de82014-12-27 01:50:38 -0500[diff] [blame]651 {
652 name: "CertMismatchRSA",
653 config: Config{
654 CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
655 Certificates: []Certificate{getECDSACertificate()},
656 Bugs: ProtocolBugs{
657 SendCipherSuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
658 },
659 },
660 shouldFail: true,
661 expectedError: ":WRONG_CERTIFICATE_TYPE:",
662 },
663 {
664 name: "CertMismatchECDSA",
665 config: Config{
666 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
667 Certificates: []Certificate{getRSACertificate()},
668 Bugs: ProtocolBugs{
669 SendCipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
670 },
671 },
672 shouldFail: true,
673 expectedError: ":WRONG_CERTIFICATE_TYPE:",
674 },
David Benjamin5fa3eba2015-01-22 16:35:40 -0500[diff] [blame]675 {
676 name: "TLSFatalBadPackets",
677 damageFirstWrite: true,
678 shouldFail: true,
679 expectedError: ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:",
680 },
681 {
682 protocol: dtls,
683 name: "DTLSIgnoreBadPackets",
684 damageFirstWrite: true,
685 },
686 {
687 protocol: dtls,
688 name: "DTLSIgnoreBadPackets-Async",
689 damageFirstWrite: true,
690 flags: []string{"-async"},
691 },
David Benjamin4189bd92015-01-25 23:52:39 -0500[diff] [blame]692 {
693 name: "AppDataAfterChangeCipherSpec",
694 config: Config{
695 Bugs: ProtocolBugs{
696 AppDataAfterChangeCipherSpec: []byte("TEST MESSAGE"),
697 },
698 },
699 shouldFail: true,
700 expectedError: ":DATA_BETWEEN_CCS_AND_FINISHED:",
701 },
702 {
703 protocol: dtls,
704 name: "AppDataAfterChangeCipherSpec-DTLS",
705 config: Config{
706 Bugs: ProtocolBugs{
707 AppDataAfterChangeCipherSpec: []byte("TEST MESSAGE"),
708 },
709 },
David Benjamin4417d052015-04-05 04:17:25 -0400[diff] [blame]710 // BoringSSL's DTLS implementation will drop the out-of-order
711 // application data.
David Benjamin4189bd92015-01-25 23:52:39 -0500[diff] [blame]712 },
David Benjaminb3774b92015-01-31 17:16:01 -0500[diff] [blame]713 {
David Benjamindc3da932015-03-12 15:09:02 -0400[diff] [blame]714 name: "AlertAfterChangeCipherSpec",
715 config: Config{
716 Bugs: ProtocolBugs{
717 AlertAfterChangeCipherSpec: alertRecordOverflow,
718 },
719 },
720 shouldFail: true,
721 expectedError: ":TLSV1_ALERT_RECORD_OVERFLOW:",
722 },
723 {
724 protocol: dtls,
725 name: "AlertAfterChangeCipherSpec-DTLS",
726 config: Config{
727 Bugs: ProtocolBugs{
728 AlertAfterChangeCipherSpec: alertRecordOverflow,
729 },
730 },
731 shouldFail: true,
732 expectedError: ":TLSV1_ALERT_RECORD_OVERFLOW:",
733 },
734 {
David Benjaminb3774b92015-01-31 17:16:01 -0500[diff] [blame]735 protocol: dtls,
736 name: "ReorderHandshakeFragments-Small-DTLS",
737 config: Config{
738 Bugs: ProtocolBugs{
739 ReorderHandshakeFragments: true,
740 // Small enough that every handshake message is
741 // fragmented.
742 MaxHandshakeRecordLength: 2,
743 },
744 },
745 },
746 {
747 protocol: dtls,
748 name: "ReorderHandshakeFragments-Large-DTLS",
749 config: Config{
750 Bugs: ProtocolBugs{
751 ReorderHandshakeFragments: true,
752 // Large enough that no handshake message is
753 // fragmented.
David Benjaminb3774b92015-01-31 17:16:01 -0500[diff] [blame]754 MaxHandshakeRecordLength: 2048,
755 },
756 },
757 },
David Benjaminddb9f152015-02-03 15:44:39 -0500[diff] [blame]758 {
David Benjamin75381222015-03-02 19:30:30 -0500[diff] [blame]759 protocol: dtls,
760 name: "MixCompleteMessageWithFragments-DTLS",
761 config: Config{
762 Bugs: ProtocolBugs{
763 ReorderHandshakeFragments: true,
764 MixCompleteMessageWithFragments: true,
765 MaxHandshakeRecordLength: 2,
766 },
767 },
768 },
769 {
David Benjaminddb9f152015-02-03 15:44:39 -0500[diff] [blame]770 name: "SendInvalidRecordType",
771 config: Config{
772 Bugs: ProtocolBugs{
773 SendInvalidRecordType: true,
774 },
775 },
776 shouldFail: true,
777 expectedError: ":UNEXPECTED_RECORD:",
778 },
779 {
780 protocol: dtls,
781 name: "SendInvalidRecordType-DTLS",
782 config: Config{
783 Bugs: ProtocolBugs{
784 SendInvalidRecordType: true,
785 },
786 },
787 shouldFail: true,
788 expectedError: ":UNEXPECTED_RECORD:",
789 },
David Benjaminb80168e2015-02-08 18:30:14 -0500[diff] [blame]790 {
791 name: "FalseStart-SkipServerSecondLeg",
792 config: Config{
793 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
794 NextProtos: []string{"foo"},
795 Bugs: ProtocolBugs{
796 SkipNewSessionTicket: true,
797 SkipChangeCipherSpec: true,
798 SkipFinished: true,
799 ExpectFalseStart: true,
800 },
801 },
802 flags: []string{
803 "-false-start",
David Benjamin87e4acd2015-04-02 19:57:35 -0400[diff] [blame]804 "-handshake-never-done",
David Benjaminb80168e2015-02-08 18:30:14 -0500[diff] [blame]805 "-advertise-alpn", "\x03foo",
806 },
807 shimWritesFirst: true,
808 shouldFail: true,
809 expectedError: ":UNEXPECTED_RECORD:",
810 },
David Benjamin931ab342015-02-08 19:46:57 -0500[diff] [blame]811 {
812 name: "FalseStart-SkipServerSecondLeg-Implicit",
813 config: Config{
814 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
815 NextProtos: []string{"foo"},
816 Bugs: ProtocolBugs{
817 SkipNewSessionTicket: true,
818 SkipChangeCipherSpec: true,
819 SkipFinished: true,
820 },
821 },
822 flags: []string{
823 "-implicit-handshake",
824 "-false-start",
David Benjamin87e4acd2015-04-02 19:57:35 -0400[diff] [blame]825 "-handshake-never-done",
David Benjamin931ab342015-02-08 19:46:57 -0500[diff] [blame]826 "-advertise-alpn", "\x03foo",
827 },
828 shouldFail: true,
829 expectedError: ":UNEXPECTED_RECORD:",
830 },
David Benjamin6f5c0f42015-02-24 01:23:21 -0500[diff] [blame]831 {
832 testType: serverTest,
833 name: "FailEarlyCallback",
834 flags: []string{"-fail-early-callback"},
835 shouldFail: true,
836 expectedError: ":CONNECTION_REJECTED:",
837 expectedLocalError: "remote error: access denied",
838 },
David Benjaminbcb2d912015-02-24 23:45:43 -0500[diff] [blame]839 {
840 name: "WrongMessageType",
841 config: Config{
842 Bugs: ProtocolBugs{
843 WrongCertificateMessageType: true,
844 },
845 },
846 shouldFail: true,
847 expectedError: ":UNEXPECTED_MESSAGE:",
848 expectedLocalError: "remote error: unexpected message",
849 },
850 {
851 protocol: dtls,
852 name: "WrongMessageType-DTLS",
853 config: Config{
854 Bugs: ProtocolBugs{
855 WrongCertificateMessageType: true,
856 },
857 },
858 shouldFail: true,
859 expectedError: ":UNEXPECTED_MESSAGE:",
860 expectedLocalError: "remote error: unexpected message",
861 },
David Benjamin75381222015-03-02 19:30:30 -0500[diff] [blame]862 {
863 protocol: dtls,
864 name: "FragmentMessageTypeMismatch-DTLS",
865 config: Config{
866 Bugs: ProtocolBugs{
867 MaxHandshakeRecordLength: 2,
868 FragmentMessageTypeMismatch: true,
869 },
870 },
871 shouldFail: true,
872 expectedError: ":FRAGMENT_MISMATCH:",
873 },
874 {
875 protocol: dtls,
876 name: "FragmentMessageLengthMismatch-DTLS",
877 config: Config{
878 Bugs: ProtocolBugs{
879 MaxHandshakeRecordLength: 2,
880 FragmentMessageLengthMismatch: true,
881 },
882 },
883 shouldFail: true,
884 expectedError: ":FRAGMENT_MISMATCH:",
885 },
886 {
887 protocol: dtls,
888 name: "SplitFragmentHeader-DTLS",
889 config: Config{
890 Bugs: ProtocolBugs{
891 SplitFragmentHeader: true,
892 },
893 },
894 shouldFail: true,
895 expectedError: ":UNEXPECTED_MESSAGE:",
896 },
897 {
898 protocol: dtls,
899 name: "SplitFragmentBody-DTLS",
900 config: Config{
901 Bugs: ProtocolBugs{
902 SplitFragmentBody: true,
903 },
904 },
905 shouldFail: true,
906 expectedError: ":UNEXPECTED_MESSAGE:",
907 },
908 {
909 protocol: dtls,
910 name: "SendEmptyFragments-DTLS",
911 config: Config{
912 Bugs: ProtocolBugs{
913 SendEmptyFragments: true,
914 },
915 },
916 },
David Benjamin67d1fb52015-03-16 15:16:23 -0400[diff] [blame]917 {
918 name: "UnsupportedCipherSuite",
919 config: Config{
920 CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA},
921 Bugs: ProtocolBugs{
922 IgnorePeerCipherPreferences: true,
923 },
924 },
925 flags: []string{"-cipher", "DEFAULT:!RC4"},
926 shouldFail: true,
927 expectedError: ":WRONG_CIPHER_RETURNED:",
928 },
David Benjamin340d5ed2015-03-21 02:21:37 -0400[diff] [blame]929 {
David Benjaminc574f412015-04-20 11:13:01 -0400[diff] [blame]930 name: "UnsupportedCurve",
931 config: Config{
932 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
933 // BoringSSL implements P-224 but doesn't enable it by
934 // default.
935 CurvePreferences: []CurveID{CurveP224},
936 Bugs: ProtocolBugs{
937 IgnorePeerCurvePreferences: true,
938 },
939 },
940 shouldFail: true,
941 expectedError: ":WRONG_CURVE:",
942 },
943 {
David Benjamin340d5ed2015-03-21 02:21:37 -0400[diff] [blame]944 name: "SendWarningAlerts",
945 config: Config{
946 Bugs: ProtocolBugs{
947 SendWarningAlerts: alertAccessDenied,
948 },
949 },
950 },
951 {
952 protocol: dtls,
953 name: "SendWarningAlerts-DTLS",
954 config: Config{
955 Bugs: ProtocolBugs{
956 SendWarningAlerts: alertAccessDenied,
957 },
958 },
959 },
David Benjamin513f0ea2015-04-02 19:33:31 -0400[diff] [blame]960 {
961 name: "BadFinished",
962 config: Config{
963 Bugs: ProtocolBugs{
964 BadFinished: true,
965 },
966 },
967 shouldFail: true,
968 expectedError: ":DIGEST_CHECK_FAILED:",
969 },
970 {
971 name: "FalseStart-BadFinished",
972 config: Config{
973 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
974 NextProtos: []string{"foo"},
975 Bugs: ProtocolBugs{
976 BadFinished: true,
977 ExpectFalseStart: true,
978 },
979 },
980 flags: []string{
981 "-false-start",
David Benjamin87e4acd2015-04-02 19:57:35 -0400[diff] [blame]982 "-handshake-never-done",
David Benjamin513f0ea2015-04-02 19:33:31 -0400[diff] [blame]983 "-advertise-alpn", "\x03foo",
984 },
985 shimWritesFirst: true,
986 shouldFail: true,
987 expectedError: ":DIGEST_CHECK_FAILED:",
988 },
David Benjamin1c633152015-04-02 20:19:11 -0400[diff] [blame]989 {
990 name: "NoFalseStart-NoALPN",
991 config: Config{
992 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
993 Bugs: ProtocolBugs{
994 ExpectFalseStart: true,
995 AlertBeforeFalseStartTest: alertAccessDenied,
996 },
997 },
998 flags: []string{
999 "-false-start",
1000 },
1001 shimWritesFirst: true,
1002 shouldFail: true,
1003 expectedError: ":TLSV1_ALERT_ACCESS_DENIED:",
1004 expectedLocalError: "tls: peer did not false start: EOF",
1005 },
1006 {
1007 name: "NoFalseStart-NoAEAD",
1008 config: Config{
1009 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
1010 NextProtos: []string{"foo"},
1011 Bugs: ProtocolBugs{
1012 ExpectFalseStart: true,
1013 AlertBeforeFalseStartTest: alertAccessDenied,
1014 },
1015 },
1016 flags: []string{
1017 "-false-start",
1018 "-advertise-alpn", "\x03foo",
1019 },
1020 shimWritesFirst: true,
1021 shouldFail: true,
1022 expectedError: ":TLSV1_ALERT_ACCESS_DENIED:",
1023 expectedLocalError: "tls: peer did not false start: EOF",
1024 },
1025 {
1026 name: "NoFalseStart-RSA",
1027 config: Config{
1028 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256},
1029 NextProtos: []string{"foo"},
1030 Bugs: ProtocolBugs{
1031 ExpectFalseStart: true,
1032 AlertBeforeFalseStartTest: alertAccessDenied,
1033 },
1034 },
1035 flags: []string{
1036 "-false-start",
1037 "-advertise-alpn", "\x03foo",
1038 },
1039 shimWritesFirst: true,
1040 shouldFail: true,
1041 expectedError: ":TLSV1_ALERT_ACCESS_DENIED:",
1042 expectedLocalError: "tls: peer did not false start: EOF",
1043 },
1044 {
1045 name: "NoFalseStart-DHE_RSA",
1046 config: Config{
1047 CipherSuites: []uint16{TLS_DHE_RSA_WITH_AES_128_GCM_SHA256},
1048 NextProtos: []string{"foo"},
1049 Bugs: ProtocolBugs{
1050 ExpectFalseStart: true,
1051 AlertBeforeFalseStartTest: alertAccessDenied,
1052 },
1053 },
1054 flags: []string{
1055 "-false-start",
1056 "-advertise-alpn", "\x03foo",
1057 },
1058 shimWritesFirst: true,
1059 shouldFail: true,
1060 expectedError: ":TLSV1_ALERT_ACCESS_DENIED:",
1061 expectedLocalError: "tls: peer did not false start: EOF",
1062 },
David Benjamin55a43642015-04-20 14:45:55 -0400[diff] [blame^]1063 {
1064 testType: serverTest,
1065 name: "NoSupportedCurves",
1066 config: Config{
1067 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
1068 Bugs: ProtocolBugs{
1069 NoSupportedCurves: true,
1070 },
1071 },
1072 },
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1073}
1074
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]1075func doExchange(test *testCase, config *Config, conn net.Conn, messageLen int, isResume bool) error {
David Benjamin65ea8ff2014-11-23 03:01:00 -0500[diff] [blame]1076 var connDebug *recordingConn
David Benjamin5fa3eba2015-01-22 16:35:40 -0500[diff] [blame]1077 var connDamage *damageAdaptor
David Benjamin65ea8ff2014-11-23 03:01:00 -0500[diff] [blame]1078 if *flagDebug {
1079 connDebug = &recordingConn{Conn: conn}
1080 conn = connDebug
1081 defer func() {
1082 connDebug.WriteTo(os.Stdout)
1083 }()
1084 }
1085
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1086 if test.protocol == dtls {
David Benjamin83f90402015-01-27 01:09:43 -0500[diff] [blame]1087 config.Bugs.PacketAdaptor = newPacketAdaptor(conn)
1088 conn = config.Bugs.PacketAdaptor
David Benjamin5e961c12014-11-07 01:48:35 -0500[diff] [blame]1089 if test.replayWrites {
1090 conn = newReplayAdaptor(conn)
1091 }
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1092 }
1093
David Benjamin5fa3eba2015-01-22 16:35:40 -0500[diff] [blame]1094 if test.damageFirstWrite {
1095 connDamage = newDamageAdaptor(conn)
1096 conn = connDamage
1097 }
1098
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1099 if test.sendPrefix != "" {
1100 if _, err := conn.Write([]byte(test.sendPrefix)); err != nil {
1101 return err
1102 }
David Benjamin98e882e2014-08-08 13:24:34 -0400[diff] [blame]1103 }
1104
David Benjamin1d5c83e2014-07-22 19:20:02 -0400[diff] [blame]1105 var tlsConn *Conn
David Benjamin7e2e6cf2014-08-07 17:44:24 -0400[diff] [blame]1106 if test.testType == clientTest {
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1107 if test.protocol == dtls {
1108 tlsConn = DTLSServer(conn, config)
1109 } else {
1110 tlsConn = Server(conn, config)
1111 }
David Benjamin1d5c83e2014-07-22 19:20:02 -0400[diff] [blame]1112 } else {
1113 config.InsecureSkipVerify = true
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1114 if test.protocol == dtls {
1115 tlsConn = DTLSClient(conn, config)
1116 } else {
1117 tlsConn = Client(conn, config)
1118 }
David Benjamin1d5c83e2014-07-22 19:20:02 -0400[diff] [blame]1119 }
1120
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1121 if err := tlsConn.Handshake(); err != nil {
1122 return err
1123 }
Kenny Root7fdeaf12014-08-05 15:23:37 -0700[diff] [blame]1124
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]1125 // TODO(davidben): move all per-connection expectations into a dedicated
1126 // expectations struct that can be specified separately for the two
1127 // legs.
