Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1 | package main |
| 2 | |
| 3 | import ( |
| 4 | "bytes" |
David Benjamin | a08e49d | 2014-08-24 01:46:07 -0400 | [diff] [blame] | 5 | "crypto/ecdsa" |
| 6 | "crypto/elliptic" |
David Benjamin | 407a10c | 2014-07-16 12:58:59 -0400 | [diff] [blame] | 7 | "crypto/x509" |
David Benjamin | 2561dc3 | 2014-08-24 01:25:27 -0400 | [diff] [blame] | 8 | "encoding/base64" |
David Benjamin | a08e49d | 2014-08-24 01:46:07 -0400 | [diff] [blame] | 9 | "encoding/pem" |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 10 | "flag" |
| 11 | "fmt" |
| 12 | "io" |
Kenny Root | 7fdeaf1 | 2014-08-05 15:23:37 -0700 | [diff] [blame] | 13 | "io/ioutil" |
Adam Langley | a7997f1 | 2015-05-14 17:38:50 -0700 | [diff] [blame] | 14 | "math/big" |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 15 | "net" |
| 16 | "os" |
| 17 | "os/exec" |
David Benjamin | 884fdf1 | 2014-08-02 15:28:23 -0400 | [diff] [blame] | 18 | "path" |
David Benjamin | 2bc8e6f | 2014-08-02 15:22:37 -0400 | [diff] [blame] | 19 | "runtime" |
Adam Langley | 69a0160 | 2014-11-17 17:26:55 -0800 | [diff] [blame] | 20 | "strconv" |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 21 | "strings" |
| 22 | "sync" |
| 23 | "syscall" |
David Benjamin | 83f9040 | 2015-01-27 01:09:43 -0500 | [diff] [blame] | 24 | "time" |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 25 | ) |
| 26 | |
Adam Langley | 69a0160 | 2014-11-17 17:26:55 -0800 | [diff] [blame] | 27 | var ( |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 28 | useValgrind = flag.Bool("valgrind", false, "If true, run code under valgrind") |
| 29 | useGDB = flag.Bool("gdb", false, "If true, run BoringSSL code under gdb") |
| 30 | flagDebug = flag.Bool("debug", false, "Hexdump the contents of the connection") |
| 31 | mallocTest = flag.Int64("malloc-test", -1, "If non-negative, run each test with each malloc in turn failing from the given number onwards.") |
| 32 | mallocTestDebug = flag.Bool("malloc-test-debug", false, "If true, ask bssl_shim to abort rather than fail a malloc. This can be used with a specific value for --malloc-test to identity the malloc failing that is causing problems.") |
| 33 | jsonOutput = flag.String("json-output", "", "The file to output JSON results to.") |
| 34 | pipe = flag.Bool("pipe", false, "If true, print status output suitable for piping into another program.") |
Adam Langley | 69a0160 | 2014-11-17 17:26:55 -0800 | [diff] [blame] | 35 | ) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 36 | |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 37 | const ( |
| 38 | rsaCertificateFile = "cert.pem" |
| 39 | ecdsaCertificateFile = "ecdsa_cert.pem" |
| 40 | ) |
| 41 | |
| 42 | const ( |
David Benjamin | a08e49d | 2014-08-24 01:46:07 -0400 | [diff] [blame] | 43 | rsaKeyFile = "key.pem" |
| 44 | ecdsaKeyFile = "ecdsa_key.pem" |
| 45 | channelIDKeyFile = "channel_id_key.pem" |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 46 | ) |
| 47 | |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 48 | var rsaCertificate, ecdsaCertificate Certificate |
David Benjamin | a08e49d | 2014-08-24 01:46:07 -0400 | [diff] [blame] | 49 | var channelIDKey *ecdsa.PrivateKey |
| 50 | var channelIDBytes []byte |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 51 | |
David Benjamin | 61f9527 | 2014-11-25 01:55:35 -0500 | [diff] [blame] | 52 | var testOCSPResponse = []byte{1, 2, 3, 4} |
| 53 | var testSCTList = []byte{5, 6, 7, 8} |
| 54 | |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 55 | func initCertificates() { |
| 56 | var err error |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 57 | rsaCertificate, err = LoadX509KeyPair(rsaCertificateFile, rsaKeyFile) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 58 | if err != nil { |
| 59 | panic(err) |
| 60 | } |
David Benjamin | 61f9527 | 2014-11-25 01:55:35 -0500 | [diff] [blame] | 61 | rsaCertificate.OCSPStaple = testOCSPResponse |
| 62 | rsaCertificate.SignedCertificateTimestampList = testSCTList |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 63 | |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 64 | ecdsaCertificate, err = LoadX509KeyPair(ecdsaCertificateFile, ecdsaKeyFile) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 65 | if err != nil { |
| 66 | panic(err) |
| 67 | } |
David Benjamin | 61f9527 | 2014-11-25 01:55:35 -0500 | [diff] [blame] | 68 | ecdsaCertificate.OCSPStaple = testOCSPResponse |
| 69 | ecdsaCertificate.SignedCertificateTimestampList = testSCTList |
David Benjamin | a08e49d | 2014-08-24 01:46:07 -0400 | [diff] [blame] | 70 | |
| 71 | channelIDPEMBlock, err := ioutil.ReadFile(channelIDKeyFile) |
| 72 | if err != nil { |
| 73 | panic(err) |
| 74 | } |
| 75 | channelIDDERBlock, _ := pem.Decode(channelIDPEMBlock) |
| 76 | if channelIDDERBlock.Type != "EC PRIVATE KEY" { |
| 77 | panic("bad key type") |
| 78 | } |
| 79 | channelIDKey, err = x509.ParseECPrivateKey(channelIDDERBlock.Bytes) |
| 80 | if err != nil { |
| 81 | panic(err) |
| 82 | } |
| 83 | if channelIDKey.Curve != elliptic.P256() { |
| 84 | panic("bad curve") |
| 85 | } |
| 86 | |
| 87 | channelIDBytes = make([]byte, 64) |
| 88 | writeIntPadded(channelIDBytes[:32], channelIDKey.X) |
| 89 | writeIntPadded(channelIDBytes[32:], channelIDKey.Y) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 90 | } |
| 91 | |
| 92 | var certificateOnce sync.Once |
| 93 | |
| 94 | func getRSACertificate() Certificate { |
| 95 | certificateOnce.Do(initCertificates) |
| 96 | return rsaCertificate |
| 97 | } |
| 98 | |
| 99 | func getECDSACertificate() Certificate { |
| 100 | certificateOnce.Do(initCertificates) |
| 101 | return ecdsaCertificate |
| 102 | } |
| 103 | |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 104 | type testType int |
| 105 | |
| 106 | const ( |
| 107 | clientTest testType = iota |
| 108 | serverTest |
| 109 | ) |
| 110 | |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 111 | type protocol int |
| 112 | |
| 113 | const ( |
| 114 | tls protocol = iota |
| 115 | dtls |
| 116 | ) |
| 117 | |
David Benjamin | fc7b086 | 2014-09-06 13:21:53 -0400 | [diff] [blame] | 118 | const ( |
| 119 | alpn = 1 |
| 120 | npn = 2 |
| 121 | ) |
| 122 | |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 123 | type testCase struct { |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 124 | testType testType |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 125 | protocol protocol |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 126 | name string |
| 127 | config Config |
| 128 | shouldFail bool |
| 129 | expectedError string |
Adam Langley | ac61fa3 | 2014-06-23 12:03:11 -0700 | [diff] [blame] | 130 | // expectedLocalError, if not empty, contains a substring that must be |
| 131 | // found in the local error. |
| 132 | expectedLocalError string |
David Benjamin | 7e2e6cf | 2014-08-07 17:44:24 -0400 | [diff] [blame] | 133 | // expectedVersion, if non-zero, specifies the TLS version that must be |
| 134 | // negotiated. |
| 135 | expectedVersion uint16 |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 136 | // expectedResumeVersion, if non-zero, specifies the TLS version that |
| 137 | // must be negotiated on resumption. If zero, expectedVersion is used. |
| 138 | expectedResumeVersion uint16 |
David Benjamin | 90da8c8 | 2015-04-20 14:57:57 -0400 | [diff] [blame] | 139 | // expectedCipher, if non-zero, specifies the TLS cipher suite that |
| 140 | // should be negotiated. |
| 141 | expectedCipher uint16 |
David Benjamin | a08e49d | 2014-08-24 01:46:07 -0400 | [diff] [blame] | 142 | // expectChannelID controls whether the connection should have |
| 143 | // negotiated a Channel ID with channelIDKey. |
| 144 | expectChannelID bool |
David Benjamin | ae2888f | 2014-09-06 12:58:58 -0400 | [diff] [blame] | 145 | // expectedNextProto controls whether the connection should |
| 146 | // negotiate a next protocol via NPN or ALPN. |
| 147 | expectedNextProto string |
David Benjamin | fc7b086 | 2014-09-06 13:21:53 -0400 | [diff] [blame] | 148 | // expectedNextProtoType, if non-zero, is the expected next |
| 149 | // protocol negotiation mechanism. |
| 150 | expectedNextProtoType int |
David Benjamin | ca6c826 | 2014-11-15 19:06:08 -0500 | [diff] [blame] | 151 | // expectedSRTPProtectionProfile is the DTLS-SRTP profile that |
| 152 | // should be negotiated. If zero, none should be negotiated. |
| 153 | expectedSRTPProtectionProfile uint16 |
Adam Langley | 80842bd | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 154 | // messageLen is the length, in bytes, of the test message that will be |
| 155 | // sent. |
| 156 | messageLen int |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 157 | // certFile is the path to the certificate to use for the server. |
| 158 | certFile string |
| 159 | // keyFile is the path to the private key to use for the server. |
| 160 | keyFile string |
David Benjamin | 1d5c83e | 2014-07-22 19:20:02 -0400 | [diff] [blame] | 161 | // resumeSession controls whether a second connection should be tested |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 162 | // which attempts to resume the first session. |
David Benjamin | 1d5c83e | 2014-07-22 19:20:02 -0400 | [diff] [blame] | 163 | resumeSession bool |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 164 | // expectResumeRejected, if true, specifies that the attempted |
| 165 | // resumption must be rejected by the client. This is only valid for a |
| 166 | // serverTest. |
| 167 | expectResumeRejected bool |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 168 | // resumeConfig, if not nil, points to a Config to be used on |
David Benjamin | fe8eb9a | 2014-11-17 03:19:02 -0500 | [diff] [blame] | 169 | // resumption. Unless newSessionsOnResume is set, |
| 170 | // SessionTicketKey, ServerSessionCache, and |
| 171 | // ClientSessionCache are copied from the initial connection's |
| 172 | // config. If nil, the initial connection's config is used. |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 173 | resumeConfig *Config |
David Benjamin | fe8eb9a | 2014-11-17 03:19:02 -0500 | [diff] [blame] | 174 | // newSessionsOnResume, if true, will cause resumeConfig to |
| 175 | // use a different session resumption context. |
| 176 | newSessionsOnResume bool |
David Benjamin | 98e882e | 2014-08-08 13:24:34 -0400 | [diff] [blame] | 177 | // sendPrefix sends a prefix on the socket before actually performing a |
| 178 | // handshake. |
| 179 | sendPrefix string |
David Benjamin | e58c4f5 | 2014-08-24 03:47:07 -0400 | [diff] [blame] | 180 | // shimWritesFirst controls whether the shim sends an initial "hello" |
| 181 | // message before doing a roundtrip with the runner. |
| 182 | shimWritesFirst bool |
Adam Langley | cf2d4f4 | 2014-10-28 19:06:14 -0700 | [diff] [blame] | 183 | // renegotiate indicates the the connection should be renegotiated |
| 184 | // during the exchange. |
| 185 | renegotiate bool |
| 186 | // renegotiateCiphers is a list of ciphersuite ids that will be |
| 187 | // switched in just before renegotiation. |
| 188 | renegotiateCiphers []uint16 |
David Benjamin | 5e961c1 | 2014-11-07 01:48:35 -0500 | [diff] [blame] | 189 | // replayWrites, if true, configures the underlying transport |
| 190 | // to replay every write it makes in DTLS tests. |
| 191 | replayWrites bool |
David Benjamin | 5fa3eba | 2015-01-22 16:35:40 -0500 | [diff] [blame] | 192 | // damageFirstWrite, if true, configures the underlying transport to |
| 193 | // damage the final byte of the first application data write. |
| 194 | damageFirstWrite bool |
David Benjamin | c565ebb | 2015-04-03 04:06:36 -0400 | [diff] [blame] | 195 | // exportKeyingMaterial, if non-zero, configures the test to exchange |
| 196 | // keying material and verify they match. |
| 197 | exportKeyingMaterial int |
| 198 | exportLabel string |
| 199 | exportContext string |
| 200 | useExportContext bool |
David Benjamin | 325b5c3 | 2014-07-01 19:40:31 -0400 | [diff] [blame] | 201 | // flags, if not empty, contains a list of command-line flags that will |
| 202 | // be passed to the shim program. |
| 203 | flags []string |
Adam Langley | af0e32c | 2015-06-03 09:57:23 -0700 | [diff] [blame] | 204 | // testTLSUnique, if true, causes the shim to send the tls-unique value |
| 205 | // which will be compared against the expected value. |
| 206 | testTLSUnique bool |
David Benjamin | a8ebe22 | 2015-06-06 03:04:39 -0400 | [diff] [blame] | 207 | // sendEmptyRecords is the number of consecutive empty records to send |
| 208 | // before and after the test message. |
| 209 | sendEmptyRecords int |
David Benjamin | 24f346d | 2015-06-06 03:28:08 -0400 | [diff] [blame] | 210 | // sendWarningAlerts is the number of consecutive warning alerts to send |
| 211 | // before and after the test message. |
| 212 | sendWarningAlerts int |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 213 | } |
| 214 | |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 215 | var testCases = []testCase{ |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 216 | { |
| 217 | name: "BadRSASignature", |
| 218 | config: Config{ |
| 219 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 220 | Bugs: ProtocolBugs{ |
| 221 | InvalidSKXSignature: true, |
| 222 | }, |
| 223 | }, |
| 224 | shouldFail: true, |
David Benjamin | 25f0846 | 2015-04-15 16:13:49 -0400 | [diff] [blame] | 225 | expectedError: ":BAD_SIGNATURE:", |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 226 | }, |
| 227 | { |
| 228 | name: "BadECDSASignature", |
| 229 | config: Config{ |
| 230 | CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, |
| 231 | Bugs: ProtocolBugs{ |
| 232 | InvalidSKXSignature: true, |
| 233 | }, |
| 234 | Certificates: []Certificate{getECDSACertificate()}, |
| 235 | }, |
| 236 | shouldFail: true, |
| 237 | expectedError: ":BAD_SIGNATURE:", |
| 238 | }, |
| 239 | { |
| 240 | name: "BadECDSACurve", |
| 241 | config: Config{ |
| 242 | CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, |
| 243 | Bugs: ProtocolBugs{ |
| 244 | InvalidSKXCurve: true, |
| 245 | }, |
| 246 | Certificates: []Certificate{getECDSACertificate()}, |
| 247 | }, |
| 248 | shouldFail: true, |
| 249 | expectedError: ":WRONG_CURVE:", |
| 250 | }, |
Adam Langley | ac61fa3 | 2014-06-23 12:03:11 -0700 | [diff] [blame] | 251 | { |
David Benjamin | a8e3e0e | 2014-08-06 22:11:10 -0400 | [diff] [blame] | 252 | testType: serverTest, |
| 253 | name: "BadRSAVersion", |
| 254 | config: Config{ |
| 255 | CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, |
| 256 | Bugs: ProtocolBugs{ |
| 257 | RsaClientKeyExchangeVersion: VersionTLS11, |
| 258 | }, |
| 259 | }, |
| 260 | shouldFail: true, |
| 261 | expectedError: ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:", |
| 262 | }, |
| 263 | { |
David Benjamin | 325b5c3 | 2014-07-01 19:40:31 -0400 | [diff] [blame] | 264 | name: "NoFallbackSCSV", |
Adam Langley | ac61fa3 | 2014-06-23 12:03:11 -0700 | [diff] [blame] | 265 | config: Config{ |
| 266 | Bugs: ProtocolBugs{ |
| 267 | FailIfNotFallbackSCSV: true, |
| 268 | }, |
| 269 | }, |
| 270 | shouldFail: true, |
| 271 | expectedLocalError: "no fallback SCSV found", |
| 272 | }, |
David Benjamin | 325b5c3 | 2014-07-01 19:40:31 -0400 | [diff] [blame] | 273 | { |
David Benjamin | 2a0c496 | 2014-08-22 23:46:35 -0400 | [diff] [blame] | 274 | name: "SendFallbackSCSV", |
David Benjamin | 325b5c3 | 2014-07-01 19:40:31 -0400 | [diff] [blame] | 275 | config: Config{ |
| 276 | Bugs: ProtocolBugs{ |
| 277 | FailIfNotFallbackSCSV: true, |
| 278 | }, |
| 279 | }, |
| 280 | flags: []string{"-fallback-scsv"}, |
| 281 | }, |
David Benjamin | 197b3ab | 2014-07-02 18:37:33 -0400 | [diff] [blame] | 282 | { |
David Benjamin | 7b03051 | 2014-07-08 17:30:11 -0400 | [diff] [blame] | 283 | name: "ClientCertificateTypes", |
| 284 | config: Config{ |
| 285 | ClientAuth: RequestClientCert, |
| 286 | ClientCertificateTypes: []byte{ |
| 287 | CertTypeDSSSign, |
| 288 | CertTypeRSASign, |
| 289 | CertTypeECDSASign, |
| 290 | }, |
| 291 | }, |
David Benjamin | 2561dc3 | 2014-08-24 01:25:27 -0400 | [diff] [blame] | 292 | flags: []string{ |
| 293 | "-expect-certificate-types", |
| 294 | base64.StdEncoding.EncodeToString([]byte{ |
| 295 | CertTypeDSSSign, |
| 296 | CertTypeRSASign, |
| 297 | CertTypeECDSASign, |
| 298 | }), |
| 299 | }, |
David Benjamin | 7b03051 | 2014-07-08 17:30:11 -0400 | [diff] [blame] | 300 | }, |
David Benjamin | 636293b | 2014-07-08 17:59:18 -0400 | [diff] [blame] | 301 | { |
| 302 | name: "NoClientCertificate", |
| 303 | config: Config{ |
| 304 | ClientAuth: RequireAnyClientCert, |
| 305 | }, |
| 306 | shouldFail: true, |
| 307 | expectedLocalError: "client didn't provide a certificate", |
| 308 | }, |
David Benjamin | 1c375dd | 2014-07-12 00:48:23 -0400 | [diff] [blame] | 309 | { |
| 310 | name: "UnauthenticatedECDH", |
| 311 | config: Config{ |
| 312 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 313 | Bugs: ProtocolBugs{ |
| 314 | UnauthenticatedECDH: true, |
| 315 | }, |
| 316 | }, |
| 317 | shouldFail: true, |
David Benjamin | e8f3d66 | 2014-07-12 01:10:19 -0400 | [diff] [blame] | 318 | expectedError: ":UNEXPECTED_MESSAGE:", |
David Benjamin | 1c375dd | 2014-07-12 00:48:23 -0400 | [diff] [blame] | 319 | }, |
David Benjamin | 9c651c9 | 2014-07-12 13:27:45 -0400 | [diff] [blame] | 320 | { |
David Benjamin | dcd979f | 2015-04-20 18:26:52 -0400 | [diff] [blame] | 321 | name: "SkipCertificateStatus", |
| 322 | config: Config{ |
| 323 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 324 | Bugs: ProtocolBugs{ |
| 325 | SkipCertificateStatus: true, |
| 326 | }, |
| 327 | }, |
| 328 | flags: []string{ |
| 329 | "-enable-ocsp-stapling", |
| 330 | }, |
| 331 | }, |
| 332 | { |
David Benjamin | 9c651c9 | 2014-07-12 13:27:45 -0400 | [diff] [blame] | 333 | name: "SkipServerKeyExchange", |
| 334 | config: Config{ |
| 335 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 336 | Bugs: ProtocolBugs{ |
| 337 | SkipServerKeyExchange: true, |
| 338 | }, |
| 339 | }, |
| 340 | shouldFail: true, |
| 341 | expectedError: ":UNEXPECTED_MESSAGE:", |
| 342 | }, |
David Benjamin | 1f5f62b | 2014-07-12 16:18:02 -0400 | [diff] [blame] | 343 | { |
David Benjamin | a0e5223 | 2014-07-19 17:39:58 -0400 | [diff] [blame] | 344 | name: "SkipChangeCipherSpec-Client", |
| 345 | config: Config{ |
| 346 | Bugs: ProtocolBugs{ |
| 347 | SkipChangeCipherSpec: true, |
| 348 | }, |
| 349 | }, |
| 350 | shouldFail: true, |
David Benjamin | 86271ee | 2014-07-21 16:14:03 -0400 | [diff] [blame] | 351 | expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:", |
David Benjamin | a0e5223 | 2014-07-19 17:39:58 -0400 | [diff] [blame] | 352 | }, |
| 353 | { |
| 354 | testType: serverTest, |
| 355 | name: "SkipChangeCipherSpec-Server", |
| 356 | config: Config{ |
| 357 | Bugs: ProtocolBugs{ |
| 358 | SkipChangeCipherSpec: true, |
| 359 | }, |
| 360 | }, |
| 361 | shouldFail: true, |
David Benjamin | 86271ee | 2014-07-21 16:14:03 -0400 | [diff] [blame] | 362 | expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:", |
David Benjamin | a0e5223 | 2014-07-19 17:39:58 -0400 | [diff] [blame] | 363 | }, |
David Benjamin | 42be645 | 2014-07-21 14:50:23 -0400 | [diff] [blame] | 364 | { |
| 365 | testType: serverTest, |
| 366 | name: "SkipChangeCipherSpec-Server-NPN", |
| 367 | config: Config{ |
| 368 | NextProtos: []string{"bar"}, |
| 369 | Bugs: ProtocolBugs{ |
| 370 | SkipChangeCipherSpec: true, |
| 371 | }, |
| 372 | }, |
| 373 | flags: []string{ |
| 374 | "-advertise-npn", "\x03foo\x03bar\x03baz", |
| 375 | }, |
| 376 | shouldFail: true, |
David Benjamin | 86271ee | 2014-07-21 16:14:03 -0400 | [diff] [blame] | 377 | expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:", |
| 378 | }, |
| 379 | { |
| 380 | name: "FragmentAcrossChangeCipherSpec-Client", |
| 381 | config: Config{ |
| 382 | Bugs: ProtocolBugs{ |
| 383 | FragmentAcrossChangeCipherSpec: true, |
| 384 | }, |
| 385 | }, |
| 386 | shouldFail: true, |
| 387 | expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:", |
| 388 | }, |
| 389 | { |
| 390 | testType: serverTest, |
| 391 | name: "FragmentAcrossChangeCipherSpec-Server", |
