Add test for CLIENT_EARLY_TRAFFIC_SECRET key logging

author Peter Wu <peter@lekensteyn.nl>

Wed, 21 Mar 2018 13:00:42 +0000 (14:00 +0100)

committer Matt Caswell <matt@openssl.org>

Wed, 18 Apr 2018 07:15:00 +0000 (08:15 +0100)
author Peter Wu <peter@lekensteyn.nl>
Wed, 21 Mar 2018 13:00:42 +0000 (14:00 +0100)
committer Matt Caswell <matt@openssl.org>
Wed, 18 Apr 2018 07:15:00 +0000 (08:15 +0100)
diff --git a/test/sslapitest.c b/test/sslapitest.c

index 1d57f7173a3a8f8fa6001dd98cca28c8df5d4e0d..a71a1a90743eb88c88d2b8690339c3af97f88df0 100644 (file)
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -28,7 +28,7 @@ static char *privkey = NULL;
  static char *srpvfile = NULL;
  static char *tmpfilename = NULL;
  
-#define LOG_BUFFER_SIZE 1024
+#define LOG_BUFFER_SIZE 2048
  static char server_log_buffer[LOG_BUFFER_SIZE + 1] = {0};
  static size_t server_log_buffer_index = 0;
  static char client_log_buffer[LOG_BUFFER_SIZE + 1] = {0};
@@ -54,6 +54,7 @@ static X509 *ocspcert = NULL;
  struct sslapitest_log_counts {
      unsigned int rsa_key_exchange_count;
      unsigned int master_secret_count;
+    unsigned int client_early_secret_count;
      unsigned int client_handshake_secret_count;
      unsigned int server_handshake_secret_count;
      unsigned int client_application_secret_count;
@@ -140,6 +141,7 @@ static int test_keylog_output(char *buffer, const SSL *ssl,
      size_t master_key_size = SSL_MAX_MASTER_KEY_LENGTH;
      unsigned int rsa_key_exchange_count = 0;
      unsigned int master_secret_count = 0;
+    unsigned int client_early_secret_count = 0;
      unsigned int client_handshake_secret_count = 0;
      unsigned int server_handshake_secret_count = 0;
      unsigned int client_application_secret_count = 0;
@@ -198,7 +200,8 @@ static int test_keylog_output(char *buffer, const SSL *ssl,
                                                         master_key_size)))
                  return 0;
              master_secret_count++;
-        } else if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0
+        } else if (strcmp(token, "CLIENT_EARLY_TRAFFIC_SECRET") == 0
+                    || strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0
                      || strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0
                      || strcmp(token, "CLIENT_TRAFFIC_SECRET_0") == 0
                      || strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0
@@ -209,7 +212,9 @@ static int test_keylog_output(char *buffer, const SSL *ssl,
               * we treat all of these secrets identically and then just
               * distinguish between them when counting what we saw.
               */
-            if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0)
+            if (strcmp(token, "CLIENT_EARLY_TRAFFIC_SECRET") == 0)
+                client_early_secret_count++;
+            else if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0)
                  client_handshake_secret_count++;
              else if (strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0)
                  server_handshake_secret_count++;
@@ -252,6 +257,8 @@ static int test_keylog_output(char *buffer, const SSL *ssl,
                          expected->rsa_key_exchange_count)
              || !TEST_size_t_eq(master_secret_count,
                                 expected->master_secret_count)
+            || !TEST_size_t_eq(client_early_secret_count,
+                               expected->client_early_secret_count)
              || !TEST_size_t_eq(client_handshake_secret_count,
                                 expected->client_handshake_secret_count)
              || !TEST_size_t_eq(server_handshake_secret_count,
@@ -351,8 +358,11 @@ static int test_keylog_no_master_key(void)
  {
      SSL_CTX *cctx = NULL, *sctx = NULL;
      SSL *clientssl = NULL, *serverssl = NULL;
+    SSL_SESSION *sess = NULL;
      int testresult = 0;
      struct sslapitest_log_counts expected = {0};
+    unsigned char buf[1];
+    size_t readbytes, written;
  
      /* Clean up logging space */
      memset(client_log_buffer, 0, sizeof(client_log_buffer));
@@ -363,7 +373,11 @@ static int test_keylog_no_master_key(void)
  
      if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(),
                                         TLS1_VERSION, TLS_MAX_VERSION,
-                                       &sctx, &cctx, cert, privkey)))
+                                       &sctx, &cctx, cert, privkey))
+        || !TEST_true(SSL_CTX_set_max_early_data(sctx,
+                                                 SSL3_RT_MAX_PLAIN_LENGTH))
+        || !TEST_true(SSL_CTX_set_max_early_data(cctx,
+                                                 SSL3_RT_MAX_PLAIN_LENGTH)))
          return 0;
  
      if (!TEST_true(SSL_CTX_get_keylog_callback(cctx) == NULL)
@@ -405,9 +419,48 @@ static int test_keylog_no_master_key(void)
                                               &expected)))
          goto end;
  
+    /* Terminate old session and resume with early data. */
+    sess = SSL_get1_session(clientssl);
+    SSL_shutdown(clientssl);
+    SSL_shutdown(serverssl);
+    SSL_free(serverssl);
+    SSL_free(clientssl);
+    serverssl = clientssl = NULL;
+
+    /* Reset key log */
+    memset(client_log_buffer, 0, sizeof(client_log_buffer));
+    memset(server_log_buffer, 0, sizeof(server_log_buffer));
+    client_log_buffer_index = 0;
+    server_log_buffer_index = 0;
+
+    if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl,
+                                      &clientssl, NULL, NULL))
+            || !TEST_true(SSL_set_session(clientssl, sess))
+            /* Here writing 0 length early data is enough. */
+            || !TEST_true(SSL_write_early_data(clientssl, NULL, 0, &written))
+            || !TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf),
+                                                &readbytes),
+                            SSL_READ_EARLY_DATA_ERROR)
+            || !TEST_int_eq(SSL_get_early_data_status(serverssl),
+                            SSL_EARLY_DATA_ACCEPTED)
+            || !TEST_true(create_ssl_connection(serverssl, clientssl,
+                          SSL_ERROR_NONE))
+            || !TEST_true(SSL_session_reused(clientssl)))
+        goto end;
+
+    /* In addition to the previous entries, expect early secrets. */
+    expected.client_early_secret_count = 1;
+    if (!TEST_true(test_keylog_output(client_log_buffer, clientssl,
+                                      SSL_get_session(clientssl), &expected))
+            || !TEST_true(test_keylog_output(server_log_buffer, serverssl,
+                                             SSL_get_session(serverssl),
+                                             &expected)))
+        goto end;
+
      testresult = 1;
  
  end:
+    SSL_SESSION_free(sess);
      SSL_free(serverssl);
      SSL_free(clientssl);
      SSL_CTX_free(sctx);
author	Peter Wu <peter@lekensteyn.nl>
	Wed, 21 Mar 2018 13:00:42 +0000 (14:00 +0100)
committer	Matt Caswell <matt@openssl.org>
	Wed, 18 Apr 2018 07:15:00 +0000 (08:15 +0100)