From a96e6c347bc1da9964ffe941608b11cf030320ef Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 1 May 2020 12:24:57 +0100 Subject: [PATCH] Extend test_ssl_get_shared_ciphers Ensure we test scenarios where a FIPS peer is communication with a non-FIPS peer. Check that a FIPS client doesn't offer ciphersuites it doesn't have, and that a FIPS server only chooses ciphersuites it can support. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/11700) --- test/sslapitest.c | 58 ++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 55 insertions(+), 3 deletions(-) diff --git a/test/sslapitest.c b/test/sslapitest.c index b8bad61fd2..6889607662 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -6208,6 +6208,7 @@ static struct { const char *srvrciphers; const char *srvrtls13ciphers; const char *shared; + const char *fipsshared; } shared_ciphers_data[] = { /* * We can't establish a connection (even in TLSv1.1) with these ciphersuites if @@ -6220,14 +6221,29 @@ static struct { NULL, "AES256-SHA:DHE-RSA-AES128-SHA", NULL, + "AES256-SHA", "AES256-SHA" }, +# if !defined(OPENSSL_NO_CHACHA) \ + && !defined(OPENSSL_NO_POLY1305) \ + && !defined(OPENSSL_NO_EC) + { + TLS1_2_VERSION, + "AES128-SHA:ECDHE-RSA-CHACHA20-POLY1305", + NULL, + "AES128-SHA:ECDHE-RSA-CHACHA20-POLY1305", + NULL, + "AES128-SHA:ECDHE-RSA-CHACHA20-POLY1305", + "AES128-SHA" + }, +# endif { TLS1_2_VERSION, "AES128-SHA:DHE-RSA-AES128-SHA:AES256-SHA", NULL, "AES128-SHA:DHE-RSA-AES256-SHA:AES256-SHA", NULL, + "AES128-SHA:AES256-SHA", "AES128-SHA:AES256-SHA" }, { @@ -6236,6 +6252,7 @@ static struct { NULL, "AES128-SHA:DHE-RSA-AES128-SHA", NULL, + "AES128-SHA", "AES128-SHA" }, #endif @@ -6252,7 +6269,8 @@ static struct { "AES256-SHA:AES128-SHA256", NULL, "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:" - "TLS_AES_128_GCM_SHA256:AES256-SHA" + "TLS_AES_128_GCM_SHA256:AES256-SHA", + "TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:AES256-SHA" }, #endif #ifndef OPENSSL_NO_TLS1_3 @@ -6262,17 +6280,39 @@ static struct { "TLS_AES_256_GCM_SHA384", "AES256-SHA", "TLS_AES_256_GCM_SHA384", + "TLS_AES_256_GCM_SHA384", "TLS_AES_256_GCM_SHA384" }, #endif }; -static int test_ssl_get_shared_ciphers(int tst) +static int int_test_ssl_get_shared_ciphers(int tst, int clnt) { SSL_CTX *cctx = NULL, *sctx = NULL; SSL *clientssl = NULL, *serverssl = NULL; int testresult = 0; char buf[1024]; + OPENSSL_CTX *tmplibctx = OPENSSL_CTX_new(); + + if (!TEST_ptr(tmplibctx)) + goto end; + + /* + * Regardless of whether we're testing with the FIPS provider loaded into + * libctx, we want one peer to always use the full set of ciphersuites + * available. Therefore we use a separate libctx with the default provider + * loaded into it. We run the same tests twice - once with the client side + * having the full set of ciphersuites and once with the server side. + */ + if (clnt) { + cctx = SSL_CTX_new_with_libctx(tmplibctx, NULL, TLS_client_method()); + if (!TEST_ptr(cctx)) + goto end; + } else { + sctx = SSL_CTX_new_with_libctx(tmplibctx, NULL, TLS_server_method()); + if (!TEST_ptr(sctx)) + goto end; + } if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), TLS_client_method(), @@ -6301,7 +6341,11 @@ static int test_ssl_get_shared_ciphers(int tst) goto end; if (!TEST_ptr(SSL_get_shared_ciphers(serverssl, buf, sizeof(buf))) - || !TEST_int_eq(strcmp(buf, shared_ciphers_data[tst].shared), 0)) { + || !TEST_int_eq(strcmp(buf, + is_fips + ? shared_ciphers_data[tst].fipsshared + : shared_ciphers_data[tst].shared), + 0)) { TEST_info("Shared ciphers are: %s\n", buf); goto end; } @@ -6313,10 +6357,18 @@ static int test_ssl_get_shared_ciphers(int tst) SSL_free(clientssl); SSL_CTX_free(sctx); SSL_CTX_free(cctx); + OPENSSL_CTX_free(tmplibctx); return testresult; } +static int test_ssl_get_shared_ciphers(int tst) +{ + return int_test_ssl_get_shared_ciphers(tst, 0) + && int_test_ssl_get_shared_ciphers(tst, 1); +} + + static const char *appdata = "Hello World"; static int gen_tick_called, dec_tick_called, tick_key_cb_called; static int tick_key_renew = 0; -- 2.25.1