| 392 | config: Config{ |
| 393 | Bugs: ProtocolBugs{ |
| 394 | FragmentAcrossChangeCipherSpec: true, |
| 395 | }, |
| 396 | }, |
| 397 | shouldFail: true, |
| 398 | expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:", |
| 399 | }, |
| 400 | { |
| 401 | testType: serverTest, |
| 402 | name: "FragmentAcrossChangeCipherSpec-Server-NPN", |
| 403 | config: Config{ |
| 404 | NextProtos: []string{"bar"}, |
| 405 | Bugs: ProtocolBugs{ |
| 406 | FragmentAcrossChangeCipherSpec: true, |
| 407 | }, |
| 408 | }, |
| 409 | flags: []string{ |
| 410 | "-advertise-npn", "\x03foo\x03bar\x03baz", |
| 411 | }, |
| 412 | shouldFail: true, |
| 413 | expectedError: ":HANDSHAKE_RECORD_BEFORE_CCS:", |
David Benjamin | 42be645 | 2014-07-21 14:50:23 -0400 | [diff] [blame] | 414 | }, |
David Benjamin | f3ec83d | 2014-07-21 22:42:34 -0400 | [diff] [blame] | 415 | { |
| 416 | testType: serverTest, |
David Benjamin | 3fd1fbd | 2015-02-03 16:07:32 -0500 | [diff] [blame] | 417 | name: "Alert", |
| 418 | config: Config{ |
| 419 | Bugs: ProtocolBugs{ |
| 420 | SendSpuriousAlert: alertRecordOverflow, |
| 421 | }, |
| 422 | }, |
| 423 | shouldFail: true, |
| 424 | expectedError: ":TLSV1_ALERT_RECORD_OVERFLOW:", |
| 425 | }, |
| 426 | { |
| 427 | protocol: dtls, |
| 428 | testType: serverTest, |
| 429 | name: "Alert-DTLS", |
| 430 | config: Config{ |
| 431 | Bugs: ProtocolBugs{ |
| 432 | SendSpuriousAlert: alertRecordOverflow, |
| 433 | }, |
| 434 | }, |
| 435 | shouldFail: true, |
| 436 | expectedError: ":TLSV1_ALERT_RECORD_OVERFLOW:", |
| 437 | }, |
| 438 | { |
| 439 | testType: serverTest, |
Alex Chernyakhovsky | 4cd8c43 | 2014-11-01 19:39:08 -0400 | [diff] [blame] | 440 | name: "FragmentAlert", |
| 441 | config: Config{ |
| 442 | Bugs: ProtocolBugs{ |
David Benjamin | ca6c826 | 2014-11-15 19:06:08 -0500 | [diff] [blame] | 443 | FragmentAlert: true, |
David Benjamin | 3fd1fbd | 2015-02-03 16:07:32 -0500 | [diff] [blame] | 444 | SendSpuriousAlert: alertRecordOverflow, |
Alex Chernyakhovsky | 4cd8c43 | 2014-11-01 19:39:08 -0400 | [diff] [blame] | 445 | }, |
| 446 | }, |
| 447 | shouldFail: true, |
| 448 | expectedError: ":BAD_ALERT:", |
| 449 | }, |
| 450 | { |
David Benjamin | 0ea8dda | 2015-01-31 20:33:40 -0500 | [diff] [blame] | 451 | protocol: dtls, |
| 452 | testType: serverTest, |
| 453 | name: "FragmentAlert-DTLS", |
| 454 | config: Config{ |
| 455 | Bugs: ProtocolBugs{ |
| 456 | FragmentAlert: true, |
David Benjamin | 3fd1fbd | 2015-02-03 16:07:32 -0500 | [diff] [blame] | 457 | SendSpuriousAlert: alertRecordOverflow, |
David Benjamin | 0ea8dda | 2015-01-31 20:33:40 -0500 | [diff] [blame] | 458 | }, |
| 459 | }, |
| 460 | shouldFail: true, |
| 461 | expectedError: ":BAD_ALERT:", |
| 462 | }, |
| 463 | { |
Alex Chernyakhovsky | 4cd8c43 | 2014-11-01 19:39:08 -0400 | [diff] [blame] | 464 | testType: serverTest, |
David Benjamin | f3ec83d | 2014-07-21 22:42:34 -0400 | [diff] [blame] | 465 | name: "EarlyChangeCipherSpec-server-1", |
| 466 | config: Config{ |
| 467 | Bugs: ProtocolBugs{ |
| 468 | EarlyChangeCipherSpec: 1, |
| 469 | }, |
| 470 | }, |
| 471 | shouldFail: true, |
| 472 | expectedError: ":CCS_RECEIVED_EARLY:", |
| 473 | }, |
| 474 | { |
| 475 | testType: serverTest, |
| 476 | name: "EarlyChangeCipherSpec-server-2", |
| 477 | config: Config{ |
| 478 | Bugs: ProtocolBugs{ |
| 479 | EarlyChangeCipherSpec: 2, |
| 480 | }, |
| 481 | }, |
| 482 | shouldFail: true, |
| 483 | expectedError: ":CCS_RECEIVED_EARLY:", |
| 484 | }, |
David Benjamin | d23f412 | 2014-07-23 15:09:48 -0400 | [diff] [blame] | 485 | { |
David Benjamin | d23f412 | 2014-07-23 15:09:48 -0400 | [diff] [blame] | 486 | name: "SkipNewSessionTicket", |
| 487 | config: Config{ |
| 488 | Bugs: ProtocolBugs{ |
| 489 | SkipNewSessionTicket: true, |
| 490 | }, |
| 491 | }, |
| 492 | shouldFail: true, |
| 493 | expectedError: ":CCS_RECEIVED_EARLY:", |
| 494 | }, |
David Benjamin | 7e3305e | 2014-07-28 14:52:32 -0400 | [diff] [blame] | 495 | { |
David Benjamin | d86c767 | 2014-08-02 04:07:12 -0400 | [diff] [blame] | 496 | testType: serverTest, |
David Benjamin | bef270a | 2014-08-02 04:22:02 -0400 | [diff] [blame] | 497 | name: "FallbackSCSV", |
| 498 | config: Config{ |
| 499 | MaxVersion: VersionTLS11, |
| 500 | Bugs: ProtocolBugs{ |
| 501 | SendFallbackSCSV: true, |
| 502 | }, |
| 503 | }, |
| 504 | shouldFail: true, |
| 505 | expectedError: ":INAPPROPRIATE_FALLBACK:", |
| 506 | }, |
| 507 | { |
| 508 | testType: serverTest, |
| 509 | name: "FallbackSCSV-VersionMatch", |
| 510 | config: Config{ |
| 511 | Bugs: ProtocolBugs{ |
| 512 | SendFallbackSCSV: true, |
| 513 | }, |
| 514 | }, |
| 515 | }, |
David Benjamin | 9821454 | 2014-08-07 18:02:39 -0400 | [diff] [blame] | 516 | { |
| 517 | testType: serverTest, |
| 518 | name: "FragmentedClientVersion", |
| 519 | config: Config{ |
| 520 | Bugs: ProtocolBugs{ |
| 521 | MaxHandshakeRecordLength: 1, |
| 522 | FragmentClientVersion: true, |
| 523 | }, |
| 524 | }, |
David Benjamin | 82c9e90 | 2014-12-12 15:55:27 -0500 | [diff] [blame] | 525 | expectedVersion: VersionTLS12, |
David Benjamin | 9821454 | 2014-08-07 18:02:39 -0400 | [diff] [blame] | 526 | }, |
David Benjamin | 98e882e | 2014-08-08 13:24:34 -0400 | [diff] [blame] | 527 | { |
| 528 | testType: serverTest, |
| 529 | name: "MinorVersionTolerance", |
| 530 | config: Config{ |
| 531 | Bugs: ProtocolBugs{ |
| 532 | SendClientVersion: 0x03ff, |
| 533 | }, |
| 534 | }, |
| 535 | expectedVersion: VersionTLS12, |
| 536 | }, |
| 537 | { |
| 538 | testType: serverTest, |
| 539 | name: "MajorVersionTolerance", |
| 540 | config: Config{ |
| 541 | Bugs: ProtocolBugs{ |
| 542 | SendClientVersion: 0x0400, |
| 543 | }, |
| 544 | }, |
| 545 | expectedVersion: VersionTLS12, |
| 546 | }, |
| 547 | { |
| 548 | testType: serverTest, |
| 549 | name: "VersionTooLow", |
| 550 | config: Config{ |
| 551 | Bugs: ProtocolBugs{ |
| 552 | SendClientVersion: 0x0200, |
| 553 | }, |
| 554 | }, |
| 555 | shouldFail: true, |
| 556 | expectedError: ":UNSUPPORTED_PROTOCOL:", |
| 557 | }, |
| 558 | { |
| 559 | testType: serverTest, |
| 560 | name: "HttpGET", |
| 561 | sendPrefix: "GET / HTTP/1.0\n", |
| 562 | shouldFail: true, |
| 563 | expectedError: ":HTTP_REQUEST:", |
| 564 | }, |
| 565 | { |
| 566 | testType: serverTest, |
| 567 | name: "HttpPOST", |
| 568 | sendPrefix: "POST / HTTP/1.0\n", |
| 569 | shouldFail: true, |
| 570 | expectedError: ":HTTP_REQUEST:", |
| 571 | }, |
| 572 | { |
| 573 | testType: serverTest, |
| 574 | name: "HttpHEAD", |
| 575 | sendPrefix: "HEAD / HTTP/1.0\n", |
| 576 | shouldFail: true, |
| 577 | expectedError: ":HTTP_REQUEST:", |
| 578 | }, |
| 579 | { |
| 580 | testType: serverTest, |
| 581 | name: "HttpPUT", |
| 582 | sendPrefix: "PUT / HTTP/1.0\n", |
| 583 | shouldFail: true, |
| 584 | expectedError: ":HTTP_REQUEST:", |
| 585 | }, |
| 586 | { |
| 587 | testType: serverTest, |
| 588 | name: "HttpCONNECT", |
| 589 | sendPrefix: "CONNECT www.google.com:443 HTTP/1.0\n", |
| 590 | shouldFail: true, |
| 591 | expectedError: ":HTTPS_PROXY_REQUEST:", |
| 592 | }, |
David Benjamin | 39ebf53 | 2014-08-31 02:23:49 -0400 | [diff] [blame] | 593 | { |
David Benjamin | f080ecd | 2014-12-11 18:48:59 -0500 | [diff] [blame] | 594 | testType: serverTest, |
| 595 | name: "Garbage", |
| 596 | sendPrefix: "blah", |
| 597 | shouldFail: true, |
| 598 | expectedError: ":UNKNOWN_PROTOCOL:", |
| 599 | }, |
| 600 | { |
David Benjamin | 39ebf53 | 2014-08-31 02:23:49 -0400 | [diff] [blame] | 601 | name: "SkipCipherVersionCheck", |
| 602 | config: Config{ |
| 603 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, |
| 604 | MaxVersion: VersionTLS11, |
| 605 | Bugs: ProtocolBugs{ |
| 606 | SkipCipherVersionCheck: true, |
| 607 | }, |
| 608 | }, |
| 609 | shouldFail: true, |
| 610 | expectedError: ":WRONG_CIPHER_RETURNED:", |
| 611 | }, |
David Benjamin | 9114fae | 2014-11-08 11:41:14 -0500 | [diff] [blame] | 612 | { |
David Benjamin | a3e8949 | 2015-02-26 15:16:22 -0500 | [diff] [blame] | 613 | name: "RSAEphemeralKey", |
David Benjamin | 9114fae | 2014-11-08 11:41:14 -0500 | [diff] [blame] | 614 | config: Config{ |
| 615 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, |
| 616 | Bugs: ProtocolBugs{ |
David Benjamin | a3e8949 | 2015-02-26 15:16:22 -0500 | [diff] [blame] | 617 | RSAEphemeralKey: true, |
David Benjamin | 9114fae | 2014-11-08 11:41:14 -0500 | [diff] [blame] | 618 | }, |
| 619 | }, |
| 620 | shouldFail: true, |
| 621 | expectedError: ":UNEXPECTED_MESSAGE:", |
| 622 | }, |
David Benjamin | 128dbc3 | 2014-12-01 01:27:42 -0500 | [diff] [blame] | 623 | { |
| 624 | name: "DisableEverything", |
| 625 | flags: []string{"-no-tls12", "-no-tls11", "-no-tls1", "-no-ssl3"}, |
| 626 | shouldFail: true, |
| 627 | expectedError: ":WRONG_SSL_VERSION:", |
| 628 | }, |
| 629 | { |
| 630 | protocol: dtls, |
| 631 | name: "DisableEverything-DTLS", |
| 632 | flags: []string{"-no-tls12", "-no-tls1"}, |
| 633 | shouldFail: true, |
| 634 | expectedError: ":WRONG_SSL_VERSION:", |
| 635 | }, |
David Benjamin | 780d6dd | 2015-01-06 12:03:19 -0500 | [diff] [blame] | 636 | { |
| 637 | name: "NoSharedCipher", |
| 638 | config: Config{ |
| 639 | CipherSuites: []uint16{}, |
| 640 | }, |
| 641 | shouldFail: true, |
| 642 | expectedError: ":HANDSHAKE_FAILURE_ON_CLIENT_HELLO:", |
| 643 | }, |
David Benjamin | 13be1de | 2015-01-11 16:29:36 -0500 | [diff] [blame] | 644 | { |
| 645 | protocol: dtls, |
| 646 | testType: serverTest, |
| 647 | name: "MTU", |
| 648 | config: Config{ |
| 649 | Bugs: ProtocolBugs{ |
| 650 | MaxPacketLength: 256, |
| 651 | }, |
| 652 | }, |
| 653 | flags: []string{"-mtu", "256"}, |
| 654 | }, |
| 655 | { |
| 656 | protocol: dtls, |
| 657 | testType: serverTest, |
| 658 | name: "MTUExceeded", |
| 659 | config: Config{ |
| 660 | Bugs: ProtocolBugs{ |
| 661 | MaxPacketLength: 255, |
| 662 | }, |
| 663 | }, |
| 664 | flags: []string{"-mtu", "256"}, |
| 665 | shouldFail: true, |
| 666 | expectedLocalError: "dtls: exceeded maximum packet length", |
| 667 | }, |
David Benjamin | 6095de8 | 2014-12-27 01:50:38 -0500 | [diff] [blame] | 668 | { |
| 669 | name: "CertMismatchRSA", |
| 670 | config: Config{ |
| 671 | CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, |
| 672 | Certificates: []Certificate{getECDSACertificate()}, |
| 673 | Bugs: ProtocolBugs{ |
| 674 | SendCipherSuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, |
| 675 | }, |
| 676 | }, |
| 677 | shouldFail: true, |
| 678 | expectedError: ":WRONG_CERTIFICATE_TYPE:", |
| 679 | }, |
| 680 | { |
| 681 | name: "CertMismatchECDSA", |
| 682 | config: Config{ |
| 683 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 684 | Certificates: []Certificate{getRSACertificate()}, |
| 685 | Bugs: ProtocolBugs{ |
| 686 | SendCipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, |
| 687 | }, |
| 688 | }, |
| 689 | shouldFail: true, |
| 690 | expectedError: ":WRONG_CERTIFICATE_TYPE:", |
| 691 | }, |
David Benjamin | 5fa3eba | 2015-01-22 16:35:40 -0500 | [diff] [blame] | 692 | { |
David Benjamin | 8923c0b | 2015-06-07 11:42:34 -0400 | [diff] [blame^] | 693 | name: "EmptyCertificateList", |
| 694 | config: Config{ |
| 695 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 696 | Bugs: ProtocolBugs{ |
| 697 | EmptyCertificateList: true, |
| 698 | }, |
| 699 | }, |
| 700 | shouldFail: true, |
| 701 | expectedError: ":DECODE_ERROR:", |
| 702 | }, |
| 703 | { |
David Benjamin | 5fa3eba | 2015-01-22 16:35:40 -0500 | [diff] [blame] | 704 | name: "TLSFatalBadPackets", |
| 705 | damageFirstWrite: true, |
| 706 | shouldFail: true, |
| 707 | expectedError: ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:", |
| 708 | }, |
| 709 | { |
| 710 | protocol: dtls, |
| 711 | name: "DTLSIgnoreBadPackets", |
| 712 | damageFirstWrite: true, |
| 713 | }, |
| 714 | { |
| 715 | protocol: dtls, |
| 716 | name: "DTLSIgnoreBadPackets-Async", |
| 717 | damageFirstWrite: true, |
| 718 | flags: []string{"-async"}, |
| 719 | }, |
David Benjamin | 4189bd9 | 2015-01-25 23:52:39 -0500 | [diff] [blame] | 720 | { |
| 721 | name: "AppDataAfterChangeCipherSpec", |
| 722 | config: Config{ |
| 723 | Bugs: ProtocolBugs{ |
| 724 | AppDataAfterChangeCipherSpec: []byte("TEST MESSAGE"), |
| 725 | }, |
| 726 | }, |
| 727 | shouldFail: true, |
| 728 | expectedError: ":DATA_BETWEEN_CCS_AND_FINISHED:", |
| 729 | }, |
| 730 | { |
| 731 | protocol: dtls, |
| 732 | name: "AppDataAfterChangeCipherSpec-DTLS", |
| 733 | config: Config{ |
| 734 | Bugs: ProtocolBugs{ |
| 735 | AppDataAfterChangeCipherSpec: []byte("TEST MESSAGE"), |
| 736 | }, |
| 737 | }, |
David Benjamin | 4417d05 | 2015-04-05 04:17:25 -0400 | [diff] [blame] | 738 | // BoringSSL's DTLS implementation will drop the out-of-order |
| 739 | // application data. |
David Benjamin | 4189bd9 | 2015-01-25 23:52:39 -0500 | [diff] [blame] | 740 | }, |
David Benjamin | b3774b9 | 2015-01-31 17:16:01 -0500 | [diff] [blame] | 741 | { |
David Benjamin | dc3da93 | 2015-03-12 15:09:02 -0400 | [diff] [blame] | 742 | name: "AlertAfterChangeCipherSpec", |
| 743 | config: Config{ |
| 744 | Bugs: ProtocolBugs{ |
| 745 | AlertAfterChangeCipherSpec: alertRecordOverflow, |
| 746 | }, |
| 747 | }, |
| 748 | shouldFail: true, |
| 749 | expectedError: ":TLSV1_ALERT_RECORD_OVERFLOW:", |
| 750 | }, |
| 751 | { |
| 752 | protocol: dtls, |
| 753 | name: "AlertAfterChangeCipherSpec-DTLS", |
| 754 | config: Config{ |
| 755 | Bugs: ProtocolBugs{ |
| 756 | AlertAfterChangeCipherSpec: alertRecordOverflow, |
| 757 | }, |
| 758 | }, |
| 759 | shouldFail: true, |
| 760 | expectedError: ":TLSV1_ALERT_RECORD_OVERFLOW:", |
| 761 | }, |
| 762 | { |
David Benjamin | b3774b9 | 2015-01-31 17:16:01 -0500 | [diff] [blame] | 763 | protocol: dtls, |
| 764 | name: "ReorderHandshakeFragments-Small-DTLS", |
| 765 | config: Config{ |
| 766 | Bugs: ProtocolBugs{ |
| 767 | ReorderHandshakeFragments: true, |
| 768 | // Small enough that every handshake message is |
| 769 | // fragmented. |
| 770 | MaxHandshakeRecordLength: 2, |
| 771 | }, |
| 772 | }, |
| 773 | }, |
| 774 | { |
| 775 | protocol: dtls, |
| 776 | name: "ReorderHandshakeFragments-Large-DTLS", |
| 777 | config: Config{ |
| 778 | Bugs: ProtocolBugs{ |
| 779 | ReorderHandshakeFragments: true, |
| 780 | // Large enough that no handshake message is |
| 781 | // fragmented. |
David Benjamin | b3774b9 | 2015-01-31 17:16:01 -0500 | [diff] [blame] | 782 | MaxHandshakeRecordLength: 2048, |
| 783 | }, |
| 784 | }, |
| 785 | }, |
David Benjamin | ddb9f15 | 2015-02-03 15:44:39 -0500 | [diff] [blame] | 786 | { |
David Benjamin | 7538122 | 2015-03-02 19:30:30 -0500 | [diff] [blame] | 787 | protocol: dtls, |
| 788 | name: "MixCompleteMessageWithFragments-DTLS", |
| 789 | config: Config{ |
| 790 | Bugs: ProtocolBugs{ |
| 791 | ReorderHandshakeFragments: true, |
| 792 | MixCompleteMessageWithFragments: true, |
| 793 | MaxHandshakeRecordLength: 2, |
| 794 | }, |
| 795 | }, |
| 796 | }, |
| 797 | { |
David Benjamin | ddb9f15 | 2015-02-03 15:44:39 -0500 | [diff] [blame] | 798 | name: "SendInvalidRecordType", |
| 799 | config: Config{ |
| 800 | Bugs: ProtocolBugs{ |
| 801 | SendInvalidRecordType: true, |
| 802 | }, |
| 803 | }, |
| 804 | shouldFail: true, |
| 805 | expectedError: ":UNEXPECTED_RECORD:", |
| 806 | }, |
| 807 | { |
| 808 | protocol: dtls, |
| 809 | name: "SendInvalidRecordType-DTLS", |
| 810 | config: Config{ |
| 811 | Bugs: ProtocolBugs{ |
| 812 | SendInvalidRecordType: true, |
| 813 | }, |
| 814 | }, |
| 815 | shouldFail: true, |
| 816 | expectedError: ":UNEXPECTED_RECORD:", |
| 817 | }, |
David Benjamin | b80168e | 2015-02-08 18:30:14 -0500 | [diff] [blame] | 818 | { |
| 819 | name: "FalseStart-SkipServerSecondLeg", |
| 820 | config: Config{ |
| 821 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 822 | NextProtos: []string{"foo"}, |
| 823 | Bugs: ProtocolBugs{ |
| 824 | SkipNewSessionTicket: true, |
| 825 | SkipChangeCipherSpec: true, |
| 826 | SkipFinished: true, |
| 827 | ExpectFalseStart: true, |
| 828 | }, |
| 829 | }, |
| 830 | flags: []string{ |
| 831 | "-false-start", |
David Benjamin | 87e4acd | 2015-04-02 19:57:35 -0400 | [diff] [blame] | 832 | "-handshake-never-done", |
David Benjamin | b80168e | 2015-02-08 18:30:14 -0500 | [diff] [blame] | 833 | "-advertise-alpn", "\x03foo", |
| 834 | }, |
| 835 | shimWritesFirst: true, |
| 836 | shouldFail: true, |
| 837 | expectedError: ":UNEXPECTED_RECORD:", |
| 838 | }, |
David Benjamin | 931ab34 | 2015-02-08 19:46:57 -0500 | [diff] [blame] | 839 | { |
| 840 | name: "FalseStart-SkipServerSecondLeg-Implicit", |
| 841 | config: Config{ |
| 842 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 843 | NextProtos: []string{"foo"}, |
| 844 | Bugs: ProtocolBugs{ |
| 845 | SkipNewSessionTicket: true, |
| 846 | SkipChangeCipherSpec: true, |
| 847 | SkipFinished: true, |
| 848 | }, |
| 849 | }, |
| 850 | flags: []string{ |
| 851 | "-implicit-handshake", |
| 852 | "-false-start", |
David Benjamin | 87e4acd | 2015-04-02 19:57:35 -0400 | [diff] [blame] | 853 | "-handshake-never-done", |
David Benjamin | 931ab34 | 2015-02-08 19:46:57 -0500 | [diff] [blame] | 854 | "-advertise-alpn", "\x03foo", |
| 855 | }, |
| 856 | shouldFail: true, |
| 857 | expectedError: ":UNEXPECTED_RECORD:", |
| 858 | }, |
David Benjamin | 6f5c0f4 | 2015-02-24 01:23:21 -0500 | [diff] [blame] | 859 | { |
| 860 | testType: serverTest, |
| 861 | name: "FailEarlyCallback", |
| 862 | flags: []string{"-fail-early-callback"}, |
| 863 | shouldFail: true, |
| 864 | expectedError: ":CONNECTION_REJECTED:", |
| 865 | expectedLocalError: "remote error: access denied", |
| 866 | }, |
David Benjamin | bcb2d91 | 2015-02-24 23:45:43 -0500 | [diff] [blame] | 867 | { |
| 868 | name: "WrongMessageType", |
| 869 | config: Config{ |
| 870 | Bugs: ProtocolBugs{ |
| 871 | WrongCertificateMessageType: true, |
| 872 | }, |
| 873 | }, |
| 874 | shouldFail: true, |
| 875 | expectedError: ":UNEXPECTED_MESSAGE:", |
| 876 | expectedLocalError: "remote error: unexpected message", |
| 877 | }, |
| 878 | { |
| 879 | protocol: dtls, |
| 880 | name: "WrongMessageType-DTLS", |
| 881 | config: Config{ |
| 882 | Bugs: ProtocolBugs{ |
| 883 | WrongCertificateMessageType: true, |
| 884 | }, |
| 885 | }, |
| 886 | shouldFail: true, |
| 887 | expectedError: ":UNEXPECTED_MESSAGE:", |
| 888 | expectedLocalError: "remote error: unexpected message", |
| 889 | }, |
David Benjamin | 7538122 | 2015-03-02 19:30:30 -0500 | [diff] [blame] | 890 | { |
| 891 | protocol: dtls, |
| 892 | name: "FragmentMessageTypeMismatch-DTLS", |
| 893 | config: Config{ |
| 894 | Bugs: ProtocolBugs{ |
| 895 | MaxHandshakeRecordLength: 2, |
| 896 | FragmentMessageTypeMismatch: true, |
| 897 | }, |
| 898 | }, |
| 899 | shouldFail: true, |
| 900 | expectedError: ":FRAGMENT_MISMATCH:", |
| 901 | }, |
| 902 | { |
| 903 | protocol: dtls, |
| 904 | name: "FragmentMessageLengthMismatch-DTLS", |
| 905 | config: Config{ |
| 906 | Bugs: ProtocolBugs{ |
| 907 | MaxHandshakeRecordLength: 2, |
| 908 | FragmentMessageLengthMismatch: true, |
| 909 | }, |
| 910 | }, |
| 911 | shouldFail: true, |
| 912 | expectedError: ":FRAGMENT_MISMATCH:", |
| 913 | }, |
| 914 | { |
| 915 | protocol: dtls, |
| 916 | name: "SplitFragmentHeader-DTLS", |
| 917 | config: Config{ |
| 918 | Bugs: ProtocolBugs{ |
| 919 | SplitFragmentHeader: true, |
| 920 | }, |
| 921 | }, |
| 922 | shouldFail: true, |
| 923 | expectedError: ":UNEXPECTED_MESSAGE:", |
| 924 | }, |
| 925 | { |
| 926 | protocol: dtls, |
| 927 | name: "SplitFragmentBody-DTLS", |
| 928 | config: Config{ |
| 929 | Bugs: ProtocolBugs{ |
| 930 | SplitFragmentBody: true, |
| 931 | }, |
| 932 | }, |
| 933 | shouldFail: true, |
| 934 | expectedError: ":UNEXPECTED_MESSAGE:", |
| 935 | }, |
| 936 | { |
| 937 | protocol: dtls, |
| 938 | name: "SendEmptyFragments-DTLS", |
| 939 | config: Config{ |
| 940 | Bugs: ProtocolBugs{ |
| 941 | SendEmptyFragments: true, |
| 942 | }, |
| 943 | }, |
| 944 | }, |
David Benjamin | 67d1fb5 | 2015-03-16 15:16:23 -0400 | [diff] [blame] | 945 | { |
| 946 | name: "UnsupportedCipherSuite", |
| 947 | config: Config{ |
| 948 | CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, |
| 949 | Bugs: ProtocolBugs{ |
| 950 | IgnorePeerCipherPreferences: true, |
