2 * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/bio.h>
11 #include <openssl/crypto.h>
12 #include <openssl/ssl.h>
13 #include <openssl/err.h>
15 #include "ssltestlib.h"
18 static char *cert = NULL;
19 static char *privkey = NULL;
20 static unsigned int timer_cb_count;
25 #define DUMMY_CERT_STATUS_LEN 12
27 static unsigned char certstatus[] = {
28 SSL3_RT_HANDSHAKE, /* Content type */
29 0xfe, 0xfd, /* Record version */
31 0, 0, 0, 0, 0, 0x0f, /* Record sequence number */
32 0, DTLS1_HM_HEADER_LENGTH + DUMMY_CERT_STATUS_LEN - 2,
33 SSL3_MT_CERTIFICATE_STATUS, /* Cert Status handshake message type */
34 0, 0, DUMMY_CERT_STATUS_LEN, /* Message len */
35 0, 5, /* Message sequence */
36 0, 0, 0, /* Fragment offset */
37 0, 0, DUMMY_CERT_STATUS_LEN - 2, /* Fragment len */
38 0x80, 0x80, 0x80, 0x80, 0x80,
39 0x80, 0x80, 0x80, 0x80, 0x80 /* Dummy data */
42 #define RECORD_SEQUENCE 10
44 static unsigned int timer_cb(SSL *s, unsigned int timer_us)
54 static int test_dtls_unprocessed(int testidx)
56 SSL_CTX *sctx = NULL, *cctx = NULL;
57 SSL *serverssl1 = NULL, *clientssl1 = NULL;
58 BIO *c_to_s_fbio, *c_to_s_mempacket;
63 if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(),
65 DTLS1_VERSION, DTLS_MAX_VERSION,
66 &sctx, &cctx, cert, privkey)))
69 if (!TEST_true(SSL_CTX_set_cipher_list(cctx, "AES128-SHA")))
72 c_to_s_fbio = BIO_new(bio_f_tls_dump_filter());
73 if (!TEST_ptr(c_to_s_fbio))
76 /* BIO is freed by create_ssl_connection on error */
77 if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1,
81 DTLS_set_timer_cb(clientssl1, timer_cb);
84 certstatus[RECORD_SEQUENCE] = 0xff;
87 * Inject a dummy record from the next epoch. In test 0, this should never
88 * get used because the message sequence number is too big. In test 1 we set
89 * the record sequence number to be way off in the future. This should not
90 * have an impact on the record replay protection because the record should
91 * be dropped before it is marked as arrived
93 c_to_s_mempacket = SSL_get_wbio(clientssl1);
94 c_to_s_mempacket = BIO_next(c_to_s_mempacket);
95 mempacket_test_inject(c_to_s_mempacket, (char *)certstatus,
96 sizeof(certstatus), 1, INJECT_PACKET_IGNORE_REC_SEQ);
98 if (!TEST_true(create_ssl_connection(serverssl1, clientssl1,
102 if (timer_cb_count == 0) {
103 printf("timer_callback was not called.\n");
109 SSL_free(serverssl1);
110 SSL_free(clientssl1);
117 #define CLI_TO_SRV_EPOCH_0_RECS 3
118 #define CLI_TO_SRV_EPOCH_1_RECS 1
119 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
120 # define SRV_TO_CLI_EPOCH_0_RECS 12
123 * In this case we have no ServerKeyExchange message, because we don't have
124 * ECDHE or DHE. When it is present it gets fragmented into 3 records in this
127 # define SRV_TO_CLI_EPOCH_0_RECS 9
129 #define SRV_TO_CLI_EPOCH_1_RECS 1
130 #define TOTAL_FULL_HAND_RECORDS \
131 (CLI_TO_SRV_EPOCH_0_RECS + CLI_TO_SRV_EPOCH_1_RECS + \
132 SRV_TO_CLI_EPOCH_0_RECS + SRV_TO_CLI_EPOCH_1_RECS)
134 #define CLI_TO_SRV_RESUME_EPOCH_0_RECS 3
135 #define CLI_TO_SRV_RESUME_EPOCH_1_RECS 1