1128 expectedVersion := test.expectedVersion
1129 if isResume && test.expectedResumeVersion != 0 {
1130 expectedVersion = test.expectedResumeVersion
1131 }
1132 if vers := tlsConn.ConnectionState().Version; expectedVersion != 0 && vers != expectedVersion {
1133 return fmt.Errorf("got version %x, expected %x", vers, expectedVersion)
David Benjamin7e2e6cf2014-08-07 17:44:24 -0400[diff] [blame]1134 }
1135
David Benjamina08e49d2014-08-24 01:46:07 -0400[diff] [blame]1136 if test.expectChannelID {
1137 channelID := tlsConn.ConnectionState().ChannelID
1138 if channelID == nil {
1139 return fmt.Errorf("no channel ID negotiated")
1140 }
1141 if channelID.Curve != channelIDKey.Curve ||
1142 channelIDKey.X.Cmp(channelIDKey.X) != 0 ||
1143 channelIDKey.Y.Cmp(channelIDKey.Y) != 0 {
1144 return fmt.Errorf("incorrect channel ID")
1145 }
1146 }
1147
David Benjaminae2888f2014-09-06 12:58:58 -0400[diff] [blame]1148 if expected := test.expectedNextProto; expected != "" {
1149 if actual := tlsConn.ConnectionState().NegotiatedProtocol; actual != expected {
1150 return fmt.Errorf("next proto mismatch: got %s, wanted %s", actual, expected)
1151 }
1152 }
1153
David Benjaminfc7b0862014-09-06 13:21:53 -0400[diff] [blame]1154 if test.expectedNextProtoType != 0 {
1155 if (test.expectedNextProtoType == alpn) != tlsConn.ConnectionState().NegotiatedProtocolFromALPN {
1156 return fmt.Errorf("next proto type mismatch")
1157 }
1158 }
1159
David Benjaminca6c8262014-11-15 19:06:08 -0500[diff] [blame]1160 if p := tlsConn.ConnectionState().SRTPProtectionProfile; p != test.expectedSRTPProtectionProfile {
1161 return fmt.Errorf("SRTP profile mismatch: got %d, wanted %d", p, test.expectedSRTPProtectionProfile)
1162 }
1163
David Benjaminc565ebb2015-04-03 04:06:36 -0400[diff] [blame]1164 if test.exportKeyingMaterial > 0 {
1165 actual := make([]byte, test.exportKeyingMaterial)
1166 if _, err := io.ReadFull(tlsConn, actual); err != nil {
1167 return err
1168 }
1169 expected, err := tlsConn.ExportKeyingMaterial(test.exportKeyingMaterial, []byte(test.exportLabel), []byte(test.exportContext), test.useExportContext)
1170 if err != nil {
1171 return err
1172 }
1173 if !bytes.Equal(actual, expected) {
1174 return fmt.Errorf("keying material mismatch")
1175 }
1176 }
1177
David Benjamine58c4f52014-08-24 03:47:07 -0400[diff] [blame]1178 if test.shimWritesFirst {
1179 var buf [5]byte
1180 _, err := io.ReadFull(tlsConn, buf[:])
1181 if err != nil {
1182 return err
1183 }
1184 if string(buf[:]) != "hello" {
1185 return fmt.Errorf("bad initial message")
1186 }
1187 }
1188
Adam Langleycf2d4f42014-10-28 19:06:14 -0700[diff] [blame]1189 if test.renegotiate {
1190 if test.renegotiateCiphers != nil {
1191 config.CipherSuites = test.renegotiateCiphers
1192 }
1193 if err := tlsConn.Renegotiate(); err != nil {
1194 return err
1195 }
1196 } else if test.renegotiateCiphers != nil {
1197 panic("renegotiateCiphers without renegotiate")
1198 }
1199
David Benjamin5fa3eba2015-01-22 16:35:40 -0500[diff] [blame]1200 if test.damageFirstWrite {
1201 connDamage.setDamage(true)
1202 tlsConn.Write([]byte("DAMAGED WRITE"))
1203 connDamage.setDamage(false)
1204 }
1205
Kenny Root7fdeaf12014-08-05 15:23:37 -0700[diff] [blame]1206 if messageLen < 0 {
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1207 if test.protocol == dtls {
1208 return fmt.Errorf("messageLen < 0 not supported for DTLS tests")
1209 }
Kenny Root7fdeaf12014-08-05 15:23:37 -0700[diff] [blame]1210 // Read until EOF.
1211 _, err := io.Copy(ioutil.Discard, tlsConn)
1212 return err
1213 }
1214
David Benjamin4417d052015-04-05 04:17:25 -0400[diff] [blame]1215 if messageLen == 0 {
1216 messageLen = 32
Adam Langley80842bd2014-06-20 12:00:00 -0700[diff] [blame]1217 }
David Benjamin4417d052015-04-05 04:17:25 -0400[diff] [blame]1218 testMessage := make([]byte, messageLen)
1219 for i := range testMessage {
1220 testMessage[i] = 0x42
1221 }
1222 tlsConn.Write(testMessage)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1223
1224 buf := make([]byte, len(testMessage))
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1225 if test.protocol == dtls {
1226 bufTmp := make([]byte, len(buf)+1)
1227 n, err := tlsConn.Read(bufTmp)
1228 if err != nil {
1229 return err
1230 }
1231 if n != len(buf) {
1232 return fmt.Errorf("bad reply; length mismatch (%d vs %d)", n, len(buf))
1233 }
1234 copy(buf, bufTmp)
1235 } else {
1236 _, err := io.ReadFull(tlsConn, buf)
1237 if err != nil {
1238 return err
1239 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1240 }
1241
1242 for i, v := range buf {
1243 if v != testMessage[i]^0xff {
1244 return fmt.Errorf("bad reply contents at byte %d", i)
1245 }
1246 }
1247
1248 return nil
1249}
1250
David Benjamin325b5c32014-07-01 19:40:31 -0400[diff] [blame]1251func valgrindOf(dbAttach bool, path string, args ...string) *exec.Cmd {
1252 valgrindArgs := []string{"--error-exitcode=99", "--track-origins=yes", "--leak-check=full"}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1253 if dbAttach {
David Benjamin325b5c32014-07-01 19:40:31 -0400[diff] [blame]1254 valgrindArgs = append(valgrindArgs, "--db-attach=yes", "--db-command=xterm -e gdb -nw %f %p")
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1255 }
David Benjamin325b5c32014-07-01 19:40:31 -0400[diff] [blame]1256 valgrindArgs = append(valgrindArgs, path)
1257 valgrindArgs = append(valgrindArgs, args...)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1258
David Benjamin325b5c32014-07-01 19:40:31 -0400[diff] [blame]1259 return exec.Command("valgrind", valgrindArgs...)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1260}
1261
David Benjamin325b5c32014-07-01 19:40:31 -0400[diff] [blame]1262func gdbOf(path string, args ...string) *exec.Cmd {
1263 xtermArgs := []string{"-e", "gdb", "--args"}
1264 xtermArgs = append(xtermArgs, path)
1265 xtermArgs = append(xtermArgs, args...)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1266
David Benjamin325b5c32014-07-01 19:40:31 -0400[diff] [blame]1267 return exec.Command("xterm", xtermArgs...)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1268}
1269
Adam Langley69a01602014-11-17 17:26:55 -0800[diff] [blame]1270type moreMallocsError struct{}
1271
1272func (moreMallocsError) Error() string {
1273 return "child process did not exhaust all allocation calls"
1274}
1275
1276var errMoreMallocs = moreMallocsError{}
1277
David Benjamin87c8a642015-02-21 01:54:29 -0500[diff] [blame]1278// accept accepts a connection from listener, unless waitChan signals a process
1279// exit first.
1280func acceptOrWait(listener net.Listener, waitChan chan error) (net.Conn, error) {
1281 type connOrError struct {
1282 conn net.Conn
1283 err error
1284 }
1285 connChan := make(chan connOrError, 1)
1286 go func() {
1287 conn, err := listener.Accept()
1288 connChan <- connOrError{conn, err}
1289 close(connChan)
1290 }()
1291 select {
1292 case result := <-connChan:
1293 return result.conn, result.err
1294 case childErr := <-waitChan:
1295 waitChan <- childErr
1296 return nil, fmt.Errorf("child exited early: %s", childErr)
1297 }
1298}
1299
Adam Langley69a01602014-11-17 17:26:55 -0800[diff] [blame]1300func runTest(test *testCase, buildDir string, mallocNumToFail int64) error {
Adam Langley38311732014-10-16 19:04:35 -0700[diff] [blame]1301 if !test.shouldFail && (len(test.expectedError) > 0 || len(test.expectedLocalError) > 0) {
1302 panic("Error expected without shouldFail in " + test.name)
1303 }
1304
David Benjamin87c8a642015-02-21 01:54:29 -0500[diff] [blame]1305 listener, err := net.ListenTCP("tcp4", &net.TCPAddr{IP: net.IP{127, 0, 0, 1}})
1306 if err != nil {
1307 panic(err)
1308 }
1309 defer func() {
1310 if listener != nil {
1311 listener.Close()
1312 }
1313 }()
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1314
David Benjamin884fdf12014-08-02 15:28:23 -0400[diff] [blame]1315 shim_path := path.Join(buildDir, "ssl/test/bssl_shim")
David Benjamin87c8a642015-02-21 01:54:29 -0500[diff] [blame]1316 flags := []string{"-port", strconv.Itoa(listener.Addr().(*net.TCPAddr).Port)}
David Benjamin1d5c83e2014-07-22 19:20:02 -0400[diff] [blame]1317 if test.testType == serverTest {
David Benjamin5a593af2014-08-11 19:51:50 -0400[diff] [blame]1318 flags = append(flags, "-server")
1319
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1320 flags = append(flags, "-key-file")
1321 if test.keyFile == "" {
1322 flags = append(flags, rsaKeyFile)
1323 } else {
1324 flags = append(flags, test.keyFile)
1325 }
1326
1327 flags = append(flags, "-cert-file")
1328 if test.certFile == "" {
1329 flags = append(flags, rsaCertificateFile)
1330 } else {
1331 flags = append(flags, test.certFile)
1332 }
1333 }
David Benjamin5a593af2014-08-11 19:51:50 -0400[diff] [blame]1334
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1335 if test.protocol == dtls {
1336 flags = append(flags, "-dtls")
1337 }
1338
David Benjamin5a593af2014-08-11 19:51:50 -0400[diff] [blame]1339 if test.resumeSession {
1340 flags = append(flags, "-resume")
1341 }
1342
David Benjamine58c4f52014-08-24 03:47:07 -0400[diff] [blame]1343 if test.shimWritesFirst {
1344 flags = append(flags, "-shim-writes-first")
1345 }
1346
David Benjaminc565ebb2015-04-03 04:06:36 -0400[diff] [blame]1347 if test.exportKeyingMaterial > 0 {
1348 flags = append(flags, "-export-keying-material", strconv.Itoa(test.exportKeyingMaterial))
1349 flags = append(flags, "-export-label", test.exportLabel)
1350 flags = append(flags, "-export-context", test.exportContext)
1351 if test.useExportContext {
1352 flags = append(flags, "-use-export-context")
1353 }
1354 }
1355
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1356 flags = append(flags, test.flags...)
1357
1358 var shim *exec.Cmd
1359 if *useValgrind {
1360 shim = valgrindOf(false, shim_path, flags...)
Adam Langley75712922014-10-10 16:23:43 -0700[diff] [blame]1361 } else if *useGDB {
1362 shim = gdbOf(shim_path, flags...)
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1363 } else {
1364 shim = exec.Command(shim_path, flags...)