| 951 | }, |
| 952 | }, |
| 953 | flags: []string{"-cipher", "DEFAULT:!RC4"}, |
| 954 | shouldFail: true, |
| 955 | expectedError: ":WRONG_CIPHER_RETURNED:", |
| 956 | }, |
David Benjamin | 340d5ed | 2015-03-21 02:21:37 -0400 | [diff] [blame] | 957 | { |
David Benjamin | c574f41 | 2015-04-20 11:13:01 -0400 | [diff] [blame] | 958 | name: "UnsupportedCurve", |
| 959 | config: Config{ |
| 960 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 961 | // BoringSSL implements P-224 but doesn't enable it by |
| 962 | // default. |
| 963 | CurvePreferences: []CurveID{CurveP224}, |
| 964 | Bugs: ProtocolBugs{ |
| 965 | IgnorePeerCurvePreferences: true, |
| 966 | }, |
| 967 | }, |
| 968 | shouldFail: true, |
| 969 | expectedError: ":WRONG_CURVE:", |
| 970 | }, |
| 971 | { |
David Benjamin | 513f0ea | 2015-04-02 19:33:31 -0400 | [diff] [blame] | 972 | name: "BadFinished", |
| 973 | config: Config{ |
| 974 | Bugs: ProtocolBugs{ |
| 975 | BadFinished: true, |
| 976 | }, |
| 977 | }, |
| 978 | shouldFail: true, |
| 979 | expectedError: ":DIGEST_CHECK_FAILED:", |
| 980 | }, |
| 981 | { |
| 982 | name: "FalseStart-BadFinished", |
| 983 | config: Config{ |
| 984 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 985 | NextProtos: []string{"foo"}, |
| 986 | Bugs: ProtocolBugs{ |
| 987 | BadFinished: true, |
| 988 | ExpectFalseStart: true, |
| 989 | }, |
| 990 | }, |
| 991 | flags: []string{ |
| 992 | "-false-start", |
David Benjamin | 87e4acd | 2015-04-02 19:57:35 -0400 | [diff] [blame] | 993 | "-handshake-never-done", |
David Benjamin | 513f0ea | 2015-04-02 19:33:31 -0400 | [diff] [blame] | 994 | "-advertise-alpn", "\x03foo", |
| 995 | }, |
| 996 | shimWritesFirst: true, |
| 997 | shouldFail: true, |
| 998 | expectedError: ":DIGEST_CHECK_FAILED:", |
| 999 | }, |
David Benjamin | 1c63315 | 2015-04-02 20:19:11 -0400 | [diff] [blame] | 1000 | { |
| 1001 | name: "NoFalseStart-NoALPN", |
| 1002 | config: Config{ |
| 1003 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 1004 | Bugs: ProtocolBugs{ |
| 1005 | ExpectFalseStart: true, |
| 1006 | AlertBeforeFalseStartTest: alertAccessDenied, |
| 1007 | }, |
| 1008 | }, |
| 1009 | flags: []string{ |
| 1010 | "-false-start", |
| 1011 | }, |
| 1012 | shimWritesFirst: true, |
| 1013 | shouldFail: true, |
| 1014 | expectedError: ":TLSV1_ALERT_ACCESS_DENIED:", |
| 1015 | expectedLocalError: "tls: peer did not false start: EOF", |
| 1016 | }, |
| 1017 | { |
| 1018 | name: "NoFalseStart-NoAEAD", |
| 1019 | config: Config{ |
| 1020 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA}, |
| 1021 | NextProtos: []string{"foo"}, |
| 1022 | Bugs: ProtocolBugs{ |
| 1023 | ExpectFalseStart: true, |
| 1024 | AlertBeforeFalseStartTest: alertAccessDenied, |
| 1025 | }, |
| 1026 | }, |
| 1027 | flags: []string{ |
| 1028 | "-false-start", |
| 1029 | "-advertise-alpn", "\x03foo", |
| 1030 | }, |
| 1031 | shimWritesFirst: true, |
| 1032 | shouldFail: true, |
| 1033 | expectedError: ":TLSV1_ALERT_ACCESS_DENIED:", |
| 1034 | expectedLocalError: "tls: peer did not false start: EOF", |
| 1035 | }, |
| 1036 | { |
| 1037 | name: "NoFalseStart-RSA", |
| 1038 | config: Config{ |
| 1039 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, |
| 1040 | NextProtos: []string{"foo"}, |
| 1041 | Bugs: ProtocolBugs{ |
| 1042 | ExpectFalseStart: true, |
| 1043 | AlertBeforeFalseStartTest: alertAccessDenied, |
| 1044 | }, |
| 1045 | }, |
| 1046 | flags: []string{ |
| 1047 | "-false-start", |
| 1048 | "-advertise-alpn", "\x03foo", |
| 1049 | }, |
| 1050 | shimWritesFirst: true, |
| 1051 | shouldFail: true, |
| 1052 | expectedError: ":TLSV1_ALERT_ACCESS_DENIED:", |
| 1053 | expectedLocalError: "tls: peer did not false start: EOF", |
| 1054 | }, |
| 1055 | { |
| 1056 | name: "NoFalseStart-DHE_RSA", |
| 1057 | config: Config{ |
| 1058 | CipherSuites: []uint16{TLS_DHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 1059 | NextProtos: []string{"foo"}, |
| 1060 | Bugs: ProtocolBugs{ |
| 1061 | ExpectFalseStart: true, |
| 1062 | AlertBeforeFalseStartTest: alertAccessDenied, |
| 1063 | }, |
| 1064 | }, |
| 1065 | flags: []string{ |
| 1066 | "-false-start", |
| 1067 | "-advertise-alpn", "\x03foo", |
| 1068 | }, |
| 1069 | shimWritesFirst: true, |
| 1070 | shouldFail: true, |
| 1071 | expectedError: ":TLSV1_ALERT_ACCESS_DENIED:", |
| 1072 | expectedLocalError: "tls: peer did not false start: EOF", |
| 1073 | }, |
David Benjamin | 55a4364 | 2015-04-20 14:45:55 -0400 | [diff] [blame] | 1074 | { |
| 1075 | testType: serverTest, |
| 1076 | name: "NoSupportedCurves", |
| 1077 | config: Config{ |
| 1078 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 1079 | Bugs: ProtocolBugs{ |
| 1080 | NoSupportedCurves: true, |
| 1081 | }, |
| 1082 | }, |
| 1083 | }, |
David Benjamin | 90da8c8 | 2015-04-20 14:57:57 -0400 | [diff] [blame] | 1084 | { |
| 1085 | testType: serverTest, |
| 1086 | name: "NoCommonCurves", |
| 1087 | config: Config{ |
| 1088 | CipherSuites: []uint16{ |
| 1089 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, |
| 1090 | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, |
| 1091 | }, |
| 1092 | CurvePreferences: []CurveID{CurveP224}, |
| 1093 | }, |
| 1094 | expectedCipher: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, |
| 1095 | }, |
David Benjamin | 9a41d1b | 2015-05-16 01:30:09 -0400 | [diff] [blame] | 1096 | { |
| 1097 | protocol: dtls, |
| 1098 | name: "SendSplitAlert-Sync", |
| 1099 | config: Config{ |
| 1100 | Bugs: ProtocolBugs{ |
| 1101 | SendSplitAlert: true, |
| 1102 | }, |
| 1103 | }, |
| 1104 | }, |
| 1105 | { |
| 1106 | protocol: dtls, |
| 1107 | name: "SendSplitAlert-Async", |
| 1108 | config: Config{ |
| 1109 | Bugs: ProtocolBugs{ |
| 1110 | SendSplitAlert: true, |
| 1111 | }, |
| 1112 | }, |
| 1113 | flags: []string{"-async"}, |
| 1114 | }, |
David Benjamin | bd15a8e | 2015-05-29 18:48:16 -0400 | [diff] [blame] | 1115 | { |
| 1116 | protocol: dtls, |
| 1117 | name: "PackDTLSHandshake", |
| 1118 | config: Config{ |
| 1119 | Bugs: ProtocolBugs{ |
| 1120 | MaxHandshakeRecordLength: 2, |
| 1121 | PackHandshakeFragments: 20, |
| 1122 | PackHandshakeRecords: 200, |
| 1123 | }, |
| 1124 | }, |
| 1125 | }, |
David Benjamin | 0fa4012 | 2015-05-30 17:13:12 -0400 | [diff] [blame] | 1126 | { |
| 1127 | testType: serverTest, |
| 1128 | protocol: dtls, |
| 1129 | name: "NoRC4-DTLS", |
| 1130 | config: Config{ |
| 1131 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_RC4_128_SHA}, |
| 1132 | Bugs: ProtocolBugs{ |
| 1133 | EnableAllCiphersInDTLS: true, |
| 1134 | }, |
| 1135 | }, |
| 1136 | shouldFail: true, |
| 1137 | expectedError: ":NO_SHARED_CIPHER:", |
| 1138 | }, |
David Benjamin | a8ebe22 | 2015-06-06 03:04:39 -0400 | [diff] [blame] | 1139 | { |
| 1140 | name: "SendEmptyRecords-Pass", |
| 1141 | sendEmptyRecords: 32, |
| 1142 | }, |
| 1143 | { |
| 1144 | name: "SendEmptyRecords", |
| 1145 | sendEmptyRecords: 33, |
| 1146 | shouldFail: true, |
| 1147 | expectedError: ":TOO_MANY_EMPTY_FRAGMENTS:", |
| 1148 | }, |
| 1149 | { |
| 1150 | name: "SendEmptyRecords-Async", |
| 1151 | sendEmptyRecords: 33, |
| 1152 | flags: []string{"-async"}, |
| 1153 | shouldFail: true, |
| 1154 | expectedError: ":TOO_MANY_EMPTY_FRAGMENTS:", |
| 1155 | }, |
David Benjamin | 24f346d | 2015-06-06 03:28:08 -0400 | [diff] [blame] | 1156 | { |
| 1157 | name: "SendWarningAlerts-Pass", |
| 1158 | sendWarningAlerts: 4, |
| 1159 | }, |
| 1160 | { |
| 1161 | protocol: dtls, |
| 1162 | name: "SendWarningAlerts-DTLS-Pass", |
| 1163 | sendWarningAlerts: 4, |
| 1164 | }, |
| 1165 | { |
| 1166 | name: "SendWarningAlerts", |
| 1167 | sendWarningAlerts: 5, |
| 1168 | shouldFail: true, |
| 1169 | expectedError: ":TOO_MANY_WARNING_ALERTS:", |
| 1170 | }, |
| 1171 | { |
| 1172 | name: "SendWarningAlerts-Async", |
| 1173 | sendWarningAlerts: 5, |
| 1174 | flags: []string{"-async"}, |
| 1175 | shouldFail: true, |
| 1176 | expectedError: ":TOO_MANY_WARNING_ALERTS:", |
| 1177 | }, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1178 | } |
| 1179 | |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 1180 | func doExchange(test *testCase, config *Config, conn net.Conn, messageLen int, isResume bool) error { |
David Benjamin | 65ea8ff | 2014-11-23 03:01:00 -0500 | [diff] [blame] | 1181 | var connDebug *recordingConn |
David Benjamin | 5fa3eba | 2015-01-22 16:35:40 -0500 | [diff] [blame] | 1182 | var connDamage *damageAdaptor |
David Benjamin | 65ea8ff | 2014-11-23 03:01:00 -0500 | [diff] [blame] | 1183 | if *flagDebug { |
| 1184 | connDebug = &recordingConn{Conn: conn} |
| 1185 | conn = connDebug |
| 1186 | defer func() { |
| 1187 | connDebug.WriteTo(os.Stdout) |
| 1188 | }() |
| 1189 | } |
| 1190 | |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1191 | if test.protocol == dtls { |
David Benjamin | 83f9040 | 2015-01-27 01:09:43 -0500 | [diff] [blame] | 1192 | config.Bugs.PacketAdaptor = newPacketAdaptor(conn) |
| 1193 | conn = config.Bugs.PacketAdaptor |
David Benjamin | 5e961c1 | 2014-11-07 01:48:35 -0500 | [diff] [blame] | 1194 | if test.replayWrites { |
| 1195 | conn = newReplayAdaptor(conn) |
| 1196 | } |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1197 | } |
| 1198 | |
David Benjamin | 5fa3eba | 2015-01-22 16:35:40 -0500 | [diff] [blame] | 1199 | if test.damageFirstWrite { |
| 1200 | connDamage = newDamageAdaptor(conn) |
| 1201 | conn = connDamage |
| 1202 | } |
| 1203 | |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1204 | if test.sendPrefix != "" { |
| 1205 | if _, err := conn.Write([]byte(test.sendPrefix)); err != nil { |
| 1206 | return err |
| 1207 | } |
David Benjamin | 98e882e | 2014-08-08 13:24:34 -0400 | [diff] [blame] | 1208 | } |
| 1209 | |
David Benjamin | 1d5c83e | 2014-07-22 19:20:02 -0400 | [diff] [blame] | 1210 | var tlsConn *Conn |
David Benjamin | 7e2e6cf | 2014-08-07 17:44:24 -0400 | [diff] [blame] | 1211 | if test.testType == clientTest { |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1212 | if test.protocol == dtls { |
| 1213 | tlsConn = DTLSServer(conn, config) |
| 1214 | } else { |
| 1215 | tlsConn = Server(conn, config) |
| 1216 | } |
David Benjamin | 1d5c83e | 2014-07-22 19:20:02 -0400 | [diff] [blame] | 1217 | } else { |
| 1218 | config.InsecureSkipVerify = true |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1219 | if test.protocol == dtls { |
| 1220 | tlsConn = DTLSClient(conn, config) |
| 1221 | } else { |
| 1222 | tlsConn = Client(conn, config) |
| 1223 | } |
David Benjamin | 1d5c83e | 2014-07-22 19:20:02 -0400 | [diff] [blame] | 1224 | } |
| 1225 | |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1226 | if err := tlsConn.Handshake(); err != nil { |
| 1227 | return err |
| 1228 | } |
Kenny Root | 7fdeaf1 | 2014-08-05 15:23:37 -0700 | [diff] [blame] | 1229 | |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 1230 | // TODO(davidben): move all per-connection expectations into a dedicated |
| 1231 | // expectations struct that can be specified separately for the two |
| 1232 | // legs. |
| 1233 | expectedVersion := test.expectedVersion |
| 1234 | if isResume && test.expectedResumeVersion != 0 { |
| 1235 | expectedVersion = test.expectedResumeVersion |
| 1236 | } |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 1237 | connState := tlsConn.ConnectionState() |
| 1238 | if vers := connState.Version; expectedVersion != 0 && vers != expectedVersion { |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 1239 | return fmt.Errorf("got version %x, expected %x", vers, expectedVersion) |
David Benjamin | 7e2e6cf | 2014-08-07 17:44:24 -0400 | [diff] [blame] | 1240 | } |
| 1241 | |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 1242 | if cipher := connState.CipherSuite; test.expectedCipher != 0 && cipher != test.expectedCipher { |
David Benjamin | 90da8c8 | 2015-04-20 14:57:57 -0400 | [diff] [blame] | 1243 | return fmt.Errorf("got cipher %x, expected %x", cipher, test.expectedCipher) |
| 1244 | } |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 1245 | if didResume := connState.DidResume; isResume && didResume == test.expectResumeRejected { |
| 1246 | return fmt.Errorf("didResume is %t, but we expected the opposite", didResume) |
| 1247 | } |
David Benjamin | 90da8c8 | 2015-04-20 14:57:57 -0400 | [diff] [blame] | 1248 | |
David Benjamin | a08e49d | 2014-08-24 01:46:07 -0400 | [diff] [blame] | 1249 | if test.expectChannelID { |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 1250 | channelID := connState.ChannelID |
David Benjamin | a08e49d | 2014-08-24 01:46:07 -0400 | [diff] [blame] | 1251 | if channelID == nil { |
| 1252 | return fmt.Errorf("no channel ID negotiated") |
| 1253 | } |
| 1254 | if channelID.Curve != channelIDKey.Curve || |
| 1255 | channelIDKey.X.Cmp(channelIDKey.X) != 0 || |
| 1256 | channelIDKey.Y.Cmp(channelIDKey.Y) != 0 { |
| 1257 | return fmt.Errorf("incorrect channel ID") |
| 1258 | } |
| 1259 | } |
| 1260 | |
David Benjamin | ae2888f | 2014-09-06 12:58:58 -0400 | [diff] [blame] | 1261 | if expected := test.expectedNextProto; expected != "" { |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 1262 | if actual := connState.NegotiatedProtocol; actual != expected { |
David Benjamin | ae2888f | 2014-09-06 12:58:58 -0400 | [diff] [blame] | 1263 | return fmt.Errorf("next proto mismatch: got %s, wanted %s", actual, expected) |
| 1264 | } |
| 1265 | } |
| 1266 | |
David Benjamin | fc7b086 | 2014-09-06 13:21:53 -0400 | [diff] [blame] | 1267 | if test.expectedNextProtoType != 0 { |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 1268 | if (test.expectedNextProtoType == alpn) != connState.NegotiatedProtocolFromALPN { |
David Benjamin | fc7b086 | 2014-09-06 13:21:53 -0400 | [diff] [blame] | 1269 | return fmt.Errorf("next proto type mismatch") |
| 1270 | } |
| 1271 | } |
| 1272 | |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 1273 | if p := connState.SRTPProtectionProfile; p != test.expectedSRTPProtectionProfile { |
David Benjamin | ca6c826 | 2014-11-15 19:06:08 -0500 | [diff] [blame] | 1274 | return fmt.Errorf("SRTP profile mismatch: got %d, wanted %d", p, test.expectedSRTPProtectionProfile) |
| 1275 | } |
| 1276 | |
David Benjamin | c565ebb | 2015-04-03 04:06:36 -0400 | [diff] [blame] | 1277 | if test.exportKeyingMaterial > 0 { |
| 1278 | actual := make([]byte, test.exportKeyingMaterial) |
| 1279 | if _, err := io.ReadFull(tlsConn, actual); err != nil { |
| 1280 | return err |
| 1281 | } |
| 1282 | expected, err := tlsConn.ExportKeyingMaterial(test.exportKeyingMaterial, []byte(test.exportLabel), []byte(test.exportContext), test.useExportContext) |
| 1283 | if err != nil { |
| 1284 | return err |
| 1285 | } |
| 1286 | if !bytes.Equal(actual, expected) { |
| 1287 | return fmt.Errorf("keying material mismatch") |
| 1288 | } |
| 1289 | } |
| 1290 | |
Adam Langley | af0e32c | 2015-06-03 09:57:23 -0700 | [diff] [blame] | 1291 | if test.testTLSUnique { |
| 1292 | var peersValue [12]byte |
| 1293 | if _, err := io.ReadFull(tlsConn, peersValue[:]); err != nil { |
| 1294 | return err |
| 1295 | } |
| 1296 | expected := tlsConn.ConnectionState().TLSUnique |
| 1297 | if !bytes.Equal(peersValue[:], expected) { |
| 1298 | return fmt.Errorf("tls-unique mismatch: peer sent %x, but %x was expected", peersValue[:], expected) |
| 1299 | } |
| 1300 | } |
| 1301 | |
David Benjamin | e58c4f5 | 2014-08-24 03:47:07 -0400 | [diff] [blame] | 1302 | if test.shimWritesFirst { |
| 1303 | var buf [5]byte |
| 1304 | _, err := io.ReadFull(tlsConn, buf[:]) |
| 1305 | if err != nil { |
| 1306 | return err |
| 1307 | } |
| 1308 | if string(buf[:]) != "hello" { |
| 1309 | return fmt.Errorf("bad initial message") |
| 1310 | } |
| 1311 | } |
| 1312 | |
David Benjamin | a8ebe22 | 2015-06-06 03:04:39 -0400 | [diff] [blame] | 1313 | for i := 0; i < test.sendEmptyRecords; i++ { |
| 1314 | tlsConn.Write(nil) |
| 1315 | } |
| 1316 | |
David Benjamin | 24f346d | 2015-06-06 03:28:08 -0400 | [diff] [blame] | 1317 | for i := 0; i < test.sendWarningAlerts; i++ { |
| 1318 | tlsConn.SendAlert(alertLevelWarning, alertUnexpectedMessage) |
| 1319 | } |
| 1320 | |
Adam Langley | cf2d4f4 | 2014-10-28 19:06:14 -0700 | [diff] [blame] | 1321 | if test.renegotiate { |
| 1322 | if test.renegotiateCiphers != nil { |
| 1323 | config.CipherSuites = test.renegotiateCiphers |
| 1324 | } |
| 1325 | if err := tlsConn.Renegotiate(); err != nil { |
| 1326 | return err |
| 1327 | } |
| 1328 | } else if test.renegotiateCiphers != nil { |
| 1329 | panic("renegotiateCiphers without renegotiate") |
| 1330 | } |
| 1331 | |
David Benjamin | 5fa3eba | 2015-01-22 16:35:40 -0500 | [diff] [blame] | 1332 | if test.damageFirstWrite { |
| 1333 | connDamage.setDamage(true) |
| 1334 | tlsConn.Write([]byte("DAMAGED WRITE")) |
| 1335 | connDamage.setDamage(false) |
| 1336 | } |
| 1337 | |
Kenny Root | 7fdeaf1 | 2014-08-05 15:23:37 -0700 | [diff] [blame] | 1338 | if messageLen < 0 { |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1339 | if test.protocol == dtls { |
| 1340 | return fmt.Errorf("messageLen < 0 not supported for DTLS tests") |
| 1341 | } |
Kenny Root | 7fdeaf1 | 2014-08-05 15:23:37 -0700 | [diff] [blame] | 1342 | // Read until EOF. |
| 1343 | _, err := io.Copy(ioutil.Discard, tlsConn) |
| 1344 | return err |
| 1345 | } |
| 1346 | |
David Benjamin | 4417d05 | 2015-04-05 04:17:25 -0400 | [diff] [blame] | 1347 | if messageLen == 0 { |
| 1348 | messageLen = 32 |
Adam Langley | 80842bd | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1349 | } |
David Benjamin | 4417d05 | 2015-04-05 04:17:25 -0400 | [diff] [blame] | 1350 | testMessage := make([]byte, messageLen) |
| 1351 | for i := range testMessage { |
| 1352 | testMessage[i] = 0x42 |
| 1353 | } |
| 1354 | tlsConn.Write(testMessage) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1355 | |
David Benjamin | a8ebe22 | 2015-06-06 03:04:39 -0400 | [diff] [blame] | 1356 | for i := 0; i < test.sendEmptyRecords; i++ { |
| 1357 | tlsConn.Write(nil) |
| 1358 | } |
| 1359 | |
David Benjamin | 24f346d | 2015-06-06 03:28:08 -0400 | [diff] [blame] | 1360 | for i := 0; i < test.sendWarningAlerts; i++ { |
| 1361 | tlsConn.SendAlert(alertLevelWarning, alertUnexpectedMessage) |
| 1362 | } |
| 1363 | |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1364 | buf := make([]byte, len(testMessage)) |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1365 | if test.protocol == dtls { |
| 1366 | bufTmp := make([]byte, len(buf)+1) |
| 1367 | n, err := tlsConn.Read(bufTmp) |
| 1368 | if err != nil { |
| 1369 | return err |
| 1370 | } |
| 1371 | if n != len(buf) { |
| 1372 | return fmt.Errorf("bad reply; length mismatch (%d vs %d)", n, len(buf)) |
| 1373 | } |
| 1374 | copy(buf, bufTmp) |
| 1375 | } else { |
| 1376 | _, err := io.ReadFull(tlsConn, buf) |
| 1377 | if err != nil { |
| 1378 | return err |
| 1379 | } |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1380 | } |
| 1381 | |
| 1382 | for i, v := range buf { |
| 1383 | if v != testMessage[i]^0xff { |
| 1384 | return fmt.Errorf("bad reply contents at byte %d", i) |
| 1385 | } |
| 1386 | } |
| 1387 | |
| 1388 | return nil |
| 1389 | } |
| 1390 | |
David Benjamin | 325b5c3 | 2014-07-01 19:40:31 -0400 | [diff] [blame] | 1391 | func valgrindOf(dbAttach bool, path string, args ...string) *exec.Cmd { |
| 1392 | valgrindArgs := []string{"--error-exitcode=99", "--track-origins=yes", "--leak-check=full"} |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1393 | if dbAttach { |
David Benjamin | 325b5c3 | 2014-07-01 19:40:31 -0400 | [diff] [blame] | 1394 | valgrindArgs = append(valgrindArgs, "--db-attach=yes", "--db-command=xterm -e gdb -nw %f %p") |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1395 | } |
David Benjamin | 325b5c3 | 2014-07-01 19:40:31 -0400 | [diff] [blame] | 1396 | valgrindArgs = append(valgrindArgs, path) |
| 1397 | valgrindArgs = append(valgrindArgs, args...) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1398 | |
David Benjamin | 325b5c3 | 2014-07-01 19:40:31 -0400 | [diff] [blame] | 1399 | return exec.Command("valgrind", valgrindArgs...) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1400 | } |
| 1401 | |
David Benjamin | 325b5c3 | 2014-07-01 19:40:31 -0400 | [diff] [blame] | 1402 | func gdbOf(path string, args ...string) *exec.Cmd { |