136 #define SRV_TO_CLI_RESUME_EPOCH_0_RECS 2
137 #define SRV_TO_CLI_RESUME_EPOCH_1_RECS 1
138 #define TOTAL_RESUME_HAND_RECORDS \
139 (CLI_TO_SRV_RESUME_EPOCH_0_RECS + CLI_TO_SRV_RESUME_EPOCH_1_RECS + \
140 SRV_TO_CLI_RESUME_EPOCH_0_RECS + SRV_TO_CLI_RESUME_EPOCH_1_RECS)
142 #define TOTAL_RECORDS (TOTAL_FULL_HAND_RECORDS + TOTAL_RESUME_HAND_RECORDS)
144 static int test_dtls_drop_records(int idx)
146 SSL_CTX *sctx = NULL, *cctx = NULL;
147 SSL *serverssl = NULL, *clientssl = NULL;
148 BIO *c_to_s_fbio, *mempackbio;
151 SSL_SESSION *sess = NULL;
152 int cli_to_srv_epoch0, cli_to_srv_epoch1, srv_to_cli_epoch0;
154 if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(),
155 DTLS_client_method(),
156 DTLS1_VERSION, DTLS_MAX_VERSION,
157 &sctx, &cctx, cert, privkey)))
160 if (idx >= TOTAL_FULL_HAND_RECORDS) {
161 /* We're going to do a resumption handshake. Get a session first. */
162 if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
164 || !TEST_true(create_ssl_connection(serverssl, clientssl,
166 || !TEST_ptr(sess = SSL_get1_session(clientssl)))
169 SSL_shutdown(clientssl);
170 SSL_shutdown(serverssl);
173 serverssl = clientssl = NULL;
175 cli_to_srv_epoch0 = CLI_TO_SRV_RESUME_EPOCH_0_RECS;
176 cli_to_srv_epoch1 = CLI_TO_SRV_RESUME_EPOCH_1_RECS;
177 srv_to_cli_epoch0 = SRV_TO_CLI_RESUME_EPOCH_0_RECS;
178 idx -= TOTAL_FULL_HAND_RECORDS;
180 cli_to_srv_epoch0 = CLI_TO_SRV_EPOCH_0_RECS;
181 cli_to_srv_epoch1 = CLI_TO_SRV_EPOCH_1_RECS;
182 srv_to_cli_epoch0 = SRV_TO_CLI_EPOCH_0_RECS;
185 c_to_s_fbio = BIO_new(bio_f_tls_dump_filter());
186 if (!TEST_ptr(c_to_s_fbio))
189 /* BIO is freed by create_ssl_connection on error */
190 if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
195 if (!TEST_true(SSL_set_session(clientssl, sess)))
199 DTLS_set_timer_cb(clientssl, timer_cb);
200 DTLS_set_timer_cb(serverssl, timer_cb);
202 /* Work out which record to drop based on the test number */
203 if (idx >= cli_to_srv_epoch0 + cli_to_srv_epoch1) {
204 mempackbio = SSL_get_wbio(serverssl);
205 idx -= cli_to_srv_epoch0 + cli_to_srv_epoch1;
206 if (idx >= srv_to_cli_epoch0) {
208 idx -= srv_to_cli_epoch0;
211 mempackbio = SSL_get_wbio(clientssl);
212 if (idx >= cli_to_srv_epoch0) {
214 idx -= cli_to_srv_epoch0;
216 mempackbio = BIO_next(mempackbio);
218 BIO_ctrl(mempackbio, MEMPACKET_CTRL_SET_DROP_EPOCH, epoch, NULL);
219 BIO_ctrl(mempackbio, MEMPACKET_CTRL_SET_DROP_REC, idx, NULL);
221 if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)))
224 if (sess != NULL && !TEST_true(SSL_session_reused(clientssl)))
227 /* If the test did what we planned then it should have dropped a record */
228 if (!TEST_int_eq((int)BIO_ctrl(mempackbio, MEMPACKET_CTRL_GET_DROP_REC, 0,
234 SSL_SESSION_free(sess);
243 int setup_tests(void)
245 if (!TEST_ptr(cert = test_get_argument(0))
246 || !TEST_ptr(privkey = test_get_argument(1)))
249 ADD_ALL_TESTS(test_dtls_unprocessed, NUM_TESTS);
250 ADD_ALL_TESTS(test_dtls_drop_records, TOTAL_RECORDS);
255 void cleanup_tests(void)
257 bio_f_tls_dump_filter_free();
258 bio_s_mempacket_test_free();