1365 }
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1366 shim.Stdin = os.Stdin
1367 var stdoutBuf, stderrBuf bytes.Buffer
1368 shim.Stdout = &stdoutBuf
1369 shim.Stderr = &stderrBuf
Adam Langley69a01602014-11-17 17:26:55 -0800[diff] [blame]1370 if mallocNumToFail >= 0 {
David Benjamin9e128b02015-02-09 13:13:09 -0500[diff] [blame]1371 shim.Env = os.Environ()
1372 shim.Env = append(shim.Env, "MALLOC_NUMBER_TO_FAIL="+strconv.FormatInt(mallocNumToFail, 10))
Adam Langley69a01602014-11-17 17:26:55 -0800[diff] [blame]1373 if *mallocTestDebug {
1374 shim.Env = append(shim.Env, "MALLOC_ABORT_ON_FAIL=1")
1375 }
1376 shim.Env = append(shim.Env, "_MALLOC_CHECK=1")
1377 }
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1378
1379 if err := shim.Start(); err != nil {
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1380 panic(err)
1381 }
David Benjamin87c8a642015-02-21 01:54:29 -0500[diff] [blame]1382 waitChan := make(chan error, 1)
1383 go func() { waitChan <- shim.Wait() }()
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1384
1385 config := test.config
David Benjamin1d5c83e2014-07-22 19:20:02 -0400[diff] [blame]1386 config.ClientSessionCache = NewLRUClientSessionCache(1)
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]1387 config.ServerSessionCache = NewLRUServerSessionCache(1)
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1388 if test.testType == clientTest {
1389 if len(config.Certificates) == 0 {
1390 config.Certificates = []Certificate{getRSACertificate()}
1391 }
David Benjamin87c8a642015-02-21 01:54:29 -0500[diff] [blame]1392 } else {
1393 // Supply a ServerName to ensure a constant session cache key,
1394 // rather than falling back to net.Conn.RemoteAddr.
1395 if len(config.ServerName) == 0 {
1396 config.ServerName = "test"
1397 }
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1398 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1399
David Benjamin87c8a642015-02-21 01:54:29 -0500[diff] [blame]1400 conn, err := acceptOrWait(listener, waitChan)
1401 if err == nil {
1402 err = doExchange(test, &config, conn, test.messageLen, false /* not a resumption */)
1403 conn.Close()
1404 }
David Benjamin65ea8ff2014-11-23 03:01:00 -0500[diff] [blame]1405
David Benjamin1d5c83e2014-07-22 19:20:02 -0400[diff] [blame]1406 if err == nil && test.resumeSession {
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]1407 var resumeConfig Config
1408 if test.resumeConfig != nil {
1409 resumeConfig = *test.resumeConfig
David Benjamin87c8a642015-02-21 01:54:29 -0500[diff] [blame]1410 if len(resumeConfig.ServerName) == 0 {
1411 resumeConfig.ServerName = config.ServerName
1412 }
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]1413 if len(resumeConfig.Certificates) == 0 {
1414 resumeConfig.Certificates = []Certificate{getRSACertificate()}
1415 }
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]1416 if !test.newSessionsOnResume {
1417 resumeConfig.SessionTicketKey = config.SessionTicketKey
1418 resumeConfig.ClientSessionCache = config.ClientSessionCache
1419 resumeConfig.ServerSessionCache = config.ServerSessionCache
1420 }
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]1421 } else {
1422 resumeConfig = config
1423 }
David Benjamin87c8a642015-02-21 01:54:29 -0500[diff] [blame]1424 var connResume net.Conn
1425 connResume, err = acceptOrWait(listener, waitChan)
1426 if err == nil {
1427 err = doExchange(test, &resumeConfig, connResume, test.messageLen, true /* resumption */)
1428 connResume.Close()
1429 }
David Benjamin1d5c83e2014-07-22 19:20:02 -0400[diff] [blame]1430 }
1431
David Benjamin87c8a642015-02-21 01:54:29 -0500[diff] [blame]1432 // Close the listener now. This is to avoid hangs should the shim try to
1433 // open more connections than expected.
1434 listener.Close()
1435 listener = nil
1436
1437 childErr := <-waitChan
Adam Langley69a01602014-11-17 17:26:55 -0800[diff] [blame]1438 if exitError, ok := childErr.(*exec.ExitError); ok {
1439 if exitError.Sys().(syscall.WaitStatus).ExitStatus() == 88 {
1440 return errMoreMallocs
1441 }
1442 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1443
1444 stdout := string(stdoutBuf.Bytes())
1445 stderr := string(stderrBuf.Bytes())
1446 failed := err != nil || childErr != nil
David Benjaminc565ebb2015-04-03 04:06:36 -0400[diff] [blame]1447 correctFailure := len(test.expectedError) == 0 || strings.Contains(stderr, test.expectedError)
Adam Langleyac61fa32014-06-23 12:03:11 -0700[diff] [blame]1448 localError := "none"
1449 if err != nil {
1450 localError = err.Error()
1451 }
1452 if len(test.expectedLocalError) != 0 {
1453 correctFailure = correctFailure && strings.Contains(localError, test.expectedLocalError)
1454 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1455
1456 if failed != test.shouldFail || failed && !correctFailure {
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1457 childError := "none"
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1458 if childErr != nil {
1459 childError = childErr.Error()
1460 }
1461
1462 var msg string
1463 switch {
1464 case failed && !test.shouldFail:
1465 msg = "unexpected failure"
1466 case !failed && test.shouldFail:
1467 msg = "unexpected success"
1468 case failed && !correctFailure:
Adam Langleyac61fa32014-06-23 12:03:11 -0700[diff] [blame]1469 msg = "bad error (wanted '" + test.expectedError + "' / '" + test.expectedLocalError + "')"
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1470 default:
1471 panic("internal error")
1472 }
1473
David Benjaminc565ebb2015-04-03 04:06:36 -0400[diff] [blame]1474 return fmt.Errorf("%s: local error '%s', child error '%s', stdout:\n%s\nstderr:\n%s", msg, localError, childError, stdout, stderr)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1475 }
1476
David Benjaminc565ebb2015-04-03 04:06:36 -0400[diff] [blame]1477 if !*useValgrind && !failed && len(stderr) > 0 {
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1478 println(stderr)
1479 }
1480
1481 return nil
1482}
1483
1484var tlsVersions = []struct {
1485 name string
1486 version uint16
David Benjamin7e2e6cf2014-08-07 17:44:24 -0400[diff] [blame]1487 flag string
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]1488 hasDTLS bool
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1489}{
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]1490 {"SSL3", VersionSSL30, "-no-ssl3", false},
1491 {"TLS1", VersionTLS10, "-no-tls1", true},
1492 {"TLS11", VersionTLS11, "-no-tls11", false},
1493 {"TLS12", VersionTLS12, "-no-tls12", true},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1494}
1495
1496var testCipherSuites = []struct {
1497 name string
1498 id uint16
1499}{
1500 {"3DES-SHA", TLS_RSA_WITH_3DES_EDE_CBC_SHA},
David Benjaminf4e5c4e2014-08-02 17:35:45 -0400[diff] [blame]1501 {"AES128-GCM", TLS_RSA_WITH_AES_128_GCM_SHA256},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1502 {"AES128-SHA", TLS_RSA_WITH_AES_128_CBC_SHA},
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1503 {"AES128-SHA256", TLS_RSA_WITH_AES_128_CBC_SHA256},
David Benjaminf4e5c4e2014-08-02 17:35:45 -0400[diff] [blame]1504 {"AES256-GCM", TLS_RSA_WITH_AES_256_GCM_SHA384},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1505 {"AES256-SHA", TLS_RSA_WITH_AES_256_CBC_SHA},
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1506 {"AES256-SHA256", TLS_RSA_WITH_AES_256_CBC_SHA256},
David Benjaminf4e5c4e2014-08-02 17:35:45 -0400[diff] [blame]1507 {"DHE-RSA-AES128-GCM", TLS_DHE_RSA_WITH_AES_128_GCM_SHA256},
1508 {"DHE-RSA-AES128-SHA", TLS_DHE_RSA_WITH_AES_128_CBC_SHA},
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1509 {"DHE-RSA-AES128-SHA256", TLS_DHE_RSA_WITH_AES_128_CBC_SHA256},
David Benjaminf4e5c4e2014-08-02 17:35:45 -0400[diff] [blame]1510 {"DHE-RSA-AES256-GCM", TLS_DHE_RSA_WITH_AES_256_GCM_SHA384},
1511 {"DHE-RSA-AES256-SHA", TLS_DHE_RSA_WITH_AES_256_CBC_SHA},
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1512 {"DHE-RSA-AES256-SHA256", TLS_DHE_RSA_WITH_AES_256_CBC_SHA256},
David Benjamine9a80ff2015-04-07 00:46:46 -0400[diff] [blame]1513 {"DHE-RSA-CHACHA20-POLY1305", TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1514 {"ECDHE-ECDSA-AES128-GCM", TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
1515 {"ECDHE-ECDSA-AES128-SHA", TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA},
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1516 {"ECDHE-ECDSA-AES128-SHA256", TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256},
1517 {"ECDHE-ECDSA-AES256-GCM", TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1518 {"ECDHE-ECDSA-AES256-SHA", TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA},
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1519 {"ECDHE-ECDSA-AES256-SHA384", TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384},
David Benjamine9a80ff2015-04-07 00:46:46 -0400[diff] [blame]1520 {"ECDHE-ECDSA-CHACHA20-POLY1305", TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1521 {"ECDHE-ECDSA-RC4-SHA", TLS_ECDHE_ECDSA_WITH_RC4_128_SHA},
David Benjamin2af684f2014-10-27 02:23:15 -0400[diff] [blame]1522 {"ECDHE-PSK-WITH-AES-128-GCM-SHA256", TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1523 {"ECDHE-RSA-AES128-GCM", TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1524 {"ECDHE-RSA-AES128-SHA", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1525 {"ECDHE-RSA-AES128-SHA256", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256},
David Benjaminf4e5c4e2014-08-02 17:35:45 -0400[diff] [blame]1526 {"ECDHE-RSA-AES256-GCM", TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1527 {"ECDHE-RSA-AES256-SHA", TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA},
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1528 {"ECDHE-RSA-AES256-SHA384", TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384},
David Benjamine9a80ff2015-04-07 00:46:46 -0400[diff] [blame]1529 {"ECDHE-RSA-CHACHA20-POLY1305", TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1530 {"ECDHE-RSA-RC4-SHA", TLS_ECDHE_RSA_WITH_RC4_128_SHA},
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1531 {"PSK-AES128-CBC-SHA", TLS_PSK_WITH_AES_128_CBC_SHA},
1532 {"PSK-AES256-CBC-SHA", TLS_PSK_WITH_AES_256_CBC_SHA},
1533 {"PSK-RC4-SHA", TLS_PSK_WITH_RC4_128_SHA},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1534 {"RC4-MD5", TLS_RSA_WITH_RC4_128_MD5},
David Benjaminf4e5c4e2014-08-02 17:35:45 -0400[diff] [blame]1535 {"RC4-SHA", TLS_RSA_WITH_RC4_128_SHA},
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1536}
1537
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]1538func hasComponent(suiteName, component string) bool {
1539 return strings.Contains("-"+suiteName+"-", "-"+component+"-")
1540}
1541
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1542func isTLS12Only(suiteName string) bool {
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]1543 return hasComponent(suiteName, "GCM") ||
1544 hasComponent(suiteName, "SHA256") ||
David Benjamine9a80ff2015-04-07 00:46:46 -0400[diff] [blame]1545 hasComponent(suiteName, "SHA384") ||
1546 hasComponent(suiteName, "POLY1305")
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]1547}
1548
1549func isDTLSCipher(suiteName string) bool {
David Benjamine95d20d2014-12-23 11:16:01 -0500[diff] [blame]1550 return !hasComponent(suiteName, "RC4")
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1551}
1552
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1553func addCipherSuiteTests() {
1554 for _, suite := range testCipherSuites {
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1555 const psk = "12345"
1556 const pskIdentity = "luggage combo"
1557
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1558 var cert Certificate
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1559 var certFile string
1560 var keyFile string
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]1561 if hasComponent(suite.name, "ECDSA") {
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1562 cert = getECDSACertificate()
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1563 certFile = ecdsaCertificateFile
1564 keyFile = ecdsaKeyFile
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1565 } else {
1566 cert = getRSACertificate()
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1567 certFile = rsaCertificateFile
1568 keyFile = rsaKeyFile
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1569 }
1570
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1571 var flags []string
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]1572 if hasComponent(suite.name, "PSK") {
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1573 flags = append(flags,
1574 "-psk", psk,
1575 "-psk-identity", pskIdentity)
1576 }
1577
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1578 for _, ver := range tlsVersions {
David Benjaminf7768e42014-08-31 02:06:47 -0400[diff] [blame]1579 if ver.version < VersionTLS12 && isTLS12Only(suite.name) {
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1580 continue
1581 }
1582
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1583 testCases = append(testCases, testCase{
1584 testType: clientTest,
1585 name: ver.name + "-" + suite.name + "-client",
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1586 config: Config{
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1587 MinVersion: ver.version,
1588 MaxVersion: ver.version,
1589 CipherSuites: []uint16{suite.id},
1590 Certificates: []Certificate{cert},
1591 PreSharedKey: []byte(psk),
1592 PreSharedKeyIdentity: pskIdentity,
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1593 },
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1594 flags: flags,
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]1595 resumeSession: true,
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1596 })
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1597
David Benjamin76d8abe2014-08-14 16:25:34 -0400[diff] [blame]1598 testCases = append(testCases, testCase{
1599 testType: serverTest,
1600 name: ver.name + "-" + suite.name + "-server",
1601 config: Config{
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1602 MinVersion: ver.version,
1603 MaxVersion: ver.version,
1604 CipherSuites: []uint16{suite.id},
1605 Certificates: []Certificate{cert},
1606 PreSharedKey: []byte(psk),
1607 PreSharedKeyIdentity: pskIdentity,
David Benjamin76d8abe2014-08-14 16:25:34 -0400[diff] [blame]1608 },
1609 certFile: certFile,
1610 keyFile: keyFile,
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1611 flags: flags,
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]1612 resumeSession: true,
David Benjamin76d8abe2014-08-14 16:25:34 -0400[diff] [blame]1613 })
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1614
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]1615 if ver.hasDTLS && isDTLSCipher(suite.name) {
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1616 testCases = append(testCases, testCase{
1617 testType: clientTest,
1618 protocol: dtls,
1619 name: "D" + ver.name + "-" + suite.name + "-client",
1620 config: Config{
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1621 MinVersion: ver.version,
1622 MaxVersion: ver.version,
1623 CipherSuites: []uint16{suite.id},
1624 Certificates: []Certificate{cert},
1625 PreSharedKey: []byte(psk),
1626 PreSharedKeyIdentity: pskIdentity,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1627 },
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1628 flags: flags,
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]1629 resumeSession: true,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1630 })
1631 testCases = append(testCases, testCase{
1632 testType: serverTest,
1633 protocol: dtls,
1634 name: "D" + ver.name + "-" + suite.name + "-server",
1635 config: Config{
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1636 MinVersion: ver.version,
1637 MaxVersion: ver.version,
1638 CipherSuites: []uint16{suite.id},
1639 Certificates: []Certificate{cert},
1640 PreSharedKey: []byte(psk),
1641 PreSharedKeyIdentity: pskIdentity,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1642 },
1643 certFile: certFile,
1644 keyFile: keyFile,
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1645 flags: flags,
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]1646 resumeSession: true,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1647 })
1648 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1649 }
1650 }
1651}
1652
1653func addBadECDSASignatureTests() {
1654 for badR := BadValue(1); badR < NumBadValues; badR++ {
1655 for badS := BadValue(1); badS < NumBadValues; badS++ {
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1656 testCases = append(testCases, testCase{
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1657 name: fmt.Sprintf("BadECDSA-%d-%d", badR, badS),
1658 config: Config{
1659 CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
1660 Certificates: []Certificate{getECDSACertificate()},
1661 Bugs: ProtocolBugs{
1662 BadECDSAR: badR,
1663 BadECDSAS: badS,
1664 },
1665 },
1666 shouldFail: true,
1667 expectedError: "SIGNATURE",
1668 })
1669 }
1670 }
1671}
1672
Adam Langley80842bd2014-06-20 12:00:00 -0700[diff] [blame]1673func addCBCPaddingTests() {
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1674 testCases = append(testCases, testCase{
Adam Langley80842bd2014-06-20 12:00:00 -0700[diff] [blame]1675 name: "MaxCBCPadding",
1676 config: Config{
1677 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
1678 Bugs: ProtocolBugs{
1679 MaxPadding: true,
1680 },
1681 },
1682 messageLen: 12, // 20 bytes of SHA-1 + 12 == 0 % block size
1683 })
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1684 testCases = append(testCases, testCase{
Adam Langley80842bd2014-06-20 12:00:00 -0700[diff] [blame]1685 name: "BadCBCPadding",
1686 config: Config{
1687 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
1688 Bugs: ProtocolBugs{
1689 PaddingFirstByteBad: true,
1690 },
1691 },
1692 shouldFail: true,
1693 expectedError: "DECRYPTION_FAILED_OR_BAD_RECORD_MAC",
1694 })
1695 // OpenSSL previously had an issue where the first byte of padding in
1696 // 255 bytes of padding wasn't checked.