| 1403 | xtermArgs := []string{"-e", "gdb", "--args"} |
| 1404 | xtermArgs = append(xtermArgs, path) |
| 1405 | xtermArgs = append(xtermArgs, args...) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1406 | |
David Benjamin | 325b5c3 | 2014-07-01 19:40:31 -0400 | [diff] [blame] | 1407 | return exec.Command("xterm", xtermArgs...) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1408 | } |
| 1409 | |
Adam Langley | 69a0160 | 2014-11-17 17:26:55 -0800 | [diff] [blame] | 1410 | type moreMallocsError struct{} |
| 1411 | |
| 1412 | func (moreMallocsError) Error() string { |
| 1413 | return "child process did not exhaust all allocation calls" |
| 1414 | } |
| 1415 | |
| 1416 | var errMoreMallocs = moreMallocsError{} |
| 1417 | |
David Benjamin | 87c8a64 | 2015-02-21 01:54:29 -0500 | [diff] [blame] | 1418 | // accept accepts a connection from listener, unless waitChan signals a process |
| 1419 | // exit first. |
| 1420 | func acceptOrWait(listener net.Listener, waitChan chan error) (net.Conn, error) { |
| 1421 | type connOrError struct { |
| 1422 | conn net.Conn |
| 1423 | err error |
| 1424 | } |
| 1425 | connChan := make(chan connOrError, 1) |
| 1426 | go func() { |
| 1427 | conn, err := listener.Accept() |
| 1428 | connChan <- connOrError{conn, err} |
| 1429 | close(connChan) |
| 1430 | }() |
| 1431 | select { |
| 1432 | case result := <-connChan: |
| 1433 | return result.conn, result.err |
| 1434 | case childErr := <-waitChan: |
| 1435 | waitChan <- childErr |
| 1436 | return nil, fmt.Errorf("child exited early: %s", childErr) |
| 1437 | } |
| 1438 | } |
| 1439 | |
Adam Langley | 69a0160 | 2014-11-17 17:26:55 -0800 | [diff] [blame] | 1440 | func runTest(test *testCase, buildDir string, mallocNumToFail int64) error { |
Adam Langley | 3831173 | 2014-10-16 19:04:35 -0700 | [diff] [blame] | 1441 | if !test.shouldFail && (len(test.expectedError) > 0 || len(test.expectedLocalError) > 0) { |
| 1442 | panic("Error expected without shouldFail in " + test.name) |
| 1443 | } |
| 1444 | |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 1445 | if test.expectResumeRejected && !test.resumeSession { |
| 1446 | panic("expectResumeRejected without resumeSession in " + test.name) |
| 1447 | } |
| 1448 | |
David Benjamin | 87c8a64 | 2015-02-21 01:54:29 -0500 | [diff] [blame] | 1449 | listener, err := net.ListenTCP("tcp4", &net.TCPAddr{IP: net.IP{127, 0, 0, 1}}) |
| 1450 | if err != nil { |
| 1451 | panic(err) |
| 1452 | } |
| 1453 | defer func() { |
| 1454 | if listener != nil { |
| 1455 | listener.Close() |
| 1456 | } |
| 1457 | }() |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1458 | |
David Benjamin | 884fdf1 | 2014-08-02 15:28:23 -0400 | [diff] [blame] | 1459 | shim_path := path.Join(buildDir, "ssl/test/bssl_shim") |
David Benjamin | 87c8a64 | 2015-02-21 01:54:29 -0500 | [diff] [blame] | 1460 | flags := []string{"-port", strconv.Itoa(listener.Addr().(*net.TCPAddr).Port)} |
David Benjamin | 1d5c83e | 2014-07-22 19:20:02 -0400 | [diff] [blame] | 1461 | if test.testType == serverTest { |
David Benjamin | 5a593af | 2014-08-11 19:51:50 -0400 | [diff] [blame] | 1462 | flags = append(flags, "-server") |
| 1463 | |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1464 | flags = append(flags, "-key-file") |
| 1465 | if test.keyFile == "" { |
| 1466 | flags = append(flags, rsaKeyFile) |
| 1467 | } else { |
| 1468 | flags = append(flags, test.keyFile) |
| 1469 | } |
| 1470 | |
| 1471 | flags = append(flags, "-cert-file") |
| 1472 | if test.certFile == "" { |
| 1473 | flags = append(flags, rsaCertificateFile) |
| 1474 | } else { |
| 1475 | flags = append(flags, test.certFile) |
| 1476 | } |
| 1477 | } |
David Benjamin | 5a593af | 2014-08-11 19:51:50 -0400 | [diff] [blame] | 1478 | |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1479 | if test.protocol == dtls { |
| 1480 | flags = append(flags, "-dtls") |
| 1481 | } |
| 1482 | |
David Benjamin | 5a593af | 2014-08-11 19:51:50 -0400 | [diff] [blame] | 1483 | if test.resumeSession { |
| 1484 | flags = append(flags, "-resume") |
| 1485 | } |
| 1486 | |
David Benjamin | e58c4f5 | 2014-08-24 03:47:07 -0400 | [diff] [blame] | 1487 | if test.shimWritesFirst { |
| 1488 | flags = append(flags, "-shim-writes-first") |
| 1489 | } |
| 1490 | |
David Benjamin | c565ebb | 2015-04-03 04:06:36 -0400 | [diff] [blame] | 1491 | if test.exportKeyingMaterial > 0 { |
| 1492 | flags = append(flags, "-export-keying-material", strconv.Itoa(test.exportKeyingMaterial)) |
| 1493 | flags = append(flags, "-export-label", test.exportLabel) |
| 1494 | flags = append(flags, "-export-context", test.exportContext) |
| 1495 | if test.useExportContext { |
| 1496 | flags = append(flags, "-use-export-context") |
| 1497 | } |
| 1498 | } |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 1499 | if test.expectResumeRejected { |
| 1500 | flags = append(flags, "-expect-session-miss") |
| 1501 | } |
David Benjamin | c565ebb | 2015-04-03 04:06:36 -0400 | [diff] [blame] | 1502 | |
Adam Langley | af0e32c | 2015-06-03 09:57:23 -0700 | [diff] [blame] | 1503 | if test.testTLSUnique { |
| 1504 | flags = append(flags, "-tls-unique") |
| 1505 | } |
| 1506 | |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1507 | flags = append(flags, test.flags...) |
| 1508 | |
| 1509 | var shim *exec.Cmd |
| 1510 | if *useValgrind { |
| 1511 | shim = valgrindOf(false, shim_path, flags...) |
Adam Langley | 7571292 | 2014-10-10 16:23:43 -0700 | [diff] [blame] | 1512 | } else if *useGDB { |
| 1513 | shim = gdbOf(shim_path, flags...) |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1514 | } else { |
| 1515 | shim = exec.Command(shim_path, flags...) |
| 1516 | } |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1517 | shim.Stdin = os.Stdin |
| 1518 | var stdoutBuf, stderrBuf bytes.Buffer |
| 1519 | shim.Stdout = &stdoutBuf |
| 1520 | shim.Stderr = &stderrBuf |
Adam Langley | 69a0160 | 2014-11-17 17:26:55 -0800 | [diff] [blame] | 1521 | if mallocNumToFail >= 0 { |
David Benjamin | 9e128b0 | 2015-02-09 13:13:09 -0500 | [diff] [blame] | 1522 | shim.Env = os.Environ() |
| 1523 | shim.Env = append(shim.Env, "MALLOC_NUMBER_TO_FAIL="+strconv.FormatInt(mallocNumToFail, 10)) |
Adam Langley | 69a0160 | 2014-11-17 17:26:55 -0800 | [diff] [blame] | 1524 | if *mallocTestDebug { |
| 1525 | shim.Env = append(shim.Env, "MALLOC_ABORT_ON_FAIL=1") |
| 1526 | } |
| 1527 | shim.Env = append(shim.Env, "_MALLOC_CHECK=1") |
| 1528 | } |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1529 | |
| 1530 | if err := shim.Start(); err != nil { |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1531 | panic(err) |
| 1532 | } |
David Benjamin | 87c8a64 | 2015-02-21 01:54:29 -0500 | [diff] [blame] | 1533 | waitChan := make(chan error, 1) |
| 1534 | go func() { waitChan <- shim.Wait() }() |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1535 | |
| 1536 | config := test.config |
David Benjamin | 1d5c83e | 2014-07-22 19:20:02 -0400 | [diff] [blame] | 1537 | config.ClientSessionCache = NewLRUClientSessionCache(1) |
David Benjamin | fe8eb9a | 2014-11-17 03:19:02 -0500 | [diff] [blame] | 1538 | config.ServerSessionCache = NewLRUServerSessionCache(1) |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1539 | if test.testType == clientTest { |
| 1540 | if len(config.Certificates) == 0 { |
| 1541 | config.Certificates = []Certificate{getRSACertificate()} |
| 1542 | } |
David Benjamin | 87c8a64 | 2015-02-21 01:54:29 -0500 | [diff] [blame] | 1543 | } else { |
| 1544 | // Supply a ServerName to ensure a constant session cache key, |
| 1545 | // rather than falling back to net.Conn.RemoteAddr. |
| 1546 | if len(config.ServerName) == 0 { |
| 1547 | config.ServerName = "test" |
| 1548 | } |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1549 | } |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1550 | |
David Benjamin | 87c8a64 | 2015-02-21 01:54:29 -0500 | [diff] [blame] | 1551 | conn, err := acceptOrWait(listener, waitChan) |
| 1552 | if err == nil { |
| 1553 | err = doExchange(test, &config, conn, test.messageLen, false /* not a resumption */) |
| 1554 | conn.Close() |
| 1555 | } |
David Benjamin | 65ea8ff | 2014-11-23 03:01:00 -0500 | [diff] [blame] | 1556 | |
David Benjamin | 1d5c83e | 2014-07-22 19:20:02 -0400 | [diff] [blame] | 1557 | if err == nil && test.resumeSession { |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 1558 | var resumeConfig Config |
| 1559 | if test.resumeConfig != nil { |
| 1560 | resumeConfig = *test.resumeConfig |
David Benjamin | 87c8a64 | 2015-02-21 01:54:29 -0500 | [diff] [blame] | 1561 | if len(resumeConfig.ServerName) == 0 { |
| 1562 | resumeConfig.ServerName = config.ServerName |
| 1563 | } |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 1564 | if len(resumeConfig.Certificates) == 0 { |
| 1565 | resumeConfig.Certificates = []Certificate{getRSACertificate()} |
| 1566 | } |
David Benjamin | fe8eb9a | 2014-11-17 03:19:02 -0500 | [diff] [blame] | 1567 | if !test.newSessionsOnResume { |
| 1568 | resumeConfig.SessionTicketKey = config.SessionTicketKey |
| 1569 | resumeConfig.ClientSessionCache = config.ClientSessionCache |
| 1570 | resumeConfig.ServerSessionCache = config.ServerSessionCache |
| 1571 | } |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 1572 | } else { |
| 1573 | resumeConfig = config |
| 1574 | } |
David Benjamin | 87c8a64 | 2015-02-21 01:54:29 -0500 | [diff] [blame] | 1575 | var connResume net.Conn |
| 1576 | connResume, err = acceptOrWait(listener, waitChan) |
| 1577 | if err == nil { |
| 1578 | err = doExchange(test, &resumeConfig, connResume, test.messageLen, true /* resumption */) |
| 1579 | connResume.Close() |
| 1580 | } |
David Benjamin | 1d5c83e | 2014-07-22 19:20:02 -0400 | [diff] [blame] | 1581 | } |
| 1582 | |
David Benjamin | 87c8a64 | 2015-02-21 01:54:29 -0500 | [diff] [blame] | 1583 | // Close the listener now. This is to avoid hangs should the shim try to |
| 1584 | // open more connections than expected. |
| 1585 | listener.Close() |
| 1586 | listener = nil |
| 1587 | |
| 1588 | childErr := <-waitChan |
Adam Langley | 69a0160 | 2014-11-17 17:26:55 -0800 | [diff] [blame] | 1589 | if exitError, ok := childErr.(*exec.ExitError); ok { |
| 1590 | if exitError.Sys().(syscall.WaitStatus).ExitStatus() == 88 { |
| 1591 | return errMoreMallocs |
| 1592 | } |
| 1593 | } |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1594 | |
| 1595 | stdout := string(stdoutBuf.Bytes()) |
| 1596 | stderr := string(stderrBuf.Bytes()) |
| 1597 | failed := err != nil || childErr != nil |
David Benjamin | c565ebb | 2015-04-03 04:06:36 -0400 | [diff] [blame] | 1598 | correctFailure := len(test.expectedError) == 0 || strings.Contains(stderr, test.expectedError) |
Adam Langley | ac61fa3 | 2014-06-23 12:03:11 -0700 | [diff] [blame] | 1599 | localError := "none" |
| 1600 | if err != nil { |
| 1601 | localError = err.Error() |
| 1602 | } |
| 1603 | if len(test.expectedLocalError) != 0 { |
| 1604 | correctFailure = correctFailure && strings.Contains(localError, test.expectedLocalError) |
| 1605 | } |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1606 | |
| 1607 | if failed != test.shouldFail || failed && !correctFailure { |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1608 | childError := "none" |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1609 | if childErr != nil { |
| 1610 | childError = childErr.Error() |
| 1611 | } |
| 1612 | |
| 1613 | var msg string |
| 1614 | switch { |
| 1615 | case failed && !test.shouldFail: |
| 1616 | msg = "unexpected failure" |
| 1617 | case !failed && test.shouldFail: |
| 1618 | msg = "unexpected success" |
| 1619 | case failed && !correctFailure: |
Adam Langley | ac61fa3 | 2014-06-23 12:03:11 -0700 | [diff] [blame] | 1620 | msg = "bad error (wanted '" + test.expectedError + "' / '" + test.expectedLocalError + "')" |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1621 | default: |
| 1622 | panic("internal error") |
| 1623 | } |
| 1624 | |
David Benjamin | c565ebb | 2015-04-03 04:06:36 -0400 | [diff] [blame] | 1625 | return fmt.Errorf("%s: local error '%s', child error '%s', stdout:\n%s\nstderr:\n%s", msg, localError, childError, stdout, stderr) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1626 | } |
| 1627 | |
David Benjamin | c565ebb | 2015-04-03 04:06:36 -0400 | [diff] [blame] | 1628 | if !*useValgrind && !failed && len(stderr) > 0 { |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1629 | println(stderr) |
| 1630 | } |
| 1631 | |
| 1632 | return nil |
| 1633 | } |
| 1634 | |
| 1635 | var tlsVersions = []struct { |
| 1636 | name string |
| 1637 | version uint16 |
David Benjamin | 7e2e6cf | 2014-08-07 17:44:24 -0400 | [diff] [blame] | 1638 | flag string |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 1639 | hasDTLS bool |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1640 | }{ |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 1641 | {"SSL3", VersionSSL30, "-no-ssl3", false}, |
| 1642 | {"TLS1", VersionTLS10, "-no-tls1", true}, |
| 1643 | {"TLS11", VersionTLS11, "-no-tls11", false}, |
| 1644 | {"TLS12", VersionTLS12, "-no-tls12", true}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1645 | } |
| 1646 | |
| 1647 | var testCipherSuites = []struct { |
| 1648 | name string |
| 1649 | id uint16 |
| 1650 | }{ |
| 1651 | {"3DES-SHA", TLS_RSA_WITH_3DES_EDE_CBC_SHA}, |
David Benjamin | f4e5c4e | 2014-08-02 17:35:45 -0400 | [diff] [blame] | 1652 | {"AES128-GCM", TLS_RSA_WITH_AES_128_GCM_SHA256}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1653 | {"AES128-SHA", TLS_RSA_WITH_AES_128_CBC_SHA}, |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1654 | {"AES128-SHA256", TLS_RSA_WITH_AES_128_CBC_SHA256}, |
David Benjamin | f4e5c4e | 2014-08-02 17:35:45 -0400 | [diff] [blame] | 1655 | {"AES256-GCM", TLS_RSA_WITH_AES_256_GCM_SHA384}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1656 | {"AES256-SHA", TLS_RSA_WITH_AES_256_CBC_SHA}, |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1657 | {"AES256-SHA256", TLS_RSA_WITH_AES_256_CBC_SHA256}, |
David Benjamin | f4e5c4e | 2014-08-02 17:35:45 -0400 | [diff] [blame] | 1658 | {"DHE-RSA-AES128-GCM", TLS_DHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 1659 | {"DHE-RSA-AES128-SHA", TLS_DHE_RSA_WITH_AES_128_CBC_SHA}, |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1660 | {"DHE-RSA-AES128-SHA256", TLS_DHE_RSA_WITH_AES_128_CBC_SHA256}, |
David Benjamin | f4e5c4e | 2014-08-02 17:35:45 -0400 | [diff] [blame] | 1661 | {"DHE-RSA-AES256-GCM", TLS_DHE_RSA_WITH_AES_256_GCM_SHA384}, |
| 1662 | {"DHE-RSA-AES256-SHA", TLS_DHE_RSA_WITH_AES_256_CBC_SHA}, |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1663 | {"DHE-RSA-AES256-SHA256", TLS_DHE_RSA_WITH_AES_256_CBC_SHA256}, |
David Benjamin | e9a80ff | 2015-04-07 00:46:46 -0400 | [diff] [blame] | 1664 | {"DHE-RSA-CHACHA20-POLY1305", TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1665 | {"ECDHE-ECDSA-AES128-GCM", TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, |
| 1666 | {"ECDHE-ECDSA-AES128-SHA", TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA}, |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1667 | {"ECDHE-ECDSA-AES128-SHA256", TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256}, |
| 1668 | {"ECDHE-ECDSA-AES256-GCM", TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1669 | {"ECDHE-ECDSA-AES256-SHA", TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA}, |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1670 | {"ECDHE-ECDSA-AES256-SHA384", TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384}, |
David Benjamin | e9a80ff | 2015-04-07 00:46:46 -0400 | [diff] [blame] | 1671 | {"ECDHE-ECDSA-CHACHA20-POLY1305", TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1672 | {"ECDHE-ECDSA-RC4-SHA", TLS_ECDHE_ECDSA_WITH_RC4_128_SHA}, |
Adam Langley | 97e8ba8 | 2015-04-29 15:32:10 -0700 | [diff] [blame] | 1673 | {"ECDHE-PSK-AES128-GCM-SHA256", TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1674 | {"ECDHE-RSA-AES128-GCM", TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1675 | {"ECDHE-RSA-AES128-SHA", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA}, |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1676 | {"ECDHE-RSA-AES128-SHA256", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256}, |
David Benjamin | f4e5c4e | 2014-08-02 17:35:45 -0400 | [diff] [blame] | 1677 | {"ECDHE-RSA-AES256-GCM", TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1678 | {"ECDHE-RSA-AES256-SHA", TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA}, |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1679 | {"ECDHE-RSA-AES256-SHA384", TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384}, |
David Benjamin | e9a80ff | 2015-04-07 00:46:46 -0400 | [diff] [blame] | 1680 | {"ECDHE-RSA-CHACHA20-POLY1305", TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1681 | {"ECDHE-RSA-RC4-SHA", TLS_ECDHE_RSA_WITH_RC4_128_SHA}, |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1682 | {"PSK-AES128-CBC-SHA", TLS_PSK_WITH_AES_128_CBC_SHA}, |
| 1683 | {"PSK-AES256-CBC-SHA", TLS_PSK_WITH_AES_256_CBC_SHA}, |
| 1684 | {"PSK-RC4-SHA", TLS_PSK_WITH_RC4_128_SHA}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1685 | {"RC4-MD5", TLS_RSA_WITH_RC4_128_MD5}, |
David Benjamin | f4e5c4e | 2014-08-02 17:35:45 -0400 | [diff] [blame] | 1686 | {"RC4-SHA", TLS_RSA_WITH_RC4_128_SHA}, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1687 | } |
| 1688 | |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 1689 | func hasComponent(suiteName, component string) bool { |
| 1690 | return strings.Contains("-"+suiteName+"-", "-"+component+"-") |
| 1691 | } |
| 1692 | |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1693 | func isTLS12Only(suiteName string) bool { |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 1694 | return hasComponent(suiteName, "GCM") || |
| 1695 | hasComponent(suiteName, "SHA256") || |
David Benjamin | e9a80ff | 2015-04-07 00:46:46 -0400 | [diff] [blame] | 1696 | hasComponent(suiteName, "SHA384") || |
| 1697 | hasComponent(suiteName, "POLY1305") |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 1698 | } |
| 1699 | |
| 1700 | func isDTLSCipher(suiteName string) bool { |
David Benjamin | e95d20d | 2014-12-23 11:16:01 -0500 | [diff] [blame] | 1701 | return !hasComponent(suiteName, "RC4") |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1702 | } |
| 1703 | |
Adam Langley | a7997f1 | 2015-05-14 17:38:50 -0700 | [diff] [blame] | 1704 | func bigFromHex(hex string) *big.Int { |
| 1705 | ret, ok := new(big.Int).SetString(hex, 16) |
| 1706 | if !ok { |
| 1707 | panic("failed to parse hex number 0x" + hex) |
| 1708 | } |
| 1709 | return ret |
| 1710 | } |
| 1711 | |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1712 | func addCipherSuiteTests() { |
| 1713 | for _, suite := range testCipherSuites { |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1714 | const psk = "12345" |
| 1715 | const pskIdentity = "luggage combo" |
| 1716 | |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1717 | var cert Certificate |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1718 | var certFile string |
| 1719 | var keyFile string |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 1720 | if hasComponent(suite.name, "ECDSA") { |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1721 | cert = getECDSACertificate() |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1722 | certFile = ecdsaCertificateFile |
| 1723 | keyFile = ecdsaKeyFile |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1724 | } else { |
| 1725 | cert = getRSACertificate() |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1726 | certFile = rsaCertificateFile |
| 1727 | keyFile = rsaKeyFile |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1728 | } |
| 1729 | |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1730 | var flags []string |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 1731 | if hasComponent(suite.name, "PSK") { |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1732 | flags = append(flags, |
| 1733 | "-psk", psk, |
| 1734 | "-psk-identity", pskIdentity) |
| 1735 | } |
| 1736 | |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1737 | for _, ver := range tlsVersions { |
David Benjamin | f7768e4 | 2014-08-31 02:06:47 -0400 | [diff] [blame] | 1738 | if ver.version < VersionTLS12 && isTLS12Only(suite.name) { |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1739 | continue |
| 1740 | } |
| 1741 | |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1742 | testCases = append(testCases, testCase{ |
| 1743 | testType: clientTest, |
| 1744 | name: ver.name + "-" + suite.name + "-client", |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1745 | config: Config{ |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1746 | MinVersion: ver.version, |
| 1747 | MaxVersion: ver.version, |
| 1748 | CipherSuites: []uint16{suite.id}, |
| 1749 | Certificates: []Certificate{cert}, |
David Benjamin | 6879373 | 2015-05-04 20:20:48 -0400 | [diff] [blame] | 1750 | PreSharedKey: []byte(psk), |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1751 | PreSharedKeyIdentity: pskIdentity, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1752 | }, |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1753 | flags: flags, |
David Benjamin | fe8eb9a | 2014-11-17 03:19:02 -0500 | [diff] [blame] | 1754 | resumeSession: true, |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1755 | }) |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1756 | |
David Benjamin | 76d8abe | 2014-08-14 16:25:34 -0400 | [diff] [blame] | 1757 | testCases = append(testCases, testCase{ |
| 1758 | testType: serverTest, |
| 1759 | name: ver.name + "-" + suite.name + "-server", |
| 1760 | config: Config{ |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1761 | MinVersion: ver.version, |
| 1762 | MaxVersion: ver.version, |
| 1763 | CipherSuites: []uint16{suite.id}, |
| 1764 | Certificates: []Certificate{cert}, |
| 1765 | PreSharedKey: []byte(psk), |
| 1766 | PreSharedKeyIdentity: pskIdentity, |
David Benjamin | 76d8abe | 2014-08-14 16:25:34 -0400 | [diff] [blame] | 1767 | }, |
| 1768 | certFile: certFile, |
| 1769 | keyFile: keyFile, |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1770 | flags: flags, |
David Benjamin | fe8eb9a | 2014-11-17 03:19:02 -0500 | [diff] [blame] | 1771 | resumeSession: true, |
David Benjamin | 76d8abe | 2014-08-14 16:25:34 -0400 | [diff] [blame] | 1772 | }) |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1773 | |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 1774 | if ver.hasDTLS && isDTLSCipher(suite.name) { |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1775 | testCases = append(testCases, testCase{ |
| 1776 | testType: clientTest, |
| 1777 | protocol: dtls, |
| 1778 | name: "D" + ver.name + "-" + suite.name + "-client", |
| 1779 | config: Config{ |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1780 | MinVersion: ver.version, |
| 1781 | MaxVersion: ver.version, |
| 1782 | CipherSuites: []uint16{suite.id}, |
| 1783 | Certificates: []Certificate{cert}, |
| 1784 | PreSharedKey: []byte(psk), |
| 1785 | PreSharedKeyIdentity: pskIdentity, |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1786 | }, |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1787 | flags: flags, |
David Benjamin | fe8eb9a | 2014-11-17 03:19:02 -0500 | [diff] [blame] | 1788 | resumeSession: true, |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1789 | }) |
| 1790 | testCases = append(testCases, testCase{ |
| 1791 | testType: serverTest, |
| 1792 | protocol: dtls, |
| 1793 | name: "D" + ver.name + "-" + suite.name + "-server", |
| 1794 | config: Config{ |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1795 | MinVersion: ver.version, |
| 1796 | MaxVersion: ver.version, |
| 1797 | CipherSuites: []uint16{suite.id}, |
| 1798 | Certificates: []Certificate{cert}, |
| 1799 | PreSharedKey: []byte(psk), |
| 1800 | PreSharedKeyIdentity: pskIdentity, |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1801 | }, |
| 1802 | certFile: certFile, |
| 1803 | keyFile: keyFile, |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 1804 | flags: flags, |
David Benjamin | fe8eb9a | 2014-11-17 03:19:02 -0500 | [diff] [blame] | 1805 | resumeSession: true, |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 1806 | }) |
| 1807 | } |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1808 | } |
| 1809 | } |
Adam Langley | a7997f1 | 2015-05-14 17:38:50 -0700 | [diff] [blame] | 1810 | |
| 1811 | testCases = append(testCases, testCase{ |
| 1812 | name: "WeakDH", |
| 1813 | config: Config{ |
| 1814 | CipherSuites: []uint16{TLS_DHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 1815 | Bugs: ProtocolBugs{ |
| 1816 | // This is a 1023-bit prime number, generated |
| 1817 | // with: |
| 1818 | // openssl gendh 1023 | openssl asn1parse -i |
| 1819 | DHGroupPrime: bigFromHex("518E9B7930CE61C6E445C8360584E5FC78D9137C0FFDC880B495D5338ADF7689951A6821C17A76B3ACB8E0156AEA607B7EC406EBEDBB84D8376EB8FE8F8BA1433488BEE0C3EDDFD3A32DBB9481980A7AF6C96BFCF490A094CFFB2B8192C1BB5510B77B658436E27C2D4D023FE3718222AB0CA1273995B51F6D625A4944D0DD4B"), |
| 1820 | }, |
| 1821 | }, |
| 1822 | shouldFail: true, |
| 1823 | expectedError: "BAD_DH_P_LENGTH", |
| 1824 | }) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1825 | } |
| 1826 | |
| 1827 | func addBadECDSASignatureTests() { |
| 1828 | for badR := BadValue(1); badR < NumBadValues; badR++ { |
| 1829 | for badS := BadValue(1); badS < NumBadValues; badS++ { |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1830 | testCases = append(testCases, testCase{ |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1831 | name: fmt.Sprintf("BadECDSA-%d-%d", badR, badS), |
| 1832 | config: Config{ |
| 1833 | CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, |
| 1834 | Certificates: []Certificate{getECDSACertificate()}, |
| 1835 | Bugs: ProtocolBugs{ |
| 1836 | BadECDSAR: badR, |
| 1837 | BadECDSAS: badS, |
| 1838 | }, |
| 1839 | }, |
| 1840 | shouldFail: true, |
| 1841 | expectedError: "SIGNATURE", |
| 1842 | }) |
| 1843 | } |
| 1844 | } |
| 1845 | } |
| 1846 | |
Adam Langley | 80842bd | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1847 | func addCBCPaddingTests() { |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1848 | testCases = append(testCases, testCase{ |
Adam Langley | 80842bd | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1849 | name: "MaxCBCPadding", |
| 1850 | config: Config{ |
| 1851 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA}, |
| 1852 | Bugs: ProtocolBugs{ |
| 1853 | MaxPadding: true, |
| 1854 | }, |
| 1855 | }, |
| 1856 | messageLen: 12, // 20 bytes of SHA-1 + 12 == 0 % block size |
| 1857 | }) |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1858 | testCases = append(testCases, testCase{ |
Adam Langley | 80842bd | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1859 | name: "BadCBCPadding", |
| 1860 | config: Config{ |
| 1861 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA}, |
| 1862 | Bugs: ProtocolBugs{ |
| 1863 | PaddingFirstByteBad: true, |
| 1864 | }, |
| 1865 | }, |
| 1866 | shouldFail: true, |
| 1867 | expectedError: "DECRYPTION_FAILED_OR_BAD_RECORD_MAC", |
| 1868 | }) |
| 1869 | // OpenSSL previously had an issue where the first byte of padding in |
| 1870 | // 255 bytes of padding wasn't checked. |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 1871 | testCases = append(testCases, testCase{ |
Adam Langley | 80842bd | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 1872 | name: "BadCBCPadding255", |
| 1873 | config: Config{ |
| 1874 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA}, |
| 1875 | Bugs: ProtocolBugs{ |
| 1876 | MaxPadding: true, |
| 1877 | PaddingFirstByteBadIf255: true, |
| 1878 | }, |
| 1879 | }, |
| 1880 | messageLen: 12, // 20 bytes of SHA-1 + 12 == 0 % block size |
| 1881 | shouldFail: true, |
| 1882 | expectedError: "DECRYPTION_FAILED_OR_BAD_RECORD_MAC", |
| 1883 | }) |
| 1884 | } |
| 1885 | |
Kenny Root | 7fdeaf1 | 2014-08-05 15:23:37 -0700 | [diff] [blame] | 1886 | func addCBCSplittingTests() { |
| 1887 | testCases = append(testCases, testCase{ |
| 1888 | name: "CBCRecordSplitting", |
| 1889 | config: Config{ |
| 1890 | MaxVersion: VersionTLS10, |
| 1891 | MinVersion: VersionTLS10, |
| 1892 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA}, |
| 1893 | }, |
| 1894 | messageLen: -1, // read until EOF |
| 1895 | flags: []string{ |
| 1896 | "-async", |
| 1897 | "-write-different-record-sizes", |
| 1898 | "-cbc-record-splitting", |
| 1899 | }, |
David Benjamin | a8e3e0e | 2014-08-06 22:11:10 -0400 | [diff] [blame] | 1900 | }) |
| 1901 | testCases = append(testCases, testCase{ |
Kenny Root | 7fdeaf1 | 2014-08-05 15:23:37 -0700 | [diff] [blame] | 1902 | name: "CBCRecordSplittingPartialWrite", |
| 1903 | config: Config{ |
| 1904 | MaxVersion: VersionTLS10, |
| 1905 | MinVersion: VersionTLS10, |
| 1906 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA}, |
| 1907 | }, |
| 1908 | messageLen: -1, // read until EOF |
| 1909 | flags: []string{ |
| 1910 | "-async", |
| 1911 | "-write-different-record-sizes", |
| 1912 | "-cbc-record-splitting", |
| 1913 | "-partial-write", |
| 1914 | }, |
| 1915 | }) |
| 1916 | } |
| 1917 | |
David Benjamin | 636293b | 2014-07-08 17:59:18 -0400 | [diff] [blame] | 1918 | func addClientAuthTests() { |
David Benjamin | 407a10c | 2014-07-16 12:58:59 -0400 | [diff] [blame] | 1919 | // Add a dummy cert pool to stress certificate authority parsing. |
| 1920 | // TODO(davidben): Add tests that those values parse out correctly. |
| 1921 | certPool := x509.NewCertPool() |
| 1922 | cert, err := x509.ParseCertificate(rsaCertificate.Certificate[0]) |
| 1923 | if err != nil { |
| 1924 | panic(err) |
| 1925 | } |
| 1926 | certPool.AddCert(cert) |
| 1927 | |
David Benjamin | 636293b | 2014-07-08 17:59:18 -0400 | [diff] [blame] | 1928 | for _, ver := range tlsVersions { |
David Benjamin | 636293b | 2014-07-08 17:59:18 -0400 | [diff] [blame] | 1929 | testCases = append(testCases, testCase{ |
| 1930 | testType: clientTest, |
David Benjamin | 67666e7 | 2014-07-12 15:47:52 -0400 | [diff] [blame] | 1931 | name: ver.name + "-Client-ClientAuth-RSA", |
David Benjamin | 636293b | 2014-07-08 17:59:18 -0400 | [diff] [blame] | 1932 | config: Config{ |
David Benjamin | e098ec2 | 2014-08-27 23:13:20 -0400 | [diff] [blame] | 1933 | MinVersion: ver.version, |
| 1934 | MaxVersion: ver.version, |
| 1935 | ClientAuth: RequireAnyClientCert, |
| 1936 | ClientCAs: certPool, |
David Benjamin | 636293b | 2014-07-08 17:59:18 -0400 | [diff] [blame] | 1937 | }, |
| 1938 | flags: []string{ |
| 1939 | "-cert-file", rsaCertificateFile, |
| 1940 | "-key-file", rsaKeyFile, |
| 1941 | }, |
| 1942 | }) |
| 1943 | testCases = append(testCases, testCase{ |
David Benjamin | 67666e7 | 2014-07-12 15:47:52 -0400 | [diff] [blame] | 1944 | testType: serverTest, |
| 1945 | name: ver.name + "-Server-ClientAuth-RSA", |
| 1946 | config: Config{ |
David Benjamin | e098ec2 | 2014-08-27 23:13:20 -0400 | [diff] [blame] | 1947 | MinVersion: ver.version, |
| 1948 | MaxVersion: ver.version, |
David Benjamin | 67666e7 | 2014-07-12 15:47:52 -0400 | [diff] [blame] | 1949 | Certificates: []Certificate{rsaCertificate}, |
| 1950 | }, |
| 1951 | flags: []string{"-require-any-client-certificate"}, |
| 1952 | }) |
David Benjamin | e098ec2 | 2014-08-27 23:13:20 -0400 | [diff] [blame] | 1953 | if ver.version != VersionSSL30 { |
| 1954 | testCases = append(testCases, testCase{ |
| 1955 | testType: serverTest, |
| 1956 | name: ver.name + "-Server-ClientAuth-ECDSA", |
| 1957 | config: Config{ |
| 1958 | MinVersion: ver.version, |
| 1959 | MaxVersion: ver.version, |
| 1960 | Certificates: []Certificate{ecdsaCertificate}, |
| 1961 | }, |
| 1962 | flags: []string{"-require-any-client-certificate"}, |
| 1963 | }) |
| 1964 | testCases = append(testCases, testCase{ |
| 1965 | testType: clientTest, |
| 1966 | name: ver.name + "-Client-ClientAuth-ECDSA", |
| 1967 | config: Config{ |
| 1968 | MinVersion: ver.version, |
| 1969 | MaxVersion: ver.version, |
| 1970 | ClientAuth: RequireAnyClientCert, |
| 1971 | ClientCAs: certPool, |
| 1972 | }, |
| 1973 | flags: []string{ |
| 1974 | "-cert-file", ecdsaCertificateFile, |
| 1975 | "-key-file", ecdsaKeyFile, |
| 1976 | }, |
| 1977 | }) |
| 1978 | } |
David Benjamin | 636293b | 2014-07-08 17:59:18 -0400 | [diff] [blame] | 1979 | } |
| 1980 | } |
| 1981 | |
Adam Langley | 7571292 | 2014-10-10 16:23:43 -0700 | [diff] [blame] | 1982 | func addExtendedMasterSecretTests() { |
| 1983 | const expectEMSFlag = "-expect-extended-master-secret" |
| 1984 | |
| 1985 | for _, with := range []bool{false, true} { |
| 1986 | prefix := "No" |
| 1987 | var flags []string |
| 1988 | if with { |
| 1989 | prefix = "" |
| 1990 | flags = []string{expectEMSFlag} |
| 1991 | } |
| 1992 | |
| 1993 | for _, isClient := range []bool{false, true} { |
| 1994 | suffix := "-Server" |
| 1995 | testType := serverTest |
| 1996 | if isClient { |
| 1997 | suffix = "-Client" |
| 1998 | testType = clientTest |
| 1999 | } |
| 2000 | |
| 2001 | for _, ver := range tlsVersions { |
| 2002 | test := testCase{ |
| 2003 | testType: testType, |
| 2004 | name: prefix + "ExtendedMasterSecret-" + ver.name + suffix, |
| 2005 | config: Config{ |
| 2006 | MinVersion: ver.version, |
| 2007 | MaxVersion: ver.version, |
| 2008 | Bugs: ProtocolBugs{ |
| 2009 | NoExtendedMasterSecret: !with, |
| 2010 | RequireExtendedMasterSecret: with, |
| 2011 | }, |
| 2012 | }, |
David Benjamin | 48cae08 | 2014-10-27 01:06:24 -0400 | [diff] [blame] | 2013 | flags: flags, |
| 2014 | shouldFail: ver.version == VersionSSL30 && with, |
Adam Langley | 7571292 | 2014-10-10 16:23:43 -0700 | [diff] [blame] | 2015 | } |
| 2016 | if test.shouldFail { |
| 2017 | test.expectedLocalError = "extended master secret required but not supported by peer" |
| 2018 | } |
| 2019 | testCases = append(testCases, test) |
| 2020 | } |
| 2021 | } |
| 2022 | } |
| 2023 | |
Adam Langley | ba5934b | 2015-06-02 10:50:35 -0700 | [diff] [blame] | 2024 | for _, isClient := range []bool{false, true} { |
| 2025 | for _, supportedInFirstConnection := range []bool{false, true} { |
| 2026 | for _, supportedInResumeConnection := range []bool{false, true} { |
| 2027 | boolToWord := func(b bool) string { |
| 2028 | if b { |
| 2029 | return "Yes" |
| 2030 | } |
| 2031 | return "No" |
| 2032 | } |
| 2033 | suffix := boolToWord(supportedInFirstConnection) + "To" + boolToWord(supportedInResumeConnection) + "-" |
| 2034 | if isClient { |
| 2035 | suffix += "Client" |
| 2036 | } else { |
| 2037 | suffix += "Server" |
| 2038 | } |
| 2039 | |
| 2040 | supportedConfig := Config{ |
| 2041 | Bugs: ProtocolBugs{ |
| 2042 | RequireExtendedMasterSecret: true, |
| 2043 | }, |
| 2044 | } |
| 2045 | |
| 2046 | noSupportConfig := Config{ |
| 2047 | Bugs: ProtocolBugs{ |
| 2048 | NoExtendedMasterSecret: true, |
| 2049 | }, |
| 2050 | } |
| 2051 | |
| 2052 | test := testCase{ |
| 2053 | name: "ExtendedMasterSecret-" + suffix, |
| 2054 | resumeSession: true, |
| 2055 | } |
| 2056 | |
| 2057 | if !isClient { |
| 2058 | test.testType = serverTest |
| 2059 | } |
| 2060 | |
| 2061 | if supportedInFirstConnection { |
| 2062 | test.config = supportedConfig |
| 2063 | } else { |
| 2064 | test.config = noSupportConfig |
| 2065 | } |
| 2066 | |
| 2067 | if supportedInResumeConnection { |
| 2068 | test.resumeConfig = &supportedConfig |
| 2069 | } else { |
| 2070 | test.resumeConfig = &noSupportConfig |
| 2071 | } |
| 2072 | |
| 2073 | switch suffix { |
| 2074 | case "YesToYes-Client", "YesToYes-Server": |
| 2075 | // When a session is resumed, it should |
| 2076 | // still be aware that its master |
| 2077 | // secret was generated via EMS and |
| 2078 | // thus it's safe to use tls-unique. |
| 2079 | test.flags = []string{expectEMSFlag} |
| 2080 | case "NoToYes-Server": |
| 2081 | // If an original connection did not |
| 2082 | // contain EMS, but a resumption |
| 2083 | // handshake does, then a server should |
| 2084 | // not resume the session. |
| 2085 | test.expectResumeRejected = true |
| 2086 | case "YesToNo-Server": |
| 2087 | // Resuming an EMS session without the |
| 2088 | // EMS extension should cause the |
| 2089 | // server to abort the connection. |
| 2090 | test.shouldFail = true |
| 2091 | test.expectedError = ":RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION:" |
| 2092 | case "NoToYes-Client": |
| 2093 | // A client should abort a connection |
| 2094 | // where the server resumed a non-EMS |
| 2095 | // session but echoed the EMS |
| 2096 | // extension. |
| 2097 | test.shouldFail = true |
| 2098 | test.expectedError = ":RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION:" |
| 2099 | case "YesToNo-Client": |
| 2100 | // A client should abort a connection |
| 2101 | // where the server didn't echo EMS |
| 2102 | // when the session used it. |
| 2103 | test.shouldFail = true |
| 2104 | test.expectedError = ":RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION:" |
| 2105 | } |
| 2106 | |
| 2107 | testCases = append(testCases, test) |
| 2108 | } |
| 2109 | } |
| 2110 | } |
Adam Langley | 7571292 | 2014-10-10 16:23:43 -0700 | [diff] [blame] | 2111 | } |
| 2112 | |
David Benjamin | 43ec06f | 2014-08-05 02:28:57 -0400 | [diff] [blame] | 2113 | // Adds tests that try to cover the range of the handshake state machine, under |
| 2114 | // various conditions. Some of these are redundant with other tests, but they |
| 2115 | // only cover the synchronous case. |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 2116 | func addStateMachineCoverageTests(async, splitHandshake bool, protocol protocol) { |
David Benjamin | 760b1dd | 2015-05-15 23:33:48 -0400 | [diff] [blame] | 2117 | var tests []testCase |
| 2118 | |
| 2119 | // Basic handshake, with resumption. Client and server, |
| 2120 | // session ID and session ticket. |
| 2121 | tests = append(tests, testCase{ |
| 2122 | name: "Basic-Client", |
| 2123 | resumeSession: true, |
| 2124 | }) |
| 2125 | tests = append(tests, testCase{ |
| 2126 | name: "Basic-Client-RenewTicket", |
| 2127 | config: Config{ |
| 2128 | Bugs: ProtocolBugs{ |
| 2129 | RenewTicketOnResume: true, |
| 2130 | }, |
| 2131 | }, |
| 2132 | resumeSession: true, |
| 2133 | }) |
| 2134 | tests = append(tests, testCase{ |
| 2135 | name: "Basic-Client-NoTicket", |
| 2136 | config: Config{ |
| 2137 | SessionTicketsDisabled: true, |
| 2138 | }, |
| 2139 | resumeSession: true, |
| 2140 | }) |
| 2141 | tests = append(tests, testCase{ |
| 2142 | name: "Basic-Client-Implicit", |
| 2143 | flags: []string{"-implicit-handshake"}, |
| 2144 | resumeSession: true, |
| 2145 | }) |
| 2146 | tests = append(tests, testCase{ |
| 2147 | testType: serverTest, |
| 2148 | name: "Basic-Server", |
| 2149 | resumeSession: true, |
| 2150 | }) |
| 2151 | tests = append(tests, testCase{ |
| 2152 | testType: serverTest, |
| 2153 | name: "Basic-Server-NoTickets", |
| 2154 | config: Config{ |
| 2155 | SessionTicketsDisabled: true, |
| 2156 | }, |
| 2157 | resumeSession: true, |
| 2158 | }) |
| 2159 | tests = append(tests, testCase{ |
| 2160 | testType: serverTest, |
| 2161 | name: "Basic-Server-Implicit", |
| 2162 | flags: []string{"-implicit-handshake"}, |
| 2163 | resumeSession: true, |
| 2164 | }) |
| 2165 | tests = append(tests, testCase{ |
| 2166 | testType: serverTest, |
| 2167 | name: "Basic-Server-EarlyCallback", |
| 2168 | flags: []string{"-use-early-callback"}, |
| 2169 | resumeSession: true, |
| 2170 | }) |
| 2171 | |
| 2172 | // TLS client auth. |
| 2173 | tests = append(tests, testCase{ |
| 2174 | testType: clientTest, |
| 2175 | name: "ClientAuth-Client", |
| 2176 | config: Config{ |
| 2177 | ClientAuth: RequireAnyClientCert, |
| 2178 | }, |
| 2179 | flags: []string{ |
| 2180 | "-cert-file", rsaCertificateFile, |
| 2181 | "-key-file", rsaKeyFile, |
| 2182 | }, |
| 2183 | }) |
| 2184 | tests = append(tests, testCase{ |
| 2185 | testType: serverTest, |
| 2186 | name: "ClientAuth-Server", |
| 2187 | config: Config{ |
| 2188 | Certificates: []Certificate{rsaCertificate}, |
| 2189 | }, |
| 2190 | flags: []string{"-require-any-client-certificate"}, |
| 2191 | }) |
| 2192 | |
| 2193 | // No session ticket support; server doesn't send NewSessionTicket. |