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]1697 testCases = append(testCases, testCase{
Adam Langley80842bd2014-06-20 12:00:00 -0700[diff] [blame]1698 name: "BadCBCPadding255",
1699 config: Config{
1700 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
1701 Bugs: ProtocolBugs{
1702 MaxPadding: true,
1703 PaddingFirstByteBadIf255: true,
1704 },
1705 },
1706 messageLen: 12, // 20 bytes of SHA-1 + 12 == 0 % block size
1707 shouldFail: true,
1708 expectedError: "DECRYPTION_FAILED_OR_BAD_RECORD_MAC",
1709 })
1710}
1711
Kenny Root7fdeaf12014-08-05 15:23:37 -0700[diff] [blame]1712func addCBCSplittingTests() {
1713 testCases = append(testCases, testCase{
1714 name: "CBCRecordSplitting",
1715 config: Config{
1716 MaxVersion: VersionTLS10,
1717 MinVersion: VersionTLS10,
1718 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
1719 },
1720 messageLen: -1, // read until EOF
1721 flags: []string{
1722 "-async",
1723 "-write-different-record-sizes",
1724 "-cbc-record-splitting",
1725 },
David Benjamina8e3e0e2014-08-06 22:11:10 -0400[diff] [blame]1726 })
1727 testCases = append(testCases, testCase{
Kenny Root7fdeaf12014-08-05 15:23:37 -0700[diff] [blame]1728 name: "CBCRecordSplittingPartialWrite",
1729 config: Config{
1730 MaxVersion: VersionTLS10,
1731 MinVersion: VersionTLS10,
1732 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
1733 },
1734 messageLen: -1, // read until EOF
1735 flags: []string{
1736 "-async",
1737 "-write-different-record-sizes",
1738 "-cbc-record-splitting",
1739 "-partial-write",
1740 },
1741 })
1742}
1743
David Benjamin636293b2014-07-08 17:59:18 -0400[diff] [blame]1744func addClientAuthTests() {
David Benjamin407a10c2014-07-16 12:58:59 -0400[diff] [blame]1745 // Add a dummy cert pool to stress certificate authority parsing.
1746 // TODO(davidben): Add tests that those values parse out correctly.
1747 certPool := x509.NewCertPool()
1748 cert, err := x509.ParseCertificate(rsaCertificate.Certificate[0])
1749 if err != nil {
1750 panic(err)
1751 }
1752 certPool.AddCert(cert)
1753
David Benjamin636293b2014-07-08 17:59:18 -0400[diff] [blame]1754 for _, ver := range tlsVersions {
David Benjamin636293b2014-07-08 17:59:18 -0400[diff] [blame]1755 testCases = append(testCases, testCase{
1756 testType: clientTest,
David Benjamin67666e72014-07-12 15:47:52 -0400[diff] [blame]1757 name: ver.name + "-Client-ClientAuth-RSA",
David Benjamin636293b2014-07-08 17:59:18 -0400[diff] [blame]1758 config: Config{
David Benjamine098ec22014-08-27 23:13:20 -0400[diff] [blame]1759 MinVersion: ver.version,
1760 MaxVersion: ver.version,
1761 ClientAuth: RequireAnyClientCert,
1762 ClientCAs: certPool,
David Benjamin636293b2014-07-08 17:59:18 -0400[diff] [blame]1763 },
1764 flags: []string{
1765 "-cert-file", rsaCertificateFile,
1766 "-key-file", rsaKeyFile,
1767 },
1768 })
1769 testCases = append(testCases, testCase{
David Benjamin67666e72014-07-12 15:47:52 -0400[diff] [blame]1770 testType: serverTest,
1771 name: ver.name + "-Server-ClientAuth-RSA",
1772 config: Config{
David Benjamine098ec22014-08-27 23:13:20 -0400[diff] [blame]1773 MinVersion: ver.version,
1774 MaxVersion: ver.version,
David Benjamin67666e72014-07-12 15:47:52 -0400[diff] [blame]1775 Certificates: []Certificate{rsaCertificate},
1776 },
1777 flags: []string{"-require-any-client-certificate"},
1778 })
David Benjamine098ec22014-08-27 23:13:20 -0400[diff] [blame]1779 if ver.version != VersionSSL30 {
1780 testCases = append(testCases, testCase{
1781 testType: serverTest,
1782 name: ver.name + "-Server-ClientAuth-ECDSA",
1783 config: Config{
1784 MinVersion: ver.version,
1785 MaxVersion: ver.version,
1786 Certificates: []Certificate{ecdsaCertificate},
1787 },
1788 flags: []string{"-require-any-client-certificate"},
1789 })
1790 testCases = append(testCases, testCase{
1791 testType: clientTest,
1792 name: ver.name + "-Client-ClientAuth-ECDSA",
1793 config: Config{
1794 MinVersion: ver.version,
1795 MaxVersion: ver.version,
1796 ClientAuth: RequireAnyClientCert,
1797 ClientCAs: certPool,
1798 },
1799 flags: []string{
1800 "-cert-file", ecdsaCertificateFile,
1801 "-key-file", ecdsaKeyFile,
1802 },
1803 })
1804 }
David Benjamin636293b2014-07-08 17:59:18 -0400[diff] [blame]1805 }
1806}
1807
Adam Langley75712922014-10-10 16:23:43 -0700[diff] [blame]1808func addExtendedMasterSecretTests() {
1809 const expectEMSFlag = "-expect-extended-master-secret"
1810
1811 for _, with := range []bool{false, true} {
1812 prefix := "No"
1813 var flags []string
1814 if with {
1815 prefix = ""
1816 flags = []string{expectEMSFlag}
1817 }
1818
1819 for _, isClient := range []bool{false, true} {
1820 suffix := "-Server"
1821 testType := serverTest
1822 if isClient {
1823 suffix = "-Client"
1824 testType = clientTest
1825 }
1826
1827 for _, ver := range tlsVersions {
1828 test := testCase{
1829 testType: testType,
1830 name: prefix + "ExtendedMasterSecret-" + ver.name + suffix,
1831 config: Config{
1832 MinVersion: ver.version,
1833 MaxVersion: ver.version,
1834 Bugs: ProtocolBugs{
1835 NoExtendedMasterSecret: !with,
1836 RequireExtendedMasterSecret: with,
1837 },
1838 },
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]1839 flags: flags,
1840 shouldFail: ver.version == VersionSSL30 && with,
Adam Langley75712922014-10-10 16:23:43 -0700[diff] [blame]1841 }
1842 if test.shouldFail {
1843 test.expectedLocalError = "extended master secret required but not supported by peer"
1844 }
1845 testCases = append(testCases, test)
1846 }
1847 }
1848 }
1849
1850 // When a session is resumed, it should still be aware that its master
1851 // secret was generated via EMS and thus it's safe to use tls-unique.
1852 testCases = append(testCases, testCase{
1853 name: "ExtendedMasterSecret-Resume",
1854 config: Config{
1855 Bugs: ProtocolBugs{
1856 RequireExtendedMasterSecret: true,
1857 },
1858 },
1859 flags: []string{expectEMSFlag},
1860 resumeSession: true,
1861 })
1862}
1863
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1864// Adds tests that try to cover the range of the handshake state machine, under
1865// various conditions. Some of these are redundant with other tests, but they
1866// only cover the synchronous case.
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1867func addStateMachineCoverageTests(async, splitHandshake bool, protocol protocol) {
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1868 var suffix string
1869 var flags []string
1870 var maxHandshakeRecordLength int
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1871 if protocol == dtls {
1872 suffix = "-DTLS"
1873 }
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1874 if async {
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1875 suffix += "-Async"
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1876 flags = append(flags, "-async")
1877 } else {
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1878 suffix += "-Sync"
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1879 }
1880 if splitHandshake {
1881 suffix += "-SplitHandshakeRecords"
David Benjamin98214542014-08-07 18:02:39 -0400[diff] [blame]1882 maxHandshakeRecordLength = 1
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1883 }
1884
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]1885 // Basic handshake, with resumption. Client and server,
1886 // session ID and session ticket.
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1887 testCases = append(testCases, testCase{
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1888 protocol: protocol,
1889 name: "Basic-Client" + suffix,
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1890 config: Config{
1891 Bugs: ProtocolBugs{
1892 MaxHandshakeRecordLength: maxHandshakeRecordLength,
1893 },
1894 },
David Benjaminbed9aae2014-08-07 19:13:38 -0400[diff] [blame]1895 flags: flags,
1896 resumeSession: true,
1897 })
1898 testCases = append(testCases, testCase{
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1899 protocol: protocol,
1900 name: "Basic-Client-RenewTicket" + suffix,
David Benjaminbed9aae2014-08-07 19:13:38 -0400[diff] [blame]1901 config: Config{
1902 Bugs: ProtocolBugs{
1903 MaxHandshakeRecordLength: maxHandshakeRecordLength,
1904 RenewTicketOnResume: true,
1905 },
1906 },
1907 flags: flags,
1908 resumeSession: true,
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1909 })
1910 testCases = append(testCases, testCase{
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1911 protocol: protocol,
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]1912 name: "Basic-Client-NoTicket" + suffix,
1913 config: Config{
1914 SessionTicketsDisabled: true,
1915 Bugs: ProtocolBugs{
1916 MaxHandshakeRecordLength: maxHandshakeRecordLength,
1917 },
1918 },
1919 flags: flags,
1920 resumeSession: true,
1921 })
1922 testCases = append(testCases, testCase{
1923 protocol: protocol,
David Benjamine0e7d0d2015-02-08 19:33:25 -0500[diff] [blame]1924 name: "Basic-Client-Implicit" + suffix,
1925 config: Config{
1926 Bugs: ProtocolBugs{
1927 MaxHandshakeRecordLength: maxHandshakeRecordLength,
1928 },
1929 },
1930 flags: append(flags, "-implicit-handshake"),
1931 resumeSession: true,
1932 })
1933 testCases = append(testCases, testCase{
1934 protocol: protocol,
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1935 testType: serverTest,
1936 name: "Basic-Server" + suffix,
1937 config: Config{
1938 Bugs: ProtocolBugs{
1939 MaxHandshakeRecordLength: maxHandshakeRecordLength,
1940 },
1941 },
David Benjaminbed9aae2014-08-07 19:13:38 -0400[diff] [blame]1942 flags: flags,
1943 resumeSession: true,
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1944 })
David Benjaminfe8eb9a2014-11-17 03:19:02 -0500[diff] [blame]1945 testCases = append(testCases, testCase{
1946 protocol: protocol,
1947 testType: serverTest,
1948 name: "Basic-Server-NoTickets" + suffix,
1949 config: Config{
1950 SessionTicketsDisabled: true,
1951 Bugs: ProtocolBugs{
1952 MaxHandshakeRecordLength: maxHandshakeRecordLength,
1953 },
1954 },
1955 flags: flags,
1956 resumeSession: true,
1957 })
David Benjamine0e7d0d2015-02-08 19:33:25 -0500[diff] [blame]1958 testCases = append(testCases, testCase{
1959 protocol: protocol,
1960 testType: serverTest,
1961 name: "Basic-Server-Implicit" + suffix,
1962 config: Config{
1963 Bugs: ProtocolBugs{
1964 MaxHandshakeRecordLength: maxHandshakeRecordLength,
1965 },
1966 },
1967 flags: append(flags, "-implicit-handshake"),
1968 resumeSession: true,
1969 })
David Benjamin6f5c0f42015-02-24 01:23:21 -0500[diff] [blame]1970 testCases = append(testCases, testCase{
1971 protocol: protocol,
1972 testType: serverTest,
1973 name: "Basic-Server-EarlyCallback" + suffix,
1974 config: Config{
1975 Bugs: ProtocolBugs{
1976 MaxHandshakeRecordLength: maxHandshakeRecordLength,
1977 },
1978 },
1979 flags: append(flags, "-use-early-callback"),
1980 resumeSession: true,
1981 })
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]1982
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1983 // TLS client auth.
1984 testCases = append(testCases, testCase{
1985 protocol: protocol,
1986 testType: clientTest,
1987 name: "ClientAuth-Client" + suffix,
1988 config: Config{
David Benjamine098ec22014-08-27 23:13:20 -0400[diff] [blame]1989 ClientAuth: RequireAnyClientCert,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]1990 Bugs: ProtocolBugs{
1991 MaxHandshakeRecordLength: maxHandshakeRecordLength,
1992 },
1993 },
1994 flags: append(flags,
1995 "-cert-file", rsaCertificateFile,
1996 "-key-file", rsaKeyFile),
1997 })
1998 testCases = append(testCases, testCase{
1999 protocol: protocol,
2000 testType: serverTest,
2001 name: "ClientAuth-Server" + suffix,
2002 config: Config{
2003 Certificates: []Certificate{rsaCertificate},
2004 },
2005 flags: append(flags, "-require-any-client-certificate"),
2006 })
2007
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]2008 // No session ticket support; server doesn't send NewSessionTicket.