| 2194 | tests = append(tests, testCase{ |
| 2195 | name: "SessionTicketsDisabled-Client", |
| 2196 | config: Config{ |
| 2197 | SessionTicketsDisabled: true, |
| 2198 | }, |
| 2199 | }) |
| 2200 | tests = append(tests, testCase{ |
| 2201 | testType: serverTest, |
| 2202 | name: "SessionTicketsDisabled-Server", |
| 2203 | config: Config{ |
| 2204 | SessionTicketsDisabled: true, |
| 2205 | }, |
| 2206 | }) |
| 2207 | |
| 2208 | // Skip ServerKeyExchange in PSK key exchange if there's no |
| 2209 | // identity hint. |
| 2210 | tests = append(tests, testCase{ |
| 2211 | name: "EmptyPSKHint-Client", |
| 2212 | config: Config{ |
| 2213 | CipherSuites: []uint16{TLS_PSK_WITH_AES_128_CBC_SHA}, |
| 2214 | PreSharedKey: []byte("secret"), |
| 2215 | }, |
| 2216 | flags: []string{"-psk", "secret"}, |
| 2217 | }) |
| 2218 | tests = append(tests, testCase{ |
| 2219 | testType: serverTest, |
| 2220 | name: "EmptyPSKHint-Server", |
| 2221 | config: Config{ |
| 2222 | CipherSuites: []uint16{TLS_PSK_WITH_AES_128_CBC_SHA}, |
| 2223 | PreSharedKey: []byte("secret"), |
| 2224 | }, |
| 2225 | flags: []string{"-psk", "secret"}, |
| 2226 | }) |
| 2227 | |
| 2228 | if protocol == tls { |
| 2229 | tests = append(tests, testCase{ |
| 2230 | name: "Renegotiate-Client", |
| 2231 | renegotiate: true, |
| 2232 | }) |
| 2233 | // NPN on client and server; results in post-handshake message. |
| 2234 | tests = append(tests, testCase{ |
| 2235 | name: "NPN-Client", |
| 2236 | config: Config{ |
| 2237 | NextProtos: []string{"foo"}, |
| 2238 | }, |
| 2239 | flags: []string{"-select-next-proto", "foo"}, |
| 2240 | expectedNextProto: "foo", |
| 2241 | expectedNextProtoType: npn, |
| 2242 | }) |
| 2243 | tests = append(tests, testCase{ |
| 2244 | testType: serverTest, |
| 2245 | name: "NPN-Server", |
| 2246 | config: Config{ |
| 2247 | NextProtos: []string{"bar"}, |
| 2248 | }, |
| 2249 | flags: []string{ |
| 2250 | "-advertise-npn", "\x03foo\x03bar\x03baz", |
| 2251 | "-expect-next-proto", "bar", |
| 2252 | }, |
| 2253 | expectedNextProto: "bar", |
| 2254 | expectedNextProtoType: npn, |
| 2255 | }) |
| 2256 | |
| 2257 | // TODO(davidben): Add tests for when False Start doesn't trigger. |
| 2258 | |
| 2259 | // Client does False Start and negotiates NPN. |
| 2260 | tests = append(tests, testCase{ |
| 2261 | name: "FalseStart", |
| 2262 | config: Config{ |
| 2263 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 2264 | NextProtos: []string{"foo"}, |
| 2265 | Bugs: ProtocolBugs{ |
| 2266 | ExpectFalseStart: true, |
| 2267 | }, |
| 2268 | }, |
| 2269 | flags: []string{ |
| 2270 | "-false-start", |
| 2271 | "-select-next-proto", "foo", |
| 2272 | }, |
| 2273 | shimWritesFirst: true, |
| 2274 | resumeSession: true, |
| 2275 | }) |
| 2276 | |
| 2277 | // Client does False Start and negotiates ALPN. |
| 2278 | tests = append(tests, testCase{ |
| 2279 | name: "FalseStart-ALPN", |
| 2280 | config: Config{ |
| 2281 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 2282 | NextProtos: []string{"foo"}, |
| 2283 | Bugs: ProtocolBugs{ |
| 2284 | ExpectFalseStart: true, |
| 2285 | }, |
| 2286 | }, |
| 2287 | flags: []string{ |
| 2288 | "-false-start", |
| 2289 | "-advertise-alpn", "\x03foo", |
| 2290 | }, |
| 2291 | shimWritesFirst: true, |
| 2292 | resumeSession: true, |
| 2293 | }) |
| 2294 | |
| 2295 | // Client does False Start but doesn't explicitly call |
| 2296 | // SSL_connect. |
| 2297 | tests = append(tests, testCase{ |
| 2298 | name: "FalseStart-Implicit", |
| 2299 | config: Config{ |
| 2300 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 2301 | NextProtos: []string{"foo"}, |
| 2302 | }, |
| 2303 | flags: []string{ |
| 2304 | "-implicit-handshake", |
| 2305 | "-false-start", |
| 2306 | "-advertise-alpn", "\x03foo", |
| 2307 | }, |
| 2308 | }) |
| 2309 | |
| 2310 | // False Start without session tickets. |
| 2311 | tests = append(tests, testCase{ |
| 2312 | name: "FalseStart-SessionTicketsDisabled", |
| 2313 | config: Config{ |
| 2314 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 2315 | NextProtos: []string{"foo"}, |
| 2316 | SessionTicketsDisabled: true, |
| 2317 | Bugs: ProtocolBugs{ |
| 2318 | ExpectFalseStart: true, |
| 2319 | }, |
| 2320 | }, |
| 2321 | flags: []string{ |
| 2322 | "-false-start", |
| 2323 | "-select-next-proto", "foo", |
| 2324 | }, |
| 2325 | shimWritesFirst: true, |
| 2326 | }) |
| 2327 | |
| 2328 | // Server parses a V2ClientHello. |
| 2329 | tests = append(tests, testCase{ |
| 2330 | testType: serverTest, |
| 2331 | name: "SendV2ClientHello", |
| 2332 | config: Config{ |
| 2333 | // Choose a cipher suite that does not involve |
| 2334 | // elliptic curves, so no extensions are |
| 2335 | // involved. |
| 2336 | CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, |
| 2337 | Bugs: ProtocolBugs{ |
| 2338 | SendV2ClientHello: true, |
| 2339 | }, |
| 2340 | }, |
| 2341 | }) |
| 2342 | |
| 2343 | // Client sends a Channel ID. |
| 2344 | tests = append(tests, testCase{ |
| 2345 | name: "ChannelID-Client", |
| 2346 | config: Config{ |
| 2347 | RequestChannelID: true, |
| 2348 | }, |
| 2349 | flags: []string{"-send-channel-id", channelIDKeyFile}, |
| 2350 | resumeSession: true, |
| 2351 | expectChannelID: true, |
| 2352 | }) |
| 2353 | |
| 2354 | // Server accepts a Channel ID. |
| 2355 | tests = append(tests, testCase{ |
| 2356 | testType: serverTest, |
| 2357 | name: "ChannelID-Server", |
| 2358 | config: Config{ |
| 2359 | ChannelID: channelIDKey, |
| 2360 | }, |
| 2361 | flags: []string{ |
| 2362 | "-expect-channel-id", |
| 2363 | base64.StdEncoding.EncodeToString(channelIDBytes), |
| 2364 | }, |
| 2365 | resumeSession: true, |
| 2366 | expectChannelID: true, |
| 2367 | }) |
| 2368 | } else { |
| 2369 | tests = append(tests, testCase{ |
| 2370 | name: "SkipHelloVerifyRequest", |
| 2371 | config: Config{ |
| 2372 | Bugs: ProtocolBugs{ |
| 2373 | SkipHelloVerifyRequest: true, |
| 2374 | }, |
| 2375 | }, |
| 2376 | }) |
| 2377 | } |
| 2378 | |
David Benjamin | 43ec06f | 2014-08-05 02:28:57 -0400 | [diff] [blame] | 2379 | var suffix string |
| 2380 | var flags []string |
| 2381 | var maxHandshakeRecordLength int |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 2382 | if protocol == dtls { |
| 2383 | suffix = "-DTLS" |
| 2384 | } |
David Benjamin | 43ec06f | 2014-08-05 02:28:57 -0400 | [diff] [blame] | 2385 | if async { |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 2386 | suffix += "-Async" |
David Benjamin | 43ec06f | 2014-08-05 02:28:57 -0400 | [diff] [blame] | 2387 | flags = append(flags, "-async") |
| 2388 | } else { |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 2389 | suffix += "-Sync" |
David Benjamin | 43ec06f | 2014-08-05 02:28:57 -0400 | [diff] [blame] | 2390 | } |
| 2391 | if splitHandshake { |
| 2392 | suffix += "-SplitHandshakeRecords" |
David Benjamin | 9821454 | 2014-08-07 18:02:39 -0400 | [diff] [blame] | 2393 | maxHandshakeRecordLength = 1 |
David Benjamin | 43ec06f | 2014-08-05 02:28:57 -0400 | [diff] [blame] | 2394 | } |
David Benjamin | 760b1dd | 2015-05-15 23:33:48 -0400 | [diff] [blame] | 2395 | for _, test := range tests { |
| 2396 | test.protocol = protocol |
| 2397 | test.name += suffix |
| 2398 | test.config.Bugs.MaxHandshakeRecordLength = maxHandshakeRecordLength |
| 2399 | test.flags = append(test.flags, flags...) |
| 2400 | testCases = append(testCases, test) |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 2401 | } |
David Benjamin | 43ec06f | 2014-08-05 02:28:57 -0400 | [diff] [blame] | 2402 | } |
| 2403 | |
Adam Langley | 524e717 | 2015-02-20 16:04:00 -0800 | [diff] [blame] | 2404 | func addDDoSCallbackTests() { |
| 2405 | // DDoS callback. |
| 2406 | |
| 2407 | for _, resume := range []bool{false, true} { |
| 2408 | suffix := "Resume" |
| 2409 | if resume { |
| 2410 | suffix = "No" + suffix |
| 2411 | } |
| 2412 | |
| 2413 | testCases = append(testCases, testCase{ |
| 2414 | testType: serverTest, |
| 2415 | name: "Server-DDoS-OK-" + suffix, |
| 2416 | flags: []string{"-install-ddos-callback"}, |
| 2417 | resumeSession: resume, |
| 2418 | }) |
| 2419 | |
| 2420 | failFlag := "-fail-ddos-callback" |
| 2421 | if resume { |
| 2422 | failFlag = "-fail-second-ddos-callback" |
| 2423 | } |
| 2424 | testCases = append(testCases, testCase{ |
| 2425 | testType: serverTest, |
| 2426 | name: "Server-DDoS-Reject-" + suffix, |
| 2427 | flags: []string{"-install-ddos-callback", failFlag}, |
| 2428 | resumeSession: resume, |
| 2429 | shouldFail: true, |
| 2430 | expectedError: ":CONNECTION_REJECTED:", |
| 2431 | }) |
| 2432 | } |
| 2433 | } |
| 2434 | |
David Benjamin | 7e2e6cf | 2014-08-07 17:44:24 -0400 | [diff] [blame] | 2435 | func addVersionNegotiationTests() { |
| 2436 | for i, shimVers := range tlsVersions { |
| 2437 | // Assemble flags to disable all newer versions on the shim. |
| 2438 | var flags []string |
| 2439 | for _, vers := range tlsVersions[i+1:] { |
| 2440 | flags = append(flags, vers.flag) |
| 2441 | } |
| 2442 | |
| 2443 | for _, runnerVers := range tlsVersions { |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2444 | protocols := []protocol{tls} |
| 2445 | if runnerVers.hasDTLS && shimVers.hasDTLS { |
| 2446 | protocols = append(protocols, dtls) |
David Benjamin | 7e2e6cf | 2014-08-07 17:44:24 -0400 | [diff] [blame] | 2447 | } |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2448 | for _, protocol := range protocols { |
| 2449 | expectedVersion := shimVers.version |
| 2450 | if runnerVers.version < shimVers.version { |
| 2451 | expectedVersion = runnerVers.version |
| 2452 | } |
David Benjamin | 7e2e6cf | 2014-08-07 17:44:24 -0400 | [diff] [blame] | 2453 | |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2454 | suffix := shimVers.name + "-" + runnerVers.name |
| 2455 | if protocol == dtls { |
| 2456 | suffix += "-DTLS" |
| 2457 | } |
David Benjamin | 7e2e6cf | 2014-08-07 17:44:24 -0400 | [diff] [blame] | 2458 | |
David Benjamin | 1eb367c | 2014-12-12 18:17:51 -0500 | [diff] [blame] | 2459 | shimVersFlag := strconv.Itoa(int(versionToWire(shimVers.version, protocol == dtls))) |
| 2460 | |
David Benjamin | 1e29a6b | 2014-12-10 02:27:24 -0500 | [diff] [blame] | 2461 | clientVers := shimVers.version |
| 2462 | if clientVers > VersionTLS10 { |
| 2463 | clientVers = VersionTLS10 |
| 2464 | } |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2465 | testCases = append(testCases, testCase{ |
| 2466 | protocol: protocol, |
| 2467 | testType: clientTest, |
| 2468 | name: "VersionNegotiation-Client-" + suffix, |
| 2469 | config: Config{ |
| 2470 | MaxVersion: runnerVers.version, |
David Benjamin | 1e29a6b | 2014-12-10 02:27:24 -0500 | [diff] [blame] | 2471 | Bugs: ProtocolBugs{ |
| 2472 | ExpectInitialRecordVersion: clientVers, |
| 2473 | }, |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2474 | }, |
| 2475 | flags: flags, |
| 2476 | expectedVersion: expectedVersion, |
| 2477 | }) |
David Benjamin | 1eb367c | 2014-12-12 18:17:51 -0500 | [diff] [blame] | 2478 | testCases = append(testCases, testCase{ |
| 2479 | protocol: protocol, |
| 2480 | testType: clientTest, |
| 2481 | name: "VersionNegotiation-Client2-" + suffix, |
| 2482 | config: Config{ |
| 2483 | MaxVersion: runnerVers.version, |
| 2484 | Bugs: ProtocolBugs{ |
| 2485 | ExpectInitialRecordVersion: clientVers, |
| 2486 | }, |
| 2487 | }, |
| 2488 | flags: []string{"-max-version", shimVersFlag}, |
| 2489 | expectedVersion: expectedVersion, |
| 2490 | }) |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2491 | |
| 2492 | testCases = append(testCases, testCase{ |
| 2493 | protocol: protocol, |
| 2494 | testType: serverTest, |
| 2495 | name: "VersionNegotiation-Server-" + suffix, |
| 2496 | config: Config{ |
| 2497 | MaxVersion: runnerVers.version, |
David Benjamin | 1e29a6b | 2014-12-10 02:27:24 -0500 | [diff] [blame] | 2498 | Bugs: ProtocolBugs{ |
| 2499 | ExpectInitialRecordVersion: expectedVersion, |
| 2500 | }, |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2501 | }, |
| 2502 | flags: flags, |
| 2503 | expectedVersion: expectedVersion, |
| 2504 | }) |
David Benjamin | 1eb367c | 2014-12-12 18:17:51 -0500 | [diff] [blame] | 2505 | testCases = append(testCases, testCase{ |
| 2506 | protocol: protocol, |
| 2507 | testType: serverTest, |
| 2508 | name: "VersionNegotiation-Server2-" + suffix, |
| 2509 | config: Config{ |
| 2510 | MaxVersion: runnerVers.version, |
| 2511 | Bugs: ProtocolBugs{ |
| 2512 | ExpectInitialRecordVersion: expectedVersion, |
| 2513 | }, |
| 2514 | }, |
| 2515 | flags: []string{"-max-version", shimVersFlag}, |
| 2516 | expectedVersion: expectedVersion, |
| 2517 | }) |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2518 | } |
David Benjamin | 7e2e6cf | 2014-08-07 17:44:24 -0400 | [diff] [blame] | 2519 | } |
| 2520 | } |
| 2521 | } |
| 2522 | |
David Benjamin | accb454 | 2014-12-12 23:44:33 -0500 | [diff] [blame] | 2523 | func addMinimumVersionTests() { |
| 2524 | for i, shimVers := range tlsVersions { |
| 2525 | // Assemble flags to disable all older versions on the shim. |
| 2526 | var flags []string |
| 2527 | for _, vers := range tlsVersions[:i] { |
| 2528 | flags = append(flags, vers.flag) |
| 2529 | } |
| 2530 | |
| 2531 | for _, runnerVers := range tlsVersions { |
| 2532 | protocols := []protocol{tls} |
| 2533 | if runnerVers.hasDTLS && shimVers.hasDTLS { |
| 2534 | protocols = append(protocols, dtls) |
| 2535 | } |
| 2536 | for _, protocol := range protocols { |
| 2537 | suffix := shimVers.name + "-" + runnerVers.name |
| 2538 | if protocol == dtls { |
| 2539 | suffix += "-DTLS" |
| 2540 | } |
| 2541 | shimVersFlag := strconv.Itoa(int(versionToWire(shimVers.version, protocol == dtls))) |
| 2542 | |
David Benjamin | accb454 | 2014-12-12 23:44:33 -0500 | [diff] [blame] | 2543 | var expectedVersion uint16 |
| 2544 | var shouldFail bool |
| 2545 | var expectedError string |
David Benjamin | 87909c0 | 2014-12-13 01:55:01 -0500 | [diff] [blame] | 2546 | var expectedLocalError string |
David Benjamin | accb454 | 2014-12-12 23:44:33 -0500 | [diff] [blame] | 2547 | if runnerVers.version >= shimVers.version { |
| 2548 | expectedVersion = runnerVers.version |
| 2549 | } else { |
| 2550 | shouldFail = true |
| 2551 | expectedError = ":UNSUPPORTED_PROTOCOL:" |
David Benjamin | 87909c0 | 2014-12-13 01:55:01 -0500 | [diff] [blame] | 2552 | if runnerVers.version > VersionSSL30 { |
| 2553 | expectedLocalError = "remote error: protocol version not supported" |
| 2554 | } else { |
| 2555 | expectedLocalError = "remote error: handshake failure" |
| 2556 | } |
David Benjamin | accb454 | 2014-12-12 23:44:33 -0500 | [diff] [blame] | 2557 | } |
| 2558 | |
| 2559 | testCases = append(testCases, testCase{ |
| 2560 | protocol: protocol, |
| 2561 | testType: clientTest, |
| 2562 | name: "MinimumVersion-Client-" + suffix, |
| 2563 | config: Config{ |
| 2564 | MaxVersion: runnerVers.version, |
| 2565 | }, |
David Benjamin | 87909c0 | 2014-12-13 01:55:01 -0500 | [diff] [blame] | 2566 | flags: flags, |
| 2567 | expectedVersion: expectedVersion, |
| 2568 | shouldFail: shouldFail, |
| 2569 | expectedError: expectedError, |
| 2570 | expectedLocalError: expectedLocalError, |
David Benjamin | accb454 | 2014-12-12 23:44:33 -0500 | [diff] [blame] | 2571 | }) |
| 2572 | testCases = append(testCases, testCase{ |
| 2573 | protocol: protocol, |
| 2574 | testType: clientTest, |
| 2575 | name: "MinimumVersion-Client2-" + suffix, |
| 2576 | config: Config{ |
| 2577 | MaxVersion: runnerVers.version, |
| 2578 | }, |
David Benjamin | 87909c0 | 2014-12-13 01:55:01 -0500 | [diff] [blame] | 2579 | flags: []string{"-min-version", shimVersFlag}, |
| 2580 | expectedVersion: expectedVersion, |
| 2581 | shouldFail: shouldFail, |
| 2582 | expectedError: expectedError, |
| 2583 | expectedLocalError: expectedLocalError, |
David Benjamin | accb454 | 2014-12-12 23:44:33 -0500 | [diff] [blame] | 2584 | }) |
| 2585 | |
| 2586 | testCases = append(testCases, testCase{ |
| 2587 | protocol: protocol, |
| 2588 | testType: serverTest, |
| 2589 | name: "MinimumVersion-Server-" + suffix, |
| 2590 | config: Config{ |
| 2591 | MaxVersion: runnerVers.version, |
| 2592 | }, |
David Benjamin | 87909c0 | 2014-12-13 01:55:01 -0500 | [diff] [blame] | 2593 | flags: flags, |
| 2594 | expectedVersion: expectedVersion, |
| 2595 | shouldFail: shouldFail, |
| 2596 | expectedError: expectedError, |
| 2597 | expectedLocalError: expectedLocalError, |
David Benjamin | accb454 | 2014-12-12 23:44:33 -0500 | [diff] [blame] | 2598 | }) |
| 2599 | testCases = append(testCases, testCase{ |
| 2600 | protocol: protocol, |
| 2601 | testType: serverTest, |
| 2602 | name: "MinimumVersion-Server2-" + suffix, |
| 2603 | config: Config{ |
| 2604 | MaxVersion: runnerVers.version, |
| 2605 | }, |
David Benjamin | 87909c0 | 2014-12-13 01:55:01 -0500 | [diff] [blame] | 2606 | flags: []string{"-min-version", shimVersFlag}, |
| 2607 | expectedVersion: expectedVersion, |
| 2608 | shouldFail: shouldFail, |
| 2609 | expectedError: expectedError, |
| 2610 | expectedLocalError: expectedLocalError, |
David Benjamin | accb454 | 2014-12-12 23:44:33 -0500 | [diff] [blame] | 2611 | }) |
| 2612 | } |
| 2613 | } |
| 2614 | } |
| 2615 | } |
| 2616 | |
David Benjamin | 5c24a1d | 2014-08-31 00:59:27 -0400 | [diff] [blame] | 2617 | func addD5BugTests() { |
| 2618 | testCases = append(testCases, testCase{ |
| 2619 | testType: serverTest, |
| 2620 | name: "D5Bug-NoQuirk-Reject", |
| 2621 | config: Config{ |
| 2622 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, |
| 2623 | Bugs: ProtocolBugs{ |
| 2624 | SSL3RSAKeyExchange: true, |
| 2625 | }, |
| 2626 | }, |
| 2627 | shouldFail: true, |
| 2628 | expectedError: ":TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG:", |
| 2629 | }) |
| 2630 | testCases = append(testCases, testCase{ |
| 2631 | testType: serverTest, |
| 2632 | name: "D5Bug-Quirk-Normal", |
| 2633 | config: Config{ |
| 2634 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, |
| 2635 | }, |
| 2636 | flags: []string{"-tls-d5-bug"}, |
| 2637 | }) |
| 2638 | testCases = append(testCases, testCase{ |
| 2639 | testType: serverTest, |
| 2640 | name: "D5Bug-Quirk-Bug", |
| 2641 | config: Config{ |
| 2642 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, |
| 2643 | Bugs: ProtocolBugs{ |
| 2644 | SSL3RSAKeyExchange: true, |
| 2645 | }, |
| 2646 | }, |
| 2647 | flags: []string{"-tls-d5-bug"}, |
| 2648 | }) |
| 2649 | } |
| 2650 | |
David Benjamin | e78bfde | 2014-09-06 12:45:15 -0400 | [diff] [blame] | 2651 | func addExtensionTests() { |
| 2652 | testCases = append(testCases, testCase{ |
| 2653 | testType: clientTest, |
| 2654 | name: "DuplicateExtensionClient", |
| 2655 | config: Config{ |
| 2656 | Bugs: ProtocolBugs{ |
| 2657 | DuplicateExtension: true, |
| 2658 | }, |
| 2659 | }, |
| 2660 | shouldFail: true, |
| 2661 | expectedLocalError: "remote error: error decoding message", |
| 2662 | }) |
| 2663 | testCases = append(testCases, testCase{ |
| 2664 | testType: serverTest, |
| 2665 | name: "DuplicateExtensionServer", |
| 2666 | config: Config{ |
| 2667 | Bugs: ProtocolBugs{ |
| 2668 | DuplicateExtension: true, |
| 2669 | }, |
| 2670 | }, |
| 2671 | shouldFail: true, |
| 2672 | expectedLocalError: "remote error: error decoding message", |
| 2673 | }) |
| 2674 | testCases = append(testCases, testCase{ |
| 2675 | testType: clientTest, |
| 2676 | name: "ServerNameExtensionClient", |
| 2677 | config: Config{ |
| 2678 | Bugs: ProtocolBugs{ |
| 2679 | ExpectServerName: "example.com", |
| 2680 | }, |
| 2681 | }, |
| 2682 | flags: []string{"-host-name", "example.com"}, |
| 2683 | }) |
| 2684 | testCases = append(testCases, testCase{ |
| 2685 | testType: clientTest, |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 2686 | name: "ServerNameExtensionClientMismatch", |
David Benjamin | e78bfde | 2014-09-06 12:45:15 -0400 | [diff] [blame] | 2687 | config: Config{ |
| 2688 | Bugs: ProtocolBugs{ |
| 2689 | ExpectServerName: "mismatch.com", |
| 2690 | }, |
| 2691 | }, |
| 2692 | flags: []string{"-host-name", "example.com"}, |
| 2693 | shouldFail: true, |
| 2694 | expectedLocalError: "tls: unexpected server name", |
| 2695 | }) |
| 2696 | testCases = append(testCases, testCase{ |