2009 testCases = append(testCases, testCase{
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2010 protocol: protocol,
2011 name: "SessionTicketsDisabled-Client" + suffix,
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]2012 config: Config{
2013 SessionTicketsDisabled: true,
2014 Bugs: ProtocolBugs{
2015 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2016 },
2017 },
2018 flags: flags,
2019 })
2020 testCases = append(testCases, testCase{
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2021 protocol: protocol,
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]2022 testType: serverTest,
2023 name: "SessionTicketsDisabled-Server" + suffix,
2024 config: Config{
2025 SessionTicketsDisabled: true,
2026 Bugs: ProtocolBugs{
2027 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2028 },
2029 },
2030 flags: flags,
2031 })
2032
David Benjamin48cae082014-10-27 01:06:24 -0400[diff] [blame]2033 // Skip ServerKeyExchange in PSK key exchange if there's no
2034 // identity hint.
2035 testCases = append(testCases, testCase{
2036 protocol: protocol,
2037 name: "EmptyPSKHint-Client" + suffix,
2038 config: Config{
2039 CipherSuites: []uint16{TLS_PSK_WITH_AES_128_CBC_SHA},
2040 PreSharedKey: []byte("secret"),
2041 Bugs: ProtocolBugs{
2042 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2043 },
2044 },
2045 flags: append(flags, "-psk", "secret"),
2046 })
2047 testCases = append(testCases, testCase{
2048 protocol: protocol,
2049 testType: serverTest,
2050 name: "EmptyPSKHint-Server" + suffix,
2051 config: Config{
2052 CipherSuites: []uint16{TLS_PSK_WITH_AES_128_CBC_SHA},
2053 PreSharedKey: []byte("secret"),
2054 Bugs: ProtocolBugs{
2055 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2056 },
2057 },
2058 flags: append(flags, "-psk", "secret"),
2059 })
2060
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2061 if protocol == tls {
2062 // NPN on client and server; results in post-handshake message.
2063 testCases = append(testCases, testCase{
2064 protocol: protocol,
2065 name: "NPN-Client" + suffix,
2066 config: Config{
David Benjaminae2888f2014-09-06 12:58:58 -0400[diff] [blame]2067 NextProtos: []string{"foo"},
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2068 Bugs: ProtocolBugs{
2069 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2070 },
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]2071 },
David Benjaminfc7b0862014-09-06 13:21:53 -0400[diff] [blame]2072 flags: append(flags, "-select-next-proto", "foo"),
2073 expectedNextProto: "foo",
2074 expectedNextProtoType: npn,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2075 })
2076 testCases = append(testCases, testCase{
2077 protocol: protocol,
2078 testType: serverTest,
2079 name: "NPN-Server" + suffix,
2080 config: Config{
2081 NextProtos: []string{"bar"},
2082 Bugs: ProtocolBugs{
2083 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2084 },
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]2085 },
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2086 flags: append(flags,
2087 "-advertise-npn", "\x03foo\x03bar\x03baz",
2088 "-expect-next-proto", "bar"),
David Benjaminfc7b0862014-09-06 13:21:53 -0400[diff] [blame]2089 expectedNextProto: "bar",
2090 expectedNextProtoType: npn,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2091 })
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]2092
David Benjamin195dc782015-02-19 13:27:05 -0500[diff] [blame]2093 // TODO(davidben): Add tests for when False Start doesn't trigger.
2094
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2095 // Client does False Start and negotiates NPN.
2096 testCases = append(testCases, testCase{
2097 protocol: protocol,
2098 name: "FalseStart" + suffix,
2099 config: Config{
2100 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
2101 NextProtos: []string{"foo"},
2102 Bugs: ProtocolBugs{
David Benjamine58c4f52014-08-24 03:47:07 -0400[diff] [blame]2103 ExpectFalseStart: true,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2104 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2105 },
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]2106 },
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2107 flags: append(flags,
2108 "-false-start",
2109 "-select-next-proto", "foo"),
David Benjamine58c4f52014-08-24 03:47:07 -0400[diff] [blame]2110 shimWritesFirst: true,
2111 resumeSession: true,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2112 })
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]2113
David Benjaminae2888f2014-09-06 12:58:58 -0400[diff] [blame]2114 // Client does False Start and negotiates ALPN.
2115 testCases = append(testCases, testCase{
2116 protocol: protocol,
2117 name: "FalseStart-ALPN" + suffix,
2118 config: Config{
2119 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
2120 NextProtos: []string{"foo"},
2121 Bugs: ProtocolBugs{
2122 ExpectFalseStart: true,
2123 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2124 },
2125 },
2126 flags: append(flags,
2127 "-false-start",
2128 "-advertise-alpn", "\x03foo"),
2129 shimWritesFirst: true,
2130 resumeSession: true,
2131 })
2132
David Benjamin931ab342015-02-08 19:46:57 -0500[diff] [blame]2133 // Client does False Start but doesn't explicitly call
2134 // SSL_connect.
2135 testCases = append(testCases, testCase{
2136 protocol: protocol,
2137 name: "FalseStart-Implicit" + suffix,
2138 config: Config{
2139 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
2140 NextProtos: []string{"foo"},
2141 Bugs: ProtocolBugs{
2142 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2143 },
2144 },
2145 flags: append(flags,
2146 "-implicit-handshake",
2147 "-false-start",
2148 "-advertise-alpn", "\x03foo"),
2149 })
2150
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2151 // False Start without session tickets.
2152 testCases = append(testCases, testCase{
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]2153 name: "FalseStart-SessionTicketsDisabled" + suffix,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2154 config: Config{
2155 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
2156 NextProtos: []string{"foo"},
2157 SessionTicketsDisabled: true,
David Benjamin4e99c522014-08-24 01:45:30 -0400[diff] [blame]2158 Bugs: ProtocolBugs{
David Benjamine58c4f52014-08-24 03:47:07 -0400[diff] [blame]2159 ExpectFalseStart: true,
David Benjamin4e99c522014-08-24 01:45:30 -0400[diff] [blame]2160 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2161 },
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]2162 },
David Benjamin4e99c522014-08-24 01:45:30 -0400[diff] [blame]2163 flags: append(flags,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2164 "-false-start",
2165 "-select-next-proto", "foo",
David Benjamin4e99c522014-08-24 01:45:30 -0400[diff] [blame]2166 ),
David Benjamine58c4f52014-08-24 03:47:07 -0400[diff] [blame]2167 shimWritesFirst: true,
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2168 })
David Benjamin1e7f8d72014-08-08 12:27:04 -0400[diff] [blame]2169
David Benjamina08e49d2014-08-24 01:46:07 -0400[diff] [blame]2170 // Server parses a V2ClientHello.
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2171 testCases = append(testCases, testCase{
2172 protocol: protocol,
2173 testType: serverTest,
2174 name: "SendV2ClientHello" + suffix,
2175 config: Config{
2176 // Choose a cipher suite that does not involve
2177 // elliptic curves, so no extensions are
2178 // involved.
2179 CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA},
2180 Bugs: ProtocolBugs{
2181 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2182 SendV2ClientHello: true,
2183 },
David Benjamin1e7f8d72014-08-08 12:27:04 -0400[diff] [blame]2184 },
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2185 flags: flags,
2186 })
David Benjamina08e49d2014-08-24 01:46:07 -0400[diff] [blame]2187
2188 // Client sends a Channel ID.
2189 testCases = append(testCases, testCase{
2190 protocol: protocol,
2191 name: "ChannelID-Client" + suffix,
2192 config: Config{
2193 RequestChannelID: true,
2194 Bugs: ProtocolBugs{
2195 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2196 },
2197 },
2198 flags: append(flags,
2199 "-send-channel-id", channelIDKeyFile,
2200 ),
2201 resumeSession: true,
2202 expectChannelID: true,
2203 })
2204
2205 // Server accepts a Channel ID.
2206 testCases = append(testCases, testCase{
2207 protocol: protocol,
2208 testType: serverTest,
2209 name: "ChannelID-Server" + suffix,
2210 config: Config{
2211 ChannelID: channelIDKey,
2212 Bugs: ProtocolBugs{
2213 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2214 },
2215 },
2216 flags: append(flags,
2217 "-expect-channel-id",
2218 base64.StdEncoding.EncodeToString(channelIDBytes),
2219 ),
2220 resumeSession: true,
2221 expectChannelID: true,
2222 })
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2223 } else {
2224 testCases = append(testCases, testCase{
2225 protocol: protocol,
2226 name: "SkipHelloVerifyRequest" + suffix,
2227 config: Config{
2228 Bugs: ProtocolBugs{
2229 MaxHandshakeRecordLength: maxHandshakeRecordLength,
2230 SkipHelloVerifyRequest: true,
2231 },
2232 },
2233 flags: flags,
2234 })
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]2235 }
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]2236}
2237
Adam Langley524e7172015-02-20 16:04:00 -0800[diff] [blame]2238func addDDoSCallbackTests() {
2239 // DDoS callback.
2240
2241 for _, resume := range []bool{false, true} {
2242 suffix := "Resume"
2243 if resume {
2244 suffix = "No" + suffix
2245 }
2246
2247 testCases = append(testCases, testCase{
2248 testType: serverTest,
2249 name: "Server-DDoS-OK-" + suffix,
2250 flags: []string{"-install-ddos-callback"},
2251 resumeSession: resume,
2252 })
2253
2254 failFlag := "-fail-ddos-callback"
2255 if resume {
2256 failFlag = "-fail-second-ddos-callback"
2257 }
2258 testCases = append(testCases, testCase{
2259 testType: serverTest,
2260 name: "Server-DDoS-Reject-" + suffix,
2261 flags: []string{"-install-ddos-callback", failFlag},
2262 resumeSession: resume,
2263 shouldFail: true,
2264 expectedError: ":CONNECTION_REJECTED:",
2265 })
2266 }
2267}
2268
David Benjamin7e2e6cf2014-08-07 17:44:24 -0400[diff] [blame]2269func addVersionNegotiationTests() {
2270 for i, shimVers := range tlsVersions {
2271 // Assemble flags to disable all newer versions on the shim.
2272 var flags []string
2273 for _, vers := range tlsVersions[i+1:] {
2274 flags = append(flags, vers.flag)
2275 }
2276
2277 for _, runnerVers := range tlsVersions {
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2278 protocols := []protocol{tls}
2279 if runnerVers.hasDTLS && shimVers.hasDTLS {
2280 protocols = append(protocols, dtls)
David Benjamin7e2e6cf2014-08-07 17:44:24 -0400[diff] [blame]2281 }
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2282 for _, protocol := range protocols {
2283 expectedVersion := shimVers.version
2284 if runnerVers.version < shimVers.version {
2285 expectedVersion = runnerVers.version
2286 }
David Benjamin7e2e6cf2014-08-07 17:44:24 -0400[diff] [blame]2287
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2288 suffix := shimVers.name + "-" + runnerVers.name
2289 if protocol == dtls {
2290 suffix += "-DTLS"
2291 }
David Benjamin7e2e6cf2014-08-07 17:44:24 -0400[diff] [blame]2292
David Benjamin1eb367c2014-12-12 18:17:51 -0500[diff] [blame]2293 shimVersFlag := strconv.Itoa(int(versionToWire(shimVers.version, protocol == dtls)))
2294
David Benjamin1e29a6b2014-12-10 02:27:24 -0500[diff] [blame]2295 clientVers := shimVers.version
2296 if clientVers > VersionTLS10 {
2297 clientVers = VersionTLS10
2298 }
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2299 testCases = append(testCases, testCase{
2300 protocol: protocol,
2301 testType: clientTest,
2302 name: "VersionNegotiation-Client-" + suffix,
2303 config: Config{
2304 MaxVersion: runnerVers.version,
David Benjamin1e29a6b2014-12-10 02:27:24 -0500[diff] [blame]2305 Bugs: ProtocolBugs{
2306 ExpectInitialRecordVersion: clientVers,
2307 },
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2308 },
2309 flags: flags,
2310 expectedVersion: expectedVersion,
2311 })
David Benjamin1eb367c2014-12-12 18:17:51 -0500[diff] [blame]2312 testCases = append(testCases, testCase{
2313 protocol: protocol,
2314 testType: clientTest,
2315 name: "VersionNegotiation-Client2-" + suffix,
2316 config: Config{
2317 MaxVersion: runnerVers.version,
2318 Bugs: ProtocolBugs{
2319 ExpectInitialRecordVersion: clientVers,
2320 },
2321 },
2322 flags: []string{"-max-version", shimVersFlag},
2323 expectedVersion: expectedVersion,
2324 })
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2325
2326 testCases = append(testCases, testCase{
2327 protocol: protocol,
2328 testType: serverTest,
2329 name: "VersionNegotiation-Server-" + suffix,
2330 config: Config{
2331 MaxVersion: runnerVers.version,
David Benjamin1e29a6b2014-12-10 02:27:24 -0500[diff] [blame]2332 Bugs: ProtocolBugs{
2333 ExpectInitialRecordVersion: expectedVersion,
2334 },
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2335 },
2336 flags: flags,
2337 expectedVersion: expectedVersion,
2338 })
David Benjamin1eb367c2014-12-12 18:17:51 -0500[diff] [blame]2339 testCases = append(testCases, testCase{
2340 protocol: protocol,
2341 testType: serverTest,
2342 name: "VersionNegotiation-Server2-" + suffix,
2343 config: Config{
2344 MaxVersion: runnerVers.version,
2345 Bugs: ProtocolBugs{
2346 ExpectInitialRecordVersion: expectedVersion,
2347 },
2348 },
2349 flags: []string{"-max-version", shimVersFlag},
2350 expectedVersion: expectedVersion,
2351 })
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2352 }
David Benjamin7e2e6cf2014-08-07 17:44:24 -0400[diff] [blame]2353 }
2354 }
2355}
2356
David Benjaminaccb4542014-12-12 23:44:33 -0500[diff] [blame]2357func addMinimumVersionTests() {
2358 for i, shimVers := range tlsVersions {
2359 // Assemble flags to disable all older versions on the shim.
2360 var flags []string
2361 for _, vers := range tlsVersions[:i] {
2362 flags = append(flags, vers.flag)
2363 }
2364
2365 for _, runnerVers := range tlsVersions {
2366 protocols := []protocol{tls}
2367 if runnerVers.hasDTLS && shimVers.hasDTLS {
2368 protocols = append(protocols, dtls)
2369 }
2370 for _, protocol := range protocols {
2371 suffix := shimVers.name + "-" + runnerVers.name
2372 if protocol == dtls {
2373 suffix += "-DTLS"
2374 }
2375 shimVersFlag := strconv.Itoa(int(versionToWire(shimVers.version, protocol == dtls)))
2376
David Benjaminaccb4542014-12-12 23:44:33 -0500[diff] [blame]2377 var expectedVersion uint16
2378 var shouldFail bool
2379 var expectedError string
David Benjamin87909c02014-12-13 01:55:01 -0500[diff] [blame]2380 var expectedLocalError string
David Benjaminaccb4542014-12-12 23:44:33 -0500[diff] [blame]2381 if runnerVers.version >= shimVers.version {
2382 expectedVersion = runnerVers.version
2383 } else {
2384 shouldFail = true
2385 expectedError = ":UNSUPPORTED_PROTOCOL:"
David Benjamin87909c02014-12-13 01:55:01 -0500[diff] [blame]2386 if runnerVers.version > VersionSSL30 {
2387 expectedLocalError = "remote error: protocol version not supported"
2388 } else {
2389 expectedLocalError = "remote error: handshake failure"
2390 }
David Benjaminaccb4542014-12-12 23:44:33 -0500[diff] [blame]2391 }
2392
2393 testCases = append(testCases, testCase{
2394 protocol: protocol,
2395 testType: clientTest,
2396 name: "MinimumVersion-Client-" + suffix,
2397 config: Config{
2398 MaxVersion: runnerVers.version,
2399 },
David Benjamin87909c02014-12-13 01:55:01 -0500[diff] [blame]2400 flags: flags,
2401 expectedVersion: expectedVersion,
2402 shouldFail: shouldFail,
2403 expectedError: expectedError,
2404 expectedLocalError: expectedLocalError,
David Benjaminaccb4542014-12-12 23:44:33 -0500[diff] [blame]2405 })
2406 testCases = append(testCases, testCase{
2407 protocol: protocol,
2408 testType: clientTest,
2409 name: "MinimumVersion-Client2-" + suffix,
2410 config: Config{
2411 MaxVersion: runnerVers.version,
2412 },
David Benjamin87909c02014-12-13 01:55:01 -0500[diff] [blame]2413 flags: []string{"-min-version", shimVersFlag},
2414 expectedVersion: expectedVersion,
2415 shouldFail: shouldFail,
2416 expectedError: expectedError,
2417 expectedLocalError: expectedLocalError,
David Benjaminaccb4542014-12-12 23:44:33 -0500[diff] [blame]2418 })
2419
2420 testCases = append(testCases, testCase{
2421 protocol: protocol,
2422 testType: serverTest,
2423 name: "MinimumVersion-Server-" + suffix,
2424 config: Config{
2425 MaxVersion: runnerVers.version,
2426 },
David Benjamin87909c02014-12-13 01:55:01 -0500[diff] [blame]2427 flags: flags,
2428 expectedVersion: expectedVersion,
2429 shouldFail: shouldFail,
2430 expectedError: expectedError,
2431 expectedLocalError: expectedLocalError,
David Benjaminaccb4542014-12-12 23:44:33 -0500[diff] [blame]2432 })
2433 testCases = append(testCases, testCase{
2434 protocol: protocol,
2435 testType: serverTest,
2436 name: "MinimumVersion-Server2-" + suffix,
2437 config: Config{
2438 MaxVersion: runnerVers.version,
2439 },
David Benjamin87909c02014-12-13 01:55:01 -0500[diff] [blame]2440 flags: []string{"-min-version", shimVersFlag},
2441 expectedVersion: expectedVersion,
2442 shouldFail: shouldFail,
2443 expectedError: expectedError,
2444 expectedLocalError: expectedLocalError,
David Benjaminaccb4542014-12-12 23:44:33 -0500[diff] [blame]2445 })
2446 }
2447 }
2448 }
2449}
2450
David Benjamin5c24a1d2014-08-31 00:59:27 -0400[diff] [blame]2451func addD5BugTests() {
2452 testCases = append(testCases, testCase{
2453 testType: serverTest,
2454 name: "D5Bug-NoQuirk-Reject",
2455 config: Config{
2456 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256},
2457 Bugs: ProtocolBugs{
2458 SSL3RSAKeyExchange: true,
2459 },
2460 },
2461 shouldFail: true,
2462 expectedError: ":TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG:",
2463 })
2464 testCases = append(testCases, testCase{
2465 testType: serverTest,
2466 name: "D5Bug-Quirk-Normal",
2467 config: Config{
2468 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256},
2469 },
2470 flags: []string{"-tls-d5-bug"},
2471 })
2472 testCases = append(testCases, testCase{
2473 testType: serverTest,
2474 name: "D5Bug-Quirk-Bug",
2475 config: Config{
2476 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256},
2477 Bugs: ProtocolBugs{
2478 SSL3RSAKeyExchange: true,
2479 },
2480 },
2481 flags: []string{"-tls-d5-bug"},
2482 })
2483}
2484
David Benjamine78bfde2014-09-06 12:45:15 -0400[diff] [blame]2485func addExtensionTests() {
2486 testCases = append(testCases, testCase{
2487 testType: clientTest,
2488 name: "DuplicateExtensionClient",
2489 config: Config{
2490 Bugs: ProtocolBugs{
2491 DuplicateExtension: true,
2492 },
2493 },
2494 shouldFail: true,
2495 expectedLocalError: "remote error: error decoding message",
2496 })
2497 testCases = append(testCases, testCase{
2498 testType: serverTest,
2499 name: "DuplicateExtensionServer",
2500 config: Config{
2501 Bugs: ProtocolBugs{
2502 DuplicateExtension: true,
2503 },
2504 },
2505 shouldFail: true,
2506 expectedLocalError: "remote error: error decoding message",
2507 })
2508 testCases = append(testCases, testCase{
2509 testType: clientTest,
2510 name: "ServerNameExtensionClient",
2511 config: Config{
2512 Bugs: ProtocolBugs{
2513 ExpectServerName: "example.com",
2514 },
2515 },
2516 flags: []string{"-host-name", "example.com"},
2517 })
2518 testCases = append(testCases, testCase{
2519 testType: clientTest,
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]2520 name: "ServerNameExtensionClientMismatch",
David Benjamine78bfde2014-09-06 12:45:15 -0400[diff] [blame]2521 config: Config{
2522 Bugs: ProtocolBugs{
2523 ExpectServerName: "mismatch.com",
2524 },
2525 },
2526 flags: []string{"-host-name", "example.com"},
2527 shouldFail: true,
2528 expectedLocalError: "tls: unexpected server name",
2529 })
2530 testCases = append(testCases, testCase{
2531 testType: clientTest,
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]2532 name: "ServerNameExtensionClientMissing",
David Benjamine78bfde2014-09-06 12:45:15 -0400[diff] [blame]2533 config: Config{
2534 Bugs: ProtocolBugs{
2535 ExpectServerName: "missing.com",
2536 },
2537 },
2538 shouldFail: true,
2539 expectedLocalError: "tls: unexpected server name",
2540 })
2541 testCases = append(testCases, testCase{
2542 testType: serverTest,
2543 name: "ServerNameExtensionServer",
2544 config: Config{
2545 ServerName: "example.com",
2546 },
2547 flags: []string{"-expect-server-name", "example.com"},
2548 resumeSession: true,
2549 })
David Benjaminae2888f2014-09-06 12:58:58 -0400[diff] [blame]2550 testCases = append(testCases, testCase{
2551 testType: clientTest,
2552 name: "ALPNClient",
2553 config: Config{
2554 NextProtos: []string{"foo"},
2555 },
2556 flags: []string{
2557 "-advertise-alpn", "\x03foo\x03bar\x03baz",
2558 "-expect-alpn", "foo",
2559 },
David Benjaminfc7b0862014-09-06 13:21:53 -0400[diff] [blame]2560 expectedNextProto: "foo",
2561 expectedNextProtoType: alpn,
2562 resumeSession: true,
David Benjaminae2888f2014-09-06 12:58:58 -0400[diff] [blame]2563 })
2564 testCases = append(testCases, testCase{
2565 testType: serverTest,
2566 name: "ALPNServer",
2567 config: Config{
2568 NextProtos: []string{"foo", "bar", "baz"},
2569 },
2570 flags: []string{
2571 "-expect-advertised-alpn", "\x03foo\x03bar\x03baz",
2572 "-select-alpn", "foo",
2573 },
David Benjaminfc7b0862014-09-06 13:21:53 -0400[diff] [blame]2574 expectedNextProto: "foo",
2575 expectedNextProtoType: alpn,
2576 resumeSession: true,
2577 })
2578 // Test that the server prefers ALPN over NPN.
2579 testCases = append(testCases, testCase{
2580 testType: serverTest,
2581 name: "ALPNServer-Preferred",
2582 config: Config{
2583 NextProtos: []string{"foo", "bar", "baz"},
2584 },
2585 flags: []string{
2586 "-expect-advertised-alpn", "\x03foo\x03bar\x03baz",
2587 "-select-alpn", "foo",
2588 "-advertise-npn", "\x03foo\x03bar\x03baz",
2589 },
2590 expectedNextProto: "foo",
2591 expectedNextProtoType: alpn,
2592 resumeSession: true,
2593 })
2594 testCases = append(testCases, testCase{
2595 testType: serverTest,
2596 name: "ALPNServer-Preferred-Swapped",
2597 config: Config{
2598 NextProtos: []string{"foo", "bar", "baz"},
2599 Bugs: ProtocolBugs{
2600 SwapNPNAndALPN: true,
2601 },
2602 },
2603 flags: []string{
2604 "-expect-advertised-alpn", "\x03foo\x03bar\x03baz",
2605 "-select-alpn", "foo",
2606 "-advertise-npn", "\x03foo\x03bar\x03baz",
2607 },
2608 expectedNextProto: "foo",
2609 expectedNextProtoType: alpn,
2610 resumeSession: true,
David Benjaminae2888f2014-09-06 12:58:58 -0400[diff] [blame]2611 })
Adam Langley38311732014-10-16 19:04:35 -0700[diff] [blame]2612 // Resume with a corrupt ticket.
2613 testCases = append(testCases, testCase{
2614 testType: serverTest,
2615 name: "CorruptTicket",
2616 config: Config{
2617 Bugs: ProtocolBugs{
2618 CorruptTicket: true,
2619 },
2620 },
2621 resumeSession: true,
2622 flags: []string{"-expect-session-miss"},
2623 })
2624 // Resume with an oversized session id.
2625 testCases = append(testCases, testCase{
2626 testType: serverTest,
2627 name: "OversizedSessionId",
2628 config: Config{
2629 Bugs: ProtocolBugs{
2630 OversizedSessionId: true,
2631 },
2632 },
2633 resumeSession: true,
Adam Langley75712922014-10-10 16:23:43 -0700[diff] [blame]2634 shouldFail: true,
Adam Langley38311732014-10-16 19:04:35 -0700[diff] [blame]2635 expectedError: ":DECODE_ERROR:",
2636 })
David Benjaminca6c8262014-11-15 19:06:08 -0500[diff] [blame]2637 // Basic DTLS-SRTP tests. Include fake profiles to ensure they
2638 // are ignored.
2639 testCases = append(testCases, testCase{
2640 protocol: dtls,
2641 name: "SRTP-Client",
2642 config: Config{
2643 SRTPProtectionProfiles: []uint16{40, SRTP_AES128_CM_HMAC_SHA1_80, 42},
2644 },
2645 flags: []string{
2646 "-srtp-profiles",
2647 "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32",
2648 },
2649 expectedSRTPProtectionProfile: SRTP_AES128_CM_HMAC_SHA1_80,
2650 })
2651 testCases = append(testCases, testCase{
2652 protocol: dtls,
2653 testType: serverTest,
2654 name: "SRTP-Server",
2655 config: Config{
2656 SRTPProtectionProfiles: []uint16{40, SRTP_AES128_CM_HMAC_SHA1_80, 42},
2657 },
2658 flags: []string{
2659 "-srtp-profiles",
2660 "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32",
2661 },
2662 expectedSRTPProtectionProfile: SRTP_AES128_CM_HMAC_SHA1_80,
2663 })
2664 // Test that the MKI is ignored.
2665 testCases = append(testCases, testCase{
2666 protocol: dtls,
2667 testType: serverTest,
2668 name: "SRTP-Server-IgnoreMKI",
2669 config: Config{
2670 SRTPProtectionProfiles: []uint16{SRTP_AES128_CM_HMAC_SHA1_80},
2671 Bugs: ProtocolBugs{
2672 SRTPMasterKeyIdentifer: "bogus",
2673 },
2674 },
2675 flags: []string{
2676 "-srtp-profiles",
2677 "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32",
2678 },
2679 expectedSRTPProtectionProfile: SRTP_AES128_CM_HMAC_SHA1_80,
2680 })
2681 // Test that SRTP isn't negotiated on the server if there were
2682 // no matching profiles.
2683 testCases = append(testCases, testCase{
2684 protocol: dtls,
2685 testType: serverTest,
2686 name: "SRTP-Server-NoMatch",
2687 config: Config{
2688 SRTPProtectionProfiles: []uint16{100, 101, 102},
2689 },
2690 flags: []string{
2691 "-srtp-profiles",
2692 "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32",
2693 },
2694 expectedSRTPProtectionProfile: 0,
2695 })
2696 // Test that the server returning an invalid SRTP profile is
2697 // flagged as an error by the client.
2698 testCases = append(testCases, testCase{
2699 protocol: dtls,
2700 name: "SRTP-Client-NoMatch",
2701 config: Config{
2702 Bugs: ProtocolBugs{
2703 SendSRTPProtectionProfile: SRTP_AES128_CM_HMAC_SHA1_32,
2704 },
2705 },
2706 flags: []string{
2707 "-srtp-profiles",
2708 "SRTP_AES128_CM_SHA1_80",
2709 },
2710 shouldFail: true,
2711 expectedError: ":BAD_SRTP_PROTECTION_PROFILE_LIST:",
2712 })
David Benjamin61f95272014-11-25 01:55:35 -0500[diff] [blame]2713 // Test OCSP stapling and SCT list.