| 2697 | testType: clientTest, |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 2698 | name: "ServerNameExtensionClientMissing", |
David Benjamin | e78bfde | 2014-09-06 12:45:15 -0400 | [diff] [blame] | 2699 | config: Config{ |
| 2700 | Bugs: ProtocolBugs{ |
| 2701 | ExpectServerName: "missing.com", |
| 2702 | }, |
| 2703 | }, |
| 2704 | shouldFail: true, |
| 2705 | expectedLocalError: "tls: unexpected server name", |
| 2706 | }) |
| 2707 | testCases = append(testCases, testCase{ |
| 2708 | testType: serverTest, |
| 2709 | name: "ServerNameExtensionServer", |
| 2710 | config: Config{ |
| 2711 | ServerName: "example.com", |
| 2712 | }, |
| 2713 | flags: []string{"-expect-server-name", "example.com"}, |
| 2714 | resumeSession: true, |
| 2715 | }) |
David Benjamin | ae2888f | 2014-09-06 12:58:58 -0400 | [diff] [blame] | 2716 | testCases = append(testCases, testCase{ |
| 2717 | testType: clientTest, |
| 2718 | name: "ALPNClient", |
| 2719 | config: Config{ |
| 2720 | NextProtos: []string{"foo"}, |
| 2721 | }, |
| 2722 | flags: []string{ |
| 2723 | "-advertise-alpn", "\x03foo\x03bar\x03baz", |
| 2724 | "-expect-alpn", "foo", |
| 2725 | }, |
David Benjamin | fc7b086 | 2014-09-06 13:21:53 -0400 | [diff] [blame] | 2726 | expectedNextProto: "foo", |
| 2727 | expectedNextProtoType: alpn, |
| 2728 | resumeSession: true, |
David Benjamin | ae2888f | 2014-09-06 12:58:58 -0400 | [diff] [blame] | 2729 | }) |
| 2730 | testCases = append(testCases, testCase{ |
| 2731 | testType: serverTest, |
| 2732 | name: "ALPNServer", |
| 2733 | config: Config{ |
| 2734 | NextProtos: []string{"foo", "bar", "baz"}, |
| 2735 | }, |
| 2736 | flags: []string{ |
| 2737 | "-expect-advertised-alpn", "\x03foo\x03bar\x03baz", |
| 2738 | "-select-alpn", "foo", |
| 2739 | }, |
David Benjamin | fc7b086 | 2014-09-06 13:21:53 -0400 | [diff] [blame] | 2740 | expectedNextProto: "foo", |
| 2741 | expectedNextProtoType: alpn, |
| 2742 | resumeSession: true, |
| 2743 | }) |
| 2744 | // Test that the server prefers ALPN over NPN. |
| 2745 | testCases = append(testCases, testCase{ |
| 2746 | testType: serverTest, |
| 2747 | name: "ALPNServer-Preferred", |
| 2748 | config: Config{ |
| 2749 | NextProtos: []string{"foo", "bar", "baz"}, |
| 2750 | }, |
| 2751 | flags: []string{ |
| 2752 | "-expect-advertised-alpn", "\x03foo\x03bar\x03baz", |
| 2753 | "-select-alpn", "foo", |
| 2754 | "-advertise-npn", "\x03foo\x03bar\x03baz", |
| 2755 | }, |
| 2756 | expectedNextProto: "foo", |
| 2757 | expectedNextProtoType: alpn, |
| 2758 | resumeSession: true, |
| 2759 | }) |
| 2760 | testCases = append(testCases, testCase{ |
| 2761 | testType: serverTest, |
| 2762 | name: "ALPNServer-Preferred-Swapped", |
| 2763 | config: Config{ |
| 2764 | NextProtos: []string{"foo", "bar", "baz"}, |
| 2765 | Bugs: ProtocolBugs{ |
| 2766 | SwapNPNAndALPN: true, |
| 2767 | }, |
| 2768 | }, |
| 2769 | flags: []string{ |
| 2770 | "-expect-advertised-alpn", "\x03foo\x03bar\x03baz", |
| 2771 | "-select-alpn", "foo", |
| 2772 | "-advertise-npn", "\x03foo\x03bar\x03baz", |
| 2773 | }, |
| 2774 | expectedNextProto: "foo", |
| 2775 | expectedNextProtoType: alpn, |
| 2776 | resumeSession: true, |
David Benjamin | ae2888f | 2014-09-06 12:58:58 -0400 | [diff] [blame] | 2777 | }) |
Adam Langley | 3831173 | 2014-10-16 19:04:35 -0700 | [diff] [blame] | 2778 | // Resume with a corrupt ticket. |
| 2779 | testCases = append(testCases, testCase{ |
| 2780 | testType: serverTest, |
| 2781 | name: "CorruptTicket", |
| 2782 | config: Config{ |
| 2783 | Bugs: ProtocolBugs{ |
| 2784 | CorruptTicket: true, |
| 2785 | }, |
| 2786 | }, |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 2787 | resumeSession: true, |
| 2788 | expectResumeRejected: true, |
Adam Langley | 3831173 | 2014-10-16 19:04:35 -0700 | [diff] [blame] | 2789 | }) |
| 2790 | // Resume with an oversized session id. |
| 2791 | testCases = append(testCases, testCase{ |
| 2792 | testType: serverTest, |
| 2793 | name: "OversizedSessionId", |
| 2794 | config: Config{ |
| 2795 | Bugs: ProtocolBugs{ |
| 2796 | OversizedSessionId: true, |
| 2797 | }, |
| 2798 | }, |
| 2799 | resumeSession: true, |
Adam Langley | 7571292 | 2014-10-10 16:23:43 -0700 | [diff] [blame] | 2800 | shouldFail: true, |
Adam Langley | 3831173 | 2014-10-16 19:04:35 -0700 | [diff] [blame] | 2801 | expectedError: ":DECODE_ERROR:", |
| 2802 | }) |
David Benjamin | ca6c826 | 2014-11-15 19:06:08 -0500 | [diff] [blame] | 2803 | // Basic DTLS-SRTP tests. Include fake profiles to ensure they |
| 2804 | // are ignored. |
| 2805 | testCases = append(testCases, testCase{ |
| 2806 | protocol: dtls, |
| 2807 | name: "SRTP-Client", |
| 2808 | config: Config{ |
| 2809 | SRTPProtectionProfiles: []uint16{40, SRTP_AES128_CM_HMAC_SHA1_80, 42}, |
| 2810 | }, |
| 2811 | flags: []string{ |
| 2812 | "-srtp-profiles", |
| 2813 | "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32", |
| 2814 | }, |
| 2815 | expectedSRTPProtectionProfile: SRTP_AES128_CM_HMAC_SHA1_80, |
| 2816 | }) |
| 2817 | testCases = append(testCases, testCase{ |
| 2818 | protocol: dtls, |
| 2819 | testType: serverTest, |
| 2820 | name: "SRTP-Server", |
| 2821 | config: Config{ |
| 2822 | SRTPProtectionProfiles: []uint16{40, SRTP_AES128_CM_HMAC_SHA1_80, 42}, |
| 2823 | }, |
| 2824 | flags: []string{ |
| 2825 | "-srtp-profiles", |
| 2826 | "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32", |
| 2827 | }, |
| 2828 | expectedSRTPProtectionProfile: SRTP_AES128_CM_HMAC_SHA1_80, |
| 2829 | }) |
| 2830 | // Test that the MKI is ignored. |
| 2831 | testCases = append(testCases, testCase{ |
| 2832 | protocol: dtls, |
| 2833 | testType: serverTest, |
| 2834 | name: "SRTP-Server-IgnoreMKI", |
| 2835 | config: Config{ |
| 2836 | SRTPProtectionProfiles: []uint16{SRTP_AES128_CM_HMAC_SHA1_80}, |
| 2837 | Bugs: ProtocolBugs{ |
| 2838 | SRTPMasterKeyIdentifer: "bogus", |
| 2839 | }, |
| 2840 | }, |
| 2841 | flags: []string{ |
| 2842 | "-srtp-profiles", |
| 2843 | "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32", |
| 2844 | }, |
| 2845 | expectedSRTPProtectionProfile: SRTP_AES128_CM_HMAC_SHA1_80, |
| 2846 | }) |
| 2847 | // Test that SRTP isn't negotiated on the server if there were |
| 2848 | // no matching profiles. |
| 2849 | testCases = append(testCases, testCase{ |
| 2850 | protocol: dtls, |
| 2851 | testType: serverTest, |
| 2852 | name: "SRTP-Server-NoMatch", |
| 2853 | config: Config{ |
| 2854 | SRTPProtectionProfiles: []uint16{100, 101, 102}, |
| 2855 | }, |
| 2856 | flags: []string{ |
| 2857 | "-srtp-profiles", |
| 2858 | "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32", |
| 2859 | }, |
| 2860 | expectedSRTPProtectionProfile: 0, |
| 2861 | }) |
| 2862 | // Test that the server returning an invalid SRTP profile is |
| 2863 | // flagged as an error by the client. |
| 2864 | testCases = append(testCases, testCase{ |
| 2865 | protocol: dtls, |
| 2866 | name: "SRTP-Client-NoMatch", |
| 2867 | config: Config{ |
| 2868 | Bugs: ProtocolBugs{ |
| 2869 | SendSRTPProtectionProfile: SRTP_AES128_CM_HMAC_SHA1_32, |
| 2870 | }, |
| 2871 | }, |
| 2872 | flags: []string{ |
| 2873 | "-srtp-profiles", |
| 2874 | "SRTP_AES128_CM_SHA1_80", |
| 2875 | }, |
| 2876 | shouldFail: true, |
| 2877 | expectedError: ":BAD_SRTP_PROTECTION_PROFILE_LIST:", |
| 2878 | }) |
David Benjamin | 61f9527 | 2014-11-25 01:55:35 -0500 | [diff] [blame] | 2879 | // Test OCSP stapling and SCT list. |
| 2880 | testCases = append(testCases, testCase{ |
| 2881 | name: "OCSPStapling", |
| 2882 | flags: []string{ |
| 2883 | "-enable-ocsp-stapling", |
| 2884 | "-expect-ocsp-response", |
| 2885 | base64.StdEncoding.EncodeToString(testOCSPResponse), |
| 2886 | }, |
| 2887 | }) |
| 2888 | testCases = append(testCases, testCase{ |
| 2889 | name: "SignedCertificateTimestampList", |
| 2890 | flags: []string{ |
| 2891 | "-enable-signed-cert-timestamps", |
| 2892 | "-expect-signed-cert-timestamps", |
| 2893 | base64.StdEncoding.EncodeToString(testSCTList), |
| 2894 | }, |
| 2895 | }) |
David Benjamin | e78bfde | 2014-09-06 12:45:15 -0400 | [diff] [blame] | 2896 | } |
| 2897 | |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 2898 | func addResumptionVersionTests() { |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 2899 | for _, sessionVers := range tlsVersions { |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 2900 | for _, resumeVers := range tlsVersions { |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2901 | protocols := []protocol{tls} |
| 2902 | if sessionVers.hasDTLS && resumeVers.hasDTLS { |
| 2903 | protocols = append(protocols, dtls) |
David Benjamin | bdf5e72 | 2014-11-11 00:52:15 -0500 | [diff] [blame] | 2904 | } |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2905 | for _, protocol := range protocols { |
| 2906 | suffix := "-" + sessionVers.name + "-" + resumeVers.name |
| 2907 | if protocol == dtls { |
| 2908 | suffix += "-DTLS" |
| 2909 | } |
| 2910 | |
David Benjamin | ece3de9 | 2015-03-16 18:02:20 -0400 | [diff] [blame] | 2911 | if sessionVers.version == resumeVers.version { |
| 2912 | testCases = append(testCases, testCase{ |
| 2913 | protocol: protocol, |
| 2914 | name: "Resume-Client" + suffix, |
| 2915 | resumeSession: true, |
| 2916 | config: Config{ |
| 2917 | MaxVersion: sessionVers.version, |
| 2918 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2919 | }, |
David Benjamin | ece3de9 | 2015-03-16 18:02:20 -0400 | [diff] [blame] | 2920 | expectedVersion: sessionVers.version, |
| 2921 | expectedResumeVersion: resumeVers.version, |
| 2922 | }) |
| 2923 | } else { |
| 2924 | testCases = append(testCases, testCase{ |
| 2925 | protocol: protocol, |
| 2926 | name: "Resume-Client-Mismatch" + suffix, |
| 2927 | resumeSession: true, |
| 2928 | config: Config{ |
| 2929 | MaxVersion: sessionVers.version, |
| 2930 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2931 | }, |
David Benjamin | ece3de9 | 2015-03-16 18:02:20 -0400 | [diff] [blame] | 2932 | expectedVersion: sessionVers.version, |
| 2933 | resumeConfig: &Config{ |
| 2934 | MaxVersion: resumeVers.version, |
| 2935 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, |
| 2936 | Bugs: ProtocolBugs{ |
| 2937 | AllowSessionVersionMismatch: true, |
| 2938 | }, |
| 2939 | }, |
| 2940 | expectedResumeVersion: resumeVers.version, |
| 2941 | shouldFail: true, |
| 2942 | expectedError: ":OLD_SESSION_VERSION_NOT_RETURNED:", |
| 2943 | }) |
| 2944 | } |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2945 | |
| 2946 | testCases = append(testCases, testCase{ |
| 2947 | protocol: protocol, |
| 2948 | name: "Resume-Client-NoResume" + suffix, |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2949 | resumeSession: true, |
| 2950 | config: Config{ |
| 2951 | MaxVersion: sessionVers.version, |
| 2952 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, |
| 2953 | }, |
| 2954 | expectedVersion: sessionVers.version, |
| 2955 | resumeConfig: &Config{ |
| 2956 | MaxVersion: resumeVers.version, |
| 2957 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, |
| 2958 | }, |
| 2959 | newSessionsOnResume: true, |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 2960 | expectResumeRejected: true, |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2961 | expectedResumeVersion: resumeVers.version, |
| 2962 | }) |
| 2963 | |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2964 | testCases = append(testCases, testCase{ |
| 2965 | protocol: protocol, |
| 2966 | testType: serverTest, |
| 2967 | name: "Resume-Server" + suffix, |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2968 | resumeSession: true, |
| 2969 | config: Config{ |
| 2970 | MaxVersion: sessionVers.version, |
| 2971 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, |
| 2972 | }, |
Adam Langley | b0eef0a | 2015-06-02 10:47:39 -0700 | [diff] [blame] | 2973 | expectedVersion: sessionVers.version, |
| 2974 | expectResumeRejected: sessionVers.version != resumeVers.version, |
David Benjamin | 8b8c006 | 2014-11-23 02:47:52 -0500 | [diff] [blame] | 2975 | resumeConfig: &Config{ |
| 2976 | MaxVersion: resumeVers.version, |
| 2977 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, |
| 2978 | }, |
| 2979 | expectedResumeVersion: resumeVers.version, |
| 2980 | }) |
| 2981 | } |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 2982 | } |
| 2983 | } |
David Benjamin | ece3de9 | 2015-03-16 18:02:20 -0400 | [diff] [blame] | 2984 | |
| 2985 | testCases = append(testCases, testCase{ |
| 2986 | name: "Resume-Client-CipherMismatch", |
| 2987 | resumeSession: true, |
| 2988 | config: Config{ |
| 2989 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, |
| 2990 | }, |
| 2991 | resumeConfig: &Config{ |
| 2992 | CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, |
| 2993 | Bugs: ProtocolBugs{ |
| 2994 | SendCipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA, |
| 2995 | }, |
| 2996 | }, |
| 2997 | shouldFail: true, |
| 2998 | expectedError: ":OLD_SESSION_CIPHER_NOT_RETURNED:", |
| 2999 | }) |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 3000 | } |
| 3001 | |
Adam Langley | 2ae77d2 | 2014-10-28 17:29:33 -0700 | [diff] [blame] | 3002 | func addRenegotiationTests() { |
David Benjamin | 44d3eed | 2015-05-21 01:29:55 -0400 | [diff] [blame] | 3003 | // Servers cannot renegotiate. |
David Benjamin | b16346b | 2015-04-08 19:16:58 -0400 | [diff] [blame] | 3004 | testCases = append(testCases, testCase{ |
| 3005 | testType: serverTest, |
David Benjamin | 44d3eed | 2015-05-21 01:29:55 -0400 | [diff] [blame] | 3006 | name: "Renegotiate-Server-Forbidden", |
David Benjamin | b16346b | 2015-04-08 19:16:58 -0400 | [diff] [blame] | 3007 | renegotiate: true, |
| 3008 | flags: []string{"-reject-peer-renegotiations"}, |
| 3009 | shouldFail: true, |
| 3010 | expectedError: ":NO_RENEGOTIATION:", |
| 3011 | expectedLocalError: "remote error: no renegotiation", |
| 3012 | }) |
Adam Langley | 2ae77d2 | 2014-10-28 17:29:33 -0700 | [diff] [blame] | 3013 | // TODO(agl): test the renegotiation info SCSV. |
Adam Langley | cf2d4f4 | 2014-10-28 19:06:14 -0700 | [diff] [blame] | 3014 | testCases = append(testCases, testCase{ |
David Benjamin | 4b27d9f | 2015-05-12 22:42:52 -0400 | [diff] [blame] | 3015 | name: "Renegotiate-Client", |
David Benjamin | cdea40c | 2015-03-19 14:09:43 -0400 | [diff] [blame] | 3016 | config: Config{ |
| 3017 | Bugs: ProtocolBugs{ |
David Benjamin | 4b27d9f | 2015-05-12 22:42:52 -0400 | [diff] [blame] | 3018 | FailIfResumeOnRenego: true, |
David Benjamin | cdea40c | 2015-03-19 14:09:43 -0400 | [diff] [blame] | 3019 | }, |
| 3020 | }, |
| 3021 | renegotiate: true, |
| 3022 | }) |
| 3023 | testCases = append(testCases, testCase{ |
Adam Langley | cf2d4f4 | 2014-10-28 19:06:14 -0700 | [diff] [blame] | 3024 | name: "Renegotiate-Client-EmptyExt", |
| 3025 | renegotiate: true, |
| 3026 | config: Config{ |
| 3027 | Bugs: ProtocolBugs{ |
| 3028 | EmptyRenegotiationInfo: true, |
| 3029 | }, |
| 3030 | }, |
| 3031 | shouldFail: true, |
| 3032 | expectedError: ":RENEGOTIATION_MISMATCH:", |
| 3033 | }) |
| 3034 | testCases = append(testCases, testCase{ |
| 3035 | name: "Renegotiate-Client-BadExt", |
| 3036 | renegotiate: true, |
| 3037 | config: Config{ |
| 3038 | Bugs: ProtocolBugs{ |
| 3039 | BadRenegotiationInfo: true, |
| 3040 | }, |
| 3041 | }, |
| 3042 | shouldFail: true, |
| 3043 | expectedError: ":RENEGOTIATION_MISMATCH:", |
| 3044 | }) |
| 3045 | testCases = append(testCases, testCase{ |
David Benjamin | cff0b90 | 2015-05-15 23:09:47 -0400 | [diff] [blame] | 3046 | name: "Renegotiate-Client-NoExt", |
| 3047 | renegotiate: true, |
| 3048 | config: Config{ |
| 3049 | Bugs: ProtocolBugs{ |
| 3050 | NoRenegotiationInfo: true, |
| 3051 | }, |
| 3052 | }, |
| 3053 | shouldFail: true, |
| 3054 | expectedError: ":UNSAFE_LEGACY_RENEGOTIATION_DISABLED:", |
| 3055 | flags: []string{"-no-legacy-server-connect"}, |
| 3056 | }) |
| 3057 | testCases = append(testCases, testCase{ |
| 3058 | name: "Renegotiate-Client-NoExt-Allowed", |
| 3059 | renegotiate: true, |
| 3060 | config: Config{ |
| 3061 | Bugs: ProtocolBugs{ |
| 3062 | NoRenegotiationInfo: true, |
| 3063 | }, |
| 3064 | }, |
| 3065 | }) |
| 3066 | testCases = append(testCases, testCase{ |
Adam Langley | cf2d4f4 | 2014-10-28 19:06:14 -0700 | [diff] [blame] | 3067 | name: "Renegotiate-Client-SwitchCiphers", |
| 3068 | renegotiate: true, |
| 3069 | config: Config{ |
| 3070 | CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, |
| 3071 | }, |
| 3072 | renegotiateCiphers: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 3073 | }) |
| 3074 | testCases = append(testCases, testCase{ |
| 3075 | name: "Renegotiate-Client-SwitchCiphers2", |
| 3076 | renegotiate: true, |
| 3077 | config: Config{ |
| 3078 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 3079 | }, |
| 3080 | renegotiateCiphers: []uint16{TLS_RSA_WITH_RC4_128_SHA}, |
| 3081 | }) |
David Benjamin | c44b1df | 2014-11-23 12:11:01 -0500 | [diff] [blame] | 3082 | testCases = append(testCases, testCase{ |
David Benjamin | b16346b | 2015-04-08 19:16:58 -0400 | [diff] [blame] | 3083 | name: "Renegotiate-Client-Forbidden", |
| 3084 | renegotiate: true, |
| 3085 | flags: []string{"-reject-peer-renegotiations"}, |
| 3086 | shouldFail: true, |
| 3087 | expectedError: ":NO_RENEGOTIATION:", |
| 3088 | expectedLocalError: "remote error: no renegotiation", |
| 3089 | }) |
| 3090 | testCases = append(testCases, testCase{ |
David Benjamin | c44b1df | 2014-11-23 12:11:01 -0500 | [diff] [blame] | 3091 | name: "Renegotiate-SameClientVersion", |
| 3092 | renegotiate: true, |
| 3093 | config: Config{ |
| 3094 | MaxVersion: VersionTLS10, |
| 3095 | Bugs: ProtocolBugs{ |
| 3096 | RequireSameRenegoClientVersion: true, |
| 3097 | }, |
| 3098 | }, |
| 3099 | }) |
Adam Langley | 2ae77d2 | 2014-10-28 17:29:33 -0700 | [diff] [blame] | 3100 | } |
| 3101 | |
David Benjamin | 5e961c1 | 2014-11-07 01:48:35 -0500 | [diff] [blame] | 3102 | func addDTLSReplayTests() { |
| 3103 | // Test that sequence number replays are detected. |
| 3104 | testCases = append(testCases, testCase{ |
| 3105 | protocol: dtls, |
| 3106 | name: "DTLS-Replay", |
| 3107 | replayWrites: true, |
| 3108 | }) |
| 3109 | |
| 3110 | // Test the outgoing sequence number skipping by values larger |
| 3111 | // than the retransmit window. |
| 3112 | testCases = append(testCases, testCase{ |
| 3113 | protocol: dtls, |
| 3114 | name: "DTLS-Replay-LargeGaps", |
| 3115 | config: Config{ |
| 3116 | Bugs: ProtocolBugs{ |
| 3117 | SequenceNumberIncrement: 127, |
| 3118 | }, |
| 3119 | }, |
| 3120 | replayWrites: true, |
| 3121 | }) |
| 3122 | } |
| 3123 | |
Feng Lu | 41aa325 | 2014-11-21 22:47:56 -0800 | [diff] [blame] | 3124 | func addFastRadioPaddingTests() { |
David Benjamin | 1e29a6b | 2014-12-10 02:27:24 -0500 | [diff] [blame] | 3125 | testCases = append(testCases, testCase{ |
| 3126 | protocol: tls, |
| 3127 | name: "FastRadio-Padding", |
Feng Lu | 41aa325 | 2014-11-21 22:47:56 -0800 | [diff] [blame] | 3128 | config: Config{ |
| 3129 | Bugs: ProtocolBugs{ |
| 3130 | RequireFastradioPadding: true, |
| 3131 | }, |
| 3132 | }, |
David Benjamin | 1e29a6b | 2014-12-10 02:27:24 -0500 | [diff] [blame] | 3133 | flags: []string{"-fastradio-padding"}, |
Feng Lu | 41aa325 | 2014-11-21 22:47:56 -0800 | [diff] [blame] | 3134 | }) |
David Benjamin | 1e29a6b | 2014-12-10 02:27:24 -0500 | [diff] [blame] | 3135 | testCases = append(testCases, testCase{ |
| 3136 | protocol: dtls, |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3137 | name: "FastRadio-Padding-DTLS", |
Feng Lu | 41aa325 | 2014-11-21 22:47:56 -0800 | [diff] [blame] | 3138 | config: Config{ |
| 3139 | Bugs: ProtocolBugs{ |
| 3140 | RequireFastradioPadding: true, |
| 3141 | }, |
| 3142 | }, |
David Benjamin | 1e29a6b | 2014-12-10 02:27:24 -0500 | [diff] [blame] | 3143 | flags: []string{"-fastradio-padding"}, |
Feng Lu | 41aa325 | 2014-11-21 22:47:56 -0800 | [diff] [blame] | 3144 | }) |
| 3145 | } |
| 3146 | |
David Benjamin | 000800a | 2014-11-14 01:43:59 -0500 | [diff] [blame] | 3147 | var testHashes = []struct { |
| 3148 | name string |
| 3149 | id uint8 |
| 3150 | }{ |
| 3151 | {"SHA1", hashSHA1}, |
| 3152 | {"SHA224", hashSHA224}, |