2714 testCases = append(testCases, testCase{
2715 name: "OCSPStapling",
2716 flags: []string{
2717 "-enable-ocsp-stapling",
2718 "-expect-ocsp-response",
2719 base64.StdEncoding.EncodeToString(testOCSPResponse),
2720 },
2721 })
2722 testCases = append(testCases, testCase{
2723 name: "SignedCertificateTimestampList",
2724 flags: []string{
2725 "-enable-signed-cert-timestamps",
2726 "-expect-signed-cert-timestamps",
2727 base64.StdEncoding.EncodeToString(testSCTList),
2728 },
2729 })
David Benjamine78bfde2014-09-06 12:45:15 -0400[diff] [blame]2730}
2731
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]2732func addResumptionVersionTests() {
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]2733 for _, sessionVers := range tlsVersions {
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]2734 for _, resumeVers := range tlsVersions {
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2735 protocols := []protocol{tls}
2736 if sessionVers.hasDTLS && resumeVers.hasDTLS {
2737 protocols = append(protocols, dtls)
David Benjaminbdf5e722014-11-11 00:52:15 -0500[diff] [blame]2738 }
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2739 for _, protocol := range protocols {
2740 suffix := "-" + sessionVers.name + "-" + resumeVers.name
2741 if protocol == dtls {
2742 suffix += "-DTLS"
2743 }
2744
David Benjaminece3de92015-03-16 18:02:20 -0400[diff] [blame]2745 if sessionVers.version == resumeVers.version {
2746 testCases = append(testCases, testCase{
2747 protocol: protocol,
2748 name: "Resume-Client" + suffix,
2749 resumeSession: true,
2750 config: Config{
2751 MaxVersion: sessionVers.version,
2752 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA},
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2753 },
David Benjaminece3de92015-03-16 18:02:20 -0400[diff] [blame]2754 expectedVersion: sessionVers.version,
2755 expectedResumeVersion: resumeVers.version,
2756 })
2757 } else {
2758 testCases = append(testCases, testCase{
2759 protocol: protocol,
2760 name: "Resume-Client-Mismatch" + suffix,
2761 resumeSession: true,
2762 config: Config{
2763 MaxVersion: sessionVers.version,
2764 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA},
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2765 },
David Benjaminece3de92015-03-16 18:02:20 -0400[diff] [blame]2766 expectedVersion: sessionVers.version,
2767 resumeConfig: &Config{
2768 MaxVersion: resumeVers.version,
2769 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA},
2770 Bugs: ProtocolBugs{
2771 AllowSessionVersionMismatch: true,
2772 },
2773 },
2774 expectedResumeVersion: resumeVers.version,
2775 shouldFail: true,
2776 expectedError: ":OLD_SESSION_VERSION_NOT_RETURNED:",
2777 })
2778 }
David Benjamin8b8c0062014-11-23 02:47:52 -0500[diff] [blame]2779
2780 testCases = append(testCases, testCase{
2781 protocol: protocol,
2782 name: "Resume-Client-NoResume" + suffix,
2783 flags: []string{"-expect-session-miss"},
2784 resumeSession: true,
2785 config: Config{
2786 MaxVersion: sessionVers.version,
2787 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA},
2788 },
2789 expectedVersion: sessionVers.version,
2790 resumeConfig: &Config{
2791 MaxVersion: resumeVers.version,
2792 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA},
2793 },
2794 newSessionsOnResume: true,
2795 expectedResumeVersion: resumeVers.version,
2796 })
2797
2798 var flags []string
2799 if sessionVers.version != resumeVers.version {
2800 flags = append(flags, "-expect-session-miss")
2801 }
2802 testCases = append(testCases, testCase{
2803 protocol: protocol,
2804 testType: serverTest,
2805 name: "Resume-Server" + suffix,
2806 flags: flags,
2807 resumeSession: true,
2808 config: Config{
2809 MaxVersion: sessionVers.version,
2810 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA},
2811 },
2812 expectedVersion: sessionVers.version,
2813 resumeConfig: &Config{
2814 MaxVersion: resumeVers.version,
2815 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA},
2816 },
2817 expectedResumeVersion: resumeVers.version,
2818 })
2819 }
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]2820 }
2821 }
David Benjaminece3de92015-03-16 18:02:20 -0400[diff] [blame]2822
2823 testCases = append(testCases, testCase{
2824 name: "Resume-Client-CipherMismatch",
2825 resumeSession: true,
2826 config: Config{
2827 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256},
2828 },
2829 resumeConfig: &Config{
2830 CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256},
2831 Bugs: ProtocolBugs{
2832 SendCipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA,
2833 },
2834 },
2835 shouldFail: true,
2836 expectedError: ":OLD_SESSION_CIPHER_NOT_RETURNED:",
2837 })
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]2838}
2839
Adam Langley2ae77d22014-10-28 17:29:33 -0700[diff] [blame]2840func addRenegotiationTests() {
2841 testCases = append(testCases, testCase{
2842 testType: serverTest,
2843 name: "Renegotiate-Server",
2844 flags: []string{"-renegotiate"},
2845 shimWritesFirst: true,
2846 })
2847 testCases = append(testCases, testCase{
2848 testType: serverTest,
David Benjamincdea40c2015-03-19 14:09:43 -0400[diff] [blame]2849 name: "Renegotiate-Server-Full",
2850 config: Config{
2851 Bugs: ProtocolBugs{
2852 NeverResumeOnRenego: true,
2853 },
2854 },
2855 flags: []string{"-renegotiate"},
2856 shimWritesFirst: true,
2857 })
2858 testCases = append(testCases, testCase{
2859 testType: serverTest,
Adam Langley2ae77d22014-10-28 17:29:33 -0700[diff] [blame]2860 name: "Renegotiate-Server-EmptyExt",
2861 config: Config{
2862 Bugs: ProtocolBugs{
2863 EmptyRenegotiationInfo: true,
2864 },
2865 },
2866 flags: []string{"-renegotiate"},
2867 shimWritesFirst: true,
2868 shouldFail: true,
2869 expectedError: ":RENEGOTIATION_MISMATCH:",
2870 })
2871 testCases = append(testCases, testCase{
2872 testType: serverTest,
2873 name: "Renegotiate-Server-BadExt",
2874 config: Config{
2875 Bugs: ProtocolBugs{
2876 BadRenegotiationInfo: true,
2877 },
2878 },
2879 flags: []string{"-renegotiate"},
2880 shimWritesFirst: true,
2881 shouldFail: true,
2882 expectedError: ":RENEGOTIATION_MISMATCH:",
2883 })
David Benjaminca6554b2014-11-08 12:31:52 -0500[diff] [blame]2884 testCases = append(testCases, testCase{
2885 testType: serverTest,
2886 name: "Renegotiate-Server-ClientInitiated",
2887 renegotiate: true,
2888 })
2889 testCases = append(testCases, testCase{
2890 testType: serverTest,
2891 name: "Renegotiate-Server-ClientInitiated-NoExt",
2892 renegotiate: true,
2893 config: Config{
2894 Bugs: ProtocolBugs{
2895 NoRenegotiationInfo: true,
2896 },
2897 },
2898 shouldFail: true,
2899 expectedError: ":UNSAFE_LEGACY_RENEGOTIATION_DISABLED:",
2900 })
2901 testCases = append(testCases, testCase{
2902 testType: serverTest,
2903 name: "Renegotiate-Server-ClientInitiated-NoExt-Allowed",
2904 renegotiate: true,
2905 config: Config{
2906 Bugs: ProtocolBugs{
2907 NoRenegotiationInfo: true,
2908 },
2909 },
2910 flags: []string{"-allow-unsafe-legacy-renegotiation"},
2911 })
David Benjaminb16346b2015-04-08 19:16:58 -0400[diff] [blame]2912 testCases = append(testCases, testCase{
2913 testType: serverTest,
2914 name: "Renegotiate-Server-ClientInitiated-Forbidden",
2915 renegotiate: true,
2916 flags: []string{"-reject-peer-renegotiations"},
2917 shouldFail: true,
2918 expectedError: ":NO_RENEGOTIATION:",
2919 expectedLocalError: "remote error: no renegotiation",
2920 })
David Benjamin3c9746a2015-03-19 15:00:10 -0400[diff] [blame]2921 // Regression test for CVE-2015-0291.
2922 testCases = append(testCases, testCase{
2923 testType: serverTest,
2924 name: "Renegotiate-Server-NoSignatureAlgorithms",
2925 config: Config{
2926 Bugs: ProtocolBugs{
2927 NeverResumeOnRenego: true,
2928 NoSignatureAlgorithmsOnRenego: true,
2929 },
2930 },
2931 flags: []string{"-renegotiate"},
2932 shimWritesFirst: true,
2933 })
Adam Langley2ae77d22014-10-28 17:29:33 -0700[diff] [blame]2934 // TODO(agl): test the renegotiation info SCSV.
Adam Langleycf2d4f42014-10-28 19:06:14 -0700[diff] [blame]2935 testCases = append(testCases, testCase{
2936 name: "Renegotiate-Client",
2937 renegotiate: true,
2938 })
2939 testCases = append(testCases, testCase{
David Benjamincdea40c2015-03-19 14:09:43 -0400[diff] [blame]2940 name: "Renegotiate-Client-Full",
2941 config: Config{
2942 Bugs: ProtocolBugs{
2943 NeverResumeOnRenego: true,
2944 },
2945 },
2946 renegotiate: true,
2947 })
2948 testCases = append(testCases, testCase{
Adam Langleycf2d4f42014-10-28 19:06:14 -0700[diff] [blame]2949 name: "Renegotiate-Client-EmptyExt",
2950 renegotiate: true,
2951 config: Config{
2952 Bugs: ProtocolBugs{
2953 EmptyRenegotiationInfo: true,
2954 },
2955 },
2956 shouldFail: true,
2957 expectedError: ":RENEGOTIATION_MISMATCH:",
2958 })
2959 testCases = append(testCases, testCase{
2960 name: "Renegotiate-Client-BadExt",
2961 renegotiate: true,
2962 config: Config{
2963 Bugs: ProtocolBugs{
2964 BadRenegotiationInfo: true,
2965 },
2966 },
2967 shouldFail: true,
2968 expectedError: ":RENEGOTIATION_MISMATCH:",
2969 })
2970 testCases = append(testCases, testCase{
2971 name: "Renegotiate-Client-SwitchCiphers",
2972 renegotiate: true,
2973 config: Config{
2974 CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA},
2975 },
2976 renegotiateCiphers: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
2977 })
2978 testCases = append(testCases, testCase{
2979 name: "Renegotiate-Client-SwitchCiphers2",
2980 renegotiate: true,
2981 config: Config{
2982 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
2983 },
2984 renegotiateCiphers: []uint16{TLS_RSA_WITH_RC4_128_SHA},
2985 })
David Benjaminc44b1df2014-11-23 12:11:01 -0500[diff] [blame]2986 testCases = append(testCases, testCase{
David Benjaminb16346b2015-04-08 19:16:58 -0400[diff] [blame]2987 name: "Renegotiate-Client-Forbidden",
2988 renegotiate: true,
2989 flags: []string{"-reject-peer-renegotiations"},
2990 shouldFail: true,
2991 expectedError: ":NO_RENEGOTIATION:",
2992 expectedLocalError: "remote error: no renegotiation",
2993 })
2994 testCases = append(testCases, testCase{
David Benjaminc44b1df2014-11-23 12:11:01 -0500[diff] [blame]2995 name: "Renegotiate-SameClientVersion",
2996 renegotiate: true,
2997 config: Config{
2998 MaxVersion: VersionTLS10,
2999 Bugs: ProtocolBugs{
3000 RequireSameRenegoClientVersion: true,
3001 },
3002 },
3003 })
Adam Langley2ae77d22014-10-28 17:29:33 -0700[diff] [blame]3004}
3005
David Benjamin5e961c12014-11-07 01:48:35 -0500[diff] [blame]3006func addDTLSReplayTests() {
3007 // Test that sequence number replays are detected.
3008 testCases = append(testCases, testCase{
3009 protocol: dtls,
3010 name: "DTLS-Replay",
3011 replayWrites: true,
3012 })
3013
3014 // Test the outgoing sequence number skipping by values larger
3015 // than the retransmit window.
3016 testCases = append(testCases, testCase{
3017 protocol: dtls,
3018 name: "DTLS-Replay-LargeGaps",
3019 config: Config{
3020 Bugs: ProtocolBugs{
3021 SequenceNumberIncrement: 127,
3022 },
3023 },
3024 replayWrites: true,
3025 })
3026}
3027
Feng Lu41aa3252014-11-21 22:47:56 -0800[diff] [blame]3028func addFastRadioPaddingTests() {
David Benjamin1e29a6b2014-12-10 02:27:24 -0500[diff] [blame]3029 testCases = append(testCases, testCase{
3030 protocol: tls,
3031 name: "FastRadio-Padding",
Feng Lu41aa3252014-11-21 22:47:56 -0800[diff] [blame]3032 config: Config{
3033 Bugs: ProtocolBugs{
3034 RequireFastradioPadding: true,
3035 },
3036 },
David Benjamin1e29a6b2014-12-10 02:27:24 -0500[diff] [blame]3037 flags: []string{"-fastradio-padding"},
Feng Lu41aa3252014-11-21 22:47:56 -0800[diff] [blame]3038 })
David Benjamin1e29a6b2014-12-10 02:27:24 -0500[diff] [blame]3039 testCases = append(testCases, testCase{
3040 protocol: dtls,
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3041 name: "FastRadio-Padding-DTLS",
Feng Lu41aa3252014-11-21 22:47:56 -0800[diff] [blame]3042 config: Config{
3043 Bugs: ProtocolBugs{
3044 RequireFastradioPadding: true,
3045 },
3046 },
David Benjamin1e29a6b2014-12-10 02:27:24 -0500[diff] [blame]3047 flags: []string{"-fastradio-padding"},
Feng Lu41aa3252014-11-21 22:47:56 -0800[diff] [blame]3048 })
3049}
3050
David Benjamin000800a2014-11-14 01:43:59 -0500[diff] [blame]3051var testHashes = []struct {
3052 name string
3053 id uint8
3054}{
3055 {"SHA1", hashSHA1},
3056 {"SHA224", hashSHA224},
3057 {"SHA256", hashSHA256},
3058 {"SHA384", hashSHA384},
3059 {"SHA512", hashSHA512},
3060}
3061
3062func addSigningHashTests() {
3063 // Make sure each hash works. Include some fake hashes in the list and
3064 // ensure they're ignored.
3065 for _, hash := range testHashes {
3066 testCases = append(testCases, testCase{
3067 name: "SigningHash-ClientAuth-" + hash.name,
3068 config: Config{
3069 ClientAuth: RequireAnyClientCert,
3070 SignatureAndHashes: []signatureAndHash{
3071 {signatureRSA, 42},
3072 {signatureRSA, hash.id},
3073 {signatureRSA, 255},
3074 },
3075 },
3076 flags: []string{
3077 "-cert-file", rsaCertificateFile,
3078 "-key-file", rsaKeyFile,
3079 },
3080 })
3081
3082 testCases = append(testCases, testCase{
3083 testType: serverTest,
3084 name: "SigningHash-ServerKeyExchange-Sign-" + hash.name,
3085 config: Config{
3086 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
3087 SignatureAndHashes: []signatureAndHash{
3088 {signatureRSA, 42},
3089 {signatureRSA, hash.id},
3090 {signatureRSA, 255},
3091 },
3092 },
3093 })
3094 }
3095
3096 // Test that hash resolution takes the signature type into account.
3097 testCases = append(testCases, testCase{
3098 name: "SigningHash-ClientAuth-SignatureType",
3099 config: Config{
3100 ClientAuth: RequireAnyClientCert,
3101 SignatureAndHashes: []signatureAndHash{
3102 {signatureECDSA, hashSHA512},
3103 {signatureRSA, hashSHA384},
3104 {signatureECDSA, hashSHA1},
3105 },
3106 },
3107 flags: []string{
3108 "-cert-file", rsaCertificateFile,
3109 "-key-file", rsaKeyFile,
3110 },
3111 })
3112
3113 testCases = append(testCases, testCase{
3114 testType: serverTest,
3115 name: "SigningHash-ServerKeyExchange-SignatureType",
3116 config: Config{
3117 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
3118 SignatureAndHashes: []signatureAndHash{
3119 {signatureECDSA, hashSHA512},
3120 {signatureRSA, hashSHA384},
3121 {signatureECDSA, hashSHA1},
3122 },
3123 },
3124 })
3125
3126 // Test that, if the list is missing, the peer falls back to SHA-1.
3127 testCases = append(testCases, testCase{
3128 name: "SigningHash-ClientAuth-Fallback",
3129 config: Config{
3130 ClientAuth: RequireAnyClientCert,
3131 SignatureAndHashes: []signatureAndHash{
3132 {signatureRSA, hashSHA1},
3133 },
3134 Bugs: ProtocolBugs{
3135 NoSignatureAndHashes: true,
3136 },
3137 },
3138 flags: []string{
3139 "-cert-file", rsaCertificateFile,
3140 "-key-file", rsaKeyFile,
3141 },
3142 })
3143
3144 testCases = append(testCases, testCase{
3145 testType: serverTest,
3146 name: "SigningHash-ServerKeyExchange-Fallback",
3147 config: Config{
3148 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
3149 SignatureAndHashes: []signatureAndHash{
3150 {signatureRSA, hashSHA1},
3151 },
3152 Bugs: ProtocolBugs{
3153 NoSignatureAndHashes: true,
3154 },
3155 },
3156 })
David Benjamin72dc7832015-03-16 17:49:43 -0400[diff] [blame]3157
3158 // Test that hash preferences are enforced. BoringSSL defaults to
3159 // rejecting MD5 signatures.
3160 testCases = append(testCases, testCase{
3161 testType: serverTest,
3162 name: "SigningHash-ClientAuth-Enforced",
3163 config: Config{
3164 Certificates: []Certificate{rsaCertificate},
3165 SignatureAndHashes: []signatureAndHash{
3166 {signatureRSA, hashMD5},
3167 // Advertise SHA-1 so the handshake will
3168 // proceed, but the shim's preferences will be
3169 // ignored in CertificateVerify generation, so
3170 // MD5 will be chosen.
3171 {signatureRSA, hashSHA1},
3172 },
3173 Bugs: ProtocolBugs{
3174 IgnorePeerSignatureAlgorithmPreferences: true,
3175 },
3176 },
3177 flags: []string{"-require-any-client-certificate"},
3178 shouldFail: true,
3179 expectedError: ":WRONG_SIGNATURE_TYPE:",
3180 })
3181
3182 testCases = append(testCases, testCase{
3183 name: "SigningHash-ServerKeyExchange-Enforced",
3184 config: Config{
3185 CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
3186 SignatureAndHashes: []signatureAndHash{
3187 {signatureRSA, hashMD5},
3188 },
3189 Bugs: ProtocolBugs{
3190 IgnorePeerSignatureAlgorithmPreferences: true,
3191 },
3192 },
3193 shouldFail: true,
3194 expectedError: ":WRONG_SIGNATURE_TYPE:",
3195 })
David Benjamin000800a2014-11-14 01:43:59 -0500[diff] [blame]3196}
3197
David Benjamin83f90402015-01-27 01:09:43 -0500[diff] [blame]3198// timeouts is the retransmit schedule for BoringSSL. It doubles and
3199// caps at 60 seconds. On the 13th timeout, it gives up.
3200var timeouts = []time.Duration{
3201 1 * time.Second,
3202 2 * time.Second,
3203 4 * time.Second,
3204 8 * time.Second,
3205 16 * time.Second,
3206 32 * time.Second,
3207 60 * time.Second,
3208 60 * time.Second,
3209 60 * time.Second,
3210 60 * time.Second,
3211 60 * time.Second,
3212 60 * time.Second,
3213 60 * time.Second,
3214}
3215
3216func addDTLSRetransmitTests() {
3217 // Test that this is indeed the timeout schedule. Stress all
3218 // four patterns of handshake.
3219 for i := 1; i < len(timeouts); i++ {
3220 number := strconv.Itoa(i)
3221 testCases = append(testCases, testCase{
3222 protocol: dtls,
3223 name: "DTLS-Retransmit-Client-" + number,
3224 config: Config{
3225 Bugs: ProtocolBugs{
3226 TimeoutSchedule: timeouts[:i],
3227 },
3228 },
3229 resumeSession: true,
3230 flags: []string{"-async"},
3231 })
3232 testCases = append(testCases, testCase{
3233 protocol: dtls,
3234 testType: serverTest,
3235 name: "DTLS-Retransmit-Server-" + number,
3236 config: Config{
3237 Bugs: ProtocolBugs{
3238 TimeoutSchedule: timeouts[:i],
3239 },
3240 },
3241 resumeSession: true,
3242 flags: []string{"-async"},
3243 })
3244 }
3245
3246 // Test that exceeding the timeout schedule hits a read
3247 // timeout.
3248 testCases = append(testCases, testCase{
3249 protocol: dtls,
3250 name: "DTLS-Retransmit-Timeout",
3251 config: Config{
3252 Bugs: ProtocolBugs{
3253 TimeoutSchedule: timeouts,
3254 },
3255 },
3256 resumeSession: true,
3257 flags: []string{"-async"},
3258 shouldFail: true,
3259 expectedError: ":READ_TIMEOUT_EXPIRED:",
3260 })
3261
3262 // Test that timeout handling has a fudge factor, due to API
3263 // problems.
3264 testCases = append(testCases, testCase{
3265 protocol: dtls,
3266 name: "DTLS-Retransmit-Fudge",
3267 config: Config{
3268 Bugs: ProtocolBugs{
3269 TimeoutSchedule: []time.Duration{
3270 timeouts[0] - 10*time.Millisecond,
3271 },
3272 },
3273 },
3274 resumeSession: true,
3275 flags: []string{"-async"},
3276 })
David Benjamin7eaab4c2015-03-02 19:01:16 -0500[diff] [blame]3277
3278 // Test that the final Finished retransmitting isn't
3279 // duplicated if the peer badly fragments everything.
3280 testCases = append(testCases, testCase{
3281 testType: serverTest,
3282 protocol: dtls,
3283 name: "DTLS-Retransmit-Fragmented",
3284 config: Config{
3285 Bugs: ProtocolBugs{
3286 TimeoutSchedule: []time.Duration{timeouts[0]},
3287 MaxHandshakeRecordLength: 2,
3288 },
3289 },
3290 flags: []string{"-async"},
3291 })
David Benjamin83f90402015-01-27 01:09:43 -0500[diff] [blame]3292}
3293
David Benjaminc565ebb2015-04-03 04:06:36 -0400[diff] [blame]3294func addExportKeyingMaterialTests() {
3295 for _, vers := range tlsVersions {
3296 if vers.version == VersionSSL30 {
3297 continue
3298 }
3299 testCases = append(testCases, testCase{
3300 name: "ExportKeyingMaterial-" + vers.name,
3301 config: Config{
3302 MaxVersion: vers.version,
3303 },
3304 exportKeyingMaterial: 1024,
3305 exportLabel: "label",
3306 exportContext: "context",
3307 useExportContext: true,
3308 })
3309 testCases = append(testCases, testCase{
3310 name: "ExportKeyingMaterial-NoContext-" + vers.name,
3311 config: Config{
3312 MaxVersion: vers.version,
3313 },
3314 exportKeyingMaterial: 1024,
3315 })
3316 testCases = append(testCases, testCase{
3317 name: "ExportKeyingMaterial-EmptyContext-" + vers.name,
3318 config: Config{
3319 MaxVersion: vers.version,
3320 },
3321 exportKeyingMaterial: 1024,
3322 useExportContext: true,
3323 })
3324 testCases = append(testCases, testCase{
3325 name: "ExportKeyingMaterial-Small-" + vers.name,
3326 config: Config{
3327 MaxVersion: vers.version,
3328 },
3329 exportKeyingMaterial: 1,
3330 exportLabel: "label",
3331 exportContext: "context",
3332 useExportContext: true,
3333 })
3334 }
3335 testCases = append(testCases, testCase{
3336 name: "ExportKeyingMaterial-SSL3",
3337 config: Config{
3338 MaxVersion: VersionSSL30,
3339 },
3340 exportKeyingMaterial: 1024,
3341 exportLabel: "label",
3342 exportContext: "context",
3343 useExportContext: true,
3344 shouldFail: true,
3345 expectedError: "failed to export keying material",
3346 })
3347}
3348
David Benjamin884fdf12014-08-02 15:28:23 -0400[diff] [blame]3349func worker(statusChan chan statusMsg, c chan *testCase, buildDir string, wg *sync.WaitGroup) {
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3350 defer wg.Done()
3351
3352 for test := range c {
Adam Langley69a01602014-11-17 17:26:55 -0800[diff] [blame]3353 var err error
3354
3355 if *mallocTest < 0 {
3356 statusChan <- statusMsg{test: test, started: true}
3357 err = runTest(test, buildDir, -1)
3358 } else {
3359 for mallocNumToFail := int64(*mallocTest); ; mallocNumToFail++ {
3360 statusChan <- statusMsg{test: test, started: true}
3361 if err = runTest(test, buildDir, mallocNumToFail); err != errMoreMallocs {
3362 if err != nil {
3363 fmt.Printf("\n\nmalloc test failed at %d: %s\n", mallocNumToFail, err)
3364 }
3365 break
3366 }
3367 }
3368 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3369 statusChan <- statusMsg{test: test, err: err}
3370 }
3371}
3372
3373type statusMsg struct {
3374 test *testCase
3375 started bool
3376 err error
3377}
3378
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3379func statusPrinter(doneChan chan *testOutput, statusChan chan statusMsg, total int) {
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3380 var started, done, failed, lineLen int
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3381
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3382 testOutput := newTestOutput()
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3383 for msg := range statusChan {
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3384 if !*pipe {
3385 // Erase the previous status line.
David Benjamin87c8a642015-02-21 01:54:29 -0500[diff] [blame]3386 var erase string
3387 for i := 0; i < lineLen; i++ {
3388 erase += "\b \b"
3389 }
3390 fmt.Print(erase)
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3391 }
3392
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3393 if msg.started {
3394 started++
3395 } else {
3396 done++
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3397
3398 if msg.err != nil {
3399 fmt.Printf("FAILED (%s)\n%s\n", msg.test.name, msg.err)
3400 failed++
3401 testOutput.addResult(msg.test.name, "FAIL")
3402 } else {
3403 if *pipe {
3404 // Print each test instead of a status line.
3405 fmt.Printf("PASSED (%s)\n", msg.test.name)
3406 }
3407 testOutput.addResult(msg.test.name, "PASS")
3408 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3409 }
3410
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3411 if !*pipe {
3412 // Print a new status line.
3413 line := fmt.Sprintf("%d/%d/%d/%d", failed, done, started, total)
3414 lineLen = len(line)
3415 os.Stdout.WriteString(line)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3416 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3417 }
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3418
3419 doneChan <- testOutput
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3420}
3421
3422func main() {
3423 var flagTest *string = flag.String("test", "", "The name of a test to run, or empty to run all tests")
David Benjamin2bc8e6f2014-08-02 15:22:37 -0400[diff] [blame]3424 var flagNumWorkers *int = flag.Int("num-workers", runtime.NumCPU(), "The number of workers to run in parallel.")
David Benjamin884fdf12014-08-02 15:28:23 -0400[diff] [blame]3425 var flagBuildDir *string = flag.String("build-dir", "../../../build", "The build directory to run the shim from.")
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3426
3427 flag.Parse()
3428
3429 addCipherSuiteTests()
3430 addBadECDSASignatureTests()
Adam Langley80842bd2014-06-20 12:00:00 -0700[diff] [blame]3431 addCBCPaddingTests()
Kenny Root7fdeaf12014-08-05 15:23:37 -0700[diff] [blame]3432 addCBCSplittingTests()
David Benjamin636293b2014-07-08 17:59:18 -0400[diff] [blame]3433 addClientAuthTests()
Adam Langley524e7172015-02-20 16:04:00 -0800[diff] [blame]3434 addDDoSCallbackTests()
David Benjamin7e2e6cf2014-08-07 17:44:24 -0400[diff] [blame]3435 addVersionNegotiationTests()
David Benjaminaccb4542014-12-12 23:44:33 -0500[diff] [blame]3436 addMinimumVersionTests()
David Benjamin5c24a1d2014-08-31 00:59:27 -0400[diff] [blame]3437 addD5BugTests()
David Benjamine78bfde2014-09-06 12:45:15 -0400[diff] [blame]3438 addExtensionTests()
David Benjamin01fe8202014-09-24 15:21:44 -0400[diff] [blame]3439 addResumptionVersionTests()
Adam Langley75712922014-10-10 16:23:43 -0700[diff] [blame]3440 addExtendedMasterSecretTests()
Adam Langley2ae77d22014-10-28 17:29:33 -0700[diff] [blame]3441 addRenegotiationTests()
David Benjamin5e961c12014-11-07 01:48:35 -0500[diff] [blame]3442 addDTLSReplayTests()
David Benjamin000800a2014-11-14 01:43:59 -0500[diff] [blame]3443 addSigningHashTests()
Feng Lu41aa3252014-11-21 22:47:56 -0800[diff] [blame]3444 addFastRadioPaddingTests()
David Benjamin83f90402015-01-27 01:09:43 -0500[diff] [blame]3445 addDTLSRetransmitTests()
David Benjaminc565ebb2015-04-03 04:06:36 -0400[diff] [blame]3446 addExportKeyingMaterialTests()
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]3447 for _, async := range []bool{false, true} {
3448 for _, splitHandshake := range []bool{false, true} {
David Benjamin6fd297b2014-08-11 18:43:38 -0400[diff] [blame]3449 for _, protocol := range []protocol{tls, dtls} {
3450 addStateMachineCoverageTests(async, splitHandshake, protocol)
3451 }
David Benjamin43ec06f2014-08-05 02:28:57 -0400[diff] [blame]3452 }
3453 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3454
3455 var wg sync.WaitGroup
3456
David Benjamin2bc8e6f2014-08-02 15:22:37 -0400[diff] [blame]3457 numWorkers := *flagNumWorkers
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3458
3459 statusChan := make(chan statusMsg, numWorkers)
3460 testChan := make(chan *testCase, numWorkers)
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3461 doneChan := make(chan *testOutput)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3462
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]3463 go statusPrinter(doneChan, statusChan, len(testCases))
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3464
3465 for i := 0; i < numWorkers; i++ {
3466 wg.Add(1)
David Benjamin884fdf12014-08-02 15:28:23 -0400[diff] [blame]3467 go worker(statusChan, testChan, *flagBuildDir, &wg)
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3468 }
3469
David Benjamin025b3d32014-07-01 19:53:04 -0400[diff] [blame]3470 for i := range testCases {
3471 if len(*flagTest) == 0 || *flagTest == testCases[i].name {
3472 testChan <- &testCases[i]
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3473 }
3474 }
3475
3476 close(testChan)
3477 wg.Wait()
3478 close(statusChan)
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3479 testOutput := <-doneChan
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3480
3481 fmt.Printf("\n")
David Benjamin5f237bc2015-02-11 17:14:15 -0500[diff] [blame]3482
3483 if *jsonOutput != "" {
3484 if err := testOutput.writeTo(*jsonOutput); err != nil {
3485 fmt.Fprintf(os.Stderr, "Error: %s\n", err)
3486 }
3487 }
David Benjamin2ab7a862015-04-04 17:02:18 -0400[diff] [blame]3488
3489 if !testOutput.allPassed {
3490 os.Exit(1)
3491 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]3492}