| 3153 | {"SHA256", hashSHA256}, |
| 3154 | {"SHA384", hashSHA384}, |
| 3155 | {"SHA512", hashSHA512}, |
| 3156 | } |
| 3157 | |
| 3158 | func addSigningHashTests() { |
| 3159 | // Make sure each hash works. Include some fake hashes in the list and |
| 3160 | // ensure they're ignored. |
| 3161 | for _, hash := range testHashes { |
| 3162 | testCases = append(testCases, testCase{ |
| 3163 | name: "SigningHash-ClientAuth-" + hash.name, |
| 3164 | config: Config{ |
| 3165 | ClientAuth: RequireAnyClientCert, |
| 3166 | SignatureAndHashes: []signatureAndHash{ |
| 3167 | {signatureRSA, 42}, |
| 3168 | {signatureRSA, hash.id}, |
| 3169 | {signatureRSA, 255}, |
| 3170 | }, |
| 3171 | }, |
| 3172 | flags: []string{ |
| 3173 | "-cert-file", rsaCertificateFile, |
| 3174 | "-key-file", rsaKeyFile, |
| 3175 | }, |
| 3176 | }) |
| 3177 | |
| 3178 | testCases = append(testCases, testCase{ |
| 3179 | testType: serverTest, |
| 3180 | name: "SigningHash-ServerKeyExchange-Sign-" + hash.name, |
| 3181 | config: Config{ |
| 3182 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 3183 | SignatureAndHashes: []signatureAndHash{ |
| 3184 | {signatureRSA, 42}, |
| 3185 | {signatureRSA, hash.id}, |
| 3186 | {signatureRSA, 255}, |
| 3187 | }, |
| 3188 | }, |
| 3189 | }) |
| 3190 | } |
| 3191 | |
| 3192 | // Test that hash resolution takes the signature type into account. |
| 3193 | testCases = append(testCases, testCase{ |
| 3194 | name: "SigningHash-ClientAuth-SignatureType", |
| 3195 | config: Config{ |
| 3196 | ClientAuth: RequireAnyClientCert, |
| 3197 | SignatureAndHashes: []signatureAndHash{ |
| 3198 | {signatureECDSA, hashSHA512}, |
| 3199 | {signatureRSA, hashSHA384}, |
| 3200 | {signatureECDSA, hashSHA1}, |
| 3201 | }, |
| 3202 | }, |
| 3203 | flags: []string{ |
| 3204 | "-cert-file", rsaCertificateFile, |
| 3205 | "-key-file", rsaKeyFile, |
| 3206 | }, |
| 3207 | }) |
| 3208 | |
| 3209 | testCases = append(testCases, testCase{ |
| 3210 | testType: serverTest, |
| 3211 | name: "SigningHash-ServerKeyExchange-SignatureType", |
| 3212 | config: Config{ |
| 3213 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 3214 | SignatureAndHashes: []signatureAndHash{ |
| 3215 | {signatureECDSA, hashSHA512}, |
| 3216 | {signatureRSA, hashSHA384}, |
| 3217 | {signatureECDSA, hashSHA1}, |
| 3218 | }, |
| 3219 | }, |
| 3220 | }) |
| 3221 | |
| 3222 | // Test that, if the list is missing, the peer falls back to SHA-1. |
| 3223 | testCases = append(testCases, testCase{ |
| 3224 | name: "SigningHash-ClientAuth-Fallback", |
| 3225 | config: Config{ |
| 3226 | ClientAuth: RequireAnyClientCert, |
| 3227 | SignatureAndHashes: []signatureAndHash{ |
| 3228 | {signatureRSA, hashSHA1}, |
| 3229 | }, |
| 3230 | Bugs: ProtocolBugs{ |
| 3231 | NoSignatureAndHashes: true, |
| 3232 | }, |
| 3233 | }, |
| 3234 | flags: []string{ |
| 3235 | "-cert-file", rsaCertificateFile, |
| 3236 | "-key-file", rsaKeyFile, |
| 3237 | }, |
| 3238 | }) |
| 3239 | |
| 3240 | testCases = append(testCases, testCase{ |
| 3241 | testType: serverTest, |
| 3242 | name: "SigningHash-ServerKeyExchange-Fallback", |
| 3243 | config: Config{ |
| 3244 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 3245 | SignatureAndHashes: []signatureAndHash{ |
| 3246 | {signatureRSA, hashSHA1}, |
| 3247 | }, |
| 3248 | Bugs: ProtocolBugs{ |
| 3249 | NoSignatureAndHashes: true, |
| 3250 | }, |
| 3251 | }, |
| 3252 | }) |
David Benjamin | 72dc783 | 2015-03-16 17:49:43 -0400 | [diff] [blame] | 3253 | |
| 3254 | // Test that hash preferences are enforced. BoringSSL defaults to |
| 3255 | // rejecting MD5 signatures. |
| 3256 | testCases = append(testCases, testCase{ |
| 3257 | testType: serverTest, |
| 3258 | name: "SigningHash-ClientAuth-Enforced", |
| 3259 | config: Config{ |
| 3260 | Certificates: []Certificate{rsaCertificate}, |
| 3261 | SignatureAndHashes: []signatureAndHash{ |
| 3262 | {signatureRSA, hashMD5}, |
| 3263 | // Advertise SHA-1 so the handshake will |
| 3264 | // proceed, but the shim's preferences will be |
| 3265 | // ignored in CertificateVerify generation, so |
| 3266 | // MD5 will be chosen. |
| 3267 | {signatureRSA, hashSHA1}, |
| 3268 | }, |
| 3269 | Bugs: ProtocolBugs{ |
| 3270 | IgnorePeerSignatureAlgorithmPreferences: true, |
| 3271 | }, |
| 3272 | }, |
| 3273 | flags: []string{"-require-any-client-certificate"}, |
| 3274 | shouldFail: true, |
| 3275 | expectedError: ":WRONG_SIGNATURE_TYPE:", |
| 3276 | }) |
| 3277 | |
| 3278 | testCases = append(testCases, testCase{ |
| 3279 | name: "SigningHash-ServerKeyExchange-Enforced", |
| 3280 | config: Config{ |
| 3281 | CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
| 3282 | SignatureAndHashes: []signatureAndHash{ |
| 3283 | {signatureRSA, hashMD5}, |
| 3284 | }, |
| 3285 | Bugs: ProtocolBugs{ |
| 3286 | IgnorePeerSignatureAlgorithmPreferences: true, |
| 3287 | }, |
| 3288 | }, |
| 3289 | shouldFail: true, |
| 3290 | expectedError: ":WRONG_SIGNATURE_TYPE:", |
| 3291 | }) |
David Benjamin | 000800a | 2014-11-14 01:43:59 -0500 | [diff] [blame] | 3292 | } |
| 3293 | |
David Benjamin | 83f9040 | 2015-01-27 01:09:43 -0500 | [diff] [blame] | 3294 | // timeouts is the retransmit schedule for BoringSSL. It doubles and |
| 3295 | // caps at 60 seconds. On the 13th timeout, it gives up. |
| 3296 | var timeouts = []time.Duration{ |
| 3297 | 1 * time.Second, |
| 3298 | 2 * time.Second, |
| 3299 | 4 * time.Second, |
| 3300 | 8 * time.Second, |
| 3301 | 16 * time.Second, |
| 3302 | 32 * time.Second, |
| 3303 | 60 * time.Second, |
| 3304 | 60 * time.Second, |
| 3305 | 60 * time.Second, |
| 3306 | 60 * time.Second, |
| 3307 | 60 * time.Second, |
| 3308 | 60 * time.Second, |
| 3309 | 60 * time.Second, |
| 3310 | } |
| 3311 | |
| 3312 | func addDTLSRetransmitTests() { |
| 3313 | // Test that this is indeed the timeout schedule. Stress all |
| 3314 | // four patterns of handshake. |
| 3315 | for i := 1; i < len(timeouts); i++ { |
| 3316 | number := strconv.Itoa(i) |
| 3317 | testCases = append(testCases, testCase{ |
| 3318 | protocol: dtls, |
| 3319 | name: "DTLS-Retransmit-Client-" + number, |
| 3320 | config: Config{ |
| 3321 | Bugs: ProtocolBugs{ |
| 3322 | TimeoutSchedule: timeouts[:i], |
| 3323 | }, |
| 3324 | }, |
| 3325 | resumeSession: true, |
| 3326 | flags: []string{"-async"}, |
| 3327 | }) |
| 3328 | testCases = append(testCases, testCase{ |
| 3329 | protocol: dtls, |
| 3330 | testType: serverTest, |
| 3331 | name: "DTLS-Retransmit-Server-" + number, |
| 3332 | config: Config{ |
| 3333 | Bugs: ProtocolBugs{ |
| 3334 | TimeoutSchedule: timeouts[:i], |
| 3335 | }, |
| 3336 | }, |
| 3337 | resumeSession: true, |
| 3338 | flags: []string{"-async"}, |
| 3339 | }) |
| 3340 | } |
| 3341 | |
| 3342 | // Test that exceeding the timeout schedule hits a read |
| 3343 | // timeout. |
| 3344 | testCases = append(testCases, testCase{ |
| 3345 | protocol: dtls, |
| 3346 | name: "DTLS-Retransmit-Timeout", |
| 3347 | config: Config{ |
| 3348 | Bugs: ProtocolBugs{ |
| 3349 | TimeoutSchedule: timeouts, |
| 3350 | }, |
| 3351 | }, |
| 3352 | resumeSession: true, |
| 3353 | flags: []string{"-async"}, |
| 3354 | shouldFail: true, |
| 3355 | expectedError: ":READ_TIMEOUT_EXPIRED:", |
| 3356 | }) |
| 3357 | |
| 3358 | // Test that timeout handling has a fudge factor, due to API |
| 3359 | // problems. |
| 3360 | testCases = append(testCases, testCase{ |
| 3361 | protocol: dtls, |
| 3362 | name: "DTLS-Retransmit-Fudge", |
| 3363 | config: Config{ |
| 3364 | Bugs: ProtocolBugs{ |
| 3365 | TimeoutSchedule: []time.Duration{ |
| 3366 | timeouts[0] - 10*time.Millisecond, |
| 3367 | }, |
| 3368 | }, |
| 3369 | }, |
| 3370 | resumeSession: true, |
| 3371 | flags: []string{"-async"}, |
| 3372 | }) |
David Benjamin | 7eaab4c | 2015-03-02 19:01:16 -0500 | [diff] [blame] | 3373 | |
| 3374 | // Test that the final Finished retransmitting isn't |
| 3375 | // duplicated if the peer badly fragments everything. |
| 3376 | testCases = append(testCases, testCase{ |
| 3377 | testType: serverTest, |
| 3378 | protocol: dtls, |
| 3379 | name: "DTLS-Retransmit-Fragmented", |
| 3380 | config: Config{ |
| 3381 | Bugs: ProtocolBugs{ |
| 3382 | TimeoutSchedule: []time.Duration{timeouts[0]}, |
| 3383 | MaxHandshakeRecordLength: 2, |
| 3384 | }, |
| 3385 | }, |
| 3386 | flags: []string{"-async"}, |
| 3387 | }) |
David Benjamin | 83f9040 | 2015-01-27 01:09:43 -0500 | [diff] [blame] | 3388 | } |
| 3389 | |
David Benjamin | c565ebb | 2015-04-03 04:06:36 -0400 | [diff] [blame] | 3390 | func addExportKeyingMaterialTests() { |
| 3391 | for _, vers := range tlsVersions { |
| 3392 | if vers.version == VersionSSL30 { |
| 3393 | continue |
| 3394 | } |
| 3395 | testCases = append(testCases, testCase{ |
| 3396 | name: "ExportKeyingMaterial-" + vers.name, |
| 3397 | config: Config{ |
| 3398 | MaxVersion: vers.version, |
| 3399 | }, |
| 3400 | exportKeyingMaterial: 1024, |
| 3401 | exportLabel: "label", |
| 3402 | exportContext: "context", |
| 3403 | useExportContext: true, |
| 3404 | }) |
| 3405 | testCases = append(testCases, testCase{ |
| 3406 | name: "ExportKeyingMaterial-NoContext-" + vers.name, |
| 3407 | config: Config{ |
| 3408 | MaxVersion: vers.version, |
| 3409 | }, |
| 3410 | exportKeyingMaterial: 1024, |
| 3411 | }) |
| 3412 | testCases = append(testCases, testCase{ |
| 3413 | name: "ExportKeyingMaterial-EmptyContext-" + vers.name, |
| 3414 | config: Config{ |
| 3415 | MaxVersion: vers.version, |
| 3416 | }, |
| 3417 | exportKeyingMaterial: 1024, |
| 3418 | useExportContext: true, |
| 3419 | }) |
| 3420 | testCases = append(testCases, testCase{ |
| 3421 | name: "ExportKeyingMaterial-Small-" + vers.name, |
| 3422 | config: Config{ |
| 3423 | MaxVersion: vers.version, |
| 3424 | }, |
| 3425 | exportKeyingMaterial: 1, |
| 3426 | exportLabel: "label", |
| 3427 | exportContext: "context", |
| 3428 | useExportContext: true, |
| 3429 | }) |
| 3430 | } |
| 3431 | testCases = append(testCases, testCase{ |
| 3432 | name: "ExportKeyingMaterial-SSL3", |
| 3433 | config: Config{ |
| 3434 | MaxVersion: VersionSSL30, |
| 3435 | }, |
| 3436 | exportKeyingMaterial: 1024, |
| 3437 | exportLabel: "label", |
| 3438 | exportContext: "context", |
| 3439 | useExportContext: true, |
| 3440 | shouldFail: true, |
| 3441 | expectedError: "failed to export keying material", |
| 3442 | }) |
| 3443 | } |
| 3444 | |
Adam Langley | af0e32c | 2015-06-03 09:57:23 -0700 | [diff] [blame] | 3445 | func addTLSUniqueTests() { |
| 3446 | for _, isClient := range []bool{false, true} { |
| 3447 | for _, isResumption := range []bool{false, true} { |
| 3448 | for _, hasEMS := range []bool{false, true} { |
| 3449 | var suffix string |
| 3450 | if isResumption { |
| 3451 | suffix = "Resume-" |
| 3452 | } else { |
| 3453 | suffix = "Full-" |
| 3454 | } |
| 3455 | |
| 3456 | if hasEMS { |
| 3457 | suffix += "EMS-" |
| 3458 | } else { |
| 3459 | suffix += "NoEMS-" |
| 3460 | } |
| 3461 | |
| 3462 | if isClient { |
| 3463 | suffix += "Client" |
| 3464 | } else { |
| 3465 | suffix += "Server" |
| 3466 | } |
| 3467 | |
| 3468 | test := testCase{ |
| 3469 | name: "TLSUnique-" + suffix, |
| 3470 | testTLSUnique: true, |
| 3471 | config: Config{ |
| 3472 | Bugs: ProtocolBugs{ |
| 3473 | NoExtendedMasterSecret: !hasEMS, |
| 3474 | }, |
| 3475 | }, |
| 3476 | } |
| 3477 | |
| 3478 | if isResumption { |
| 3479 | test.resumeSession = true |
| 3480 | test.resumeConfig = &Config{ |
| 3481 | Bugs: ProtocolBugs{ |
| 3482 | NoExtendedMasterSecret: !hasEMS, |
| 3483 | }, |
| 3484 | } |
| 3485 | } |
| 3486 | |
| 3487 | if isResumption && !hasEMS { |
| 3488 | test.shouldFail = true |
| 3489 | test.expectedError = "failed to get tls-unique" |
| 3490 | } |
| 3491 | |
| 3492 | testCases = append(testCases, test) |
| 3493 | } |
| 3494 | } |
| 3495 | } |
| 3496 | } |
| 3497 | |
David Benjamin | 884fdf1 | 2014-08-02 15:28:23 -0400 | [diff] [blame] | 3498 | func worker(statusChan chan statusMsg, c chan *testCase, buildDir string, wg *sync.WaitGroup) { |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3499 | defer wg.Done() |
| 3500 | |
| 3501 | for test := range c { |
Adam Langley | 69a0160 | 2014-11-17 17:26:55 -0800 | [diff] [blame] | 3502 | var err error |
| 3503 | |
| 3504 | if *mallocTest < 0 { |
| 3505 | statusChan <- statusMsg{test: test, started: true} |
| 3506 | err = runTest(test, buildDir, -1) |
| 3507 | } else { |
| 3508 | for mallocNumToFail := int64(*mallocTest); ; mallocNumToFail++ { |
| 3509 | statusChan <- statusMsg{test: test, started: true} |
| 3510 | if err = runTest(test, buildDir, mallocNumToFail); err != errMoreMallocs { |
| 3511 | if err != nil { |
| 3512 | fmt.Printf("\n\nmalloc test failed at %d: %s\n", mallocNumToFail, err) |
| 3513 | } |
| 3514 | break |
| 3515 | } |
| 3516 | } |
| 3517 | } |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3518 | statusChan <- statusMsg{test: test, err: err} |
| 3519 | } |
| 3520 | } |
| 3521 | |
| 3522 | type statusMsg struct { |
| 3523 | test *testCase |
| 3524 | started bool |
| 3525 | err error |
| 3526 | } |
| 3527 | |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3528 | func statusPrinter(doneChan chan *testOutput, statusChan chan statusMsg, total int) { |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3529 | var started, done, failed, lineLen int |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3530 | |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3531 | testOutput := newTestOutput() |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3532 | for msg := range statusChan { |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3533 | if !*pipe { |
| 3534 | // Erase the previous status line. |
David Benjamin | 87c8a64 | 2015-02-21 01:54:29 -0500 | [diff] [blame] | 3535 | var erase string |
| 3536 | for i := 0; i < lineLen; i++ { |
| 3537 | erase += "\b \b" |
| 3538 | } |
| 3539 | fmt.Print(erase) |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3540 | } |
| 3541 | |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3542 | if msg.started { |
| 3543 | started++ |
| 3544 | } else { |
| 3545 | done++ |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3546 | |
| 3547 | if msg.err != nil { |
| 3548 | fmt.Printf("FAILED (%s)\n%s\n", msg.test.name, msg.err) |
| 3549 | failed++ |
| 3550 | testOutput.addResult(msg.test.name, "FAIL") |
| 3551 | } else { |
| 3552 | if *pipe { |
| 3553 | // Print each test instead of a status line. |
| 3554 | fmt.Printf("PASSED (%s)\n", msg.test.name) |
| 3555 | } |
| 3556 | testOutput.addResult(msg.test.name, "PASS") |
| 3557 | } |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3558 | } |
| 3559 | |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3560 | if !*pipe { |
| 3561 | // Print a new status line. |
| 3562 | line := fmt.Sprintf("%d/%d/%d/%d", failed, done, started, total) |
| 3563 | lineLen = len(line) |
| 3564 | os.Stdout.WriteString(line) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3565 | } |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3566 | } |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3567 | |
| 3568 | doneChan <- testOutput |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3569 | } |
| 3570 | |
| 3571 | func main() { |
| 3572 | var flagTest *string = flag.String("test", "", "The name of a test to run, or empty to run all tests") |
David Benjamin | 2bc8e6f | 2014-08-02 15:22:37 -0400 | [diff] [blame] | 3573 | var flagNumWorkers *int = flag.Int("num-workers", runtime.NumCPU(), "The number of workers to run in parallel.") |
David Benjamin | 884fdf1 | 2014-08-02 15:28:23 -0400 | [diff] [blame] | 3574 | var flagBuildDir *string = flag.String("build-dir", "../../../build", "The build directory to run the shim from.") |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3575 | |
| 3576 | flag.Parse() |
| 3577 | |
| 3578 | addCipherSuiteTests() |
| 3579 | addBadECDSASignatureTests() |
Adam Langley | 80842bd | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3580 | addCBCPaddingTests() |
Kenny Root | 7fdeaf1 | 2014-08-05 15:23:37 -0700 | [diff] [blame] | 3581 | addCBCSplittingTests() |
David Benjamin | 636293b | 2014-07-08 17:59:18 -0400 | [diff] [blame] | 3582 | addClientAuthTests() |
Adam Langley | 524e717 | 2015-02-20 16:04:00 -0800 | [diff] [blame] | 3583 | addDDoSCallbackTests() |
David Benjamin | 7e2e6cf | 2014-08-07 17:44:24 -0400 | [diff] [blame] | 3584 | addVersionNegotiationTests() |
David Benjamin | accb454 | 2014-12-12 23:44:33 -0500 | [diff] [blame] | 3585 | addMinimumVersionTests() |
David Benjamin | 5c24a1d | 2014-08-31 00:59:27 -0400 | [diff] [blame] | 3586 | addD5BugTests() |
David Benjamin | e78bfde | 2014-09-06 12:45:15 -0400 | [diff] [blame] | 3587 | addExtensionTests() |
David Benjamin | 01fe820 | 2014-09-24 15:21:44 -0400 | [diff] [blame] | 3588 | addResumptionVersionTests() |
Adam Langley | 7571292 | 2014-10-10 16:23:43 -0700 | [diff] [blame] | 3589 | addExtendedMasterSecretTests() |
Adam Langley | 2ae77d2 | 2014-10-28 17:29:33 -0700 | [diff] [blame] | 3590 | addRenegotiationTests() |
David Benjamin | 5e961c1 | 2014-11-07 01:48:35 -0500 | [diff] [blame] | 3591 | addDTLSReplayTests() |
David Benjamin | 000800a | 2014-11-14 01:43:59 -0500 | [diff] [blame] | 3592 | addSigningHashTests() |
Feng Lu | 41aa325 | 2014-11-21 22:47:56 -0800 | [diff] [blame] | 3593 | addFastRadioPaddingTests() |
David Benjamin | 83f9040 | 2015-01-27 01:09:43 -0500 | [diff] [blame] | 3594 | addDTLSRetransmitTests() |
David Benjamin | c565ebb | 2015-04-03 04:06:36 -0400 | [diff] [blame] | 3595 | addExportKeyingMaterialTests() |
Adam Langley | af0e32c | 2015-06-03 09:57:23 -0700 | [diff] [blame] | 3596 | addTLSUniqueTests() |
David Benjamin | 43ec06f | 2014-08-05 02:28:57 -0400 | [diff] [blame] | 3597 | for _, async := range []bool{false, true} { |
| 3598 | for _, splitHandshake := range []bool{false, true} { |
David Benjamin | 6fd297b | 2014-08-11 18:43:38 -0400 | [diff] [blame] | 3599 | for _, protocol := range []protocol{tls, dtls} { |
| 3600 | addStateMachineCoverageTests(async, splitHandshake, protocol) |
| 3601 | } |
David Benjamin | 43ec06f | 2014-08-05 02:28:57 -0400 | [diff] [blame] | 3602 | } |
| 3603 | } |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3604 | |
| 3605 | var wg sync.WaitGroup |
| 3606 | |
David Benjamin | 2bc8e6f | 2014-08-02 15:22:37 -0400 | [diff] [blame] | 3607 | numWorkers := *flagNumWorkers |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3608 | |
| 3609 | statusChan := make(chan statusMsg, numWorkers) |
| 3610 | testChan := make(chan *testCase, numWorkers) |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3611 | doneChan := make(chan *testOutput) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3612 | |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 3613 | go statusPrinter(doneChan, statusChan, len(testCases)) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3614 | |
| 3615 | for i := 0; i < numWorkers; i++ { |
| 3616 | wg.Add(1) |
David Benjamin | 884fdf1 | 2014-08-02 15:28:23 -0400 | [diff] [blame] | 3617 | go worker(statusChan, testChan, *flagBuildDir, &wg) |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3618 | } |
| 3619 | |
David Benjamin | 025b3d3 | 2014-07-01 19:53:04 -0400 | [diff] [blame] | 3620 | for i := range testCases { |
| 3621 | if len(*flagTest) == 0 || *flagTest == testCases[i].name { |
| 3622 | testChan <- &testCases[i] |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3623 | } |
| 3624 | } |
| 3625 | |
| 3626 | close(testChan) |
| 3627 | wg.Wait() |
| 3628 | close(statusChan) |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3629 | testOutput := <-doneChan |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3630 | |
| 3631 | fmt.Printf("\n") |
David Benjamin | 5f237bc | 2015-02-11 17:14:15 -0500 | [diff] [blame] | 3632 | |
| 3633 | if *jsonOutput != "" { |
| 3634 | if err := testOutput.writeTo(*jsonOutput); err != nil { |
| 3635 | fmt.Fprintf(os.Stderr, "Error: %s\n", err) |
| 3636 | } |
| 3637 | } |
David Benjamin | 2ab7a86 | 2015-04-04 17:02:18 -0400 | [diff] [blame] | 3638 | |
| 3639 | if !testOutput.allPassed { |
| 3640 | os.Exit(1) |
| 3641 | } |
Adam Langley | 95c29f3 | 2014-06-20 12:00:00 -0700 | [diff] [blame] | 3642 | } |